Manalyze report for 3c255e5237f4e962e3f945e79d6dce68d137ff51e2ff359988210b92947f52fd

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2025-Nov-17 05:30:44
Detected languages	English - United States
Debug artifacts	D:\svn_workspace\DukanPrint\trunk\02-Src\Convert\GeoLocate\x64\Release\GeoLocate.pdb

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Info	Cryptographic algorithms detected in the binary:	`Uses known Mersenne Twister constants`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`bf0155206afb088a3641eaafc93949a9`
SHA1	`e5f78ec9256db0dc2119af7b9c51a7206f4b9614`
SHA256	`3c255e5237f4e962e3f945e79d6dce68d137ff51e2ff359988210b92947f52fd`
SHA3	`4e3d280afd19a42e17e9ff08ad4f98806f058478c04b8164ded1e2e0b9291cb1`
SSDeep	`1536:Il98b+1x6e8FFW6PPychmPkjlKS5NSJ9G7cb+eDG3BLRwylLB/i6c:S9gq6e8FFW6RjlKS5N0sBLRhJB/i`
Imports Hash	`190d83c00c08fcd37657d10b04c6fd30`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2025-Nov-17 05:30:44
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x15000`
SizeOfInitializedData	`0x7000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000000140B0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x20000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`37f14a7c103adaf27b708779ed88fed2`
SHA1	`7f50b645453cc149d876f6eab48ddf96899e8362`
SHA256	`dfda9b20cffa6cb2c0a41d6d9333d75ecbea1864cd5b9c9b4cff40c3d6555585`
SHA3	`7343ae0d6141c8450efb984381c5b91bd4c2cfecdf3988cda44c2c5055b132d9`
VirtualSize	`0x14e87`
VirtualAddress	`0x1000`
SizeOfRawData	`0x15000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.15729`

.rdata

MD5	`988a16dec4ea211e1977a411adb032ed`
SHA1	`34c215faa92cc6fd35cf28b6a88ebd4d6c225f49`
SHA256	`b3dc18aaa1e8e089c009e90e0bf7de7b05d1f7d2be7475be97ed9e00e6d357b4`
SHA3	`e18f9053cf30e25859a502f51901bf9f13302b7f9e0cddeb95646dae5bde3937`
VirtualSize	`0x5082`
VirtualAddress	`0x16000`
SizeOfRawData	`0x5200`
PointerToRawData	`0x15400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.24598`

.data

MD5	`e4054c4123d9bc806581aed0d7f40603`
SHA1	`ba9f1d18c34b282cb419565b9fc2f419f1ae8299`
SHA256	`de4d1d53f3c22d92dfd73737d63276b497dec8dccf90fa16b07b5e6ff0ea9549`
SHA3	`aef36c4a1185b147c727f15a8fee43d5f1cd8a6e69b22e056c4531c7c45dcb21`
VirtualSize	`0xab8`
VirtualAddress	`0x1c000`
SizeOfRawData	`0x600`
PointerToRawData	`0x1a600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.18643`

.pdata

MD5	`01a9a7f4938db40ed4a4e985a7d0a49e`
SHA1	`8492bdde25815a57421bc895b01dd76a59c3739e`
SHA256	`4bfeccfd6091ef172a898941d075565d6b89a49135ccf1c527768727130026ec`
SHA3	`185e0644d389e17a95b142271c59519cae05c095defbdf9fd4dc6a37fb30bf85`
VirtualSize	`0xc30`
VirtualAddress	`0x1d000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x1ac00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.5307`

.rsrc

MD5	`eab25597db5aae01931701cf5da92008`
SHA1	`bbdae6f0573b6509c042cabad384f003067dd099`
SHA256	`890cc8f16e62f7f525da92d59b1fd3f6c31d12eeb2285f9c57ce82f83239fddc`
SHA3	`6f247c760ae9956c8c65507cf602a28521ec9c2c7e0dfa033841ac9eca524241`
VirtualSize	`0x1e0`
VirtualAddress	`0x1e000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1ba00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.71006`

.reloc

MD5	`f449b33122bba093306f3b90de33c940`
SHA1	`463ad4423a869c766bb31fdf3256085a23cedd24`
SHA256	`1a4ce0415050c1aa7c13e54d7ecfb49f73e070c24602c3f9df7700c8290be75c`
SHA3	`431f57fce1a30d71fa14dbab548825e931fbd79be8b93ef3e3e0f3c358b92cd9`
VirtualSize	`0xbc`
VirtualAddress	`0x1f000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1bc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`2.60596`

Imports

opencv_world4110.dll	`?fitLine@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@HNNN@Z` `?findContours@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@HHV?$Point_@H@1@@Z` `?minMaxLoc@cv@@YAXAEBV_InputArray@1@PEAN1PEAV?$Point_@H@1@20@Z` `?noArray@cv@@YAAEBV_InputOutputArray@1@XZ` `??4Mat@cv@@QEAAAEAV01@AEBV01@@Z` `?zeros@Mat@cv@@SA?AVMatExpr@2@V?$Size_@H@2@H@Z` `?matchTemplate@cv@@YAXAEBV_InputArray@1@0AEBV_OutputArray@1@H0@Z` `?threshold@cv@@YANAEBV_InputArray@1@AEBV_OutputArray@1@NNH@Z` `?contourArea@cv@@YANAEBV_InputArray@1@_N@Z` `?imread@cv@@YA?AVMat@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z` `?cvtColor@cv@@YAXAEBV_InputArray@1@AEBV_OutputArray@1@HHW4AlgorithmHint@1@@Z` `??0Mat@cv@@QEAA@AEBV01@AEBV?$Rect_@H@1@@Z` `??0Mat@cv@@QEAA@XZ` `??1Mat@cv@@QEAA@XZ` `??4Mat@cv@@QEAAAEAV01@$$QEAV01@@Z` `?clone@Mat@cv@@QEBA?AV12@XZ` `?empty@Mat@cv@@QEBA_NXZ`
KERNEL32.dll	`QueryPerformanceCounter` `RtlCaptureContext` `RtlLookupFunctionEntry` `GetPrivateProfileStringA` `WritePrivateProfileStringA` `Sleep` `GetModuleFileNameA` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetCurrentProcess` `InitializeSListHead` `GetSystemTimeAsFileTime` `GetCurrentThreadId` `GetCurrentProcessId` `IsProcessorFeaturePresent` `GetModuleHandleW` `IsDebuggerPresent` `TerminateProcess`
MSVCP140.dll	`??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z` `?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z` `??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?always_noconv@codecvt_base@std@@QEBA_NXZ` `??Bid@locale@std@@QEAA_KXZ` `?_Random_device@std@@YAIXZ` `?_Xbad_alloc@std@@YAXXZ` `?_Xlength_error@std@@YAXPEBD@Z` `??1_Lockit@std@@QEAA@XZ` `??0_Lockit@std@@QEAA@H@Z` `?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ` `?_Xinvalid_argument@std@@YAXPEBD@Z` `?_Xout_of_range@std@@YAXPEBD@Z` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z` `?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ` `?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
VCRUNTIME140.dll	`memchr` `memcmp` `memcpy` `memmove` `__current_exception_context` `__current_exception` `memset` `_CxxThrowException` `__std_exception_copy` `__std_terminate` `__std_exception_destroy` `__C_specific_handler`
api-ms-win-crt-heap-l1-1-0.dll	`_set_new_mode` `malloc` `_callnewh` `free`
api-ms-win-crt-runtime-l1-1-0.dll	`_invalid_parameter_noinfo_noreturn` `terminate` `_errno` `_register_thread_local_exe_atexit_callback` `_configure_narrow_argv` `_initialize_narrow_environment` `_initialize_onexit_table` `_register_onexit_function` `_crt_atexit` `_cexit` `_seh_filter_exe` `_set_app_type` `_c_exit` `_get_initial_narrow_environment` `_initterm` `_initterm_e` `exit` `_exit` `__p___argv` `__p___argc`
api-ms-win-crt-stdio-l1-1-0.dll	`ungetc` `fsetpos` `setvbuf` `fgetpos` `__p__commode` `fread` `fwrite` `_fseeki64` `_get_stream_buffer_pointers` `fgetc` `fclose` `_set_fmode` `fflush` `fputc`
api-ms-win-crt-convert-l1-1-0.dll	`strtof` `strtol`
api-ms-win-crt-filesystem-l1-1-0.dll	`_lock_file` `_unlock_file`
api-ms-win-crt-math-l1-1-0.dll	`acos` `atan2f` `ceilf` `pow` `sqrt` `__setusermatherr` `floorf` `sqrtf`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`

Delayed Imports

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Nov-17 05:30:44
Version	`0.0`
SizeofData	`109`
AddressOfRawData	`0x1766c`
PointerToRawData	`0x16a6c`
Referenced File	D:\svn_workspace\DukanPrint\trunk\02-Src\Convert\GeoLocate\x64\Release\GeoLocate.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Nov-17 05:30:44
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x176dc`
PointerToRawData	`0x16adc`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Nov-17 05:30:44
Version	`0.0`
SizeofData	`800`
AddressOfRawData	`0x176f0`
PointerToRawData	`0x16af0`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2025-Nov-17 05:30:44
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14001c010`

RICH Header

XOR Key	`0x2bdcda5f`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`14`
C objects (30034)	`10`
ASM objects (30034)	`4`
C++ objects (30034)	`29`
Imports (30034)	`6`
Imports (27412)	`2`
Imports (30154)	`3`
Total imports	`177`
C++ objects (LTCG) (30154)	`9`
Resource objects (30154)	`1`
Linker (30154)	`1`

Errors

Leave a comment

No comments yet.