Manalyze report for 08c209091c76946dca7847ec2cb8248c4405dafc2d578fed4b41bc4ee52d2d67

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2022-Aug-30 01:35:57
Detected languages	English - United States Korean - Korea
Debug artifacts	C:\works\starplayeragent\axisProxy\x64\Release\StarPlayerAgent64.pdb
CompanyName	Axissoft
FileDescription	StarPlayer Agent
FileVersion	`1.3.15.2`
InternalName	starplayer.exe
LegalCopyright	Copyright (C) 2010. Axissoft.corp. all rights reserved.
OriginalFilename	starplayer.exe
ProductName	StarPlayer Agent
ProductVersion	`1.1.0.1`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to internet browsers: chrome.exe firefox.exe` Contains domain names: axissoft.gscdn.com cab-starplayer.service.concdn.com cab.axissoft.gscdn.com concdn.com google.com gscdn.com http://127.0.0.1 http://cab-starplayer.service.concdn.com http://cab-starplayer.service.concdn.com/starplayer/localhost.axissoft.co.kr.pem.txt http://cab.axissoft.gscdn.com http://cab.axissoft.gscdn.com/starplayer/localhost.axissoft.co.kr.pem.txt http://download.axissoft.co.kr http://download.axissoft.co.kr/starplayer/blist-chrome.txt http://download.axissoft.co.kr/starplayer/blist-edge.txt http://download.axissoft.co.kr/starplayer/blist.txt http://download.axissoft.co.kr/starplayer/localhost.axissoft.co.kr.pem.txt http://mgt.starplayer.net http://mgt.starplayer.net/config/starplayer.txt http://www.openssl.org http://www.openssl.org/support/faq.html https://localhost.axissoft.co.kr https://www.google.com https://www.google.com/ mgt.starplayer.net openssl.org service.concdn.com starplayer.net starplayer.service.concdn.com www.google.com www.openssl.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES` `Uses constants related to Blowfish` `Microsoft's Cryptography API`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryA LoadLibraryW GetProcAddress LoadLibraryExW` `Can access the registry: RegEnumValueA RegOpenKeyExW RegQueryValueExW RegCreateKeyExW RegCloseKey RegSetValueExW RegOpenKeyW` `Possibly launches other programs: CreateProcessAsUserW` `Uses Windows's Native API: ntohl ntohs` `Uses Microsoft's cryptographic API: CryptAcquireContextW CryptCreateHash CryptHashData CryptDestroyHash CryptGetHashParam CryptReleaseContext` `Can create temporary files: CreateFileW GetTempPathW` `Has Internet access capabilities: InternetGetConnectedState WinHttpCloseHandle WinHttpGetProxyForUrl WinHttpOpen WinHttpGetIEProxyConfigForCurrentUser URLDownloadToCacheFileW URLDownloadToCacheFileA` `Leverages the raw socket API to access the Internet: WSAIoctl getsockopt setsockopt WSAStartup WSACleanup __WSAFDIsSet closesocket shutdown select listen WSARecv WSASend WSASocketW WSAStringToAddressW WSASetLastError send recv getsockname getpeername connect bind WSAGetLastError getaddrinfo freeaddrinfo ntohl htonl ntohs htons accept ioctlsocket` `Functions related to the privilege level: AdjustTokenPrivileges OpenProcessToken DuplicateTokenEx` `Interacts with services: EnumServicesStatusW QueryServiceStatusEx OpenSCManagerW DeleteService ControlService QueryServiceStatus OpenServiceW CreateServiceW` `Enumerates local disk drives: GetLogicalDriveStringsW GetDriveTypeW` `Manipulates other processes: OpenProcess` `Can take screenshots: CreateCompatibleDC BitBlt`
Info	The PE is digitally signed.	`Signer: Axissoft Corp.` `Issuer: Symantec Class 3 SHA256 Code Signing CA`
Safe	VirusTotal score: 0/70 (Scanned on 2022-09-09 09:16:05)	`All the AVs think this file is safe.`

Hashes

MD5	`c7b37f2a8b8aa7e7069bc0751bd71b49`
SHA1	`f48705d3f12537eb756bfa6657bf8229b591ffca`
SHA256	`08c209091c76946dca7847ec2cb8248c4405dafc2d578fed4b41bc4ee52d2d67`
SHA3	`dce216365a0cf60278d27d8c916bfe0a0074a47f73c4df9bc55cd5b86df1c042`
SSDeep	`49152:zh+zGY9S3SmxYuZJmDsUUbTsrH4M2b1gE+n0HLlTvGsRNlxBEN4K/qX3w1IU6iL0:V+z39S3bm3ZE+CJxy4pt+h+8E`
Imports Hash	`b1c41cf067320d5752e9e99fb8de79e5`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x138`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2022-Aug-30 01:35:57
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x25b600`
SizeOfInitializedData	`0x13da00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000020E2CC (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x39e000`
SizeOfHeaders	`0x400`
Checksum	`0x397e3d`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a86c4608d2e300eb09d78557a7a660c9`
SHA1	`c9718f7c9c2200385799ba05d13ab2948a539684`
SHA256	`ff406633e435b932c3deecb1db4df8e867b7c4d22a9a90782bff6d3e75b4672f`
SHA3	`44b1368b213aedbe24cb1ad8ad1fc29eb12030e452c36070bb983bc6c106c46d`
VirtualSize	`0x25b4bf`
VirtualAddress	`0x1000`
SizeOfRawData	`0x25b600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.48868`

.rdata

MD5	`0e92deedae552bdf6dabb0db2d6d9129`
SHA1	`b45101c64f1a39151c0f71d0bc20ab30368b6e3d`
SHA256	`9f7b23177fb40e9edbf821bf859a0e593972a11654c53f367e594a645af5a590`
SHA3	`d6fd92ff70de7a7f2c0e8415cb3bcdaf462de464f7bfc2e2be7c45b0b45d958d`
VirtualSize	`0xaa2ae`
VirtualAddress	`0x25d000`
SizeOfRawData	`0xaa400`
PointerToRawData	`0x25ba00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.0284`

.data

MD5	`5e3f4b97bbb0eb1401c2817c0793765f`
SHA1	`109c2bcf0b7773d9fa91413d858300e6a9e70e33`
SHA256	`65fa80e736ff15dcb43c8a887a7a17bea097d9e43d655c7736c62c2404a3af22`
SHA3	`c7dc3aca3cbb161f40978f45a8485741685231a4225b37001b0eadf6afb75cd8`
VirtualSize	`0x5799c`
VirtualAddress	`0x308000`
SizeOfRawData	`0x50600`
PointerToRawData	`0x305e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.1815`

.pdata

MD5	`78f3115b95da28fcb212ee318a99f4c9`
SHA1	`7997009dc1e159a09afa4bde780b5ce16a778db0`
SHA256	`232b43d7a7a3479c6643c72e08e3424e09c6673e884d745b9333bd887737fdff`
SHA3	`5a16dcbcc730552e5adcc13bf3b8883ebd0e7c5bf07f0ffac96acc9dc75f1fda`
VirtualSize	`0x1bd44`
VirtualAddress	`0x360000`
SizeOfRawData	`0x1be00`
PointerToRawData	`0x356400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.31473`

_RDATA

MD5	`1497ec16e94977fdab3efba0c22e22ea`
SHA1	`0caf33c8266e5c5a92aa3bcffb815feb69cfa2d3`
SHA256	`c9429b2fc837eeacb5598c6c7bd91a673e2ca5d3c64ce6c64947935c16dfaf9d`
SHA3	`ab0be41408d2b2d16790366d8dddcb36addeee7332a65428919348f986818450`
VirtualSize	`0xfc`
VirtualAddress	`0x37c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x372200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.43361`

.rsrc

MD5	`7414f95fb93dfe8f58e5c4ddc88f1659`
SHA1	`38190f5869b6a7add590150f0da73ff18530e97f`
SHA256	`02c6845b7a2f98e1d777e3e6ab47a9d587975350a834112567aba4cf928f65d9`
SHA3	`b1e738f6c83f6efd4a0484abcf39c43e5e9ea2ced0fbff8f62b80b1b041bace1`
VirtualSize	`0x19200`
VirtualAddress	`0x37d000`
SizeOfRawData	`0x19200`
PointerToRawData	`0x372400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.76029`

.reloc

MD5	`433a953806440827cddbae3633643c73`
SHA1	`c8047083b7c0f5b1193896d78da2f72d548714dd`
SHA256	`1e572bebcaf3886d613bd5680dfb9724b2e3456a1eda7d672b22e366d72014fb`
SHA3	`ee96d01e7c253860b8dff5a71154f96548fb7a6a61983134757c566cc954723b`
VirtualSize	`0x694c`
VirtualAddress	`0x397000`
SizeOfRawData	`0x6a00`
PointerToRawData	`0x38b600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.45126`

Imports

KERNEL32.dll	`CreateFileW` `DeviceIoControl` `lstrcpyW` `DeleteFileW` `GetTempFileNameW` `GetFileSizeEx` `SetFilePointer` `SetEndOfFile` `GetTempPathW` `FindFirstFileW` `FindNextFileW` `FindClose` `GetDiskFreeSpaceExW` `WriteFile` `ReadFile` `UnmapViewOfFile` `FlushViewOfFile` `GetFileSize` `CreateFileMappingW` `MapViewOfFile` `GetProcessTimes` `GetTickCount` `HeapAlloc` `GetProcessHeap` `HeapFree` `K32GetModuleFileNameExW` `GetExitCodeProcess` `ResetEvent` `GetExitCodeThread` `ResumeThread` `CreateThread` `SetThreadPriority` `IsDebuggerPresent` `InitializeCriticalSectionEx` `RaiseException` `DecodePointer` `GetEnvironmentVariableW` `GetLogicalDriveStringsW` `QueryDosDeviceW` `VirtualQueryEx` `K32GetMappedFileNameW` `K32EnumProcesses` `GetStdHandle` `GetFileType` `RtlVirtualUnwind` `LoadLibraryA` `LoadLibraryW` `QueryPerformanceCounter` `GlobalMemoryStatus` `FlushConsoleInputBuffer` `SystemTimeToFileTime` `SystemTimeToTzSpecificLocalTime` `PeekNamedPipe` `GetDriveTypeW` `RtlUnwind` `WriteConsoleW` `SetEnvironmentVariableW` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `GetOEMCP` `GetACP` `IsValidCodePage` `FindFirstFileExW` `HeapSize` `ReadConsoleInputW` `SetConsoleMode` `SetStdHandle` `GetTimeZoneInformation` `ReadConsoleW` `GetConsoleMode` `GetConsoleOutputCP` `FlushFileBuffers` `HeapReAlloc` `EnumSystemLocalesW` `GetCurrentProcess` `lstrcatW` `lstrlenW` `GetModuleFileNameA` `lstrcpyA` `GetSystemTime` `GetModuleHandleW` `GetProcAddress` `GetSystemInfo` `OpenProcess` `GetVersionExW` `GlobalFree` `LoadLibraryExW` `FreeLibrary` `FindResourceW` `LoadResource` `LockResource` `FreeResource` `SizeofResource` `TlsFree` `TlsSetValue` `TlsGetValue` `ExitProcess` `GetConsoleWindow` `OutputDebugStringW` `GetModuleFileNameW` `OutputDebugStringA` `ReleaseMutex` `CreateMutexW` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `MultiByteToWideChar` `WideCharToMultiByte` `Sleep` `CreateWaitableTimerW` `VerifyVersionInfoW` `VerSetConditionMask` `SetLastError` `GetQueuedCompletionStatus` `SetWaitableTimer` `CreateIoCompletionPort` `PostQueuedCompletionStatus` `SleepEx` `SetEvent` `CreateEventW` `WaitForSingleObject` `QueueUserAPC` `TerminateThread` `WaitForMultipleObjects` `CloseHandle` `InitializeCriticalSectionAndSpinCount` `LeaveCriticalSection` `EnterCriticalSection` `DeleteCriticalSection` `IsValidLocale` `GetLocaleInfoW` `CompareStringW` `GetTimeFormatW` `GetDateFormatW` `GetCommandLineW` `GetCommandLineA` `GetConsoleCP` `SetConsoleCtrlHandler` `GetModuleHandleExW` `FreeLibraryAndExitThread` `ExitThread` `RtlPcToFileHeader` `RtlUnwindEx` `AreFileApisANSI` `GetModuleHandleA` `FileTimeToSystemTime` `SetFilePointerEx` `GetFullPathNameW` `GetFileInformationByHandle` `GetFileAttributesW` `GetCurrentDirectoryW` `SetCurrentDirectoryW` `VirtualQuery` `InitializeSListHead` `GetStartupInfoW` `IsProcessorFeaturePresent` `TerminateProcess` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `RtlLookupFunctionEntry` `RtlCaptureContext` `GetStringTypeExA` `GetUserDefaultLCID` `LCMapStringA` `LCMapStringW` `GetStringTypeExW` `GetLocaleInfoEx` `LCMapStringEx` `GetCPInfo` `CompareStringEx` `EncodePointer` `GetStringTypeW` `TryEnterCriticalSection` `AcquireSRWLockExclusive` `GetLastError` `TlsAlloc` `ReleaseSRWLockExclusive` `InitializeSRWLock` `WaitForSingleObjectEx` `QueryPerformanceFrequency` `FormatMessageA` `LocalFree`
USER32.dll	`MessageBoxW` `LoadStringW` `LoadStringA` `CloseClipboard` `IsWindow` `GetWindowLongW` `wsprintfW` `IsClipboardFormatAvailable` `GetWindowThreadProcessId` `GetWindowTextLengthW` `GetClassNameW` `GetDesktopWindow` `PostMessageW` `OpenClipboard` `EmptyClipboard` `MsgWaitForMultipleObjects` `PeekMessageW` `TranslateMessage` `DispatchMessageW` `GetProcessWindowStation` `GetUserObjectInformationW` `GetSystemMetrics`
GDI32.dll	`CreateCompatibleDC` `DeleteObject` `CreateCompatibleBitmap` `DeleteDC` `SelectObject` `BitBlt` `CreateDCW`
ADVAPI32.dll	`CryptAcquireContextW` `SetServiceStatus` `RegisterServiceCtrlHandlerExW` `ReportEventW` `RegisterEventSourceW` `DeregisterEventSource` `EnumServicesStatusW` `RegEnumValueA` `EnumDependentServicesW` `QueryServiceStatusEx` `SetSecurityDescriptorDacl` `InitializeSecurityDescriptor` `RegOpenKeyExW` `RegQueryValueExW` `RegCreateKeyExW` `LookupPrivilegeValueW` `AdjustTokenPrivileges` `RegCloseKey` `RegSetValueExW` `OpenProcessToken` `CreateProcessAsUserW` `LsaOpenPolicy` `LsaAddAccountRights` `DuplicateTokenEx` `LsaClose` `RegOpenKeyW` `LookupAccountNameW` `OpenSCManagerW` `CryptCreateHash` `CryptHashData` `CryptDestroyHash` `CryptGetHashParam` `CryptReleaseContext` `StartServiceW` `DeleteService` `ControlService` `QueryServiceStatus` `OpenServiceW` `ChangeServiceConfig2W` `CloseServiceHandle` `CreateServiceW` `StartServiceCtrlDispatcherW`
SHELL32.dll	`#165`
ole32.dll	`StringFromGUID2` `CoInitialize` `CoUninitialize` `CoCreateInstance` `CreateStreamOnHGlobal` `CoCreateGuid`
OLEAUT32.dll	`VariantClear` `SysAllocStringLen` `SysAllocString` `SysStringByteLen` `VariantChangeType` `SysFreeString` `SysAllocStringByteLen` `VariantInit` `SysStringLen`
SHLWAPI.dll	`PathRemoveFileSpecA` `PathAppendA` `PathRemoveExtensionW` `PathFindFileNameW` `PathAppendW` `StrFormatByteSize64A` `PathFileExistsW`
WS2_32.dll	`WSAIoctl` `getsockopt` `setsockopt` `WSAStartup` `WSACleanup` `__WSAFDIsSet` `closesocket` `shutdown` `select` `listen` `WSARecv` `WSASend` `WSASocketW` `WSAStringToAddressW` `WSASetLastError` `send` `recv` `getsockname` `getpeername` `connect` `bind` `WSAGetLastError` `getaddrinfo` `freeaddrinfo` `ntohl` `htonl` `ntohs` `htons` `accept` `ioctlsocket`
MSWSOCK.dll	`GetAcceptExSockaddrs` `AcceptEx`
WTSAPI32.dll	`WTSFreeMemory` `WTSQuerySessionInformationW` `WTSQueryUserToken`
gdiplus.dll	`GdipGetImageEncoders` `GdipCreateBitmapFromHBITMAP` `GdipGetImageEncodersSize` `GdiplusStartup` `GdiplusShutdown` `GdipFree` `GdipAlloc` `GdipDisposeImage` `GdipCloneImage` `GdipSaveImageToStream`
WININET.dll	`InternetGetConnectedState`
VERSION.dll	`VerQueryValueW`
WINHTTP.dll	`WinHttpCloseHandle` `WinHttpGetProxyForUrl` `WinHttpOpen` `WinHttpGetIEProxyConfigForCurrentUser`
USERENV.dll	`RefreshPolicyEx` `CreateEnvironmentBlock` `DestroyEnvironmentBlock`
IPHLPAPI.DLL	`GetAdaptersInfo`
SETUPAPI.dll	`SetupDiOpenDevRegKey` `SetupDiGetDeviceRegistryPropertyA` `SetupDiGetClassDevsA` `SetupDiEnumDeviceInfo`
urlmon.dll	`URLDownloadToCacheFileW` `URLDownloadToCacheFileA`
WINMM.dll	`mixerGetLineInfoW` `mixerOpen` `mixerGetNumDevs` `mixerSetControlDetails` `mixerGetControlDetailsW` `mixerClose` `mixerGetID` `mixerGetLineControlsW`

Delayed Imports

101

Type	`TEXT`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x18c54`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.66174`
MD5	`507036aeb9a0fb760a0f8ddd7415ad74`
SHA1	`f5e13fc75780a14955e27a8e345721ed1b485560`
SHA256	`21c65942cef02e22ba68992839b4d3983fc6b1bfe9f1cb842001f5f1de1849a3`
SHA3	`65c1139cf390de3a6c9861d6653d3d8bfba572f86af8b8a3ea6c00cbcebdad89`

1

Type	`RT_VERSION`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x328`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37081`
MD5	`4eadeafe845a3ce0b7bc732a1c6cd5e4`
SHA1	`3fe89cd9faedea0147b8318167bef30ddfc4c080`
SHA256	`9e627c633f923f9eebaebd570d490baaede8b2610566e4a693ddb508e0760450`
SHA3	`b537cf202d9ef611d19d41b65751031b73877ebe6fbd781bf949c37843dcaf77`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.3.15.2
ProductVersion	1.1.0.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Korean - Korea
CompanyName	Axissoft
FileDescription	StarPlayer Agent
FileVersion (#2)	1.3.15.2
InternalName	starplayer.exe
LegalCopyright	Copyright (C) 2010. Axissoft.corp. all rights reserved.
OriginalFilename	starplayer.exe
ProductName	StarPlayer Agent
ProductVersion (#2)	1.1.0.1

Resource LangID	Korean - Korea

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2022-Aug-30 01:35:57
Version	`0.0`
SizeofData	`93`
AddressOfRawData	`0x2d6c4c`
PointerToRawData	`0x2d564c`
Referenced File	C:\works\starplayeragent\axisProxy\x64\Release\StarPlayerAgent64.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2022-Aug-30 01:35:57
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x2d6cac`
PointerToRawData	`0x2d56ac`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2022-Aug-30 01:35:57
Version	`0.0`
SizeofData	`1024`
AddressOfRawData	`0x2d6cc0`
PointerToRawData	`0x2d56c0`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2022-Aug-30 01:35:57
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x1402d70e0`
EndAddressOfRawData	`0x1402d70e8`
AddressOfIndex	`0x14035c0e4`
AddressOfCallbacks	`0x14025de68`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140338ff8`

RICH Header

XOR Key	`0x2fb8167c`
Unmarked objects	`0`
ASM objects (27412)	`13`
C++ objects (27412)	`203`
C objects (30034)	`19`
ASM objects (30034)	`10`
C++ objects (CVTCIL) (27412)	`1`
C++ objects (24245)	`13`
C++ objects (30034)	`109`
C++ objects (VS2019 Update 4 (16.4.6) compiler 28319)	`3`
C objects (27412)	`31`
Imports (27412)	`41`
Total imports	`401`
Unmarked objects (#2)	`26`
C objects (VS2015 UPD3.1 build 24215)	`473`
C++ objects (LTCG) (VS2019 Update 11 (16.11.9) compiler 30139)	`24`
Resource objects (VS2019 Update 11 (16.11.9) compiler 30139)	`1`
151	`1`
Linker (VS2019 Update 11 (16.11.9) compiler 30139)	`1`

Errors

Leave a comment

No comments yet.