| Architecture |
IMAGE_FILE_MACHINE_AMD64
|
| Subsystem |
IMAGE_SUBSYSTEM_EFI_APPLICATION
|
| Compilation Date |
1970-Jan-01 00:00:00
|
| Suspicious |
The PE is possibly packed. |
The PE only has 0 import(s).
|
| Suspicious |
No VirusTotal score. |
This file has never been scanned on VirusTotal.
|
| MD5 |
1dcc0f8ede4f3180121864062a040dff
|
| SHA1 |
30b8a0b72eeac7e7d4f34a3eec5486d0a93c4cb9
|
| SHA256 |
9828488452c15cc63c71e90c8ac3c9d025bc2c3bb744d44a6af8d3f58c22caa1
|
| SHA3 |
4d0be4499d4f07609315b7862c099cd5ecd427dcc36d57a33cca4e21212c9f28
|
| SSDeep |
6:yacH1bcn/lUNrXIT0vn/4n/gn/uLc9nldWGtmEKi6B:sVbc/lUFY0v/4/pyWGUd
|
| Imports Hash |
d41d8cd98f00b204e9800998ecf8427e
|
| e_magic |
MZ
|
| e_cblp |
0
|
| e_cp |
0
|
| e_crlc |
0
|
| e_cparhdr |
0
|
| e_minalloc |
0
|
| e_maxalloc |
0
|
| e_ss |
0
|
| e_sp |
0
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x40
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_AMD64
|
| NumberofSections |
3
|
| TimeDateStamp |
1970-Jan-01 00:00:00
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xf0
|
| Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
| Magic |
PE32+
|
| LinkerVersion |
0.0
|
| SizeOfCode |
0x67
|
| SizeOfInitializedData |
0
|
| SizeOfUninitializedData |
0
|
| AddressOfEntryPoint |
0x00000000000001C0 (Section: .text)
|
| BaseOfCode |
0x1c0
|
| ImageBase |
0x400000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
0.0
|
| ImageVersion |
0.0
|
| SubsystemVersion |
A.0
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x231
|
| SizeOfHeaders |
0x1c0
|
| Checksum |
0
|
| Subsystem |
IMAGE_SUBSYSTEM_EFI_APPLICATION
|
| SizeofStackReserve |
0x100000
|
| SizeofStackCommit |
0x1000
|
| SizeofHeapReserve |
0x100000
|
| SizeofHeapCommit |
0x1000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
4
|
| MD5 |
900d4d4e06d93ed9f8b5faae21245d2f
|
| SHA1 |
a3ae0e2703e4d74d337d7eb569018c0b55bc9f91
|
| SHA256 |
0e2409b28899ca3225b7d6c67411d2350ac40ea16763471141b2934a1544fea4
|
| SHA3 |
c4b3288bc57a8dcf574fcc05bec2504f23132eb126d8961b84df6e913b351875
|
| VirtualSize |
0x67
|
| VirtualAddress |
0x1c0
|
| SizeOfRawData |
0x67
|
| PointerToRawData |
0x1c0
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
3.78846
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0
|
| VirtualAddress |
0x227
|
| SizeOfRawData |
0
|
| PointerToRawData |
0x227
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| MD5 |
de2f14e7b0f8e7b0da19fdc5b35beacf
|
| SHA1 |
d850c4e43f4a7afcacf6663984f0df8c2194bf74
|
| SHA256 |
54c06aaebdd1c712e494e00101cc3cbadbadb23f02693328499d77e1d5708af9
|
| SHA3 |
80997c125d10a97b139e819afb51019418c7b9596a2f3daee4de871b0a4c91c2
|
| VirtualSize |
0xa
|
| VirtualAddress |
0x227
|
| SizeOfRawData |
0xa
|
| PointerToRawData |
0x227
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
1.35678
|
[*] Warning: Section .data has a size of 0!