Manalyze report for 30252cb7651719f68df5123589782d5c

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2062-Jun-02 04:16:57
TLS Callbacks	2 callback(s) detected.
Debug artifacts	Embedded COFF debugging symbols

Plugin Output

Suspicious	The PE is possibly packed.	`Unusual section name found: 2gu36dzb` `Unusual section name found: iuanpgvc` `Unusual section name found: fx30ojer` `Unusual section name found: 8xsvcarp` `Unusual section name found: ur52fm8l` `Unusual section name found: ye3qu7nx` `Unusual section name found: 4m57jg7t` `Unusual section name found: bd4jve9i` `Unusual section name found: du27l263` `Unusual section name found: yscjpy6b` `Unusual section name found: j410etgn` `Unusual section name found: tm1csz0u` `Unusual section name found: evn9eplb` `Unusual section name found: pcj1exdn` `Unusual section name found: g390mjdt`
Suspicious	The file contains overlay data.	`28123 bytes of data starting at offset 0x12c00.`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`30252cb7651719f68df5123589782d5c`
SHA1	`60a347256360daf0b7ac3fc5000f39a40c326acd`
SHA256	`ab1db6453970221e6b1f1e79408f7c551e0eb71858450e290c86c5e6a193fff7`
SHA3	`0e870462ccd70d1b3ca3779ababf223b290a8c944ee9fe61f48bb1ed6058b23d`
SSDeep	`1536:MA05iTkEczYHyLtOOtu3yUyJCb8Vzz7iO9A7DK:MUQEcUyLR5VH`
Imports Hash	`8f4138c873f1fe386edcb3c5e160cb4c`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`15`
TimeDateStamp	2062-Jun-02 04:16:57
PointerToSymbolTable	`0x12c00`
NumberOfSymbols	`1300`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x1800`
SizeOfInitializedData	`0x1200`
SizeOfUninitializedData	`0x600`
AddressOfEntryPoint	`0x000014E0 (Section: 2gu36dzb)`
BaseOfCode	`0x1000`
BaseOfData	`0x3000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`1.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x1d000`
SizeOfHeaders	`0x400`
Checksum	`0x1ad78`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

2gu36dzb

MD5	`7e2e9409efdc8af8cdaa43d6ccd0aae1`
SHA1	`bf7d21cc3d59affea9c24377dee1e085c2621dbe`
SHA256	`e74c0c6d2929bd2bc21b6c40cff447bc69ed58d3739e9ee488048307ad3f797f`
SHA3	`5ab3a82def0699713ecd5c3df1784800e318a1f5b6a7901e5011626edcdbc0c8`
VirtualSize	`0x1718`
VirtualAddress	`0x1000`
SizeOfRawData	`0x1800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_2048BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_8BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.83046`

iuanpgvc

MD5	`c3e6a2c41e44a456461e050beecf0e49`
SHA1	`ee668828a6c5a9d2a2770c41496a4ba661ca7e0a`
SHA256	`400b95d35c2649930cc45c071e476dfac0e47ab2b35e23dd163059b1aee09bb1`
SHA3	`b268c7ee730b0281c5d2e2573fbd21058fb1efce8f5f4fb02f86b8c43fa8d8db`
VirtualSize	`0x2c`
VirtualAddress	`0x3000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.536302`

fx30ojer

MD5	`7dc0b312606e2f88e63d72b8267e8799`
SHA1	`4697a1969e4278e5bd3815a6cc128540d5d12e9d`
SHA256	`31c90b7bf308eb8a8d7ffee9f2e6f440e0583612fbf3595bb29e8b2ded1649fa`
SHA3	`bfc1fc3c6b02c41f8a327288f333a4671420a4bcf66a90656fad77da57c5148f`
VirtualSize	`0x4d4`
VirtualAddress	`0x4000`
SizeOfRawData	`0x600`
PointerToRawData	`0x1e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.58175`

8xsvcarp

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x450`
VirtualAddress	`0x5000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_2048BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_8BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

ur52fm8l

MD5	`ff555242a04603c6387030dd29eff813`
SHA1	`e4d10ecdbe984df6b63cddd814eda68e35d7ca17`
SHA256	`74dc4608d15092b00de6cc1d7991c405a583543de73a8e4a72c9ed85bd8312e6`
SHA3	`c89ba243009c351ac27d2f9cc3a77fa6ada66ffc58d03dc4a2b7a3fc80645aa9`
VirtualSize	`0x5d0`
VirtualAddress	`0x6000`
SizeOfRawData	`0x600`
PointerToRawData	`0x2400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.51032`

ye3qu7nx

MD5	`f6d87eeab01e2916ff3cfa26e7c77752`
SHA1	`2dd118919e0c314e67b120d6b627d92ade6cf5d8`
SHA256	`a023cd2535dc2d583e5e2d31142b9a159b882f9d7a0e8eb9ee7020e30a10fe63`
SHA3	`9f3c15c35b2c90c20fdad3b882267ff6f7a2ed9ba197f4ec9fc277c1e90c7d99`
VirtualSize	`0x34`
VirtualAddress	`0x7000`
SizeOfRawData	`0x200`
PointerToRawData	`0x2a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.254511`

4m57jg7t

MD5	`f1db91b86ca0c56dfcbb593282af3f7b`
SHA1	`8bdd29cb91729b0044df1aca9fd0c934961a6c6f`
SHA256	`bd4a931d3d6593020d5d50934fcd5c631399ec99b07cccb1b7babf9c8ed20dbc`
SHA3	`78ff7fe0edbcafde750bb5253f7e9cc172051e31617bc1ba6090230c13b83bf5`
VirtualSize	`0x20`
VirtualAddress	`0x8000`
SizeOfRawData	`0x200`
PointerToRawData	`0x2c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.204488`

bd4jve9i

MD5	`ad72dd59f64bd4f762b75f658bc80fbc`
SHA1	`fab397d8b9aab646f1954d65f172ccf58f710989`
SHA256	`2324f89ca59114e94d48ae0ee57effe2f45cafe4f8966d77e7044e25f277fe92`
SHA3	`0a6d62f57de2b8bdb8b0656680a6bd6b3f8de1e54b254f59b1d9a0775ca65e15`
VirtualSize	`0x2d8`
VirtualAddress	`0x9000`
SizeOfRawData	`0x400`
PointerToRawData	`0x2e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_2048BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_8BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`1.6622`

du27l263

MD5	`12918a79f3ad36add5e7f5de7458c35b`
SHA1	`691382447d152b2b8b649507e6fd741e9f2751fe`
SHA256	`9c7b2e4473bccb79a897a037899ffed7fcee1b580d1e036632b2b394f04e26f1`
SHA3	`3ef80745e066a6cb38cfbdb5c6a809d9b2fb3b7e377ad004e09cca2f1f64ea9a`
VirtualSize	`0xa6d5`
VirtualAddress	`0xa000`
SizeOfRawData	`0xa800`
PointerToRawData	`0x3200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.03232`

yscjpy6b

MD5	`eaa99a75e78ce28c52fd27cadacade6d`
SHA1	`b23bb0d87cc7fd9cf0db7eed4bb3ee72ddce7f59`
SHA256	`88220c5a4ef2502c3779ad45d7370c20852ebee4508e535cdb4efd31067d6a2c`
SHA3	`eaaeb67dd425a650051b1ce8b7517d6f0a906f75d1614e9331421a8aad76e632`
VirtualSize	`0x199e`
VirtualAddress	`0x15000`
SizeOfRawData	`0x1a00`
PointerToRawData	`0xda00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.60664`

j410etgn

MD5	`7e4bc0d31417998c3148ebf1a235c8e3`
SHA1	`dc1d39e92f328b47aa5d22486c3310719414d3d1`
SHA256	`4728fe03b30c7c33d72dc7c7ab47eb7e1760c1eb4431f2d79e478d5d3c22dd00`
SHA3	`f8006860ab51ef4bb9bd4b2d17875dc0f3a2e7f06a8b37b078be31e4415ce531`
VirtualSize	`0x18f3`
VirtualAddress	`0x17000`
SizeOfRawData	`0x1a00`
PointerToRawData	`0xf400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.51598`

tm1csz0u

MD5	`ad0e0c349a13f934c09e4444d1cbeece`
SHA1	`3db2671811db1e38443e8a1fc1b8b598f88c922d`
SHA256	`2efc137556814db89672737ad97636a7284814cbffc198165deb0fed2b9eb16d`
SHA3	`227ae4d5c55f67850e828a324eb8de5b422bb9e89ca40a787b9e65b4f0539ed8`
VirtualSize	`0x780`
VirtualAddress	`0x19000`
SizeOfRawData	`0x800`
PointerToRawData	`0x10e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.51418`

evn9eplb

MD5	`fe5487f768c36a9e2d1ac66a05aea4ef`
SHA1	`058f942669dee3354fb5ed4bfde70fad2013303e`
SHA256	`29234094f5ccf639b9ca55e40beabc9a33a26eb3a5c684d94d6f10155f910b7c`
SHA3	`d3795f701d0908a50dd71f2de10155f77bf44149bbb2d6bfb884789c7ef18464`
VirtualSize	`0x2f2`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x400`
PointerToRawData	`0x11600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.14984`

pcj1exdn

MD5	`237f239bb9c2377793218475c09bdcb9`
SHA1	`4be4b15db97b90285246706157ee8318d628194f`
SHA256	`8dfa7b45930fa23e9e94ab8c6aeb7a8e9606043166d85fee0b9cdec7daa0fcdc`
SHA3	`dfeecd880b17a39ae6bbdbb71f6fbae632915e87a09162722280c44ab425e2f3`
VirtualSize	`0xd1e`
VirtualAddress	`0x1b000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x11a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`3.13533`

g390mjdt

MD5	`c81454e693a64ba511c4347cc00f5594`
SHA1	`9429d271284190737851d32397b3560c19364ca0`
SHA256	`bf6c638347ea1c78cfc6b169dbcd10a1c05eaa6e06bd8dd14f6c8a9ea65338ec`
SHA3	`4f553a83a5e9fb1ac579d7a8ba58e4a42a98f0c3ca5f8b41cb799ed4a835146a`
VirtualSize	`0x230`
VirtualAddress	`0x1c000`
SizeOfRawData	`0x400`
PointerToRawData	`0x12800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`1.61691`

Imports

KERNEL32.dll	`DeleteCriticalSection` `EnterCriticalSection` `GetCurrentProcess` `GetCurrentProcessId` `GetCurrentThreadId` `GetLastError` `GetStartupInfoA` `GetSystemTimeAsFileTime` `GetTickCount` `InitializeCriticalSection` `LeaveCriticalSection` `QueryPerformanceCounter` `SetUnhandledExceptionFilter` `Sleep` `TerminateProcess` `TlsGetValue` `UnhandledExceptionFilter` `VirtualProtect` `VirtualQuery`
msvcrt.dll	`__dllonexit` `__getmainargs` `__initenv` `__lconv_init` `__set_app_type` `__setusermatherr` `_acmdln` `_amsg_exit` `_cexit` `_fmode` `_initterm` `_iob` `_lock` `_onexit` `_unlock` `abort` `calloc` `exit` `fclose` `fopen` `fprintf` `free` `fwrite` `getenv` `malloc` `memcpy` `printf` `puts` `signal` `sprintf` `strlen` `strncmp` `vfprintf`

Delayed Imports

Version Info

TLS Callbacks

StartAddressOfRawData	`0x408000`
EndAddressOfRawData	`0x40801c`
AddressOfIndex	`0x40502c`
AddressOfCallbacks	`0x407020`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`0x00401600` `0x004015B0`

Load Configuration

RICH Header

Errors

[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF String Table's reported size is bigger than the remaining bytes!
[*] Warning: Section 8xsvcarp has a size of 0!