2226397a4bda586bb8951340240bf7ec7db79e181bca5929dfa55173c32ac014

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2026-Apr-18 17:23:21

Plugin Output

Info Matching compiler(s): MASM/TASM - sig1(h)
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 c946dc734211c5c3b681b7f4a9d58891
SHA1 f0c430aedb3801a2d80b01a3a0c63ca4f1a7660c
SHA256 2226397a4bda586bb8951340240bf7ec7db79e181bca5929dfa55173c32ac014
SHA3 39ad0abe38e7def515b6d1ede75d1360884ad87daa841c5cd8e9b6467192189d
SSDeep 6144:MMG43bssxXgzURBMU43kLJNOfehUou6sN4qR+RjRmC2bDShh7goqiWW7dB976sX:ML4rizFU4mxa0b2bDivWWpBt66
Imports Hash f0a9340038627a8a11f80df961906b79

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xe8

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 4
TimeDateStamp 2026-Apr-18 17:23:21
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0x57e00
SizeOfInitializedData 0x5000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000056560 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x5f000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 41b7007e4866f5e53a97ef880d433d5e
SHA1 de27df1a72887270430986a1fa699dde1eb7fe56
SHA256 9db4225319add12ac256602715b5791ce5c1e51ec2e3d90e7dec634f1784e770
SHA3 6384ff1d97b29bd4d09614a070e5a1a3dc94894de07f50eeed689a403f7b5fa3
VirtualSize 0x57c54
VirtualAddress 0x1000
SizeOfRawData 0x57e00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.4589

.data

MD5 8d8a113ecbe411c65d191449e4686ac4
SHA1 74aebf1749f0e66daa21e3268a977e09f743722c
SHA256 48eb944aa73dea9bd753d22ef0406c45615d74e2b2e87cce08b0c60228f35044
SHA3 191202ec6cb32716aeeda930b36ee1cc53793111980d710c43dffb6b44f200a1
VirtualSize 0x2c00
VirtualAddress 0x59000
SizeOfRawData 0x2600
PointerToRawData 0x58200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.46202

.idata

MD5 e8af8c53da9c74afad05a780e29f8ecf
SHA1 e70d339b6a0f08a197b43524520cfc7f3d3d2972
SHA256 c9b20f2f30ec637995af74f5670bb587c2fff99da655ca4f0d6a81e7d1574cc7
SHA3 bda379e3c7027da39cec046d510b6ef27cf37fc71dc06020834cec372fbcb6bb
VirtualSize 0x19d4
VirtualAddress 0x5c000
SizeOfRawData 0x1a00
PointerToRawData 0x5a800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.63939

.reloc

MD5 fca11d0aead0811d76e9a79f4277d595
SHA1 4718cdb361789e404c5a03348e2dabf8b001977c
SHA256 0f2990716d8f6ffe8ac7fdbd6e50f767093613d33e05b27977c3eb69a49fde0c
SHA3 14a633e6062bd2702e4d50cd20aea09f6aa2b11ded43116141e2f8b3364459e8
VirtualSize 0x894
VirtualAddress 0x5e000
SizeOfRawData 0xa00
PointerToRawData 0x5c200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.10485

Imports

USER32.dll SetWindowPos
MonitorFromWindow
PostMessageA
GetSystemMetrics
ShowWindow
SetTimer
EndPaint
TrackMouseEvent
SetWindowTextA
GetMonitorInfoA
DefWindowProcA
GetWindowRect
SetLayeredWindowAttributes
TranslateMessage
SendMessageA
SetCursor
SystemParametersInfoA
GetClientRect
PostQuitMessage
RegisterClassExA
UpdateWindow
ReleaseCapture
InvalidateRect
ReleaseDC
BeginPaint
LoadCursorA
AdjustWindowRectEx
GetMessageA
CreateWindowExA
DispatchMessageA
GDI32.dll DeleteObject
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
DeleteDC
gdiplus.dll GdipCreatePen1
GdipDeletePen
GdipDeleteFont
GdipDeleteStringFormat
GdipDeleteGraphics
GdipFillRectangleI
GdipCloneBrush
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipDrawString
GdipDrawPath
GdipFree
GdipClosePathFigure
GdipSetStringFormatAlign
GdipFillPath
GdipCreateSolidFill
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipSetSmoothingMode
GdipDeletePath
GdipAlloc
GdipDeleteBrush
GdipCreateFontFamilyFromName
GdipDrawRectangleI
GdiplusStartup
GdipSetStringFormatFlags
GdiplusShutdown
GdipGraphicsClear
GdipCreateStringFormat
GdipDeleteFontFamily
GdipAddPathArcI
MSVCP140.dll ?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
KERNEL32.dll RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
CreateThread
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcess
TerminateProcess
GetTickCount
GetTickCount64
MultiByteToWideChar
OutputDebugStringA
IsProcessorFeaturePresent
InitializeSListHead
VCRUNTIME140.dll __std_exception_destroy
memmove
memcpy
__current_exception
_CxxThrowException
__C_specific_handler
memcmp
memset
__std_exception_copy
__current_exception_context
api-ms-win-crt-stdio-l1-1-0.dll fseek
__stdio_common_vfprintf
fread
fclose
__acrt_iob_func
__stdio_common_vsprintf_s
_set_fmode
__p__commode
fopen
ftell
__stdio_common_vsscanf
__stdio_common_vsprintf
api-ms-win-crt-math-l1-1-0.dll log
trunc
__setusermatherr
round
fabs
cos
ceil
_dtest
sin
fmod
pow
floor
tan
sqrt
nan
api-ms-win-crt-runtime-l1-1-0.dll exit
_initterm_e
terminate
_initterm
_get_narrow_winmain_command_line
_register_thread_local_exe_atexit_callback
abort
_c_exit
_errno
_configure_narrow_argv
_set_app_type
_seh_filter_exe
_cexit
_invoke_watson
_initialize_narrow_environment
_initialize_onexit_table
_crt_atexit
_exit
_register_onexit_function
api-ms-win-crt-string-l1-1-0.dll wcslen
isspace
isalnum
toupper
isxdigit
isdigit
strcmp
tolower
isalpha
api-ms-win-crt-convert-l1-1-0.dll strtoul
strtol
strtod
api-ms-win-crt-utility-l1-1-0.dll rand
api-ms-win-crt-heap-l1-1-0.dll _callnewh
_set_new_mode
free
malloc
api-ms-win-crt-locale-l1-1-0.dll _configthreadlocale
VCRUNTIME140_1.dll __CxxFrameHandler4

Delayed Imports

Version Info

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2026-Apr-18 17:23:21
Version 0.0
SizeofData 740
AddressOfRawData 0xb3c8
PointerToRawData 0xa7c8

TLS Callbacks

Load Configuration

Size 0x140
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x140059040

RICH Header

XOR Key 0x96387974
Unmarked objects 0
Imports (VS2008 SP1 build 30729) 16
ASM objects (35207) 4
C objects (35207) 10
C++ objects (35207) 26
Imports (35207) 6
Imports (33145) 9
Total imports 172
C++ objects (LTCG) (35225) 1
Linker (35225) 1

Errors

Leave a comment

No comments yet.