ade93ca325f0564d7480f6e414bc4bcb521ff094a15f1fb7df7345fb7a0d60ed

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2026-Apr-03 16:44:43
Detected languages English - United States

Plugin Output

Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 b6d1c7ded105c96873736ffdccff3b5f
SHA1 39875d731b81f4f69f2693649477a30ab387c2df
SHA256 ade93ca325f0564d7480f6e414bc4bcb521ff094a15f1fb7df7345fb7a0d60ed
SHA3 cf78b2d4f5433cb24cbf3dae31507d3d068894cabd8879a841b477ea269be5b4
SSDeep 48:imglYKnd/fcY9k6gCZV/kjkkPOB1BYJNh3zV2n0F2maStuaaT:Hgl/nmGLWvh6
Imports Hash ae455ea9cf0e3c9bff5533a3f6f7d192

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xc8

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 5
TimeDateStamp 2026-Apr-03 16:44:43
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0x400
SizeOfInitializedData 0xe00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000001000 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x6000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 689a67e53429226c57ac36fa3afc5d24
SHA1 ae207d04c58e3bb3505a37eb529da1a535f547a5
SHA256 8d8738bc03ed3038f5d2e1f2218944a04ddfb17ac513e8a6e52f5f96d03d2e25
SHA3 3e3e778704c842eeabda6c0e173a9396600d6ce68b10af90b8d8363649a43340
VirtualSize 0x3b5
VirtualAddress 0x1000
SizeOfRawData 0x400
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 4.52378

.rdata

MD5 8d608ae3f94150094e491cd23d948899
SHA1 13a44ef1f1c2d68fd4549a19d45eb412b3320d23
SHA256 9f22fe4f8dbdbec63675966d8832bab2a2fda1da3d25ac15ee5381884f3780a5
SHA3 a21cfe0069e77f0bcf678fd932a4da258e342842acb0a2e4df1e89671cdef0b1
VirtualSize 0x314
VirtualAddress 0x2000
SizeOfRawData 0x400
PointerToRawData 0x800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 2.98909

.data

MD5 1f88c732c226fdaff3beae696b5629a4
SHA1 4ef616c1d8d96b78c1e18571d19cecc12986271c
SHA256 faec97b7589da4384f05743fc84f91a0d79f8c8ee68c07850aaa1ee7bce07d91
SHA3 7c471dc20855657f4cba54aa2f919609018aa8ed2c2c256b70b383fc60d94569
VirtualSize 0x190
VirtualAddress 0x3000
SizeOfRawData 0x200
PointerToRawData 0xc00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.79905

.rsrc

MD5 97db28ef0dba04935852eba144eee2aa
SHA1 00434273f72e49a14ba9b899ffe963c23ed64b61
SHA256 bdfe9ffcdbf0d698b534938356a2820f7abe3589def7986410f450b1f2bd8d7e
SHA3 da707f77496d41e145266e956b125aff27c690bfabdf537b5bd8a1e6db53285d
VirtualSize 0x538
VirtualAddress 0x4000
SizeOfRawData 0x600
PointerToRawData 0xe00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 2.54086

.reloc

MD5 dcfa89f0563c250fb4fa47cbb5568085
SHA1 bd7c1bdf74b23c2abebeaba3067312096559cc5f
SHA256 6c14032b31de5276345004809d5d1d436039ba20cf151a8e4463994dfbb46532
SHA3 88865a891192a1caaccf540d4d506db5e2c78ff00ef85247d260541c4652c067
VirtualSize 0x38
VirtualAddress 0x5000
SizeOfRawData 0x200
PointerToRawData 0x1400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.803181

Imports

kernel32.dll GetModuleHandleA
ExitProcess
user32.dll CallWindowProcA
DialogBoxParamA
EndDialog
GetDlgItem
LoadImageA
MessageBoxA
SendMessageA
SetWindowLongPtrA
SetWindowTextA

Delayed Imports

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.3855
MD5 147c26c05f140199a1d2bdec36518268
SHA1 b68c95f5214e5eeb8b6e4aa763211de31b13105b
SHA256 c67256fdc09a4bac7bd6be67e9c1cb15391d459931e7e8f561895a1ff9aac4d2
SHA3 2cccd6d091ae24911a7ae7a67aea2c3f97515a6311fdc4faec92f1ab2e04a2f6

100

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x148
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.0865
MD5 505fd5c8e7af37fd39c7d3b9b7fd14c1
SHA1 f83aea483da1532018fba1639414faad58b87ec5
SHA256 6fdf001448c253b354026ab08fbbec66a54f37c7751fb837918ef8751c3a9944
SHA3 9903a12b74c081c2ff9af3868dfbe0bcae9a4f34b4de1c349bd07af9f3a963e3

10

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.16096
Detected Filetype Icon file
MD5 42cf62b780813706e75fb9f2b2e8c258
SHA1 a022d5c1cfdd8aace0089f3e72f2eedd41bda464
SHA256 a0c9d012e2bf6b2fe05c2d97cb5594d97cf2f539e97935c12abd7a3562f4d9bf
SHA3 0aafc8e3d8b6bde595537da4ffe0efc5fe53f01dafe336a2a5828b6a71283d3c

Version Info

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2026-Apr-03 16:44:43
Version 0.0
SizeofData 260
AddressOfRawData 0x209c
PointerToRawData 0x89c

TLS Callbacks

Load Configuration

RICH Header

XOR Key 0x965a7981
Unmarked objects 0
Unmarked objects (#2) 5
Total imports 11
ASM objects (35728) 1
Resource objects (35728) 1
Linker (35728) 1

Errors

Leave a comment

No comments yet.