Manalyze report for d13a1a005330e809ff2629e309cd944c

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Sep-17 15:18:15
Detected languages	English - United States Portuguese - Brazil
Debug artifacts	D:\Cosas Agu\Sources\Trabajos\Trabajo Naldo\eMU\DataServer\Release\DataServer_EX301\DataServer.pdb
CompanyName	MuEMU
FileDescription	DataServer
FileVersion	`1.0.0.0`
InternalName	DataServer
LegalCopyright	Copyright © MuEMU.pl 2015
OriginalFilename	DataServer.exe
ProductName	MuEMU DataServer
ProductVersion	`1.0.0.0`

Plugin Output

Suspicious	The PE contains functions most legitimate programs don't use.	`Leverages the raw socket API to access the Internet: WSAStartup WSAGetLastError closesocket WSASocketA htonl htons bind listen socket WSASend WSARecv inet_ntoa WSAAccept`
Suspicious	VirusTotal score: 1/70 (Scanned on 2022-09-21 05:42:16)	`APEX: Malicious`

Hashes

MD5	`d13a1a005330e809ff2629e309cd944c`
SHA1	`a8c58616ceba9c6e0ba470021aff93f5d0547895`
SHA256	`f0196034ded5976cb24c2067da50f5c6f7e4e1c0a84c214514c8b260318a93e5`
SHA3	`7d4312abc6d585bdf571eb34ba76d32ce78c5e62e7ebd67a51b65ecd6a390416`
SSDeep	`6144:b4mDBlvoq1ApHFEDHo1JHXonZaISNOp5Y9:b4mXvoflY+HX2aIS2Y9`
Imports Hash	`76a3a3eff9da1edd88d5e14d81cc6237`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2017-Sep-17 15:18:15
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`10.0`
SizeOfCode	`0x15c00`
SizeOfInitializedData	`0x52000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00015BEA (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x17000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x13a000`
SizeOfHeaders	`0x400`
Checksum	`0x6abb7`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`0b497d905f172692190873587bd7d6f1`
SHA1	`197b20863bef27d91f76de3331c30836fb757e44`
SHA256	`8d832098b51029e753e19a5b86736fffd931c26d8db1556fe625028bbe833c21`
SHA3	`5963e6d8832e0323fcc7f04dfbf07ee743ae3e2b99c51c7cbf902bd68fbccf1a`
VirtualSize	`0x15bdb`
VirtualAddress	`0x1000`
SizeOfRawData	`0x15c00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.53551`

.rdata

MD5	`c846adaac8777321c1bb46cfe79ef356`
SHA1	`f458da00d3c6af1ca98ab157f0c495a3f63475fc`
SHA256	`8bf30721fb5a3ab18dfa03aeb88b50935b9803764ac2ccc2ea8e827300647155`
SHA3	`69fdd834bef64f603d6461968e0d1457d924ed98125f1417d0bd571f7dbaf8ac`
VirtualSize	`0x5212`
VirtualAddress	`0x17000`
SizeOfRawData	`0x5400`
PointerToRawData	`0x16000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.40935`

.data

MD5	`81fa40b02263759b824c192e938ddee7`
SHA1	`affaecd9252c256faf676ec465039d4613249156`
SHA256	`a8772e97bc86a9367eab672af7f11924c407ab65b87e79210d1bd9c4f9d927f9`
SHA3	`81b742cce3e8425046eb23e585b95caf125a9fd89914b2f9a939c17954821d9f`
VirtualSize	`0xcf130`
VirtualAddress	`0x1d000`
SizeOfRawData	`0xa00`
PointerToRawData	`0x1b400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.05311`

.rsrc

MD5	`34e0d5166f44dd6093bfc9b869a49de2`
SHA1	`a5283b81b81650be855d2a8e29fef49a701bf6ca`
SHA256	`24b61140a179de3d75fcd855f7e3f5e9ba253f1e8c6b5dd51cfc3762ab6ee12c`
SHA3	`dba6907bfe1e14f9c114c382bb80dc023576eb858ab41063ce2f0e6a1e64e821`
VirtualSize	`0x48de0`
VirtualAddress	`0xed000`
SizeOfRawData	`0x48e00`
PointerToRawData	`0x1be00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.11262`

.reloc

MD5	`161e8953e7ded71cb7848b945cdd515d`
SHA1	`a595d5a8f4b62025bb549e45a0e791ae8b98d89d`
SHA256	`a3cfc170d93f6f65f702b46647e6f4fac80dd5efe42e5a1972fc3ec6eeb744e3`
SHA3	`02ea423e6168ac4b2a5132cbd1b48ab800db2b654ee6b82d81c854f58eb2853d`
VirtualSize	`0x320a`
VirtualAddress	`0x136000`
SizeOfRawData	`0x3400`
PointerToRawData	`0x64c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.15569`

Imports

KERNEL32.dll	`GetLocalTime` `CreateFileA` `SetFilePointer` `WriteFile` `GetFileSize` `ReadFile` `GetCurrentThreadId` `GetCurrentProcessId` `GetCurrentProcess` `SetErrorMode` `SetUnhandledExceptionFilter` `TerminateThread` `CreateIoCompletionPort` `GetLastError` `CreateThread` `SetThreadPriority` `GetSystemInfo` `CreateDirectoryA` `ReleaseSemaphore` `GetQueuedCompletionStatus` `WaitForSingleObject` `ExitProcess` `GetSystemTimeAsFileTime` `QueryPerformanceCounter` `IsDebuggerPresent` `UnhandledExceptionFilter` `TerminateProcess` `GetStartupInfoW` `HeapSetInformation` `InterlockedCompareExchange` `Sleep` `InterlockedExchange` `DecodePointer` `EncodePointer` `CloseHandle` `GetTickCount` `GetPrivateProfileIntA` `GetPrivateProfileStringA` `LeaveCriticalSection` `EnterCriticalSection` `DeleteCriticalSection` `CreateSemaphoreA` `InitializeCriticalSection`
USER32.dll	`RegisterClassExA` `CreateWindowExA` `ShowWindow` `UpdateWindow` `LoadCursorA` `MessageBoxA` `DestroyWindow` `DefWindowProcA` `PostQuitMessage` `LoadIconA` `DispatchMessageA` `TranslateMessage` `TranslateAcceleratorA` `GetMessageA` `LoadAcceleratorsA` `SetTimer` `SetWindowTextA` `wsprintfA` `LoadStringA` `GetDC` `FillRect` `ReleaseDC` `DialogBoxParamA` `EndDialog` `GetClientRect`
GDI32.dll	`DeleteObject` `GetStockObject` `TextOutA` `SetTextColor` `SelectObject` `SetBkMode` `CreateFontA` `CreateSolidBrush`
ODBC32.dll	`#26` `#75` `#7` `#31` `#36` `#11` `#20` `#18` `#8` `#4` `#16` `#13` `#72` `#24`
MSVCP100.dll	`?_Xout_of_range@std@@YAXPBD@Z` `??1_Container_base12@std@@QAE@XZ` `?_Swap_all@_Container_base12@std@@QAEXAAU12@@Z` `?_Xlength_error@std@@YAXPBD@Z`
WS2_32.dll	`WSAStartup` `WSAGetLastError` `closesocket` `WSASocketA` `htonl` `htons` `bind` `listen` `socket` `WSASend` `WSARecv` `inet_ntoa` `WSAAccept`
dbghelp.dll	`MiniDumpWriteDump`
MSVCR100.dll	`_stricmp` `_CxxThrowException` `memcpy` `memset` `_controlfp_s` `_invoke_watson` `?_type_info_dtor_internal_method@type_info@@QAEXXZ` `_except_handler4_common` `_crt_debugger_hook` `__set_app_type` `_fmode` `_commode` `__setusermatherr` `_configthreadlocale` `_initterm_e` `_initterm` `_acmdln` `exit` `_ismbblead` `_XcptFilter` `_exit` `_cexit` `__getmainargs` `_amsg_exit` `?terminate@@YAXXZ` `_onexit` `_lock` `__dllonexit` `_unlock` `asctime_s` `_localtime64_s` `_time64` `strncpy_s` `_atoi64` `atof` `isalnum` `isalpha` `atoi` `isdigit` `isspace` `??_V@YAXPAX@Z` `vsprintf_s` `__CxxFrameHandler3` `tolower` `??3@YAXPAX@Z` `??2@YAPAXI@Z` `??0exception@std@@QAE@ABV01@@Z` `?what@exception@std@@UBEPBDXZ` `??1exception@std@@UAE@XZ` `??0exception@std@@QAE@ABQBD@Z` `memmove` `strcpy_s` `strstr`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1dad`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.83219`
Detected Filetype	PNG graphic file
MD5	`0ef7aaa6731f63029217b5310f6fbfce`
SHA1	`1966c91893c1c6ff5129d5c5386eb15027d49bad`
SHA256	`0d7ded83303662940e29d18541d8f33b2e3e1f5ddc8aa708c312d81e09996d97`
SHA3	`fd2b24b249cc84101898cb2527c00ae15b7ac8d2120836366e5134863f39d341`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.53238`
MD5	`b6b244157fa6370670c0c9b507feaad3`
SHA1	`ad6e5bafda4e027963142bff96de7d0150ff6b32`
SHA256	`f7077052adc4efb8308734edfbfc52c17ceda132f88a67a61c5c844375faa07d`
SHA3	`b6efc305e454cc42852d7da20aa35717c987677c9c8d5657af711a8590e10c2c`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.59303`
MD5	`fe764f00533b2f6927ab1a1a4586480e`
SHA1	`de02bcdfd4c3810ab0f7e867387944c83c84b3fa`
SHA256	`cfb649067353125aeab6ede6aac4f2959d591777a5e18ffdf16ad99b2cbdb2e4`
SHA3	`42fcd85d8ca8e0ee28a6463ecce3c2c71602b537d2f7c7cdaa3395789c9822e2`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74159`
MD5	`d724c9dfc541193bdfb975b796acb325`
SHA1	`dd7ecbbaeff0849650aa1fac5292b0f432ef415c`
SHA256	`86ce1a5708b0745850a6f002c4618eaf3f24e0df3c79e4e5daffc9c7dd75887d`
SHA3	`9da0fcb2d4fe70becbb36cf12355b10e80efb94e74600d5cd3997f1ddd21ea34`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.89733`
MD5	`98e33b17627dd1560be62b3b0ef5c5a1`
SHA1	`07a69c8d914978b60b6769e01667e98c1e423e25`
SHA256	`ae9b46f0b25b11ede59f53890cdb1adab5b1d581f022a4e751adc71f455463d9`
SHA3	`28ebe140b9bc64753ee970a535033d50a0895e9f2f200be1f6f812e3df275c7f`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.06593`
MD5	`fadae548dfd3952d38665d07bb550ed8`
SHA1	`c9649d02345bb10a9fc5b306095bfa9e97f992d2`
SHA256	`4098543cffb704549de348edfed7c3aa6d24d6ac689133f71b87ed8477bd7dc5`
SHA3	`0e848c42b33fae62500e1b16e6fcfd7512c146a8536244f00f671733e9bf4054`

7

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29621`
MD5	`44dfdf56f8437370c92acf8eb93306b3`
SHA1	`3f6aef99cce198e00fbf7f56cf00c14a17be5286`
SHA256	`c16e6fbf47fef861575d08636ec9af9c3f15b0844cd2825f270c468bc6e7b97e`
SHA3	`bb8a074a776ffd23ace3678433668175f310ce7e5c449395172b5181feebc124`

8

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.47684`
MD5	`9b7b13067a1c1eb08f01f5ed24c3b471`
SHA1	`f7882f9952df36b45d8d10d83625a8e59dc573ca`
SHA256	`194baa6b1f16e11de35f544ec76afa8e6fea1264d4472baa8192b055161a515b`
SHA3	`e16f0097f26f9b529b959f1c0021b0b85108818eee6dc03f511a4a4eb7ae6ddf`

9

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1dad`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.83219`
Detected Filetype	PNG graphic file
MD5	`0ef7aaa6731f63029217b5310f6fbfce`
SHA1	`1966c91893c1c6ff5129d5c5386eb15027d49bad`
SHA256	`0d7ded83303662940e29d18541d8f33b2e3e1f5ddc8aa708c312d81e09996d97`
SHA3	`fd2b24b249cc84101898cb2527c00ae15b7ac8d2120836366e5134863f39d341`

10

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.53238`
MD5	`b6b244157fa6370670c0c9b507feaad3`
SHA1	`ad6e5bafda4e027963142bff96de7d0150ff6b32`
SHA256	`f7077052adc4efb8308734edfbfc52c17ceda132f88a67a61c5c844375faa07d`
SHA3	`b6efc305e454cc42852d7da20aa35717c987677c9c8d5657af711a8590e10c2c`

11

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.59303`
MD5	`fe764f00533b2f6927ab1a1a4586480e`
SHA1	`de02bcdfd4c3810ab0f7e867387944c83c84b3fa`
SHA256	`cfb649067353125aeab6ede6aac4f2959d591777a5e18ffdf16ad99b2cbdb2e4`
SHA3	`42fcd85d8ca8e0ee28a6463ecce3c2c71602b537d2f7c7cdaa3395789c9822e2`

12

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74159`
MD5	`d724c9dfc541193bdfb975b796acb325`
SHA1	`dd7ecbbaeff0849650aa1fac5292b0f432ef415c`
SHA256	`86ce1a5708b0745850a6f002c4618eaf3f24e0df3c79e4e5daffc9c7dd75887d`
SHA3	`9da0fcb2d4fe70becbb36cf12355b10e80efb94e74600d5cd3997f1ddd21ea34`

13

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.89733`
MD5	`98e33b17627dd1560be62b3b0ef5c5a1`
SHA1	`07a69c8d914978b60b6769e01667e98c1e423e25`
SHA256	`ae9b46f0b25b11ede59f53890cdb1adab5b1d581f022a4e751adc71f455463d9`
SHA3	`28ebe140b9bc64753ee970a535033d50a0895e9f2f200be1f6f812e3df275c7f`

14

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.06593`
MD5	`fadae548dfd3952d38665d07bb550ed8`
SHA1	`c9649d02345bb10a9fc5b306095bfa9e97f992d2`
SHA256	`4098543cffb704549de348edfed7c3aa6d24d6ac689133f71b87ed8477bd7dc5`
SHA3	`0e848c42b33fae62500e1b16e6fcfd7512c146a8536244f00f671733e9bf4054`

15

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29621`
MD5	`44dfdf56f8437370c92acf8eb93306b3`
SHA1	`3f6aef99cce198e00fbf7f56cf00c14a17be5286`
SHA256	`c16e6fbf47fef861575d08636ec9af9c3f15b0844cd2825f270c468bc6e7b97e`
SHA3	`bb8a074a776ffd23ace3678433668175f310ce7e5c449395172b5181feebc124`

16

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.47684`
MD5	`9b7b13067a1c1eb08f01f5ed24c3b471`
SHA1	`f7882f9952df36b45d8d10d83625a8e59dc573ca`
SHA256	`194baa6b1f16e11de35f544ec76afa8e6fea1264d4472baa8192b055161a515b`
SHA3	`e16f0097f26f9b529b959f1c0021b0b85108818eee6dc03f511a4a4eb7ae6ddf`

109

Type	`RT_MENU`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x48`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71518`
MD5	`b05859200ccdb775e68c1e922f7c725c`
SHA1	`7eabc5514d45b59a84662fb7ad3ddb075c7db089`
SHA256	`15eaa83e7baa04cdf6a12ca2db8c7ab0fe20a52da78013f8a8dd1f2b327f3199`
SHA3	`90cff3763b6aebf092253a6dcc8ad286116d0c40a728f1af197c777ca5ddb961`

103

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11094`
MD5	`9c3887397cd59e9823ae5cbfd10bd62c`
SHA1	`b7ee8105315e09f8cc5fd2068f83ed3275d51cfb`
SHA256	`2d95b9ea2d9fcc47c1f4cd860989f6b47ba9db3f4bd0439168a985bf32ca0472`
SHA3	`baf32abb3562b639385ab5047d3a620ce5832ac9ec52086f5af1a2af95941879`

7 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x48`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.00058`
MD5	`8ee48717ef5ec45b6c3651b7a65d5eb0`
SHA1	`d0d503a5cca5ff6c4320e613ef868c1e9feecc55`
SHA256	`b767f24d7269c8c6de7751e376a86d7db573d6cecb385e3aa4a30abd27a4d176`
SHA3	`717b2ad6b7e27950b22f8e5ff3d61b2d4e6f5d619d5c6af8e108383408517586`

109 (#2)

Type	`RT_ACCELERATOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.79879`
MD5	`3d2b1af3424dbcd504f73918619c7d99`
SHA1	`10d6ed54ea742211a14a05414883f6c00c03080a`
SHA256	`c2f0c188d6c493d7827bf83fb89c704815796445a0178bb2ae79658d96703a3c`
SHA3	`b8c5f28d2c132e5bc304e4dc1b314a3f32a2e48675c06828a2a8a014ea05e7fb`

107

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97321`
Detected Filetype	Icon file
MD5	`f366c0b93cbde77616a400765b00ce12`
SHA1	`02d2fcb637427299326217cd8f47ba76639627a3`
SHA256	`be9078f9c9b8fc3b479071e4019d2691240ccebfc18bd285dfef2bcaa2aa7737`
SHA3	`55956445340b9bf6d580425173a609922903b714062c6e217b42c28bb360efba`

108

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01003`
Detected Filetype	Icon file
MD5	`93b434ad37bf8ef860981680190abb8f`
SHA1	`2d2e6308c2b9058de2b75c5a1dc84ce92537c2fc`
SHA256	`daec8653a618808dca41efa7c54c1a4603c911de6cc68b1c47bb8c49be1b825b`
SHA3	`6231f24494c10ff5f4d1d707221c3b6de46380a263b41b5b5f6dab7fe65e4f65`

1 (#2)

Type	`RT_VERSION`
Language	Portuguese - Brazil
Codepage	Latin 1 / Western European
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.32079`
MD5	`5244fc9090ada68da8cd16dfc8b494f5`
SHA1	`e75c12e5501814620681be57a1dd4e957662c55b`
SHA256	`03c304c9f34a4dba2a45bd0d8df8cdfe72e20f1150e2287bf89e8907625c0f07`
SHA3	`d28ccd58166cee4676fee8dbedd229019bd80aeecb6e0e572d21a5dffac11468`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x15a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.79597`
MD5	`24d3b502e1846356b0263f945ddd5529`
SHA1	`bac45b86a9c48fc3756a46809c101570d349737d`
SHA256	`49a60be4b95b6d30da355a0c124af82b35000bce8f24f957d1c09ead47544a1e`
SHA3	`1244ed60820da52dc4b53880ec48e3b587dbdbd9545f01fa2b1c0fcfea1d5e9e`

String Table contents

DataServer
DATASERVER

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`(EMPTY)`
FileType	`VFT_APP`
Language	English - United States
CompanyName	MuEMU
FileDescription	DataServer
FileVersion (#2)	1.0.0.0
InternalName	DataServer
LegalCopyright	Copyright © MuEMU.pl 2015
OriginalFilename	DataServer.exe
ProductName	MuEMU DataServer
ProductVersion (#2)	1.0.0.0

Resource LangID	Portuguese - Brazil

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2017-Sep-17 15:18:15
Version	`0.0`
SizeofData	`123`
AddressOfRawData	`0x1a250`
PointerToRawData	`0x19250`
Referenced File	D:\Cosas Agu\Sources\Trabajos\Trabajo Naldo\eMU\DataServer\Release\DataServer_EX301\DataServer.pdb

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x41d018`
SEHandlerTable	`0x41ace0`
SEHandlerCount	`26`

RICH Header

XOR Key	`0x46fe6491`
Unmarked objects	`0`
152 (20115)	`1`
ASM objects (VS2010 build 30319)	`3`
C objects (VS2010 build 30319)	`19`
Imports (VS2010 build 30319)	`4`
C++ objects (VS2010 build 30319)	`6`
Imports (VS2008 SP1 build 30729)	`13`
Total imports	`164`
175 (VS2010 build 30319)	`41`
Resource objects (VS2010 build 30319)	`1`
Linker (VS2010 build 30319)	`1`

d13a1a005330e809ff2629e309cd944c

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

109

103

7 (#2)

109 (#2)

107

108

1 (#2)

1 (#3)

String Table contents

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors