abdd46ab4fe449e4b28484787faa5bbe6194b7785aa59dc9dba6cd1f790a5ca9

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date 2025-Jun-13 10:19:01
Detected languages English - United States

Plugin Output

Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 21f42560223b55f8b791becf2513be4a
SHA1 594311eb0851b05083e2d84bdf4f892dc5f69a8c
SHA256 abdd46ab4fe449e4b28484787faa5bbe6194b7785aa59dc9dba6cd1f790a5ca9
SHA3 c02246444f71ff5e997d81a14b6284f448ee59c8cbc612d992ce57eb4cbc1c2e
SSDeep 384:26l/8o5wkh33wEHixhNhIkMCUsYnGEuX4tB8Ik4emtOMXcw17SfOTN0:75hfEpURGrIkHYTv7SWe
Imports Hash aaaba9f7451b13e7e1573bc27a1f3ebb

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xf0

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2025-Jun-13 10:19:01
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x3a00
SizeOfInitializedData 0x2c00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000038ED (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x5000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0xa000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 e2845dbd2137426e1722ad8d5fcf5a63
SHA1 0ad8134e025d59208101cc0997da73d4fc5e25f1
SHA256 2326f0dbb07f0ed6f095544b0381a4a011489e15f0ac75bdf825a6bf33b20c0a
SHA3 fb03c1ade048e30ee63917da9a891c99c5a0e92b0c11bed3016614dd0834587c
VirtualSize 0x381d
VirtualAddress 0x1000
SizeOfRawData 0x3a00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.25023

.rdata

MD5 ff31e44b18685ff5467620879737a406
SHA1 a69232e698d933ea018200d7c6c340325d62f64d
SHA256 fccff2feb5e0249926bddfa4c3dcfb6c059f3cfd7edb30d14922a18c3fdf84da
SHA3 44856e951b36dba0b73ca41a4fe5d68d75be614339c2d1bfc125297f73104796
VirtualSize 0x1c46
VirtualAddress 0x5000
SizeOfRawData 0x1e00
PointerToRawData 0x3e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.55005

.data

MD5 1bc5a32afc0359dbaab7a61567a9ba6e
SHA1 fe83142ea55ba0aea07874d3332bd93c733bd53c
SHA256 cace4bd365edde092ca4ff7a99e6cf8410d4395a257ddeb13f7b50ce2bc41298
SHA3 f965faa7d1bad7293daa8d43235472e745efb8ee0329177a4f99cdd4721e2112
VirtualSize 0x450
VirtualAddress 0x7000
SizeOfRawData 0x200
PointerToRawData 0x5c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 1.86509

.rsrc

MD5 004d0e678e525ffdfdb49f756c3148c6
SHA1 1118e9c2f4604b941d1c0463afa525395d86a754
SHA256 e42f4c332ad3da929ebeb2e30afff6fdb3dc348f16b47a31a7ee08b7e091bc48
SHA3 9e257ba83c0cde061588f85f85b71c5cee609ca3eceb7cab57495dba54837eb5
VirtualSize 0x1e0
VirtualAddress 0x8000
SizeOfRawData 0x200
PointerToRawData 0x5e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.69612

.reloc

MD5 1d7102272dec62f24f0b694ebc527a70
SHA1 095fd34876069d7bdc1537cdae40252fe630029c
SHA256 58551b5c3e29ca607b9ba91b85e568bec3331b0c129f8b122b23ffc19529ab7f
SHA3 7b6dce4d06f75ad357f274e8cf91606c4b0a96ec38b117ac16e3ad7e76c95d00
VirtualSize 0x450
VirtualAddress 0x9000
SizeOfRawData 0x600
PointerToRawData 0x6000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.39046

Imports

KERNEL32.dll SetConsoleTextAttribute
GetStdHandle
GetLocalTime
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
UnhandledExceptionFilter
MSVCP140.dll ?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?good@ios_base@std@@QBE_NXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Xlength_error@std@@YAXPBD@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
VCRUNTIME140.dll memset
_except_handler4_common
memmove
_CxxThrowException
__current_exception
__std_terminate
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3
memcpy
__current_exception_context
api-ms-win-crt-runtime-l1-1-0.dll _initialize_onexit_table
_register_onexit_function
_crt_atexit
__p___argv
_invoke_watson
_set_app_type
_cexit
__p___argc
_c_exit
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_register_thread_local_exe_atexit_callback
_seh_filter_exe
terminate
_controlfp_s
api-ms-win-crt-heap-l1-1-0.dll _set_new_mode
free
_callnewh
malloc
api-ms-win-crt-math-l1-1-0.dll __setusermatherr
api-ms-win-crt-stdio-l1-1-0.dll __p__commode
_set_fmode
api-ms-win-crt-locale-l1-1-0.dll _configthreadlocale

Delayed Imports

1

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x17d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.91161
MD5 1e4a89b11eae0fcf8bb5fdd5ec3b6f61
SHA1 4260284ce14278c397aaf6f389c1609b0ab0ce51
SHA256 4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df
SHA3 4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353

Version Info

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2025-Jun-13 10:19:01
Version 0.0
SizeofData 692
AddressOfRawData 0x59e4
PointerToRawData 0x47e4

IMAGE_DEBUG_TYPE_ILTCG

Characteristics 0
TimeDateStamp 2025-Jun-13 10:19:01
Version 0.0
SizeofData 0
AddressOfRawData 0
PointerToRawData 0

TLS Callbacks

Load Configuration

Size 0xc0
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x407000
SEHandlerTable 0x40592c
SEHandlerCount 11

RICH Header

XOR Key 0xafa9f49
Unmarked objects 0
Imports (VS2008 SP1 build 30729) 10
ASM objects (34918) 1
C objects (34918) 12
C++ objects (34918) 25
Imports (34918) 4
Imports (33140) 3
Total imports 84
C++ objects (LTCG) (35207) 1
Resource objects (35207) 1
Linker (35207) 1

Errors

Leave a comment

No comments yet.