fbdd7e10d9e641abd15e10371d7bce449d9444dad0171d41ac5ae8ae8d8b6dae

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_NATIVE
Compilation Date 2026-May-17 16:21:20

Plugin Output

Suspicious The PE is possibly packed. The PE only has 0 import(s).
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 8df93adc760a7919ff049886443bdf1a
SHA1 bd45a34581bf6d281c740c2c97bb041a2cddecf9
SHA256 fbdd7e10d9e641abd15e10371d7bce449d9444dad0171d41ac5ae8ae8d8b6dae
SHA3 1c704f46e286606681894ffb9aba9eefaaace59c0b30783af42d4659f20f3448
SSDeep 6:idq2Vg3F+X32mKYuMsbRlkJMsUE9id84ZSJMnlc+NApqEyEQJ+IE+:e9GSGmKYKsJM+o8cKMnq+Sp0+M
Imports Hash d41d8cd98f00b204e9800998ecf8427e

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xb0

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2026-May-17 16:21:20
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x200
SizeOfInitializedData 0x400
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00001000 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x2000
ImageBase 0x40000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x4000
SizeOfHeaders 0x400
Checksum 0xdca4
Subsystem IMAGE_SUBSYSTEM_NATIVE
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 0cb4846b93f22ea18856964072d2d7a1
SHA1 6aeb2386e0d950ab1c64e916c9fc4dd1ec1a1092
SHA256 ba44cdac6c4f45ce35600a29c75769c8618c5aa44f19833f5402662b36b98582
SHA3 7b06b45f7d4265e62086fddfb3cb6726acae8d72d4616a6e7d93a9c21724fed5
VirtualSize 0x29
VirtualAddress 0x1000
SizeOfRawData 0x200
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 0.697213

.rdata

MD5 b41dfb00085b946f9624e4cefdd9f79f
SHA1 b27a6843a52e0cf1a468828c461ae0b929eb7bb9
SHA256 fade1cc3f6427f11fab3f870157653cc647e890551834844dfa69dc093273d25
SHA3 3ff680268096fbe03c815add794a3a908df14ea200d4dc3e46b2dbd0cd3d2e6f
VirtualSize 0x98
VirtualAddress 0x2000
SizeOfRawData 0x200
PointerToRawData 0x600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 1.02777

.reloc

MD5 1550976212edbf67f5e6c4a70b3b5bb5
SHA1 96ecf1eeeb3470c5adc43d517e8870f13144241e
SHA256 d02c57ba34b30840787719720d91f2821601a4c79fca1d9264ee1a12a7cfd902
SHA3 4708b0bfefdb9b77f89a211ae0c95c18d767861957ae85b9dc70f4fb8909afbd
VirtualSize 0xc
VirtualAddress 0x3000
SizeOfRawData 0x200
PointerToRawData 0x800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.0815394

Imports

Delayed Imports

Version Info

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2026-May-17 16:21:20
Version 0.0
SizeofData 84
AddressOfRawData 0x2034
PointerToRawData 0x634

TLS Callbacks

Load Configuration

RICH Header

XOR Key 0x8a544743
Unmarked objects 0
Unmarked objects (#2) 1
Linker (35217) 1

Errors

Leave a comment

No comments yet.