Manalyze report for c460ea27b361824f0b8137a503acada7297b53b163398449a54d0dcf54bd8b0d

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1999-Jan-13 19:39:53
Detected languages	English - United States
FileDescription	CSCConv MFC Application
FileVersion	`1, 0, 0, 1`
InternalName	CSCConv
LegalCopyright	Copyright (C) 1997
OriginalFilename	CSCConv.EXE
ProductName	CSCConv Application
ProductVersion	`2, 0, 0, 1`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++` `Microsoft Visual C++ v6.0` `Microsoft Visual C++ v5.0/v6.0 (MFC)`
Suspicious	VirusTotal score: 2/69 (Scanned on 2019-09-04 11:47:23)	`Lionic: Virus.Win32.Generic.mDiR` `NANO-Antivirus: Trojan.Win32.Viking.cvgzkq`

Hashes

MD5	`93604a8b0f36ff17ac7d6e2ba8322870`
SHA1	`a3349d63ec54119b33164ce88ab534819ebcc638`
SHA256	`c460ea27b361824f0b8137a503acada7297b53b163398449a54d0dcf54bd8b0d`
SHA3	`1c91ee49b782e5ecfcd85627e21a50889e991234bd523cf28832878139cf41dd`
SSDeep	`768:Jot6tBJ5EIvXnzzQrQURXGkf72fF0a7GDLzKCFV:KHIrzHURXGzp76WCF`
Imports Hash	`731fd4a2a13cf070ffd03a267c803512`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	1999-Jan-13 19:39:53
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x8000`
SizeOfInitializedData	`0x7000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000073D0 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x9000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x10000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`72d313b8bef14fba45fd4069d157ebf7`
SHA1	`0314f6e582d316149b4c1581ffe4882bdd9d20fe`
SHA256	`ed4b28d1e5358f09c1741cf6b17e86915ef07d6ae2a7f00eb6a560a69caf0690`
SHA3	`1564d89e11eef0b48458b5831c8a065abf2bb1a3cdb35c59f0c3ace6be37c2a9`
VirtualSize	`0x7339`
VirtualAddress	`0x1000`
SizeOfRawData	`0x8000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.71054`

.rdata

MD5	`460b54e47848b4dacd1b22f314ca51c3`
SHA1	`3db13e3c14ce2a9688d3fdf76dda65250f6f73b5`
SHA256	`e0d836657a36fba637dc611c0374ba9c339b1e603de72aa173cc284e3a3e9e46`
SHA3	`d59913149a77946f3a9b1fe703abd035f948a9f0999a1cb715f044f6368c2b78`
VirtualSize	`0x248a`
VirtualAddress	`0x9000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x9000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.44348`

.data

MD5	`fe6392d30a3cd4e214d40f3d0c6f0275`
SHA1	`e6bcb281649defcd39ba7409e4640906aaea1b3a`
SHA256	`26436d7e8e6ba6fc81fee596d13de5d66ad20d1e6732480d4084c83af945f3d6`
SHA3	`f1cbc3a2cd868d102acbdfa52eaba5fbafe50dcf59c468e8c5fb7cbaa2d0a0c7`
VirtualSize	`0x1100`
VirtualAddress	`0xc000`
SizeOfRawData	`0x2000`
PointerToRawData	`0xc000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.20838`

.rsrc

MD5	`16a66a121d5a45f1ffeef703be295e70`
SHA1	`5a47048780fb3a3f49318bc82522641db62e15b3`
SHA256	`7fb6c3855ad3a8b76d76240834c2c4364cc1ec2b3e1f0e3822bb74e2447714ec`
SHA3	`b6bd94739d5edb45039e92e66ce5ea8c0fc08bad0153a3931edb276f8814f871`
VirtualSize	`0x1188`
VirtualAddress	`0xe000`
SizeOfRawData	`0x2000`
PointerToRawData	`0xe000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.28759`

Imports

MFC42.DLL	`#2764` `#860` `#540` `#2817` `#858` `#922` `#923` `#4673` `#4274` `#6375` `#4486` `#2554` `#2512` `#5731` `#3922` `#1089` `#5199` `#2396` `#3346` `#5300` `#5302` `#2725` `#4079` `#4698` `#5307` `#5289` `#5714` `#2982` `#3147` `#3259` `#4465` `#3136` `#3262` `#2985` `#3081` `#2976` `#3830` `#3831` `#3825` `#3079` `#4080` `#4622` `#4424` `#3738` `#561` `#825` `#5265` `#4376` `#4853` `#4998` `#2514` `#6052` `#940` `#800` `#4407` `#5241` `#2385` `#5163` `#6374` `#4353` `#5280` `#3798` `#4837` `#4441` `#2648` `#2055` `#6376` `#3749` `#5065` `#1727` `#5261` `#2446` `#2124` `#5277` `#4627` `#4425` `#3597` `#823` `#2621` `#1134` `#641` `#815` `#4234` `#1146` `#1168` `#4278` `#6199` `#924` `#537` `#4160` `#3092` `#4710` `#6453` `#2379` `#755` `#470` `#3452` `#2515` `#355` `#3876` `#941` `#535` `#2818` `#4204` `#5710` `#4129` `#4277` `#1775` `#4078` `#324` `#1576`
MSVCRT.dll	`_controlfp` `_purecall` `_mbscmp` `atoi` `__set_app_type` `__p__fmode` `atof` `__p__commode` `_adjust_fdiv` `__setusermatherr` `_initterm` `__getmainargs` `_acmdln` `exit` `_XcptFilter` `_exit` `_onexit` `__dllonexit` `?terminate@@YAXXZ` `_except_handler3` `??1type_info@@UAE@XZ` `rename` `_mbsicmp` `_CxxThrowException` `__CxxFrameHandler` `_ftol` `_setmbcp` `_itoa`
KERNEL32.dll	`SetCurrentDirectoryA` `DeleteFileA` `GetModuleHandleA` `GetStartupInfoA`
USER32.dll	`IsIconic` `SendMessageA` `LoadIconA` `EnableWindow` `GetClientRect` `DrawIcon` `GetSystemMetrics`
SHELL32.dll	`DragQueryFileA` `DragFinish`
MSVCIRT.dll	`??1ifstream@@UAE@XZ` `??0ifstream@@QAE@XZ` `??0ofstream@@QAE@XZ` `??_Difstream@@QAEXXZ` `??6ostream@@QAEAAV0@PBD@Z` `?endl@@YAAAVostream@@AAV1@@Z` `??1ostrstream@@UAE@XZ` `??1ios@@UAE@XZ` `??0ostrstream@@QAE@XZ` `??_Dostrstream@@QAEXXZ` `?freeze@strstreambuf@@QAEXH@Z` `?seekp@ostream@@QAEAAV1@J@Z` `??6ostream@@QAEAAV0@E@Z` `?str@strstreambuf@@QAEPADXZ` `??1ofstream@@UAE@XZ` `?open@ofstream@@QAEXPBDHH@Z` `?open@ifstream@@QAEXPBDHH@Z` `?openprot@filebuf@@2HB` `?close@ofstream@@QAEXXZ` `?close@ifstream@@QAEXXZ` `_mtlock` `_mtunlock` `?get@istream@@IAEAAV1@PADHH@Z`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50296`
MD5	`19f55c7936b8f069665a59097b48c684`
SHA1	`4fcd4f2cf6a54c5f7a92034d024ea1da4e65fe85`
SHA256	`f9ab602eef80850570967a1f98e285208a8bed5d829333378582fefd0181295d`
SHA3	`13bc540cf044eda883f5262ac151c5eaf2754b1b06b8cf43c90d3fc287f54d6e`

102

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x114`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.22943`
MD5	`863e7c2eb27341fcbbe02360d80a1552`
SHA1	`48479c4b413b98f6e8574c4bcb2d7ad20e2d3771`
SHA256	`7ffb713710abd7fed6b1b3b42b40c57b77244b3fe95e8e05bcf0ceaa4b3975d1`
SHA3	`ded0fff68b2678b6c7766d46ab00b2c37137dfdef0d52d3b7e037762fa91c004`

1 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x278`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.29043`
MD5	`9a7955e6a50b8c755ee03a3a1b5dff71`
SHA1	`3fd14d37b9f30a628862ac7689930300d4139ef6`
SHA256	`7149e26311ed3e95afa85932688e11396a5f089c55f07bff422fa68ec66c1474`
SHA3	`604584f3876902bade7642a8edd1b25670c21467b2b71f2e6cf88352023b8199`

2

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3c2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.2614`
MD5	`1af339aaafc495f695b820f543ea756d`
SHA1	`5cd34310554160cb85959b1244eac56e136f79b8`
SHA256	`569768deb9b4b2d0f6c03555acacbb5617730ade2c551367fbf44e39920e8180`
SHA3	`9849dcfa5464966a94b28d1b9c2072f2bf1cdde3dee734fc3e806e84d47bb05e`

4

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x27c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.29693`
MD5	`87e5514b68cf8904fd0916e1bb5832dc`
SHA1	`97b439a0572209c32744298c603716832c9e4809`
SHA256	`e263369f7c170ec8b3f3671a4bb7229324f749789ad6a853566817d1a5610d5a`
SHA3	`c595ad75e3b26507f10338e45921ac5b366b18710e7ce002f45062d2e64eb955`

133

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.16096`
Detected Filetype	Icon file
MD5	`42cf62b780813706e75fb9f2b2e8c258`
SHA1	`a022d5c1cfdd8aace0089f3e72f2eedd41bda464`
SHA256	`a0c9d012e2bf6b2fe05c2d97cb5594d97cf2f539e97935c12abd7a3562f4d9bf`
SHA3	`0aafc8e3d8b6bde595537da4ffe0efc5fe53f01dafe336a2a5828b6a71283d3c`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2cc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37304`
MD5	`8649776a69cf66e148a4a2966e776056`
SHA1	`78786c2c86af07aae52ef110a0925e524da21c2f`
SHA256	`fcd3f5f80d603471f4c4b8d6bbb1abacdf47eb2403023af7e80a7b771165d5eb`
SHA3	`c1831e7e3fd41097d1e65eb9e399534bb7c72b8b09b3d843f3e74c973791088a`

String Table contents

This utility converts CorelDRAW 7/8 and Corel PHOTO-PAINT 7/8 scripts to version 9 format. Drag & drop scripts onto this window, or click the Convert File(s) button below. Original files are saved with a .bak extension in the same folder.
- File: %s
%d Error(s), %d Warning(s). Finished Converting.
Error writing to temporary file!
Internal range error!
[%d] ERROR:
Invalid file extension!
Error opening input file!
Error opening temporary output file!
Unable to rename temporary file! Converted script was not saved.
Error while reading from input file!
Invalid input file!
Input line too long!
Internal parameter specified is out of bounds!
Unable to rename original file! (A backup might already exist). Converted script was not saved.
Error while writing to output file!
Script previously converted by CSCConv %s.
Replaced "%s" with "%s".
Created %s call for %s command.
Created %s calls for %s command.
Fixed object fill parameter for %s command.
%s command must be updated to support seven color values!
Fixed default %s behavior.
[%d] Warning:
%d :
Removed obselete function %s.

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.1
ProductVersion	2.0.0.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
FileDescription	CSCConv MFC Application
FileVersion (#2)	1, 0, 0, 1
InternalName	CSCConv
LegalCopyright	Copyright (C) 1997
OriginalFilename	CSCConv.EXE
ProductName	CSCConv Application
ProductVersion (#2)	2, 0, 0, 1

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xc463c00e`
Unmarked objects	`0`
12 (7291)	`1`
19 (8034)	`6`
14 (7299)	`1`
C objects (VS98 build 8168)	`11`
Linker (VS98 build 8168)	`7`
Total imports	`175`
C++ objects (VS98 build 8168)	`13`
Resource objects (VS98 cvtres build 1720)	`1`

Errors

Leave a comment

No comments yet.