Manalyze report for 05efb77eeef3ce11d47986c6dca00557

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Feb-12 23:45:46
FileDescription
FileVersion	`0.0.0.0`
InternalName	depresyon_fidye.exe
LegalCopyright
OriginalFilename	depresyon_fidye.exe
ProductVersion	`0.0.0.0`
Assembly Version	0.0.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `.NET executable -> Microsoft`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentVersion\Run` `Miscellaneous malware strings: cmd.exe` `Contains domain names: denizbank.com http://www.w3.org http://www.w3.org/2001/XMLSchema http://www.w3.org/2001/XMLSchema-instance https://www.denizbank.com https://www.denizbank.com/blog/finans/kripto-para-nedir-en-yaygin-kripto-paralar-hangileridir www.denizbank.com www.w3.org`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`05efb77eeef3ce11d47986c6dca00557`
SHA1	`d34561de90c1f4d1e2b12629df0c3fb23c1f2ac9`
SHA256	`3be848aca33fe38591b0ec0957f83dc46ac9531198994bd692aded5da790daeb`
SHA3	`ba4653588ff818800e9edd7eef2305224e289670eb7f755c5278ed9e4bb6edf0`
SSDeep	`1536:7o27IbQTr9AYNWlFgo6XFhuHpHEXqnDDQZHJK1:7o9bQTr9AyW6XUEXqD4HJK1`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2026-Feb-12 23:45:46
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0xb600`
SizeOfInitializedData	`0x1600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000D4CE (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0xe000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x12000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`d4ada925322f06798a08ecb76b21ee85`
SHA1	`c957c08a388850928aa6c475c7b81978dd2d8895`
SHA256	`729354e0e20e59a1eb4477c8ec575de576c4f38603ebd4fed08c9fda6c708d70`
SHA3	`9347f9076bcc6889da3fe8cbcff0682a3dfd4af4432d16e73baba285f616a6d7`
VirtualSize	`0xb4d4`
VirtualAddress	`0x2000`
SizeOfRawData	`0xb600`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`4.87072`

.rsrc

MD5	`311688588f72a0b0cef7d037027b0aff`
SHA1	`0f579ab071e003b4e97d7c25dfa1dd6f015677c0`
SHA256	`e1f83e994fdb0cea908aa6e7c55bc066ece1c3f0004225970400563d354cd929`
SHA3	`95f7ef3571fbc1947cd4ee1229c72fa2074a295125752119ea238b0ffdc8e1fa`
VirtualSize	`0x1348`
VirtualAddress	`0xe000`
SizeOfRawData	`0x1400`
PointerToRawData	`0xb800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.68295`

.reloc

MD5	`6e75ae959698feb4761941aeb448c454`
SHA1	`af29a8a1da9b3cb735e20f2af0537967632a62f6`
SHA256	`7428020e1674ad54a5d933be96b6fc13149a32bbe588f7677e73fe40ff5405de`
SHA3	`6baebb2559cdcafb1a0b6b25505e2dafbad8597a8d552bf3435e7989b2e622b3`
VirtualSize	`0xc`
VirtualAddress	`0x10000`
SizeOfRawData	`0x200`
PointerToRawData	`0xcc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0776332`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xda8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.06338`
MD5	`98b815d1a58efcf0f874909c9becb29b`
SHA1	`e127a81056229cef7bdfe777785134d7852847e9`
SHA256	`e2eeb2ed776c2bec4e644438fdc9e86f0ffdd1103a1e7c4627190bf45bdf5913`
SHA3	`fb3454353b4ebec61c3c96607641b2a03a91975b4c6fadc83b1916910a985315`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`1b131c5cd96ce142530c18a6339280c0`
SHA1	`9d6ce40a2f0570ede1603368d4237a228b7efa50`
SHA256	`cb389194e64297dfb075b46683d64126c2d70e0355a447bdeb581cc612fb1c97`
SHA3	`e0d4953a4ab8823d982cddb42a111f56247580cfd3a4541817ee06b92b7ce6f8`

1

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x264`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.18022`
MD5	`119c9165a51d36489a4c793e183f9367`
SHA1	`3a828a2c69834c2829b96bb57baebe0445417989`
SHA256	`c35db313924e5c4dd3559f51ab228e0c9f41392b0df1163c9e3ca1fb55c7b207`
SHA3	`389b635c5d6bbaa96f64f73fb9c0572afb1f5dab02eb7377d5fdb413bcdc365f`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`a19a2658ba69030c6ac9d11fd7d7e3c1`
SHA1	`879dcf690e5bf1941b27cf13c8bcf72f8356c650`
SHA256	`c0085eb467d2fc9c9f395047e057183b3cd1503a4087d0db565161c13527a76f`
SHA3	`93cbaf236d2d3870c1052716416ddf1c34f21532e56dd70144e9a01efcd0ce34`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.0.0.0
ProductVersion	0.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
FileDescription
FileVersion (#2)	0.0.0.0
InternalName	depresyon_fidye.exe
LegalCopyright
OriginalFilename	depresyon_fidye.exe
ProductVersion (#2)	0.0.0.0
Assembly Version	0.0.0.0

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

05efb77eeef3ce11d47986c6dca00557

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

2

32512

1

1 (#2)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors