| Architecture |
IMAGE_FILE_MACHINE_I386
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
| Compilation Date |
2019-Apr-23 13:50:06
|
| TLS Callbacks |
2 callback(s) detected.
|
| Debug artifacts |
Embedded COFF debugging symbols
|
| Info |
Interesting strings found in the binary: |
Contains domain names:
|
| Suspicious |
The PE is possibly packed. |
Unusual section name found: /4
Unusual section name found: /14
Unusual section name found: /29
Unusual section name found: /41
Unusual section name found: /55
Unusual section name found: /67
Unusual section name found: /80
|
| Info |
The PE contains common functions which appear in legitimate applications. |
[!] The program may be hiding some of its imports:
- GetProcAddress
- LoadLibraryA
|
| Suspicious |
The file contains overlay data. |
11947 bytes of data starting at offset 0x7600.
|
| Suspicious |
No VirusTotal score. |
This file has never been scanned on VirusTotal.
|
| MD5 |
10d539487f0ea40366c3aaad8196b100
|
| SHA1 |
ea0b433b18dfccb7ead95fb265bd9789f814f50e
|
| SHA256 |
cdedf32bfca2a10223a2430dd0583c9dda9c2725d192011e7380794754fd6a7b
|
| SHA3 |
d169bb5d05a05e6f4ac68f592a48d12fe99c500b531df9130d77d260bf93a21a
|
| SSDeep |
384:+dnOu94Lamh1wt7729C/M5wNLTLZb+GF5k6++bF3qQMThZjUk+mZo9PrEyQYsd:upp52eTVbPF5kexqldBzqxYd
|
| Imports Hash |
351dac3e3ee47cbac9133924ae9eb22b
|
| e_magic |
MZ
|
| e_cblp |
0x90
|
| e_cp |
0x3
|
| e_crlc |
0
|
| e_cparhdr |
0x4
|
| e_minalloc |
0
|
| e_maxalloc |
0xffff
|
| e_ss |
0
|
| e_sp |
0xb8
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x80
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections |
14
|
| TimeDateStamp |
2019-Apr-23 13:50:06
|
| PointerToSymbolTable |
0x7600
|
| NumberOfSymbols |
463
|
| SizeOfOptionalHeader |
0xe0
|
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED
|
| Magic |
PE32
|
| LinkerVersion |
2.0
|
| SizeOfCode |
0x2c00
|
| SizeOfInitializedData |
0x4800
|
| SizeOfUninitializedData |
0x200
|
| AddressOfEntryPoint |
0x000012D0 (Section: .text)
|
| BaseOfCode |
0x1000
|
| BaseOfData |
0x4000
|
| ImageBase |
0x400000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
4.0
|
| ImageVersion |
1.0
|
| SubsystemVersion |
4.0
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x12000
|
| SizeOfHeaders |
0x400
|
| Checksum |
0x17fe3
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
| SizeofStackReserve |
0x200000
|
| SizeofStackCommit |
0x1000
|
| SizeofHeapReserve |
0x100000
|
| SizeofHeapCommit |
0x1000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
8b8b3d3308553aabe3c8c1d9a396e1b6
|
| SHA1 |
bd6eebf432b1ed78962170aff62783acdadcf1bd
|
| SHA256 |
9e82d85b3f4b12b63460e7a1dd16492e28fd1536d3c64c0d743b64697d826d60
|
| SHA3 |
5da5f80afba09ef8e23a5fa800e12a82edd061817f66cf527c61ed295df34dd9
|
| VirtualSize |
0x2bd4
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0x2c00
|
| PointerToRawData |
0x400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_2048BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_8BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
6.20722
|
| MD5 |
36fa623f1ee895f9a1e87bd3da5eb6b8
|
| SHA1 |
89ea0198615ec19f89bd5690c9753f7fc24ab1b5
|
| SHA256 |
298b6eaff1a7fa0092b554c8611d4f7658b71a0094238d203b16b4841c48ae28
|
| SHA3 |
60261078ac34c087d2de8133aa9e62123250146aca738e3bbba2e2f5d0ad4667
|
| VirtualSize |
0x18
|
| VirtualAddress |
0x4000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x3000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.222389
|
| MD5 |
f91354963cfb1edaf5b8674d68d3e46f
|
| SHA1 |
5d660f220667be6d1df865f85a374bef20c6cf7b
|
| SHA256 |
886144597963dba095223aabb35fa2c82895551c88cc0866a2f88830fc30336b
|
| SHA3 |
0772c2f2e48e1dcba05d8af047e96e011df78de9fc96db9c158b08a5f5927827
|
| VirtualSize |
0x438
|
| VirtualAddress |
0x5000
|
| SizeOfRawData |
0x600
|
| PointerToRawData |
0x3200
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
3.74572
|
| MD5 |
1ea273d937b14b1eeae15b1f1db13178
|
| SHA1 |
bdc761a64819dd4999cce14be5df6d3b01059a47
|
| SHA256 |
46051c4b60e25623545b9aa5ac0b98b06c07bce8f32e61cb8a8464e2496d0501
|
| SHA3 |
d3788d1c30ec0c07b077b350357827649831a17e1dc4a85bebb07475382b5cc7
|
| VirtualSize |
0x9b8
|
| VirtualAddress |
0x6000
|
| SizeOfRawData |
0xa00
|
| PointerToRawData |
0x3800
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
4.76429
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0x70
|
| VirtualAddress |
0x7000
|
| SizeOfRawData |
0
|
| PointerToRawData |
0
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| MD5 |
4ae1a10f87d2156afe8b5ed03aee8717
|
| SHA1 |
9dc6d0c954d99da678ce2c6be30d2507bc9afa35
|
| SHA256 |
6cf0ffb2fe550ce94246bb399c40432f65005fbee4097babf5ea331bb28ad2a9
|
| SHA3 |
0ea5cc10e0c91eb089cfa40efb0e5590a74ed1da5dfd6cfaf0abbdddc29a1e19
|
| VirtualSize |
0x5bc
|
| VirtualAddress |
0x8000
|
| SizeOfRawData |
0x600
|
| PointerToRawData |
0x4200
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
4.53937
|
| MD5 |
b6b030cb0326be194e0187ae35804c8d
|
| SHA1 |
0b31738555d949cc23f2fefa3aed9643d2c28a17
|
| SHA256 |
8a2b5fca5370ba7bff505cfe86862fdb619984f4677e1c9dc23f0ef8ce4cb347
|
| SHA3 |
76e859165bf2a63c322ccbd9cd6497011aa1514cb9042338d8ac457faa016931
|
| VirtualSize |
0x18
|
| VirtualAddress |
0x9000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x4800
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.114463
|
| MD5 |
f7a419142b47f1a6560b6d595ae80d75
|
| SHA1 |
6e811c964e19734fa81eeecf11002c5e1e7d466f
|
| SHA256 |
60626fa4ba4abd1a4e17a76c5229ff706bb10e1c180f0210b0d25fda0883e360
|
| SHA3 |
1ed0a6f6db06b7f538950138bd99969a5db5133ff26c1db26efa59825dd3a44d
|
| VirtualSize |
0x20
|
| VirtualAddress |
0xa000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x4a00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.22482
|
| MD5 |
6f324fb61ae1dd23fa5db342a7d50779
|
| SHA1 |
372a79d83181860e34860ad9644ce269deedf7cd
|
| SHA256 |
6dc76b3a1c4d411e97f4c3ce6d8250742a6a2a307d9cfb750f8bcf49c0b8fc25
|
| SHA3 |
8333731d2a4fde620217cb65af61f02d1585f95e11b74aaef5af895aa7462abd
|
| VirtualSize |
0x38
|
| VirtualAddress |
0xb000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x4c00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_2048BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_8BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
0.216207
|
| MD5 |
03e2a9d7488df9fc25c96c25090a91bb
|
| SHA1 |
37b5f87f202dd900d6c7cab2a6d28080e6d03bd8
|
| SHA256 |
a81993600ff8af270e470bc09eea00a12e764e61d979d72030588e78f5a83d38
|
| SHA3 |
62c91ddac3f257319a00aefc5d92ed1a3f79868c7c59e1f83358921ce5cb7a03
|
| VirtualSize |
0x1e42
|
| VirtualAddress |
0xc000
|
| SizeOfRawData |
0x2000
|
| PointerToRawData |
0x4e00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
5.69941
|
| MD5 |
4805cc47a2f835e4a4e68f369284c3c0
|
| SHA1 |
5260f70f508d64fe2bee63e3d02914b16f990508
|
| SHA256 |
15eba8a3abd5ceef7c7040d5ccaf678b6e21ee5974cb68b401ccfa2a0155d8b2
|
| SHA3 |
0a4e4f66dd57e036c39d3f2c3749a13965890814cce93e463b671f2fde0ad7f3
|
| VirtualSize |
0x149
|
| VirtualAddress |
0xe000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x6e00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
3.28729
|
| MD5 |
857951e9389745d8d7521dd2f152867e
|
| SHA1 |
e68cfb9870c11b8b647422ad3914bbd389c6701a
|
| SHA256 |
5d04468633e8bf2aee787e19678c16117c1442b0e521cea193f6ead825009662
|
| SHA3 |
248e337d3281776400f0c9ec54c555f2062000c3b9607461c537ca6ca5e0853b
|
| VirtualSize |
0x1c8
|
| VirtualAddress |
0xf000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x7000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
4.32198
|
| MD5 |
a2c7b8ca4fd1dc9a05645cc70b6d7ae5
|
| SHA1 |
446f55e10e33a315c5226f03c3d46b40387ce9eb
|
| SHA256 |
d8d3dfeec26a84e588e315434b21f24f50b9c3a96945e2518808f3042691d11a
|
| SHA3 |
540d2be1b56f128fc2a3a242434baf1d6e1fa6d2bb59ce97ed747f6f2299b9ce
|
| VirtualSize |
0x38
|
| VirtualAddress |
0x10000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x7200
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
0.678483
|
| MD5 |
4c02b8123944889b1922d41ba32cdee2
|
| SHA1 |
723809c1300bda57c789e5614a664be863a060f4
|
| SHA256 |
72c5727f1e2d2cb109a7c78ba3e20a8d7615fd1608a5a3d0677f64d9891ac00f
|
| SHA3 |
80d238b1af7412ce85943314b4553d50d0384b9f9f069eb0c2549077b78e2a83
|
| VirtualSize |
0x97
|
| VirtualAddress |
0x11000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x7400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
2.21023
|
| KERNEL32.dll |
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery
|
| msvcrt.dll |
_strdup
_stricoll
|
| msvcrt.dll (#2) |
_strdup
_stricoll
|
| StartAddressOfRawData |
0x40a001
|
| EndAddressOfRawData |
0x40a01c
|
| AddressOfIndex |
0x407038
|
| AddressOfCallbacks |
0x409004
|
| SizeOfZeroFill |
0
|
| Characteristics |
IMAGE_SCN_TYPE_REG
|
| Callbacks |
0x004019C0
0x00401970
|
[*] Warning: Tried to read outside the COFF string table to get the name of section /4!
[*] Warning: Tried to read outside the COFF string table to get the name of section /14!
[*] Warning: Tried to read outside the COFF string table to get the name of section /29!
[*] Warning: Tried to read outside the COFF string table to get the name of section /41!
[*] Warning: Tried to read outside the COFF string table to get the name of section /55!
[*] Warning: Tried to read outside the COFF string table to get the name of section /67!
[*] Warning: Tried to read outside the COFF string table to get the name of section /80!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF String Table's reported size is bigger than the remaining bytes!
[*] Warning: Section .bss has a size of 0!