Architecture |
IMAGE_FILE_MACHINE_I386
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 1992-Jun-19 22:22:17 |
Detected languages |
English - United States
Farsi - Iran |
Comments | This installation was built with Inno Setup. |
CompanyName | GOG.com |
FileDescription | Cannon Fodder Setup |
FileVersion | 1.0.0.1 |
LegalCopyright | |
ProductName | Cannon Fodder |
ProductVersion | 1.0.0.1 |
Suspicious | Strings found in the binary may indicate undesirable behavior: |
Looks for Qemu presence:
|
Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses constants related to MD5 |
Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
Suspicious | The file contains overlay data. |
19541979 bytes of data starting at offset 0x164c00.
The overlay data has an entropy of 7.99999 and is possibly compressed or encrypted. Overlay data amounts for 93.0427% of the executable. |
Safe | VirusTotal score: 0/70 (Scanned on 2019-10-18 08:14:48) | All the AVs think this file is safe. |
e_magic | MZ |
---|---|
e_cblp | 0x50 |
e_cp | 0x2 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0xf |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0x1a |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x100 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections | 8 |
TimeDateStamp | 1992-Jun-19 22:22:17 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xe0 |
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
|
Magic | PE32 |
---|---|
LinkerVersion | 2.0 |
SizeOfCode | 0xd8000 |
SizeOfInitializedData | 0x8c800 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x000D872C (Section: CODE) |
BaseOfCode | 0x1000 |
BaseOfData | 0xd9000 |
ImageBase | 0x400000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 4.0 |
ImageVersion | 6.0 |
SubsystemVersion | 4.0 |
Win32VersionValue | 0 |
SizeOfImage | 0x16b000 |
SizeOfHeaders | 0x400 |
Checksum | 0 |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x4000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
kernel32.dll |
DeleteCriticalSection
LeaveCriticalSection EnterCriticalSection InitializeCriticalSection VirtualFree VirtualAlloc LocalFree LocalAlloc GetCurrentThreadId InterlockedDecrement InterlockedIncrement VirtualQuery WideCharToMultiByte MultiByteToWideChar lstrlenA lstrcpynA LoadLibraryExA GetThreadLocale GetStartupInfoA GetProcAddress GetModuleHandleA GetModuleFileNameA GetLocaleInfoA GetLastError GetCommandLineA FreeLibrary FindFirstFileA FindClose ExitProcess WriteFile UnhandledExceptionFilter SetFilePointer SetEndOfFile RtlUnwind ReadFile RaiseException GetStdHandle GetFileSize GetSystemTime GetFileType CreateFileA CloseHandle |
---|---|
user32.dll |
GetKeyboardType
LoadStringA MessageBoxA CharNextA |
advapi32.dll |
RegQueryValueExA
RegOpenKeyExA RegCloseKey |
oleaut32.dll |
SysFreeString
SysReAllocStringLen SysAllocStringLen |
kernel32.dll (#2) |
DeleteCriticalSection
LeaveCriticalSection EnterCriticalSection InitializeCriticalSection VirtualFree VirtualAlloc LocalFree LocalAlloc GetCurrentThreadId InterlockedDecrement InterlockedIncrement VirtualQuery WideCharToMultiByte MultiByteToWideChar lstrlenA lstrcpynA LoadLibraryExA GetThreadLocale GetStartupInfoA GetProcAddress GetModuleHandleA GetModuleFileNameA GetLocaleInfoA GetLastError GetCommandLineA FreeLibrary FindFirstFileA FindClose ExitProcess WriteFile UnhandledExceptionFilter SetFilePointer SetEndOfFile RtlUnwind ReadFile RaiseException GetStdHandle GetFileSize GetSystemTime GetFileType CreateFileA CloseHandle |
advapi32.dll (#2) |
RegQueryValueExA
RegOpenKeyExA RegCloseKey |
kernel32.dll (#3) |
DeleteCriticalSection
LeaveCriticalSection EnterCriticalSection InitializeCriticalSection VirtualFree VirtualAlloc LocalFree LocalAlloc GetCurrentThreadId InterlockedDecrement InterlockedIncrement VirtualQuery WideCharToMultiByte MultiByteToWideChar lstrlenA lstrcpynA LoadLibraryExA GetThreadLocale GetStartupInfoA GetProcAddress GetModuleHandleA GetModuleFileNameA GetLocaleInfoA GetLastError GetCommandLineA FreeLibrary FindFirstFileA FindClose ExitProcess WriteFile UnhandledExceptionFilter SetFilePointer SetEndOfFile RtlUnwind ReadFile RaiseException GetStdHandle GetFileSize GetSystemTime GetFileType CreateFileA CloseHandle |
version.dll |
VerQueryValueA
GetFileVersionInfoSizeA GetFileVersionInfoA |
gdi32.dll |
UnrealizeObject
StretchDIBits StretchBlt SetWindowOrgEx SetWindowExtEx SetWinMetaFileBits SetViewportOrgEx SetViewportExtEx SetTextColor SetStretchBltMode SetROP2 SetPixel SetPaletteEntries SetMapMode SetEnhMetaFileBits SetDIBColorTable SetBrushOrgEx SetBkMode SetBkColor SelectPalette SelectObject SaveDC RoundRect RestoreDC ResizePalette Rectangle RectVisible RealizePalette Polyline PolyPolyline PlayEnhMetaFile Pie PatBlt MoveToEx MaskBlt LineTo IntersectClipRect GetWindowOrgEx GetWinMetaFileBits GetTextMetricsA GetTextExtentPointA GetTextExtentPoint32A GetSystemPaletteEntries GetStockObject GetRgnBox GetPixel GetPaletteEntries GetObjectA GetNearestPaletteIndex GetEnhMetaFilePaletteEntries GetEnhMetaFileHeader GetEnhMetaFileBits GetDeviceCaps GetDIBits GetDIBColorTable GetDCOrgEx GetCurrentPositionEx GetClipBox GetBrushOrgEx GetBitmapBits GdiFlush ExtTextOutA ExtCreatePen ExcludeClipRect Ellipse DeleteObject DeleteEnhMetaFile DeleteDC CreateSolidBrush CreateRectRgn CreatePenIndirect CreatePen CreatePalette CreateHalftonePalette CreateFontIndirectA CreateDIBitmap CreateDIBSection CreateCompatibleDC CreateCompatibleBitmap CreateBrushIndirect CreateBitmap CopyEnhMetaFileA CombineRgn BitBlt |
user32.dll (#2) |
GetKeyboardType
LoadStringA MessageBoxA CharNextA |
comctl32.dll |
ImageList_SetIconSize
ImageList_GetIconSize ImageList_Write ImageList_Read ImageList_GetDragImage ImageList_DragShowNolock ImageList_SetDragCursorImage ImageList_DragMove ImageList_DragLeave ImageList_DragEnter ImageList_EndDrag ImageList_BeginDrag ImageList_Remove ImageList_DrawEx ImageList_Draw ImageList_GetBkColor ImageList_SetBkColor ImageList_ReplaceIcon ImageList_Add ImageList_GetImageCount ImageList_Destroy ImageList_Create InitCommonControls |
kernel32.dll (#4) |
DeleteCriticalSection
LeaveCriticalSection EnterCriticalSection InitializeCriticalSection VirtualFree VirtualAlloc LocalFree LocalAlloc GetCurrentThreadId InterlockedDecrement InterlockedIncrement VirtualQuery WideCharToMultiByte MultiByteToWideChar lstrlenA lstrcpynA LoadLibraryExA GetThreadLocale GetStartupInfoA GetProcAddress GetModuleHandleA GetModuleFileNameA GetLocaleInfoA GetLastError GetCommandLineA FreeLibrary FindFirstFileA FindClose ExitProcess WriteFile UnhandledExceptionFilter SetFilePointer SetEndOfFile RtlUnwind ReadFile RaiseException GetStdHandle GetFileSize GetSystemTime GetFileType CreateFileA CloseHandle |
shell32.dll |
SHGetFileInfoA
|
advapi32.dll (#3) |
RegQueryValueExA
RegOpenKeyExA RegCloseKey |
oleaut32.dll (#2) |
SysFreeString
SysReAllocStringLen SysAllocStringLen |
msimg32.dll |
GradientFill
|
kernel32.dll (#5) |
DeleteCriticalSection
LeaveCriticalSection EnterCriticalSection InitializeCriticalSection VirtualFree VirtualAlloc LocalFree LocalAlloc GetCurrentThreadId InterlockedDecrement InterlockedIncrement VirtualQuery WideCharToMultiByte MultiByteToWideChar lstrlenA lstrcpynA LoadLibraryExA GetThreadLocale GetStartupInfoA GetProcAddress GetModuleHandleA GetModuleFileNameA GetLocaleInfoA GetLastError GetCommandLineA FreeLibrary FindFirstFileA FindClose ExitProcess WriteFile UnhandledExceptionFilter SetFilePointer SetEndOfFile RtlUnwind ReadFile RaiseException GetStdHandle GetFileSize GetSystemTime GetFileType CreateFileA CloseHandle |
Create |
Select directory |
Save |
Open |
Save |
Open |
Small icons |
Icons |
Details |
List |
Read only |
File type |
File name |
Folder |
Preview of the future hint window |
Gradient |
Background |
Shadow |
Bottom border |
Top border |
Color |
Save to file as... |
Load from file |
Texture |
Font |
No picture available |
Transparency |
Offset |
Percent |
Pause hide (ms) |
Max width |
Corners radius |
Vert. margin |
Horiz. margin |
Arrow length |
Blur |
Bevel width |
Style : |
Preserved settings : |
Hint Designer Form |
TsFrameAdapter adapter must be placed on the handled frame |
Hex - |
Decimal - |
Blue : |
Green : |
Red : |
Color |
Additional colors : |
Main palette : |
Define colors |
Add to custom colors set |
Listbox (%s) style must be virtual in order to set Count |
Error setting %s.Count |
(internal) |
Available skins |
&Panels... |
&Hot gradient builder... |
&Gradient builder... |
Calculator |
File open |
Help |
Restore |
Minimize |
Maximize |
Close |
Close |
Maximize |
Minimize |
Size |
Move |
Restore |
Yes to &All |
N&o to All |
&All |
&Ignore |
&Retry |
&Abort |
Help |
No help available |
&Help |
Cancel |
OK |
&No |
&Yes |
Confirm |
Information |
Error |
Warning |
Some operation could not be performed because the system is out of resources. Close some windows and try again. |
This operation is not valid because the current image contains no valid header. |
The new size provided for image resizing is invalid. |
JPEG Image File |
This "Portable Network Graphics" image is not valid because it contains invalid pieces of data (crc error) |
The "Portable Network Graphics" image could not be loaded because one of its main piece of data (ihdr) might be corrupted |
This "Portable Network Graphics" image is invalid because it has missing image parts. |
Could not decompress the image because it contains invalid compressed data. |
Description: |
The "Portable Network Graphics" image contains an invalid palette. |
The file being readed is not a valid "Portable Network Graphics" image because it contains an invalid header. This file may be corruped, try obtaining it again. |
This "Portable Network Graphics" image is not supported or it might be invalid. |
(IHDR chunk is not the first) |
This "Portable Network Graphics" image is not supported because either it's width or height exceeds the maximum size, which is 65535 pixels length. |
There is no such palette entry. |
This "Portable Network Graphics" image contains an unknown critical part which could not be decoded. |
This "Portable Network Graphics" image is encoded with an unknown compression scheme which could not be decoded. |
This "Portable Network Graphics" image uses an unknown interlace scheme which could not be decoded. |
The chunks must be compatible to be assigned. |
This "Portable Network Graphics" image is invalid because the decoder found an unexpected end of the file. |
This "Portable Network Graphics" image contains no data. |
- Dock zone not found |
- Dock zone has no control |
Multiselect mode must be on for this feature |
Separator |
Error setting %s.Count |
Listbox (%s) style must be virtual in order to set Count |
Unable to find a Table Of Contents |
No help found for %s |
No context-sensitive help installed |
No topic-based help system installed |
Invalid index |
Unable to insert an item |
Invalid owner |
This control requires version 4.70 or greater of COMCTL32.DLL |
Cannot change the size of a JPEG image |
JPEG error #%d |
Up |
Right |
Down |
Ins |
Del |
Shift+ |
Ctrl+ |
Alt+ |
Value must be between %d and %d |
Unable to insert a line |
Invalid clipboard format |
Clipboard does not support Icons |
Cannot open clipboard |
Menu '%s' is already being used by another form |
Docked control must have a name |
Error removing control from dock tree |
&Abort |
&Retry |
&Ignore |
&All |
N&o to All |
Yes to &All |
BkSp |
Tab |
Esc |
Enter |
Space |
PgUp |
PgDn |
End |
Home |
Left |
Cannot drag a form |
Metafiles |
Enhanced Metafiles |
Icons |
Bitmaps |
Invalid input value |
Invalid input value. Use escape key to abandon changes |
Warning |
Error |
Information |
Confirm |
&Yes |
&No |
OK |
Cancel |
&Help |
Menu inserted twice |
Sub-menu is not in menu |
Not enough timers available |
GroupIndex cannot be less than a previous menu item's GroupIndex |
Cannot create form. No MDI forms are currently active |
A control cannot have itself as its parent |
OK |
Cancel |
&Yes |
&No |
&Help |
&Close |
&Ignore |
&Retry |
Abort |
&All |
Unsupported clipboard format |
Out of system resources |
Canvas does not allow drawing |
Invalid image size |
Invalid ImageList |
Invalid ImageList Index |
Failed to read ImageList data from stream |
Failed to write ImageList data to stream |
Error creating window device context |
Error creating window class |
Cannot focus a disabled or invisible window |
Control '%s' has no parent window |
Cannot hide an MDI Child Form |
Cannot change Visible in OnShow or OnHide |
Cannot make a visible window modal |
Menu index out of range |
Error reading %s%s%s: %s |
Stream read error |
Property is read-only |
Resource %s not found |
%s.Seek not implemented |
Operation not allowed on sorted list |
Too many rows or columns deleted |
%s not in a class registration group |
Property %s does not exist |
Stream write error |
Bitmap image is not valid |
Icon image is not valid |
Metafile is not valid |
Invalid pixel format |
Scan line index out of range |
Cannot change the size of an icon |
String list does not allow duplicates |
Cannot create file %s |
Fixed column count must be less than column count |
Fixed row count must be less than row count |
Cannot open file %s |
Grid too large for operation |
Grid index out of range |
Invalid stream format |
''%s'' is not a valid component name |
Invalid property value |
Invalid property path |
Invalid property value |
List capacity out of bounds (%d) |
List count out of bounds (%d) |
List index out of bounds (%d) |
Out of memory while expanding memory stream |
Sunday |
Monday |
Tuesday |
Wednesday |
Thursday |
Friday |
Saturday |
Ancestor for '%s' not found |
Cannot assign a %s to a %s |
Bits index out of range |
Can't write to a read-only resource stream |
CheckSynchronize called from thread $%x, which is NOT the main thread |
Class %s not found |
A class named %s already exists |
List does not allow duplicates ($0%x) |
A component named %s already exists |
April |
May |
June |
July |
August |
September |
October |
November |
December |
Sun |
Mon |
Tue |
Wed |
Thu |
Fri |
Sat |
A call to an OS function failed |
Jan |
Feb |
Mar |
Apr |
May |
Jun |
Jul |
Aug |
Sep |
Oct |
Nov |
Dec |
January |
February |
March |
Invalid variant type conversion |
Invalid variant operation |
Variant method calls not supported |
Read |
Write |
Error creating variant array |
Variant is not an array |
Variant array index out of bounds |
External exception %x |
Assertion failed |
Interface not supported |
Exception in safecall method |
%s (%s, line %d) |
Abstract Error |
Access violation at address %p in module '%s'. %s of address %p |
System Error. Code: %d. |
%s |
Integer overflow |
Invalid floating point operation |
Floating point division by zero |
Floating point overflow |
Floating point underflow |
Invalid pointer operation |
Invalid class typecast |
Access violation at address %p. %s of address %p |
Stack overflow |
Control-C hit |
Privileged instruction |
Operation aborted |
Exception %s in module %s at %p. |
%s%s |
Application Error |
Format '%s' invalid or incompatible with argument |
No argument for format '%s' |
'%s' is not a valid integer value |
'%s' is not a valid floating point value |
'%s' is not a valid date |
'%s' is not a valid time |
'%s' is not a valid date and time |
Out of memory |
I/O error %d |
File not found |
Invalid filename |
Too many open files |
File access denied |
Read beyond end of file |
Disk full |
Invalid numeric input |
Division by zero |
Range check error |
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 1.0.0.1 |
ProductVersion | 0.0.0.0 |
FileFlags | (EMPTY) |
FileOs |
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language | UNKNOWN |
Comments | This installation was built with Inno Setup. |
CompanyName | GOG.com |
FileDescription | Cannon Fodder Setup |
FileVersion (#2) | 1.0.0.1 |
LegalCopyright | |
ProductName | Cannon Fodder |
ProductVersion (#2) | 1.0.0.1 |
Resource LangID | English - United States |
---|
StartAddressOfRawData | 0x4e4000 |
---|---|
EndAddressOfRawData | 0x4e4010 |
AddressOfIndex | 0x4df708 |
AddressOfCallbacks | 0x4e5010 |
SizeOfZeroFill | 0 |
Characteristics |
IMAGE_SCN_TYPE_REG
|
Callbacks | (EMPTY) |