98be89fb3d679aee835044ac339f55cc44e1989fb4dc6f828ecbb0742bb04cb7

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date 2026-Jun-10 14:13:55
Debug artifacts E:\Projects\pragma\zip\bin\output.pdb

Plugin Output

Suspicious The PE is possibly packed. The PE only has 9 import(s).
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 8895dd52c3b6875af330e416d7e95a38
SHA1 1d2b2dcd959c38745e64e5a985c8684e35993b4a
SHA256 98be89fb3d679aee835044ac339f55cc44e1989fb4dc6f828ecbb0742bb04cb7
SHA3 04764a09ee87a3a47404850f97079797c187b4c4255665ea5a2ffd388e6317dd
SSDeep 192:XOFtjqGDwkmlc0ckAP4oc31qAUJ9DfHS9b3K4YxI94lrgNUKCmc2diG7BZVlXq3:XOFAUwlckAPNq1qAUJ9DfHS13K4YI94
Imports Hash 942725161fd31f3bee29248e4f303f94

DOS Header

e_magic MZ
e_cblp 0x78
e_cp 0x1
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0
e_ss 0
e_sp 0
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x78

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 4
TimeDateStamp 2026-Jun-10 14:13:55
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0x2200
SizeOfInitializedData 0xa00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000001040 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x7000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 1282396a8c3a9cb46103356d40778e55
SHA1 5dad73ed543e0b4fd6b492232abdf43ac4853b59
SHA256 6dfb8f5dae3da72433f6e6c70ed19d97eda352953c3a1a501cd472e3c1a72fe7
SHA3 299c5f2a948582412d2189580dccc8490261f386a639a4b3f63b3393858a472a
VirtualSize 0x2166
VirtualAddress 0x1000
SizeOfRawData 0x2200
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.78841

.rdata

MD5 2083a518eb99c879216dab90a551094f
SHA1 1c6982639629c3a84bc58958ce66bbc133512041
SHA256 ff2f5df8e1a28ffa53f51b42636d9b599b57fd3136631130f8a99bf42ec3023b
SHA3 4982b928d1d31155b53a88250d49e12093b65972db3c88219f6eb7f4d7cdd6a4
VirtualSize 0x678
VirtualAddress 0x4000
SizeOfRawData 0x800
PointerToRawData 0x2600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.33331

.data

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x48
VirtualAddress 0x5000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata

MD5 5dedbf85d8eb46b3b4edc87ddfee46b2
SHA1 6504f9a119d5ccc152382e4bff758e9aec455955
SHA256 2b19e07a97266553b56f7326437ca0cdcd9c1ffdd82f7d35fff732bff50c505c
SHA3 91ce7f76419aa268dc8513c2f74984889bcdadc5beb9724117520ea9038f1173
VirtualSize 0x3c
VirtualAddress 0x6000
SizeOfRawData 0x200
PointerToRawData 0x2e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 0.553951

Imports

KERNEL32.dll CloseHandle
CreateFileA
GetFileSizeEx
GetStdHandle
ReadFile
RtlCopyMemory
VirtualAlloc
VirtualFree
WriteFile

Delayed Imports

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2026-Jun-10 14:13:55
Version 0.0
SizeofData 62
AddressOfRawData 0x447b
PointerToRawData 0x2a7b
Referenced File E:\Projects\pragma\zip\bin\output.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section .data has a size of 0!
Leave a comment

No comments yet.