Manalyze report for e946d7c0512284c00cf08757affc40fa

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Feb-05 16:51:45
CompanyName	StudioCoast Pty Ltd
FileDescription	vMix
FileVersion	`28.0.0.36`
InternalName	vMix.exe
LegalCopyright	Copyright © StudioCoast Pty Ltd
OriginalFilename	vMix.exe
ProductName	vMix
ProductVersion	`28.0.0.36`
Assembly Version	28.0.0.36

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentVersion\Run` `Miscellaneous malware strings: cmd.exe` Contains domain names: 10mrs5bpicvkc0p7se1o5covqc6hl5he.apps.googleusercontent.com 538887385236-10mrs5bpicvkc0p7se1o5covqc6hl5he.apps.googleusercontent.com Chimply.com NDI.NewTek.com NewTek.com Vimeo.com accounts.google.com api.cloud.wowza.com api.dacast.com api.twitter.com api.vimeo.com apps.googleusercontent.com brightcove.com cloud.wowza.com console.info dacast.com datatracker.ietf.org example.com facebook.com github.com google.com googleapis.com googleusercontent.com graph.facebook.com help.vmix.com http://127.0.0.1 http://NDI.NewTek.com http://NDI.NewTek.com/ http://example.com http://videojs.com http://vmix.com.au http://vmix.com.au/ http://vmix.com.au/Activate http://vmix.com.au/CreateProductKey http://vmix.com.au/CreateRegisteredProductKey http://vmix.com.au/Register http://vmix.com.au/SendErrorReport http://vmix.com.au/SendErrorReport2 http://vmix.com.au/T http://vmix.com.au/TU http://vmix.com.au/UnRegister http://www.vmix.com http://www.vmix.com/ http://www.vmix.com/activate http://www.vmix.com/upgrade http://www.w3.org http://www.w3.org/1999/xhtml http://www.w3.org/1999/xlink http://www.w3.org/2000/svg http://www.w3.org/2000/xmlns/ http://www.w3.org/2001/XMLSchema http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd http://www.w3.org/XML/1998/namespace https://accounts.google.com https://accounts.google.com/o/oauth2/v2/auth?client_id https://api.cloud.wowza.com https://api.cloud.wowza.com/api/v1/token/transcoders/ https://api.dacast.com https://api.dacast.com/v2/external/vmix/channel?apikey https://api.restream.io https://api.restream.io/login?response_type https://api.restream.io/oauth/token https://api.restream.io/v2/server/all https://api.restream.io/v2/user/ingest https://api.restream.io/v2/user/streamKey https://api.smashcast.tv https://api.smashcast.tv/auth/token https://api.smashcast.tv/ingests/default_list https://api.smashcast.tv/mediakey https://api.twitch.tv https://api.twitch.tv/helix/streams/key?broadcaster_id https://api.twitch.tv/helix/users https://api.twitter.com https://api.twitter.com/1.1/account/verify_credentials.json https://api.twitter.com/1.1/statuses/update.json?status https://api.twitter.com/2/region https://api.twitter.com/2/users/ https://api.twitter.com/oauth/access_token https://api.twitter.com/oauth/authorize?oauth_token https://api.twitter.com/oauth/request_token https://api.ustream.tv https://api.ustream.tv/channels/ https://api.ustream.tv/users/self/channels.xml https://api.vimeo.com https://api.vimeo.com/me https://api.vimeo.com/me/videos https://api.vimeo.com/me/videos?per_page https://api.vimeo.com/oauth/access_token https://api.vimeo.com/oauth/authorize?client_id https://api.vimeo.com/videos/ https://datatracker.ietf.org https://datatracker.ietf.org/doc/html/draft-pantos-hls-rfc8216bis-09#section-4.4.3.7. https://git.io https://github.com https://graph.facebook.com https://graph.facebook.com/ https://help.vmix.com https://help.vmix.com/ https://id.twitch.tv https://id.twitch.tv/oauth2/authorize?response_type https://id.twitch.tv/oauth2/token https://ingest.twitch.tv https://ingest.twitch.tv/ingests https://mixer.com https://ndi.video https://oauth2.googleapis.com https://oauth2.googleapis.com/revoke https://oauth2.googleapis.com/token https://public-api.periscope.tv https://public-api.periscope.tv/v1 https://public-api.periscope.tv/v1/broadcast https://public-api.periscope.tv/v1/broadcast/create https://public-api.periscope.tv/v1/broadcast/delete https://public-api.periscope.tv/v1/broadcast/publish https://public-api.periscope.tv/v1/broadcast/stop https://public-api.periscope.tv/v1/device_code/check https://public-api.periscope.tv/v1/device_code/create https://public-api.periscope.tv/v1/oauth/token https://public-api.periscope.tv/v1/region https://register.vmix.com https://register.vmix.com/ https://tools.ietf.org https://tools.ietf.org/html/draft-pantos-http-live-streaming-23#section-4.3.3.1 https://vjs.zencdn.net https://vjs.zencdn.net/vttjs/0.14.1/vtt.min.js https://vmixcloud.com https://www.brightcove.com https://www.brightcove.com/ https://www.dacast.com https://www.dacast.com/backend/api/wirecast.xml https://www.facebook.com https://www.googleapis.com https://www.googleapis.com/auth/youtube https://www.googleapis.com/oauth2/v3/tokeninfo https://www.googleapis.com/youtube/v3/liveBroadcasts/bind?id https://www.googleapis.com/youtube/v3/liveBroadcasts/transition?id https://www.googleapis.com/youtube/v3/liveBroadcasts?id https://www.googleapis.com/youtube/v3/liveBroadcasts?maxResults https://www.googleapis.com/youtube/v3/liveBroadcasts?part https://www.googleapis.com/youtube/v3/liveChat/messages?liveChatId https://www.googleapis.com/youtube/v3/liveStreams?id https://www.googleapis.com/youtube/v3/liveStreams?part https://www.ustream.tv https://www.ustream.tv/oauth2/token https://www.vmix.com https://www.vmix.com/ https://www.vmix.com/VMixService2.asmx https://www.vmix.com/calldirectconnection/ https://www.vmix.com/calllowlatency/ https://www.vmix.com/clockhelp/ https://www.vmix.com/download/streaming.xml?version https://www.vmix.com/facebooklivescheduledstreams https://www.vmix.com/fbgroups https://www.vmix.com/graphicsadapter/ https://www.vmix.com/help24/SystemRequirements.html https://www.vmix.com/privacypolicy/ https://www.vmix.com/vlcdownload https://www.vmix.com/welcome/ https://www.vmix.com/zoomplugindownload https://www.vmixcall.com https://www.vmixcall.com/ https://www.vmixcall.com/shortlink.ashx?Password https://www.vmixcloud.com https://www.vmixcloud.com/oauth/?key https://www.vmixcloud.com/oauth/api.ashx?cmd https://www.vmixcloud.com/zoom/api.ashx?Key https://youtube.com https://zoom.us inkscape.org jquery.org livelan.example.com mixer.com n.style.top oauth2.googleapis.com paint.net placeholder.example.com register.vmix.com s.style.top style.top t.top-a.top t.top-i.top t.top-s.top this.top-e.top tools.ietf.org top-a.top top-e.top top-i.top top-s.top twitter.com videojs.com vimeo.com vjs.zencdn.net vmix.com.au vmixcall.com vmixcloud.com window.console.info wowza.com www.brightcove.com www.dacast.com www.facebook.com www.googleapis.com www.inkscape.org www.vmix.com www.vmixcall.com www.vmixcloud.com www.w3.org youtube.com zencdn.net
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`e946d7c0512284c00cf08757affc40fa`
SHA1	`9363562353afe5204a6da2f976096e87fef95ac1`
SHA256	`07730a70eca58f5b84b3078a79a6d6777f9bf9d2295ee73a55971149bdf6704d`
SHA3	`e50ab0316ab817e79ad8e8e1884c9fafd8076a092c2b7e4aeb7e2b0f5b2db06c`
SSDeep	`393216:nYvuMZjP7CekblY80h2hsBLuLT/wJU/yyp3xYEqynblT:ngZjP7LwVMB0wJU/y03dRT`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2025-Feb-05 16:51:45
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x1106400`
SizeOfInitializedData	`0x6e00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0110831E (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x110a000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x1114000`
SizeOfHeaders	`0x200`
Checksum	`0x1113387`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b75ccc1bce5cbc1a320d5d110f24cc57`
SHA1	`6babc6752290518c6965bad6d1865b9e9e570f6a`
SHA256	`b759290efd852b47346dd0bb483c6e699d35c4c1e156237e2b9ddd3f2b5fca39`
SHA3	`7e1271f1b99cd481079c252cac709f8104b68f161272cd956b8d86a2a3000b4a`
VirtualSize	`0x1106324`
VirtualAddress	`0x2000`
SizeOfRawData	`0x1106400`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.41876`

.rsrc

MD5	`eaf4a7573edc64662dfdc19950e07f1a`
SHA1	`636f247a938832c0e91130598723ec30df729192`
SHA256	`4c777b9aed8c17378f4b46310cb8310f3defe209c16add6946a7e4111f1d4fdc`
SHA3	`9f96f520862030334061a527944be82236c08c3eb3d31a08cec7b12836ce4fbf`
VirtualSize	`0x6b9c`
VirtualAddress	`0x110a000`
SizeOfRawData	`0x6c00`
PointerToRawData	`0x1106600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.89325`

.reloc

MD5	`14a5d43a9825e889183ce62fd0bc3fc0`
SHA1	`f88034e02dcce7fd151ce2299542c3b93ecc8be5`
SHA256	`4a25d0989bb6d3e93202bb817f091c83b905f5029f9788bafbc21932d1ea3026`
SHA3	`8071df53eee2c66bfa3198f09c49fd1aa5797e7ec3c57fb2da1257111a7c8411`
VirtualSize	`0xc`
VirtualAddress	`0x1112000`
SizeOfRawData	`0x200`
PointerToRawData	`0x110d200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.122276`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x770`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.84186`
Detected Filetype	PNG graphic file
MD5	`0b92a3e3ecf40430f009622af8c24a03`
SHA1	`ddf231f9c8a7acb4e5fb73349f78cd16a2217ea9`
SHA256	`68a75535ea24e39619f7b15f8c84e1de7b28e19c0fdbf2f3dce16a5600032f91`
SHA3	`fd9c76923bc2fb16c984df12fede7092641404def9d75bf44aff918824d950f4`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14747`
MD5	`a2fe8236d57ae8d8a5677e1c07600e5d`
SHA1	`0af2a6057ffdd6213f81accb9d663b4cca0647fd`
SHA256	`63c89484453787798aa286380ad0a210124615fcd2db62898669e9018c2123b8`
SHA3	`0f944020e7037865b24576446244ffd244860c29efaa1e909abdfe5a99005e3d`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.62167`
MD5	`874b02af02d06aedbaef8bd3c41989db`
SHA1	`b4c5420ba35855200b73f606b603e275c260a3d0`
SHA256	`2dcd8e8cbe7b84dc092515f691f4a61ec589170ab8e9ba2c6408f88370c18337`
SHA3	`76da48cc645ab584ec6560b83e03ed56b5feceadc34273ed0c9eeb97f0da086b`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.13284`
MD5	`e43b4e9dd1fc302854a64603fb8779b3`
SHA1	`a3c5c33b45ac1c3473b151b622065f770afab4b4`
SHA256	`64cb03490212c3abee0df8683cc42e226b8042ec2280b54a256d0454318d6fea`
SHA3	`a3af97b943045c21857812f3787acd190fb55bdfd0a8df271790e97d6710868f`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x770`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.84186`
Detected Filetype	PNG graphic file
MD5	`0b92a3e3ecf40430f009622af8c24a03`
SHA1	`ddf231f9c8a7acb4e5fb73349f78cd16a2217ea9`
SHA256	`68a75535ea24e39619f7b15f8c84e1de7b28e19c0fdbf2f3dce16a5600032f91`
SHA3	`fd9c76923bc2fb16c984df12fede7092641404def9d75bf44aff918824d950f4`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02107`
MD5	`11a3e47fb78f74ba20936a666c33b94e`
SHA1	`d3479bcdb701d8c05ede711b9766b82aef1400c1`
SHA256	`53a3913c58d718c8e587ab6153a12ef29c4eb86750396aa198578b5bc39dfac7`
SHA3	`1945377ddacbeb4b02a161b47bf97cec586652b7390e0503ee01c537ce4e664b`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92731`
MD5	`8787acadcd3885e42ed1078f46beadbd`
SHA1	`df864d7fa8061dbcc4ef75575af531222a50b3f8`
SHA256	`7a26247cf1fbed1b9a02d26de0ef3aa096ad5900ac305b387b84b115e0cfa198`
SHA3	`2cf08860c2d9bc9190968749eb4abd5abc6932b06a16edf9416034c1b2ea0aa1`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11789`
MD5	`c63b089cacbe4ef6c7710903e80be4a0`
SHA1	`be2995684268f0eca259948bf3a39d7d8bf4e778`
SHA256	`2b52306f7ff2f4cedf624b2998ab64ef0b334459109d65db264ef036f94e94be`
SHA3	`0ec839cbbc31c81a42dcf197b20cf3b0f69e9de99e42372f615344f15f631dda`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.77302`
Detected Filetype	Icon file
MD5	`82b12a18fbb760fd651fde3dcd1eff7d`
SHA1	`96c53b3ce8695ade63dae1efe3ddb9bc948acd0e`
SHA256	`8f2cc2b3c921f9f93561c384875b64067ab57976a2723cb3c0ec37d5e26fea5b`
SHA3	`4e2f278f08dce4108ef25db19a49df76d47f9dc0f2beb4e7c068cfc4a8370840`

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x300`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36288`
MD5	`7baad5d6829ce402b6a252377959573b`
SHA1	`35d221f7231a55352037ef44cb0ae5bd2d0f1162`
SHA256	`a556cb7f5233420c281f6de00090fa240e8c362c1fbb6a320cefca6e3f889cc1`
SHA3	`0ea79c360bf0b2e4fe559f9b37c0336492093f57f600c3bb118395de397181f6`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd54`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00804`
MD5	`ee23f2007dc8618b5f8e28a8767af788`
SHA1	`ad232bda8d475b7a97114041e6054e924500565d`
SHA256	`eae559acf7e3ae13cb17933a0b3151da015be81fc65442cba54a0696abeea6b4`
SHA3	`8e885a7b12673f49e9eec1a4d2a23713625ab4b5cf164d140c6b9d2a07c743c1`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	28.0.0.36
ProductVersion	28.0.0.36
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	StudioCoast Pty Ltd
FileDescription	vMix
FileVersion (#2)	28.0.0.36
InternalName	vMix.exe
LegalCopyright	Copyright © StudioCoast Pty Ltd
OriginalFilename	vMix.exe
ProductName	vMix
ProductVersion (#2)	28.0.0.36
Assembly Version	28.0.0.36

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

e946d7c0512284c00cf08757affc40fa

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

2

3

4

5

6

7

8

9

32512

1

1 (#2)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors