Manalyze report for 2fb2ef4506adf329c42a0172430b4f85a8b13b09cd40ee3fc12faba2f3205599

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2055-Aug-08 22:03:04
Debug artifacts	D:\MyCodes\AppUpdater\AppUpdater\obj\Debug\AppUpdater.pdb
Comments
CompanyName
FileDescription	AppUpdater
FileVersion	`1.1.0.0`
InternalName	AppUpdater.exe
LegalCopyright	Copyright Â© 2025
LegalTrademarks
OriginalFilename	AppUpdater.exe
ProductName	AppUpdater
ProductVersion	`1.1.0.0`
Assembly Version	1.1.0.0

Plugin Output

Suspicious	The PE is possibly a dropper.	`Resources amount for 93.7917% of the executable.`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`7a51c55dc0829abf1c803076c23fd655`
SHA1	`368f4272805c6aeb84167be5837f4336d02d7168`
SHA256	`2fb2ef4506adf329c42a0172430b4f85a8b13b09cd40ee3fc12faba2f3205599`
SHA3	`41f5e935461c0176c3c25866f11c1b5525d445eb44deef18112b75a44881285e`
SSDeep	`3072:sytHeheYxEUUpnd3jw/U+n3AosAU1umV6ul3L4c+7Aq0DIfd7ZGYBGQTgkUdsMp:9lhugvKMqDaOXsI9a59mknv7os`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2055-Aug-08 22:03:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0x6a00`
SizeOfInitializedData	`0x6ae00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000897A (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0xa000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x78000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`c18eac5d047043b07a09fed1ae15ce62`
SHA1	`a20e02cab2e6e9d8a90ce15a6683f2d49d997d32`
SHA256	`62e278630963d2d73b997e7e1dae43a61b0ab3249a08bc2cdecf67ea15c44d69`
SHA3	`fc13dd2c8521334693ae14e0870233dcfdc00d9c80a2a4eec308a64d8703e38c`
VirtualSize	`0x6998`
VirtualAddress	`0x2000`
SizeOfRawData	`0x6a00`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.44642`

.rsrc

MD5	`2738d76bd5f59931abf31544cce508e9`
SHA1	`1dd36af17865289f8a94af5ef08e9a00cebd10fb`
SHA256	`79881af5f3eead93574a89f6a2134abededb7d67ca4a4efc578197462d3b5460`
SHA3	`ba77dee1ad1c79e5c52eb8214e3e58e30b7eb43a953f7ec5d292409f82d52be2`
VirtualSize	`0x6abd8`
VirtualAddress	`0xa000`
SizeOfRawData	`0x6ac00`
PointerToRawData	`0x6c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.92218`

.reloc

MD5	`2123596990d5579d71d9c28162a7559f`
SHA1	`98040637a3e8271395b92446bf9bfc122e83d86f`
SHA256	`dd10941ffacfad1c1fb76118aa7f724daa846073dd3e70cf718d6586363b8f3b`
SHA3	`4a04b5c6675bf545bc9adc8e0e18e3ab2b7cdd90fb37e70503f3865792266c06`
VirtualSize	`0xc`
VirtualAddress	`0x76000`
SizeOfRawData	`0x200`
PointerToRawData	`0x71800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.20546`
MD5	`a21254279013943b354712ad21f1e7a7`
SHA1	`f9a56922c2af6758569681f86f009b550baa3e05`
SHA256	`6a6df622800c410fa5be2a3a524107178d94752ec28fa8f1abea562673203fc4`
SHA3	`344248ccdcf3af02daf111ac5a34540a04a721df98ecec497541116bb63b5692`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.97509`
MD5	`e44c463f769c77343fe7985f83772ca1`
SHA1	`4bce5355554aa8a4ffa569c4c207f79f6bcfa1a8`
SHA256	`3b1ddf99754281582bda419c0eeb3fc84f71a634fae7171e671d83a24eab7ac2`
SHA3	`d28902524686348718d004c2fb8151ff49609b7b81ceaa2f79af977339c49880`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.68014`
MD5	`ba2ed9f972ae59aeb85d73e71bce5834`
SHA1	`3609979de7bc931076f703103263f6d6b75e76eb`
SHA256	`83a9c3cbdbb421a3a714d8b0530ace40ebe1ed95335d7ae2a819e3fd5474cce1`
SHA3	`bd3b0c63b94e56fbdb49429c83779b35264f589f5235b0700a5f2c6cf2c416eb`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.3326`
MD5	`babae1bdfdc434baee489c4179af766f`
SHA1	`aa2db77e65a21d526a25a533f44eb7f90b8f1d8f`
SHA256	`332254fc40a6fd81c78427a1c65eb9e525101e8381b67f17e48666d7d007fbc4`
SHA3	`439562013043c4ed4a5306aeb814f15869203dea701d697ce5451998ce9e8780`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.09151`
MD5	`5a3ea0ca023dfb3174fe2f41584d0906`
SHA1	`7d6c5cac28a59bba65be7b2da536d89922084cf8`
SHA256	`a0e7b909cf6e57d652bf1b1a5ad52c7bf6a08246bbf8473bfcf9f494088a3b01`
SHA3	`695fd24bc18531e6cfa41e259b44036e72e46a89cc8e1114d93f786bd039e19a`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5488`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.03754`
MD5	`1fefa9953f03f7e001588aa6fe899df8`
SHA1	`0ea7254944c338b9ed865904a96770453ab797c9`
SHA256	`0d74b88414b623e86d2de041f251dc07780f6d591e071991bcf5a8c31c7cc323`
SHA3	`1dcdfbaa15774b3f6d3ac53d135061985e364b0317e7119a3ee2b06d3a3018d3`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91316`
MD5	`2c30b83c874927cebb39e09f1e67603d`
SHA1	`55ca437b9bc21f3ec4aba488f226fa4078b9c830`
SHA256	`6e5e8e729b1afcea14076f37a01f02a6469e052dc25109aee93afdcb9bcad4cb`
SHA3	`abca268995a5c51d7b46e7c124e9c14fc0e7339df42d6d148bc164f400400137`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.81712`
MD5	`b3bf31273f4748e1e1cc9b6ad71d11f1`
SHA1	`b9ed8347a59b431973222c96dd0f5dfa56073a37`
SHA256	`02b5f4d2e3aaa6d1cc4c9a6c320461436c3b08632c93821ec19be4b9448954f8`
SHA3	`1de2646889077ca037163a122a7b7b213219b06dae6f3f407fbd90c9c046d7ff`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.72376`
MD5	`238acc5cfaa656a71e6d1603026b5318`
SHA1	`0e6cb280f3f893e81e22f6d4e66997c1553e8f04`
SHA256	`3dcdc9311cf74dcf2cbd0fe36421c5574b9cc4f012e36f3077d094d561165ace`
SHA3	`38a41776c77182ce5c9b83b523755fe9cf20239538234218717d2de349e7dc65`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01226`
Detected Filetype	Icon file
MD5	`8bd3cd6b83e995093febc060ec76aeb3`
SHA1	`b0338c581ad2beceda2bccbaa46d96383d3dc4a1`
SHA256	`4f16960f06a3608a7d49573795526ff6790c65d8015f0419d72a373e55ed8ac7`
SHA3	`dab5ecc0662f74eef0913882133480a1e4285be23cab87b03392d82bdce0c981`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x32c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28015`
MD5	`17a4ab34c750adcc658f308a21326940`
SHA1	`fc4f1d6d20dc4147a4b21e660e91ded171894114`
SHA256	`72c04dad0393987c02c56d4150f4d4fd23635117eb179c053190cb8997d36819`
SHA3	`867dcf81470b1e907a595414970a2487226fca97ee70230ce668faacce61b9ed`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd8a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.02329`
MD5	`fe9dda3aa65dd864c8bdb350f50bf92a`
SHA1	`83223fdd37b95493b0dcbb619b2b43f04fa30f30`
SHA256	`2c0c846479739b6f883cf191d106ac2db9d4d22f6a724c204434f80a7a7e1471`
SHA3	`0defbc97f3f71385b1e2ca4bbbbc44c38e692ab0e310af2451b1cf5534af4a1e`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.1.0.0
ProductVersion	1.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments
CompanyName
FileDescription	AppUpdater
FileVersion (#2)	1.1.0.0
InternalName	AppUpdater.exe
LegalCopyright	Copyright Â© 2025
LegalTrademarks
OriginalFilename	AppUpdater.exe
ProductName	AppUpdater
ProductVersion (#2)	1.1.0.0
Assembly Version	1.1.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2064-May-19 23:33:16
Version	`0.0`
SizeofData	`82`
AddressOfRawData	`0x88d4`
PointerToRawData	`0x6ad4`
Referenced File	D:\MyCodes\AppUpdater\AppUpdater\obj\Debug\AppUpdater.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.