Manalyze report for f3ced5e4a897b1b01a25bbd64e510d7e

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Dec-08 18:44:36
Debug artifacts	C:\Users\mail\SynologyDrive\03 Dokumente\21 Visual Studio\MiTranslate\MiTranslate\obj\Debug\MiToolkit.pdb
Comments
CompanyName
FileDescription	MiToolkit
FileVersion	`1.6.0.0`
InternalName	MiToolkit.exe
LegalCopyright	Copyright © 2017
LegalTrademarks
OriginalFilename	MiToolkit.exe
ProductName	MiToolkit
ProductVersion	`1.6.0.0`
Assembly Version	1.6.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Safe	VirusTotal score: 0/64 (Scanned on 2018-01-04 06:00:48)	`All the AVs think this file is safe.`

Hashes

MD5	`f3ced5e4a897b1b01a25bbd64e510d7e`
SHA1	`85c74b35c8b01f8cfd16dd4c6f80eae42fcf6a1a`
SHA256	`5e69fc4fb8fa19043d7742c32fb7cfec34ab216fe1e2e30979e98e6cccd8dc9c`
SHA3	`c42aba5ee0959ddb3fb18b3e5ea347c2907f4716c8261522898a75887893e1ef`
SSDeep	`6144:zGFcbLVS9u9o9fUAfjjjjjjjjjEjjjaG:zZQ9u9o9fjrG`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2017-Dec-08 18:44:36
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`80.0`
SizeOfCode	`0x133a00`
SizeOfInitializedData	`0x5b000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00135826 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x136000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x194000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`35fbd1440fe787fa7219a5536611edbe`
SHA1	`d12a353e3a9cdc0fda5b8b1eeb1b94ae6ffc8bd1`
SHA256	`a5c811ce5898534ff25333b442022bf558074aca14498a50edee4cb389bce22e`
SHA3	`15f5cbe163361ad3be3c2eb82ea4ca707d86726399a41ed1fa5e929527fc498c`
VirtualSize	`0x13382c`
VirtualAddress	`0x2000`
SizeOfRawData	`0x133a00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`2.61363`

.rsrc

MD5	`b7d83fe395d4ff6891d7b093fad6ca9f`
SHA1	`3432fac966ec337c0ad51cce99814fd503e400e0`
SHA256	`1555933e3380f145409d3ea66326f2291459a5f74286901a1a5df2a41fc4b306`
SHA3	`fd87417aa9640f08831cd3a45063ab84ec2158903d1b78b5661d9a3e53846cad`
VirtualSize	`0x5acb8`
VirtualAddress	`0x136000`
SizeOfRawData	`0x5ae00`
PointerToRawData	`0x133c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.68127`

.reloc

MD5	`4d780b7986b85a4180214afab993f4ca`
SHA1	`f113dabc896192567c32a859ac2ac093ee6a2e68`
SHA256	`ee7fb9988714353a3a51a2256ffe5c86b6b3aa0984223e7f8356b30d4b2ab514`
SHA3	`a0bca3aaae8c1af45db643cd2216240a973c32db8461347830addefbd3b539b6`
VirtualSize	`0xc`
VirtualAddress	`0x192000`
SizeOfRawData	`0x200`
PointerToRawData	`0x18ea00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.47226`
MD5	`6afb3d881942e95ab2a74037b9a63b6b`
SHA1	`67c018ec745d77e32e253d99757fd383b5417198`
SHA256	`8f908b032bd301636c99a27d5093c37fda7b5290b5fff63a7e6d12739ae4f659`
SHA3	`69fce1e1d9fa4d15d0d3222f68161228e4e99738026a6e80716ec06fedee42f8`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.02028`
MD5	`f18a331ec7280036688f3ece4dd84f61`
SHA1	`803a86b69ec9ef45314f8a0dde86340056f30b0e`
SHA256	`6ec5efaa1879c7e07ff0c3aae03841e4d0ebdb2579d95715b53d9855318ecf84`
SHA3	`2d03437d4ad0ca42d29cf66202c1d5797ccaa88db2d8aaf20ce4ea8a6496dd36`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.47493`
MD5	`4481dcd360204dcd181b64edb91553ed`
SHA1	`16f7fee01334ae14f8499f30f217af9588083915`
SHA256	`1c74bfeb057b06821356e3d57bb824ff002167dc7736884b5718833cdf38f1f3`
SHA3	`5c8460bd4a1d21b1d099e2e05a3858a8e9b7013425b2f258d6efe8ae3f4809e8`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.74393`
MD5	`b2f8fd94e04e1021799ad95529abf4d3`
SHA1	`fea07eba84cf7f2a77a371c7ad15585018f0fb3d`
SHA256	`2139eeebd3ca295072bd782d07f8a0fe332266eaa3d7be413024a68c653d669c`
SHA3	`4841c25d24cf00ce6bd2df68c50cea638c00ef0ad34e98be8bcc872a12e8251b`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.60125`
MD5	`367742a9cfe22196165d3c99d1a66f6d`
SHA1	`69863919b3025468ea244d1bf944c0bb9d010973`
SHA256	`fde13c27505770162715d5a7533d89329d93e6faf8a673a41e3401ca547cd17c`
SHA3	`fdebd825f97c82a517073546a8ef6908038fc727164fd086046bf8944589156c`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.53812`
MD5	`d5bfcc7b1cb026d85dcba70b0d96556e`
SHA1	`695773f701e7c7be0b1def6c8f8b8d8ae3539f7c`
SHA256	`806e4e6f1b7256a5d56ebcf3003bd285f3d0207f0ef65e07aea719e3f7299063`
SHA3	`b342ccb46842bc47b375b8e43f9979873f40acd0d51a155e750f0192062ffac1`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76511`
Detected Filetype	Icon file
MD5	`61e58469fe660c213ebc6e2cc66cbafc`
SHA1	`c47479da87d8390f935b337e91bdbedcc739b3eb`
SHA256	`c369bebe3271775e43301281caa7efcd03938e3bc1f620212d6c5617edaad403`
SHA3	`7c04647ad931cbf1b5c005cebc686d11b461a50e14ba9aa560e6cc1749adcb2f`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x31c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31619`
MD5	`e7520f99bb1f7d65e77aa3c375be25a0`
SHA1	`9e932f8ecdcd43e967c7dd17e3a3b185f2c7ed3f`
SHA256	`b57e95a0891fd19ab1cf99754c61ed86aee9e054cd91e4fe3c9b067ef827e127`
SHA3	`5b23111c19b92c74b7e92319fb1dfab7f5dfcabd1bc7227e345a02fad62255c9`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.6.0.0
ProductVersion	1.6.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	MiToolkit
FileVersion (#2)	1.6.0.0
InternalName	MiToolkit.exe
LegalCopyright	Copyright © 2017
LegalTrademarks
OriginalFilename	MiToolkit.exe
ProductName	MiToolkit
ProductVersion (#2)	1.6.0.0
Assembly Version	1.6.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2017-Dec-08 18:44:36
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x1356b8`
PointerToRawData	`0x1338b8`
Referenced File	C:\Users\mail\SynologyDrive\03 Dokumente\21 Visual Studio\MiTranslate\MiTranslate\obj\Debug\MiToolkit.pdb

TLS Callbacks

Load Configuration

RICH Header

f3ced5e4a897b1b01a25bbd64e510d7e

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors