Manalyze report for f2465420ec469eeb1dccea96998db11d

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2024-Oct-02 00:11:37
Detected languages	English - United States
Debug artifacts	C:\Users\user\source\repos\UnityHwid\x64\Release\UnityHwid.pdb

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: discord.com https://discord.com`
Info	The PE contains common functions which appear in legitimate applications.	`Has Internet access capabilities: WinHttpReceiveResponse WinHttpOpen WinHttpOpenRequest WinHttpCloseHandle WinHttpCrackUrl WinHttpConnect WinHttpSendRequest`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`f2465420ec469eeb1dccea96998db11d`
SHA1	`e1489b7cd2672460eff8dfdd15160695465572bb`
SHA256	`c3f7a43a123a2c207c261a7794557003c2c5282f594ae44ab03a08e1fb92d1e8`
SHA3	`f64f7063363413f2216667a3af0573675ce14ed77a8f001ea309478c07b12b67`
SSDeep	`768:cl4onwbADx0ttjv3DHfDzjBWAwbyokURMdDY8KY/ogypispB3C2:ifwbAytdHbZWAwbgQo32`
Imports Hash	`88c86c313cbd5eac5326b3c6761693ba`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2024-Oct-02 00:11:37
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x7400`
SizeOfInitializedData	`0x6000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000006EF8 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x12000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`3d5db329a27ff22212b590081bf9262e`
SHA1	`06ada9d52ab7867aad00805fd268df54b0794b4c`
SHA256	`292d164bb3fc8b87ba2aadd58feafbbd08d98d8a1199880e44828730dfeabacb`
SHA3	`86c10b8dc8e19e20d4ad91dc2aa170c36bfdc75fa38e9dced0e3406984c75074`
VirtualSize	`0x732b`
VirtualAddress	`0x1000`
SizeOfRawData	`0x7400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.108`

.rdata

MD5	`542662752df6db9f3d8bed06e9ab7f80`
SHA1	`33d11730658d5e43987844adf7ae5f9c4bcc5b3a`
SHA256	`d38523cff5a72e8c804fa0b30705070754c6654725318408125c65bdc883f1ee`
SHA3	`d18b7c04afafb360e161385f9e88c7b3418cc3b1ca1529da9eeb0c03ca715b8c`
VirtualSize	`0x4606`
VirtualAddress	`0x9000`
SizeOfRawData	`0x4800`
PointerToRawData	`0x7800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.7586`

.data

MD5	`658eb387be338632a3b5894e5df017dc`
SHA1	`9e87634c38a74d0eaee6beb0733d0c98dd733ad1`
SHA256	`5c63ada2cc3d2e89080040a40f5709f70e2b9187e90cbb1cfa36d28ea28a60dd`
SHA3	`414dfd20acd212e536deb6e651555f762c76a8a81e523e95d0ada761b2a92bc3`
VirtualSize	`0xa80`
VirtualAddress	`0xe000`
SizeOfRawData	`0x600`
PointerToRawData	`0xc000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.98487`

.pdata

MD5	`f85bd16c10c61d896292b45520aa763a`
SHA1	`a8df6269854690db39f9bc8016afa34f6837e104`
SHA256	`893345d02b1afb8326249bb5f27f0a11b17cc920eaa29052781dcd6833112d2a`
SHA3	`07e6e10900f5b575f2222b561a1c68acc3d769ef5f6a1d403cff42ae5be6c10f`
VirtualSize	`0x720`
VirtualAddress	`0xf000`
SizeOfRawData	`0x800`
PointerToRawData	`0xc600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.03415`

.rsrc

MD5	`7fb674792fe66f6671133a254ca44aa5`
SHA1	`234c04832be6431ad5b6c2cb4ad8df1d540d8e0e`
SHA256	`6db91187d518061b8e0eb1ab539700e0e869a14469d7b74d1f77539f03d31917`
SHA3	`10751e67e36ec57bec4a45c0ff03354c6f58c3e65182b0ff4c4f223917c293de`
VirtualSize	`0x1e0`
VirtualAddress	`0x10000`
SizeOfRawData	`0x200`
PointerToRawData	`0xce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.69389`

.reloc

MD5	`f44cf1149f9640923c79ff68b4d6114c`
SHA1	`b1e63c7e8864e7e1057d216bcdaa805987f8848f`
SHA256	`c26549f728296e20ba026696d3fd9809e4196b11f634e725db27a6e428326941`
SHA3	`cdbae1e5b5b2e2046c8fee733421c5b355e9764a66c230279d2faf755ebfcae1`
VirtualSize	`0xc0`
VirtualAddress	`0x11000`
SizeOfRawData	`0x200`
PointerToRawData	`0xd000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`2.55818`

Imports

KERNEL32.dll	`FindFirstFileW` `FindNextFileW` `FindClose` `WideCharToMultiByte` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetCurrentProcess` `TerminateProcess` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `IsDebuggerPresent` `GetModuleHandleW` `RtlCaptureContext`
MSVCP140.dll	`?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z` `?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z` `?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z` `?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z` `?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z` `??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z` `?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z` `?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ` `?good@ios_base@std@@QEBA_NXZ` `??7ios_base@std@@QEBA_NXZ` `?always_noconv@codecvt_base@std@@QEBA_NXZ` `??Bid@locale@std@@QEAA_KXZ` `??1_Lockit@std@@QEAA@XZ` `??0_Lockit@std@@QEAA@H@Z` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ` `?_Xlength_error@std@@YAXPEBD@Z` `?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `?uncaught_exceptions@std@@YAHXZ` `?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ` `?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A` `?_Xout_of_range@std@@YAXPEBD@Z` `?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A`
WINHTTP.dll	`WinHttpReceiveResponse` `WinHttpOpen` `WinHttpOpenRequest` `WinHttpCloseHandle` `WinHttpCrackUrl` `WinHttpConnect` `WinHttpSendRequest`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
VCRUNTIME140.dll	`memset` `__current_exception_context` `__current_exception` `_CxxThrowException` `__std_exception_copy` `__std_exception_destroy` `memcpy` `memmove` `__std_terminate` `__C_specific_handler`
api-ms-win-crt-stdio-l1-1-0.dll	`fgetc` `fclose` `fflush` `fputc` `_get_stream_buffer_pointers` `__p__commode` `_fseeki64` `_set_fmode` `fread` `fsetpos` `ungetc` `setvbuf` `fwrite` `fgetpos`
api-ms-win-crt-filesystem-l1-1-0.dll	`_unlock_file` `_lock_file`
api-ms-win-crt-runtime-l1-1-0.dll	`__p___argc` `__p___argv` `_cexit` `_c_exit` `_initialize_narrow_environment` `_get_initial_narrow_environment` `_configure_narrow_argv` `_exit` `_initialize_onexit_table` `_register_onexit_function` `_crt_atexit` `exit` `_set_app_type` `_seh_filter_exe` `_initterm_e` `_invalid_parameter_noinfo_noreturn` `_initterm` `_register_thread_local_exe_atexit_callback` `terminate`
api-ms-win-crt-heap-l1-1-0.dll	`malloc` `_set_new_mode` `_callnewh` `free`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`

Delayed Imports

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2024-Oct-02 00:11:37
Version	`0.0`
SizeofData	`87`
AddressOfRawData	`0xa880`
PointerToRawData	`0x9080`
Referenced File	C:\Users\user\source\repos\UnityHwid\x64\Release\UnityHwid.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2024-Oct-02 00:11:37
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0xa8d8`
PointerToRawData	`0x90d8`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2024-Oct-02 00:11:37
Version	`0.0`
SizeofData	`780`
AddressOfRawData	`0xa8ec`
PointerToRawData	`0x90ec`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2024-Oct-02 00:11:37
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14000e040`

RICH Header

XOR Key	`0xc0cca27e`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`12`
ASM objects (33808)	`3`
C objects (33808)	`10`
C++ objects (33808)	`27`
Imports (33808)	`6`
Imports (33136)	`5`
Total imports	`165`
C++ objects (LTCG) (34120)	`1`
Resource objects (34120)	`1`
Linker (34120)	`1`

f2465420ec469eeb1dccea96998db11d

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

.rsrc

.reloc

Imports

Delayed Imports

1

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

IMAGE_DEBUG_TYPE_ILTCG

TLS Callbacks

Load Configuration

RICH Header

Errors