abdbd17c0d29ee67cf296491e63707cfcf22b77ae358acc91a1437566a74672d

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2010-Jun-11 22:59:03
Detected languages English - United States
Debug artifacts c:\SimCity4\SC4000Projects\Ep1\out\ReleaseSRT\SimCity 4.pdb
CompanyName Maxis
LegalCopyright Copyright © 2003 Maxis. All Rights Reserved
FileDescription SimCity 4
OriginalFilename SimCity 4.exe
FileVersion 1.1.641.0

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ 7.1
Microsoft Visual C++ 6.0 - 8.0
Microsoft Visual C++ v7.0
Microsoft Visual C++ v7.1 EXE
Microsoft Visual C++ 7.0 MFC
Microsoft Visual C++
Microsoft Visual C++ v6.0
Suspicious Strings found in the binary may indicate undesirable behavior: Contains references to internet browsers:
  • IEXPLORE.EXE
  • iexplore.exe
 Miscellaneous malware strings:
  • cmd.exe
 Contains domain names:
  • command.com
  • maxis.com
  • www.lua.org
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Suspicious The PE is possibly packed. Unusual section name found: LBMPEG_D
Unusual section name found: .data1
Unusual section name found: STLPORT_
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryA
  • LoadLibraryW
 Can access the registry:
  • RegCloseKey
  • RegQueryValueExA
  • RegOpenKeyExA
  • RegSetValueExA
  • RegCreateKeyExA
 Possibly launches other programs:
  • CreateProcessA
  • ShellExecuteA
 Can create temporary files:
  • CreateFileA
  • GetTempPathA
 Uses functions commonly found in keyloggers:
  • GetAsyncKeyState
  • CallNextHookEx
  • GetForegroundWindow
 Memory manipulation functions often used by packers:
  • VirtualAlloc
  • VirtualProtect
 Has Internet access capabilities:
  • InternetOpenA
  • InternetSetOptionA
  • InternetGetCookieA
  • InternetOpenUrlA
  • InternetConnectA
  • InternetSetCookieA
  • InternetReadFile
  • InternetQueryDataAvailable
  • InternetCloseHandle
 Enumerates local disk drives:
  • GetVolumeInformationA
  • GetLogicalDriveStringsA
  • GetDriveTypeA
 Can take screenshots:
  • GetDC
  • CreateCompatibleDC
  • BitBlt
 Reads the contents of the clipboard:
  • GetClipboardData
Safe VirusTotal score: 0/72 (Scanned on 2026-02-25 00:48:40) All the AVs think this file is safe.

Hashes

MD5 1414e70eb5ce22db37d22cb99439d012
SHA1 ec64f671e227dc1640e85e3f303b28b0437a5792
SHA256 abdbd17c0d29ee67cf296491e63707cfcf22b77ae358acc91a1437566a74672d
SHA3 b07062d7b1bfa5ab2325c6bf11183d66ff7dd0b10debd748153a2763ebd1e33a
SSDeep 196608:9luYyy2fiGnRzwoEXF3hBtGRGMJN2p0I7:9luYyy2fiGnRzwoEX3BtCZ
Imports Hash 8790251960423e8bd926887c4f147f27

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x140

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 7
TimeDateStamp 2010-Jun-11 22:59:03
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 7.0
SizeOfCode 0x679000
SizeOfInitializedData 0x148000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x005F15DC (Section: .text)
BaseOfCode 0x7000
BaseOfData 0x680000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x1000
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x7c8000
SizeOfHeaders 0x7000
Checksum 0x73b9b4
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 0c2bcc09c037dd1aa3acfcc2fa292ec1
SHA1 58c47a9d735d2e6155b6ab491fd896371878ca37
SHA256 d9965edca3007afd2c59318e4db15ca1c46f76dc18a85d22f4c527b43801becb
SHA3 0134bc7a236325e7417006ad3eca98bc6d9b85ac2fdb15f0643ffc29b56c01b3
VirtualSize 0x678a2d
VirtualAddress 0x7000
SizeOfRawData 0x679000
PointerToRawData 0x7000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.623

.rdata

MD5 ac481dca7a19d960261c33c9066dfc05
SHA1 cce838ddb7b964efbb4e4e5dc01b4d82a280226b
SHA256 16a3d463002fcfb541c1437a49cd6eeda6f2de9128ae37306e33e3bf59a26302
SHA3 a7496e30ce703ec68e7fa15053dde396f3092703d67bcae5236c42226eb96e06
VirtualSize 0x86a2a
VirtualAddress 0x680000
SizeOfRawData 0x87000
PointerToRawData 0x680000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.37132

.data

MD5 930c9173e6940c2bc453cfe848cee460
SHA1 576477bac95282e36c8c7f38374e7922058b8240
SHA256 aaabccdfcd80bc8bd8284d9ba44f3f4896731d4c005388c361af48d38e3c61de
SHA3 96705924f22ec24f932d3221e82378708e90c95e53c75e0c4ab7d2a8dcf1c021
VirtualSize 0xb40d8
VirtualAddress 0x707000
SizeOfRawData 0x1a000
PointerToRawData 0x707000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.77892

LBMPEG_D

MD5 3ad57c0491d323369aff8a96845141fe
SHA1 6ae53c7e48c16f9763eb944a83e1796183ccaebd
SHA256 6b9610a3b3a5b3a5fd4b41f7db813f376d92f6ee7de78f518447f6559e3a4553
SHA3 b206b8776bcd0827820f0726ea7c0a76042796a7b648527417691ab1f3c6e545
VirtualSize 0x400
VirtualAddress 0x7bc000
SizeOfRawData 0x1000
PointerToRawData 0x721000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.41911

.data1

MD5 50187883d6d973d3316d3f5063e43de1
SHA1 b6a052ca3f8124c546782ebe5c8ae2b038587c36
SHA256 327b4b5d1d8132bf96e2bf8af346d959694ebe3b2aad15ff466e1bb19a31de61
SHA3 c6bc931c4f066360833e2d17a86288c7402a6ad360517072b91f3c5fe708afba
VirtualSize 0x1ea0
VirtualAddress 0x7bd000
SizeOfRawData 0x2000
PointerToRawData 0x722000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.39751

STLPORT_

MD5 f42837c20c9dff21c66b637dde82ddb4
SHA1 9418acd46827e53e105622426bb59136040f5a33
SHA256 4a2b546219b926b3c5c49fe1caae3934a460b963a827e2789128126ded719941
SHA3 959b50a708d20cf9f5fab209dd94fd3b120c0c62fb82c4601be26e82b6697d3d
VirtualSize 0x20
VirtualAddress 0x7bf000
SizeOfRawData 0x1000
PointerToRawData 0x724000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0.0688864

.rsrc

MD5 7488bfb2950ad40bfe7934871d62e118
SHA1 64167c8312972a73cd4ab749d3c110092ebabb2d
SHA256 95f91bf189bad7ed652da42f9cdb7164b281a5c62a639c8219f62c16e2164182
SHA3 1f8a6084c67af07d948a535e25f3f4e414eaabfab3f3f10fcd83daba2bf8a371
VirtualSize 0x7e28
VirtualAddress 0x7c0000
SizeOfRawData 0x8000
PointerToRawData 0x725000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.14252

Imports

ADVAPI32.dll RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
GetUserNameA
WSOCK32.dll connect
accept
recv
getsockopt
setsockopt
inet_ntoa
getsockname
bind
shutdown
WSAAsyncSelect
select
__WSAFDIsSet
socket
closesocket
WSACleanup
WSAStartup
ioctlsocket
WSAGetLastError
gethostbyname
getpeername
send
listen
WININET.dll InternetOpenA
InternetSetOptionA
HttpOpenRequestA
InternetGetCookieA
InternetOpenUrlA
InternetConnectA
InternetSetCookieA
HttpSendRequestA
InternetReadFile
InternetQueryDataAvailable
InternetCloseHandle
KERNEL32.dll HeapAlloc
ExitProcess
GetCommandLineA
GetVersion
SetPriorityClass
GetCurrentProcess
SetEvent
CloseHandle
FindCloseChangeNotification
FindNextChangeNotification
WaitForMultipleObjects
CreateEventA
FindFirstChangeNotificationA
CreateProcessA
OutputDebugStringA
Sleep
GetProcAddress
LoadLibraryA
FreeLibrary
VirtualQuery
VirtualAlloc
VirtualFree
GetSystemInfo
GetModuleFileNameA
IsBadReadPtr
GetModuleHandleA
GetVersionExA
SetErrorMode
SetProcessAffinityMask
GetProcessAffinityMask
DeleteFileA
MultiByteToWideChar
GetWindowsDirectoryA
GlobalFree
GlobalAlloc
GetTickCount
CreateMutexA
WaitForSingleObject
ReleaseMutex
SetThreadPriority
CreateThread
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
SearchPathA
GetLocaleInfoW
GetExitCodeProcess
IsBadCodePtr
SetConsoleCtrlHandler
IsValidCodePage
IsValidLocale
VirtualProtect
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapCreate
HeapDestroy
GetTimeZoneInformation
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
HeapSize
SetStdHandle
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
ExitThread
CreateDirectoryA
GetFullPathNameA
GetCurrentDirectoryA
GetDateFormatA
GetTimeFormatA
HeapReAlloc
GetStartupInfoA
GetSystemTimeAsFileTime
RtlUnwind
GetStringTypeA
LCMapStringA
EnumSystemLocalesA
CompareStringW
GetCPInfo
LCMapStringW
GetStringTypeW
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileType
InterlockedExchange
GetLocaleInfoA
FindResourceA
SizeofResource
LoadResource
LockResource
InterlockedIncrement
InterlockedDecrement
ResetEvent
PulseEvent
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
CompareStringA
GetUserDefaultLCID
GlobalSize
GlobalLock
GlobalUnlock
QueueUserAPC
GetExitCodeThread
SuspendThread
ResumeThread
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
TerminateProcess
RaiseException
IsBadWritePtr
RemoveDirectoryA
FindNextFileA
FindClose
CopyFileA
MoveFileA
SetFileAttributesA
GetFileAttributesA
CreateFileA
ReadFile
GetVolumeInformationA
GetTempPathA
FlushFileBuffers
SetEndOfFile
WriteFile
SetFilePointer
GetFileSize
lstrcmpiA
lstrlenA
lstrcpynA
WideCharToMultiByte
SetEnvironmentVariableA
HeapFree
GetProcessHeap
PeekNamedPipe
GetComputerNameA
GlobalMemoryStatus
GetLogicalDriveStringsA
GetDriveTypeA
GetPriorityClass
GetCurrentThread
GetThreadPriority
QueryPerformanceCounter
QueryPerformanceFrequency
SleepEx
GetSystemDirectoryA
FindFirstFileA
GetLastError
FormatMessageA
LocalFree
LoadLibraryW
USER32.dll CreateCursor
ScreenToClient
GetCursorPos
CharUpperBuffA
CharLowerBuffA
SetClipboardViewer
SendMessageA
EmptyClipboard
WaitForInputIdle
RegisterWindowMessageA
SetClassLongA
OffsetRect
FillRect
ReleaseCapture
GetCapture
SetCapture
PostMessageA
SetClipboardData
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
SetFocus
SetWindowTextA
IsWindowVisible
MoveWindow
EnumWindows
GetWindowTextA
GetSystemMetrics
GetAsyncKeyState
SystemParametersInfoA
CloseClipboard
ChangeClipboardChain
BeginPaint
GetDesktopWindow
DestroyWindow
GetClassInfoA
LoadCursorA
LoadIconA
RegisterClassA
CreateWindowExA
SetWindowLongA
GetWindowLongA
DefWindowProcA
GetKeyState
MessageBoxA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
GetForegroundWindow
GetActiveWindow
wsprintfA
ClientToScreen
SetCursorPos
ShowCursor
DispatchMessageA
TranslateMessage
WaitMessage
PeekMessageA
PostQuitMessage
UnregisterClassA
ReleaseDC
GetClientRect
GetDC
EnumDisplaySettingsA
UpdateWindow
ShowWindow
ChangeDisplaySettingsA
SetRect
RedrawWindow
DrawMenuBar
GetWindowRect
AdjustWindowRect
GetMenu
MapWindowPoints
SetWindowPos
SetCursor
DestroyCursor
GetIconInfo
LoadImageA
LoadCursorFromFileA
KillTimer
SetTimer
AdjustWindowRectEx
InvalidateRect
IsIconic
EndPaint
GetWindowPlacement
GDI32.dll DeleteDC
CreateCompatibleDC
CreateDIBSection
GdiFlush
GetDeviceCaps
GetObjectA
BitBlt
DeleteObject
ChoosePixelFormat
SetPixelFormat
SwapBuffers
SetStretchBltMode
GetDIBits
SelectObject
GetStockObject
SHELL32.dll ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
DSOUND.dll #1
#2
WINMM.dll mmioGetInfo
mmioAdvance
mmioClose
mmioDescend
mmioSeek
mmioAscend
mmioRead
mmioOpenA
mmioSetInfo
VERSION.dll GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
OPENGL32.dll glNormalPointer
glColor4f
glEnableClientState
glGetString
glDrawArrays
glTexCoordPointer
glGetError
glColorPointer
glPixelStorei
wglGetCurrentContext
wglCreateContext
wglMakeCurrent
wglDeleteContext
glOrtho
glFlush
wglGetCurrentDC
wglGetProcAddress
glDrawElements
glReadBuffer
glReadPixels
glScissor
glViewport
glLightfv
glPolygonOffset
glTexGenfv
glTexGeni
glGetFloatv
glGetBooleanv
glIsEnabled
glLoadIdentity
glLoadMatrixf
glMatrixMode
glAreTexturesResident
glPrioritizeTextures
glIsTexture
glDeleteTextures
glGenTextures
glDisable
glColorMaterial
glEnable
glLightModelfv
glMaterialfv
glFogfv
glFogi
glGetTexLevelParameteriv
glTexSubImage2D
glGetIntegerv
glTexParameteri
glTexEnvfv
glTexEnvi
glVertexPointer
glTexImage2D
glBindTexture
glShadeModel
glAlphaFunc
glBlendFunc
glStencilOp
glStencilMask
glStencilFunc
glDepthMask
glColorMask
glDepthFunc
glClearStencil
glClearDepth
glClearColor
glClear
glDisableClientState
MSVFW32.dll ICLocate
ICDecompress
ICSendMessage
IMM32.dll ImmGetOpenStatus
ImmReleaseContext
ImmSetOpenStatus
ImmNotifyIME
ImmSetCompositionStringW
ImmGetCompositionStringW
ImmGetCandidateListW
ImmGetContext

Delayed Imports

GZDllGetGZCOMDirector

Ordinal 1
Address 0x50ddfd

__export__GetMemoryReport

Ordinal 2
Address 0x66d82c

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.4343
MD5 1b57939133b219bc0cf4a223cadbbd0f
SHA1 df205e0cf06641a70f849b5ecaedc2e37587612b
SHA256 b95adf2994bebb35076f2e767ca927b3598c42b1e648348c0ab5b944844a365d
SHA3 3c433cacf3fa18a72cbbc8b15e3fee83d677b38d42366072e56f8feacdaee310

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.57
MD5 0afaa249cdcbacaf922920638eae2c77
SHA1 b04e4e59ffe8f7fac556850998227ab04149788f
SHA256 8fc36f75d11508f923b4a72179b17a7fa209b619e12d529a899c20243729e271
SHA3 a0b6d612c549fb8dc276d734775589748bf610511c528de0dbad34b0a93dbfe5

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.54692
MD5 d07f4bcebd4132c85e454d1188656bce
SHA1 a87a8360537667f2f3e18819c905708f99f9e423
SHA256 74da36d55d921929aef48ed754fde20b9488ff10cb924eeb4dfcdd4fea62fd0a
SHA3 04fa4402933f3f1c42b05eb5b6b12633e69c4ee130b1f5479e1a42fcf1e4deaf

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.6001
MD5 13bada4b9d4e2f41452cf5e9c67375a0
SHA1 08a98b11fc31bee7437efe3ba5d95422d463ae1e
SHA256 b0f2c681d6e4024b04a0da09c34a54f5e3ea97adca430da673b88d04e72fd380
SHA3 7b0a8f4acbe97d68b7b8d9435eb69c446a613554b696baf4d5f5e4b4ea5bd8fe

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.60978
MD5 556a076d4a236d33519b0198df0d81e7
SHA1 73672296b37495d4c4ce1bf20e201e2e46491ff7
SHA256 7393c4e6d1a979b0422ae35ed20763b2f0ae1b5248a014505c7894672c82dc60
SHA3 10c81f94993a348e745887e48f9bb9d3825473fffb8f544ccfb97d640c8040c8

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.84507
MD5 06b56e103555e17c3fb7be1c47bdc3c7
SHA1 d3966a30353efea211ee62db552e8e7137b5affc
SHA256 65a1520edff6e88227d5c23c6c3b43a9bf8b3d9de7dac699fdf9228fc46a5f5a
SHA3 52fe120201aac7528a1ca5a17727738b5aea164d1cfb8a404fc5f014ca2cf1ec

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.00062
MD5 f1e2baff4179591a48352c04ab24c0df
SHA1 8927a891d3c0973810ddd4766e4af9bc7ce93ba1
SHA256 2db9cd236cc411b9a3c70ff2e82d76c9122c23f91da63c3e919237326b04d6aa
SHA3 42954b34e6fcb68db9a58fbaafab75c7decb061a649f8954a7c05d0c15136ea5

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.03245
MD5 90abdb2a595f22a1cd7417d42e1e60f2
SHA1 6b359e0958c5980d5c227f28b91caac1877664b8
SHA256 9fd38dc1c6364b296f5646204bf78d589222ab4fce6a9f701ddca1367fe51ba1
SHA3 0e9962feac2b5f0dbad7cb034d3378299b04c3e8ac055e5644278ea90307dc86

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.20414
MD5 511b405fc8c435a361c37cb434b3710d
SHA1 ecc12ba56318be7aa8b28c7fd12699fa21176212
SHA256 13df8884d61394f10f36aa4deea1dccfa6d7aa92777571ff1cacb871c6c26656
SHA3 85a11574895841389a13d1f2f3fba9f0e6a943beef809fd7dc331e7945a496ea

10

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.33977
MD5 fe5f4baab30e2a3933bed3c85eb3a581
SHA1 2378883c12e62be271b17dc4b108e829b731c762
SHA256 4c3953a7de4f4eb5906ace450087657792362c66867852dd95cfdceeca947ab1
SHA3 1c37f644e254490143d9b031cd7640656d663eaa6d861f99d1c187128cd08d63

11

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.96157
MD5 c5919769a60873f6a6d85f9c28fd1bf2
SHA1 117c55f78af74b6395dae388018b80a02d032c0c
SHA256 f5256e2e901257752dafcda1ffe94a9c113f41a3a6b011fe63c9f0238cb3144d
SHA3 61e3f1d28fe09777de8bc98aa40ce802322828ed38024a3eb3810348ffa55207

12

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.63828
MD5 425cd0ce350e71bce32be88b9d1abd18
SHA1 633d11d8866a19eb153b20135188f471ce682411
SHA256 ea16924c1eb7be1248f1653c4fb3ca4d96f340d923c72b18e0be3539b27b6b93
SHA3 3dbe86bdd92487a5832a2b5613c4efaa0bfe4bfcfce0aadd5a46409ea9ac61c9

13

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.36664
MD5 2f41c7a26fe514ac96301196685817af
SHA1 9821f8b110b1bad68d9e0bed97246186edbdf26c
SHA256 500503cd123e8a0949a35e0429ccecc8df71270ad037d6fafb926c29dfe95569
SHA3 452eef8d43071ed737f23f451d545fbb47158703fb59c23d75008f6ea4cc449e

14

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.54783
MD5 d02f9d21a92f1c9c23155987ba3d8e5b
SHA1 5e981d9f3154a66b92f10ad7de8c92a85632b4c9
SHA256 4e6a77b70153fde2e236d058485660ced7c6af023f3686cb4c7e72c4d542d3ac
SHA3 46957605388b7a534f34e0ca98c9a56f8b85c695d5fe0949a2eae9895e799621

15

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.38899
MD5 412b11762efa2c2c2cb2caae75d272ca
SHA1 62ad5f28ab9a0b59a2af5481960c1ff1bc53b6c4
SHA256 323939a088d883e50a48d408cf3e610f486e8fdd866839a476bd298b5558014c
SHA3 cb82fc6c90eef900060a4885f8259ebbbd34017ef564eab5eb1b8af1956930c0

16

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.42911
MD5 560feda60d5fb436c1dec11381144c3a
SHA1 8cf027263cbd086a0ce8c801dd8d3ef96da0de36
SHA256 2a02469b1c779d59fb1e9b12deadea36f977463a7b2c99909784c3040c2b38a9
SHA3 300746ad3a62f1f4e93c5598da6e693b7d69790dcc9c0af0713410ee88f947ea

17

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.48629
MD5 5a6ccc8a19312bc76c76869bdd93bc2e
SHA1 a3c4f3023e168bd6f4ae94ea313a4780d6c130ab
SHA256 7acd4cc77a3c0cf21eae004ab56414f3d8bac78effac1f99a1030be7b61f9985
SHA3 cd51ada8dcc5fe364883d381cbabb684034a6247b0beaeb0f2bcb51c4db48e25

18

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.70355
MD5 b7cf63544a9f05eda01a80b204c5165b
SHA1 a960a6ea184e2adf6b9efd725a0aef7dddb38fed
SHA256 8ccbfe5ae4364b89358d7425ba2e592859c304540221e3f15ec7f3afcb524b04
SHA3 5f3ced6d7d3ad5f197f013561c6abd6199cd969e317681fbc8e6f4d376b1e141

2155

Type RT_STRING
Language English - United States
Codepage UNKNOWN
Size 0x80
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.44628
MD5 844b830dd384a60167351e727e6b985e
SHA1 32319609cdab8dd17762713d59c7c8b0e2cde2de
SHA256 17a91b7bebb37f08bb041d7502dd1adbce5e991090620012260bdcfa2dd6f37e
SHA3 c04c7971d7a0cfc46eb4ad12d32b3ac5494b57e9291b083fbb0cf25c80abc68b

1000

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.86669
Detected Filetype Icon file
MD5 8eccd4bb74ab8d4072546feaebba6c85
SHA1 80416b2fd0673aaa025e5e2f2cce21799b43cead
SHA256 31240252f32b1b84fb851ed232b8fcd208edda2f957204963ca1d23788048194
SHA3 1120c3b5418192c5c26688f5b9b176be6ddc289ecc4a2caa0037f447134f2d28

1001

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.98802
Detected Filetype Icon file
MD5 5d5ba8e44a571acb4005d65a14412ffc
SHA1 6ae3f3cf28345eb63070172867cdd42b7c524aeb
SHA256 defdc2bdcd7a79b217c90507e4840d858b70e1ffbae1c39fb98b16614a2d465e
SHA3 9227b4215ea5a653b7635621e3aa9d4ff64aa6a68dea2a44158536dd958a4fc8

1002

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.95758
Detected Filetype Icon file
MD5 ebd995b72e865bb6d0bece06930fb89a
SHA1 7c30a4066efee000a76eec9337dbbeee2b7e75af
SHA256 9ab44316b0761cecf387147797a0a5a2198163e8cb8ae75d3e5de47eef2655ca
SHA3 7ff2d049d9c6d17897f5d295aa92e6022cfe6832fd10e9394808e00b4367ef6b

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x238
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.35402
MD5 a9d6201f19ef490b142ee8025d501010
SHA1 32225ea84d8f06f91d2efb0878baad2d7aca6962
SHA256 8bb6487b2ebd091e128ba72e74bdc44fc422d4f080d52e191b0d70d7bfe72b2a
SHA3 4c814ce3f9dab1818081ee9b8edcf9777c8865c3ad6e2d966dfc52c37390fced

String Table contents

FnordID:xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.1.641.0
ProductVersion 1.1.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language English - United States
CompanyName Maxis
LegalCopyright Copyright © 2003 Maxis. All Rights Reserved
FileDescription SimCity 4
OriginalFilename SimCity 4.exe
FileVersion (#2) 1.1.641.0
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2010-Jun-11 22:59:03
Version 0.0
SizeofData 84
AddressOfRawData 0x700ab4
PointerToRawData 0x700ab4
Referenced File c:\SimCity4\SC4000Projects\Ep1\out\ReleaseSRT\SimCity 4.pdb

TLS Callbacks

Load Configuration

RICH Header

XOR Key 0x5a1ae47a
Unmarked objects 0
105 (2067) 8
ASM objects (VS2003 (.NET) build 3077) 60
C objects (VS2002 (.NET) build 9466) 1
C++ objects (VS2002 (.NET) build 9466) 18
C objects (VS2003 (.NET) build 3077) 251
C objects (2179) 3
Imports (9210) 2
C objects (9178) 1
Imports (2067) 2
49 (9044) 142
Imports (2179) 23
Total imports 432
19 (9049) 9
Unmarked objects (#2) 120
42 (8803) 17
C++ objects (VS2003 (.NET) build 3077) 712
Exports (VS2003 (.NET) build 3077) 1
94 (VS2003 (.NET) build 3052) 1
Linker (VS2003 (.NET) build 3077) 1

Errors

Leave a comment

No comments yet.