×
This file seems to be a .NET executable .
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!
Architecture
IMAGE_FILE_MACHINE_I386
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date
2019-Dec-26 21:13:43
Debug artifacts
C:\Workspace\CryptoTester\CryptoTester\obj\Release\CryptoTester.pdb
Comments
Tool for testing encryption algorithms.
CompanyName
FileDescription
CryptoTester
FileVersion
1.3.0.8
InternalName
CryptoTester.exe
LegalCopyright
Copyright © Demonslay335
LegalTrademarks
OriginalFilename
CryptoTester.exe
ProductName
CryptoTester
ProductVersion
1.3.0.8
Assembly Version
1.3.0.8
Info
Matching compiler(s):
Microsoft Visual C# v7.0 / Basic .NET
.NET executable -> Microsoft
Info
Cryptographic algorithms detected in the binary:
Uses constants related to AES
Uses constants related to Blowfish
Suspicious
VirusTotal score: 2/72 (Scanned on 2020-01-03 09:19:29)
CrowdStrike:
win/malicious_confidence_60% (W)
Trapmine:
malicious.moderate.ml.score
MD5
fcdb986833fce78d4d2ff2f794d206e5
SHA1
de42496a818cbc3d25f7b9af94c5d4b3324abb45
SHA256
8dc4fe32e88f3d05a659bbec290e348c37786e36f38b206cb6b23d2e81e84869
SHA3
da2ed16f6082e52dfd17ba6d52c0f4b4d290585cee9d0915885abb56e39ce5b9
SSDeep
196608:DtlobhCUWgatP9H2+w2xOtVKj26o2JFVCk/hMrTJ:Tsh2nP9H2+nUVik2nE
Imports Hash
f34d5f2d4577ed6d9ceec516c1f5a744
e_magic
MZ
e_cblp
0x90
e_cp
0x3
e_crlc
0
e_cparhdr
0x4
e_minalloc
0
e_maxalloc
0xffff
e_ss
0
e_sp
0xb8
e_csum
0
e_ip
0
e_cs
0
e_ovno
0
e_oemid
0
e_oeminfo
0
e_lfanew
0x80
Signature
PE
Machine
IMAGE_FILE_MACHINE_I386
NumberofSections
3
TimeDateStamp
2019-Dec-26 21:13:43
PointerToSymbolTable
0
NumberOfSymbols
0
SizeOfOptionalHeader
0xe0
Characteristics
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
Magic
PE32
LinkerVersion
48.0
SizeOfCode
0x613200
SizeOfInitializedData
0x6400
SizeOfUninitializedData
0
AddressOfEntryPoint
0x0061519E (Section: .text)
BaseOfCode
0x2000
BaseOfData
0
ImageBase
0x400000
SectionAlignment
0x2000
FileAlignment
0x200
OperatingSystemVersion
4.0
ImageVersion
0.0
SubsystemVersion
6.0
Win32VersionValue
0
SizeOfImage
0x620000
SizeOfHeaders
0x200
Checksum
0
Subsystem
IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve
0x100000
SizeofStackCommit
0x1000
SizeofHeapReserve
0x100000
SizeofHeapCommit
0x1000
LoaderFlags
0
NumberOfRvaAndSizes
16
MD5
ea6c14e8458025fbb63418ac2545db9c
SHA1
3dcb4e177099c2944a795909defd480f9c450f9b
SHA256
519e066c168805627af25844bd6832a2e955b57607c4954c89a4a6f11c0294b4
SHA3
a906f88c6d14da29f33eeda60c5c5d8db5c91a45c4f0c02f74234383571263ec
VirtualSize
0x6131a4
VirtualAddress
0x2000
SizeOfRawData
0x613200
PointerToRawData
0x200
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy
7.96292
MD5
04abb1ffabc847e353a6f36244ce78f8
SHA1
0dfd42e640cbdc4652bcd6a8f0c9471c2ee13d44
SHA256
2a0ce0a8f6e453836928a5c92bea7d27caf4ba3251bcc6edd5e71a3b059302c6
SHA3
20737d16893ccb243de5834ae09164554f3837cd23d9f011f7164bd28081dba8
VirtualSize
0x6098
VirtualAddress
0x616000
SizeOfRawData
0x6200
PointerToRawData
0x613400
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy
7.82411
MD5
53d2aa1b8da5283d040eeb20963aecf9
SHA1
3a6e923785ae1e0ea652c8f34a51c4a74904c38a
SHA256
3823867610ebfcede2d8e1aa2fa88a61b9d02817c010353a5b0cac38014f3811
SHA3
ce65f444d194fde17f136dd9dec1e7515680d1d9d0b7051031c8fed5897a4330
VirtualSize
0xc
VirtualAddress
0x61e000
SizeOfRawData
0x200
PointerToRawData
0x619600
PointerToRelocations
0
PointerToLineNumbers
0
NumberOfLineNumbers
0
NumberOfRelocations
0
Characteristics
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy
0.10191
Type
RT_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x59cb
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
7.96154
Detected Filetype
PNG graphic file
MD5
836e03b1b983519332ddd166f6f46faf
SHA1
4d8372603c2046edf449fe1535c2246e1794768b
SHA256
4bc0e4919f6108d387e9fa5984884a80003d4aa57be3a755b958596f2ac484b7
SHA3
fddae41b482a5a252320ca5ac051bde67191324cdbe7770b397a8acf26c5f7f6
Type
RT_GROUP_ICON
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x14
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
1.51664
Detected Filetype
Icon file
MD5
73a356eb7a9dbb2cae4b69e45a4ec048
SHA1
e908e738a80f2c9e37fe6b82d0194b5792a3b342
SHA256
a914a90e305c5882751e867f30b26b049f718055578cd651dfddaceceb18cb06
SHA3
61b29e5676c373ea24abaee32a1e0e34e0c0d373d4b24b14fd8d89d962e6e3a6
Type
RT_VERSION
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x398
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
3.31788
MD5
8adde2da93bea7058e79e24b3f8b2e26
SHA1
6789f97eeeddf5861e361261620f868df41d55c2
SHA256
bb2f997a3768a21ed284cdd4ff208dd1541cb118af89ca0ac7fa82a0c0deeb5d
SHA3
efce689a9573002f8d02f0dac821fe0037afef0c32bfec471ea9ed48568b492d
Type
RT_MANIFEST
Language
UNKNOWN
Codepage
UNKNOWN
Size
0x1ea
TimeDateStamp
1980-Jan-01 00:00:00
Entropy
5.00112
MD5
b7db84991f23a680df8e95af8946f9c9
SHA1
cac699787884fb993ced8d7dc47b7c522c7bc734
SHA256
539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a
SHA3
4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff
Signature
0xfeef04bd
StructVersion
0x10000
FileVersion
1.3.0.8
ProductVersion
1.3.0.8
FileFlags
(EMPTY)
FileOs
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType
VFT_APP
Language
UNKNOWN
Comments
Tool for testing encryption algorithms.
CompanyName
FileDescription
CryptoTester
FileVersion (#2)
1.3.0.8
InternalName
CryptoTester.exe
LegalCopyright
Copyright © Demonslay335
LegalTrademarks
OriginalFilename
CryptoTester.exe
ProductName
CryptoTester
ProductVersion (#2)
1.3.0.8
Assembly Version
1.3.0.8
Characteristics
0
TimeDateStamp
2019-Dec-26 21:13:43
Version
0.0
SizeofData
92
AddressOfRawData
0x6150ec
PointerToRawData
0x6132ec
Referenced File
C:\Workspace\CryptoTester\CryptoTester\obj\Release\CryptoTester.pdb