| Architecture |
IMAGE_FILE_MACHINE_I386
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date |
2024-Jan-24 06:11:57
|
| Detected languages |
Process Default Language
|
| TLS Callbacks |
2 callback(s) detected.
|
| Info |
Interesting strings found in the binary: |
Contains domain names:
|
| Info |
The PE contains common functions which appear in legitimate applications. |
Can access the registry:
- RegCloseKey
- RegEnumKeyExA
- RegOpenKeyExA
- RegQueryValueExA
Possibly launches other programs:
- CreateProcessA
- ShellExecuteA
|
| Malicious |
The file contains overlay data. |
99491 bytes of data starting at offset 0x9400.
The file contains a Zip Compressed Archive after the PE data.
|
| Suspicious |
VirusTotal score: 2/73 (Scanned on 2024-11-14 03:11:54) |
APEX:
Malicious
Bkav:
W32.AIDetectMalware
|
| MD5 |
b195322e61f7ff01e23307152f0a2d4a
|
| SHA1 |
e0598ae1ba997e64ff41fc6a82a8e561d7851ca5
|
| SHA256 |
3be496b490b0cbea5bfd06686e427ce92b4876cf8d82ea55172ef2e36c8303d5
|
| SHA3 |
27c0e635ea7594f5dc439de4b0a9794dc5f3eeaa5f632965984f4f12dcdccee8
|
| SSDeep |
3072:ruzvch1lUomRQrNtBm7QhzfEcBrxYGLrHk56cWDNnGoOxc:Ich1+gNrgQFEKJrEvWcoOxc
|
| Imports Hash |
0f724bb412fa52650dbbfc8ad7206555
|
| e_magic |
MZ
|
| e_cblp |
0x90
|
| e_cp |
0x3
|
| e_crlc |
0
|
| e_cparhdr |
0x4
|
| e_minalloc |
0
|
| e_maxalloc |
0xffff
|
| e_ss |
0
|
| e_sp |
0xb8
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x80
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections |
9
|
| TimeDateStamp |
2024-Jan-24 06:11:57
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xe0
|
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED
|
| Magic |
PE32
|
| LinkerVersion |
2.0
|
| SizeOfCode |
0x5a00
|
| SizeOfInitializedData |
0x3600
|
| SizeOfUninitializedData |
0x8e00
|
| AddressOfEntryPoint |
0x00001590 (Section: .text)
|
| BaseOfCode |
0x1000
|
| BaseOfData |
0x7000
|
| ImageBase |
0x400000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
4.0
|
| ImageVersion |
1.0
|
| SubsystemVersion |
4.0
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x18000
|
| SizeOfHeaders |
0x400
|
| Checksum |
0xa772
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
|
| SizeofStackReserve |
0x200000
|
| SizeofStackCommit |
0x1000
|
| SizeofHeapReserve |
0x100000
|
| SizeofHeapCommit |
0x1000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
c222cf7ac34c95684f36b656e8daf49c
|
| SHA1 |
590e8aa474117ab7ed9fa01459afe12b48a99dc6
|
| SHA256 |
57be8c9b92da9b7223bcf8cb64dae78e3169c5b43192cfebb95f4319cd697ea8
|
| SHA3 |
04adc051cff81cb2e74d980be1d500906bc6d1d973ed6c12caa1e524b454ef17
|
| VirtualSize |
0x5970
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0x5a00
|
| PointerToRawData |
0x400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_2048BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_8BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
6.17063
|
| MD5 |
bdf323784e31246346af7e67d80dad4b
|
| SHA1 |
a6d835c8c78dc1d409aeca0c7af95e981566b209
|
| SHA256 |
a539bddc52115c1275111967ad679292f648b6edf7571a58d80d1dcec8fedf61
|
| SHA3 |
8f0aeee8bbc6271981d84dc092448f4afd1ef2ed7148d6a070837fca62361754
|
| VirtualSize |
0x10
|
| VirtualAddress |
0x7000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x5e00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.11837
|
| MD5 |
bd1d2c5a762b1998116e56a715d2d844
|
| SHA1 |
42ec9217a5c1f354dfb975496351eb71002a63a1
|
| SHA256 |
32a5505b999ecec2502941c4dc7fa2b2bb2b0860d38a40de665dfdbfac866c4c
|
| SHA3 |
fd9f4d260dcb4a2890eee30569732451d0e582dc4cdd8809fd34841eced4fa1a
|
| VirtualSize |
0x918
|
| VirtualAddress |
0x8000
|
| SizeOfRawData |
0xa00
|
| PointerToRawData |
0x6000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
5.27517
|
| MD5 |
2202f81e016d9c584e950bc63f8a1201
|
| SHA1 |
675ec73071f9bd80e7588ba7b43c08183ec2c6be
|
| SHA256 |
49afb516dce0a2d3e31fda3333bc66239c213211dc18883def9e8fd3f96fb2cb
|
| SHA3 |
4c9606e01bc23ced9b111026642e9a783870e9a47996b65258ca9e91291f55fa
|
| VirtualSize |
0x1114
|
| VirtualAddress |
0x9000
|
| SizeOfRawData |
0x1200
|
| PointerToRawData |
0x6a00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
4.82235
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0x8dcc
|
| VirtualAddress |
0xb000
|
| SizeOfRawData |
0
|
| PointerToRawData |
0
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| MD5 |
0a22acd17d95488faa2e048e11000e16
|
| SHA1 |
30b6ba53978450d72501c09dc651ef113ecb6127
|
| SHA256 |
ed36549a981ebf8af5baaf5ac3b7d07f2d9c64290f55931a96443161c42e3faa
|
| SHA3 |
169a871d7aff208df9907ef1b7155c55edb3c26b254ceea663f98735c0fc8f74
|
| VirtualSize |
0xcc0
|
| VirtualAddress |
0x14000
|
| SizeOfRawData |
0xe00
|
| PointerToRawData |
0x7c00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
4.91037
|
| MD5 |
ddbbfb75e8b9164a9c30fae9f0465b9f
|
| SHA1 |
ac31946bdf8da4bca1ef6ba012503463d7f52a2c
|
| SHA256 |
b81cd5811cc7d7874397de76a20dfdfe4f2d29fb291b19f80bcd65fef87ff6b3
|
| SHA3 |
fa543bd78d30cdcda8f3656cb20f634d63cb5201ca6055028de2dd216f36d0ed
|
| VirtualSize |
0x18
|
| VirtualAddress |
0x15000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x8a00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.0980042
|
| MD5 |
db57b06664eb7bf11486e9a180e31184
|
| SHA1 |
1d107653d811fde1dcb46a784c5c659baf6914fc
|
| SHA256 |
f597e9f411e7070d6797b847600ac01e555176dfd2e2aee697d9c614dbffe014
|
| SHA3 |
ce922ef00546bc1a0f3ac0375de0b529c63692a75f6332b5ac032e22db90f31a
|
| VirtualSize |
0x20
|
| VirtualAddress |
0x16000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x8c00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.231158
|
| MD5 |
513a835c2f171fbed4364eba82d1b599
|
| SHA1 |
a0b54af28f8829667417cd5cd85a0a5d50bd2260
|
| SHA256 |
6c5d00a31612f26129914a8ea4689ba4cea4c79a3304618479b380dc3a4e25d7
|
| SHA3 |
e3b653cbc476a32df4b036763638eb055b776d0b7450e26dd751d6976ae9f461
|
| VirtualSize |
0x440
|
| VirtualAddress |
0x17000
|
| SizeOfRawData |
0x600
|
| PointerToRawData |
0x8e00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
2.92929
|
| advapi32.dll |
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
|
| kernel32.dll |
CloseHandle
CreateMutexA
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindResourceExA
FormatMessageA
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetEnvironmentVariableA
GetExitCodeProcess
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GlobalMemoryStatusEx
InitializeCriticalSection
LeaveCriticalSection
LoadResource
LocalFree
LockResource
SetEnvironmentVariableA
SetLastError
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
|
| msvcrt.dll |
_strdup
_stricoll
|
| msvcrt.dll (#2) |
_strdup
_stricoll
|
| shell32.dll |
ShellExecuteA
|
| user32.dll |
CreateWindowExA
DispatchMessageA
EnumWindows
FindWindowExA
GetMessageA
GetSystemMetrics
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
KillTimer
LoadImageA
MessageBoxA
PostQuitMessage
SendMessageA
SetForegroundWindow
SetTimer
SetWindowPos
ShowWindow
TranslateMessage
UpdateWindow
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x4
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
2
|
| MD5 |
1978f527feb826faaae7f9f7573ca012
|
| SHA1 |
b559a2542536942556ccaf4f84b018c985d29984
|
| SHA256 |
725797656a192ab0930d1fad16165c97e706e56b381b43a42166429f2da8fa2c
|
| SHA3 |
1374cad9f5b01235c33891b5af70790d197cdf9159baed8cb753ffa2ed24b4e7
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x4
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
2
|
| MD5 |
82f89a4dd64df14feab72f1971d50dc6
|
| SHA1 |
d7a2fc74a92d7ab22b2fb0a74fbf9c434ae9fbca
|
| SHA256 |
c5884510b4ddd0931627ddca2bbad344ed6113bcb2e4fd59238364cb60e7a8d8
|
| SHA3 |
5095e21dc2f8d55932c30fa2e023b04091486fdb613911096ee5ce1b614311df
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x2
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
1
|
| MD5 |
5d0b26628424c6194136ac39aec25e55
|
| SHA1 |
f3e84b722399601ad7e281754e917478aa9ad48d
|
| SHA256 |
075d3ddf5a3a826e13a92288e853bc4b2cb17fb05367ae865f401a4bb11f05ce
|
| SHA3 |
edd9a75065afa5bb8908de22e7dfa82223ae1d6c8bbb66aca0162116d631ac33
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x2b
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
3.8036
|
| MD5 |
26eb59a7ff388b08b3ce473d602d6202
|
| SHA1 |
420adfa824311155c4142d7ef22a053d8907705a
|
| SHA256 |
997f91d4910f157d4f9f95618c19c0eee50f878975479e78ecdf53e45056e64a
|
| SHA3 |
31e680c5722c3b0b08ffbf936ce5f30e87aed5f554c7e7582772d9a3efe0d4a7
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x2
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
1
|
| MD5 |
5d0b26628424c6194136ac39aec25e55
|
| SHA1 |
f3e84b722399601ad7e281754e917478aa9ad48d
|
| SHA256 |
075d3ddf5a3a826e13a92288e853bc4b2cb17fb05367ae865f401a4bb11f05ce
|
| SHA3 |
edd9a75065afa5bb8908de22e7dfa82223ae1d6c8bbb66aca0162116d631ac33
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x5
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
2.32193
|
| MD5 |
cc04a27b7e4921cad6340357dea87002
|
| SHA1 |
6327dc7237d67e8099089dad4c84c2cca4992e06
|
| SHA256 |
debc2f07db78d52d2def07b7bc620d7042367501d9439a62ba09b559a98e0957
|
| SHA3 |
2dbccc2e90fcda82baad7a2059c60bb370e6c2e41815ec714c412cb32a3c61e8
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x2
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
1
|
| MD5 |
06d49632c9dc9bcb62aeaef99612ba6b
|
| SHA1 |
e91fe173f59b063d620a934ce1a010f2b114c1f3
|
| SHA256 |
e79e418e48623569d75e2a7b09ae88ed9b77b126a445b9ff9dc6989a08efa079
|
| SHA3 |
7152cdb440cd72bbd4745d106c162de0c3d783a2b06a571256ee4ad66f1593f7
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x3
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
1.58496
|
| MD5 |
00ccbaa75e32b1a555509ae4aa03970d
|
| SHA1 |
b8d2d275b8e18b128218e64a4d6494a97189c8ed
|
| SHA256 |
91c2a5652b88665d5de623e946a59451f7527d2c704c30a5650cc10bb225ff02
|
| SHA3 |
c624bb3c48d93e0c92d7168ea049495ea4f8f3917334ee727feb661a39811f48
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x19
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
3.91327
|
| MD5 |
40828d3ff7217c7a65861dc59f48eca9
|
| SHA1 |
a470be8b8d8b3930cef57d07be5b6ccc158652e3
|
| SHA256 |
2ef475f4ca5d04abd8ffcab4dab7afb4c6fad4b5a9e81956d3df612f34829841
|
| SHA3 |
403b412d02be21161a191d0185c371377a597e0cab01375f50009a2694e19616
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x2
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
1
|
| MD5 |
6d5ababb65e9ff214b73e891b4afe6e8
|
| SHA1 |
21ed4c7af50d987589a9029fc0422151be3a0fc2
|
| SHA256 |
913da1f8df6f8fd47593840d533ba0458cc9873996bf310460abb495b34c232a
|
| SHA3 |
61e11a19c7042bb4f5acbce11a6a1540fde023ffcfe584d31dfa2ae51b782e10
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x32
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
4.04307
|
| MD5 |
5543dda0068cad802d1a66943873faf3
|
| SHA1 |
927138fcb8945141429e999e92f5cfbe50082cd8
|
| SHA256 |
4ef9e51eb916d15bf8901e8ae324390cdedf728297a729d0fb823964730801fe
|
| SHA3 |
b06418d850e2e0fcc623d3d85e663444a69583ac633d3fe67e836b2ac2390da5
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x36
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
4.20399
|
| MD5 |
86a3c1ca9da5e80fbbb350021bd618d8
|
| SHA1 |
e94d2b7cc56af615837c349916eff9849bdfeed2
|
| SHA256 |
2621256c93375617aba5a69d36c418c44381c5e913dddfaca576702aa105a2b1
|
| SHA3 |
5828a6f0f07a0794c18151cefcc2d078fb5de35b3362271d095e53d2edef2a40
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x35
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
4.14776
|
| MD5 |
de13262b91fa9ac1a9a1119dcfa949af
|
| SHA1 |
52b6eda6148a9802ccb4c7d8e35cd2a32c01aad3
|
| SHA256 |
0bf65805e92c10fa89fbeaf313dedeaaf166f8f8cee5827f7478f2a7d4c3bd9d
|
| SHA3 |
50cc4ec50a982a8afc58491e28132f174f86399f71f563d6857394e5632718e6
|
| Type |
RT_RCDATA
|
| Language |
Process Default Language
|
| Codepage |
UNKNOWN
|
| Size |
0x68
|
| TimeDateStamp |
2024-Jan-24 06:11:56
|
| Entropy |
4.11008
|
| MD5 |
0098ee1e5282941a123051f1d9056aae
|
| SHA1 |
253ae65f8a2a8d7e3a4135985cc8814739204897
|
| SHA256 |
a9c88a2082dfa1f26c8ee0d9f6f58ad42142baa0f111d239011830a847fea5c5
|
| SHA3 |
6a7e8eefdc45dad04fa11e5ea59b3b0dfbeeda27c6b3d93d8bd862091949881b
|
| StartAddressOfRawData |
0x416019
|
| EndAddressOfRawData |
0x41601c
|
| AddressOfIndex |
0x40b030
|
| AddressOfCallbacks |
0x415004
|
| SizeOfZeroFill |
0
|
| Characteristics |
IMAGE_SCN_TYPE_REG
|
| Callbacks |
0x00404500
0x004044B0
|
[*] Warning: Section .bss has a size of 0!