5f3ab6b5377647ec55e9992fb1c4bb08352dfe37e2482f5131f9c53b902c9699

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2013-Jul-24 12:31:54
Detected languages English - United States
German - Germany
CompanyName MAGIX AG
FileDescription Install Launcher
FileVersion 1, 1, 0, 12
InternalName Install Launcher
LegalCopyright © MAGIX AG
OriginalFilename InstallLauncher.exe
ProductName MAGIX Install Launcher
ProductVersion 1, 1, 0, 12

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ 6.0 - 8.0
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryA
 Can access the registry:
  • RegCreateKeyExA
  • RegOpenKeyExA
  • RegSetValueExA
  • RegCloseKey
Info The PE is digitally signed. Signer: MAGIX Software GmbH
Issuer: Symantec Class 3 SHA256 Code Signing CA
Safe VirusTotal score: 0/72 (Scanned on 2026-03-05 02:16:26) All the AVs think this file is safe.

Hashes

MD5 eda72bd0a5fa5827d984c44dd2cf0f55
SHA1 45b5b894f119d2a2a43ac410b8ddd476ed787877
SHA256 5f3ab6b5377647ec55e9992fb1c4bb08352dfe37e2482f5131f9c53b902c9699
SHA3 0e9717b55c688ec22845f092030cb490f0845a24003e08d130a5c61801bdb1db
SSDeep 768:tMLfMYnU3N6KD44HrrEkVw3J9JCq0No9g7nVOkARwLkndwj88lYi+ZfM8z/uUoc:e7ocKDXHiNOosVXo8L+ZfMu/uU/Ah/
Imports Hash dc66445d1a9611f9f1798728ec07b77d

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xe8

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 4
TimeDateStamp 2013-Jul-24 12:31:54
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 9.0
SizeOfCode 0xa200
SizeOfInitializedData 0x4a00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00002DC1 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0xc000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.0
ImageVersion 0.0
SubsystemVersion 5.0
Win32VersionValue 0
SizeOfImage 0x14000
SizeOfHeaders 0x400
Checksum 0x1aba8
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 7607321e3bc70621b4f2b30d4917df58
SHA1 7c1cfa9805658f4618b6fb3363a06a6dc0a33565
SHA256 18950806c0d38eaaed63099f1185d203ecb7cb7f298b10e25b35a5f4b6f43f26
SHA3 6a56076a449ec08b016f7316bc1e1976d3ddbfdabcd51ae5c843a77a5f056167
VirtualSize 0xa0d5
VirtualAddress 0x1000
SizeOfRawData 0xa200
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.55241

.rdata

MD5 cccd5450bcfd953136315ab4ba63230d
SHA1 3a46e59412c60cc463463d76186924ab95a6fa10
SHA256 4c8c77717351c7dd7fdb969d9f1553c62f48197f3a54fd0621a082274a85c89d
SHA3 749acaf2043020ac1cf0b3bb1c2fbf50fbca220f585de9135ee7428a868e5195
VirtualSize 0x2d5e
VirtualAddress 0xc000
SizeOfRawData 0x2e00
PointerToRawData 0xa600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.32492

.data

MD5 d8d1bdbdd1bf33f0c78e2af0df9ed8e7
SHA1 a14ae918c77182c78fd553caae6dfddd61c3450b
SHA256 11ddb787a06b105fefe600bdec8b5f39347f0311fe99a5d324a800c66eebbc61
SHA3 ef42d19dba9f17869c181779f7a5866fe579c9a1b696c8b1f4c6b731c3bd727f
VirtualSize 0x3040
VirtualAddress 0xf000
SizeOfRawData 0x1600
PointerToRawData 0xd400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 3.68683

.rsrc

MD5 a3043595ce1bb26ed1374666827b71ea
SHA1 78b5f1a4ed1390afbef386d062d5be6b069ceb0e
SHA256 c84134f3046948bea0bf49b06176c5a7c9d55040efb6a641b568ea94b96204aa
SHA3 ae456f7b4075dae5db76b9596f678aee379cac0be41e691e41560fa75c673325
VirtualSize 0x584
VirtualAddress 0x13000
SizeOfRawData 0x600
PointerToRawData 0xea00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.63282

Imports

KERNEL32.dll GlobalGetAtomNameA
GlobalDeleteAtom
FlushFileBuffers
CreateFileA
WaitForSingleObject
GetExitCodeProcess
GetLastError
CloseHandle
WriteConsoleW
GetConsoleOutputCP
RaiseException
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
USER32.dll PeekMessageA
TranslateMessage
DispatchMessageA
ADVAPI32.dll RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
SHELL32.dll ShellExecuteExA

Delayed Imports

1

Type RT_VERSION
Language German - Germany
Codepage Latin 1 / Western European
Size 0x2f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.39141
MD5 7017b7582221b303831f1617ce59e88d
SHA1 bc3468d8be7b887581f5ef40e5babc43b5187fd5
SHA256 c1b12e8ace1fcff37201dce89a95945f86ec9f69a1461e294b497100745d68d8
SHA3 cb67511ee5d0d3308b56b58ea4a43f2cb6614683e01d276b9d50c5492f4470f0

1 (#2)

Type RT_MANIFEST
Language English - United States
Codepage Latin 1 / Western European
Size 0x1f3
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.1009
MD5 1818dd0aa0b80d5964e6f36625441aab
SHA1 9f51de3efa09b6e31bb4a05a8e185d05a94f8b15
SHA256 a4a1b75db827acc2961c3159f6823e278dc3e61af24428b285021c4b0c03ef67
SHA3 2a93dd184b8edf031813dd29d980a633cd558630795a81bb21b644d612d04707

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.1.0.12
ProductVersion 1.1.0.12
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
FileType VFT_APP
Language German - Germany
CompanyName MAGIX AG
FileDescription Install Launcher
FileVersion (#2) 1, 1, 0, 12
InternalName Install Launcher
LegalCopyright © MAGIX AG
OriginalFilename InstallLauncher.exe
ProductName MAGIX Install Launcher
ProductVersion (#2) 1, 1, 0, 12
Resource LangID German - Germany

TLS Callbacks

Load Configuration

Size 0x48
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x40f474
SEHandlerTable 0x40de60
SEHandlerCount 10

RICH Header

XOR Key 0xb7f09d76
Unmarked objects 0
ASM objects (VS2008 SP1 build 30729) 18
C objects (VS2008 SP1 build 30729) 100
Imports (VS2008 SP1 build 30729) 9
Total imports 99
C++ objects (VS2008 SP1 build 30729) 46
Linker (VS2008 build 21022) 1
Resource objects (VS2008 SP1 build 30729) 1

Errors

Leave a comment

No comments yet.