| Architecture |
IMAGE_FILE_MACHINE_I386
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date |
2023-Jun-07 20:23:47
|
| Detected languages |
English - United Kingdom
English - United States
Process Default Language
|
| Debug artifacts |
s:\branches\rome2\curator\rome2\binaries\rome2.retail.pdb
|
| CompanyName |
The Creative Assembly Ltd
|
| FileDescription |
Total War: ROME 2
|
| FileVersion |
2.4.0.0
|
| InternalName |
Rome2
|
| LegalCopyright |
© SEGA. Creative Assembly, the Creative Assembly logo, Total War, Total War: ROME and the Total War logo are either registered trade marks or trade marks of The Creative Assembly Limited. SEGA and the SEGA logo are either registered trade marks or trade marks of SEGA Corporation. All rights reserved
|
| OriginalFilename |
Rome2.exe
|
| ProductName |
Total War: ROME 2
|
| ProductVersion |
2.4.0.0
|
| Info |
The PE contains common functions which appear in legitimate applications. |
[!] The program may be hiding some of its imports:
- GetProcAddress
- LoadLibraryA
- LoadLibraryExW
Can access the registry:
- RegOpenKeyA
- RegSetValueExA
- RegOpenKeyExW
- RegQueryValueExW
- RegCloseKey
Possibly launches other programs:
|
| MD5 |
9c92a0f7b058e977c66c6abe11e6486f
|
| SHA1 |
8ac6ccfe16e8a4d022cc4464df35d6992551a8e4
|
| SHA256 |
332de1aac9303ce71dbee82fe2f8fcb9d2f82766ebd2e6943db6fe9dac30519d
|
| SHA3 |
24d4c9468f03b5a05cefb99c390e058ac3e27e569f3fc012b516be7883eef226
|
| SSDeep |
12288:VpoZSCNfSNBmcbkTTwpwasahgn9vV3ERxG8/FAqMC9PiFyVrlHTrQM4giis1:VpsemGkTTwVgnztqJRV1Tqg7
|
| Imports Hash |
c73603926fb84a86362358a017975a26
|
| e_magic |
MZ
|
| e_cblp |
0x90
|
| e_cp |
0x3
|
| e_crlc |
0
|
| e_cparhdr |
0x4
|
| e_minalloc |
0
|
| e_maxalloc |
0xffff
|
| e_ss |
0
|
| e_sp |
0xb8
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x120
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections |
5
|
| TimeDateStamp |
2023-Jun-07 20:23:47
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xe0
|
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
| Magic |
PE32
|
| LinkerVersion |
14.0
|
| SizeOfCode |
0x1ac00
|
| SizeOfInitializedData |
0x1b1000
|
| SizeOfUninitializedData |
0
|
| AddressOfEntryPoint |
0x0000ABC8 (Section: .text)
|
| BaseOfCode |
0x1000
|
| BaseOfData |
0x1c000
|
| ImageBase |
0x400000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
6.0
|
| ImageVersion |
0.0
|
| SubsystemVersion |
6.0
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x1ce000
|
| SizeOfHeaders |
0x400
|
| Checksum |
0
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve |
0x100000
|
| SizeofStackCommit |
0x1000
|
| SizeofHeapReserve |
0x100000
|
| SizeofHeapCommit |
0x1000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
9937942034ff1460fb418adc92b8cd51
|
| SHA1 |
16de1be16e8b596f574c5104d4c5b20ea1aac697
|
| SHA256 |
051cd08c19664ebf5170a929ca72bf743d1266193dc17ea85f82b91b6ef1349e
|
| SHA3 |
db04c6697f123a04c5ce93d4e26ba7c5eb6fd090c1972b6b2bcfa74802e9e50d
|
| VirtualSize |
0x1ab57
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0x1ac00
|
| PointerToRawData |
0x400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
6.67688
|
| MD5 |
e2e452fea18fb534bb264a87d747d555
|
| SHA1 |
834d2d437b92cae78ffd3dae519a427e13478fd6
|
| SHA256 |
2e463de4bc2797f9deb771be6b368571ea2335dddcd115a0d75603d6455699e1
|
| SHA3 |
f2766810b2d87e3dc245d3d2f4e1bddb6f854fdc7061b081a78f3fcf90319f7e
|
| VirtualSize |
0xcdfa
|
| VirtualAddress |
0x1c000
|
| SizeOfRawData |
0xce00
|
| PointerToRawData |
0x1b000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
5.86874
|
| MD5 |
fe1c7ec60f4038c7469c3d74fa1a5263
|
| SHA1 |
75bba00da8b7aa70fb58857b7a7b52ceff88f59d
|
| SHA256 |
7fcaa2898d597bd10a8a35a22cdedf7db73b0b2ee320698ab511b803e529df0d
|
| SHA3 |
5a3ce15e1ef332195aa19e27a2642719b7e9d3032b5ec0c48eb7480054366b0f
|
| VirtualSize |
0x108d14
|
| VirtualAddress |
0x29000
|
| SizeOfRawData |
0x1600
|
| PointerToRawData |
0x27e00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
3.53125
|
| MD5 |
661bb7d4378d3f528ba3ce991686f153
|
| SHA1 |
c9e0f0e447a3e71921146827b8295a4f8dc42b7d
|
| SHA256 |
90297d0529df20d198b8ab1d25810248b2c1001ed4c7c2858b5b2471bec71bf2
|
| SHA3 |
f35805a2d814c72793db9c18433f65a627036c4d417f8de518304c0e2f7a9ca9
|
| VirtualSize |
0x997a8
|
| VirtualAddress |
0x132000
|
| SizeOfRawData |
0x99800
|
| PointerToRawData |
0x29400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
6.95471
|
| MD5 |
3604b53c3dfff1e781b47cfbf7f3adba
|
| SHA1 |
e17ddb079febbeb8703180efeee981e3d43be2b3
|
| SHA256 |
651749413ed630e41d36bd5ffd8b24265a678222c113061387fdedc5f0b26da5
|
| SHA3 |
337d4c8ffb79dc5d7ffa9134b692cc3225fb79286e77cb35f9e7690a8f3683f0
|
| VirtualSize |
0x1abc
|
| VirtualAddress |
0x1cc000
|
| SizeOfRawData |
0x1c00
|
| PointerToRawData |
0xc2c00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
6.38909
|
| ADVAPI32.dll |
RegOpenKeyA
RegSetValueExA
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
|
| KERNEL32.dll |
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FlushFileBuffers
HeapReAlloc
WriteConsoleW
RtlUnwind
HeapSize
GetCommandLineW
GetCurrentDirectoryW
GetLastError
GetCurrentProcess
CreateProcessW
GetStartupInfoW
GlobalMemoryStatusEx
GetSystemInfo
GetNativeSystemInfo
VirtualAlloc
VirtualQuery
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetCommandLineA
CreateFileW
FindClose
FindNextFileW
GetFileSizeEx
SetFilePointerEx
IsDebuggerPresent
OutputDebugStringW
CloseHandle
RaiseException
QueryPerformanceCounter
GetProcessHeap
HeapSetInformation
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
SleepEx
CreateEventW
GetCurrentProcessId
TerminateProcess
GetCurrentThreadId
GetTickCount
VirtualFree
GetModuleFileNameW
GetModuleHandleW
CreateSemaphoreA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
DecodePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WideCharToMultiByte
LCMapStringW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
MultiByteToWideChar
HeapAlloc
HeapFree
SetLastError
WriteFile
GetStdHandle
ExitProcess
GetModuleHandleExW
GetFileType
FindFirstFileExW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
WaitForSingleObjectEx
|
| USER32.dll |
MessageBoxA
|
| Type |
BINARY
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x17980
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.83335
|
| MD5 |
62d4d7d369292a9bf23762465ec6d704
|
| SHA1 |
411bff1d3b8f0144f1685c94a21156a53848d5a6
|
| SHA256 |
fa617e6195b48622cd13742f0a33f41bd0a3f8b5689424c90f6cba97d4679644
|
| SHA3 |
f333f9d417a5b4e6e1b5a01c5a9884025cef5a59ff18e7591cb11905e80ba1d4
|
| Type |
DATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x284ae
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.9937
|
| MD5 |
c56fe290d55e849f065828d680e6a512
|
| SHA1 |
dc7e98601227af120fc3c4d35d0141b5c396227d
|
| SHA256 |
32dc6e4ac0c711a9c7e660bf3e9bebe3b39f1c3f7434534503c6ee9e24c624ec
|
| SHA3 |
fdd20c3510340f089b4a2f263838caf705712692cc46454b02dabb0ef4c2a83a
|
| Type |
DATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x14d4
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.61217
|
| MD5 |
04836d4e823417c9d65848bcbce633bc
|
| SHA1 |
2f1125602676aa40bb4a235eecb4d24cdae90944
|
| SHA256 |
96b33ccb8b88afc557e7e5dbc6343d0ad15928c217ea4c9c5381be655f33d7d8
|
| SHA3 |
989fafaf1e4e72478b37e9dcd69c84bf7ec4e669375c7398213a7b7e8fab9ac9
|
| Type |
IMAGE
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0xa65e
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.94546
|
| MD5 |
654ff44bc514b949b23ac6d786ff6759
|
| SHA1 |
33c0297e6187714195d42cc9c4ecd6cbb1b60273
|
| SHA256 |
c56a0f63e3426bea1b5ab53cc2a7aa935179bc8e8fbd8fc25e81faa4adba5a5c
|
| SHA3 |
6b5266c4bcaeed501793b167c699d38ea2a7d382678892798982ee2f6e685419
|
| Type |
IMAGE
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x158a
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.70645
|
| MD5 |
39ab9d429a4741c8cf4e13213e2ac621
|
| SHA1 |
04ff4cee8cd726df8ed5e360ad307badad9d6af3
|
| SHA256 |
bc81c33bdb534ab603114938d61de5bd56fac6f6c884a2ed2d676382ee0d1abc
|
| SHA3 |
2f4b66ac5a1f9f794ee41c6d18d5593d8c304b3f655d28a3c53f3718e3eaca62
|
| Type |
IMAGE
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x1624
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.70722
|
| MD5 |
b51e6a9a9a70c02562cd3b99c5559f44
|
| SHA1 |
c1b18d9fa7cb5299cf9b52d5566715d9d8c3a802
|
| SHA256 |
f345d36d5d46ccdde3ce230c1d2cf2c82f10c101ad9b0d176f98bfae8b011014
|
| SHA3 |
77ab29724f4c88571c709e16cee5ade6b6e2391d781fc7dea9204d9b3e36e48c
|
| Type |
IMAGE
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x1563
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.70967
|
| MD5 |
0d0a6e1a0a3f144ebfead6a22fd6b853
|
| SHA1 |
8ed12dc85ca2237b9de6ae92ad97378376cdcbf7
|
| SHA256 |
2af3e3d73eeaa41bd98d4ac43296897e6d74ab7b05dc60c6a296d35df74223d3
|
| SHA3 |
431fc0ec06ee8a6a97ef776d1cb5d755769a4cd79bb89ce221dfcb76ef60612b
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x8a8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.66288
|
| MD5 |
0826f45c6158fc335f85d381954c35dc
|
| SHA1 |
6a936bfaa9507b01cc6e3a0540fd9b29379dc178
|
| SHA256 |
fcd7fb40a131f0e575c2ab80530b47f689a9d089e74237f2946b9464bea742e8
|
| SHA3 |
f3429c262bea6510885eeb2ddc05a7e4dd8d30c5469a0efd20ae241c93c53bfb
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x568
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.55435
|
| MD5 |
83e48d658970abb8ef48469a7c869fa3
|
| SHA1 |
366455693a22c96a824846fe6c2d6071e50a3bc0
|
| SHA256 |
3f1c931946d70562a8d31260c262f3994503ebd27a2bc0010dee3ded84290db5
|
| SHA3 |
a94b52e499791c9c2f4e2231ed3fb9fa067146b6dc5f6050c40101472d03b947
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x1ca8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.23364
|
| MD5 |
726c8300ed175881cfe92d617d030824
|
| SHA1 |
a6abd367caaa153d8505546d9591ca79f0a0f6d0
|
| SHA256 |
5b05433c6daf3812a2f728a9c5e1fada4d5ee077df10530822506dcf38292acc
|
| SHA3 |
2febcf668c6abb13ae48b505885bacea6165b7febfad2aab44819b20f5807146
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0xca8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.29944
|
| MD5 |
bb621878b817460e0e34ad4c72d6adb8
|
| SHA1 |
6d254ed432f0a637c4fe91570553434a8d8dee56
|
| SHA256 |
0119e913b200a2b8feffacef09cf5d0220550691a9f9bbdfd8fb0c42b8e4e467
|
| SHA3 |
0b7a9596652fcb64aa9c407f7937f2b31cee9ac5eb6b9175fc05c81cd7e44e50
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x42028
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.56604
|
| MD5 |
714a09171248875d85ab63ac182ba75b
|
| SHA1 |
0e349bef2e785ddd64c86be79c1146eafefbfcb3
|
| SHA256 |
ceac4a74df3c52ffe229feff1a50f3990f78625c0e99dbac3e8ebdf1d2152f5c
|
| SHA3 |
958fc69385c202d3cb04641e4c034b14d27a7da5f9411cf6138b381ff8fb13e5
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x25a8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.24632
|
| MD5 |
ff07befd774190f003c365a28b4c6efa
|
| SHA1 |
e519abf112755c576a8ded89cb8af4194f072a30
|
| SHA256 |
a7b8b80809697add1986be74dd6ec35c5d092c32ba99792afd5a0a18d71d7539
|
| SHA3 |
236e0759ea67a3d93e9e734a367c16eb47d872d7cbad19056d4135cfcbfb0565
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x10a8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.47742
|
| MD5 |
f7ce1d6378a281767bc589b993ec873f
|
| SHA1 |
b72056eebc7dff042ca17058cdc00105465f46d5
|
| SHA256 |
561e814873050af3d4d79b8fedbc2888fa63ffe7e058a6a483113f374d862e53
|
| SHA3 |
889806c8f0088502691ce06fb16038d5c22fcbab0e2586630cd1ad62b1ba57e0
|
| Type |
RT_MENU
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x4a
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.71163
|
| MD5 |
2886ccd7dc1bd6dec8413a00b53046a0
|
| SHA1 |
a09dea8ae745541a9d191d42d68510db8f648b5d
|
| SHA256 |
a29831e4a3fac395e2aa86df5a0906ed2beebda018745be869477d636148f7af
|
| SHA3 |
fc89873b946c12a8b176b7eff05b2c4445b56a96c045e40e9d49ecc09a4d0fcb
|
| Type |
RT_DIALOG
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x146
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.23397
|
| MD5 |
0a00a7e12e7a7afd4e3e7f611771e5ba
|
| SHA1 |
b16dfedfa57ab568a0094151f5a9f297b4822bb1
|
| SHA256 |
0e2eb3ccc28ee9aeb82146bc8bf44d5e8c4b908dbb83c291af6fbdb54e7741f6
|
| SHA3 |
294bfe0ef49e8cf654e80085c63c54e98b7f871e3627d2bb10c9f55a2f7a70e3
|
| Type |
RT_DIALOG
|
| Language |
English - United Kingdom
|
| Codepage |
UNKNOWN
|
| Size |
0x196
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.0809
|
| MD5 |
4cc7fd36d4a62c2a5fbd0e52e3e3f2b7
|
| SHA1 |
1517cc044686e05bee9a59e46d302171164b81b7
|
| SHA256 |
c72445e1e0d57bf13a71658c496af13e9fd43e05de7be133eef248834cd1d190
|
| SHA3 |
5f9eb0c311f484fd4f42f98208d9065985da058c8eebd52d32ffffc1e15a288e
|
| Type |
RT_STRING
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x8a
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.70382
|
| MD5 |
bde5bc8c7ac5f5d3b58c10cf944fa980
|
| SHA1 |
820649aa69f5ecc850b3d54ef5972b8795f2351a
|
| SHA256 |
169da1a5507d88f820a2bfb2e800a8942a799d052b4625cda847392974ebfdf8
|
| SHA3 |
ec874c5ec3e6f130166196c79d37d93b559ec05829c4cf74a849eb0bb8344e48
|
| Type |
RT_STRING
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x7a
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.69215
|
| MD5 |
93728d8145441c7752eb0dea7c70c174
|
| SHA1 |
f06644e949aa5f10dfd692d7b7259f7b0358bbfb
|
| SHA256 |
4b9cefb95dc8d3517b9fcb422ec765b9fb2a46292afaa1ce61d58c3a29d12139
|
| SHA3 |
aab857340b78e4e5e4ed17dab9c7d5f1c41b41874c89f20101f6344480f995b9
|
| Type |
RT_ACCELERATOR
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x10
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
1.79879
|
| MD5 |
3d2b1af3424dbcd504f73918619c7d99
|
| SHA1 |
10d6ed54ea742211a14a05414883f6c00c03080a
|
| SHA256 |
c2f0c188d6c493d7827bf83fb89c704815796445a0178bb2ae79658d96703a3c
|
| SHA3 |
b8c5f28d2c132e5bc304e4dc1b314a3f32a2e48675c06828a2a8a014ea05e7fb
|
| Type |
RT_GROUP_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x68
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.76167
|
| MD5 |
f533d01cefc438b62709967e9265cb76
|
| SHA1 |
6dbd6e888354d5f37bf3fdd477ad64bbe18cd5d1
|
| SHA256 |
705b37a905142978d8cb204c49b437f674ae9593554291aea1bd7f5af015dd12
|
| SHA3 |
97db0570945815f9a795e5fb163ce1316a20b01f926659c3fc478fac6f1c685a
|
| Type |
RT_VERSION
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x50c
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.43242
|
| MD5 |
d5cc277cad2ed0c879ccb37f7817cc2b
|
| SHA1 |
f478cf551c9bde0a138c93866ceaffe694465861
|
| SHA256 |
21f2a5f3cb095752070e81f3f78e25c78179e5969ea68e93789aac5f763b8781
|
| SHA3 |
9c2a04b69f0a3b01e9330d1cdc50cd5e7d7178f482fd12a058d6f5ce228ac6f5
|
| Total War: ROME 2 |
| Total War: ROME 2 Introduction |
| ROME 2 |
| Copyright (c) The Creative Assembly Ltd, 2012 |
| Signature |
0xfeef04bd
|
| StructVersion |
0x10000
|
| FileVersion |
2.4.0.0
|
| ProductVersion |
2.4.0.0
|
| FileFlags |
(EMPTY)
|
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
| FileType |
VFT_APP
|
| Language |
English - United Kingdom
|
| CompanyName |
The Creative Assembly Ltd
|
| FileDescription |
Total War: ROME 2
|
| FileVersion (#2) |
2.4.0.0
|
| InternalName |
Rome2
|
| LegalCopyright |
© SEGA. Creative Assembly, the Creative Assembly logo, Total War, Total War: ROME and the Total War logo are either registered trade marks or trade marks of The Creative Assembly Limited. SEGA and the SEGA logo are either registered trade marks or trade marks of SEGA Corporation. All rights reserved
|
| OriginalFilename |
Rome2.exe
|
| ProductName |
Total War: ROME 2
|
| ProductVersion (#2) |
2.4.0.0
|
| Resource LangID |
English - United States
|
| Characteristics |
0
|
| TimeDateStamp |
2023-Jun-07 20:23:47
|
| Version |
0.0
|
| SizeofData |
82
|
| AddressOfRawData |
0x27d5c
|
| PointerToRawData |
0x26d5c
|
| Referenced File |
s:\branches\rome2\curator\rome2\binaries\rome2.retail.pdb
|
| Characteristics |
0
|
| TimeDateStamp |
2023-Jun-07 20:23:47
|
| Version |
0.0
|
| SizeofData |
20
|
| AddressOfRawData |
0x27db0
|
| PointerToRawData |
0x26db0
|
| Characteristics |
0
|
| TimeDateStamp |
2023-Jun-07 20:23:47
|
| Version |
0.0
|
| SizeofData |
876
|
| AddressOfRawData |
0x27dc4
|
| PointerToRawData |
0x26dc4
|
| StartAddressOfRawData |
0x428140
|
| EndAddressOfRawData |
0x428148
|
| AddressOfIndex |
0x5310c4
|
| AddressOfCallbacks |
0x41c1d4
|
| SizeOfZeroFill |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
| Callbacks |
(EMPTY)
|
| Size |
0xa4
|
| TimeDateStamp |
1970-Jan-01 00:00:00
|
| Version |
0.0
|
| GlobalFlagsClear |
(EMPTY)
|
| GlobalFlagsSet |
(EMPTY)
|
| CriticalSectionDefaultTimeout |
0
|
| DeCommitFreeBlockThreshold |
0
|
| DeCommitTotalFreeThreshold |
0
|
| LockPrefixTable |
0
|
| MaximumAllocationSize |
0
|
| VirtualMemoryThreshold |
0
|
| ProcessAffinityMask |
0
|
| ProcessHeapFlags |
(EMPTY)
|
| CSDVersion |
0
|
| Reserved1 |
0
|
| EditList |
0
|
| SecurityCookie |
0x429bb4
|
| SEHandlerTable |
0
|
| SEHandlerCount |
0
|
| XOR Key |
0x388098d7
|
| Unmarked objects |
0
|
| ASM objects (VS2017 v14.15 compiler 26715) |
13
|
| C++ objects (VS2017 v14.15 compiler 26715) |
182
|
| C objects (VS2017 v14.15 compiler 26715) |
22
|
| C++ objects (27521) |
40
|
| C objects (27521) |
21
|
| ASM objects (27521) |
26
|
| C++ objects (VS2012 build 50727 / VS2005 build 50727) |
1
|
| Imports (VS2003 (.NET) build 4035) |
2
|
| C objects (VS2003 (.NET) build 4035) |
2
|
| Imports (VS2017 v14.15 compiler 26715) |
23
|
| Total imports |
280
|
| ASM objects (VS2019 Update 1 (16.1) compiler 27702) |
1
|
| C objects (VS2019 Update 1 (16.1) compiler 27702) |
11
|
| C++ objects (VS2019 Update 1 (16.1) compiler 27702) |
6
|
| Resource objects (VS2019 Update 1 (16.1) compiler 27702) |
1
|
| Linker (VS2019 Update 1 (16.1) compiler 27702) |
1
|
[*] Warning: Please edit the configuration file with your VirusTotal API key.
[!] Error: Could not load yara_rules/bitcoin.yara!
Could not load company_names.yara!
[!] Error: Could not load yara_rules/monero.yara!
[!] Error: Could not load yara_rules/compilers.yara!
[!] Error: Could not load yara_rules/findcrypt.yara!
[!] Error: Could not load yara_rules/suspicious_strings.yara!
[!] Error: Could not load yara_rules/domains.yara!
[!] Error: Could not load yara_rules/peid.yara!
9c92a0f7b058e977c66c6abe11e6486f