| Architecture |
IMAGE_FILE_MACHINE_I386
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
| Compilation Date |
1970-Jan-01 00:00:00
|
| Suspicious |
PEiD Signature: |
Private exe Protector V2.0 -> SetiSoft Team ! Sign by fly
Private exe Protector V2.0 -> SetiSoft Team
|
| Suspicious |
The PE is possibly packed. |
The PE only has 0 import(s).
|
| Suspicious |
No VirusTotal score. |
This file has never been scanned on VirusTotal.
|
| MD5 |
6b90f2223074d18aad040a2957e4208d
|
| SHA1 |
e3103f420bf4de41435904e379ee63fae68f79b8
|
| SHA256 |
e8314748fc905a96d48d377593f2589b1872905c85fea0b57c5ec7c6157a6afc
|
| SHA3 |
ab027199ef91712ab43342ef9a26ab44652f07141d506120687aab7c73401370
|
| SSDeep |
1536:ZGhbaCNW8HqUHn3kDYhjC5V73tS/XfnofF:An4gHn3IV73tSPA
|
| Imports Hash |
d41d8cd98f00b204e9800998ecf8427e
|
| e_magic |
MZ
|
| e_cblp |
0x90
|
| e_cp |
0x3
|
| e_crlc |
0
|
| e_cparhdr |
0x4
|
| e_minalloc |
0
|
| e_maxalloc |
0xffff
|
| e_ss |
0
|
| e_sp |
0xb8
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x80
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections |
4
|
| TimeDateStamp |
1970-Jan-01 00:00:00
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xe0
|
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_RELOCS_STRIPPED
|
| Magic |
PE32
|
| LinkerVersion |
3.0
|
| SizeOfCode |
0x1d8ec
|
| SizeOfInitializedData |
0x4179
|
| SizeOfUninitializedData |
0x2f4745
|
| AddressOfEntryPoint |
0x0001E416 (Section: .text)
|
| BaseOfCode |
0x1000
|
| BaseOfData |
0x1f000
|
| ImageBase |
0x400000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
4.0
|
| ImageVersion |
0.0
|
| SubsystemVersion |
4.0
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x31a000
|
| SizeOfHeaders |
0x400
|
| Checksum |
0
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
| SizeofStackReserve |
0x1000000
|
| SizeofStackCommit |
0x10000
|
| SizeofHeapReserve |
0x1000000
|
| SizeofHeapCommit |
0x10000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
4ed3ad209d74796248a749dbb2818cc4
|
| SHA1 |
80996aa35ae7ee18b72e510f3abd2565b7750989
|
| SHA256 |
fd37286c6137ec078978ee3b09d3fb1dd25784f7523cf3b645004f4e300c6555
|
| SHA3 |
1ea8dbaf212975172a349e51f7f2059220d4530a5a96975e9d08c78200b13862
|
| VirtualSize |
0x1d8ec
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0x1da00
|
| PointerToRawData |
0x400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
5.01327
|
| MD5 |
e106f030861de554b95069778886f6de
|
| SHA1 |
e7b224c6137fe629c73b60ee09f23943e1a2a0b5
|
| SHA256 |
75b0ebd4cfc13c01f1f17cb739d38f4bda0325d1f0bcd4eb21a4175501c5634e
|
| SHA3 |
f3c1a88bf9d0dfe2b89658a94eefcfbef5d8d4f90127a1d848bea6805f019336
|
| VirtualSize |
0x4179
|
| VirtualAddress |
0x1f000
|
| SizeOfRawData |
0x4200
|
| PointerToRawData |
0x1de00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
5.13942
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0x2f4745
|
| VirtualAddress |
0x24000
|
| SizeOfRawData |
0
|
| PointerToRawData |
0x22000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0xc14
|
| VirtualAddress |
0x319000
|
| SizeOfRawData |
0xe00
|
| PointerToRawData |
0x316800
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0
|
[!] Error: Could not read the IMAGE_IMPORT_DESCRIPTOR.
[*] Warning: Section .bss has a size of 0!
[*] Warning: Section .idata is larger than the executable!
[*] Warning: Section .idata is larger than the executable!
[*] Warning: Section .idata is larger than the executable!