ef47f38b385c301dfc4157dd029528f1

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date 2012-Sep-15 23:15:48
Detected languages English - United States

Plugin Output

Safe VirusTotal score: 0/67 (Scanned on 2017-11-08 17:58:12) All the AVs think this file is safe.

Hashes

MD5 ef47f38b385c301dfc4157dd029528f1
SHA1 b2b5f5456491a19f393397d396364cc6e409a954
SHA256 7cf27aad82f44556032e580da1bbb3b237b7b5076685d49549ba521eaf5e29ec
SHA3 5e8e28b9db8278ea38875311dfbb211a09d1dd6c482175b53d915dec7aa5412d
SSDeep 96:GUrjNhL535xmKXdcUDumcn4ukKBzruVABG6kDCtGleSvG:GahXcn44BzruVQG6kaGlpvG
Imports Hash 6d7e442361ac39522c18f3254451ee32

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xf0

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2012-Sep-15 23:15:48
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 10.0
SizeOfCode 0xa00
SizeOfInitializedData 0xc00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00001348 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x2000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.1
ImageVersion 0.0
SubsystemVersion 5.1
Win32VersionValue 0
SizeOfImage 0x6000
SizeOfHeaders 0x400
Checksum 0xc53d
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 74caa16961c007bd4812e0be901de7e9
SHA1 353f3ee3db6b4cdcc95abfe515fe26c16eef785b
SHA256 e257e7c0f5c94bbe23876b65d0c4dd01267d51de13bb567ad0e1ffa5b962d09a
SHA3 841c9e20f23c5d6ef5d19bd1a5ddcc6551e46d262d2aad79e1ecdc8bf11f9ade
VirtualSize 0x894
VirtualAddress 0x1000
SizeOfRawData 0xa00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.52989

.rdata

MD5 0069bf0c03e5d380d6dc9824ddb2f885
SHA1 faa1c8635010c72b20bdca13426659eca2503a68
SHA256 4a1b82004ab17e81a9ddd413d5b9f1781c7723e9dd784d8f6f3cb8c1fa25cf1a
SHA3 531a913513c30fcbe6e47d3797bbcd59536f00395e31359d2ab141fd576d6dcf
VirtualSize 0x5d4
VirtualAddress 0x2000
SizeOfRawData 0x600
PointerToRawData 0xe00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.85647

.data

MD5 e2b23683a8b8935f281d74e560c5fad8
SHA1 b8e3f340a64c6baf798902b7035739b96c4d8b4d
SHA256 59a6c15938e2e69c063aec896dddd99dbfe2ef174fcef0f8bfc4195f92ec5137
SHA3 79a92ddabfca724c496bbe089278cc27f62b5d1bd116903487ce9011ef070b77
VirtualSize 0x388
VirtualAddress 0x3000
SizeOfRawData 0x200
PointerToRawData 0x1400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0.352759

.rsrc

MD5 04e3534c39fb38c8dc21bcd423a64b95
SHA1 66f5154c5f5fe67d717336693423808575194f00
SHA256 73de11858ab9286865d7a0ec6a3350a243737dad2f8996098803d8a433b115a2
SHA3 68d231218b5be7fc14fad170dd4738732cbb36fa3794dda130d1294351e3c20f
VirtualSize 0x1b4
VirtualAddress 0x4000
SizeOfRawData 0x200
PointerToRawData 0x1600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.09798

.reloc

MD5 db2b2227549bf7f2e42d3fc2afc61f39
SHA1 82f8959a7897e7e763a33fe71882a7d6e4d0ffd3
SHA256 5f9605bfc0c72b5e0f2f1b887478a68194be43722f91b9a896c8d950a6745316
SHA3 1dfca7ef31bd01143921260d6410e23fb1360cdfc33fbeeab02d82fda44e1562
VirtualSize 0x1aa
VirtualAddress 0x5000
SizeOfRawData 0x200
PointerToRawData 0x1800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 4.74414

Imports

MSVCR100.dll __set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
_fmode
_lock
_onexit
_except_handler4_common
_invoke_watson
_controlfp_s
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
strchr
__iob_func
fgets
__dllonexit
printf
KERNEL32.dll GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
EncodePointer
HeapSetInformation
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Delayed Imports

1

Type RT_MANIFEST
Language English - United States
Codepage Latin 1 / Western European
Size 0x15a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.79597
MD5 24d3b502e1846356b0263f945ddd5529
SHA1 bac45b86a9c48fc3756a46809c101570d349737d
SHA256 49a60be4b95b6d30da355a0c124af82b35000bce8f24f957d1c09ead47544a1e
SHA3 1244ed60820da52dc4b53880ec48e3b587dbdbd9545f01fa2b1c0fcfea1d5e9e

Version Info

TLS Callbacks

Load Configuration

Size 0x48
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x403000
SEHandlerTable 0x402180
SEHandlerCount 1

RICH Header

XOR Key 0x883f5fb5
Unmarked objects 0
Imports (VS2010 SP1 build 40219) 3
ASM objects (VS2010 SP1 build 40219) 1
C objects (VS2010 SP1 build 40219) 19
C++ objects (VS2010 SP1 build 40219) 2
Imports (VS2008 SP1 build 30729) 2
Total imports 43
175 (VS2010 SP1 build 40219) 2
Linker (VS2010 SP1 build 40219) 1

Errors

<-- -->