Architecture |
IMAGE_FILE_MACHINE_I386
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_EFI_APPLICATION
|
Compilation Date | 2015-Jan-01 00:00:00 |
Suspicious | PEiD Signature: | HQR data file |
Suspicious | Strings found in the binary may indicate undesirable behavior: |
Miscellaneous malware strings:
|
Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses constants related to MD5 Uses constants related to SHA1 Uses constants related to SHA256 Uses constants related to SHA512 Uses constants related to Whirlpool Uses constants related to AES Uses constants related to Blowfish Uses constants related to Twofish |
Suspicious | The PE is possibly packed. |
Unusual section name found: mods
The PE only has 0 import(s). |
Suspicious | No VirusTotal score. | This file has never been scanned on VirusTotal. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x80 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections | 4 |
TimeDateStamp | 2015-Jan-01 00:00:00 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xe0 |
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
|
Magic | PE32 |
---|---|
LinkerVersion | 0.0 |
SizeOfCode | 0x8200 |
SizeOfInitializedData | 0xab0200 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x00000400 (Section: .text) |
BaseOfCode | 0x400 |
BaseOfData | 0x8600 |
ImageBase | 0 |
SectionAlignment | 0x200 |
FileAlignment | 0x200 |
OperatingSystemVersion | 0.0 |
ImageVersion | 0.0 |
SubsystemVersion | 0.0 |
Win32VersionValue | 0 |
SizeOfImage | 0xab9200 |
SizeOfHeaders | 0x400 |
Checksum | 0 |
Subsystem |
IMAGE_SUBSYSTEM_EFI_APPLICATION
|
SizeofStackReserve | 0x10000 |
SizeofStackCommit | 0x10000 |
SizeofHeapReserve | 0x10000 |
SizeofHeapCommit | 0x10000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |