9a64126af9858c21deaa160e067cf026

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2023-Aug-15 20:33:11
Detected languages English - United States
FileDescription LNK (SHLLINK), Automatic & Custom Destinations Browser
FileVersion 1.0.17.0
LegalCopyright Costas Katsavounidis © 2022-2024 All rights reserved
OriginalFilename RecentJumplists
ProductVersion 1.0.17.0
Assembly Version 5.0.36.0
CompanyName kacos2000
ProductName JumplistBrowser
Comments https://github.com/kacos2000/Jumplist-Browser

Plugin Output

Info Interesting strings found in the binary: Contains domain names:
  • github.com
  • https://github.com
Suspicious The PE is possibly packed. The PE only has 0 import(s).
Suspicious The PE is possibly a dropper. Resources amount for 93.2976% of the executable.
Info The PE is digitally signed. Signer: Katsavounidis Konstantinos
Issuer: Sectigo Public Code Signing CA R36
Suspicious VirusTotal score: 2/72 (Scanned on 2025-09-25 10:26:20) Fortinet: Malicious_Behavior.SB
VirIT: Trojan.Win64.Genus.CHQF

Hashes

MD5 9a64126af9858c21deaa160e067cf026
SHA1 47a0a1571cce7453d01c8da8f7a368fd489c275d
SHA256 41ebb765dc9d4f3dadddcac6e46c2c401afed310df21cb4eba16ae2ee9a50807
SHA3 5c3395a0e564f4066859a41fe5fb688650b756be52e25c8dbc198d857ad4e65a
SSDeep 24576:W083MrCjdwFVAbAtLjUrlq2Xan3hi2qq86dQyg825OurXhL4Odu+9:W5hbbYo7Xan3hi2qlCj2bXdd9
Imports Hash d41d8cd98f00b204e9800998ecf8427e

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 2
TimeDateStamp 2023-Aug-15 20:33:11
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 48.0
SizeOfCode 0x10c00
SizeOfInitializedData 0x117400
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000000000 (Section: ?)
BaseOfCode 0x2000
ImageBase 0x140000000
SectionAlignment 0x2000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x12c000
SizeOfHeaders 0x200
Checksum 0x133ec8
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x400000
SizeofStackCommit 0x4000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x2000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 71677226aac099bd6e941283d178569d
SHA1 8b2d0026ab2f10f850b459ab7215a6daaa5be102
SHA256 9d2cfd65ca114318380293bcd885ad11539c7d9ed6aa5e252805feb51be50492
SHA3 fa1c012f8162cc2795772c4e1dd8a88b3efda5a33e08ca40c60d78cc31b202a2
VirtualSize 0x10b58
VirtualAddress 0x2000
SizeOfRawData 0x10c00
PointerToRawData 0x200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.93359

.rsrc

MD5 b72ce49f02dfec99f9435a17cc3db871
SHA1 adbee203a11cefc2e101183e9aee197a3492cbdc
SHA256 5a916840034d0c12047a8b288e4dbf27c0594a3e4ed1992953df68d65364ca23
SHA3 010758c18b003349af4e32c14f6a05e44862327b89278a9b1dc830106d0df12f
VirtualSize 0x1172f4
VirtualAddress 0x14000
SizeOfRawData 0x117400
PointerToRawData 0x10e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 7.00355

Imports

Delayed Imports

1001

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.62366
MD5 5913fc4f94110d8e980a9fffe21b8ec9
SHA1 cfda65123abb88b0af7b10b0eff0494faa4e922a
SHA256 6747d398610713007ce6e46e282c3c21e87d7904888aea08742d71090d132b4d
SHA3 4a89f4484e6155bf9318b8c215b9555c12b181ec79dbe8d8a1fa7d14bbaf5741

1002

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.82397
MD5 a73d98d247a0c48493a1c7c9010d5e25
SHA1 980e56deedc8081847c0f3667c16d719c973be10
SHA256 9f9b7d444d56a985b4e5aefcb4fd9f3aa2ac90be5d7c6fa60fe2ff3725edc649
SHA3 45fdcefad1632a2058b787e5551efdf6fb59705f30b143e4b1905bbaf7fb5d50

1003

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.03783
MD5 4a8931ac6dbb1d8360c260d08af7e7fa
SHA1 2a95eafbd6ccda5cdb6c1fbd316694b95fc7291b
SHA256 0c0c292fcd2d34584302104afcace15f06c3a8bbdbcea15a42b14ef1d7be8e9f
SHA3 c4ef3d3f2ad51201b4456b7fdaca2c6e1637700dc8af1e00feb840457c378e54

1004

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.1515
MD5 e19a6fcf2c57ba4d8cd0cefa06212dd1
SHA1 f6b7b6854efa9233d646b3cc4c9bafd7101a066c
SHA256 cede3a7908d3775d105f16dca6e297c92699e686722bdbaa07da4335b8c35201
SHA3 f6af87957937e655964ea4fc42fa5016d8008e795e8ec88c6e55b3fc478785a1

1

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1474
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.58123
MD5 e2d75a31612ac2d8078082f53990df04
SHA1 31e5abbfce908eb62ae403a326117ccd2418adda
SHA256 c3d9b32907ce92fb134e4b914fe69b79c027409db7438ef6dde4e6c7af092bcf
SHA3 0f6ffaf16e05b9d47725c16d4dddd727a85af2044084454b198df4912ccd484d

4

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x110d1c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.95244
MD5 1bb972cfc93d85115f0ca5475f0d63ba
SHA1 4ff92b57c8b390b76599a822679deb889e7e3094
SHA256 d48a32d19c5a9f05ed1b13dbac54c052be0494adc7d28e96a8dc84adc402cb0c
SHA3 cca180731cc35a373772e20bcbe656078abef9d9546c0ec9025f7b8884ef98f1

107

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x3e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.01097
Detected Filetype Icon file
MD5 42849e6ced023c7caf7f91a377831af2
SHA1 30bb22785f9472bca8586ff8943e52d16308f459
SHA256 de16eb76f265a871ef7e6cc47533445ec4c465bd290cea1321e0716e68b2d3c0
SHA3 99093706e9712a007af6b3f9bee5fcb0a3ef9c162c6c0988246d413d8f1e391b

1 (#2)

Type RT_VERSION
Language English - United States
Codepage Latin 1 / Western European
Size 0x3fc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.47812
MD5 acfcdc8c98b48400c2d5558562ab5b85
SHA1 3f5f6cb7e3f0e7adb9c6f065998b701cdb66f6a1
SHA256 55b90e56415c58b127da7a75250bd153c9f05cc94b40b0cefa80975d6f37bf70
SHA3 97dd77c5c901329f67f32aa6b428a8c928675da29baed7be2c27161736259aaa

1 (#3)

Type RT_MANIFEST
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x6b0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.24651
MD5 e51107f912ab265044c5d4e5c4f04884
SHA1 f3abd3d7da9ebcd5fccee8eb3749f96ae5de7506
SHA256 169d710df693cf682c216bd3ce765272d2bea9d0ed57fb7a13b8b77bd81bfdf9
SHA3 cea2b2c5d659a2a10d6ba8086fcbbbc365acdf7d9e821f5c8f8953101ea020a1

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.17.0
ProductVersion 1.0.17.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language English - United States
FileDescription LNK (SHLLINK), Automatic & Custom Destinations Browser
FileVersion (#2) 1.0.17.0
LegalCopyright Costas Katsavounidis © 2022-2024 All rights reserved
OriginalFilename RecentJumplists
ProductVersion (#2) 1.0.17.0
Assembly Version 5.0.36.0
CompanyName kacos2000
ProductName JumplistBrowser
Comments https://github.com/kacos2000/Jumplist-Browser
Resource LangID English - United States

TLS Callbacks

Load Configuration

RICH Header

Errors