Architecture |
IMAGE_FILE_MACHINE_I386
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2022-May-05 22:51:47 |
Detected languages |
English - United States
|
Debug artifacts |
c:\buildslave\csgo_pcbeta_win32\build\src\launcher_main\Release\csgo.pdb
|
Info | Matching compiler(s): | Microsoft Visual C++ 6.0 - 8.0 |
Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses constants related to MD5 Uses constants related to SHA1 Uses constants related to SHA256 Uses constants related to SHA512 Uses constants related to AES |
Suspicious | The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
|
Info | The PE is digitally signed. |
Signer: Valve Corp.
Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 |
Safe | VirusTotal score: 0/70 (Scanned on 2022-08-03 12:23:04) | All the AVs think this file is safe. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x118 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections | 7 |
TimeDateStamp | 2022-May-05 22:51:47 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xe0 |
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32 |
---|---|
LinkerVersion | 14.0 |
SizeOfCode | 0x57a00 |
SizeOfInitializedData | 0x1e2400 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x0000F29D (Section: .text) |
BaseOfCode | 0x1000 |
BaseOfData | 0x59000 |
ImageBase | 0x400000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 5.1 |
ImageVersion | 0.0 |
SubsystemVersion | 5.1 |
Win32VersionValue | 0 |
SizeOfImage | 0x23f000 |
SizeOfHeaders | 0x400 |
Checksum | 0x1b296f |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x180000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
USER32.dll |
MessageBoxW
wsprintfA wsprintfW |
---|---|
KERNEL32.dll |
SetEvent
FindFirstFileW GetFileSizeEx FindNextFileW GetModuleFileNameW GetEnvironmentVariableW GetEnvironmentVariableA FindClose CreateFileW UnmapViewOfFile MultiByteToWideChar FormatMessageW GetLastError CloseHandle GetProcAddress CreateFileMappingA LocalFree MapViewOfFile LoadLibraryExW VirtualProtect SetLastError WriteFile VirtualAlloc SetFilePointer GetSystemDirectoryW GetModuleHandleA GetSystemInfo AddVectoredExceptionHandler GetWindowsDirectoryW GetCurrentProcessId GetSystemTimeAsFileTime VirtualQuery EnterCriticalSection LeaveCriticalSection InitializeCriticalSection GetExitCodeThread CreateFileA CreateThread WideCharToMultiByte WriteProcessMemory GetCurrentProcess CreateMutexA WaitForSingleObject ReleaseMutex VirtualAllocEx DeleteCriticalSection FlushInstructionCache LocalAlloc GetFileInformationByHandle LoadLibraryA CreateFileMappingW InitializeSListHead QueryPerformanceCounter GetCurrentThreadId IsDebuggerPresent UnhandledExceptionFilter SetUnhandledExceptionFilter GetStartupInfoW IsProcessorFeaturePresent GetModuleHandleW TerminateProcess ResetEvent InterlockedPushEntrySList RaiseException EncodePointer RtlUnwind InitializeCriticalSectionAndSpinCount TlsAlloc TlsGetValue TlsSetValue TlsFree FreeLibrary SetEnvironmentVariableW SetCurrentDirectoryW GetCurrentDirectoryW GetStdHandle GetModuleFileNameA ExitProcess GetModuleHandleExW GetACP HeapFree HeapAlloc GetStringTypeW GetFileType SetFilePointerEx GetConsoleMode WaitForSingleObjectEx FindFirstFileExA FindNextFileA IsValidCodePage GetOEMCP GetCPInfo GetCommandLineA GetCommandLineW GetEnvironmentStringsW FreeEnvironmentStringsW LCMapStringW SetStdHandle GetProcessHeap FlushFileBuffers GetConsoleCP HeapSize HeapReAlloc WriteConsoleW DecodePointer QueryPerformanceFrequency CreateEventW |
Ordinal | 1 |
---|---|
Address | 0x7688c |
Ordinal | 2 |
---|---|
Address | 0x14b0 |
Ordinal | 3 |
---|---|
Address | 0x14a0 |
Ordinal | 4 |
---|---|
Address | 0x1490 |
Ordinal | 5 |
---|---|
Address | 0x1480 |
Ordinal | 6 |
---|---|
Address | 0x76888 |
Ordinal | 7 |
---|---|
Address | 0x1500 |
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-May-05 22:51:47 |
Version | 0.0 |
SizeofData | 97 |
AddressOfRawData | 0x6ff18 |
PointerToRawData | 0x6ed18 |
Referenced File | c:\buildslave\csgo_pcbeta_win32\build\src\launcher_main\Release\csgo.pdb |
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-May-05 22:51:47 |
Version | 0.0 |
SizeofData | 20 |
AddressOfRawData | 0x6ff7c |
PointerToRawData | 0x6ed7c |
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-May-05 22:51:47 |
Version | 0.0 |
SizeofData | 952 |
AddressOfRawData | 0x6ff90 |
PointerToRawData | 0x6ed90 |
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-May-05 22:51:47 |
Version | 0.0 |
SizeofData | 0 |
AddressOfRawData | 0 |
PointerToRawData | 0 |
StartAddressOfRawData | 0x593000 |
---|---|
EndAddressOfRawData | 0x593008 |
AddressOfIndex | 0x4facd0 |
AddressOfCallbacks | 0x459248 |
SizeOfZeroFill | 0 |
Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
Callbacks | (EMPTY) |
Size | 0x5c |
---|---|
TimeDateStamp | 1970-Jan-01 00:00:00 |
Version | 0.0 |
GlobalFlagsClear | (EMPTY) |
GlobalFlagsSet | (EMPTY) |
CriticalSectionDefaultTimeout | 0 |
DeCommitFreeBlockThreshold | 0 |
DeCommitTotalFreeThreshold | 0 |
LockPrefixTable | 0 |
MaximumAllocationSize | 0 |
VirtualMemoryThreshold | 0 |
ProcessAffinityMask | 0 |
ProcessHeapFlags | (EMPTY) |
CSDVersion | 0 |
Reserved1 | 0 |
EditList | 0 |
SecurityCookie | 0x476018 |
SEHandlerTable | 0 |
SEHandlerCount | 0 |