7f6e1d70c17d909731dbb13247354464f628026a7afba8cfae44c23e59ea7636

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_NATIVE
Compilation Date 2026-May-17 16:20:37

Plugin Output

Suspicious The PE is possibly packed. The PE only has 0 import(s).
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 4eff8205f7e0581ea31cd7761477366f
SHA1 c1532a7d89e5ae089678322be778035338f44ef5
SHA256 7f6e1d70c17d909731dbb13247354464f628026a7afba8cfae44c23e59ea7636
SHA3 4b9507968d480daf19261f3a92ec5d18a80a0f820764af3ec4d5ca4eecd7f7cd
SSDeep 6:idq2Vg3F+X32mKYuMsbOIUMsUE9idJSJMfc+NApqEyEQJ+IE+:e9GSGmKYKi7M+oJKME+Sp0+M
Imports Hash d41d8cd98f00b204e9800998ecf8427e

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xb0

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2026-May-17 16:20:37
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x200
SizeOfInitializedData 0x400
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00001000 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x2000
ImageBase 0x80000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x4000
SizeOfHeaders 0x400
Checksum 0xdc56
Subsystem IMAGE_SUBSYSTEM_NATIVE
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 38219795df66d374b4d1470104443556
SHA1 4f925ae5c89cc17c90d80435c71168dc2e7ca7b8
SHA256 0d86e63af28d0684044d9dc19deb07751d9373987e76396303743e589c9764dd
SHA3 7b04e0270826b66ab13f10053d0a779c4075d155b06ac4db435a85a4a133740f
VirtualSize 0x29
VirtualAddress 0x1000
SizeOfRawData 0x200
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 0.697213

.rdata

MD5 b53df55914cb168d30c9c5a5b9a924cd
SHA1 b3a4dee6da99c4b12e81e182395ec8139f390ea3
SHA256 dec0bdb66870ceb6e42f386c4333cd543de0f188d71e717e2daddc36e37253a8
SHA3 1c2b826c826a20902d62bc30fbfd0252a043bd8096a2985c4d9492f5986e1397
VirtualSize 0x98
VirtualAddress 0x2000
SizeOfRawData 0x200
PointerToRawData 0x600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 1.04782

.reloc

MD5 1550976212edbf67f5e6c4a70b3b5bb5
SHA1 96ecf1eeeb3470c5adc43d517e8870f13144241e
SHA256 d02c57ba34b30840787719720d91f2821601a4c79fca1d9264ee1a12a7cfd902
SHA3 4708b0bfefdb9b77f89a211ae0c95c18d767861957ae85b9dc70f4fb8909afbd
VirtualSize 0xc
VirtualAddress 0x3000
SizeOfRawData 0x200
PointerToRawData 0x800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.0815394

Imports

Delayed Imports

Version Info

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2026-May-17 16:20:37
Version 0.0
SizeofData 84
AddressOfRawData 0x2034
PointerToRawData 0x634

TLS Callbacks

Load Configuration

RICH Header

XOR Key 0x8a544743
Unmarked objects 0
Unmarked objects (#2) 1
Linker (35217) 1

Errors

Leave a comment

No comments yet.