ec81cbdc0177af470d0a1c9032ecf15e

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2025-Mar-03 08:58:53
Debug artifacts C:\_D_drive\DevelopmentGit\applicationportal\Code\ClickOnceApplicationWrappers\Visitors\obj\x86\Debug\Visitors_Installer.pdb
Comments
CompanyName BAE Systems - Electronic Systems (IT)
FileDescription Visitors
FileVersion 1.0.0.0
InternalName Visitors_Installer.exe
LegalCopyright Copyright © 2015-2024 BAE Systems plc. All rights reserved.
LegalTrademarks
OriginalFilename Visitors_Installer.exe
ProductName Visitors
ProductVersion 1.0.0.0
Assembly Version 1.0.0.0

Plugin Output

Info Matching compiler(s): Microsoft Visual C# v7.0 / Basic .NET
.NET executable -> Microsoft
Info The PE is digitally signed. Signer: Electronic Systems IT (UK)
Issuer: Greenlnk CA Cluster
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 ec81cbdc0177af470d0a1c9032ecf15e
SHA1 eb5264656ee225311cf35476a5a22e70fb0b4116
SHA256 7caa850be78a0520c03a26ba4746713b8c8ff898c9ab615471851f99da092599
SHA3 0e0bae7ffb4c92e884dec6d9c56b3fa704a36c17843d1393ccee51c68ea9a4fe
SSDeep 192:82KHu/llOeIWgXs33tNvtZAIJy45Eks6vh/whL9Nf20/fygH:sAlweIWos3dNcEf5Eks6vh/r0/fygH
Imports Hash f34d5f2d4577ed6d9ceec516c1f5a744

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2025-Mar-03 08:58:53
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32
LinkerVersion 48.0
SizeOfCode 0x1000
SizeOfInitializedData 0x1000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00002F4E (Section: .text)
BaseOfCode 0x2000
BaseOfData 0x4000
ImageBase 0x400000
SectionAlignment 0x2000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x8000
SizeOfHeaders 0x200
Checksum 0x656b
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 4b45ec45e5c8865f97d2e485963329bd
SHA1 e06c6c0c21cee79db0c4faba0650227bedb3720f
SHA256 92f04a13a58b9e2ba9cec00b263069e9b1dc2ec43bc12bb499c12b41c8b224fe
SHA3 7e4486709c4125c018c59cc456fa4ac5f8aea84e046ecfbb766391e9e3d58a62
VirtualSize 0xf54
VirtualAddress 0x2000
SizeOfRawData 0x1000
PointerToRawData 0x200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.13051

.rsrc

MD5 9341c09416019cce519f04c56422982a
SHA1 80ba76643f3d0a18769c9e6b65bd7c7d69c91826
SHA256 3fad78a4918b4e03096413369da4afa0164d1446141faf78f22f3fbd61ec61f3
SHA3 cc61ef95d043577b256db66bd0b998af058af8f8092a997d4fa800c6b8036e5a
VirtualSize 0xd88
VirtualAddress 0x4000
SizeOfRawData 0xe00
PointerToRawData 0x1200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.74393

.reloc

MD5 2a01ecdd1b10d488419f57dfc785480e
SHA1 840ae99f53f743aafb35bb8c95bc58893ef6e5bc
SHA256 dd427866ef8ddcf611db9928ae355e90268961184a6128351cd3bb7524e1c703
SHA3 de9665d27b40c8f03cf462766c2d34a67953abfcd1ae3f5642e2ab9d13f6f4b4
VirtualSize 0xc
VirtualAddress 0x6000
SizeOfRawData 0x200
PointerToRawData 0x2000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.0815394

Imports

mscoree.dll _CorExeMain

Delayed Imports

1

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.73078
MD5 ebb41928538d114b13db0eb0b88dc983
SHA1 2a4cf4eda6b4b4e3d6854a86da3ee59f8cd1e045
SHA256 28c017eda5dc0129014487a369742abc11c5ccef734fad62bfc68f6530b87b8e
SHA3 78d4af05ba47a813111a595988f4d07a3876ee8fd73f9dc733a4c9ca4dbdab7f

32512

Type RT_GROUP_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.81924
Detected Filetype Icon file
MD5 cbee427fa121aba9b9b265ff05de5383
SHA1 24fcae33001c8e0f5ec795c6edf076a69d59589f
SHA256 494e4fd717fa1ee0c5c7bb3b4e28fdab4b7f6e95b4f9865f5ab86f03f62ae62c
SHA3 a3fa35d56632275ba55716a4964f02031270f61f06a903fc460ac2dd6bebde85

1 (#2)

Type RT_VERSION
Language UNKNOWN
Codepage UNKNOWN
Size 0x3e0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.32924
MD5 d0bfa82ee5b801ffa173367b12e73f03
SHA1 06bf3212775b95651e1a690e7491e293479dc729
SHA256 3265c1d76c577a1a8007c70c27838969fd8e5b11006603f407924c13ae74d5ec
SHA3 6172e9028990869e80722166da8ca51c71392b1877af3ce4042d821c4de12661

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.0.0
ProductVersion 1.0.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
Comments
CompanyName BAE Systems - Electronic Systems (IT)
FileDescription Visitors
FileVersion (#2) 1.0.0.0
InternalName Visitors_Installer.exe
LegalCopyright Copyright © 2015-2024 BAE Systems plc. All rights reserved.
LegalTrademarks
OriginalFilename Visitors_Installer.exe
ProductName Visitors
ProductVersion (#2) 1.0.0.0
Assembly Version 1.0.0.0
Resource LangID UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2025-Mar-03 08:58:53
Version 0.0
SizeofData 284
AddressOfRawData 0x2de0
PointerToRawData 0xfe0
Referenced File C:\_D_drive\DevelopmentGit\applicationportal\Code\ClickOnceApplicationWrappers\Visitors\obj\x86\Debug\Visitors_Installer.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

<-- -->