9828488452c15cc63c71e90c8ac3c9d025bc2c3bb744d44a6af8d3f58c22caa1

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_EFI_APPLICATION
Compilation Date 1970-Jan-01 00:00:00

Plugin Output

Suspicious The PE is possibly packed. The PE only has 0 import(s).
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 1dcc0f8ede4f3180121864062a040dff
SHA1 30b8a0b72eeac7e7d4f34a3eec5486d0a93c4cb9
SHA256 9828488452c15cc63c71e90c8ac3c9d025bc2c3bb744d44a6af8d3f58c22caa1
SHA3 4d0be4499d4f07609315b7862c099cd5ecd427dcc36d57a33cca4e21212c9f28
SSDeep 6:yacH1bcn/lUNrXIT0vn/4n/gn/uLc9nldWGtmEKi6B:sVbc/lUFY0v/4/pyWGUd
Imports Hash d41d8cd98f00b204e9800998ecf8427e

DOS Header

e_magic MZ
e_cblp 0
e_cp 0
e_crlc 0
e_cparhdr 0
e_minalloc 0
e_maxalloc 0
e_ss 0
e_sp 0
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x40

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 3
TimeDateStamp 1970-Jan-01 00:00:00
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 0.0
SizeOfCode 0x67
SizeOfInitializedData 0
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00000000000001C0 (Section: .text)
BaseOfCode 0x1c0
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 0.0
ImageVersion 0.0
SubsystemVersion A.0
Win32VersionValue 0
SizeOfImage 0x231
SizeOfHeaders 0x1c0
Checksum 0
Subsystem IMAGE_SUBSYSTEM_EFI_APPLICATION
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 4

.text

MD5 900d4d4e06d93ed9f8b5faae21245d2f
SHA1 a3ae0e2703e4d74d337d7eb569018c0b55bc9f91
SHA256 0e2409b28899ca3225b7d6c67411d2350ac40ea16763471141b2934a1544fea4
SHA3 c4b3288bc57a8dcf574fcc05bec2504f23132eb126d8961b84df6e913b351875
VirtualSize 0x67
VirtualAddress 0x1c0
SizeOfRawData 0x67
PointerToRawData 0x1c0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 3.78846

.data

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0
VirtualAddress 0x227
SizeOfRawData 0
PointerToRawData 0x227
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc

MD5 de2f14e7b0f8e7b0da19fdc5b35beacf
SHA1 d850c4e43f4a7afcacf6663984f0df8c2194bf74
SHA256 54c06aaebdd1c712e494e00101cc3cbadbadb23f02693328499d77e1d5708af9
SHA3 80997c125d10a97b139e819afb51019418c7b9596a2f3daee4de871b0a4c91c2
VirtualSize 0xa
VirtualAddress 0x227
SizeOfRawData 0xa
PointerToRawData 0x227
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 1.35678

Imports

Delayed Imports

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section .data has a size of 0!
Leave a comment

No comments yet.