710765eac9a42b37d28adc161693ba492a762d3c6e3579713c3043b5fee3e83e

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 1970-Jan-01 00:00:00

Plugin Output

Suspicious The PE is possibly packed. The PE only has 0 import(s).
Suspicious The file contains overlay data. 1012 bytes of data starting at offset 0x100c.
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 6984e3c80424b84fc1ea2619f8beda0b
SHA1 8e411e8e79fac9e886f6b589b8787c90b3a91db5
SHA256 710765eac9a42b37d28adc161693ba492a762d3c6e3579713c3043b5fee3e83e
SHA3 cf26c4696165764f330cfd08037b2dcd4f5602deaf4dd080c4846db3872a95e8
SSDeep 48:lIQaqFvmT9rp6SMKJVH9ZDm4yw/YIIP+Nk1N1/H25NU7tPrgCo:CQaqF+JN6SMKJVH9Z6kzJy1b/htg
Imports Hash d41d8cd98f00b204e9800998ecf8427e

DOS Header

e_magic MZ
e_cblp 0
e_cp 0
e_crlc 0
e_cparhdr 0
e_minalloc 0
e_maxalloc 0
e_ss 0
e_sp 0
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x4c

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 1970-Jan-01 00:00:00
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 0.0
SizeOfCode 0xc00
SizeOfInitializedData 0
SizeOfUninitializedData 0x1000
AddressOfEntryPoint 0x00000000 (Section: ?)
BaseOfCode 0x1000
BaseOfData 0x100000
ImageBase 0x10000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x101000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 66dac730fe9aec99b4b033e7c66325b3
SHA1 b68fd64f123f7f43ce4e97d312ab4ab1e4f4ac8d
SHA256 e10cb3bd01aaae4b6f2dee81c0e4c49d3060df8feb730bcec0151ea0f40eab2b
SHA3 ea7dfa2a1be9b5560a3cbaa26d39d5209fb2bb649fee9ca6f5773b775cab61b3
VirtualSize 0xc00
VirtualAddress 0x1000
SizeOfRawData 0xc00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.17462

.reloc

MD5 00779b2a99e2aa09ad388e36eafe7523
SHA1 372a35ea83749e6aac608c14eeb034987beec375
SHA256 cd695bc32b446f46e6d25e5c28c7b4591f8fedf9c2d13749cb4a7d1d4d89d3fd
SHA3 91e3e06af771073dcf62197e90449c0936d148d709a9af17b89cc532d53f8c3c
VirtualSize 0x1000
VirtualAddress 0x1c00
SizeOfRawData 0xc
PointerToRawData 0x1000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.816689

.data

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x1000
VirtualAddress 0x100000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Imports

Delayed Imports

native

Ordinal 1
Address 0x1000

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section .data has a size of 0!
Leave a comment

No comments yet.