Manalyze report for 43f8717b4f2fae3a2f29580ee776a670

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2049-Jul-01 04:22:35
Debug artifacts	D:\a\_work\1\s\src\StoreInstaller\obj\Release\net472\StoreInstaller.pdb
CompanyName	Microsoft Corporation
FileDescription	Store Installer
FileVersion	`22509.924.1.0`
InternalName	StoreInstaller.exe
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	StoreInstaller.exe
ProductName	Store Installer
ProductVersion	`22509.0924.01.0+4f8e1701ade948e14bf2094244f7fb30f736bbc2`
Assembly Version	22509.924.1.0

Plugin Output

Info	The PE is digitally signed.	`Signer: Microsoft Corporation` `Issuer: Microsoft Marketplace CA G 026`

Hashes

MD5	`43f8717b4f2fae3a2f29580ee776a670`
SHA1	`ceeb478c8461609d1b86d929a18a101c53f60217`
SHA256	`9947594198071140ffe5b5927f49be6c178e8d06eaa5d8e1813d271429c76acc`
SHA3	`e311136578ec8db5f578da675f4fc29d72faecb4bdc3f12da12109f206c872ed`
SSDeep	`12288:KKg/xI+Tac0RDffXJjyYp+woNHSy5viczsJ00Iyggot+TRnfXJjytpga:wm+2DR7BWYp+wo44IUdmnBWtpga`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2049-Jul-01 04:22:35
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`48.0`
SizeOfCode	`0xf4000`
SizeOfInitializedData	`0x12800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000F5E22 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0xf6000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x10c000`
SizeOfHeaders	`0x200`
Checksum	`0x110e6b`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b5f33fec0cf8062662e5419e0d87fdef`
SHA1	`df59892c91b0103d4c4b26f4103503fbd58ed406`
SHA256	`963685d3cf30cc8cd7a367613f810cc02ddbb93765412edd28d1caa9b7abf8a6`
SHA3	`5d9888e69c58ddaac317823b31138a574f9c3176e82a98e279fb75b7eff5ff3f`
VirtualSize	`0xf3e48`
VirtualAddress	`0x2000`
SizeOfRawData	`0xf4000`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.75097`

.rsrc

MD5	`f393bbe642cc8f9af087e3f16d7014bb`
SHA1	`da06db56205dca1f0f5e7576c6cac2b53fc3e842`
SHA256	`a418758b39a9971bc0b84afdac9c1922c65d6453950fa31eae4b90ea52102f15`
SHA3	`c28c11403a027d58c83cbdb126edeeb970c57e7310499660bde4f272a988768b`
VirtualSize	`0x12520`
VirtualAddress	`0xf6000`
SizeOfRawData	`0x12600`
PointerToRawData	`0xf4200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.9356`

.reloc

MD5	`d11b7661235554ac55d7bd080612eb8a`
SHA1	`ad7f7be2dd2f097eae0a12398082c718422a861b`
SHA256	`eea9334b229c93f01676c719c83c54eb7dba63b1be3e2dffb53e9e8359eccea0`
SHA3	`6421d1ae29dae8f61f624f0dd4473955d11a9b713b3509b9aaec06556efa8870`
VirtualSize	`0xc`
VirtualAddress	`0x10a000`
SizeOfRawData	`0x200`
PointerToRawData	`0x106800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd5e7`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99126`
MD5	`8e41232604330e60956a842c25dce187`
SHA1	`ce9e94b1f0c8f66d76e289694f1d2633ae58a48e`
SHA256	`5ef637eae0e21955990cdd62c4a504caee13b3425c65ca15f6901f72f819caba`
SHA3	`3d30d652736b0db931e98dd8b815ab5f64aa7b5419830502f2a6ac2710e8cb56`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1363`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94256`
MD5	`81d92613ec2ac50f66e80c0c1b7d1319`
SHA1	`bb83ecfdadf91ed328c95276490465c56bdb6a61`
SHA256	`9d4260153ea11cdf1c45cc6528b46a08f2045ec23c96d615bfc31e5c0d0c52b6`
SHA3	`623064d2ee68e440d7d267c2ff61dd5183538359e446577f7381548bd2aead79`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc9d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.92937`
MD5	`12024de66206724a2e4f4d6a93e57741`
SHA1	`40e5b9896268d1e1f7b146b7f13e8f56f6198939`
SHA256	`edd56dd725ffae1ca4f0a5a6b54212c097a917a71620d460e74a278bf143b7e9`
SHA3	`ca130e0f3b9171a7a1a218af02cf5b575abef3ba3e19d019911e5e6c94284261`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x9da`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.89211`
MD5	`d7cf9c044654c8ccca17a55b026a3d78`
SHA1	`0c94984c82c73e841a4f6ca2d1fd53880b3b467a`
SHA256	`d9bf5837c1697ca7e1f5c3c3275d4b1377eb87e6f6f1bfaa2069a9a913883968`
SHA3	`d122393d6bad93fe6915024aef59ecda7fc64745ec7a47ef61965a5b474fee45`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x691`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.80893`
MD5	`dec0260c0a053386a0ca81709dd66d70`
SHA1	`f05e15ea5a4688f04c4916f7caae94eca6668f02`
SHA256	`22f9cb6b233689139650f5d2461b7acb43a26d82e2be584a814fff20d91c29ee`
SHA3	`f674cdbf1c4241d09dc66c9ba4272600e5b02cfcd3496eae14215c75b54658a3`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x490`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.76178`
MD5	`6cf73ed1e416182483de37bbeb5dc6ae`
SHA1	`ce9f6887c45695a134fd9e24327a04df3a6b9342`
SHA256	`6e89eca207df1a7f523191bcbf6a364df738ef375b26a9db89a63b5848e5229c`
SHA3	`debdac993f009fc7867842e6f8a96c843262781000cdb61132104cb4c1d7673f`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x396`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.68659`
MD5	`c4e2955139bc69b781b91224b8c47fe9`
SHA1	`e8afa6adf2cfa8d51d6d2823a30e83fbab93b105`
SHA256	`1b5ce88564e5099b6664a69fa566b836d70edc7f96ab95fd7f6eb67fb32d4b95`
SHA3	`76c38e1e5a5e0ef1ad3dae5eb616802eaa752130a745877738c70ffe8db3a6f9`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x299`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.51668`
MD5	`a3e0481c00db2602d9a10103a74fde83`
SHA1	`bef9f837b70b62b21696c4880336290bfb542434`
SHA256	`5ec8d849406b38a443b80e16e63f7be8bfd0e9cfe7e3c6398c03662bdefef320`
SHA3	`6d8eb73956c105cf6af3ec47d2219ae7a0713a5b7d48ebd9805830e6dc3f23cb`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00469`
MD5	`4a9f16eb56fa02548c03ecf07dfece60`
SHA1	`6d0234805fb86e2ccad911d33e1d9af4522e98ca`
SHA256	`31446c4275b597a2038030cb6e40d1a2316ba5ccb3338dd05148045230ad957b`
SHA3	`558e70e4735f7a81b280cb16263076ba6b3365a3696bf7135928f773b791409b`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3e0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47106`
MD5	`819dcff79ba6329c58bb2972bc2172ab`
SHA1	`58009eb656cdc19df109aebdf1f3dacaca3d75b1`
SHA256	`37abc025229411ceffbdd42c344448f2040e631f9c2cb5f8bce98a0dd5dfe433`
SHA3	`828c607811c092ff86cfb9c8e48398f1eb6a22d8e015d42ef854f90678686a25`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd21`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.01992`
MD5	`444f5f23916484f797192ce263cc33ac`
SHA1	`9b018b1641c4098405e24d0a8e8a1344b5112a52`
SHA256	`31d8103226217f46a673dfe9eabe89dbd733857c3411f8c24e910da5506eb8be`
SHA3	`c02fe033f03e2f7d9e9a4d234e416424a4c7125783287af7ebb803a0e1b6a7b1`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	22509.924.1.0
ProductVersion	22509.924.1.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	Microsoft Corporation
FileDescription	Store Installer
FileVersion (#2)	22509.924.1.0
InternalName	StoreInstaller.exe
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	StoreInstaller.exe
ProductName	Store Installer
ProductVersion (#2)	22509.0924.01.0+4f8e1701ade948e14bf2094244f7fb30f736bbc2
Assembly Version	22509.924.1.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2079-Nov-18 00:09:34
Version	`256.20557`
SizeofData	`96`
AddressOfRawData	`0xf5d48`
PointerToRawData	`0xf3f48`
Referenced File	D:\a\_work\1\s\src\StoreInstaller\obj\Release\net472\StoreInstaller.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`1.0`
SizeofData	`39`
AddressOfRawData	`0xf5da8`
PointerToRawData	`0xf3fa8`

UNKNOWN (#2)

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Please edit the configuration file with your VirusTotal API key.
[!] Error: Could not load yara_rules/bitcoin.yara!
[!] Error: Could not load yara_rules/monero.yara!
[!] Error: Could not load yara_rules/compilers.yara!
[!] Error: Could not load yara_rules/findcrypt.yara!
[!] Error: Could not load yara_rules/suspicious_strings.yara!
[!] Error: Could not load yara_rules/domains.yara!
[!] Error: Could not load yara_rules/peid.yara!