Manalyze report for ff5a8a26a7ef4aaa308651cb269ded26

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2020-Mar-10 08:06:29
Debug artifacts	c:\bamboo-agent-home\xml-data\build-dir\CKATWIN-CR19-JOB1\src\DotNET\DBTechnology\dbFly\obj\Debug\dbFly.pdb
FileDescription	DataBase Technology
FileVersion	`0.0.2.30`
InternalName	dbFly.exe
LegalCopyright	Copyright © 2012
OriginalFilename	dbFly.exe
ProductName	DataBase Technology
ProductVersion	`1.7`
Assembly Version	0.0.2.30

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: http://schemas.microsoft.com http://schemas.microsoft.com/expression/blend/2008 http://schemas.microsoft.com/winfx/2006/xaml http://schemas.microsoft.com/winfx/2006/xaml/presentation http://schemas.openxmlformats.org http://schemas.openxmlformats.org/markup-compatibility/2006 microsoft.com openxmlformats.org schemas.microsoft.com schemas.openxmlformats.org`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`ff5a8a26a7ef4aaa308651cb269ded26`
SHA1	`2660508dba1c357d1f1d08eb256de5dbc129368b`
SHA256	`aa1b525703f850c91b4a6fd671e586d23af6643c28bcde4fd068aed4dbfe9186`
SHA3	`5874e3d2166a441f2c30a186b83bd0795567d9cf06528f69364ec1fc8efbc70c`
SSDeep	`3072:Qw4aSINRf27xHfGQwFsmf+cYWL2EmBZjsDg0hhxtGAMLjINRf27xHfGQwFsmf+:l4a5Ie/f4WL2rBZjsDg6hx4+Ie/f`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2020-Mar-10 08:06:29
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0x1a7e00`
SizeOfInitializedData	`0x192000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x001A9DAE (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x1aa000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x33e000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`0d4a00598a467df6b628f153855f67b4`
SHA1	`f9c65e716c647898f3af2f27027771a0036ab19c`
SHA256	`cb9a162dcc9b847854b7f939c12d895eb0da755175aa994757a7e4ba5f1e9644`
SHA3	`d8250f465545b7070e90aebb8b2100ab2b198a89073af18071bcffe08b7ef355`
VirtualSize	`0x1a7db4`
VirtualAddress	`0x2000`
SizeOfRawData	`0x1a7e00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`2.48458`

.rsrc

MD5	`85c712dde1a41c081aa3807e2e85db5b`
SHA1	`b92922da37c32048027c16936d6e1a246513b96c`
SHA256	`28c617145cbd9ff7d89164ffc178b35923e3df7f39a66444dca8c8cce95d1a2c`
SHA3	`17ad4c54dc8abd430a0d5ce42c3d79971e55e4c34f966d75a246c0380b50f152`
VirtualSize	`0x191de0`
VirtualAddress	`0x1aa000`
SizeOfRawData	`0x191e00`
PointerToRawData	`0x1a8000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.13463`

.reloc

MD5	`223f7d783b3716c0ac9cded99427cee1`
SHA1	`2836b41a1b8927c036c48815390749eb0ce00b61`
SHA256	`06cdb74af04bab96e602247e4c15371ae30e3c65aea7df66a4103f73c44c143d`
SHA3	`7e3da34be7cc95f2b75393f3278647a4d200bc1b5a28d65b81e56925d273c996`
VirtualSize	`0xc`
VirtualAddress	`0x33c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x339e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.16958`
MD5	`241483bb5e359fe22fd791567b1dfbea`
SHA1	`cfc90c63d5ac21670b2a0cca65e2bf326bf15238`
SHA256	`65cca25448e1b99d8819996bd19c648e73bdddd2bd5a310ddd29db0c249e4eee`
SHA3	`2761bb5e0ffddea2f0ddb5b31d747b6db6686c74fa157e8e4cc42c3ea61a0f44`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.31428`
MD5	`3c1db012c787a91a41cb006b28e3f221`
SHA1	`a3dd9f9387ead957a0d4874d11cabfe5fc44dc3d`
SHA256	`022ba01ba70bb67c8246b8d905e1fd5c34986105f9eacf9c4e0235336d6dd3e6`
SHA3	`e08903e94af08f151c536c0f8d25d471f0946be7a29b9601e30a4ac057d1df96`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.68376`
MD5	`72a6be30705fbb27c51b29a37f880553`
SHA1	`5e3f48330c8d981b3fe900a8eb8a10a38bbb6db4`
SHA256	`461710804217503f6348c182645a660ef9df02697f58ea862c0683ca507e6340`
SHA3	`2f2ecbec6d5d97d843a8cdbfcd06e5e465e4c31d057abbc658240d452d9398bc`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.66595`
MD5	`8f526d23ecff19d9c60d8aa25a3026c0`
SHA1	`b295f8260f6f83172b3e4f0c13b987866d8d2a12`
SHA256	`951d7fcd7ce9a387c6bc5243194ebb3e5284f9c1bc044299c50970273f79fc14`
SHA3	`6af1e32707f3981fb729eb7a55de5d51c86e72147d797ed2d0b8ac0d25220654`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23075`
MD5	`4458cb13fc0b0869ddf534966512ac53`
SHA1	`12562c2bd17c713200d7fd1e8ee331e17ecec849`
SHA256	`b11b5811ae6740114e7492b8de34257cee10a9471df1286c6ba1d1fb890c8678`
SHA3	`883e5c37b28268cff59c9f6f8ac0fd9b60e29e792cb8164e9d6efc9fe84ad164`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.22896`
MD5	`9634bee9224112f98f39a13735928565`
SHA1	`a37745281405a76188461f31ffb34e014101171f`
SHA256	`5b598cc8afeca8249786af1302086155e8d97a1465c7ff345fc4f1369bb37ae0`
SHA3	`d3f2a13aba6ed8c177307a0a828bb24bb46ab4525c42b1342536b6d2a8a838ca`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.62373`
MD5	`f5690915f54011a33658e53b3ec023d3`
SHA1	`d3f62a6f60501ed278dc1d4f1328a56ea770655e`
SHA256	`ccd7c82fcded49df2c2a37885e152beda2a52031ad6772aef142aa8b15e07e41`
SHA3	`a6ca383190b7861824b3500c8b40abef69fecc08dc209ccf3f5cdb9141fb7cd0`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.61933`
MD5	`ed862f795a50ba22f40012d17b59956b`
SHA1	`73f5a1092fd14fe8c7afab3d74ad71fec896f5c5`
SHA256	`53758b5b4d8a6ee463a740678cd19070ba4b7af2ae033f1694ea938a554566f4`
SHA3	`b1138005253c5402d068caab7b322a432fde5d583e3fda7ae3c9d1217fbe77a1`

10

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.16017`
MD5	`2088b88f09a072b7b32f62539b9f8ef1`
SHA1	`e40e33b1467bbe2978bea078f66390c0fee831d4`
SHA256	`9ebcd6c574081da094467af9419d3e7e21e56111bd26dc36427e16f887cf7773`
SHA3	`9ce7e1603a264987e689bcc35bcb692a2198bd21325784d244c2c5727fecb928`

11

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x108028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.87682`
MD5	`72dae69e100a720c71a249d34ff15826`
SHA1	`6198bcc38c4cd73569b1a3052171d311baeeaef1`
SHA256	`82697a904236a6c2436c0ea60b0a2ab5b71cd307edb27d2fcce809f526eacd1b`
SHA3	`578075e9f1ebf835bac47343ec7b8cc806919f23cefaef4c177405f622e0893f`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x92`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06312`
Detected Filetype	Icon file
MD5	`705e33755a1c985ea97ec8b820138f96`
SHA1	`dc52278f5e45a9ac1ed1c5a6073eaaf461af6686`
SHA256	`f90e1de5b54d5d71bd061ac204a67faf748d335d272602a7ab99276b63310267`
SHA3	`1707c15e95c794e27e17d254d019680258d60fa26cdba2ec32b546010a52c362`

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35297`
MD5	`49b882a8b5f9bbff34476f31fd63ab54`
SHA1	`a5c29b0425838b6d3ee7daa1c2bf63b023871aa3`
SHA256	`a7e6c22606a391b6727803944214853b78649d9640e58e0351b84e33df385259`
SHA3	`1e838536640f9eeeb65524819204cba4dd5901983b345f6dc9c116b1547f82e9`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`a19a2658ba69030c6ac9d11fd7d7e3c1`
SHA1	`879dcf690e5bf1941b27cf13c8bcf72f8356c650`
SHA256	`c0085eb467d2fc9c9f395047e057183b3cd1503a4087d0db565161c13527a76f`
SHA3	`93cbaf236d2d3870c1052716416ddf1c34f21532e56dd70144e9a01efcd0ce34`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.0.2.30
ProductVersion	1.7.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
FileDescription	DataBase Technology
FileVersion (#2)	0.0.2.30
InternalName	dbFly.exe
LegalCopyright	Copyright © 2012
OriginalFilename	dbFly.exe
ProductName	DataBase Technology
ProductVersion (#2)	1.7
Assembly Version	0.0.2.30

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2020-Mar-10 08:06:29
Version	`0.0`
SizeofData	`284`
AddressOfRawData	`0x1a9c44`
PointerToRawData	`0x1a7e44`
Referenced File	c:\bamboo-agent-home\xml-data\build-dir\CKATWIN-CR19-JOB1\src\DotNET\DBTechnology\dbFly\obj\Debug\dbFly.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

[!] Error: Yara error: ERROR_TOO_MANY_MATCHES