28cc989c66ea11ff795867b4e98021af49b902a3d1d456e4d7b7373dab3d8993

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2026-Apr-18 18:03:42

Plugin Output

Info Matching compiler(s): MASM/TASM - sig1(h)
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 d2018b95565901835adee3e424a8c905
SHA1 80d756135b63297bcbbdd22d41f6bcf561ab3fee
SHA256 28cc989c66ea11ff795867b4e98021af49b902a3d1d456e4d7b7373dab3d8993
SHA3 64eeb0742f3e2b61b60ea2dc633cd1d38ca2e224a40f13b421714a1f657f8ef6
SSDeep 6144:qRmZuFoOrZG5IG7tMDmlQl4O3vRU5Eg+UrrttRgoN7Jc991X3oPReQK:qmuNmlAvBg+afdI99Zo5er
Imports Hash e147469aaec6f86a4e35e46e7cba685b

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xe8

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 4
TimeDateStamp 2026-Apr-18 18:03:42
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0x59a00
SizeOfInitializedData 0x5000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000000000005804C (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x61000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 142cfb718c19d1af27b2f229cb43d0f8
SHA1 e018ebd07e3802865a3c0036f30c90dff345e421
SHA256 3bbbb76ebfb036ec9cef38c63da65209ffe338fbc94e2449074b8b423c12461d
SHA3 437ab4363283b0737ce37d077c2fb794d02bc967c67102c556c62dc82844188c
VirtualSize 0x59874
VirtualAddress 0x1000
SizeOfRawData 0x59a00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.43397

.data

MD5 0035706da3337fb7d9ca939ef1c04ea8
SHA1 7e11be7dfaa7170ebbf2260f3bbbef3a5ff6f895
SHA256 a5e47d3895329414f6a4748fad4b51eaaab6b8b610d979b0ee657f1f418418a9
SHA3 d8a6dd797371434aba3a161a0960dce9e2be0abbb7f32115439f18ce2095e1f5
VirtualSize 0x2c00
VirtualAddress 0x5b000
SizeOfRawData 0x2600
PointerToRawData 0x59e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.46202

.idata

MD5 adf0696cf2f2c053caea887fa7d19b2b
SHA1 3edc8cdd040b3440ab604f5440dd5037e43d34fb
SHA256 d65d1cd90a085261228e9b2f956f018acf1896b86e19b65f15f603e66e765091
SHA3 abbcd02df8e933d36dac9745cbf9e976b62dd6e76127a83ccd486bd4df7c5f32
VirtualSize 0x19f6
VirtualAddress 0x5e000
SizeOfRawData 0x1a00
PointerToRawData 0x5c400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.67269

.reloc

MD5 e22a500e8e86eba1bead4ea69fb93348
SHA1 667c6d682e017fe7b8c46ac01393cb4665d3fb5d
SHA256 70c7c2cb68646ea327244ec84c7bdf6c6d1dcab140130c7a55e9c58b7fd0226d
SHA3 705ef82ed258f46883d5d588dfa026cfda22d916f043281090d78d2879921f77
VirtualSize 0x88c
VirtualAddress 0x60000
SizeOfRawData 0xa00
PointerToRawData 0x5de00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.10301

Imports

USER32.dll SetWindowPos
MonitorFromWindow
PostMessageA
ScreenToClient
GetSystemMetrics
ShowWindow
SetTimer
EndPaint
TrackMouseEvent
SetWindowTextA
GetMonitorInfoA
DefWindowProcA
AdjustWindowRectEx
SetLayeredWindowAttributes
TranslateMessage
SendMessageA
SetCursor
SystemParametersInfoA
GetClientRect
PostQuitMessage
RegisterClassExA
UpdateWindow
ReleaseCapture
InvalidateRect
ReleaseDC
BeginPaint
LoadCursorA
GetMessageA
DispatchMessageA
CreateWindowExA
GetWindowRect
GDI32.dll DeleteObject
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
DeleteDC
gdiplus.dll GdipDeletePen
GdipDeleteFont
GdipDeleteStringFormat
GdipDeleteGraphics
GdipFillRectangleI
GdipCloneBrush
GdipSetTextRenderingHint
GdipCreateFromHDC
GdipDrawString
GdipCreatePen1
GdipFree
GdipClosePathFigure
GdipGraphicsClear
GdipFillPath
GdipCreateSolidFill
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipSetSmoothingMode
GdipDeletePath
GdipAlloc
GdipDeleteBrush
GdipCreateFontFamilyFromName
GdipDrawRectangleI
GdiplusStartup
GdipSetStringFormatAlign
GdiplusShutdown
GdipCreateStringFormat
GdipSetStringFormatFlags
GdipDeleteFontFamily
GdipDrawPath
GdipAddPathArcI
MSVCP140.dll ?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
KERNEL32.dll RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
CreateThread
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcess
TerminateProcess
GetTickCount
GetTickCount64
MultiByteToWideChar
OutputDebugStringA
IsProcessorFeaturePresent
InitializeSListHead
VCRUNTIME140.dll __std_exception_destroy
memmove
memcpy
__std_exception_copy
memset
memcmp
__C_specific_handler
_CxxThrowException
__current_exception_context
__current_exception
VCRUNTIME140_1.dll __CxxFrameHandler4
api-ms-win-crt-stdio-l1-1-0.dll __acrt_iob_func
__stdio_common_vsscanf
__stdio_common_vsprintf_s
fopen
__stdio_common_vfprintf
fclose
fread
ftell
__stdio_common_vsprintf
__p__commode
_set_fmode
fseek
api-ms-win-crt-math-l1-1-0.dll _dtest
log
tan
fmod
fabs
round
pow
sqrt
nan
floor
cos
ceil
__setusermatherr
trunc
sin
api-ms-win-crt-runtime-l1-1-0.dll exit
_exit
_configure_narrow_argv
_c_exit
_register_thread_local_exe_atexit_callback
_errno
_initterm
abort
_get_narrow_winmain_command_line
_set_app_type
_seh_filter_exe
_cexit
_initialize_onexit_table
_register_onexit_function
_invoke_watson
terminate
_initterm_e
_crt_atexit
_initialize_narrow_environment
api-ms-win-crt-string-l1-1-0.dll isxdigit
strcmp
wcslen
isspace
isalpha
isalnum
tolower
isdigit
toupper
api-ms-win-crt-convert-l1-1-0.dll strtod
strtoul
strtol
api-ms-win-crt-utility-l1-1-0.dll rand
api-ms-win-crt-heap-l1-1-0.dll free
_callnewh
_set_new_mode
malloc
api-ms-win-crt-locale-l1-1-0.dll _configthreadlocale

Delayed Imports

Version Info

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2026-Apr-18 18:03:42
Version 0.0
SizeofData 740
AddressOfRawData 0xa444
PointerToRawData 0x9844

TLS Callbacks

Load Configuration

Size 0x140
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x14005b040

RICH Header

XOR Key 0xfa44bbe6
Unmarked objects 0
Imports (VS2008 SP1 build 30729) 16
ASM objects (35207) 4
C objects (35207) 10
C++ objects (35207) 28
Imports (35207) 6
Imports (33145) 9
Total imports 173
C++ objects (LTCG) (35225) 1
Linker (35225) 1

Errors

Leave a comment

No comments yet.