Manalyze report for e6bf43f7bd154784ee6cd60a73ea4914

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2043-Jan-21 05:09:57
Debug artifacts	C:\Users\jamie\Documents\Visual Studio 2017\Projects\Prototype1\Prototype1\obj\Debug\Prototype1.pdb
Comments
CompanyName
FileDescription	Prototype1
FileVersion	`1.0.0.0`
InternalName	Prototype1.exe
LegalCopyright	Copyright © 2019
LegalTrademarks
OriginalFilename	Prototype1.exe
ProductName	Prototype1
ProductVersion	`1.0.0.0`
Assembly Version	1.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `Microsoft Visual C++ 8.0` `.NET executable -> Microsoft`
Suspicious	VirusTotal score: 1/70 (Scanned on 2019-11-05 15:10:33)	`BitDefenderTheta: Gen:NN.ZemsilF.31731.qm0@a4kRslh`

Hashes

MD5	`e6bf43f7bd154784ee6cd60a73ea4914`
SHA1	`6bf6f3fd981faf78d7e047e6d76b0af50976247e`
SHA256	`3926c05a043690e8e790e96acc3d53abb33e20646a1f6ad0cc9cf0f5a78d99e3`
SHA3	`5fd3e232ab0a6865b8caa7c49aba9ed654524ae6718a42b7c7ca9e75f036ead9`
SSDeep	`6144:QGDXXXXXXXe///6NNQjhsuXXXXXXXXa///ONNNj:7DXXXXXXXe///6NNQjbXXXXXXXa///O`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2043-Jan-21 05:09:57
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x28800`
SizeOfInitializedData	`0x19400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0002A69E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x2c000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x48000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`9ff552575b4450bb1cf8384867604067`
SHA1	`bb6bbe13e54269148511abb62b7fec5b4f53d35d`
SHA256	`6416fe88d95723230d987e5fc5b6e9fd221698510a469046c6e7abcbd2166ae8`
SHA3	`070fd6934fd354e84f760aa1bf0ef95366861aea525b2633f4b9e8d147b9fbd5`
VirtualSize	`0x286a4`
VirtualAddress	`0x2000`
SizeOfRawData	`0x28800`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`4.72734`

.rsrc

MD5	`e3c486c5945b3d9bd8091fb0d8c07a95`
SHA1	`b21d39fad62b75bdce8ecaa7f0bbe12f0f42aa9f`
SHA256	`c793e824933d22aa3dd0dfa8933f5706b838f44221086fca82aa79853c079650`
SHA3	`ef28fb9d92cd4ddae13752f575ba6128e7e12ce5153ed572866159403aa04efa`
VirtualSize	`0x191e4`
VirtualAddress	`0x2c000`
SizeOfRawData	`0x19200`
PointerToRawData	`0x28a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.9753`

.reloc

MD5	`048f1e7df50129967149baabcdf4d1b3`
SHA1	`31cdcde0d27b5b1d04ceb41cd8199a7d18d28dec`
SHA256	`891eb2fdc67150bda7222070db3ae4f53a0a0193313ec60df2d647b91150935a`
SHA3	`74f82d187ea43574f08e257d179d0cd5e7cb58e0e70d79c4ed42d4b8ac0695f0`
VirtualSize	`0xc`
VirtualAddress	`0x46000`
SizeOfRawData	`0x200`
PointerToRawData	`0x41c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0980042`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x544`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.41838`
Detected Filetype	PNG graphic file
MD5	`480ab61a5e5629a2bf3dd5b2917bfb6d`
SHA1	`e5b199d4ade96129934634148757249ee57ff4de`
SHA256	`3d1fe16a20f999e0700541bb9db074203d4799bf6d85bd7403cff53d499095ae`
SHA3	`44fadbc03045f5d3152313d0b95049b8f02f016a6ca94ea9d94e032620c464a3`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.78069`
MD5	`99082bb31eae7b2a51d4feffaf6fb482`
SHA1	`ccce55771ca981589a6c3505f3258fd7bd79600f`
SHA256	`6f26c81eaeaa96a6eca33dccbc08b4a65f73836d58f0d3b7c34beef210477de6`
SHA3	`4829aa0c92935dae1ed10271ae610c389370bf9adee4a01a1b59c6b733f83740`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80613`
MD5	`bd8c9f2554b47f9d56cdcbe23580f1a2`
SHA1	`c47d3fec41bf0830ac9b08e9ee8818caaa019f80`
SHA256	`a9dccf294f3fef2fa8f6ac23ffb56345138eedbdc6aae5c99f8dcaa34b1dfd89`
SHA3	`317fb5dd10073d99f46cff1340774704dcaded3dcb10d515af9dda4e63c3291e`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.83358`
MD5	`c3e3e722999a901b5944d6915591f123`
SHA1	`de4ebf26f5e866ea194c6bd15333d9c2310e5a63`
SHA256	`357c384e0e33b6142073e86321d8cbd5faba5c72e9e3708628d2640c22afbb6b`
SHA3	`030202b3646cb2c6cfa6e89777b5d55979710d0ae7f8b7ab90d7ab46e0d53e4b`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86925`
MD5	`9404d7d4abc6b1aba98df2f6072a0046`
SHA1	`7549d635c8437c64265b94a7a4a0bfabd71e0995`
SHA256	`a934521fbcf3d502010ee8751cf59ab6c1993b1bb9dbec206d4621b33ae21165`
SHA3	`b61470060763bd7b9bde56fb9e3ee0e3739a83815d17f5bd1d1ea18a07a99daa`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86525`
MD5	`493bddd0a71a9ea1c83533197d41f7cf`
SHA1	`355b22487baad9bfc8d88d7cb51231a6b9c6e784`
SHA256	`9a3f4e99f2e02ced850d804e8cabcbeeb32e392ac31a60ea5138a887cccead78`
SHA3	`e7594d575d8c5dded13d6071bea00590f5e6bfd5b011216e93de99ce14d20f40`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.77685`
Detected Filetype	Icon file
MD5	`931120e596cea8c86289d36fb90d8311`
SHA1	`a6027e2f221d7c2b395f8574020075a1d267d459`
SHA256	`c6aef150a429b4877cc63b63357321a1fc511aa86b7d3af7266a2b50b0067285`
SHA3	`81ccb334f492bcd843565be22c4e3cb7d553c7fd245ad2cd5a20f983d10d74aa`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x32c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24291`
MD5	`c18e9d050fb38d040dee1d5bc4b359da`
SHA1	`03e6a7bdd97ad65603a59801b77db71fea86ace1`
SHA256	`9ee4e22f81eea55557df331bbccfad29ca3d322a4255e66227fbb7deecc7bda0`
SHA3	`c2f64999b97803f891a7ceb99a47ee19e57c30dceebdcbe0c6d369a4d39850fe`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	Prototype1
FileVersion (#2)	1.0.0.0
InternalName	Prototype1.exe
LegalCopyright	Copyright © 2019
LegalTrademarks
OriginalFilename	Prototype1.exe
ProductName	Prototype1
ProductVersion (#2)	1.0.0.0
Assembly Version	1.0.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2081-Jul-01 21:36:14
Version	`0.0`
SizeofData	`124`
AddressOfRawData	`0x2a5d0`
PointerToRawData	`0x287d0`
Referenced File	C:\Users\jamie\Documents\Visual Studio 2017\Projects\Prototype1\Prototype1\obj\Debug\Prototype1.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

e6bf43f7bd154784ee6cd60a73ea4914

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors