93f6f10a87a57f82e561cf118dd1dea8

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date 1970-Jan-01 00:00:00

Plugin Output

Suspicious PEiD Signature: Private exe Protector V2.0 -> SetiSoft Team ! Sign by fly
Private exe Protector V2.0 -> SetiSoft Team
Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • LoadLibraryA
  • GetProcAddress
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 93f6f10a87a57f82e561cf118dd1dea8
SHA1 1edcc05f7fb47339af223f0727df7f9722f4fbe5
SHA256 7770e92aa6607926673f3e5328fdc97223ed6a97b53cdb1723fe65d902911bcb
SHA3 1332d69d710113042aa7fd1d85cabead3d42ca39ea70ce8dc649ddb93c22d67a
SSDeep 3072:FQxuPCDtfdFYirErMSMEM/4MDKm/vpLyTkvTAnkCD2QyrzdgF:2xuatf3Nmj
Imports Hash ce031d9286f13535e2c34891916cfea2

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 4
TimeDateStamp 1970-Jan-01 00:00:00
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 4.0
SizeOfCode 0x1d724
SizeOfInitializedData 0x4187
SizeOfUninitializedData 0x2f5645
AddressOfEntryPoint 0x0031B28B (Section: .text)
BaseOfCode 0x2fe000
BaseOfData 0x3000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x31c000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
SizeofStackReserve 0x1000000
SizeofStackCommit 0x1000000
SizeofHeapReserve 0x1000000
SizeofHeapCommit 0x1000000
LoaderFlags 0
NumberOfRvaAndSizes 16

.idata

MD5 735d364a9d3d014505ebc5876d7e8bef
SHA1 fec8f4206c8d29f987475474069c58bd7f55606b
SHA256 ab8213d65050871368d9847c0c37fcec5cac0f693243fa879bc519cf7fadf65d
SHA3 3b9ca0c16074b0f8554dcee284a0f0cc924f7d436c48ad1101d05f2f4ef52e8c
VirtualSize 0x1b14
VirtualAddress 0x1000
SizeOfRawData 0x1c00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0.390257

.data

MD5 ce070e37e024dd1f52ce8f566d9c4c3a
SHA1 252370d0a0dac6a750a782386fad1142ddc744c3
SHA256 f592b3dc0502644bd25af4ab166c527b918c42e1e68396980980274e94ec31fa
SHA3 fe07c069ccb6ed19ec48d1b08aebd352f0f0f17ffd4551c853c523adcad89722
VirtualSize 0x4187
VirtualAddress 0x3000
SizeOfRawData 0x4200
PointerToRawData 0x2000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.53073

.bss

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x2f5645
VirtualAddress 0x8000
SizeOfRawData 0
PointerToRawData 0x6200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text

MD5 a7be8334aa5bb36cf2a07cfb12d7dbd9
SHA1 b1103e8451bb62edfe2a893f7e40c1482b214f47
SHA256 9c29ebc81a6d5bba117716a5b9befe9aa494d603a9488b17fe4e606c061a6135
SHA3 c828b595eb404233dcb090029b21cd236605e016449229c3638adff1144ff601
VirtualSize 0x1d724
VirtualAddress 0x2fe000
SizeOfRawData 0x1d800
PointerToRawData 0x6200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.23231

Imports

KERNEL32.DLL GetCommandLineA
GetProcessHeap
HeapAlloc
HeapFree
GetStdHandle
SetConsoleMode
CreateFileA
SetFilePointer
GetFileSize
WriteFile
ReadFile
CloseHandle
GetLastError
LoadLibraryA
GetProcAddress
GetTickCount
ExitProcess

Delayed Imports

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!