c484f51ed6ef196563bae77bf6b709bb

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2005-May-09 05:29:32
Comments
CompanyName
FileDescription
FileVersion 1.0.1955.11686
InternalName Simulateur.exe
LegalCopyright
LegalTrademarks
OriginalFilename Simulateur.exe
ProductName
ProductVersion 1.0.1955.11686
Assembly Version 1.0.1955.11686

Plugin Output

Info Matching compiler(s): Microsoft Visual C# v7.0 / Basic .NET
Suspicious Strings found in the binary may indicate undesirable behavior: Accesses the WMI:
  • root\cimv2
 Contains domain names:
  • reseauCerta.org
  • www.reseauCerta.org
Safe VirusTotal score: 0/68 (Scanned on 2024-01-09 14:36:46) All the AVs think this file is safe.

Hashes

MD5 c484f51ed6ef196563bae77bf6b709bb
SHA1 699a29db9fac5531c7961b8e636365a26f31b82c
SHA256 cdc5c444ce54680a421d8fa145ede0925f7ffbd72c6efd320bf3802e95e280cc
SHA3 48315c6a195901f56753b1a56069472bced1dbc43c8eb292056ab3f70e4b5520
SSDeep 12288:frXLY1SoYsdA68/qXKulEMAz1Ksuyg9/4FADiuoKv/GZJ:Vm/NVoK2
Imports Hash f34d5f2d4577ed6d9ceec516c1f5a744

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2005-May-09 05:29:32
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 6.0
SizeOfCode 0x145000
SizeOfInitializedData 0x2000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00146FBE (Section: .text)
BaseOfCode 0x2000
BaseOfData 0x148000
ImageBase 0x400000
SectionAlignment 0x2000
FileAlignment 0x1000
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x14c000
SizeOfHeaders 0x1000
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_NO_SEH
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 74dd296ab2b953ed77f61c2b616bf87c
SHA1 b215596303dceaa5fd97df133f6368b30729204b
SHA256 312e9625394b40a4d73987863d674cfb03620b3bbe16f79c7acd7bc4eddb6fee
SHA3 f87915fe3b680b16e32def5e3908908041e0b39db0dc9f334bede0ed7f015ab5
VirtualSize 0x144fc4
VirtualAddress 0x2000
SizeOfRawData 0x145000
PointerToRawData 0x1000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.5371

.rsrc

MD5 a413d7e03d69337885cdf395fb7a3ea3
SHA1 9981dfbea2e6dcf2d778c9ddc777215e7377bcaf
SHA256 c0dbc715781b944ce87e0e84f5ace39d2b97660c2924ee324d1ce176e8494cc8
SHA3 cd5ae5c14746f5ad78d8900e6abfeed9990f8fb5a077c53f440429cc76500cb7
VirtualSize 0x868
VirtualAddress 0x148000
SizeOfRawData 0x1000
PointerToRawData 0x146000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 1.668

.reloc

MD5 48c2ba699b9daa2e040816e6042362fc
SHA1 096b47e04f7ccad5d67eaba66e0c62ca213f6744
SHA256 12f78db4c77f763970bc08b9cd5ab12fb63a0d13f3d67d0eb311c4c09667f401
SHA3 366a6edba6546dfa2e5121c276c7e44f8d2c4e569a8278901cba1b5489a63bde
VirtualSize 0xc
VirtualAddress 0x14a000
SizeOfRawData 0x1000
PointerToRawData 0x147000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.0164085

Imports

mscoree.dll _CorExeMain

Delayed Imports

2

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.52815
MD5 33b4dca4479902742f50c4bdfba01bc7
SHA1 f714b3455567149cf11bb699d103f7a37e40ee6b
SHA256 2f8f0c6c25ff2b6f75110e75ed20e10c154125d9078142893de99edbd3cd3fc5
SHA3 3db29113f49df847aa959aee25e43c0421beab405c7dcdb8cbc80ca63b0b4130

3

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.53612
MD5 da1aeaa9a812c0a31fcc6e42e2f8e675
SHA1 58edba28c9067b74c7699bd5a12348e5f7c50e49
SHA256 bf763501e16f639d5223f88427789665cb0baa9af8877e2e83c65e16016ab8b1
SHA3 c12b7a9764a04702f5684387b5fb20a37874203cb2af7b41921d68496146d378

32512

Type RT_GROUP_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x22
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.47702
Detected Filetype Icon file
MD5 29a1f473b6fc0b877ce30be83212f25a
SHA1 a66309103e9f7ff118fd964f2cd5ae04bbd4a322
SHA256 e5d571d7f26fa57c7e00290d0fa8aef8c1d519983e0aa5ecd75f5d4b41fa4cda
SHA3 c3b0b1b14385cdc2d88d02c11aaca33ca55d509d2fe1dce1777c05d32c0e8a30

1

Type RT_VERSION
Language UNKNOWN
Codepage UNKNOWN
Size 0x314
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.3722
MD5 ea4e409e2b96ca0aea6595291d570681
SHA1 b0d5b0c8bd6b71383b6b094241d4b62ec3c9b56c
SHA256 7cb7b0434e4f6936a6d2fbb9923b0dfe9f79c72deec4e18b6174c8e7056d6ab5
SHA3 5fc7089e36a92b519350f37d3effae8e1414e9aab01a969d0df792013befbd26

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.1955.11686
ProductVersion 1.0.1955.11686
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
Comments
CompanyName
FileDescription
FileVersion (#2) 1.0.1955.11686
InternalName Simulateur.exe
LegalCopyright
LegalTrademarks
OriginalFilename Simulateur.exe
ProductName
ProductVersion (#2) 1.0.1955.11686
Assembly Version 1.0.1955.11686
Resource LangID UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors

<-- -->