Manalyze report for de366263fa4a0fc45c30c706bed1eb44

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2014-Dec-02 13:24:14
Debug artifacts	N:\Code-P 2014\projecten\3Dprinter\Color sofware\Colormixing beta 0.6\Colormixing beta 0.6\obj\Release\Colormixing beta 0.6.pdb
CompanyName	Code-P West BV
FileDescription	Builder Color Mix
FileVersion	`1.1.0.0`
InternalName	Colormixing beta 0.6.exe
LegalCopyright	Copyright © 2014
OriginalFilename	Colormixing beta 0.6.exe
ProductName	\Color Mix
ProductVersion	`1.1.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Info	Interesting strings found in the binary:	Contains domain names: adobe.com http://ns.adobe.com http://ns.adobe.com/camera-raw-settings/1.0/ http://ns.adobe.com/exif/1.0/aux/ http://ns.adobe.com/photoshop/1.0/ http://ns.adobe.com/xap/1.0/ http://ns.adobe.com/xap/1.0/mm/ http://ns.adobe.com/xap/1.0/sType/ResourceEvent# http://ns.adobe.com/xap/1.0/sType/ResourceRef# http://ns.microsoft.com http://ns.microsoft.com/photo/1.0/ http://purl.org http://www.iec.ch http://www.w3.org http://www.w3.org/1999/02/22-rdf-syntax-ns# microsoft.com ns.adobe.com ns.microsoft.com www.iec.ch www.w3.org
Suspicious		`Unusual section name found: .sdata`
Suspicious	VirusTotal score: 1/68 (Scanned on 2021-05-01 20:29:59)	`APEX: Malicious`

Hashes

MD5	`de366263fa4a0fc45c30c706bed1eb44`
SHA1	`6d5c735b11abd4ed4c0f9c6f9504ae2b2931f1b0`
SHA256	`78dc9b17190470113e6f3648b4376f648c1c2235133a97986baf80a6e66b4f23`
SHA3	`00f61529e467d2600b1916b92dc36ed975857278ad1301a15862fd0526856116`
SSDeep	`98304:eyDDxBt/UitDsV2YZz6h6+pUlSJ/OSr6DhV+9VubpU:eyDD3t/5Fs0YZz6rWgJt63Uob2`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2014-Dec-02 13:24:14
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0x431c00`
SizeOfInitializedData	`0x3a00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00433A1E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x434000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x43c000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b7239f932e938664122496e6f26ceba2`
SHA1	`522d4a3a15a123c89c3abaa333e8b0ceacc8c3b9`
SHA256	`c22b3718a0ef1c51e65cebaff4d502def5a32e6e0f4187226b196e6210e4f211`
SHA3	`3c552f204fb23b0e56e1f26318f232031bb60f9b1a5113078cbb3b21683130b8`
VirtualSize	`0x431a24`
VirtualAddress	`0x2000`
SizeOfRawData	`0x431c00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.92759`

.sdata

MD5	`0a3c9ee89bb1a92fbb2f454d73857b2b`
SHA1	`0e6ae23209a1f44215636d340adedaf021e6a305`
SHA256	`6302948bdb8c0b66251df465cbcf14ad27d9d1897a07d7091bb12ffaad71fe7b`
SHA3	`9eb699b1bb95f021d7986d27731db77c5e5897e16492f9baa6b0c58aff1c0463`
VirtualSize	`0x138`
VirtualAddress	`0x434000`
SizeOfRawData	`0x200`
PointerToRawData	`0x432000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.55309`

.rsrc

MD5	`a817d060aa5a1f2ba332da894df54ec2`
SHA1	`fc4f50a2edae3c576f71d2d096314ae4cca71b6a`
SHA256	`1ba850e63153b8aa5e438b98d7c585c225ae1dfdf0c316852d0f5e695541fc7f`
SHA3	`dda2a536773d63d8691a109ba40b01598c55701a94d62685f537e280d266dfb7`
VirtualSize	`0x3428`
VirtualAddress	`0x436000`
SizeOfRawData	`0x3600`
PointerToRawData	`0x432200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.39471`

.reloc

MD5	`61f769d73d6c409635e992317bd7f873`
SHA1	`81d3d4be49ba644c7360678a1d78acfcbad6c2ac`
SHA256	`feaf475a2bfa005705ff17d0436bcfc4a3842bdc624d118c9e334fdbeec3aa8c`
SHA3	`e61982f465e83d94542cdce5192b3c8357cbb756d45551ac9ae7eb33635beace`
VirtualSize	`0xc`
VirtualAddress	`0x43a000`
SizeOfRawData	`0x200`
PointerToRawData	`0x435800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.2396`
MD5	`f7342d25fb07feb463ece9b89c6c5820`
SHA1	`fadab0079d1ba79e9eaf0bf35ac431f735836b57`
SHA256	`79bcba20108999688f99bf386ab77c93345cc19684c6b5a96ca67cad447c53f8`
SHA3	`ddd1ffdde976c0e143303b4f77d4b312429edd551437325b93ea6a9069b87138`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.11804`
MD5	`1ab7b0f72d9ff77760c8cfa4bf5d775e`
SHA1	`3c37748fc3832550e0cf7ca74236c2d2a25acc48`
SHA256	`09ff9c7f9c5f023668f7666982faa848bad3b6b577ae1333ace20ff6ab78946d`
SHA3	`fe9db523a7e35fd1d406db182aecff5f6c33bf32aa05a21d426e66936f524932`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.74483`
MD5	`43a3ae53c5b782a84858db94c48530b3`
SHA1	`516424c06896b5edcb3944c381ca97fb08b0df57`
SHA256	`2ea2aa29eaa2a0486b57a935fea1fe259f572ca43375a2ee9c28dd552741707f`
SHA3	`11efefeeb370896665dddbcebe75cd9e7c13e18282be7a192c736a81f72aa9ac`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.64416`
Detected Filetype	Icon file
MD5	`0d7134bf400959f2079f8a3c110d41b1`
SHA1	`615c3d37154b51f7d02e41e00a55ea2028747a5c`
SHA256	`2ce781676f751afc811a93cee8ddf0fa026a5643eb95caa7b2000e34793cc0a8`
SHA3	`541c7dbc9f1bacd0f000c4464188050cc425d7a61e4aedd936fd126c151f18bb`

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x334`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33963`
MD5	`55e8153986fbcc7e373d109480184ed5`
SHA1	`e78379d19560bd05ad7f9e34d3f5fba8ec87e9f1`
SHA256	`616d03737486f2b2b0cd105e8ddfc84c6cb5043e608211e921960ea83a3eeb3b`
SHA3	`7a485524f1808b7b10632111c920e9ba19bba3180f13e527fc066c0759369c4f`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.1.0.0
ProductVersion	1.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	Code-P West BV
FileDescription	Builder Color Mix
FileVersion (#2)	1.1.0.0
InternalName	Colormixing beta 0.6.exe
LegalCopyright	Copyright © 2014
OriginalFilename	Colormixing beta 0.6.exe
ProductName	\Color Mix
ProductVersion (#2)	1.1.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2014-Dec-02 13:24:14
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x43401c`
PointerToRawData	`0x43201c`
Referenced File	N:\Code-P 2014\projecten\3Dprinter\Color sofware\Colormixing beta 0.6\Colormixing beta 0.6\obj\Release\Colormixing beta 0.6.pdb

TLS Callbacks

Load Configuration

RICH Header

de366263fa4a0fc45c30c706bed1eb44

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.sdata

.rsrc

.reloc

Imports

Delayed Imports

2

3

4

32512

1

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors