Manalyze report for a284360affb664c713f4480f310422cb089ae682bbd84543a099b9ed113dbaf6

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2022-Aug-10 12:11:56
Detected languages	English - United States
Debug artifacts	C:\Users\blunt\source\repos\SetPriorityVRChat\x64\Release\SetPriorityVRChat.pdb

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 8.0` `MASM/TASM - sig1(h)`
Info	The PE contains common functions which appear in legitimate applications.	`Possibly launches other programs: system`
Suspicious	The PE is possibly a dropper.	`Resources amount for 78.0637% of the executable.`
Safe	VirusTotal score: 0/68 (Scanned on 2026-05-07 03:04:53)	`All the AVs think this file is safe.`

Hashes

MD5	`c1e0db6d7ff79f1a46ec895cad6e24b4`
SHA1	`04087d5f30eef8527a9570f5cfc7875d88a2b871`
SHA256	`a284360affb664c713f4480f310422cb089ae682bbd84543a099b9ed113dbaf6`
SHA3	`82bbe2337115d038de72afd287e39db4ee506b783b6f638ec34e6da392f5d6ea`
SSDeep	`768:BQyK345tNZxPuOAmgA9y0xH/ezP6fu2SA9+LunITecPXgrFZn4U/z/K3HPP9Vey:SnmG3A9yoUPGYa+mme3nPEjHHGT3xk`
Imports Hash	`a918d4ae3cf9b572d647cdcf1ebd788e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2022-Aug-10 12:11:56
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x3400`
SizeOfInitializedData	`0x1f200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000003728 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x27000`
SizeOfHeaders	`0x400`
Checksum	`0x28b5f`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`adbba56ef71e385f2c8297b3ca07e914`
SHA1	`399520d5725908969ba7d6f16c4216a21737cbec`
SHA256	`264efb31ef289d921d0aaef90a8b67435510afb9fdffbcd74c1351d6955f5a31`
SHA3	`ef8bd584561162dbc83586a4e821a7dea8b02493b89b04162783e3e2da887726`
VirtualSize	`0x327a`
VirtualAddress	`0x1000`
SizeOfRawData	`0x3400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.05175`

.rdata

MD5	`f8bc0feb59be097662b663208eb401e2`
SHA1	`092a9dad1431a09934c2a76c9ad2bff866beeca9`
SHA256	`1b5368fe0f01b610a3a991471266d7faad8dd18f90ba9f92596ab33e2fd9800e`
SHA3	`a3352e0baa1d52cada320be5c6dc34f3a9a18a831af2ce122e16c0719560b7bc`
VirtualSize	`0x30f2`
VirtualAddress	`0x5000`
SizeOfRawData	`0x3200`
PointerToRawData	`0x3800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.57728`

.data

MD5	`46305c7e6b7f5b52e0cae312cb104ab0`
SHA1	`1d8983bf5477dee7c1a3310cc429878ad5b05335`
SHA256	`593338cca4fb58da3b67308c1f147b34b480f128713979daaaf3e77782c620fb`
SHA3	`f3f44fecabd4e9c10beb128aee607648a92cdd06a2598fc3170bbc10a0c754d3`
VirtualSize	`0x9e0`
VirtualAddress	`0x9000`
SizeOfRawData	`0x400`
PointerToRawData	`0x6a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.62807`

.pdata

MD5	`880f15892926e80c908d92cf9f9215ed`
SHA1	`b82154f5847fc394ab9fcb981bbdb97cb6a72e37`
SHA256	`17e257f23e976598a51cf99d0938ea25e557967921a52a319765102a9b1e1e29`
SHA3	`02f019ef48378eb4a1271671ef505e0f5b74ec52cb8fc8d5420e5c51bc1a4027`
VirtualSize	`0x474`
VirtualAddress	`0xa000`
SizeOfRawData	`0x600`
PointerToRawData	`0x6e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.29297`

.rsrc

MD5	`b93ad22a4b69b9c2911e625bc7beef76`
SHA1	`da86bcc0884d635d48bcad29b2c57c14bcdc8016`
SHA256	`4eacb259fae9cd0fc83f00b20b74af5b6fa9b5db2ac673b1f4588971566f0d87`
SHA3	`827842c47882b5b2967ea9fc7f6bce47bcd73fdf65edc7061c9c3300c08a31b6`
VirtualSize	`0x1adb8`
VirtualAddress	`0xb000`
SizeOfRawData	`0x1ae00`
PointerToRawData	`0x7400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.78138`

.reloc

MD5	`dffe8c0d89b9801fdf42725a05e2dedc`
SHA1	`4635e2dec475758ccca1521a3d931cca94bd625f`
SHA256	`a1ca0940cc0d196fe2d88bda95fe13f019fc584bf6f44f987439c9df683ed77a`
SHA3	`77d0c92483048edd5a43fc247e104e1406e53970c591a7c6d9a3d3fde7ea1b3f`
VirtualSize	`0x9c`
VirtualAddress	`0x26000`
SizeOfRawData	`0x200`
PointerToRawData	`0x22200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`2.17664`

Imports

KERNEL32.dll	`GetConsoleScreenBufferInfo` `SetConsoleTextAttribute` `SetConsoleTitleA` `GetStdHandle` `Sleep` `EnterCriticalSection` `LeaveCriticalSection` `InitializeCriticalSectionAndSpinCount` `DeleteCriticalSection` `SetEvent` `ResetEvent` `WaitForSingleObjectEx` `CreateEventW` `GetModuleHandleW` `GetProcAddress` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetCurrentProcess` `TerminateProcess` `IsProcessorFeaturePresent` `IsDebuggerPresent` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `CloseHandle`
MSVCP140.dll	`?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z` `??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?iword@ios_base@std@@QEAAAEAJH@Z` `?xalloc@ios_base@std@@SAHXZ` `?clog@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z` `?uncaught_exception@std@@YA_NXZ` `?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A` `?_Xbad_alloc@std@@YAXXZ` `?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?_Xlength_error@std@@YAXPEBD@Z` `?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
VCRUNTIME140.dll	`_CxxThrowException` `memset` `__current_exception_context` `__current_exception` `__C_specific_handler` `__std_terminate` `__std_exception_destroy` `memcpy` `__std_exception_copy` `memmove`
api-ms-win-crt-stdio-l1-1-0.dll	`__acrt_iob_func` `_fileno` `_set_fmode` `__p__commode` `_isatty`
api-ms-win-crt-runtime-l1-1-0.dll	`_c_exit` `_register_thread_local_exe_atexit_callback` `_exit` `exit` `__p___argv` `_initterm` `_get_initial_narrow_environment` `terminate` `_set_app_type` `_seh_filter_exe` `_cexit` `_crt_atexit` `_register_onexit_function` `_initialize_onexit_table` `_initialize_narrow_environment` `_configure_narrow_argv` `__p___argc` `_initterm_e` `_invalid_parameter_noinfo_noreturn` `system`
api-ms-win-crt-heap-l1-1-0.dll	`free` `_set_new_mode` `_callnewh` `malloc`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x24e0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94472`
Detected Filetype	PNG graphic file
MD5	`4a14119482a8cf605133fc50a2e26aad`
SHA1	`5876ca1c0ce81649b6f2c136140f55d35c32b2b4`
SHA256	`d4ec9943e4f96bfe4b7b936e6ba833470f13d9f60c42274030e758a99b352f5f`
SHA3	`1fe25e8c9e8bc68407763dabaf19f43f47900af258b565e0180475b3dfb52a25`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.8011`
MD5	`f0ded2980909e41ed7c79715b23541b1`
SHA1	`38bd6d3a25190cb6db69984a5d2483c31acb5b86`
SHA256	`5678348eb38e7bcecbaf103479caf4766ee6607d70fab52fbdc972ad39789458`
SHA3	`3a34f96340ef007ab34d8c0fc9a7bf48bac2172e356c8355652729278b0691dd`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23171`
MD5	`d65e0067e5434193528adb1b9375695d`
SHA1	`f61f0c71fd6253f1c8af11c9130426e9a8940da1`
SHA256	`9c537f5684f8e2d868c1f005d7853d6d7cd49eb3e9d41669078cc0223727f08f`
SHA3	`7e04309e6e2994769bb4e65faef11483f6797a748419b8beddca8841edc93d94`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.54067`
MD5	`1e2cec5881a07279f2f197ad26bbe92b`
SHA1	`f66b83e04ce23466c361d537e98d94e64eff077b`
SHA256	`f391092ed8c70854189860c937791f2dc9c05fa18550be557437b52241a74730`
SHA3	`4fec204963d34b842dde9ee8ac7a97e1a7a3bbcc664a606acfda05b348da28fb`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.86968`
MD5	`2619233e5f9be57804c56686d371f37c`
SHA1	`0d45107fb9f0cf750e1c16b9edfee75d5b305fa8`
SHA256	`9ff6d152dd4d8efa0c77003c764245f119a5584e1e626634a450b2653865d585`
SHA3	`6f14166ea00f2d0669e5450ab2e830a84f89d80927aa251b4cbd73f492dfae99`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.80446`
MD5	`b6c6ad74b28c54b1bf1f00739b2bdc91`
SHA1	`b3f86230063770522f4abce3969913cb127b75d4`
SHA256	`3712774e72afab75a6a8cf4d730f9296d56f41b33a9c1fbe077a4268b9875b05`
SHA3	`6aa825942a01caf57be56698662f34bd0722efceaf4c24fc21dfca918b8d9396`

VRCHAT(3)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79908`
Detected Filetype	Icon file
MD5	`e33d0bec02fc4aa607437c9cdb9eafcb`
SHA1	`8798d3c1e741fdd73df1a469703bdbec5fb648a3`
SHA256	`c7f17476b5eae92621545ad99909fc33151a84ad86a9299cd55f1756dc0235be`
SHA3	`9545088dd33ddb3a1dc1331af22c13acc64b8110b3cdf58df8511c556cd34fcc`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x188`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.89623`
MD5	`b8e76ddb52d0eb41e972599ff3ca431b`
SHA1	`fc12d7ad112ddabfcd8f82f290d84e637a4d62f8`
SHA256	`165c5c883fd4fd36758bcba6baf2faffb77d2f4872ffd5ee918a16f91de5a8a8`
SHA3	`37f83338b28cb102b1b14f27280ba1aa3fffb17f7bf165cb7b675b7e8eb7cddd`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2022-Aug-10 12:11:56
Version	`0.0`
SizeofData	`104`
AddressOfRawData	`0x62c8`
PointerToRawData	`0x4ac8`
Referenced File	C:\Users\blunt\source\repos\SetPriorityVRChat\x64\Release\SetPriorityVRChat.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2022-Aug-10 12:11:56
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x6330`
PointerToRawData	`0x4b30`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2022-Aug-10 12:11:56
Version	`0.0`
SizeofData	`912`
AddressOfRawData	`0x6344`
PointerToRawData	`0x4b44`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2022-Aug-10 12:11:56
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x1400066f8`
EndAddressOfRawData	`0x140006700`
AddressOfIndex	`0x140009994`
AddressOfCallbacks	`0x140005438`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140009008`

RICH Header

XOR Key	`0x4ec5192c`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`10`
C++ objects (VS 2015-2022 runtime 30818)	`27`
C objects (VS 2015-2022 runtime 30818)	`10`
ASM objects (VS 2015-2022 runtime 30818)	`3`
Imports (VS 2015-2022 runtime 30818)	`6`
Imports (27412)	`3`
Total imports	`132`
C++ objects (LTCG) (VS2022 Update 1 (17.1.6) compiler 31107)	`1`
Resource objects (VS2022 Update 1 (17.1.6) compiler 31107)	`1`
Linker (VS2022 Update 1 (17.1.6) compiler 31107)	`1`

Errors

Leave a comment

No comments yet.