Architecture |
IMAGE_FILE_MACHINE_AMD64
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2022-Oct-04 02:32:56 |
Detected languages |
English - United States
|
CompanyName | ClassicConquer |
FileDescription | ClassicConquer Launcher |
FileVersion | 2.0.2-imgui.10 |
InternalName | ImLauncher.exe |
LegalCopyright | Copyright (C) 2022 |
OriginalFilename | ImLauncher.exe |
ProductName | ClassicConquer Launcher |
ProductVersion | 2.0.2.0 |
Info | Interesting strings found in the binary: |
Contains domain names:
|
Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses constants related to MD5 Uses constants related to SHA1 Uses constants related to SHA256 Uses constants related to SHA512 Uses constants related to AES Uses constants related to Blowfish Uses known Diffie-Helman primes Microsoft's Cryptography API |
Suspicious | The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
|
Suspicious | No VirusTotal score. | This file has never been scanned on VirusTotal. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x130 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_AMD64
|
NumberofSections | 7 |
TimeDateStamp | 2022-Oct-04 02:32:56 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xf0 |
Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32+ |
---|---|
LinkerVersion | 14.0 |
SizeOfCode | 0x2d5400 |
SizeOfInitializedData | 0x13d200 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x00000000002968CC (Section: .text) |
BaseOfCode | 0x1000 |
ImageBase | 0x140000000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 6.0 |
ImageVersion | 0.0 |
SubsystemVersion | 6.0 |
Win32VersionValue | 0 |
SizeOfImage | 0x417000 |
SizeOfHeaders | 0x400 |
Checksum | 0 |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
d3d10_1.dll |
D3D10CreateDeviceAndSwapChain1
|
---|---|
D3DCOMPILER_47.dll |
D3DCompile
|
d3dx10_43.dll |
D3DX10CreateTextureFromFileW
|
KERNEL32.dll |
CreateToolhelp32Snapshot
Process32FirstW OpenProcess K32GetModuleFileNameExW Process32NextW CreateFileA GetFileSizeEx ReadFile HeapAlloc HeapReAlloc HeapFree GetProcessHeap MapViewOfFile UnmapViewOfFile CreateFileMappingA SetLastError GetEnvironmentVariableW GetFileType GetModuleHandleW EnterCriticalSection LeaveCriticalSection InitializeCriticalSectionAndSpinCount DeleteCriticalSection TlsAlloc TlsGetValue TlsSetValue TlsFree GetModuleHandleExW RtlVirtualUnwind SwitchToFiber DeleteFiber CreateFiber GetSystemTimeAsFileTime ConvertFiberToThread ConvertThreadToFiber FreeLibrary LoadLibraryW FindClose FindFirstFileW FindNextFileW SetConsoleMode ReadConsoleA ReadConsoleW GetSystemTime SystemTimeToFileTime GetConsoleOutputCP FlushFileBuffers EnumSystemLocalesW GetUserDefaultLCID IsValidLocale GetModuleFileNameW LCMapStringW CompareStringW GetTimeFormatW GetDateFormatW GetConsoleScreenBufferInfo FileTimeToSystemTime SystemTimeToTzSpecificLocalTime PeekNamedPipe GetDriveTypeW SetConsoleCtrlHandler ExitProcess TzSpecificLocalTimeToSystemTime LoadLibraryExW GetConsoleMode RtlUnwindEx InitializeSListHead GetStartupInfoW IsDebuggerPresent TerminateProcess GetCurrentProcess SetUnhandledExceptionFilter UnhandledExceptionFilter RtlLookupFunctionEntry RtlCaptureContext CreateEventW ResetEvent SetEvent GetStringTypeW CloseHandle CreateProcessW ReleaseMutex GetLastError SetConsoleTextAttribute WriteConsoleA WriteFile GetDynamicTimeZoneInformation GetCurrentProcessId QueryPerformanceCounter GetProcAddress QueryPerformanceFrequency LoadLibraryA GlobalUnlock WideCharToMultiByte GlobalLock GlobalFree GlobalAlloc CreateMutexW GetWindowsDirectoryW Sleep GetFileAttributesA GetLocaleInfoW GetCurrentThreadId GetEnvironmentStringsW GetCommandLineW GetCommandLineA GetOEMCP GetTimeZoneInformation GetCPInfo CompareStringEx LCMapStringEx DecodePointer EncodePointer FlsFree FlsSetValue FlsGetValue FlsAlloc InitOnceComplete InitOnceBeginInitialize GetFileInformationByHandleEx GetACP MultiByteToWideChar FreeEnvironmentStringsW SetEnvironmentVariableW RtlUnwind GetStdHandle HeapSize WriteConsoleW IsValidCodePage SetStdHandle FreeLibraryWhenCallbackReturns CreateThreadpoolWork SubmitThreadpoolWork CloseThreadpoolWork InitializeConditionVariable WakeConditionVariable WakeAllConditionVariable SleepConditionVariableCS SleepConditionVariableSRW InitializeSRWLock ReleaseSRWLockExclusive AcquireSRWLockExclusive InitializeCriticalSectionEx TryEnterCriticalSection IsProcessorFeaturePresent RtlPcToFileHeader RaiseException FormatMessageA WaitForSingleObjectEx GetExitCodeThread LocalFree GetCurrentDirectoryW CreateDirectoryW CreateFileW FindFirstFileExW GetFileAttributesExW GetFileInformationByHandle GetFullPathNameW SetEndOfFile SetFileInformationByHandle SetFilePointerEx SetFileTime AreFileApisANSI MoveFileExW |
USER32.dll |
SetClipboardData
GetClipboardData EmptyClipboard CloseClipboard OpenClipboard GetCursorPos SetCursorPos ReleaseCapture LoadCursorFromFileW GetClientRect SetCursor SetCapture LoadCursorW GetForegroundWindow TrackMouseEvent ClientToScreen GetCapture ScreenToClient GetKeyState LoadIconW RegisterClassExW GetSystemMetrics MessageBoxW GetUserObjectInformationW GetProcessWindowStation DefWindowProcW DestroyWindow PostQuitMessage DispatchMessageW CreateWindowExW PeekMessageW UpdateWindow ShowWindow UnregisterClassW TranslateMessage |
ADVAPI32.dll |
CryptCreateHash
RegisterEventSourceW ReportEventW CryptAcquireContextW CryptReleaseContext CryptDestroyKey CryptSetHashParam CryptGetProvParam CryptGetUserKey CryptEnumProvidersW CryptSignHashW CryptDestroyHash DeregisterEventSource CryptDecrypt CryptExportKey |
IMM32.dll |
ImmAssociateContextEx
ImmSetCandidateWindow ImmSetCompositionWindow ImmReleaseContext ImmGetContext |
WS2_32.dll |
setsockopt
closesocket recv send select __WSAFDIsSet shutdown ioctlsocket WSAGetLastError getaddrinfo freeaddrinfo connect ntohs getnameinfo getpeername WSAStartup WSACleanup inet_pton WSASocketW socket WSASetLastError getsockopt |
CRYPT32.dll |
CertOpenSystemStoreW
CertEnumCertificatesInStore CertFreeCertificateContext CertCloseStore CertOpenStore CertFindCertificateInStore CertDuplicateCertificateContext CertGetCertificateContextProperty |
bcrypt.dll |
BCryptGenRandom
|
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 2.0.2.0 |
ProductVersion | 2.0.2.0 |
FileFlags |
VS_FF_PRERELEASE
|
FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language | English - United States |
CompanyName | ClassicConquer |
FileDescription | ClassicConquer Launcher |
FileVersion (#2) | 2.0.2-imgui.10 |
InternalName | ImLauncher.exe |
LegalCopyright | Copyright (C) 2022 |
OriginalFilename | ImLauncher.exe |
ProductName | ClassicConquer Launcher |
ProductVersion (#2) | 2.0.2.0 |
Resource LangID | English - United States |
---|
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-Oct-04 02:32:56 |
Version | 0.0 |
SizeofData | 1024 |
AddressOfRawData | 0x38697c |
PointerToRawData | 0x38517c |
Characteristics |
0
|
---|---|
TimeDateStamp | 2022-Oct-04 02:32:56 |
Version | 0.0 |
SizeofData | 0 |
AddressOfRawData | 0 |
PointerToRawData | 0 |
StartAddressOfRawData | 0x140386da0 |
---|---|
EndAddressOfRawData | 0x140386dbc |
AddressOfIndex | 0x1403be010 |
AddressOfCallbacks | 0x1402d7978 |
SizeOfZeroFill | 0 |
Characteristics |
IMAGE_SCN_ALIGN_8BYTES
|
Callbacks | (EMPTY) |
Size | 0x140 |
---|---|
TimeDateStamp | 1970-Jan-01 00:00:00 |
Version | 0.0 |
GlobalFlagsClear | (EMPTY) |
GlobalFlagsSet | (EMPTY) |
CriticalSectionDefaultTimeout | 0 |
DeCommitFreeBlockThreshold | 0 |
DeCommitTotalFreeThreshold | 0 |
LockPrefixTable | 0 |
MaximumAllocationSize | 0 |
VirtualMemoryThreshold | 0 |
ProcessAffinityMask | 0 |
ProcessHeapFlags | (EMPTY) |
CSDVersion | 0 |
Reserved1 | 0 |
EditList | 0 |
SecurityCookie | 0x1403b65e8 |
XOR Key | 0xa6ccd787 |
---|---|
Unmarked objects | 0 |
ASM objects (28900) | 19 |
C++ objects (28900) | 198 |
C objects (28900) | 25 |
253 (VS 2015-2022 runtime 30818) | 1 |
C objects (VS 2015-2022 runtime 30818) | 20 |
ASM objects (VS 2015-2022 runtime 30818) | 12 |
C++ objects (VS 2015-2022 runtime 30818) | 96 |
253 (28518) | 2 |
Imports (21202) | 2 |
Imports (28900) | 23 |
Total imports | 308 |
Unmarked objects (#2) | 28 |
C objects (VS2022 Update 1 (17.1.2-3) compiler 31105) | 581 |
C++ objects (LTCG) (VS2022 Update 1 (17.1.2-3) compiler 31105) | 13 |
Resource objects (VS2022 Update 1 (17.1.2-3) compiler 31105) | 1 |
151 | 1 |
Linker (VS2022 Update 1 (17.1.2-3) compiler 31105) | 1 |