Manalyze report for e2fa2d5c659363c7579b56f9ded4e6cf11bb13d55168d283247f0e08119800e9

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2026-Apr-05 21:43:34
Detected languages	English - United States
Debug artifacts	Microsoft.Web.WebView2.Core.pdb
CompanyName	Microsoft Corporation
FileDescription	Microsoft Edge Embedded Browser WinRT Component
FileVersion	`1.0.3912.50`
InternalName	Microsoft.Web.WebView2.Core.dll
LegalCopyright	Copyright Microsoft Corporation. All rights reserved.
OriginalFilename	Microsoft.Web.WebView2.Core.dll
ProductName	Microsoft Edge Embedded Browser WinRT Component
ProductVersion	`1.0.3912.50`
CompanyShortName	Microsoft
ProductShortName	Microsoft Edge Embedded Browser WinRT Component

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW LoadLibraryW` `Can access the registry: RegGetValueW RegOpenKeyExW RegQueryValueExW RegCloseKey`
Info	The PE is digitally signed.	`Signer: Microsoft Corporation` `Issuer: Microsoft Code Signing PCA 2011`
Safe	VirusTotal score: 0/72 (Scanned on 2026-04-13 13:11:51)	`All the AVs think this file is safe.`

Hashes

MD5	`f8491e43fa46bb5cb82a8cb025be813f`
SHA1	`bdeb4a18323b8daec899a839859ce99a4b9b2cdb`
SHA256	`e2fa2d5c659363c7579b56f9ded4e6cf11bb13d55168d283247f0e08119800e9`
SHA3	`a7f449bbd9655c71c47ddab1ef0f30ec98014d82a2e18d441ef4138c681fc32d`
SSDeep	`12288:wgr83xJDPAJcx0LAemwYg8dQsQqCvKiv7Kfyv6w8M2b1Sq0lSXeIik5nwCNzZHqs:w59+jmwd8dQsjM4DLmqrb`
Imports Hash	`88639441c5d4bf0c793393097dc8f60a`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-Apr-05 21:43:34
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_DLL` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x8c800`
SizeOfInitializedData	`0x33800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000007D620 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x180000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xc4000`
SizeOfHeaders	`0x400`
Checksum	`0xcbcdc`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`0c0aab3f844eebc97f135cc3665cc22f`
SHA1	`7c8641041af715ca04b43d28b599b7f262888f84`
SHA256	`5c195eb0892340c699e79fad3e6387fee745c828984fd3e215d36c5ac1c8544f`
SHA3	`001614230d1a1c33cf9d5e603255acc0f661d45530f0da175fd395326e83a984`
VirtualSize	`0x8c773`
VirtualAddress	`0x1000`
SizeOfRawData	`0x8c800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.2352`

.rdata

MD5	`1143708b5470927fd8af40e5addead0f`
SHA1	`02da06905f0de81d9de0b94089f87ef2f3025428`
SHA256	`1dbf86c5a34798c688c918b64877a216bfb8bec62d65226614363a602d59faac`
SHA3	`a7555d930f42b16de8864b486bc22b9d2adeb8d0c2d8b4f76ada552dd82db7c6`
VirtualSize	`0x256f8`
VirtualAddress	`0x8e000`
SizeOfRawData	`0x25800`
PointerToRawData	`0x8cc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.45202`

.data

MD5	`54326ea9097dba77538f64d58f080673`
SHA1	`42e11988f7b930578ba32251fc8bf1de9b1a585e`
SHA256	`efa477a1299dbf8ad8e607d8ec3b8fc8160bafdb4c0f48b262b4a49d863d1e9d`
SHA3	`552592c18cf4330c7c744607d2e216c5c063aebc737609f5cbfbab341a5ac080`
VirtualSize	`0x29f0`
VirtualAddress	`0xb4000`
SizeOfRawData	`0x2000`
PointerToRawData	`0xb2400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.75978`

.pdata

MD5	`d094f90ea05a145459f0e5c2784d6fe3`
SHA1	`1064279d8e5bfe6ac48bca5f0220a3d81a4a3a3a`
SHA256	`0a845f9390346f2ec26e2ac5f12163ce1c9a93c848485f50a66f8bbdbb69c19d`
SHA3	`53be275bcce8ef5ad4a435e2621af17fbd8ccc7bb0f0a602fd48ab7de7bd4af3`
VirtualSize	`0x804c`
VirtualAddress	`0xb7000`
SizeOfRawData	`0x8200`
PointerToRawData	`0xb4400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.78119`

.rsrc

MD5	`bf0ce9533042aaea0edd1077035d46b2`
SHA1	`e52484c2084231d29d0abf150d6854f78e1e659a`
SHA256	`3960ffbe48cdb9d145cbe2de7fc860c5125dfa1f92a48823b12f43a8e0433614`
SHA3	`f9e6898a135f284b6f225e7f64e6c04e1613f66ae68a3e6bb602fc85a2e3a132`
VirtualSize	`0x520`
VirtualAddress	`0xc0000`
SizeOfRawData	`0x600`
PointerToRawData	`0xbc600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.9967`

.reloc

MD5	`62fa2dab5adbac0c71fefaf8de215c3f`
SHA1	`5a75010ebc931e5200f9bf55eaaee104495d73b4`
SHA256	`21357677b1a38989a49e1b1b6eb8927581b1607dd71c30b2b1f902da8e91df1b`
SHA3	`8254e0eb21848a79f25c321d26ae8b2b445d561fbfdbc3df272a3fedb4a327db`
VirtualSize	`0x2c94`
VirtualAddress	`0xc1000`
SizeOfRawData	`0x2e00`
PointerToRawData	`0xbcc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.4202`

Imports

KERNEL32.dll	`OutputDebugStringW` `GetCurrentThreadId` `FormatMessageW` `IsDebuggerPresent` `GetLastError` `SetLastError` `GetModuleFileNameA` `CreateSemaphoreExW` `HeapFree` `ReleaseSemaphore` `GetModuleHandleExW` `WaitForSingleObject` `ReleaseMutex` `WaitForSingleObjectEx` `OpenSemaphoreW` `CloseHandle` `HeapAlloc` `GetProcAddress` `CreateMutexExW` `GetCurrentProcessId` `GetProcessHeap` `GetModuleHandleW` `WideCharToMultiByte` `DebugBreak` `DecodePointer` `ReleaseSRWLockExclusive` `AcquireSRWLockExclusive` `EncodePointer` `ReleaseSRWLockShared` `AcquireSRWLockShared` `InitOnceExecuteOnce` `GetFileAttributesW` `CreateFileW` `OutputDebugStringA` `GetModuleFileNameW` `LoadLibraryExW` `LoadLibraryW` `FreeLibrary` `GetEnvironmentVariableW` `RaiseException` `RtlPcToFileHeader` `WakeAllConditionVariable` `TlsFree` `TlsSetValue` `TlsGetValue` `TlsAlloc` `InitializeCriticalSectionAndSpinCount` `DeleteCriticalSection` `SleepConditionVariableSRW` `RtlCaptureContext` `InterlockedFlushSList` `InterlockedPushEntrySList` `RtlLookupFunctionEntry` `RtlUnwindEx` `InitializeSListHead` `GetSystemTimeAsFileTime` `QueryPerformanceCounter` `RtlVirtualUnwind` `IsProcessorFeaturePresent` `TerminateProcess` `UnhandledExceptionFilter` `MultiByteToWideChar` `GetCurrentProcess` `SetUnhandledExceptionFilter`
api-ms-win-core-com-l1-1-0.dll	`CoCreateFreeThreadedMarshaler` `CoTaskMemFree` `CoTaskMemAlloc`
api-ms-win-core-winrt-error-l1-1-0.dll	`RoOriginateErrorW` `RoOriginateError` `RoTransformError`
api-ms-win-core-winrt-string-l1-1-0.dll	`WindowsStringHasEmbeddedNull` `WindowsGetStringRawBuffer` `WindowsIsStringEmpty`
api-ms-win-shcore-stream-winrt-l1-1-0.dll	`CreateRandomAccessStreamOverStream` `CreateStreamOverRandomAccessStream`
OLEAUT32.dll	`GetErrorInfo` `SysFreeString` `VariantClear` `VariantInit` `SetErrorInfo` `SysStringLen`
api-ms-win-eventing-provider-l1-1-0.dll	`EventRegister` `EventUnregister` `EventWriteTransfer` `EventSetInformation`
api-ms-win-core-registry-l1-1-0.dll	`RegGetValueW` `RegOpenKeyExW` `RegQueryValueExW` `RegCloseKey`
api-ms-win-crt-runtime-l1-1-0.dll	`_cexit` `terminate` `_seh_filter_dll` `_configure_narrow_argv` `_initialize_narrow_environment` `_initialize_onexit_table` `_register_onexit_function` `_execute_onexit_table` `_crt_atexit` `_invoke_watson` `_initterm` `_initterm_e` `abort` `_invalid_parameter_noinfo` `_errno`
api-ms-win-crt-string-l1-1-0.dll	`wcsncmp` `wcslen` `_wcsicmp` `iswspace` `strlen` `strcpy_s` `strcmp`
api-ms-win-crt-stdio-l1-1-0.dll	`__stdio_common_vswprintf`
api-ms-win-crt-convert-l1-1-0.dll	`_wtoi` `_ultow_s`
api-ms-win-crt-heap-l1-1-0.dll	`_callnewh` `malloc` `calloc` `free`
api-ms-win-core-winrt-error-l1-1-1.dll	`RoOriginateLanguageException`
api-ms-win-core-com-l1-1-1.dll	`RoGetAgileReference`
api-ms-win-core-winrt-l1-1-0.dll	`RoGetActivationFactory`
api-ms-win-crt-math-l1-1-0.dll	`floor`

Delayed Imports

DllCanUnloadNow

Ordinal	`1`
Address	`0xddf0`

DllGetActivationFactory

Ordinal	`2`
Address	`0xdee0`

1

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47632`
MD5	`d995298484a91b7f33168e65a6949e57`
SHA1	`56f76f1081d29cde912edea81d4836889191522f`
SHA256	`e495a610b49d91df32f2b916ca212fa2297e806236d145283af220daec114d21`
SHA3	`13d85ab12a22da0369c22448f5c2473c29c30eaf08df686511f70d8e25c58829`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.3912.50
ProductVersion	1.0.3912.50
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	English - United States
CompanyName	Microsoft Corporation
FileDescription	Microsoft Edge Embedded Browser WinRT Component
FileVersion (#2)	1.0.3912.50
InternalName	Microsoft.Web.WebView2.Core.dll
LegalCopyright	Copyright Microsoft Corporation. All rights reserved.
OriginalFilename	Microsoft.Web.WebView2.Core.dll
ProductName	Microsoft Edge Embedded Browser WinRT Component
ProductVersion (#2)	1.0.3912.50
CompanyShortName	Microsoft
ProductShortName	Microsoft Edge Embedded Browser WinRT Component

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Apr-05 21:43:34
Version	`0.0`
SizeofData	`56`
AddressOfRawData	`0xa92cc`
PointerToRawData	`0xa7ecc`
Referenced File	Microsoft.Web.WebView2.Core.pdb

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Apr-05 21:43:34
Version	`0.0`
SizeofData	`1076`
AddressOfRawData	`0xa9304`
PointerToRawData	`0xa7f04`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2026-Apr-05 21:43:34
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

UNKNOWN

Characteristics	`0`
TimeDateStamp	2026-Apr-05 21:43:34
Version	`0.0`
SizeofData	`4`
AddressOfRawData	`0xa9760`
PointerToRawData	`0xa8360`

TLS Callbacks

StartAddressOfRawData	`0x1800a9788`
EndAddressOfRawData	`0x1800a9790`
AddressOfIndex	`0x1800b60ac`
AddressOfCallbacks	`0x18008e508`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1800b4200`
GuardCFCheckFunctionPointer	`6443033688`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

XOR Key	`0xa27cbaa3`
Unmarked objects	`0`
ASM objects (35207)	`10`
C objects (35207)	`10`
C++ objects (35207)	`46`
C objects (33145)	`2`
Imports (VS2008 SP1 build 30729)	`32`
Imports (33145)	`3`
Total imports	`130`
Unmarked objects (#2)	`7`
C++ objects (LTCG) (35222)	`7`
Exports (35222)	`1`
Resource objects (35222)	`1`
Linker (35222)	`1`

Errors

Leave a comment

No comments yet.