| Architecture |
IMAGE_FILE_MACHINE_I386
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date |
1970-Jan-01 00:00:00
|
| Detected languages |
English - United States
|
| Suspicious |
No VirusTotal score. |
This file has never been scanned on VirusTotal.
|
| MD5 |
6169f95910239668597a43505c079a93
|
| SHA1 |
98cc5bc80b5caec79e2aa6fa99f9353d83e957ad
|
| SHA256 |
b66af86db688fb0b119f9652d9056237413d7b591a2bdd20f6f150014d6639e2
|
| SHA3 |
ae6633368121030e3eccd3e556d85e162cf2a2f19e591cb8b8b6f68e9936e3dd
|
| SSDeep |
96:wsrZAE0m9IEO+/fs4gZZdpZtpsUCQadHZr4Kywr:ZOE1IExHB4fAEju
|
| Imports Hash |
f2856481b496a6878de1fe9cede5697c
|
| e_magic |
MZ
|
| e_cblp |
0
|
| e_cp |
0
|
| e_crlc |
0
|
| e_cparhdr |
0
|
| e_minalloc |
0
|
| e_maxalloc |
0
|
| e_ss |
0
|
| e_sp |
0
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x40
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections |
4
|
| TimeDateStamp |
1970-Jan-01 00:00:00
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xe0
|
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_RELOCS_STRIPPED
|
| Magic |
PE32
|
| LinkerVersion |
0.0
|
| SizeOfCode |
0x600
|
| SizeOfInitializedData |
0x1600
|
| SizeOfUninitializedData |
0
|
| AddressOfEntryPoint |
0x00001480 (Section: .text)
|
| BaseOfCode |
0x1000
|
| BaseOfData |
0x2000
|
| ImageBase |
0x400000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
4.0
|
| ImageVersion |
0.0
|
| SubsystemVersion |
4.0
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x5000
|
| SizeOfHeaders |
0x200
|
| Checksum |
0xa3a0
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve |
0x100000
|
| SizeofStackCommit |
0x1000
|
| SizeofHeapReserve |
0x100000
|
| SizeofHeapCommit |
0x1000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
1b27d83c116a94dd54889759ed805636
|
| SHA1 |
1243f9d3017e9408c2b02b5b9425518b498f79f6
|
| SHA256 |
cfae4cc603d9b5167dc7d0dc4d8c84ba33329052d9c8e501f75bf928a3565615
|
| SHA3 |
2b51ba3b13660af84f952acc7b76772256b9d686e4dcc7c8a833b5f87c04c92b
|
| VirtualSize |
0x48e
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0x600
|
| PointerToRawData |
0x200
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
4.90537
|
| MD5 |
bf192bd7c7a52acbcca748d50b2182fe
|
| SHA1 |
20feaece732a4d3fbd812eb84c7ba005980c6c43
|
| SHA256 |
7566966bdd934d42b04bbff960283e65e81a5db10ec4c1ed715acff4f23d407b
|
| SHA3 |
c7bfc28c4ca6597493c62a25345065efee7ce97e18b26e8d83512fa60c71bca2
|
| VirtualSize |
0x22c
|
| VirtualAddress |
0x2000
|
| SizeOfRawData |
0x400
|
| PointerToRawData |
0x800
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
2.52485
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0x440
|
| VirtualAddress |
0x3000
|
| SizeOfRawData |
0
|
| PointerToRawData |
0
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| MD5 |
1df31ae79b29a58c0b8b76896aadc797
|
| SHA1 |
28170102a4a6f10684c6bbadf08c182f9f49993d
|
| SHA256 |
fe2701bde39ec49127dd43b39c594a8a28ee15525a43a8859d20ad06e7475e82
|
| SHA3 |
192707090f28c3acf896b7820b6f47f9776310a73d1b93f20c9428a37beb31c8
|
| VirtualSize |
0xa30
|
| VirtualAddress |
0x4000
|
| SizeOfRawData |
0xc00
|
| PointerToRawData |
0xc00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
4.79335
|
| Kernel32.dll |
GetModuleHandleW
GetTickCount
ExitProcess
|
| Msvcrt.dll |
srand
rand
|
| User32.dll |
LoadIconW
wsprintfW
SetTimer
EndDialog
SendMessageW
KillTimer
GetDlgItem
DialogBoxIndirectParamW
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0xb0
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
1.75212
|
| MD5 |
f7240cc479d611dfd4d04c84a72a16e5
|
| SHA1 |
508356ee78121737da63f63f34e7011aca659418
|
| SHA256 |
2478b79a9225830ac8ff16313968e0a8f6e0af6ebbc51c1c19fe2e256846afc9
|
| SHA3 |
dd95b492da36d0da763b84544cf9e0075f5cf47b4bab3bcc1844bd387b9b85d7
|
| Type |
RT_GROUP_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
1.73876
|
| Detected Filetype |
Icon file
|
| MD5 |
901bae57b85e2959534a564e5e0a96b0
|
| SHA1 |
0ef7249ccefaab2c4a39e1c393f7c7f9713d0513
|
| SHA256 |
433f2d73b71e746ce284ef4d6de18c07fedcecc8cbb4d32a9a9a0ee5341135ec
|
| SHA3 |
795b97b6a03ae0fc06e63a18a811172d098ab50c94425e14d6b5b626428e586d
|
| Type |
RT_MANIFEST
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x873
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.18095
|
| MD5 |
3101b8273fc3d8c49f370271ed715094
|
| SHA1 |
3fe6c206d13d23a78f540e733cdc181ee0f93eff
|
| SHA256 |
8ff2f2c0ec00ecb80dea169ff0a02875bb5bf85f8989394a43b24661227b9206
|
| SHA3 |
fc2fd1c537de8051e3c07da00fb9b6a9e0781cc05ca13735bc865bf4511e7cf2
|
[*] Warning: Section .data has a size of 0!
6169f95910239668597a43505c079a93