ae91be8b1a49a7866fd56ac46c7a9466

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date 2011-Oct-30 12:00:02
Detected languages English - United States
Debug artifacts C:\PaulProjects\msvc2010express\allegro442\winds1edit\winds1edit\Release\winds1edit.pdb

Plugin Output

Safe VirusTotal score: 0/57 (Scanned on 2015-03-28 18:17:02) All the AVs think this file is safe.

Hashes

MD5 ae91be8b1a49a7866fd56ac46c7a9466
SHA1 47b8bce28f8a8bce7f42cf67e5ceaf8da3d7ede5
SHA256 c13648c74c5f94c295c3598aa88c80fbc053ed044e844ac8f13178a6c0705a21
SHA3 c25a6f64da3640eef6ac6efa2dc865ae87a3583f34715cf23eb9b650b5edb330
SSDeep 6144:CZX4fmBLi1ZjYstHK1ABMjnakJMAsnK5bMrO6aoG9:AyYiZjYsh7BT
Imports Hash a2728a5e32642b70f5013e2db285f9be

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xf0

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2011-Oct-30 12:00:02
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 10.0
SizeOfCode 0x2bc00
SizeOfInitializedData 0xdc00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0002C506 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x2d000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.1
ImageVersion 0.0
SubsystemVersion 5.1
Win32VersionValue 0
SizeOfImage 0x15a000
SizeOfHeaders 0x400
Checksum 0x440d8
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 cf374ae019cdbf79a3dae963d7ed9502
SHA1 275de592edd6dd77a960aef97d02c31b934bb559
SHA256 da3f626bd083a8b38e0358e5bd1ce4e24dd3e29a5e8eab95aeb36006a1e2e9f6
SHA3 ceeced1accc97495dede4ed04bcd22bd7a90397add38584381fd0f96c72bf180
VirtualSize 0x2ba6e
VirtualAddress 0x1000
SizeOfRawData 0x2bc00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.55487

.rdata

MD5 6536e1abd1121ff3783df35344213844
SHA1 3395ef86de318a853848cb81f77b28ae82dc9b7a
SHA256 7ecd06eacd1b80a95284925df0e16d2ea90a2e80c3e9a8adee16a35440d2dd4f
SHA3 7c3f08ec6a4a2f90da35004a38deacf71b2fea6e9e41e2656603cce2bd3c61ec
VirtualSize 0x7932
VirtualAddress 0x2d000
SizeOfRawData 0x7a00
PointerToRawData 0x2c000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.43345

.data

MD5 cdba4f633e69a5536c8b82cf6dffb365
SHA1 0330ce57bbe5cc07ec515772562cbc37d0ba62c7
SHA256 57d949bd10394a793712cdc6f4936a794c1de8c2514d1d924197237bc43c6fd1
SHA3 c3439a2ac3a2cf6fe70afa31b8bf6c4c13efc79aa56aaa3ebc468337de57a275
VirtualSize 0x11ffa0
VirtualAddress 0x35000
SizeOfRawData 0x2000
PointerToRawData 0x33a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 3.37327

.rsrc

MD5 899ec07ee51e5c15be8162e0679f1f98
SHA1 5b9b398c1c8d68ef481d3099be10311241f3368f
SHA256 c9d2fcfaeed93280e1c4ac7695b37509ddc0f6050d85bc51356ab6d565a5297a
SHA3 7c9a6309e0fee852d0beea9a4f162a520b850c0b5c2693f28fcb0e39b798e58a
VirtualSize 0x1b4
VirtualAddress 0x155000
SizeOfRawData 0x200
PointerToRawData 0x35a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.10247

.reloc

MD5 1757b8119a757f4c0b0931d2b36dd26b
SHA1 86e705b3bc266462a33faa7f9178e6134af209e1
SHA256 ab273717914c0b24d5dbea3252e77b714bc12e18c3fb11bca80f7d2dd66c83b6
SHA3 67b86eb585898cbe246201993b993f0bd2ee299238001291bc5a7643d516a6ce
VirtualSize 0x3e78
VirtualAddress 0x156000
SizeOfRawData 0x4000
PointerToRawData 0x35c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.92919

Imports

allegro-4.4.2-monolith-md.dll create_bitmap_ex
al_findclose
al_findfirst
al_findnext
show_video_bitmap
get_rle_sprite
create_trans_table
create_color_table
get_extension
system_driver
create_video_bitmap
set_gfx_mode
show_mouse
_install_allegro_version_check
cpu_vendor
os_multitasking
get_refresh_rate
cpu_family
allegro_id
cpu_capabilities
set_display_switch_mode
install_mouse
os_revision
request_refresh_rate
cpu_model
os_version
load_pcx
text_mode
set_mouse_speed
destroy_rle_sprite
allegro_error
install_timer
install_keyboard
os_type
install_int
rest
mouse_z
position_mouse
set_palette
save_bmp
mouse_y
set_color_depth
mouse_x
set_config_file
get_config_int
get_config_string
color_map
allegro_message
textout
vsync
screen
makecol
key
mouse_b
textprintf
font
stretch_blit
file_exists
create_sub_bitmap
save_pcx
clear_bitmap
blit
destroy_bitmap
create_bitmap
MSVCR100.dll _mkdir
_strnicmp
_CIsqrt
memcpy
memset
_ltoa
_stricmp
_controlfp_s
_invoke_watson
?terminate@@YAXXZ
_except_handler4_common
_crt_debugger_hook
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_onexit
_lock
__dllonexit
_unlock
ceil
realloc
atol
ldiv
strrchr
atoi
ungetc
_time64
freopen
srand
_errno
fputs
exit
qsort
fwrite
remove
rename
fputc
calloc
sscanf
fclose
fseek
ftell
fread
fopen
fgetc
toupper
strncpy
rand
fprintf
printf
fflush
__iob_func
malloc
free
sprintf
KERNEL32.dll IsProcessorFeaturePresent
DecodePointer
InterlockedExchange
Sleep
InterlockedCompareExchange
HeapSetInformation
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EncodePointer

Delayed Imports

1

Type RT_MANIFEST
Language English - United States
Codepage Latin 1 / Western European
Size 0x15a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.79597
MD5 24d3b502e1846356b0263f945ddd5529
SHA1 bac45b86a9c48fc3756a46809c101570d349737d
SHA256 49a60be4b95b6d30da355a0c124af82b35000bce8f24f957d1c09ead47544a1e
SHA3 1244ed60820da52dc4b53880ec48e3b587dbdbd9545f01fa2b1c0fcfea1d5e9e

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2011-Oct-30 12:00:02
Version 0.0
SizeofData 112
AddressOfRawData 0x33d38
PointerToRawData 0x32d38
Referenced File C:\PaulProjects\msvc2010express\allegro442\winds1edit\winds1edit\Release\winds1edit.pdb

TLS Callbacks

Load Configuration

Size 0x48
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x435000
SEHandlerTable 0x433db0
SEHandlerCount 1

RICH Header

XOR Key 0xcb80e25d
Unmarked objects 0
152 (20115) 4
Imports (VS2010 build 30319) 2
ASM objects (VS2010 build 30319) 3
C objects (VS2010 build 30319) 20
C++ objects (VS2010 build 30319) 2
Imports (VS2008 SP1 build 30729) 2
Imports (VS2010 SP1 build 40219) 3
Total imports 164
174 (VS2010 build 30319) 30
Linker (VS2010 build 30319) 1

Errors

<-- -->