Manalyzer :: 26ccf372c84c5b9f91ca24eeaa34a9d2193f5da2ef5bf886875da226405a4d73

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	1970-Jan-01 00:00:00

Plugin Output

Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`120d20fc6651d35d37983284223a07c5`
SHA1	`e86df67f806ae1490fe5fd531cd441ed9cf73bbf`
SHA256	`26ccf372c84c5b9f91ca24eeaa34a9d2193f5da2ef5bf886875da226405a4d73`
SHA3	`94cc854ded1c74af134ec1a844c775cb34028ef5a4f9fd1e1e97defae94d4ffb`
SSDeep	`12:kOvE8kooP9x1H2li2A+uX4RcAuK87AGioURX8/OARiei8beillW+q0k:zvE8kooZ64JX4RxVWQoURzzj8bji+Dk`
Imports Hash	`5a62c5dbfdb7befe5d805acd07b99bba`

DOS Header

e_magic	`MZ`
e_cblp	`0`
e_cp	`0`
e_crlc	`0`
e_cparhdr	`0`
e_minalloc	`0`
e_maxalloc	`0`
e_ss	`0`
e_sp	`0`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x40`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`2`
TimeDateStamp	1970-Jan-01 00:00:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`0.0`
SizeOfCode	`0x200`
SizeOfInitializedData	`0x400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00001000 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x2000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x3000`
SizeOfHeaders	`0x200`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`bf5e76223a4b70af7a72827679f1c22d`
SHA1	`fc33eca66f5846390bec1251f3d2b82c05834c5a`
SHA256	`554736b09ec407f46202571ae5fae15fa1bbf388ad7378561dac52e74f9ea7dd`
SHA3	`f30aa4bcf445dd9ff0ab7006c485562459913d539d2d660b43d52151fff84183`
VirtualSize	`0xbc`
VirtualAddress	`0x1000`
SizeOfRawData	`0x200`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`1.63002`

.rdata

MD5	`479758bde6b38e6d939357e9968dadd2`
SHA1	`ad3d85649d04d9c6042d1519399e8a600a9b1cbe`
SHA256	`0c921e47b1d1e17e00ec5df55b797e926c19edd328a6596efe524189085617e5`
SHA3	`255d4506204ac22f664af2307c748d7514fb6fd21aee8e5f91f1abd4e0969a39`
VirtualSize	`0x230`
VirtualAddress	`0x2000`
SizeOfRawData	`0x400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.47146`

Imports

user32.dll	`RegisterClassExA` `CreateWindowExA` `ShowWindow` `GetMessageA` `TranslateMessage` `DispatchMessageA` `PostQuitMessage` `DefWindowProcA` `FillRect`
gdi32.dll	`CreateSolidBrush` `DeleteObject` `SetPixel`
kernel32.dll	`GetTickCount` `Beep`

Delayed Imports

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.