Manalyze report for d897b58064cb101b0b18d5dcc337c015

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Sep-19 11:25:19
Detected languages	English - United States Portuguese - Brazil
Debug artifacts	D:\Cosas Agu\Sorces\Trabajos\Trabajo Naldo\eMU\GameServer\Release\GameServer_EX301CS\GameServer.pdb
CompanyName	MuEMU
FileDescription	GameServer
FileVersion	`1.0.0.0`
InternalName	GameServer
LegalCopyright	Copyright © MuEMU.pl 2015
OriginalFilename	GameServer.exe
ProductName	MuEMU GameServer
ProductVersion	`1.0.0.0`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Info	Cryptographic algorithms detected in the binary:	`Uses known Mersenne Twister constants`
Suspicious	The PE contains functions most legitimate programs don't use.	`Leverages the raw socket API to access the Internet: WSASocketA socket sendto WSAAccept inet_ntoa WSARecv WSASend listen bind htonl inet_addr ntohl WSAStartup send recv closesocket WSAAsyncSelect WSAGetLastError connect gethostbyname htons`
Safe	VirusTotal score: 0/71 (Scanned on 2024-01-27 23:33:22)	`All the AVs think this file is safe.`

Hashes

MD5	`d897b58064cb101b0b18d5dcc337c015`
SHA1	`0d50454ac8cb4835fe8a9751067126db97f5e409`
SHA256	`6eb54a4e925c59d319e0d07dbda922a8e8f01e868fbc329ea5579897888313d4`
SHA3	`055de02339ad8b4c7c39c4eb8796303f67ae87641c282e97d2c8bd6a6c0b6160`
SSDeep	`24576:wJfPoSl9HFEOXNicUtADfLp5/3Kd4sBXJro8:wJfPoSl9HFEiNPUtAzL7/3Kd4sBXJs8`
Imports Hash	`6d155d0dbe90d859407afda307325ff4`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2017-Sep-19 11:25:19
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`10.0`
SizeOfCode	`0xd1800`
SizeOfInitializedData	`0x644000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000CCECE (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0xd3000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x15dc000`
SizeOfHeaders	`0x400`
Checksum	`0x71863e`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`f4846fa74b6e0dc3e1dbc8938d0a1e87`
SHA1	`489cebf06284863ae7b90e891e20c1b417b121f1`
SHA256	`cf198d6ba5a4236a1bac7790649602b11cf84b8db9deee5ac5046dac4ce4bd69`
SHA3	`c2809d44d62d1e26a0a63385639674a2e2bda7a90529b5adf7aa80682b38e588`
VirtualSize	`0xd160b`
VirtualAddress	`0x1000`
SizeOfRawData	`0xd1800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.6676`

.rdata

MD5	`d69a00b6183ae3b74845039aed403899`
SHA1	`85057426068b2aebc6940cf89477f5562a51bd9a`
SHA256	`50d272d3a1ebd818e947862a96a5614b2723ac4ff6d31701f89061b38ce587ab`
SHA3	`47b75c0589160ea52fd5731c8fbfed471c1dc67288b1f0723e5a38222f35ee7c`
VirtualSize	`0x1964a`
VirtualAddress	`0xd3000`
SizeOfRawData	`0x19800`
PointerToRawData	`0xd1c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.33764`

.data

MD5	`9fde2378f1d69d72182b78f259a4e21f`
SHA1	`7dc98cd0c4333f9ae2c8f40de62a410bcf79fbe4`
SHA256	`3102bce1c328df0800022a73d53bdf01fb7bb6d19cfaf80bf989021536ccaf40`
SHA3	`161285151f19f9f397877f4e761383d4f73e74cfa0802eed39fcbc17f621058f`
VirtualSize	`0x1488ea4`
VirtualAddress	`0xed000`
SizeOfRawData	`0x5c5c00`
PointerToRawData	`0xeb400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.0217576`

.rsrc

MD5	`2fe5aa640e696074301af8f5248f6db7`
SHA1	`b08a9162642a4bd469c4d97a9b55518195c5046d`
SHA256	`753d14e419761b23534f0c815366ece17cf1f0fc3810120040f3882a5349929f`
SHA3	`404514adc9c04fc3c477f20b8537462cfb1c9a90c15f9f5437913eb4274bcbca`
VirtualSize	`0x490f4`
VirtualAddress	`0x1576000`
SizeOfRawData	`0x49200`
PointerToRawData	`0x6b1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.12853`

.reloc

MD5	`7e136fb58343e4abbacd3e49a7068ea9`
SHA1	`c7d3d826db109df5d0dc33ae8951d76159fe4333`
SHA256	`b28990bdcf5daccfe6f3c90ac6e99fc9051c835e9457be996bae13339fced79d`
SHA3	`bb43c07626e1800f997f7b74a8126e988d26e325ea1799b02722045ad8c8d15c`
VirtualSize	`0x1b91e`
VirtualAddress	`0x15c0000`
SizeOfRawData	`0x1ba00`
PointerToRawData	`0x6fa200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`3.90759`

Imports

KERNEL32.dll	`SystemTimeToFileTime` `FileTimeToSystemTime` `InterlockedExchange` `InterlockedExchangeAdd` `GetSystemTime` `GetPrivateProfileStringA` `CreateMutexA` `GetLastError` `HeapAlloc` `GetProcessHeap` `HeapFree` `FindFirstFileA` `FindNextFileA` `CloseHandle` `CreateDirectoryA` `CreateFileA` `SetFilePointer` `WriteFile` `ReadFile` `GlobalAlloc` `GetFileSize` `GetCurrentThreadId` `GetCurrentProcessId` `GetCurrentProcess` `SetErrorMode` `SetUnhandledExceptionFilter` `CreateTimerQueue` `OutputDebugStringA` `CreateTimerQueueTimer` `TerminateThread` `CreateIoCompletionPort` `CreateThread` `SetThreadPriority` `GetSystemInfo` `CreateSemaphoreA` `ReleaseSemaphore` `GetQueuedCompletionStatus` `WaitForSingleObject` `InterlockedIncrement` `InterlockedDecrement` `ExitProcess` `GetSystemTimeAsFileTime` `QueryPerformanceCounter` `IsDebuggerPresent` `UnhandledExceptionFilter` `TerminateProcess` `GetStartupInfoW` `HeapSetInformation` `InterlockedCompareExchange` `Sleep` `DecodePointer` `EncodePointer` `IsProcessorFeaturePresent` `WritePrivateProfileStringA` `GetPrivateProfileIntA` `GetLocalTime` `LeaveCriticalSection` `EnterCriticalSection` `DeleteCriticalSection` `InitializeCriticalSection` `DeleteTimerQueue` `GetTickCount`
USER32.dll	`LoadCursorA` `LoadIconA` `DispatchMessageA` `TranslateMessage` `TranslateAcceleratorA` `GetMessageA` `LoadAcceleratorsA` `SetTimer` `SetWindowTextA` `LoadStringA` `wsprintfA` `RegisterClassExA` `CreateWindowExA` `ShowWindow` `UpdateWindow` `DialogBoxParamA` `MessageBoxA` `DestroyWindow` `DefWindowProcA` `PostQuitMessage` `EndDialog` `ReleaseDC` `FillRect` `GetDC` `GetClientRect` `SetRect`
GDI32.dll	`CreateFontA` `DeleteObject` `SetBkMode` `SelectObject` `SetTextColor` `TextOutA` `GetStockObject` `CreateSolidBrush`
MSVCP100.dll	`?_Swap_all@_Container_base12@std@@QAEXAAU12@@Z` `??1_Container_base12@std@@QAE@XZ` `?_Orphan_all@_Container_base0@std@@QAEXXZ` `?_Xlength_error@std@@YAXPBD@Z` `?_Xout_of_range@std@@YAXPBD@Z` `?_Random_device@tr1@std@@YAIXZ`
WS2_32.dll	`WSASocketA` `socket` `sendto` `WSAAccept` `inet_ntoa` `WSARecv` `WSASend` `listen` `bind` `htonl` `inet_addr` `ntohl` `WSAStartup` `send` `recv` `closesocket` `WSAAsyncSelect` `WSAGetLastError` `connect` `gethostbyname` `htons`
dbghelp.dll	`MiniDumpWriteDump`
MSVCR100.dll	`_ismbblead` `exit` `_exit` `_cexit` `_acmdln` `_initterm` `_initterm_e` `_configthreadlocale` `__setusermatherr` `_commode` `_fmode` `__set_app_type` `_XcptFilter` `vsprintf_s` `_CIcos` `_CIsin` `__getmainargs` `_CIsqrt` `_CxxThrowException` `__CxxFrameHandler3` `_CIpow` `memcpy` `memset` `_CIatan2` `_amsg_exit` `?terminate@@YAXXZ` `_onexit` `_lock` `__dllonexit` `_unlock` `asctime_s` `strcat_s` `isalnum` `_controlfp_s` `_invoke_watson` `?_type_info_dtor_internal_method@type_info@@QAEXXZ` `_except_handler4_common` `??3@YAXPAX@Z` `fopen_s` `fclose` `??2@YAPAXI@Z` `strcpy_s` `?what@exception@std@@UBEPBDXZ` `??1exception@std@@UAE@XZ` `??0exception@std@@QAE@ABQBD@Z` `??0exception@std@@QAE@ABV01@@Z` `_difftime64` `_time64` `isalpha` `_mktime64` `memmove` `atoi` `_stricmp` `_localtime64_s` `strstr` `strncmp` `isdigit` `??_V@YAXPAX@Z` `isspace` `atof` `_crt_debugger_hook`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1dad`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.83219`
Detected Filetype	PNG graphic file
MD5	`0ef7aaa6731f63029217b5310f6fbfce`
SHA1	`1966c91893c1c6ff5129d5c5386eb15027d49bad`
SHA256	`0d7ded83303662940e29d18541d8f33b2e3e1f5ddc8aa708c312d81e09996d97`
SHA3	`fd2b24b249cc84101898cb2527c00ae15b7ac8d2120836366e5134863f39d341`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.53238`
MD5	`b6b244157fa6370670c0c9b507feaad3`
SHA1	`ad6e5bafda4e027963142bff96de7d0150ff6b32`
SHA256	`f7077052adc4efb8308734edfbfc52c17ceda132f88a67a61c5c844375faa07d`
SHA3	`b6efc305e454cc42852d7da20aa35717c987677c9c8d5657af711a8590e10c2c`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.59303`
MD5	`fe764f00533b2f6927ab1a1a4586480e`
SHA1	`de02bcdfd4c3810ab0f7e867387944c83c84b3fa`
SHA256	`cfb649067353125aeab6ede6aac4f2959d591777a5e18ffdf16ad99b2cbdb2e4`
SHA3	`42fcd85d8ca8e0ee28a6463ecce3c2c71602b537d2f7c7cdaa3395789c9822e2`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74159`
MD5	`d724c9dfc541193bdfb975b796acb325`
SHA1	`dd7ecbbaeff0849650aa1fac5292b0f432ef415c`
SHA256	`86ce1a5708b0745850a6f002c4618eaf3f24e0df3c79e4e5daffc9c7dd75887d`
SHA3	`9da0fcb2d4fe70becbb36cf12355b10e80efb94e74600d5cd3997f1ddd21ea34`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.89733`
MD5	`98e33b17627dd1560be62b3b0ef5c5a1`
SHA1	`07a69c8d914978b60b6769e01667e98c1e423e25`
SHA256	`ae9b46f0b25b11ede59f53890cdb1adab5b1d581f022a4e751adc71f455463d9`
SHA3	`28ebe140b9bc64753ee970a535033d50a0895e9f2f200be1f6f812e3df275c7f`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.06593`
MD5	`fadae548dfd3952d38665d07bb550ed8`
SHA1	`c9649d02345bb10a9fc5b306095bfa9e97f992d2`
SHA256	`4098543cffb704549de348edfed7c3aa6d24d6ac689133f71b87ed8477bd7dc5`
SHA3	`0e848c42b33fae62500e1b16e6fcfd7512c146a8536244f00f671733e9bf4054`

7

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29621`
MD5	`44dfdf56f8437370c92acf8eb93306b3`
SHA1	`3f6aef99cce198e00fbf7f56cf00c14a17be5286`
SHA256	`c16e6fbf47fef861575d08636ec9af9c3f15b0844cd2825f270c468bc6e7b97e`
SHA3	`bb8a074a776ffd23ace3678433668175f310ce7e5c449395172b5181feebc124`

8

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.47684`
MD5	`9b7b13067a1c1eb08f01f5ed24c3b471`
SHA1	`f7882f9952df36b45d8d10d83625a8e59dc573ca`
SHA256	`194baa6b1f16e11de35f544ec76afa8e6fea1264d4472baa8192b055161a515b`
SHA3	`e16f0097f26f9b529b959f1c0021b0b85108818eee6dc03f511a4a4eb7ae6ddf`

9

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1dad`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.83219`
Detected Filetype	PNG graphic file
MD5	`0ef7aaa6731f63029217b5310f6fbfce`
SHA1	`1966c91893c1c6ff5129d5c5386eb15027d49bad`
SHA256	`0d7ded83303662940e29d18541d8f33b2e3e1f5ddc8aa708c312d81e09996d97`
SHA3	`fd2b24b249cc84101898cb2527c00ae15b7ac8d2120836366e5134863f39d341`

10

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.53238`
MD5	`b6b244157fa6370670c0c9b507feaad3`
SHA1	`ad6e5bafda4e027963142bff96de7d0150ff6b32`
SHA256	`f7077052adc4efb8308734edfbfc52c17ceda132f88a67a61c5c844375faa07d`
SHA3	`b6efc305e454cc42852d7da20aa35717c987677c9c8d5657af711a8590e10c2c`

11

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.59303`
MD5	`fe764f00533b2f6927ab1a1a4586480e`
SHA1	`de02bcdfd4c3810ab0f7e867387944c83c84b3fa`
SHA256	`cfb649067353125aeab6ede6aac4f2959d591777a5e18ffdf16ad99b2cbdb2e4`
SHA3	`42fcd85d8ca8e0ee28a6463ecce3c2c71602b537d2f7c7cdaa3395789c9822e2`

12

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74159`
MD5	`d724c9dfc541193bdfb975b796acb325`
SHA1	`dd7ecbbaeff0849650aa1fac5292b0f432ef415c`
SHA256	`86ce1a5708b0745850a6f002c4618eaf3f24e0df3c79e4e5daffc9c7dd75887d`
SHA3	`9da0fcb2d4fe70becbb36cf12355b10e80efb94e74600d5cd3997f1ddd21ea34`

13

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.89733`
MD5	`98e33b17627dd1560be62b3b0ef5c5a1`
SHA1	`07a69c8d914978b60b6769e01667e98c1e423e25`
SHA256	`ae9b46f0b25b11ede59f53890cdb1adab5b1d581f022a4e751adc71f455463d9`
SHA3	`28ebe140b9bc64753ee970a535033d50a0895e9f2f200be1f6f812e3df275c7f`

14

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.06593`
MD5	`fadae548dfd3952d38665d07bb550ed8`
SHA1	`c9649d02345bb10a9fc5b306095bfa9e97f992d2`
SHA256	`4098543cffb704549de348edfed7c3aa6d24d6ac689133f71b87ed8477bd7dc5`
SHA3	`0e848c42b33fae62500e1b16e6fcfd7512c146a8536244f00f671733e9bf4054`

15

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29621`
MD5	`44dfdf56f8437370c92acf8eb93306b3`
SHA1	`3f6aef99cce198e00fbf7f56cf00c14a17be5286`
SHA256	`c16e6fbf47fef861575d08636ec9af9c3f15b0844cd2825f270c468bc6e7b97e`
SHA3	`bb8a074a776ffd23ace3678433668175f310ce7e5c449395172b5181feebc124`

16

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.47684`
MD5	`9b7b13067a1c1eb08f01f5ed24c3b471`
SHA1	`f7882f9952df36b45d8d10d83625a8e59dc573ca`
SHA256	`194baa6b1f16e11de35f544ec76afa8e6fea1264d4472baa8192b055161a515b`
SHA3	`e16f0097f26f9b529b959f1c0021b0b85108818eee6dc03f511a4a4eb7ae6ddf`

109

Type	`RT_MENU`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x35c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28924`
MD5	`3a8127fb81460feaa4182ce6b6b25855`
SHA1	`85d6d324a2a77b01dd7f0d041adc6cb0ed658e40`
SHA256	`da8ed1d66fe145cc5677695c03a98cfc4e5576d9688ca81a28c36af53b7902b3`
SHA3	`483ba0b57ad2cd197c153bf79dac9d25a76d903fae01a6ae084886c31bb9b6ea`

103

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11094`
MD5	`e6da25ae791d8af87a7c61c412764218`
SHA1	`719948d5334207196112adb49b362bf7935ed251`
SHA256	`4b80037276a3e542bbd48175cb3ff1f5c60276d2d7e17308d7cef0b82d688bdd`
SHA3	`5f0b81d4cf1c8baf3b1a7c97eabe7274b252740db4e9ae7ea71f4256dc2960c4`

7 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x48`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.97961`
MD5	`4c3dbe842963b6a2d70fd822a207d4fb`
SHA1	`95fd5d34f8d363260303e71a14a7f5a08d6fdf5a`
SHA256	`f2a92fe95e21e2ea3afcfbc16e3f80a0a944fa08cca70bd7c7a97750dfa3fd2e`
SHA3	`a8fa40a5cf6bf37327f8eb792702656dead4b9813c2afd863ebf511755195b34`

109 (#2)

Type	`RT_ACCELERATOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.79879`
MD5	`3d2b1af3424dbcd504f73918619c7d99`
SHA1	`10d6ed54ea742211a14a05414883f6c00c03080a`
SHA256	`c2f0c188d6c493d7827bf83fb89c704815796445a0178bb2ae79658d96703a3c`
SHA3	`b8c5f28d2c132e5bc304e4dc1b314a3f32a2e48675c06828a2a8a014ea05e7fb`

107

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97321`
Detected Filetype	Icon file
MD5	`f366c0b93cbde77616a400765b00ce12`
SHA1	`02d2fcb637427299326217cd8f47ba76639627a3`
SHA256	`be9078f9c9b8fc3b479071e4019d2691240ccebfc18bd285dfef2bcaa2aa7737`
SHA3	`55956445340b9bf6d580425173a609922903b714062c6e217b42c28bb360efba`

108

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01003`
Detected Filetype	Icon file
MD5	`93b434ad37bf8ef860981680190abb8f`
SHA1	`2d2e6308c2b9058de2b75c5a1dc84ce92537c2fc`
SHA256	`daec8653a618808dca41efa7c54c1a4603c911de6cc68b1c47bb8c49be1b825b`
SHA3	`6231f24494c10ff5f4d1d707221c3b6de46380a263b41b5b5f6dab7fe65e4f65`

1 (#2)

Type	`RT_VERSION`
Language	Portuguese - Brazil
Codepage	Latin 1 / Western European
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34511`
MD5	`2517274e0541116037d9af5d74bdf1e2`
SHA1	`e7ad60a4190bb7e693ad17be4f1b341bfe06fc1c`
SHA256	`8cd8156acf189653054693b126c096d14f9c2ac201a587cd9648955b5c2501b4`
SHA3	`5de10701b16b6d9b82492b6f9b0bc37d7007f46cea61e5eeb4225256e7cda8ee`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x15a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.79597`
MD5	`24d3b502e1846356b0263f945ddd5529`
SHA1	`bac45b86a9c48fc3756a46809c101570d349737d`
SHA256	`49a60be4b95b6d30da355a0c124af82b35000bce8f24f957d1c09ead47544a1e`
SHA3	`1244ed60820da52dc4b53880ec48e3b587dbdbd9545f01fa2b1c0fcfea1d5e9e`

String Table contents

GameServer
GAMESERVER

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	MuEMU
FileDescription	GameServer
FileVersion (#2)	1.0.0.0
InternalName	GameServer
LegalCopyright	Copyright © MuEMU.pl 2015
OriginalFilename	GameServer.exe
ProductName	MuEMU GameServer
ProductVersion (#2)	1.0.0.0

Resource LangID	Portuguese - Brazil

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2017-Sep-19 11:25:19
Version	`0.0`
SizeofData	`124`
AddressOfRawData	`0xe4778`
PointerToRawData	`0xe3378`
Referenced File	D:\Cosas Agu\Sorces\Trabajos\Trabajo Naldo\eMU\GameServer\Release\GameServer_EX301CS\GameServer.pdb

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x4ed018`
SEHandlerTable	`0x4e78f0`
SEHandlerCount	`204`

RICH Header

XOR Key	`0x717d15df`
Unmarked objects	`0`
152 (20115)	`1`
ASM objects (VS2010 build 30319)	`7`
C objects (VS2010 build 30319)	`20`
Imports (VS2010 build 30319)	`4`
C++ objects (VS2010 build 30319)	`6`
Imports (VS2008 SP1 build 30729)	`11`
Total imports	`196`
175 (VS2010 build 30319)	`201`
Resource objects (VS2010 build 30319)	`1`
Linker (VS2010 build 30319)	`1`

Errors

[*] Warning: Yara callback received an unhandled message (6).