90d449cf6e2a14ef5d74f08aea8f642ed0f465661d7159b98d64095470a30f38

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_EFI_APPLICATION
Compilation Date 1970-Jan-01 00:00:00

Plugin Output

Suspicious The PE is possibly packed. The PE only has 0 import(s).
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 0aa07dd053730e25822344118dcd97a4
SHA1 8eb198daac00477ab13b6598464dde8493bd846b
SHA256 90d449cf6e2a14ef5d74f08aea8f642ed0f465661d7159b98d64095470a30f38
SHA3 f46271411359732b8f810f852695b187ea2629fc90318174fd0f2ea9aeb6dab9
SSDeep 6:yacHken6cK3Gmnwndjc9n31flOGtmEKi6B:sv6ccxwdjyVEGUd
Imports Hash d41d8cd98f00b204e9800998ecf8427e

DOS Header

e_magic MZ
e_cblp 0
e_cp 0
e_crlc 0
e_cparhdr 0
e_minalloc 0
e_maxalloc 0
e_ss 0
e_sp 0
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x40

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 3
TimeDateStamp 1970-Jan-01 00:00:00
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 0.0
SizeOfCode 0x67
SizeOfInitializedData 0
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000000200 (Section: .text)
BaseOfCode 0x200
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 0.0
ImageVersion 0.0
SubsystemVersion A.0
Win32VersionValue 0
SizeOfImage 0x271
SizeOfHeaders 0x200
Checksum 0
Subsystem IMAGE_SUBSYSTEM_EFI_APPLICATION
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 4

.text

MD5 ea40385b1d7b480b4536ecd08daeb4f0
SHA1 dfd3fb1f76528f2aa929273fb5435a0d9cf850a7
SHA256 5f264a0ad84f6c8139663cfbae2388464f96051a3f0db527fe712787b9c102dc
SHA3 e5b5a9c6d244062d5a9281214dd9a02ad9a6accd2b000c631fde8b078db59b9b
VirtualSize 0x67
VirtualAddress 0x200
SizeOfRawData 0x67
PointerToRawData 0x200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 3.78846

.data

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0
VirtualAddress 0x267
SizeOfRawData 0
PointerToRawData 0x267
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc

MD5 de2f14e7b0f8e7b0da19fdc5b35beacf
SHA1 d850c4e43f4a7afcacf6663984f0df8c2194bf74
SHA256 54c06aaebdd1c712e494e00101cc3cbadbadb23f02693328499d77e1d5708af9
SHA3 80997c125d10a97b139e819afb51019418c7b9596a2f3daee4de871b0a4c91c2
VirtualSize 0xa
VirtualAddress 0x267
SizeOfRawData 0xa
PointerToRawData 0x267
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 1.35678

Imports

Delayed Imports

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section .data has a size of 0!
Leave a comment

No comments yet.