be44b34e6ae181b7d24c2b48bf4404d7

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2018-May-15 11:34:39
Detected languages English - United States
Debug artifacts C:\Users\tgroben\Downloads\hello-world-dll-master\Release\x86\hello-world.pdb

Plugin Output

Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 be44b34e6ae181b7d24c2b48bf4404d7
SHA1 d8a500fd1869fb3c0d499efc4f0aa1128beaf6c3
SHA256 903356c8f96ef23bcbb78583d14aa7c0d9028bbebcaa2fa2801f3b0fa8f20c21
SHA3 5913f7caec1f53864ced350d2e651ac9429117a67c3415a568b1786a2e65882f
SSDeep 96:JrSl2SmynRVvWwkJq2+hsRruhPyokOv06zw5WGfQszU3L0ax:NS4SpVBUq2uOuDkOvnqWifzU34
Imports Hash 10d8cbcc4d9e244d697f1c09224856dc

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x100

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 6
TimeDateStamp 2018-May-15 11:34:39
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0xe00
SizeOfInitializedData 0x1400
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00001360 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x2000
ImageBase 0x10000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x7000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 b8d52a5346c13ed17d3fcf739116a03e
SHA1 b31d3e4928b8e5fd811a1d004bc5c29f986685c5
SHA256 0a871303dcba64c81657c07e174c9683fe44bc31c3f6ecf96dbdb6ca79debba0
SHA3 4f141c921b66dd0d49281b09f57c8ed51f90210312d3e1d0a143f19c29899040
VirtualSize 0xcb4
VirtualAddress 0x1000
SizeOfRawData 0xe00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.88819

.rdata

MD5 f0688da41f26cdc28410338d81b7861e
SHA1 2236bc907a4e5c3f7a7cd4102a94db19d23e0c1e
SHA256 d00c7e0e4d20e8d1553d2d6ed82c17c5002e32bac99699a0aa4ec14a623ae23c
SHA3 3a77b537409e9afa108174ea96ee0fc06e00f5e8727a707cdf8899f3380cf938
VirtualSize 0x8c0
VirtualAddress 0x2000
SizeOfRawData 0xa00
PointerToRawData 0x1200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.22631

.data

MD5 3daece0110e8b3671b990d52a1a0ab2d
SHA1 0576a39b56fcd44382201ea31ba277db83e5f489
SHA256 91be23196c935e19a2297be950ddfb50aefe5cea303b8ea80bd2487982fd44e1
SHA3 71bf2087221d6199ea6b5331b2e5082f3f039f84bbe5d185a039e180a3138e7b
VirtualSize 0x388
VirtualAddress 0x3000
SizeOfRawData 0x200
PointerToRawData 0x1c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0.265467

.gfids

MD5 a92cc8ed8c85d36fee9303020b9c9396
SHA1 0fef7b8116a3609cf1d964d03a3bf867a58da7ab
SHA256 cc8835258979aed8e211e2834479b7d1ada94c9958f389422bae7b018ea57550
SHA3 dae2469b523d120178b02c48449c1e04f1383ab7349c416ae238cf58df9a5d33
VirtualSize 0x14
VirtualAddress 0x4000
SizeOfRawData 0x200
PointerToRawData 0x1e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 0.10191

.rsrc

MD5 70c057a52361f99a1d3b0a95d69f9423
SHA1 40a591e650798c6121532b15e9e524abb22fc95a
SHA256 288705ff8729d8db088e399f8ac988c51d471e185562437dfd2996b47f9fe416
SHA3 a2a185981f65d62375dc0fe0a607ba1181e4372a709be90d9197be4d3ccc4536
VirtualSize 0x1e0
VirtualAddress 0x5000
SizeOfRawData 0x200
PointerToRawData 0x2000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.70317

.reloc

MD5 fe764535da4cecb00e4b018af2c56334
SHA1 e87ac126cf8e8f90a51909b7157b8b63636fc85d
SHA256 cd65319f184cab9a0ccd220aacb614ed814609cd7cea8feb582ad601e0b67a55
SHA3 8b90030f6b6b06127b45949747742c5f5fe9c9d89bae85a9c617b476af1a5907
VirtualSize 0x134
VirtualAddress 0x6000
SizeOfRawData 0x200
PointerToRawData 0x2200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 4.43372

Imports

KERNEL32.dll CreateThread
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
USER32.dll MessageBoxA
VCRUNTIME140.dll __std_type_info_destroy_list
_except_handler4_common
memset
api-ms-win-crt-runtime-l1-1-0.dll _initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_cexit
_crt_atexit
_register_onexit_function
_configure_narrow_argv
_execute_onexit_table

Delayed Imports

_DllMain@12

Ordinal 1
Address 0x1020

_MessageBoxThread@4

Ordinal 2
Address 0x1000

2

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x17d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.91161
MD5 1e4a89b11eae0fcf8bb5fdd5ec3b6f61
SHA1 4260284ce14278c397aaf6f389c1609b0ab0ce51
SHA256 4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df
SHA3 4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2018-May-15 11:34:39
Version 0.0
SizeofData 102
AddressOfRawData 0x21a4
PointerToRawData 0x13a4
Referenced File C:\Users\tgroben\Downloads\hello-world-dll-master\Release\x86\hello-world.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2018-May-15 11:34:39
Version 0.0
SizeofData 20
AddressOfRawData 0x220c
PointerToRawData 0x140c

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2018-May-15 11:34:39
Version 0.0
SizeofData 572
AddressOfRawData 0x2220
PointerToRawData 0x1420

IMAGE_DEBUG_TYPE_ILTCG

Characteristics 0
TimeDateStamp 2018-May-15 11:34:39
Version 0.0
SizeofData 0
AddressOfRawData 0
PointerToRawData 0

TLS Callbacks

Load Configuration

Size 0x5c
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x10003004
SEHandlerTable 0x100021a0
SEHandlerCount 1

RICH Header

XOR Key 0xdfeec859
Unmarked objects 0
Imports (VS2008 SP1 build 30729) 2
Imports (VS2015 UPD3 build 24123) 2
ASM objects (VS2015 UPD3 build 24123) 1
C++ objects (VS2015 UPD3 build 24123) 9
C objects (VS2015 UPD3 build 24123) 11
Imports (65501) 5
Total imports 30
265 (24225) 1
Exports (24225) 1
Resource objects (24225) 1
Linker (24225) 1

Errors

<-- -->