Manalyze report for dd753c2cf203eea18cd8ea7b3fab6e418362b16d4d27958e3c98145a0581f06f

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Feb-27 15:58:28
Detected languages	English - United States
Debug artifacts	C:\Users\dogu1\OneDrive\Documents\first\build\Debug\first.pdb

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Suspicious	The PE is possibly packed.	`Unusual section name found: .fptable`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW` `Can create temporary files: CreateFileW GetTempPathW`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`5ddc4721307297d6441d489ecc15f1e9`
SHA1	`c7ee140e16e5f848744171b0757651562b9a100f`
SHA256	`dd753c2cf203eea18cd8ea7b3fab6e418362b16d4d27958e3c98145a0581f06f`
SHA3	`ab84d904e066bee805c02aa1389f9f23dd99662d00478a1ecbb62326cb277240`
SSDeep	`12288:NbJz+M+2zuNHN09jwTiPhPKsZ/CngZJAdKxl2iXhu2E0rZ4tdnNbO:Nbx+MVzuNHW9ygZJAdKxlM2Bv`
Imports Hash	`2ed367b63dc55928f367a587b23a787e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`9`
TimeDateStamp	2026-Feb-27 15:58:28
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xfb800`
SizeOfInitializedData	`0x52400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000003157 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x154000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b383f81f7c9e55101ab2239bca93192d`
SHA1	`c5088055ab41dc7b2b7cdeb8f932e84febf47e57`
SHA256	`7af324965fba2ffb77efe30d06045e3110b7f848981fca0f74237b0b1c116b6f`
SHA3	`c09652cf9909b3117a0d6b65765293c44df4b826e2499db9538fc8fe0943022b`
VirtualSize	`0xfb79c`
VirtualAddress	`0x1000`
SizeOfRawData	`0xfb800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.1251`

.rdata

MD5	`13571f2e385d61798deb8c61e79e21c5`
SHA1	`5a81452b370a52155aa73f7b313c3f4fa7548355`
SHA256	`09e0b9132b28ee53a79c1ae7b89d1f752a3a9f3fd1c7d3d04cff811eaa5465fd`
SHA3	`6a2b3c70939df0a5b71f30220edeec6ed83b669132094464ae2c211f00f7a855`
VirtualSize	`0x412e9`
VirtualAddress	`0xfd000`
SizeOfRawData	`0x41400`
PointerToRawData	`0xfbc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.96898`

.data

MD5	`83923bed69f5c574677b1ea7d92081e0`
SHA1	`e63e114c768e08c01253c5f5cae78907a29660c4`
SHA256	`cef17bebb18dc4698bbcf5d09cac7d608c0977b5e5c331ee8235381ad8ced863`
SHA3	`ec3119ec90b0d5826c2055fba187800e0f44a4172b6c0a761bdec7be8433c40f`
VirtualSize	`0x3329`
VirtualAddress	`0x13f000`
SizeOfRawData	`0x1400`
PointerToRawData	`0x13d000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.70293`

.pdata

MD5	`6b7b48446dbe8a0ac94f3804ecbc3018`
SHA1	`92c45e86300b3a1a67479ae00663d7020a2607a9`
SHA256	`3703eee53226907b5b166a2125946164f5859d33783b46d0a5929f6b136b2705`
SHA3	`61bca5686b3dd9b29a9241fc50ab26ff50659187ae82cff59884656ff839119b`
VirtualSize	`0x9d14`
VirtualAddress	`0x143000`
SizeOfRawData	`0x9e00`
PointerToRawData	`0x13e400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.6062`

.idata

MD5	`90469813a0957d2275ea2420f667d725`
SHA1	`d4b1261b7c342d0cb49d3efb60c860d80d54ca38`
SHA256	`3ea16a63d96b6283ac1ff6a4d559fbf7662fc156c14fa5675902d9ad883ee6ce`
SHA3	`315a49caa63c8b089faf5d10bbfd25076abd190b25a4fa3e68bf0e3d35235595`
VirtualSize	`0x1655`
VirtualAddress	`0x14d000`
SizeOfRawData	`0x1800`
PointerToRawData	`0x148200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.55227`

.00cfg

MD5	`8d2fec97570de77f0c13819360abf94d`
SHA1	`b01bde7933ca5a2e2e469d27f5fef836d8d98434`
SHA256	`da17a82c7a6111b541e49296287448857127f53dc878e265e88f3fb004bc5ae8`
SHA3	`61b26f42108f484697df879dc4feed7f8ac759ff1b8ac2c164beb8bb3b274fa8`
VirtualSize	`0x175`
VirtualAddress	`0x14f000`
SizeOfRawData	`0x200`
PointerToRawData	`0x149a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.411681`

.fptable

MD5	`0f343b0931126a20f133d67c2b018a3b`
SHA1	`60cacbf3d72e1e7834203da608037b1bf83b40e8`
SHA256	`5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef`
SHA3	`6841b2c10aa6e5f7a384143e4de58fbc9aa28a4b742e9ad4ed14ba148a723a43`
VirtualSize	`0x233`
VirtualAddress	`0x150000`
SizeOfRawData	`0x400`
PointerToRawData	`0x149c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`a8757afb89db48f16286cf860b26c435`
SHA1	`3a74534068c8005d6584fb6a15be8df42022549c`
SHA256	`8ecd85edd479127b7418d616a7524df1144452fcf045eafc3f180205fa6d838f`
SHA3	`2fc914914e5cc99990a8665ffd8babee633e2282d29c813a9ee42d58386f71c4`
VirtualSize	`0x43c`
VirtualAddress	`0x151000`
SizeOfRawData	`0x600`
PointerToRawData	`0x14a000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.14297`

.reloc

MD5	`ba8da956390b06c707fdc33c367901be`
SHA1	`9d7e0a5fc026c925876d1cc33052e511714a38d0`
SHA256	`6a939f48f9155a2b369840ad6eecff71daf2663a79b7cc0f40f68f1cc78da42f`
SHA3	`f57e285be9048ce24e4ebcb3a6930bd6231b656c43aaf9f866054d2aa990b17c`
VirtualSize	`0x196e`
VirtualAddress	`0x152000`
SizeOfRawData	`0x1a00`
PointerToRawData	`0x14a600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`2.9467`

Imports

KERNEL32.dll	`WideCharToMultiByte` `CreateFileW` `CloseHandle` `ReadConsoleW` `ReadFile` `SetFilePointerEx` `GetFileSizeEx` `InitOnceExecuteOnce` `GetConsoleOutputCP` `FlushFileBuffers` `HeapQueryInformation` `HeapReAlloc` `LCMapStringW` `CompareStringW` `GetTimeFormatW` `GetConsoleMode` `OutputDebugStringA` `GetDateFormatW` `VirtualProtect` `IsDebuggerPresent` `RaiseException` `MultiByteToWideChar` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetCurrentProcess` `TerminateProcess` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `GetStartupInfoW` `GetModuleHandleW` `GetLastError` `HeapAlloc` `HeapFree` `GetProcessHeap` `VirtualQuery` `FreeLibrary` `GetProcAddress` `RtlUnwindEx` `InterlockedPushEntrySList` `InterlockedFlushSList` `GetModuleFileNameW` `LoadLibraryExW` `RtlPcToFileHeader` `SetLastError` `EncodePointer` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `GetStdHandle` `GetFileType` `GetModuleHandleExW` `WriteConsoleW` `WriteFile` `ExitProcess` `HeapSize` `HeapValidate` `GetSystemInfo` `OutputDebugStringW` `SetConsoleCtrlHandler` `GetCurrentThread` `FindClose` `FindFirstFileExW` `FindNextFileW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetEnvironmentVariableW` `SetStdHandle` `GetStringTypeW` `GetLocaleInfoW` `IsValidLocale` `GetUserDefaultLCID` `EnumSystemLocalesW` `GetTempPathW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `IsThreadAFiber` `InitializeCriticalSectionEx` `RtlUnwind`
USER32.dll	`TranslateMessage` `DispatchMessageA` `PeekMessageA` `DefWindowProcA` `MessageBoxA` `ShowWindow` `CreateWindowExA` `RegisterClassA` `PostQuitMessage`
ole32.dll	`PropVariantClear` `CoCreateInstance`
D3DCOMPILER_47.dll	`D3DCompileFromFile`
d3d11.dll	`D3D11CreateDeviceAndSwapChain`

Delayed Imports

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Feb-27 14:39:37
Version	`0.0`
SizeofData	`86`
AddressOfRawData	`0x134860`
PointerToRawData	`0x133460`
Referenced File	C:\Users\dogu1\OneDrive\Documents\first\build\Debug\first.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Feb-27 14:39:37
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x1348b8`
PointerToRawData	`0x1334b8`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14013f000`

RICH Header

XOR Key	`0xe84489c1`
Unmarked objects	`0`
ASM objects (33145)	`8`
C++ objects (33145)	`154`
ASM objects (35207)	`9`
C objects (35207)	`16`
C++ objects (35207)	`55`
C objects (33145)	`13`
Imports (33145)	`11`
Total imports	`111`
C++ objects (35221)	`2`
Resource objects (35221)	`1`
Linker (35221)	`1`

Errors

Leave a comment

No comments yet.