Manalyze report for dd8233288a718dfb549ee8d57f80fe3b

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2041-Dec-19 19:02:52
Debug artifacts	G:\Redirected Folders\My Documents\Visual Studio 2019\Projects\CascDbConnect\CascDbConnect\obj\Release\CascAudit.pdb
Comments
CompanyName
FileDescription	CascDbConnect
FileVersion	`1.0.0.0`
InternalName	CascAudit.exe
LegalCopyright	Copyright © 2020
LegalTrademarks
OriginalFilename	CascAudit.exe
ProductName	CascDbConnect
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Suspicious	VirusTotal score: 1/69 (Scanned on 2022-04-12 15:08:10)	`APEX: Malicious`

Hashes

MD5	`dd8233288a718dfb549ee8d57f80fe3b`
SHA1	`e284887b3c71395233add662684e0f44245cb4da`
SHA256	`83b737282928bd8dc280c30c65df482b87429b2494d71ec80d8589f63b0a8f35`
SHA3	`94c6f5df785af711fba8c778bf3117ba9d3627a907094dc98527632ac367135d`
SSDeep	`192:zqVqOBi0FHS18FQPMo+PSGRrBa+KEtQIqEIW17pZake/gsV8P+WydPv:mVqoHHQ8SOlaMttqWpZakevSFydP`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2041-Dec-19 19:02:52
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`80.0`
SizeOfCode	`0x2a00`
SizeOfInitializedData	`0x800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00004896 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x6000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xa000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`7336bb7a5b01ebff3b274147ad11e742`
SHA1	`a29bbd1e3362b0b88ba413f4f4910e0e82c40b1e`
SHA256	`31a9ce0673d564003df917d471e97abe3bf9b0db9fe33b76e37dc2a90627751b`
SHA3	`c5f314632925d720633471d9ef1701c3411a85a3749a8b2acb8e90b1d530ec46`
VirtualSize	`0x289c`
VirtualAddress	`0x2000`
SizeOfRawData	`0x2a00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.4543`

.rsrc

MD5	`ef5a4b87e15c7defb9bb6c73cb7664d0`
SHA1	`451c52f4029a88bb485f6b096ae3d3d945b843d1`
SHA256	`04ce1610442f1f466f37947b552f49edc1b755bfc757c7f9a5e7b53b242b0408`
SHA3	`bf401e325c7e78127d6297ef2c829b09b81db975f25c7a006944f9f8d163cbea`
VirtualSize	`0x5bc`
VirtualAddress	`0x6000`
SizeOfRawData	`0x600`
PointerToRawData	`0x2c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.09336`

.reloc

MD5	`ddfbb815087ae769f1c35a8b45d5fee6`
SHA1	`8ccaa64241355a11b4b314cb41fa9c6dbd319099`
SHA256	`1bcfc3c29e272fea33ec5d6f9d8750edb0b4b2afdac9b93817362fc4b61a8ad4`
SHA3	`2fbc3edf4aef9c4be4bed9368dab6f9d498b328b3be86285e606e75c5d15fea6`
VirtualSize	`0xc`
VirtualAddress	`0x8000`
SizeOfRawData	`0x200`
PointerToRawData	`0x3200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x32c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27656`
MD5	`fb65a895d3eb20eeb39d03baa6c70558`
SHA1	`e81cb10446f7c1000148e9be4e248c889c38da73`
SHA256	`b5241967ccadd0c8b07da1401971526db9846b7f6b2a2e88b3d4b3cc13ed423a`
SHA3	`29259685c81d91536aed08250fd7f55dbca194b0c293088fa505fdce0f41d2f6`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	CascDbConnect
FileVersion (#2)	1.0.0.0
InternalName	CascAudit.exe
LegalCopyright	Copyright © 2020
LegalTrademarks
OriginalFilename	CascAudit.exe
ProductName	CascDbConnect
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2072-Aug-07 10:48:25
Version	`0.0`
SizeofData	`141`
AddressOfRawData	`0x47b4`
PointerToRawData	`0x29b4`
Referenced File	G:\Redirected Folders\My Documents\Visual Studio 2019\Projects\CascDbConnect\CascDbConnect\obj\Release\CascAudit.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

dd8233288a718dfb549ee8d57f80fe3b

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors