0754671ae514c4935dff3e51d47861e669d6f3cd6210ae691225a4642b616acb
Summary
| Architecture |
IMAGE_FILE_MACHINE_I386
|
|---|---|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date | 2025-Oct-20 20:11:36 |
| Detected languages |
English - United Kingdom
English - United States |
| Debug artifacts |
C:\Users\ContainerAdministrator\AppData\Local\Temp\cirrus-ci-build\Solutions\.build\Release\acwin.pdb
|
| Comments | This game was created using AGS - http://www.adventuregamestudio.co.uk/ |
| CompanyName | |
| FileDescription | The Dark Rites of Arkham |
| FileVersion | 3.6.1.34 |
| InternalName | acwin |
| LegalCopyright | AGS Copyright (c) 1999-2010 Chris Jones and 2011-2025 others. |
| OriginalFilename | acwin.exe |
| ProductName | Made with Adventure Game Studio |
| ProductVersion | 3.6.1.34 |
Plugin Output
| Info | Matching compiler(s): |
Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ 6.0 - 8.0 MASM/TASM - sig1(h) |
| Info | Interesting strings found in the binary: |
Contains domain names:
|
| Info | Cryptographic algorithms detected in the binary: | Uses constants related to CRC32 |
| Suspicious | The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
|
| Suspicious | VirusTotal score: 1/72 (Scanned on 2026-04-06 20:40:42) | Jiangmin: TrojanDownloader.Alien.du |
Hashes
DOS Header
| e_magic | MZ |
|---|---|
| e_cblp | 0x90 |
| e_cp | 0x3 |
| e_crlc | 0 |
| e_cparhdr | 0x4 |
| e_minalloc | 0 |
| e_maxalloc | 0xffff |
| e_ss | 0 |
| e_sp | 0xb8 |
| e_csum | 0 |
| e_ip | 0 |
| e_cs | 0 |
| e_ovno | 0 |
| e_oemid | 0 |
| e_oeminfo | 0 |
| e_lfanew | 0x138 |
PE Header
| Signature | PE |
|---|---|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections | 6 |
| TimeDateStamp | 2025-Oct-20 20:11:36 |
| PointerToSymbolTable | 0 |
| NumberOfSymbols | 0 |
| SizeOfOptionalHeader | 0xe0 |
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_RELOCS_STRIPPED
|
Image Optional Header
| Magic | PE32 |
|---|---|
| LinkerVersion | 14.0 |
| SizeOfCode | 0x277000 |
| SizeOfInitializedData | 0xc5c00 |
| SizeOfUninitializedData | 0 |
| AddressOfEntryPoint | 0x0022602F (Section: .text) |
| BaseOfCode | 0x1000 |
| BaseOfData | 0x278000 |
| ImageBase | 0x400000 |
| SectionAlignment | 0x1000 |
| FileAlignment | 0x200 |
| OperatingSystemVersion | 6.0 |
| ImageVersion | 0.0 |
| SubsystemVersion | 6.0 |
| Win32VersionValue | 0 |
| SizeOfImage | 0x38b000 |
| SizeOfHeaders | 0x400 |
| Checksum | 0 |
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve | 0x100000 |
| SizeofStackCommit | 0x1000 |
| SizeofHeapReserve | 0x100000 |
| SizeofHeapCommit | 0x1000 |
| LoaderFlags | 0 |
| NumberOfRvaAndSizes | 16 |
.text
.rdata
.data
.gfids
.tls
.rsrc
Imports
| SDL2.dll |
SDL_iconv_string
SDL_SetMainReady SDL_FreeAudioStream SDL_atan2 SDL_AtomicCAS SDL_AtomicGetPtr SDL_LockMutex SDL_calloc SDL_UnlockAudioDevice SDL_GetNumAudioDevices SDL_AtomicSet SDL_AtomicGet SDL_OpenAudioDevice SDL_GetKeyboardState SDL_CloseAudioDevice SDL_AudioStreamGet SDL_NewAudioStream SDL_HasSSE SDL_AtomicCASPtr SDL_AtomicAdd SDL_AudioStreamAvailable SDL_LockAudioDevice SDL_strcasecmp SDL_sin SDL_strlen SDL_CreateMutex SDL_UnlockMutex SDL_memmove SDL_cosf SDL_cos SDL_log SDL_AudioStreamClear SDL_DestroyMutex SDL_realloc SDL_sinf SDL_strcmp SDL_GetAudioDeviceStatus SDL_sqrt SDL_AtomicSetPtr SDL_strrchr SDL_TLSCreate SDL_TLSGet SDL_TLSSet SDL_RWFromFile SDL_RWFromConstMem SDL_RWseek SDL_RWtell SDL_RWclose SDL_AudioStreamFlush SDL_SIMDAlloc SDL_SIMDFree SDL_RWsize SDL_RWread SDL_ReadLE32 SDL_ReadBE32 SDL_qsort SDL_abs SDL_memcmp SDL_exp SDL_floor SDL_pow SDL_scalbn SDL_strchr SDL_strtokr SDL_atoi SDL_GetPerformanceCounter SDL_snprintf SDL_fabs SDL_strncmp SDL_malloc SDL_strdup SDL_acosf SDL_sqrtf SDL_PauseAudioDevice SDL_free SDL_GetAudioDeviceName SDL_powf SDL_strlcpy SDL_AudioStreamPut SDL_FreeRW SDL_AllocRW SDL_GetWindowSize SDL_SetWindowFullscreen SDL_SetWindowTitle SDL_CreateWindow SDL_GetVersion SDL_GetCurrentAudioDriver SDL_GetWindowBordersSize SDL_FreeSurface SDL_WarpMouseInWindow SDL_SetWindowIcon SDL_InitSubSystem SDL_SetWindowPosition SDL_SetWindowDisplayMode SDL_ShowCursor SDL_GetWindowWMInfo SDL_QuitSubSystem SDL_Quit SDL_setenv SDL_DestroyWindow SDL_SetWindowGrab SDL_SetWindowResizable SDL_GetWindowDisplayIndex SDL_GetDisplayBounds SDL_GetNumDisplayModes SDL_SetWindowSize SDL_getenv SDL_GetDisplayMode SDL_ShowSimpleMessageBox SDL_GetDisplayUsableBounds SDL_memcpy SDL_memset SDL_ConvertAudio SDL_BuildAudioCVT SDL_ComposeCustomBlendMode SDL_SetRenderDrawColor SDL_RenderPresent SDL_CreateRenderer SDL_RenderCopyEx SDL_RenderSetVSync SDL_SetWindowGammaRamp SDL_CreateTexture SDL_UnlockTexture SDL_GetRendererInfo SDL_GetPixelFormatName SDL_DestroyRenderer SDL_RenderClear SDL_LockTexture SDL_GetWindowGammaRamp SDL_DestroyTexture SDL_GetWindowFlags SDL_GL_SetSwapInterval SDL_GL_CreateContext SDL_GL_GetSwapInterval SDL_GL_SetAttribute SDL_GetError SDL_GL_MakeCurrent SDL_GL_DeleteContext SDL_GL_GetDrawableSize SDL_SetError SDL_GL_SwapWindow SDL_LogWarn SDL_SetRelativeMouseMode SDL_SetHint SDL_LogSetAllPriority SDL_LogSetOutputFunction SDL_GetModState SDL_PushEvent SDL_FlushEvents SDL_PollEvent SDL_GetScancodeFromKey SDL_FlushEvent SDL_GetKeyFromScancode SDL_PumpEvents SDL_wcslen |
|---|---|
| SHLWAPI.dll |
PathRelativePathToW
PathRemoveFileSpecW PathFileExistsW PathIsDirectoryW |
| WINMM.dll |
timeEndPeriod
mciSendStringA mciGetErrorStringA timeBeginPeriod |
| KERNEL32.dll |
ExitThread
MoveFileExW DeleteFileW GetFullPathNameA GetDriveTypeW GetFileType GetModuleHandleExW ExitProcess RtlUnwind RaiseException WaitForSingleObject UnregisterWaitEx QueryDepthSList InterlockedFlushSList InterlockedPushEntrySList InterlockedPopEntrySList ReleaseSemaphore VirtualProtect VirtualFree VirtualAlloc GetVersionExW LoadLibraryExW FreeLibraryAndExitThread GetThreadTimes UnregisterWait RegisterWaitForSingleObject SetThreadAffinityMask GetProcessAffinityMask GetNumaHighestNodeNumber DeleteTimerQueueTimer ChangeTimerQueueTimer CreateTimerQueueTimer GetLogicalProcessorInformation GetThreadPriority SetThreadPriority CreateThread SwitchToThread SignalObjectAndWait CreateTimerQueue InitializeSListHead GetStartupInfoW IsProcessorFeaturePresent TerminateProcess SetUnhandledExceptionFilter UnhandledExceptionFilter ResetEvent SetEvent GetStringTypeW GetLocaleInfoW LCMapStringW CompareStringW GetCPInfo DecodePointer EncodePointer GetTickCount GetSystemTimeAsFileTime TlsFree TlsSetValue TlsGetValue TlsAlloc CreateEventW InitializeCriticalSectionAndSpinCount SetLastError DeleteCriticalSection TryEnterCriticalSection LeaveCriticalSection EnterCriticalSection GetExitCodeThread GetCurrentThread Sleep WaitForSingleObjectEx DuplicateHandle QueryPerformanceFrequency QueryPerformanceCounter HeapFree HeapReAlloc GetModuleFileNameA GetACP IsValidLocale GetUserDefaultLCID EnumSystemLocalesW GetExitCodeProcess CreateProcessA FlushFileBuffers GetConsoleCP GetConsoleMode GetTimeZoneInformation SetStdHandle SetEndOfFile ReadConsoleW SetFilePointerEx GetProcessHeap FindFirstFileExA FindNextFileA IsValidCodePage GetOEMCP GetCommandLineA CopyFileW WideCharToMultiByte GetCurrentDirectoryW FindClose FindNextFileW FindFirstFileW CreateDirectoryW lstrcmpiA GetModuleHandleW HeapSize WriteConsoleW GetFileAttributesExW SetEnvironmentVariableA FreeEnvironmentStringsW GetEnvironmentStringsW LoadLibraryW GetProcAddress FreeLibrary GetCommandLineW GetStdHandle OutputDebugStringA GetModuleFileNameW GetModuleHandleA GetLastError AttachConsole GetDiskFreeSpaceExW LoadLibraryA FreeConsole LocalFree VerSetConditionMask VerifyVersionInfoW IsDebuggerPresent GetCurrentProcess K32GetProcessMemoryInfo GlobalMemoryStatusEx ReadFile WriteFile PeekNamedPipe CreateFileW MultiByteToWideChar CloseHandle FindResourceA LockResource LoadResource GetCurrentThreadId CreateFileA GetCurrentProcessId GetFullPathNameW GetLongPathNameW HeapAlloc |
| USER32.dll |
GetWindowRect
ScreenToClient SendMessageW EndDialog MoveWindow SetFocus SendMessageA MapDialogRect AdjustWindowRect DialogBoxParamW EnableWindow LoadImageA GetSystemMetrics MessageBoxA SetRectEmpty SetClassLongA SetForegroundWindow ShowWindow GetDlgItem |
| SHELL32.dll |
SHGetSpecialFolderPathW
SHBrowseForFolderA SHGetPathFromIDListW CommandLineToArgvW |
| ole32.dll |
CoInitialize
CoUninitialize CoTaskMemFree |
Delayed Imports
102
PIXEL_SHADER
PIXEL_SHADER_LEGACY
1
2
3
4
551
102 (#2)
101
1 (#2)
1 (#3)
Version Info
| Signature | 0xfeef04bd |
|---|---|
| StructVersion | 0x10000 |
| FileVersion | 3.6.1.34 |
| ProductVersion | 3.6.1.34 |
| FileFlags | (EMPTY) |
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
|
| FileType |
VFT_APP
|
| Language | English - United Kingdom |
| Comments | This game was created using AGS - http://www.adventuregamestudio.co.uk/ |
| CompanyName | |
| FileDescription | The Dark Rites of Arkham |
| FileVersion (#2) | 3.6.1.34 |
| InternalName | acwin |
| LegalCopyright | AGS Copyright (c) 1999-2010 Chris Jones and 2011-2025 others. |
| OriginalFilename | acwin.exe |
| ProductName | Made with Adventure Game Studio |
| ProductVersion (#2) | 3.6.1.34 |
| Resource LangID | English - United Kingdom |
|---|
IMAGE_DEBUG_TYPE_CODEVIEW
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2025-Oct-20 20:11:36 |
| Version | 0.0 |
| SizeofData | 126 |
| AddressOfRawData | 0x2d851c |
| PointerToRawData | 0x2d791c |
| Referenced File | C:\Users\ContainerAdministrator\AppData\Local\Temp\cirrus-ci-build\Solutions\.build\Release\acwin.pdb |
IMAGE_DEBUG_TYPE_VC_FEATURE
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2025-Oct-20 20:11:36 |
| Version | 0.0 |
| SizeofData | 20 |
| AddressOfRawData | 0x2d859c |
| PointerToRawData | 0x2d799c |
IMAGE_DEBUG_TYPE_POGO
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2025-Oct-20 20:11:36 |
| Version | 0.0 |
| SizeofData | 980 |
| AddressOfRawData | 0x2d85b0 |
| PointerToRawData | 0x2d79b0 |
IMAGE_DEBUG_TYPE_ILTCG
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2025-Oct-20 20:11:36 |
| Version | 0.0 |
| SizeofData | 0 |
| AddressOfRawData | 0 |
| PointerToRawData | 0 |
TLS Callbacks
| StartAddressOfRawData | 0x740000 |
|---|---|
| EndAddressOfRawData | 0x740008 |
| AddressOfIndex | 0x6fecd0 |
| AddressOfCallbacks | 0x6788bc |
| SizeOfZeroFill | 0 |
| Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
| Callbacks | (EMPTY) |
Load Configuration
| Size | 0x5c |
|---|---|
| TimeDateStamp | 1970-Jan-01 00:00:00 |
| Version | 0.0 |
| GlobalFlagsClear | (EMPTY) |
| GlobalFlagsSet | (EMPTY) |
| CriticalSectionDefaultTimeout | 0 |
| DeCommitFreeBlockThreshold | 0 |
| DeCommitTotalFreeThreshold | 0 |
| LockPrefixTable | 0 |
| MaximumAllocationSize | 0 |
| VirtualMemoryThreshold | 0 |
| ProcessAffinityMask | 0 |
| ProcessHeapFlags | (EMPTY) |
| CSDVersion | 0 |
| Reserved1 | 0 |
| EditList | 0 |
| SecurityCookie | 0x6ed3e8 |
| SEHandlerTable | 0x6d7750 |
| SEHandlerCount | 883 |
RICH Header
| XOR Key | 0xaa44553e |
|---|---|
| Unmarked objects | 0 |
| 241 (40116) | 51 |
| 243 (40116) | 182 |
| 242 (40116) | 41 |
| 199 (41118) | 3 |
| ASM objects (VS2015 UPD3 build 24123) | 29 |
| C++ objects (VS2015 UPD3 build 24123) | 116 |
| C objects (VS2015 UPD3 build 24123) | 41 |
| C objects (VS2019 Update 11 (16.11.19) compiler 30147) | 38 |
| Imports (65501) | 12 |
| C objects (VS2015 UPD3 build 24210) | 51 |
| C objects (VS2019 Update 11 (16.11.6-7) compiler 30137) | 1 |
| Imports (VS2019 Update 11 (16.11.6-7) compiler 30137) | 3 |
| Total imports | 357 |
| C++ objects (LTCG) (VS2015 UPD3 build 24210) | 341 |
| Resource objects (VS2015 UPD3 build 24210) | 1 |
| 151 | 1 |
| Linker (VS2015 UPD3 build 24210) | 1 |
Errors
Leave a comment
No comments yet.