2920196e0368001ec08da7522f6f0b45

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2003-Jun-23 05:09:27
Detected languages English - Canada

Plugin Output

Info Matching compiler(s): Installer VISE Custom
Microsoft Visual C++
Microsoft Visual C++ v6.0
Microsoft Visual C++ v5.0/v6.0 (MFC)
Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • LoadLibraryA
  • GetProcAddress
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 2920196e0368001ec08da7522f6f0b45
SHA1 b3f0cc8cc2fa49861c6af40e268385699f0b8d7d
SHA256 739087c8b0279d7a048469906a335008e40104b84c563446599c3f4f9eb99e67
SHA3 474b50bcced38ec7a44f5718067f19d9ccfe2e87948920b5d961c69ccdeeba2f
SSDeep 384:FpTQwAZIcF6Jq/SmloBtsByymDgetqs7AP:FpT6ZIcKq/ecyJgeMs
Imports Hash 0c2ddafc254de832ce4cc85346306936

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xd1

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 4
TimeDateStamp 2003-Jun-23 05:09:27
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 6.0
SizeOfCode 0x3000
SizeOfInitializedData 0x3000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000012C0 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x4000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x1000
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x7000
SizeOfHeaders 0x1000
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 a028ff24f2b235282791d27bb100b322
SHA1 1b849648af4fef4a0f0572916a175214e9371e5b
SHA256 01c935e84d50fa76a85ed23c3a5e7ac7ef07d17ef21d0f704670cbb44e679160
SHA3 a2776de2ca20d20a5616763559a460a82bcb15d92f15a9e7cdb103d8f75a0f99
VirtualSize 0x2b3e
VirtualAddress 0x1000
SizeOfRawData 0x3000
PointerToRawData 0x1000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.14198

.rdata

MD5 0efd457dc942df92e57a79f22af42e21
SHA1 1c5e3770f7711c15841534b6db869dda0be1f8b7
SHA256 eabecb5f313f7b171fedc6b2552a235cb8ca0ddae560c487772814973fa1e5e2
SHA3 d7b6bfeb25868a1a287b168f03710d45b9d20666a3c27711ea4c9a7dcf98f65e
VirtualSize 0x932
VirtualAddress 0x4000
SizeOfRawData 0x1000
PointerToRawData 0x4000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 3.17478

.data

MD5 9f0d07943d294a46a0306a000b40e85b
SHA1 f8466fea9e4a3cf1b5cc9998e351ce07da4ac078
SHA256 9d428a5783e8ea9810d5bd74b3c3a56c52fbaf7c32916b4d87193704ca618d58
SHA3 f92ce5c3bab834dd0c99b437d8958f43450feed7a4ff4863781baf8faa71569c
VirtualSize 0xb5c
VirtualAddress 0x5000
SizeOfRawData 0x1000
PointerToRawData 0x5000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 1.74096

.rsrc

MD5 ee54f050fdae854fdfa80cd2b5af1b4b
SHA1 06acfa0e52f7c7f9e1829f13dc2756ced58ea6a8
SHA256 cfedf6f737aaedf0e620a109abd0cf2a57c68e3074f20ea56ae41bbd29e650d9
SHA3 730d0b8313422d18bb85bb09fe9c979aa699d3b6ef57debb3fe9312ae212a159
VirtualSize 0x508
VirtualAddress 0x6000
SizeOfRawData 0x1000
PointerToRawData 0x6000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 1.10092

Imports

KERNEL32.DLL GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeW
USER32.dll LoadIconA
LoadCursorA
LoadImageA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
MessageBoxA
CreateMenu
CreatePopupMenu
AppendMenuA
SetMenu
DestroyWindow
DefWindowProcA
PostMessageA

Delayed Imports

1

Type RT_ICON
Language English - Canada
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.46454
MD5 3f02daeca1c70a17ea0b7694e7efbcd6
SHA1 b6307d0ac422d7e0469a7b60a8b038eaf9aa2937
SHA256 8825003d80d05ac9c867ff607c17f6d75118796c8dc3df37aab076d79f3cd79f
SHA3 df3a4320d3a7d9f9b8b436be807136e3657c95002d565ea068676ed35b614214

2

Type RT_ICON
Language English - Canada
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.33031
MD5 ca295d896dd8717ca93f96c860f2deea
SHA1 003bcec87dcd88da3fb23409da1c579b4b6aefcb
SHA256 00bc85959458bcb7fc53bf85251b2d59a0858b69e6767ad2ff287626833e6b04
SHA3 b26b6364d378a96588967c633bb5a42cc46dbd7e10114fd01cc7d61df80b65b6

102

Type RT_GROUP_ICON
Language English - Canada
Codepage UNKNOWN
Size 0x22
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.37086
Detected Filetype Icon file
MD5 d59e0d372ea5fd8c1f4de744376a6af4
SHA1 6883ce60e71a83424db0b41d0ab6bf61080e3de2
SHA256 b10e28a32eddb2ab20a46ceae59d9c0786911eb20f0c8dd2a28421f226ea2b8b
SHA3 5e39df982879204dd9f129a37d1e1c2ff906e88de9ae01b4418db5e8455e7ae1

Version Info

TLS Callbacks

Load Configuration

RICH Header

XOR Key 0x9b0e79b0
Unmarked objects 0
C++ objects (VS98 build 8168) 1
14 (7299) 9
19 (8034) 5
Total imports 56
C objects (VS98 build 8168) 23
Resource objects (VS98 cvtres build 1720) 1

Errors

<-- -->