Manalyze report for 59f21d4d321475c16b2e07ea8efb9474

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2054-Apr-23 15:35:09
Debug artifacts	C:\Users\NetboyDev\source\repos\BitTool Ultimate\BitTool Ultimate\obj\Release\BitTool Ultimate.pdb
Comments	Create bitcoin transactions.
CompanyName	BitTools Inc.
FileDescription	BitTool Ultimate
FileVersion	`2.5.0.0`
InternalName	BitTool Ultimate.exe
LegalCopyright	Copyright © 2020
LegalTrademarks
OriginalFilename	BitTool Ultimate.exe
ProductName	BitTool Ultimate
ProductVersion	`2.5.0.0`
Assembly Version	2.5.0.0

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET` `Microsoft Visual C++ 8.0`
Info	Interesting strings found in the binary:	`Contains domain names: adobe.com ajaxload.info blockchain.com google.com http://ns.adobe.com http://ns.adobe.com/xap/1.0/ http://ns.adobe.com/xap/1.0/mm/ http://ns.adobe.com/xap/1.0/sType/ResourceRef# http://www.w3.org http://www.w3.org/1999/02/22-rdf-syntax-ns# https://www.blockchain.com https://www.blockchain.com/btc/address/ ns.adobe.com www.blockchain.com www.google.com www.w3.org`
Suspicious	VirusTotal score: 2/68 (Scanned on 2020-08-24 19:54:10)	`APEX: Malicious` `SentinelOne: DFI - Malicious PE`

Hashes

MD5	`59f21d4d321475c16b2e07ea8efb9474`
SHA1	`1f36e896f07730fb64ebdac67acf1a90eb41f64d`
SHA256	`d0b092463db5d12ad840a2706fed4f616a728c5de99224817acc1c170060c936`
SHA3	`ca233cb5c09d54e4a0bca94162ba439ab58d917d21221ab929fedc4ce41547a4`
SSDeep	`12288:DjP4QmIgMpd0hKM0ZrzA8tZgwmgA4dlZc4:DL/qMp+hizZZgPkdP`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2054-Apr-23 15:35:09
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`80.0`
SizeOfCode	`0x6d800`
SizeOfInitializedData	`0x2000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0006F6F2 (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x70000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x74000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`752d3f26de2d7c96300a153a36bcba04`
SHA1	`3d3fd5a7b8a7b74f0bfbb463ff5ac248f14f0c2e`
SHA256	`51764a71105361e6438cf6621346a0e50ae11a589c104180e8331ed3db285a04`
SHA3	`1cfad6a0b592d821dcea563fd1218b4dbb547061556b13fe2fc7985dae97e022`
VirtualSize	`0x6d6f8`
VirtualAddress	`0x2000`
SizeOfRawData	`0x6d800`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.69262`

.rsrc

MD5	`9bc52d8c1835e3b8784fdd794cabc21d`
SHA1	`760e057a2f432a00fbabf8bec03377556b0eed2f`
SHA256	`9b30a1701706949cef1549cfb517abf8291b41075a843ee44a5e357eae5a6d56`
SHA3	`af045887f9d16b04e798b8c0fda7e55c706b07434108eaf26c78cf89a57d601b`
VirtualSize	`0x1c30`
VirtualAddress	`0x70000`
SizeOfRawData	`0x1e00`
PointerToRawData	`0x6da00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.55864`

.reloc

MD5	`b4fe48b2a52e14ca406c0debcc14b502`
SHA1	`cdda29d5212aa713b57f24102406bfb2cfad2adc`
SHA256	`30da242901935ca9d0a8185cbc32a59dbe7d7bf438dfb11d9685b38c766efcb2`
SHA3	`b38049baaaab4814c0ee80662e64de018c854942925aec37339dd539770cd739`
VirtualSize	`0xc`
VirtualAddress	`0x72000`
SizeOfRawData	`0x200`
PointerToRawData	`0x6f800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.10191`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.81277`
MD5	`fd95828356a0753ebba7d0bc8bccb4fd`
SHA1	`652c8c22f49cbe9f850565fb137f5903d4e323d7`
SHA256	`ebeeaae5574d136a244a8d469b0a3b9f0fcb4878f33f9065e42830dd714ea2fc`
SHA3	`77f14c79cab14ca091d9f419c47103b11ff2b3360abdcadade82e8c2b0cdc986`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06102`
MD5	`47400d6cf29099412b713eda09d662fd`
SHA1	`6f9535c742f3ad812c4366e7ca5febfc353ea14a`
SHA256	`d0f069dfa20bdb83d2f5c21e9453b704fc7e14ef120c817a3e229968f3693155`
SHA3	`e93b9c5de7dc66e17c7e2ad3ed9c17e2e2e3633310733b91b989583fb3517108`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21059`
Detected Filetype	Icon file
MD5	`86561693760b088960969f3b7654507a`
SHA1	`82368be1644244e0fd66f1d737b3d45d26b2218f`
SHA256	`b1a9ff73f6a9d486c67f409a629924792ca40aa8966d45e48239863f63629fd0`
SHA3	`206e8d2db4680b7736ddcf7885984ca26fa1a66e72ec9073e8052ba82ea94408`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.32191`
MD5	`5e5c4b200d17e3c40033735fd42f7556`
SHA1	`4da24cbf104efaaf7a9ba4c37632a1b12567be41`
SHA256	`f3af5a4ea15d2c3261fef9c0cf5a24de9da091c2b2cc2796a0b9991f70b02428`
SHA3	`9953257620302b06492cbcf176e800e621ca592b72eaba3ef7c0b173d49eee38`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00112`
MD5	`b7db84991f23a680df8e95af8946f9c9`
SHA1	`cac699787884fb993ced8d7dc47b7c522c7bc734`
SHA256	`539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a`
SHA3	`4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.5.0.0
ProductVersion	2.5.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	Create bitcoin transactions.
CompanyName	BitTools Inc.
FileDescription	BitTool Ultimate
FileVersion (#2)	2.5.0.0
InternalName	BitTool Ultimate.exe
LegalCopyright	Copyright © 2020
LegalTrademarks
OriginalFilename	BitTool Ultimate.exe
ProductName	BitTool Ultimate
ProductVersion (#2)	2.5.0.0
Assembly Version	2.5.0.0

Resource LangID	UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2058-May-06 10:57:36
Version	`0.0`
SizeofData	`123`
AddressOfRawData	`0x6f624`
PointerToRawData	`0x6d824`
Referenced File	C:\Users\NetboyDev\source\repos\BitTool Ultimate\BitTool Ultimate\obj\Release\BitTool Ultimate.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

RICH Header

59f21d4d321475c16b2e07ea8efb9474

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rsrc

.reloc

Imports

Delayed Imports

1

2

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors