fcd3f76bd9bbcbb185c4e45b78e18521

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date 2023-Oct-09 18:22:56

Plugin Output

Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 fcd3f76bd9bbcbb185c4e45b78e18521
SHA1 3a257daf9d0862c878424736ad0d0614c788dd2c
SHA256 84d1eb5803cba6f432df7b7c72a6d1f6e53fc3a34bffbb54c95b66721ccd9e42
SHA3 f3eb4b78bc7a6524d8402ce4f72a4589e8e39a3f2835691229eac4e8119408ae
SSDeep 96:xW4YH6lFQajiDA3BNN5f1DzqW0LJ1pAxLy+ZUt6n1MO4w5OIT8wxQD4Fk:s4YaHyAvNDPqZTpwLnDnkIT8wKD4Fk
Imports Hash 2e4dfe76fcb9d9e75a5f145fbc9c0a5a

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2023-Oct-09 18:22:56
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 2.0
SizeOfCode 0xc00
SizeOfInitializedData 0x1600
SizeOfUninitializedData 0x3a00
AddressOfEntryPoint 0x00001280 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x2000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 1.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x9000
SizeOfHeaders 0x400
Checksum 0xedcd
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
SizeofStackReserve 0x200000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 e29bdee0ef34ea2f251b2c57d0df2982
SHA1 50d6d76424f10b721d56fb0ef2989c614b0ed0b8
SHA256 784fdecd15ee60ab75a62405938fd19cc27642705824b3e4c2c6caa1189de467
SHA3 e4dc2c0fd7e3f9a89cd07813231e946806b2d8c980fb14c72a9a6a2c3bc4ea66
VirtualSize 0xb98
VirtualAddress 0x1000
SizeOfRawData 0xc00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_2048BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_8BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.68402

.data

MD5 3d9c3b39b0ba04747acc12fa932afdb6
SHA1 6d4651b997dea05fa2a7d757942560975c196b8b
SHA256 8099f01cb9d54b7291836dd5154b827df21bfda3897fb1b0ccf7ae0d4e2b555e
SHA3 94801922a68f74f3d390ba03b27227948d179e47b8867402048b1230c2beef50
VirtualSize 0x300
VirtualAddress 0x2000
SizeOfRawData 0x400
PointerToRawData 0x1000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.3443

.rdata

MD5 bdae23fd0e7cb301d499fd925cab7771
SHA1 6235572131cf290aa1e805341fe064b3bde421d0
SHA256 728c4cde5e8ba6be34a906320f2b8dd70c2bf6f48e42de72f8db8bc42bb79989
SHA3 42cd2516c0fc43ef6a3c77f448cc0fc04d0b788efa0813efebebb4e71701ba58
VirtualSize 0x1ec
VirtualAddress 0x3000
SizeOfRawData 0x200
PointerToRawData 0x1400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.79366

.bss

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x3878
VirtualAddress 0x4000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_2048BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_8BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata

MD5 dc5770611201b0555ff875ce53ff6ea4
SHA1 719d93486027485d8c209a36ca192e9c68765edb
SHA256 47cc2725b012e50cd573079103d05eb42ed840a103ef07308dbfb44b5d28b45c
SHA3 ff96dac9ed372eef8c19c8315700219e9be0ca211083c38f6a1aad1474351211
VirtualSize 0x2d8
VirtualAddress 0x8000
SizeOfRawData 0x400
PointerToRawData 0x1600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_ALIGN_1024BYTES
IMAGE_SCN_ALIGN_16BYTES
IMAGE_SCN_ALIGN_1BYTES
IMAGE_SCN_ALIGN_256BYTES
IMAGE_SCN_ALIGN_2BYTES
IMAGE_SCN_ALIGN_32BYTES
IMAGE_SCN_ALIGN_4096BYTES
IMAGE_SCN_ALIGN_4BYTES
IMAGE_SCN_ALIGN_512BYTES
IMAGE_SCN_ALIGN_64BYTES
IMAGE_SCN_ALIGN_8192BYTES
IMAGE_SCN_ALIGN_MASK
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 3.32637

Imports

KERNEL32.dll ExitProcess
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
msvcrt.dll __getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
atexit
atoi
exit
fclose
fopen
fread
fwrite
perror
printf
puts
signal
sprintf
strncpy

Delayed Imports

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!
<-- -->