123a46742d83b82080d096040598fd27

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2006-Mar-03 19:53:50
Detected languages English - United Kingdom
English - United States
Debug artifacts d:\source\utilities\hidedesktopicons\release\HideDesktopIcons.pdb

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ 8
MSVC++ v.8 (procedure 1 recognized - h)
Suspicious The PE contains functions most legitimate programs don't use. Functions which can be used for anti-debugging purposes:
  • FindWindowA
Suspicious The PE is possibly a dropper. Resources amount for 90.2366% of the executable.
Safe VirusTotal score: 0/72 (Scanned on 2025-10-13 08:33:27) All the AVs think this file is safe.

Hashes

MD5 123a46742d83b82080d096040598fd27
SHA1 041d2a609ba672438318855955c36b8d03f174ce
SHA256 ffb0cdb9c7fa8f9700a18be4f2633eb3f76f70355d7a06898fb62544ce624840
SHA3 d4e61c5e4ff5293f1cef2176b7075c5b45c40c5e86e20e72cc702fa855d853f3
SSDeep 1536:+jCZCp7psYC4qA7jiZBsb4/SJi2+5AOL37nFx3LN6aiPGivnvJDLENtyHogba:ksa7itjAv4sUAi2POrFFtsbviyHogba
Imports Hash c14e34be85945f5efacc6a3cff82871f

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xf0

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 4
TimeDateStamp 2006-Mar-03 19:53:50
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 8.0
SizeOfCode 0x1000
SizeOfInitializedData 0x2a000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00001366 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x2000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x1000
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x2c000
SizeOfHeaders 0x1000
Checksum 0x2f00d
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 034049c28730e855c17d215682c1944e
SHA1 eb6ff73130ebd3564fe691a5757441f4ae314f80
SHA256 3b1527dd6d736b9b27b2dcdb38771fca09e2cf37f4d787c0961973497ce5ae6e
SHA3 20cc776e4aceebc333baafd931d24b92fe1718926225db805797f22583d7c09a
VirtualSize 0x7d2
VirtualAddress 0x1000
SizeOfRawData 0x1000
PointerToRawData 0x1000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 3.66265

.rdata

MD5 26eb49aa25b091ff051d19bb5d2ce226
SHA1 4eaa5e4a3d1efcbe35d419fb1e43c4934a0d091b
SHA256 65c4b52e876986a3e23de04b5c6f16445f2ac7ed17b6f7e46e072e7bb1f013be
SHA3 5fd3568b86c5ae1a956849f44b892626f9f5d0a2b96e92f4e27a80b1c7c8f697
VirtualSize 0x64e
VirtualAddress 0x2000
SizeOfRawData 0x1000
PointerToRawData 0x2000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 2.43012

.data

MD5 ebeb87d67c9e446cdc13b9af876e163e
SHA1 bd25c7d7332716ace954f9e131382e22b9d1756d
SHA256 1135ac89b7f4f788077a5acc60d1dbe5648e3e9cc152ed1b0621198ffb33a1a8
SHA3 c69acd8d87308f0fb9d48a22f385205a0c4e0d6c00ef40a11761c84b30bd04df
VirtualSize 0x520
VirtualAddress 0x3000
SizeOfRawData 0x1000
PointerToRawData 0x3000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0.0596106

.rsrc

MD5 d16c474062407c14ee25382507ea24df
SHA1 d7f824791303ad56516dba88cc07c698e6d8ea5c
SHA256 4dd0c1c2e00095e991fb7d090f30014ccb4ae716f8d545b45bcbee944583cef0
SHA3 8969fdfa08a86ef2ea248476504dae4f56639b0d2e73085c25caed728433f1e0
VirtualSize 0x27ea4
VirtualAddress 0x4000
SizeOfRawData 0x28000
PointerToRawData 0x4000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.28603

Imports

USER32.dll ShowWindow
IsWindowVisible
GetWindow
FindWindowA
MSVCR80.dll __setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
_configthreadlocale
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
__set_app_type
KERNEL32.dll GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryPerformanceCounter

Delayed Imports

1

Type RT_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.22587
MD5 578597fefe01149689ba66e2c5c88cc4
SHA1 9ed838f7342afdee83e6c61aaa17c95f4656f7f5
SHA256 9cda6a61b6a7c9f45b7d5cfef81b1f337f15caec1fad68188df8847cc2f7202b
SHA3 f607768279dc3ecf0c09c6bf9db390ee33d82d55e09ebf05dc499193fb0b6ee9

2

Type RT_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.60345
MD5 3e4cbcdc2832ccd1b3bf9838e852091d
SHA1 302d5e4bee1843863bf8e48b6577e62981ec9f62
SHA256 71bfc2dd0854fe23add787ba9145c6b5ef795a98070084db67a0b84d979ff9c3
SHA3 f0c991fa67832a777bf1c83612f97a2ed021ec10a0a50e503f92cd120f7e70be

3

Type RT_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.28426
MD5 d354162f79e295f4a8feebf132750c04
SHA1 9e6ab82d69663876968fc72a10a53632ececa8d3
SHA256 484b76e59c5b8c5b2f8fefa0345e09f7f0ca27363f24f6601f31052e86eb59ba
SHA3 0b99a32b5f52a10a7d26ad5ab2eb6a3122a00206fe893502933e7262ca732882

4

Type RT_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.50573
MD5 a2214e326983b46afc1826008d8e2da9
SHA1 f59c257e8753b20bf626c12b8e75b3a5c5aa53e7
SHA256 e90272c11f86dcaeae963a1d44a51fcab01907b28063a07b133f7e4930b466fe
SHA3 e206f310a050b6ae641b3537b2d7b162ba9fad3c35f7745d816e3207821985cf

5

Type RT_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.1378
MD5 a5eee0536e93e55a0e6f045156d997d1
SHA1 ae23cfad40896321ce2b29703113773dcf0d218b
SHA256 088bca8715dabe0d98b3d55b62164c3ba6d6dbd944c7bf4ab43443f1c5abd208
SHA3 080833e56ca64a0284e0c2e029263b49420ece5e3ccba4cd42370ee66564d926

6

Type RT_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x5488
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.4077
MD5 265d1e14e5d058e494b2c23b0cc7adc3
SHA1 ea0da1a67a43b7b7b85c9d369648e8d940a309cf
SHA256 efc8058434062cede31a1f3d695be38ebd809e9ffe786cad5bba4bfecdda0b75
SHA3 8e9a883da2dd3f004cdc591880c56386356f7dccb3e8a2c5f082772938d86c48

7

Type RT_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x94a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.35186
MD5 51cc5069f1d4b16d1a05759377199667
SHA1 39f569848c31c1a87ec5baac8dba3a30d1e028ed
SHA256 677d601ca7ce25228baea3bdc4d3e3163c66c99415b597573dfdf647c4476ad1
SHA3 418855ab48745baf191bea3b87a627c734c53a3062e362b0a9620b5a27aad522

8

Type RT_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.96186
MD5 bd8bb5c34d1a9fc8ad5e570d5c178dd4
SHA1 b18763e97b6f001d89ce6430537d3a3554595197
SHA256 79f00523c295d9bb17cad17d53b5b6aed7503b4e91e405229bc704cc5cab2f15
SHA3 553399f4e84db30f0697ca021eb7fef7a377d15ddca453ae67d33ab53fc71b46

109

Type RT_MENU
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x4a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.71163
MD5 2886ccd7dc1bd6dec8413a00b53046a0
SHA1 a09dea8ae745541a9d191d42d68510db8f648b5d
SHA256 a29831e4a3fac395e2aa86df5a0906ed2beebda018745be869477d636148f7af
SHA3 fc89873b946c12a8b176b7eff05b2c4445b56a96c045e40e9d49ecc09a4d0fcb

103

Type RT_DIALOG
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x102
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.39917
MD5 8b1ad1b7e51d2ebc421b8cc84f1f71e4
SHA1 2b73ccb7e944c5caf02923d90c8109922d27a399
SHA256 795da0beeea5f83d56e094f803cee7a10262c78eb3cf9f383378813bb3758a8d
SHA3 f9cafbf95bae8525f911c53027e6b0251d3b66c65208f91bf08123e13415af8e

7 (#2)

Type RT_STRING
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x60
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.47382
MD5 387b9ad918267b63dfeb3ee121025d51
SHA1 c22c312f6d05ef7b4d1b6231ace023cb42d58795
SHA256 a67899e6e7cf890f818eff5d3f7a3395d14638a61c4c659b0ccdce9a4e2b1e4c
SHA3 a357103fadcb86fe91953c8a995b6c2a0cc5071dd633c4d83008e502adb74808

109 (#2)

Type RT_ACCELERATOR
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x10
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.79879
MD5 3d2b1af3424dbcd504f73918619c7d99
SHA1 10d6ed54ea742211a14a05414883f6c00c03080a
SHA256 c2f0c188d6c493d7827bf83fb89c704815796445a0178bb2ae79658d96703a3c
SHA3 b8c5f28d2c132e5bc304e4dc1b314a3f32a2e48675c06828a2a8a014ea05e7fb

107

Type RT_GROUP_ICON
Language English - United Kingdom
Codepage Latin 1 / Western European
Size 0x76
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.06388
Detected Filetype Icon file
MD5 9ba51e75081794f083f4dd2f94ec0328
SHA1 89536b810aed3311555f38a4fc35e334b57c05af
SHA256 ce95791024f07e28b18737a7fd4aa665e6406dd6ee1d342ff3be087915477580
SHA3 9c0c296e0ee3645df7ae05cc8f91243cd51c9c79a11f1a250d46de759eee6a48

1 (#2)

Type RT_MANIFEST
Language English - United States
Codepage Latin 1 / Western European
Size 0x152
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.05186
MD5 5bd48b8396ec876db87094c2a6a9cf13
SHA1 44a2adf25d872f37e40cca666de08ef3c11d835b
SHA256 3a3b2e9611f01c45710cf197c7820e76a756cceabbfad67c272dc9e807d594fd
SHA3 f9598fbab5abc1d57fa8e93c5b86552aeb27d248cc4d3320ddcbb9798c670bd8

String Table contents

HideDesktopIcons
HIDEDESKTOPICONS

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2006-Mar-03 19:53:50
Version 0.0
SizeofData 90
AddressOfRawData 0x2158
PointerToRawData 0x2158
Referenced File d:\source\utilities\hidedesktopicons\release\HideDesktopIcons.pdb

TLS Callbacks

Load Configuration

Size 0x48
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x403000
SEHandlerTable 0x4021c0
SEHandlerCount 1

RICH Header

XOR Key 0x5df95cd
Unmarked objects 0
Imports (VS2012 build 50727 / VS2005 build 50727) 2
C++ objects (VS2012 build 50727 / VS2005 build 50727) 1
ASM objects (VS2012 build 50727 / VS2005 build 50727) 1
C objects (VS2012 build 50727 / VS2005 build 50727) 20
Imports (VS2003 (.NET) build 4035) 5
Total imports 43
114 (VS2012 build 50727 / VS2005 build 50727) 2
Resource objects (VS2012 build 50727 / VS2005 build 50727) 1
Linker (VS2012 build 50727 / VS2005 build 50727) 1

Errors