b9f735a5d0c587b6bde7cadf321e36aa

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2019-May-26 12:16:00
Debug artifacts D:\Projects\TocaEdit\x360ce\x360ce.App.Beta\obj\Debug\x360ce.pdb
Comments Wrapper library that translates XInput calls to DirectInput calls, for support old, no XInput compatible gamepads.
CompanyName Jocys.com
FileDescription Jocys.com X360 Controller Emulator
FileVersion 4.10.0.0
InternalName x360ce.exe
LegalCopyright Copyright © Jocys.com 2019
LegalTrademarks
OriginalFilename x360ce.exe
ProductName X360 Controller Emulator
ProductVersion 4.10.0.0
Assembly Version 4.10.0.0

Plugin Output

Info Matching compiler(s): Microsoft Visual C# v7.0 / Basic .NET
.NET DLL -> Microsoft
MASM/TASM - sig1(h)
.NET executable -> Microsoft
Suspicious Strings found in the binary may indicate undesirable behavior: May have dropper capabilities:
  • CurrentControlSet\Services
  • CurrentVersion\Run
Accesses the WMI:
  • root\cimv2
Miscellaneous malware strings:
  • Virus
Info Cryptographic algorithms detected in the binary: Uses constants related to SHA1
Info The PE is digitally signed. Signer: Evaldas Jocys
Issuer: Certum Code Signing CA SHA2
Safe VirusTotal score: 0/67 (Scanned on 2020-01-29 21:25:04) All the AVs think this file is safe.

Hashes

MD5 b9f735a5d0c587b6bde7cadf321e36aa
SHA1 f42cfeda64ae512f07f15675d552ff3648bfd143
SHA256 fd86b6fc83edf6ddda2c5c5051299ebac23f041b6c33f7f97e5e0274a0611b36
SHA3 f2655f1654af12efc60008f04e928404da5e6e416b99a996c4fc8af4ec97c2bb
SSDeep 393216:fLwvu0Bwhs8vu0BQhsOFOvu0BaF9hsTkl:fLwvUh7vMhyve9h+kl
Imports Hash f34d5f2d4577ed6d9ceec516c1f5a744

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2019-May-26 12:16:00
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32
LinkerVersion 48.0
SizeOfCode 0xc9f400
SizeOfInitializedData 0x24a00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00CA1346 (Section: .text)
BaseOfCode 0x2000
BaseOfData 0xca2000
ImageBase 0x400000
SectionAlignment 0x2000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0xcca000
SizeOfHeaders 0x200
Checksum 0xccf1f5
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 487ee585107c5d1d103e7cfd6f688805
SHA1 9da55be33afa9bec8f54d5fd118daa580098e595
SHA256 298b5454cfd42ac04fb8621453df76c365cb6d01fb2420bf02375c34e7c29034
SHA3 b16e8162b1e4576deaf36d757d21f2c840e67f8a3a26ce930f2a88b0e2b4b9b8
VirtualSize 0xc9f34c
VirtualAddress 0x2000
SizeOfRawData 0xc9f400
PointerToRawData 0x200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 7.85787

.rsrc

MD5 339f9a4283b15ab532122c05bb3ee46d
SHA1 84d597c1a43807f0d485cccf36c9198b7b12668c
SHA256 86cf5a9961491e781b0529c0dd0a827568281f9b8c27261fd01aa9d6125f11ec
SHA3 ea29967a25f2419a7c07d9ac11b5ebe0d0698c6b275f90410be1a377bf443f0e
VirtualSize 0x24674
VirtualAddress 0xca2000
SizeOfRawData 0x24800
PointerToRawData 0xc9f600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 7.54498

.reloc

MD5 8fa5a914297d43885c82ccc1cd08d1c5
SHA1 8e16ea5a44b5249201065b53a190ce23953282ed
SHA256 2350835b4717218f38cca9114221539024aebb81931d0cb7a69a7eb6d27848e9
SHA3 e077b02d2a9ea38e50cda526f361eb1278520006f0b11ed75fce47710e6284c8
VirtualSize 0xc
VirtualAddress 0xcc8000
SizeOfRawData 0x200
PointerToRawData 0xcc3e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.10191

Imports

mscoree.dll _CorExeMain

Delayed Imports

1

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x4ee8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.95012
Detected Filetype PNG graphic file
MD5 f6cb1602abc0b786dfc6e8f2ad814d8c
SHA1 8c666181ee79f3c6e434b5711df45e1e770d7c95
SHA256 a044768020328ab78cbb800c137d39344f3cddbc926bf34c7ec5672e251ab2d9
SHA3 aec2bbe8e471dd241675fbb3549ab06754e55c7a19d5f77d8e7f5523ff635c49

2

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.08832
MD5 a2b6126934a4237981dd82243a9df3bb
SHA1 76b23829381cd51314fc3d69573089c68be522af
SHA256 00a0d6ff81194e4268a18c9e74aa55ce28e00fea84ca9ba8fd247a57d4a7e86e
SHA3 2c8bf611a7c5b978c1054f1fcbeee70b074b06162a9768b67fcb7a7de482f5a5

3

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.36053
MD5 2fa86461958258a4cc770701c252375f
SHA1 3d9b341d09881fe966403a5164447b080fddd005
SHA256 29353f14479923fad2c7918485f267216d5b61d0469ad9e50927392f98af1bb1
SHA3 822eeff41ad293d8f64bc9d0ae03eea0a8238ff4b40949d0c88c3be14e33de47

4

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x1e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.39277
MD5 f5768726abe3ec9fad36a1193438cbe9
SHA1 4798a6c8b691eec8a880d10f87628312b3d51964
SHA256 104890227024dde80c5a2e25cce4f14f92f91511933030d0057a043d64b4d9e9
SHA3 433a13158bf942b35a2436ebb1ac8b008ab0fe13d24a80be547d75f5d25bb1d4

5

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.21606
MD5 27f535e964357e659e5485717343d412
SHA1 651b8237cc2e292a81b51aafbffe44ff9e392118
SHA256 6a69f7cbf39faaac29e23bace0c45349d9294cafe0df42c7f7a6a2792df89a9a
SHA3 930d66e8517e31b4995bfaa53b017756de82cd5cc397873f8f41c711759935a1

6

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x9f30
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.98706
Detected Filetype PNG graphic file
MD5 84c346ce59d1ba3af75141adbf81483e
SHA1 e41c82044acdef926c6895e9c28d5f00b84df93f
SHA256 e8d41cee770078fa8073d127607feb50932313a78e16584f9dcae2b62f2b2b90
SHA3 1c7c7a42fb5b60adcf105c5a71534157486f6c8a8d76ac0d89a4dfae5b0cc74c

7

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.75134
MD5 849249272cf4d4846e6bc25b78c4c77a
SHA1 b1d21c7c1f548262b1a71eff48e31b4124796416
SHA256 e0086d8c57ea851993c49ab614fbd0e6bde64d011a2af6136d242ed4ffa7837c
SHA3 0f91b04addd577a24acb678c94836e406d8a4576f85d24e2c62bf36d05e1a60c

8

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.57652
MD5 4866868b4f76a3c383dd84cef5c40193
SHA1 5a2d8bf55b323bd0033e219b6c840384f84f4956
SHA256 b03af254a719f106a62968f0f17d509d1014b36cc1b26bdd81300db5b790d10b
SHA3 7615c92f1a164823a7f2eadd19bc1d8937440825424109dde05d544f0fe076af

9

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x6c8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.95419
MD5 05d4bfb0365a6099ad33c21380985ab3
SHA1 814cc20fa6dbc49d0da081bd38adf172715b5f66
SHA256 b41fccbe85317e3f949b332dae0b43f6d84355005c50f9d0b5b2e0acddb091c9
SHA3 395490f75b6defe642901423b090365fd237f5a09c5babb4c42ed5efa40c2744

10

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.69682
MD5 39950e227bce23a399f83079c1400a6a
SHA1 a0f75319071d950beefd67f8c1e3b1c66a9c63c5
SHA256 2416602a5730918c9c59e79297f6acc3d4499eec23413d7c09dd112aa8bc7ca0
SHA3 fa1f887ec7ace7ee0fb2d2e15a2e596beeafe8a59db00e134c07b1af8f84152d

11

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0xd926
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.98483
Detected Filetype PNG graphic file
MD5 f4c10158fcbbdc0ac0f2d576bf8c00af
SHA1 a3be5a442aa6bf7df4d18b4e1d5894601b4bcc95
SHA256 512501885c5c94f8ddddc843732f0600dcaf650e60a33c5423f0e981c00be5ef
SHA3 796147bc3e47514e613e5fdc70278f0ef9fea1bdd21e06cb5d0fa4552bb25823

12

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.12817
MD5 8de6ee0053c798165a22d8028fff66c1
SHA1 650afcdc5a42586a7414b825f4ce22443fce9308
SHA256 4ec26333871208887078966a0ea2862494942fa00d299e5a891abc5815e42bcb
SHA3 4fad82ef2495bdb0894157a20c1fe278d3525f2bf3dd2bc012e632310aaad954

13

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.40772
MD5 035dbec10724a7463bc56a8a668ec467
SHA1 432b49984f5a167da7827db8e907247b50164c2c
SHA256 dac19292c1c9c2e61382e1082cda6a832fafe21d63054be091df203bd7355b75
SHA3 0cea0411f71e654cade88b0554f3e804809e5dee54eebc049d6b46bb705a148b

14

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.91873
MD5 4b9529841d28af0b3a8e8f42fc35ebd1
SHA1 a7c3ea362189abca98d9183c9d7462fc5a207b05
SHA256 659b87a3d1aaa8e879095769bac5598918fd63f8e7581efa07c489ed049a7b6a
SHA3 db49447090b76b98fe95f2c6cb1fe747b611391ac03b8bd899b4a442396dbfcc

15

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.16125
MD5 8cd8ae724341c36fb3251cda6b8df612
SHA1 73fde7e5af7f9af0d9ad673e3007e967e216539e
SHA256 f7f5b7ddb8a9a9c1b9aa4ac78db52b649ce1ffb742bc4bfc849572d8a84dd908
SHA3 2b71f8d5cf0da72b77ae9b642bb6b2ff52a1469f741351195a10d20dcd78323b

32512

Type RT_GROUP_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0xd8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.0583
Detected Filetype Icon file
MD5 1dd299784e21f711f34af30614c45298
SHA1 1082a6c7f38e6451c616f29fa56907a645e09589
SHA256 5d9e4887bdeb77a0d31993cadde8d441337fec3b18b7cc137962eda4b6fd383b
SHA3 c38c3147068bbbeea312a8b4278c9da94f24f3ec48c81adcb143dc60af7b43c0

1 (#2)

Type RT_VERSION
Language UNKNOWN
Codepage UNKNOWN
Size 0x47a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.38303
MD5 41e2d8d8eabe7a6240227f2dc2e9d04b
SHA1 33a49f670f2065f233a92adb2b5462015ca40435
SHA256 411c21e1ba20ed44156c9ccd42095698c92d750770697bfcd20635caaf5fe9d1
SHA3 29a52c45632140922350b2d39957ee3bca8175a6992ee1910f8cba9b4e20b510

1 (#3)

Type RT_MANIFEST
Language UNKNOWN
Codepage UNKNOWN
Size 0x1ea
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.00112
MD5 b7db84991f23a680df8e95af8946f9c9
SHA1 cac699787884fb993ced8d7dc47b7c522c7bc734
SHA256 539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a
SHA3 4f72877413d13a67b52b292a8524e2c43a15253c26aaf6b5d0166a65bc615cff

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 4.10.0.0
ProductVersion 4.10.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
Comments Wrapper library that translates XInput calls to DirectInput calls, for support old, no XInput compatible gamepads.
CompanyName Jocys.com
FileDescription Jocys.com X360 Controller Emulator
FileVersion (#2) 4.10.0.0
InternalName x360ce.exe
LegalCopyright Copyright © Jocys.com 2019
LegalTrademarks
OriginalFilename x360ce.exe
ProductName X360 Controller Emulator
ProductVersion (#2) 4.10.0.0
Assembly Version 4.10.0.0
Resource LangID UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2019-May-26 12:15:59
Version 0.0
SizeofData 284
AddressOfRawData 0xca11d8
PointerToRawData 0xc9f3d8
Referenced File D:\Projects\TocaEdit\x360ce\x360ce.App.Beta\obj\Debug\x360ce.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

<-- -->