Manalyze report for 3b02c4b45693d1ee2c2afa2b0d68cce79f344ebfbfdbe27143a0d08ea4dcee4b

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Apr-08 13:17:49
Detected languages	English - United States
Debug artifacts	C:\Users\craig\source\repos\BBSlink-Wall\Release\BBSlinkWall.pdb

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 8.0`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to MD5`
Info	The PE contains common functions which appear in legitimate applications.	`Has Internet access capabilities: InternetCloseHandle InternetConnectA InternetReadFile InternetQueryDataAvailable InternetOpenA`
Suspicious	VirusTotal score: 2/71 (Scanned on 2026-05-14 20:47:17)	`Jiangmin: Trojan.AD.dy` `Panda: Trj/Genetic.gen`

Hashes

MD5	`3ec533fbf402f9a32dd1337ac1ead8e2`
SHA1	`a3d95acaaa65047ec24d8c7a452cb6e3c0de1be8`
SHA256	`3b02c4b45693d1ee2c2afa2b0d68cce79f344ebfbfdbe27143a0d08ea4dcee4b`
SHA3	`1d62c43e7c56a8462816b4fc9181772f2f9bfe2daf192ffecbf1eddf53140468`
SSDeep	`768:YKvpjtHF5kPRoCTqtV9aok00J0000000004LPlTa:tTHF5kPRoCTqtnTO`
Imports Hash	`bc041e3dff665dc7663fcb7c96c4290e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2026-Apr-08 13:17:49
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x2600`
SizeOfInitializedData	`0x4600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000294C (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x4000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xa000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`d14f2b9e46b7cb5d0c9e02389be8ef61`
SHA1	`563b0de651a5d86651bf5d003d825772f20c003d`
SHA256	`bc2248755eea10aef6013a9bba5055cc598dc70a65967ab5c812933109c5bdde`
SHA3	`5e39787a2d11c3e5bcbc65b7efe01293b94d35a6030dc0fa0f7b51d6c678e6e8`
VirtualSize	`0x24dd`
VirtualAddress	`0x1000`
SizeOfRawData	`0x2600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.30888`

.rdata

MD5	`196f0d0308126c9b155d9358a1830fde`
SHA1	`a8acdcbceaa87a2cfcf87470af44680a873720ae`
SHA256	`a5b08074d016c56c44dc897da0e937b8db5dd576c93fc8a5e152634c7b8cb58d`
SHA3	`2ecba416a4b927a685de534a41ba7d15852445c7235b4b057a71e1a51af75a3f`
VirtualSize	`0x1b3e`
VirtualAddress	`0x4000`
SizeOfRawData	`0x1c00`
PointerToRawData	`0x2a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.31671`

.data

MD5	`64d026b367aecaa69d19f7d03277fdd2`
SHA1	`0e2a01236e99d07dfc72ce7ed49b611916314618`
SHA256	`0411e83ee73dff49237ca804344e6f58d6d7836ef68877b183171a31b753c899`
SHA3	`d7eaea1b6bd22e9775fa273e7f34c3c81d7f91c0c34caf3e25a6fff580e92656`
VirtualSize	`0x4b8`
VirtualAddress	`0x6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.448497`

.rsrc

MD5	`39edb9167cfbd3a04eebd19916f4bd22`
SHA1	`414c4d5ea2ffcf71067788f480976108bf7e3296`
SHA256	`1b76cb4f14f83151fe066262e1aea70040bfc61ae2d9099ce79537c0ca677cf0`
SHA3	`c52207729e49e543a5b7e54a10b2085c68f7b7dd8efbee9dfb2bb9dff45eb73b`
VirtualSize	`0x1e60`
VirtualAddress	`0x7000`
SizeOfRawData	`0x2000`
PointerToRawData	`0x4800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.82058`

.reloc

MD5	`19cc57ed5de9986a5c23bb4bdac71622`
SHA1	`17b539256fa695ea4c9e285483b4f080f150fea0`
SHA256	`9ade0fbd3195b0b11db1b6e0e2aafa654c0abb420ef530752acf8f3fda76cee2`
SHA3	`b79915371e64bd1a6aaf59ea1f2dc32f425324cf67d923bf48ee5da22d3f432b`
VirtualSize	`0x3c8`
VirtualAddress	`0x9000`
SizeOfRawData	`0x400`
PointerToRawData	`0x6800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.45541`

Imports

ODOORS62.dll	`_od_clr_scr@0` `od_control` `_od_exit@8` `_od_set_cursor@8` `_ODConfigInit@0` `_od_get_answer@4` `od_printf` `_od_sleep@4` `_od_parse_cmd_line@4` `_od_get_key@4` `_od_disp_emu@8` `_od_init@0` `_od_input_str@16`
KERNEL32.dll	`GetModuleHandleW` `SetUnhandledExceptionFilter` `GetCurrentProcess` `TerminateProcess` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `IsDebuggerPresent` `GetLastError` `GetStartupInfoW` `UnhandledExceptionFilter`
WININET.dll	`HttpSendRequestW` `InternetCloseHandle` `InternetConnectA` `InternetReadFile` `InternetQueryDataAvailable` `HttpOpenRequestA` `HttpAddRequestHeadersA` `InternetOpenA`
VCRUNTIME140.dll	`_except_handler4_common` `memset` `__current_exception_context` `__current_exception` `strstr`
api-ms-win-crt-utility-l1-1-0.dll	`srand` `rand`
api-ms-win-crt-stdio-l1-1-0.dll	`__acrt_iob_func` `__stdio_common_vfprintf` `__p__commode` `_set_fmode` `__stdio_common_vsnprintf_s`
api-ms-win-crt-string-l1-1-0.dll	`_strdup` `strcat_s` `strncmp` `strcpy_s` `_stricmp`
api-ms-win-crt-time-l1-1-0.dll	`_time64`
api-ms-win-crt-heap-l1-1-0.dll	`free` `_set_new_mode` `malloc`
api-ms-win-crt-runtime-l1-1-0.dll	`_initterm_e` `exit` `_exit` `_initterm` `_cexit` `_c_exit` `_register_thread_local_exe_atexit_callback` `_configure_narrow_argv` `_get_narrow_winmain_command_line` `_initialize_narrow_environment` `_initialize_onexit_table` `_register_onexit_function` `_crt_atexit` `_controlfp_s` `terminate` `_seh_filter_exe` `_set_app_type`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`

Delayed Imports

203

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x338`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.49209`
MD5	`9f68255d241a69dd59a1c9c106f7f4f1`
SHA1	`9de98423007d9d11937ef826c39d2d84aa7568ff`
SHA256	`622b1f43607048300d4ed3b10d4823b9d7b7b6fa09f7195a9a215f647c21a892`
SHA3	`64cfdc2e4f7592ca7afabb0f857870fbbeab4c0381570a46aaa6aea38bf94c59`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.18867`
MD5	`02cf30c3dd404c656631a58d8adb5b54`
SHA1	`c42a238b4d624c71d1816d567254b404f75229a6`
SHA256	`b8f1a8c6303352cb962f4b73c5f04659bb9b98a5db68792689591a451d7f6409`
SHA3	`424e8d544c7ca45460959a732d44e72732c7b0a36277a345b571d04fb1a77d07`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.24882`
MD5	`698e33fee6e89df9acc8c18ac6cd40bc`
SHA1	`8bb51c4e7e966047a3e40b5ebe39ac62b59321d3`
SHA256	`910d2a79383355b06d6e42ea4502b56eac78723e4bf27947bde932d61e68087e`
SHA3	`fb7cee68d95375ebfb6a9233aec153962210f72b1fd1b01f8665d378529e008a`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.75044`
MD5	`9db60012d2b73978182b02527d99d045`
SHA1	`4ac2035db116058bbddfc3535ac905b9c9c842fa`
SHA256	`52e79d7f7e4834c0e7129beb59b896f50f40f1151bd36ddc423537115c94e4b0`
SHA3	`c4682565ae577bb7281c0edf3e01d781669e1238b0f4683696ac908bf48b22f1`

200

Type	`RT_MENU`
Language	English - United States
Codepage	UNKNOWN
Size	`0x31c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.43993`
MD5	`97199ef3286b6525affbdb925312c4fc`
SHA1	`b55ec4f450ba5f937c6cb89f989a6d19ac558c2d`
SHA256	`1ba4a698995b4aac04d2597dffa6dc39e620290d6597c13ae1bf89f6cfffe038`
SHA3	`6a6b9a9eb2ee01673b55e08e278adcb55e8f2a9d33f09807054e23831be912b7`

201

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x222`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47629`
MD5	`75b440769e098f871b4fdf101bb3ca3f`
SHA1	`1758d7aa8b7525a9b1766594d211123d78f983af`
SHA256	`7e0933107834d1e8562dedf0ebdd9290634338ec163ed4defc36b066e668aa1d`
SHA3	`2abde69868ce3d65bd3cb677fd90b2fd9bc0f5f829e21753700d2b042821f9af`

205

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2ae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35567`
MD5	`28558458e783c14c55261dbc65135af8`
SHA1	`95dd259b5d00467b008e945356e09e3520540389`
SHA256	`b5f713e2a1fc4a4800edfae19feeb5d69dee4fe77b028f3d63b61e3397c49af8`
SHA3	`65c1d19ddbf47cf416681291cf4398692ca7037a26c4129111a170a5397dcbcf`

207

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.05657`
MD5	`c39216f45325c57535b003ca265f35f7`
SHA1	`0a9db06b13d6ed68eab7fa152bb7060bf901e1bc`
SHA256	`6208f3f820931ce715fcff3dc89a774926b23929f13c34c82d4a16bee29f271d`
SHA3	`738b5005f21f233cef1c9b5a0ad913ddd544fbf13ffefb6725ec12fc3b21e152`

3126

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x52c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.1958`
MD5	`744f0994be2c933df923924838530651`
SHA1	`f117aa6da33a59f05101e4aadf1af1a35a8dcc8c`
SHA256	`160e18089acd404848493469ae680ee2732b59efe8a0996e650b80915c9fbe97`
SHA3	`850212c4879a83b55fd399391ad901cab4d8b05410e4843640915f2f324d8aa6`

3127

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xfe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92865`
MD5	`e9d3a293b67996512ba9155700cb9c98`
SHA1	`cca3c8a5eec2dd8f545ef01fd0394d594f7e2a3c`
SHA256	`9b20b036f6e1add8cb88b5f962b1e000b1cfb81c30cf0154c1a63cd1440d8aa0`
SHA3	`d749841d66ded5e6d21b515e64e79a04460d024ee0a223ec98a5f0e1d7b573e9`

204

Type	`RT_ACCELERATOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x58`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.95638`
MD5	`575ade9d8dbff04859fe45fce56812a9`
SHA1	`2e267ef7c4ee67859cf2707c21d34c08778eb89d`
SHA256	`e867d776bfec44fbb516b47322b3c99617c76be0db90c3232669cc1fd5ba1e6d`
SHA3	`1d8d8945470f68babf4d9911bc4bed4b35ecae588305d4aa4d8aa9291c212cf3`

202

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.37086`
Detected Filetype	Icon file
MD5	`d59e0d372ea5fd8c1f4de744376a6af4`
SHA1	`6883ce60e71a83424db0b41d0ab6bf61080e3de2`
SHA256	`b10e28a32eddb2ab20a46ceae59d9c0786911eb20f0c8dd2a28421f226ea2b8b`
SHA3	`5e39df982879204dd9f129a37d1e1c2ff906e88de9ae01b4418db5e8455e7ae1`

206

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.32322`
Detected Filetype	Icon file
MD5	`ce9c092856a8bcd1503927da430e18e7`
SHA1	`8eecabfe2727710867c6b7223b32f490b1caf133`
SHA256	`483aa261cce96256ff045257f2834d1cc43b6194f5d30533c0f18776aa7367f2`
SHA3	`203afac5a8b0c87581e30850450c0d112d2c7172b934b0bb67b442dd0f8a918e`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

String Table contents

Enters or exits chat mode, allowing you to communicate with the remote user.
Causes any keys or commands from the remote user to be ignored.
Reserves the system for the sysop after this user logs off (if supported by BBS).
Hangs up the modem and exits the door.
Increases the user's time remaining by one minute.
Increases the user's time remaining by five minutes.
Decreases the user's time remaining by one minute.
Decreases the user's time remaining by five minutes.
Enables the timer that will log off the user after a long period of no activity.
Displays program information and copyright.
Shows or hides the toolbar.
Exits the door without hanging up.
Hangs up the modem, denying any further access to the user (if supported by BBS).
Shows or hides the status bar.

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Apr-08 13:17:49
Version	`0.0`
SizeofData	`89`
AddressOfRawData	`0x4ef0`
PointerToRawData	`0x38f0`
Referenced File	C:\Users\craig\source\repos\BBSlink-Wall\Release\BBSlinkWall.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Apr-08 13:17:49
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x4f4c`
PointerToRawData	`0x394c`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Apr-08 13:17:49
Version	`0.0`
SizeofData	`620`
AddressOfRawData	`0x4f60`
PointerToRawData	`0x3960`

TLS Callbacks

Load Configuration

Size	`0xc0`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x406000`
SEHandlerTable	`0x404e80`
SEHandlerCount	`1`

RICH Header

XOR Key	`0xbcae9723`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`16`
Imports (35207)	`2`
ASM objects (35207)	`1`
C objects (35207)	`12`
C++ objects (35207)	`19`
Imports (33145)	`4`
Imports (35222)	`3`
Total imports	`80`
C objects (LTCG) (35225)	`2`
Resource objects (35225)	`1`
151	`1`
Linker (35225)	`1`

Errors

Leave a comment

No comments yet.