| Architecture |
IMAGE_FILE_MACHINE_I386
|
|---|---|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date | 2014-Oct-03 23:17:05 |
| Detected languages |
English - United States
Japanese - Japan |
| CompanyName | SoulGainer |
| FileDescription | Game_Server |
| FileVersion | 1, 0, 0, 1 |
| InternalName | Game_Server |
| LegalCopyright | Copyright (C) 2004 |
| OriginalFilename | Game_Server.exe |
| ProductName | SoulGainer |
| ProductVersion | 1, 0, 0, 1 |
| Info | Matching compiler(s): | Microsoft Visual C++ 6.0 - 8.0 |
| Info | Interesting strings found in the binary: |
Contains domain names:
|
| Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses known Mersenne Twister constants |
| Suspicious | The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
|
| Suspicious | VirusTotal score: 1/74 (Scanned on 2024-07-20 20:52:48) | Sophos: Generic ML PUA (PUA) |
| e_magic | MZ |
|---|---|
| e_cblp | 0x90 |
| e_cp | 0x3 |
| e_crlc | 0 |
| e_cparhdr | 0x4 |
| e_minalloc | 0 |
| e_maxalloc | 0xffff |
| e_ss | 0 |
| e_sp | 0xb8 |
| e_csum | 0 |
| e_ip | 0 |
| e_cs | 0 |
| e_ovno | 0 |
| e_oemid | 0 |
| e_oeminfo | 0 |
| e_lfanew | 0x108 |
| Signature | PE |
|---|---|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections | 4 |
| TimeDateStamp | 2014-Oct-03 23:17:05 |
| PointerToSymbolTable | 0 |
| NumberOfSymbols | 0 |
| SizeOfOptionalHeader | 0xe0 |
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_RELOCS_STRIPPED
|
| Magic | PE32 |
|---|---|
| LinkerVersion | 9.0 |
| SizeOfCode | 0x1d0c00 |
| SizeOfInitializedData | 0x384000 |
| SizeOfUninitializedData | 0 |
| AddressOfEntryPoint | 0x001634D3 (Section: .text) |
| BaseOfCode | 0x1000 |
| BaseOfData | 0x1d2000 |
| ImageBase | 0x400000 |
| SectionAlignment | 0x1000 |
| FileAlignment | 0x200 |
| OperatingSystemVersion | 5.0 |
| ImageVersion | 0.0 |
| SubsystemVersion | 5.0 |
| Win32VersionValue | 0 |
| SizeOfImage | 0xc7a000 |
| SizeOfHeaders | 0x400 |
| Checksum | 0x5640c4 |
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve | 0x100000 |
| SizeofStackCommit | 0x1000 |
| SizeofHeapReserve | 0x100000 |
| SizeofHeapCommit | 0x1000 |
| LoaderFlags | 0 |
| NumberOfRvaAndSizes | 16 |
| AVIFIL32.dll |
AVIFileExit
AVIStreamWrite AVIFileRelease AVIStreamRelease AVIStreamSetFormat AVIMakeCompressedStream AVIFileCreateStreamA AVIFileOpenA AVIFileInit |
|---|---|
| MSVFW32.dll |
ICCompressorFree
ICCompressorChoose |
| IPHLPAPI.DLL |
GetAdaptersInfo
|
| COMCTL32.dll |
#17
InitCommonControlsEx ImageList_Create ImageList_ReplaceIcon |
| DINPUT8.dll |
DirectInput8Create
|
| DSOUND.dll |
#7
#1 #2 #6 |
| d3d9.dll |
D3DPERF_BeginEvent
Direct3DCreate9 D3DPERF_EndEvent |
| d3dx9_43.dll |
D3DXMatrixLookAtLH
D3DXMatrixInverse D3DXGetImageInfoFromFileA D3DXCreateTextureFromFileExA D3DXCreateTextureFromFileInMemoryEx D3DXMatrixTransformation2D D3DXPlaneFromPoints D3DXMatrixRotationZ D3DXCreateFontA D3DXMatrixLookAtRH D3DXCreateTextureFromFileA D3DXCreateSprite D3DXMatrixPerspectiveFovLH D3DXMatrixTranspose D3DXVec4Normalize D3DXVec3Transform D3DXSaveSurfaceToFileA D3DXLoadMeshHierarchyFromXA D3DXFrameCalculateBoundingSphere D3DXQuaternionRotationMatrix D3DXFrameFind D3DXVec3TransformCoord D3DXVec3Normalize D3DXMatrixRotationX D3DXComputeNormals D3DXMatrixRotationY D3DXMatrixTranslation D3DXMatrixMultiplyTranspose D3DXVec4Transform D3DXFrameDestroy D3DXMatrixScaling D3DXMatrixMultiply D3DXMatrixRotationQuaternion D3DXQuaternionSlerp D3DXCreateTexture D3DXCreateEffectFromFileA D3DXQuaternionMultiply D3DXQuaternionToAxisAngle D3DXCreateTextureFromResourceA |
| USER32.dll |
ScreenToClient
GetCursorPos GetWindowRect ClipCursor TranslateMessage PeekMessageA DispatchMessageA GetDlgItem ShowWindow UnregisterClassA UnhookWindowsHookEx GetForegroundWindow SetForegroundWindow SetActiveWindow SetWindowsHookExA DialogBoxParamA SendMessageA GetDesktopWindow PostMessageA DestroyWindow SetRect GetDC ReleaseDC FillRect SetWindowPos GetFocus InvalidateRect EndDialog SetTimer SetWindowTextA SetFocus CheckRadioButton GetWindowTextA SetWindowLongA IsDlgButtonChecked EnableWindow GetDlgItemTextA MoveWindow LoadMenuA GetSubMenu TrackPopupMenu GetClientRect CreateDialogParamA PostQuitMessage MessageBoxA SetDlgItemTextA LoadImageA IsWindowVisible LoadIconA LoadCursorA RegisterClassA GetSystemMetrics AdjustWindowRect CreateWindowExA KillTimer DefWindowProcA UpdateWindow GetWindowLongA |
| SHELL32.dll |
Shell_NotifyIconA
|
| COMDLG32.dll |
GetSaveFileNameA
GetOpenFileNameA |
| WINMM.dll |
timeEndPeriod
timeBeginPeriod PlaySoundA timeGetDevCaps timeGetTime |
| WSOCK32.dll |
WSACleanup
htons ioctlsocket recvfrom closesocket sendto bind socket ntohs WSAStartup htonl recv send WSAGetLastError connect gethostbyname gethostname inet_addr |
| IMM32.dll |
ImmReleaseContext
ImmGetContext ImmNotifyIME ImmGetCompositionStringA ImmDestroyContext |
| KERNEL32.dll |
TlsSetValue
TlsAlloc TlsGetValue SetFilePointer ExitProcess GetModuleHandleW GetFileType GetStdHandle SetHandleCount VirtualAlloc VirtualFree HeapCreate GetStringTypeW CompareStringW CompareStringA GetDateFormatA GetTimeFormatA LCMapStringW LCMapStringA GetCPInfo GetStartupInfoA GetCommandLineA MoveFileA ExitThread GetFullPathNameA GetDriveTypeA SetEnvironmentVariableA HeapReAlloc SetConsoleMode ReadConsoleInputA IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess RaiseException CreateDirectoryA DeleteFileA GetSystemTimeAsFileTime RtlUnwind HeapAlloc HeapFree GetLocaleInfoA LeaveCriticalSection EnterCriticalSection DeleteCriticalSection InitializeCriticalSection MultiByteToWideChar InterlockedCompareExchange InterlockedDecrement InterlockedIncrement WideCharToMultiByte GetACP TlsFree IsValidCodePage GetConsoleCP HeapSize SetStdHandle GetTimeZoneInformation FlushFileBuffers FreeEnvironmentStringsA GetEnvironmentStrings FreeEnvironmentStringsW GetEnvironmentStringsW GetCurrentProcessId GetStringTypeA GetUserDefaultLCID EnumSystemLocalesA IsValidLocale InitializeCriticalSectionAndSpinCount WriteConsoleA QueryPerformanceCounter FormatMessageA LocalFree OutputDebugStringA CopyFileA Process32First Process32Next CreateToolhelp32Snapshot Module32First Module32Next TerminateProcess FileTimeToLocalFileTime GetConsoleOutputCP WriteConsoleW GetLocaleInfoW FileTimeToSystemTime GlobalAlloc lstrlenA IsDBCSLeadByte LoadLibraryA GetProcAddress FreeLibrary WaitForMultipleObjects CreateFileA SetFilePointerEx WriteFile ReadFile GetModuleHandleA VirtualQuery VirtualProtect InterlockedExchange DebugBreak ReleaseMutex QueryPerformanceFrequency SetEvent CreateMutexA CreateEventA GetOEMCP SetLastError CreateFileW SetEndOfFile GetProcessHeap GetConsoleMode GetFileAttributesA SetThreadPriority CreateThread CloseHandle TerminateThread FindClose FindNextFileA FindFirstFileA GetCurrentThreadId GetCurrentDirectoryA SetCurrentDirectoryA GetModuleFileNameA GetLastError GetTickCount Sleep WaitForSingleObject |
| GDI32.dll |
AddFontResourceA
GetTextExtentPoint32A CreateFontA GetStockObject CreateFontIndirectA CreateCompatibleDC SelectObject DeleteDC StrokeAndFillPath EndPath TextOutA BeginPath SetBkMode CreatePen DeleteObject CreateSolidBrush CreateDIBSection GetGlyphOutlineA GetTextMetricsA |
| ole32.dll |
CoInitialize
CoUninitialize |
| Signature | 0xfeef04bd |
|---|---|
| StructVersion | 0x10000 |
| FileVersion | 1.0.0.1 |
| ProductVersion | 1.0.0.1 |
| FileFlags | (EMPTY) |
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
| FileType |
VFT_APP
|
| Language | Japanese - Japan |
| CompanyName | SoulGainer |
| FileDescription | Game_Server |
| FileVersion (#2) | 1, 0, 0, 1 |
| InternalName | Game_Server |
| LegalCopyright | Copyright (C) 2004 |
| OriginalFilename | Game_Server.exe |
| ProductName | SoulGainer |
| ProductVersion (#2) | 1, 0, 0, 1 |
| Resource LangID | Japanese - Japan |
|---|
| Size | 0x48 |
|---|---|
| TimeDateStamp | 1970-Jan-01 00:00:00 |
| Version | 0.0 |
| GlobalFlagsClear | (EMPTY) |
| GlobalFlagsSet | (EMPTY) |
| CriticalSectionDefaultTimeout | 0 |
| DeCommitFreeBlockThreshold | 0 |
| DeCommitTotalFreeThreshold | 0 |
| LockPrefixTable | 0 |
| MaximumAllocationSize | 0 |
| VirtualMemoryThreshold | 0 |
| ProcessAffinityMask | 0 |
| ProcessHeapFlags | (EMPTY) |
| CSDVersion | 0 |
| Reserved1 | 0 |
| EditList | 0 |
| SecurityCookie | 0x8f8dc0 |
| SEHandlerTable | 0x609bd0 |
| SEHandlerCount | 138 |
| XOR Key | 0xdc4500bd |
|---|---|
| Unmarked objects | 0 |
| ASM objects (VS2008 build 21022) | 54 |
| C objects (VS2008 build 21022) | 202 |
| Imports (21202) | 2 |
| C++ objects (VS2010 build 30319) | 1 |
| Imports (VS2008 SP1 build 30729) | 4 |
| C objects (VS2008 SP1 build 30729) | 13 |
| Imports (VS2012 build 50727 / VS2005 build 50727) | 30 |
| Linker (VC++ 6.0 SP5 imp/exp build 8447) | 3 |
| Total imports | 327 |
| C++ objects (VS2008 build 21022) | 702 |
| Linker (VS2008 build 21022) | 1 |
| Resource objects (VS2008 build 21022) | 1 |
No comments yet.