| Architecture |
IMAGE_FILE_MACHINE_AMD64
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date |
2023-Oct-20 21:24:12
|
| Detected languages |
English - United States
|
| TLS Callbacks |
2 callback(s) detected.
|
| CompanyName |
|
| FileVersion |
2.0
|
| FileDescription |
Geany
|
| InternalName |
Geany
|
| LegalCopyright |
Copyright 2005 The Geany contributors
|
| LegalTrademarks |
|
| OriginalFilename |
Geany.exe
|
| ProductName |
Geany
|
| ProductVersion |
2.0
|
| Suspicious |
The PE is possibly packed. |
Unusual section name found: .xdata
|
| Info |
The PE is digitally signed. |
Signer: Enrico Tr\xF6ger
Issuer: CA Cert Signing Authority
|
| Safe |
VirusTotal score: 0/72 (Scanned on 2025-11-25 03:16:36) |
All the AVs think this file is safe.
|
| MD5 |
0274075886d683ed2c48378a5b941b34
|
| SHA1 |
650c49413cb40fe709cbd089fc9fcf5c0f799d3e
|
| SHA256 |
fd5d0dc92262238b5be5621264f5c63cc9f511c5976099c6ba28eb20361efe0b
|
| SHA3 |
70238befcfee05ea4f1728cd8c95a16a1e667d3611658888f9d4baa28e3c9616
|
| SSDeep |
1536:RXgkYtRreJyB0h5GhXEUbxB+x80IuyVDHQ1riv0nBLD+rQuDSXcu:RXFx0BgGhpbxUxFdMqGv0nBPM
|
| Imports Hash |
e2a54caa765bf5c56bfec3a913985d01
|
| e_magic |
MZ
|
| e_cblp |
0x90
|
| e_cp |
0x3
|
| e_crlc |
0
|
| e_cparhdr |
0x4
|
| e_minalloc |
0
|
| e_maxalloc |
0xffff
|
| e_ss |
0
|
| e_sp |
0xb8
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x80
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_AMD64
|
| NumberofSections |
11
|
| TimeDateStamp |
2023-Oct-20 21:24:12
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xf0
|
| Characteristics |
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
|
| Magic |
PE32+
|
| LinkerVersion |
2.0
|
| SizeOfCode |
0x1800
|
| SizeOfInitializedData |
0x16000
|
| SizeOfUninitializedData |
0x200
|
| AddressOfEntryPoint |
0x00000000000013D0 (Section: .text)
|
| BaseOfCode |
0x1000
|
| ImageBase |
0x140000000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
4.0
|
| ImageVersion |
0.0
|
| SubsystemVersion |
5.2
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x1f000
|
| SizeOfHeaders |
0x400
|
| Checksum |
0x256e7
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
|
| SizeofStackReserve |
0x200000
|
| SizeofStackCommit |
0x1000
|
| SizeofHeapReserve |
0x100000
|
| SizeofHeapCommit |
0x1000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
ebf2f4b44135805d23b31c95eeb5ac31
|
| SHA1 |
5095261bae8ec4dd47f02fd13ec719697375a57e
|
| SHA256 |
c9e44030d17132ea4f4af2ea523f6e070b35ded7dd8d4a6d650a23dd60d883fb
|
| SHA3 |
c0e0c838cbc0a3f364813cd1ebd78a5e9d2b798a4761f93d5372cdc5844e1477
|
| VirtualSize |
0x16e8
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0x1800
|
| PointerToRawData |
0x400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
5.84754
|
| MD5 |
08ac723718462e8b00197cde8c4176f5
|
| SHA1 |
1c6fb41b26666751d8c79c4c12ba37773b41af50
|
| SHA256 |
a491f630f2afdbfeb510760b7c603d2a641216c219899c54b63833469ebfbf20
|
| SHA3 |
e0a60cd1f5addf844702c8e8eb878548f100cfd24e5cf24f10e825e629ea4abf
|
| VirtualSize |
0x90
|
| VirtualAddress |
0x3000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x1c00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.623217
|
| MD5 |
f9c7220719c33fcdf47c96f1f7dfc39e
|
| SHA1 |
f6b9d2ea5ef5f5d38263da3b09f3ecd2aa8c2065
|
| SHA256 |
0d4d476914314118e02c116274ea544dc44fd56ce10a4759a1f6ba2b7a83e194
|
| SHA3 |
c5e75cb8f530a6ee68b1d32aec4f325d94014108fbe1ad8bb62a323839eb4bcb
|
| VirtualSize |
0xa50
|
| VirtualAddress |
0x4000
|
| SizeOfRawData |
0xc00
|
| PointerToRawData |
0x1e00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
4.42826
|
| MD5 |
ed8560b1028068b28d4811ba3b658321
|
| SHA1 |
f4522ef3eded475575f6671315db2d0feb32d979
|
| SHA256 |
f41417704b5d7ed231cd6bbca2dd6dcb1c9d2829fabcc53014f033f322e7b476
|
| SHA3 |
b698a1b0f2227217473c7e2a0261946d492128efb0bb8a6cc0bbdfc415b5402d
|
| VirtualSize |
0x210
|
| VirtualAddress |
0x5000
|
| SizeOfRawData |
0x400
|
| PointerToRawData |
0x2a00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
2.26612
|
| MD5 |
482503eb59328e88368a1927a4ad4983
|
| SHA1 |
9bd5f5ae7d88d31f9df341dd2e7ec82e10440db0
|
| SHA256 |
ac1a8a6268ebf081240dbdcdc5e18cb1f26ee33961c618736770ebd7230c5ae8
|
| SHA3 |
bacf54c1e31389851253456ba18203aac3cd1687204d8401487bc48486d38fde
|
| VirtualSize |
0x18c
|
| VirtualAddress |
0x6000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x2e00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
3.14169
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0x180
|
| VirtualAddress |
0x7000
|
| SizeOfRawData |
0
|
| PointerToRawData |
0
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| MD5 |
241a98d7126bafe44c980aa659013953
|
| SHA1 |
8ffc2b3a88c11e72a72abeb695969c1da16cfb32
|
| SHA256 |
27a358bd987820b99b531a457a6277f96f190548d907e3d48ea8caf3fce3a736
|
| SHA3 |
c5058a7c249f57a9f856d8e3fc56db79c89650b2fdda066e504105529f506f3a
|
| VirtualSize |
0x560
|
| VirtualAddress |
0x8000
|
| SizeOfRawData |
0x600
|
| PointerToRawData |
0x3000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
3.54778
|
| MD5 |
1b4cf2a002c45f387d7940a48fcbfa9b
|
| SHA1 |
394adac46be3a09797c28a13288886309fecbcd0
|
| SHA256 |
a7ab151cc11087553b0a6884a1e8e0a677af7bae31598d2463d78fae9607e82d
|
| SHA3 |
5e7bffd5cd67dec5261b97e4c67accad9d9d129e62663a43bc719505401385e4
|
| VirtualSize |
0x60
|
| VirtualAddress |
0x9000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x3600
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.28656
|
| MD5 |
bf619eac0cdf3f68d496ea9344137e8b
|
| SHA1 |
5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5
|
| SHA256 |
076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560
|
| SHA3 |
622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59
|
| VirtualSize |
0x10
|
| VirtualAddress |
0xa000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x3800
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0
|
| MD5 |
b6196ba57eddcad315a63f0ec51b633d
|
| SHA1 |
d0352e694a1114f551b070652cbd0cfda669bf85
|
| SHA256 |
6b08a7d84e8b9b289e37c50f09b034e40f4cdec78248d35bfb9f4893ebbdbefe
|
| SHA3 |
ed7d4c4a610eb4423748a17bffb429b75f73bca89b917b5e0eedb818f09fe565
|
| VirtualSize |
0x127d8
|
| VirtualAddress |
0xb000
|
| SizeOfRawData |
0x12800
|
| PointerToRawData |
0x3a00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
6.8943
|
| MD5 |
d2d3a504801471c7c170ef32a63c99e7
|
| SHA1 |
020132fb1e4f7872658217fe55ebb78ab6ff50c3
|
| SHA256 |
f227c2b50a420647746bfca513504960121780faaf59e6de3712bfab961970c3
|
| SHA3 |
f5072b1ba7354264bb90c513ef5beb6ce029df437bfe416fafef45e585cb3101
|
| VirtualSize |
0x78
|
| VirtualAddress |
0x1e000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x16200
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
1.38513
|
| libgeany-0.dll |
main_lib
|
| KERNEL32.dll |
DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
|
| msvcrt.dll |
__C_specific_handler
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
vfprintf
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x9e0f
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.98139
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
dc2fb1d4f99d6b29702025c107185f16
|
| SHA1 |
0f56aa7a3c649f110490956195518236625c80ea
|
| SHA256 |
e128e098339d671c1b5a8338789b62bce2063b33d5400649e672adce8eddf917
|
| SHA3 |
f2244e0036e413c94f0364c828a383317419e311d811662ecad154512a2e493e
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x4228
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.50828
|
| MD5 |
c46458d6c2a64cf8476824736ab7baab
|
| SHA1 |
ab747774b5b9076dd25eccde8a630bbe8f579243
|
| SHA256 |
41a8e51edf521521108c099658e9c407d3ed786c97f74f128c9ff350bf570232
|
| SHA3 |
8df0e339a1cf8fbaa6c7ee44c0b609c8aa8f452f197d508479b1081532c8f15c
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x25a8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.73016
|
| MD5 |
5fbc3584fa8185bf51ebfc84dd208c06
|
| SHA1 |
cde691a83d7c53147c7d1faeaf78d8c25a2ed8ae
|
| SHA256 |
fbd3531b4d1cc38aa63a6157c500a5e49680fcb418700be371c533b7b8fb5f61
|
| SHA3 |
5aaf585fe3f779d161c4d6e1214c276a7a4b1f42bf00f803ac7feffbdf70a01c
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x10a8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.08718
|
| MD5 |
74c21cff38cb50d9cec7cd52b9954d74
|
| SHA1 |
f52c62eb098046a02de40b6eb99246e6bb561183
|
| SHA256 |
af2b9ab25ffb46387b6b0bddd54af578822223836e690c3efac30bd334fb4f40
|
| SHA3 |
6e4fbb15fe99058ac0b6b7d2d53ad70bd88709e7c159a769702f88acd2545506
|
| Type |
RT_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x468
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.54922
|
| MD5 |
b83116fb921e35098f0b15a0bdcd314d
|
| SHA1 |
21a1e12ed432272926beede3665b9d90f9b60fb6
|
| SHA256 |
a8f6532d92e9e616a6ebcd1139753eff8fd2a25861fd5d77f55ca0ba617fc415
|
| SHA3 |
28c355f96c99ad49623c16709fbd7118fbf5a7eae9fddee876647e1724c7c9d0
|
| Type |
RT_GROUP_ICON
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x4c
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.64638
|
| Detected Filetype |
Icon file
|
| MD5 |
97ce0acbdd4efaa9299d21fbb60b62b9
|
| SHA1 |
41905bbf365387a424a5819c418b5187ca383d7d
|
| SHA256 |
ae5cf22a569664e8dbf40509e8559aea157cadc5208c5a12a7b0c0d2df1ae2d4
|
| SHA3 |
c1eb21d78d611f513d9e83589ae332babb01b88ca23f898f010eabe4fe4f70af
|
| Type |
RT_VERSION
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x2b8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.25026
|
| MD5 |
6aaef1b5c339d89c336a0db079441384
|
| SHA1 |
2a5b32d392b0b4e601b2bc5a65c1c6f4dc9b40c1
|
| SHA256 |
722f23219f1fbba417baf25ed8dc9ac19b710e73adc9923f89d1cc05b81bfdb0
|
| SHA3 |
34d80518a34a3a3fd2eb220b7c26ef506d33f136a678ec2968fc18ea5fa89ec2
|
| Type |
RT_MANIFEST
|
| Language |
English - United States
|
| Codepage |
UNKNOWN
|
| Size |
0x2fe
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.11316
|
| MD5 |
eae05a119d0a05697a51b2a812761aed
|
| SHA1 |
9089c33c42e56d843b2da23fb2c66dadf9274df3
|
| SHA256 |
0a069d9f1fe992f19d139240c83d80f8358c6d6837ae90af2c6ee0cfa83affb4
|
| SHA3 |
ac0dcd38973aa8558a23cc35e1d2bdfc8efb080aafe6da8fe062dc0405e107e4
|
| Signature |
0xfeef04bd
|
| StructVersion |
0x10000
|
| FileVersion |
2.0.0.0
|
| ProductVersion |
2.0.0.0
|
| FileFlags |
(EMPTY)
|
| FileOs |
(EMPTY)
|
| FileType |
VFT_APP
|
| Language |
English - United States
|
| CompanyName |
|
| FileVersion (#2) |
2.0
|
| FileDescription |
Geany
|
| InternalName |
Geany
|
| LegalCopyright |
Copyright 2005 The Geany contributors
|
| LegalTrademarks |
|
| OriginalFilename |
Geany.exe
|
| ProductName |
Geany
|
| ProductVersion (#2) |
2.0
|
| Resource LangID |
English - United States
|
| StartAddressOfRawData |
0x14000a000
|
| EndAddressOfRawData |
0x14000a008
|
| AddressOfIndex |
0x14000706c
|
| AddressOfCallbacks |
0x140009038
|
| SizeOfZeroFill |
0
|
| Characteristics |
IMAGE_SCN_TYPE_REG
|
| Callbacks |
0x00000001400015A0
0x0000000140001570
|
[*] Warning: Section .bss has a size of 0!
fd5d0dc92262238b5be5621264f5c63cc9f511c5976099c6ba28eb20361efe0b