Manalyze report for 14d18f03cea093efdb65a363f068d1b9

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2021-Jun-24 13:26:13
Detected languages	English - United States
Comments	Sketchfab-Ripper.com
CompanyName	Sketchfab-Ripper.com
FileDescription	Sketchfab-Ripper.com
LegalCopyright	Sketchfab-Ripper.com
LegalTrademarks	Sketchfab-Ripper.com
ProductName	Sketchfab-Ripper.com
FileVersion	`12.00`
ProductVersion	`12.00`
InternalName	Sketchfab Ripper v11
OriginalFilename	Sketchfab Ripper v11.exe

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual Basic 5.0` `Microsoft Visual Basic v5.0/v6.0` `Microsoft Visual Basic v5.0 - v6.0`
Info	Interesting strings found in the binary:	`Contains domain names: Ripper.com Sketchfab-Ripper.com http://sketchfab-ripper.com https://media.sketchfab.com https://media.sketchfab.com/models/ https://sketchfab.com media.sketchfab.com rigmodels.com ripper.com sketchfab-ripper.com sketchfab.com`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`14d18f03cea093efdb65a363f068d1b9`
SHA1	`0a5cffc94f65916779ccf249e24915804d56bfd1`
SHA256	`5eaa1fa2f7e4dc3d2133ee1e3bef0247d8fd40b76cd6ba8121a42f5f3467ef8e`
SHA3	`38dc9f6d4f50cc2b3dc73b616b566f46ee4b4961417ec7af818d7cb01298fdec`
SSDeep	`3072:sBx504hexpFZc2EGCkzm98mGWW9lBbO5v4xZh0jxjV:U27bCMXq5v4x0jxj`
Imports Hash	`9a6af74615239b2626cb7fc2f01c372f`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xc8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2021-Jun-24 13:26:13
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x1b000`
SizeOfInitializedData	`0x2000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000020B8 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x1c000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`C.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x1e000`
SizeOfHeaders	`0x1000`
Checksum	`0x2af7d`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`e6cb5900d00a18fc0a3319d8ae67ecc1`
SHA1	`98462599acf74d6d7889b71815580ea942eff4bd`
SHA256	`5bf90691d97cac319b42ab25d865a151b37b310474e92115ec385525731e6a4b`
SHA3	`2ae39df8eaddb4b4077944dd4b96c929476a3f3fb89a656bdd2e6b9e65b0b3dc`
VirtualSize	`0x1ad78`
VirtualAddress	`0x1000`
SizeOfRawData	`0x1b000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.63973`

.data

MD5	`620f0b67a91f7f74151bc5be745b7110`
SHA1	`1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d`
SHA256	`ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7`
SHA3	`a99f9ed58079237f7f0275887f0c03a0c9d7d8de4443842297fceea67e423563`
VirtualSize	`0xe04`
VirtualAddress	`0x1c000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x1c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`62e95b30396d45ef95bf2e4904d165f3`
SHA1	`46efd0078d8bd5a3787e78032298ca7276750ae8`
SHA256	`cccbaf97456d18d9064d084d448b6c4b74c057cb4048fa73e6f8fd8ead6e5d97`
SHA3	`efa1e730ff3f18fd094953f4a4fa1547dc71a5af25a74eca3343160c8ebef73b`
VirtualSize	`0xd60`
VirtualAddress	`0x1d000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x1d000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.81244`

Imports

MSVBVM60.DLL	`__vbaVarTstGt` `__vbaStrI2` `_CIcos` `_adj_fptan` `__vbaStrI4` `__vbaFreeVar` `__vbaLineInputStr` `__vbaLenBstr` `__vbaStrVarMove` `__vbaFreeVarList` `__vbaEnd` `_adj_fdiv_m64` `__vbaPut4` `__vbaFreeObjList` `#516` `#517` `_adj_fprem1` `__vbaCopyBytes` `__vbaStrCat` `#660` `__vbaSetSystemError` `__vbaHresultCheckObj` `__vbaNameFile` `_adj_fdiv_m32` `__vbaAryVar` `#666` `__vbaAryDestruct` `#669` `#593` `#594` `__vbaOnError` `__vbaObjSet` `#595` `_adj_fdiv_m16i` `__vbaObjSetAddref` `_adj_fdivr_m16i` `#598` `#520` `__vbaBoolVarNull` `__vbaFpR8` `_CIsin` `__vbaErase` `#632` `__vbaChkstk` `__vbaFileClose` `EVENT_SINK_AddRef` `__vbaGenerateBoundsError` `#528` `#529` `__vbaStrCmp` `__vbaPutOwner3` `__vbaVarTstEq` `__vbaI2I4` `DllFunctionCall` `__vbaVarOr` `_adj_fpatan` `__vbaRedim` `EVENT_SINK_Release` `#600` `__vbaUI1I2` `_CIsqrt` `__vbaVarAnd` `EVENT_SINK_QueryInterface` `__vbaExceptHandler` `#711` `__vbaStrToUnicode` `__vbaInputFile` `#712` `#606` `__vbaR4ErrVar` `_adj_fprem` `_adj_fdivr_m64` `#530` `#608` `#531` `__vbaFPException` `__vbaInStrVar` `__vbaGetOwner3` `__vbaUbound` `#533` `__vbaStrVarVal` `#644` `#537` `_CIlog` `__vbaErrorOverflow` `__vbaFileOpen` `#647` `#648` `#570` `__vbaR8Str` `__vbaNew2` `__vbaInStr` `#571` `_adj_fdiv_m32i` `_adj_fdivr_m32i` `__vbaStrCopy` `#681` `__vbaFreeStrList` `__vbaVarNot` `#576` `_adj_fdivr_m32` `_adj_fdiv_r` `#685` `#100` `__vbaVarTstNe` `__vbaI4Var` `__vbaVarCmpEq` `__vbaAryLock` `__vbaVarAdd` `__vbaStrComp` `__vbaVarDup` `__vbaStrToAnsi` `__vbaFpI4` `#616` `__vbaVarCopy` `__vbaR8IntI2` `#617` `_CIatan` `__vbaStrMove` `__vbaAryCopy` `#618` `#619` `_allmul` `_CItan` `__vbaAryUnlock` `__vbaFPInt` `_CIexp` `__vbaFreeStr` `__vbaFreeObj`

Delayed Imports

30001

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Unicode (UTF 16LE)
Size	`0x8a8`
TimeDateStamp	2021-Jun-24 13:26:13
Entropy	`4.51939`
MD5	`a7165564a91339cc4f06d41fe799180f`
SHA1	`750e262623d526d7c90379cf7ee92d89a5309a12`
SHA256	`dc5e731110cdd027a9bf979ec178c558be0ef1a51234c31d009ee79944fcde59`
SHA3	`c24e06b51f252467e1b0cd68194c26edd8fc02b772c52e0bce6902bade06c92d`

1

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Unicode (UTF 16LE)
Size	`0x14`
TimeDateStamp	2021-Jun-24 13:26:13
Entropy	`2.22322`
Detected Filetype	Icon file
MD5	`4610e703b0622b2c9fec4ec01e9c9ecc`
SHA1	`1a395734ea2dbcb38430aadb6bf899d5c5e0b93a`
SHA256	`4b5b6cd2cee245f4389b889f8441491157870ddf1a9ec09c3fde3fca1657b220`
SHA3	`c545f87715aabfd3ba01bcac62b42f3758394fbfbd3f3d564fc7aaa285ed5ff1`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x3b4`
TimeDateStamp	2021-Jun-24 13:26:13
Entropy	`3.3178`
MD5	`6b571cfb80199176c979a924937ccddf`
SHA1	`e95b6b7ad014ec438071d28fe9568f06cd059798`
SHA256	`161ea172eba997aa55c00a31ab97492ed5f4341a5b37a0271bbeb64ee08a841d`
SHA3	`0446a3e0b883aa7b72881f4b0dc3166cb7f324f7b8259f529ebdb03c31bea712`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	12.0.0.0
ProductVersion	12.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
Comments	Sketchfab-Ripper.com
CompanyName	Sketchfab-Ripper.com
FileDescription	Sketchfab-Ripper.com
LegalCopyright	Sketchfab-Ripper.com
LegalTrademarks	Sketchfab-Ripper.com
ProductName	Sketchfab-Ripper.com
FileVersion (#2)	12.00
ProductVersion (#2)	12.00
InternalName	Sketchfab Ripper v11
OriginalFilename	Sketchfab Ripper v11.exe

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x89a99a19`
Unmarked objects	`0`
14 (7299)	`1`
9 (8041)	`5`
13 (8169)	`1`

14d18f03cea093efdb65a363f068d1b9

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.data

.rsrc

Imports

Delayed Imports

30001

1

1 (#2)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors