72a03d0cd0bb0745704bbb02bb161187

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2015-Jul-06 06:01:50
Debug artifacts d:\AutoDetectSerialNumber\AutoDetectSerialNumber\AutoDetectSerialNumber\obj\Release\AutoDetectSerialNumber.pdb
FileDescription AutoDetectSerialNumber
FileVersion 1.0.0.3004
InternalName AutoDetectSerialNumber.exe
LegalCopyright Copyright © 2015
OriginalFilename AutoDetectSerialNumber.exe
ProductName AutoDetectSerialNumber
ProductVersion 1.0.0.3004
Assembly Version 1.0.0.3004

Plugin Output

Info Matching compiler(s): Microsoft Visual C# v7.0 / Basic .NET
.NET executable -> Microsoft
Info Interesting strings found in the binary: Contains domain names:
  • adobe.com
  • http://ns.adobe.com
  • http://ns.adobe.com/xap/1.0/
  • http://ns.adobe.com/xap/1.0/mm/
  • http://ns.adobe.com/xap/1.0/sType/ResourceRef#
  • http://schemas.microsoft.com
  • http://schemas.microsoft.com/winfx/2006/xaml
  • http://schemas.microsoft.com/winfx/2006/xaml/presentation
  • http://www.w3.org
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#
  • microsoft.com
  • ns.adobe.com
  • schemas.microsoft.com
  • www.w3.org
Info The PE is digitally signed. Signer: Acer Incorporated
Issuer: Symantec Class 3 SHA256 Code Signing CA
Safe VirusTotal score: 0/68 (Scanned on 2022-05-14 09:08:47) All the AVs think this file is safe.

Hashes

MD5 72a03d0cd0bb0745704bbb02bb161187
SHA1 218fcd0f63b5cb9db6120eb6359beff418330715
SHA256 e272684dbbd922d828968bbc7db79fe495fbc5cdad25f91bddb6a603558278fd
SHA3 0a49b3a406e71975d1ff7088639df4097c3b4b19ad3b45b0d3be052b3a6c5b19
SSDeep 1536:ljGNg7SH4NAcymzlMBP2/lCmzl/WuHaX/Xmzl0jOsNVtvOsFToV3rIEwOfKi+tkC:FvC7XTWx0
Imports Hash f34d5f2d4577ed6d9ceec516c1f5a744

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2015-Jul-06 06:01:50
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 11.0
SizeOfCode 0x15000
SizeOfInitializedData 0x800
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00016F6E (Section: .text)
BaseOfCode 0x2000
BaseOfData 0x18000
ImageBase 0x400000
SectionAlignment 0x2000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x1c000
SizeOfHeaders 0x200
Checksum 0x1e078
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 0cb1448c1fcef1b3dd76b519c0e0694b
SHA1 e2b6f137cce131ac27ff340ad15bdec84ee6a30f
SHA256 94a999df27708fed114ce43f7003fbfc3827378a6d1081ae180cd533338cb18e
SHA3 0e11596f680664ad1770077698d7e637d0d7133794737fb5f6c1653bb596fde2
VirtualSize 0x14f74
VirtualAddress 0x2000
SizeOfRawData 0x15000
PointerToRawData 0x200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.37319

.rsrc

MD5 56d784477976ef72f5e05aad5f6a87ac
SHA1 5c219f60377c5f3487573cb093d89ff2a253fd65
SHA256 8081f2c67555eea2d5a45520d2e1d527b445eacf5e23bb5cdc3921d904389821
SHA3 b8e3ba2e5d838571c73a7ffa1a1af13fd34608d342508798ecc6da962cf91065
VirtualSize 0x5c8
VirtualAddress 0x18000
SizeOfRawData 0x600
PointerToRawData 0x15200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.15223

.reloc

MD5 22366b83007607f4073345c27edd0f39
SHA1 9a57b92e9a91f0a7a3f612427949be25acdd8039
SHA256 cc6cd5035faa4542c884cb1b1610b659ae3e073c803ad567b437e417e8e2ba90
SHA3 0017562c98df1597df2b397951a4d5375d828ae6f21abb4f1b4007b0eae5d09d
VirtualSize 0xc
VirtualAddress 0x1a000
SizeOfRawData 0x200
PointerToRawData 0x15800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.10191

Imports

mscoree.dll _CorExeMain

Delayed Imports

1

Type RT_VERSION
Language UNKNOWN
Codepage UNKNOWN
Size 0x338
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.33105
MD5 b681e338b4dd733d319ffbfbb1ee81af
SHA1 c097f8113dc63f091b512605bef51fa29cee5b2c
SHA256 f99dce9b1a0c8289469f3ff563006b57383da0af01cf953bf220b2116426c257
SHA3 bdf6481a494d3daa77ef3d1980b9ba4c2abeea28b362db445e8838c9cafde8d6

1 (#2)

Type RT_MANIFEST
Language UNKNOWN
Codepage UNKNOWN
Size 0x1ea
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.00112
MD5 a19a2658ba69030c6ac9d11fd7d7e3c1
SHA1 879dcf690e5bf1941b27cf13c8bcf72f8356c650
SHA256 c0085eb467d2fc9c9f395047e057183b3cd1503a4087d0db565161c13527a76f
SHA3 93cbaf236d2d3870c1052716416ddf1c34f21532e56dd70144e9a01efcd0ce34

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.0.3004
ProductVersion 1.0.0.3004
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
FileDescription AutoDetectSerialNumber
FileVersion (#2) 1.0.0.3004
InternalName AutoDetectSerialNumber.exe
LegalCopyright Copyright © 2015
OriginalFilename AutoDetectSerialNumber.exe
ProductName AutoDetectSerialNumber
ProductVersion (#2) 1.0.0.3004
Assembly Version 1.0.0.3004
Resource LangID UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2015-Jul-06 06:01:50
Version 0.0
SizeofData 284
AddressOfRawData 0x16dfc
PointerToRawData 0x14ffc
Referenced File d:\AutoDetectSerialNumber\AutoDetectSerialNumber\AutoDetectSerialNumber\obj\Release\AutoDetectSerialNumber.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

<-- -->