Manalyze report for a08923479000cec366967fb8259e0920b7aa18859722c7dda1415726bed4774f

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2003-Nov-16 16:48:29

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ v6.0 DLL` `Microsoft Visual C++ 6.0 DLL (Debug)` `Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress`
Safe	VirusTotal score: 0/71 (Scanned on 2026-03-06 16:50:43)	`All the AVs think this file is safe.`

Hashes

MD5	`2b7b803311d2b228f065c45d13e1aeb2`
SHA1	`905d33aa70ad00d513c701cce22ad6fdb9d7d463`
SHA256	`a08923479000cec366967fb8259e0920b7aa18859722c7dda1415726bed4774f`
SHA3	`d2179d0aa887a25376acfe861b68bad34c7037572df135e9ec5f855d891e51d3`
SSDeep	`768:RG9mqQnM6D5cmIc33qTRP8XV/+EVFnnU/iB9Zfe4MtoZAo4CsRTJ0v:Rum/Xd7qTRkX0E7J1CtoK`
Imports Hash	`8ec5f91b35a203372803c35e3faa6597`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xd0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2003-Nov-16 16:48:29
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_DLL` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0xa000`
SizeOfInitializedData	`0x6000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00004C98 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0xb000`
ImageBase	`0x10000000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x11000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`e63db5e269d30aea63b69f84667d2a41`
SHA1	`93cee58e2b9bfa8de15441ece80fc26f6e29e5c7`
SHA256	`3ae6110cceb86bb95d937d7ee3c1febfaf48bc940d13128c125a5aabda5acc28`
SHA3	`fd24cdcf2eb0c7617952f6a2c2e38381a45568cb34c3927d9578f7a72b011556`
VirtualSize	`0x9ad2`
VirtualAddress	`0x1000`
SizeOfRawData	`0xa000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.61557`

.rdata

MD5	`c9ecb1ec7c9fb76758513d019389e478`
SHA1	`5fa2909116c709f5d4ebf404d6f40bccb55cb552`
SHA256	`3d46695ba687cfb7d4be7fab3feaa27af0ef204c4090957855339844ecff331a`
SHA3	`8b5aa1520802150ddf9376b5448a6b6513075979c042a7083fe28a5257e94eaa`
VirtualSize	`0x13fa`
VirtualAddress	`0xb000`
SizeOfRawData	`0x2000`
PointerToRawData	`0xb000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.80871`

.data

MD5	`e6aa84efce6968d436c6165ffba387f8`
SHA1	`d5262f01231e2f58315da3854ce2dbc920f41e6d`
SHA256	`0d1acdb5d7dc9544a6cec67402e0ff6dd5b70aa7ce1268d79cb8e3f7ebe89c32`
SHA3	`8c4b18906ddab22abfa1a86a5428518b4bde6a40f40ed7389e2bd43ef5818bee`
VirtualSize	`0x2808`
VirtualAddress	`0xd000`
SizeOfRawData	`0x2000`
PointerToRawData	`0xd000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.01609`

.reloc

MD5	`1e07b7ea8ffa57f3a1ca643fd2c7661d`
SHA1	`2778ece24d36ffe0386e94bbfcd6db9e9d1b3d2d`
SHA256	`5888234fd02a0485398c96b5d6a304bb5782f8d9868aa419bdc682462ad6a96c`
SHA3	`04451fc58b8fc97b197aaa18aa4fda072c35ae28725fe2df9805b7d0912aae46`
VirtualSize	`0xdbc`
VirtualAddress	`0x10000`
SizeOfRawData	`0x1000`
PointerToRawData	`0xf000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`3.62968`

Imports

ogg.dll	`ogg_sync_clear` `ogg_stream_init` `ogg_sync_wrote` `ogg_sync_buffer` `ogg_sync_init` `ogg_stream_packetout` `ogg_stream_pagein` `ogg_stream_reset_serialno` `ogg_page_serialno` `ogg_sync_pageseek` `ogg_sync_reset` `ogg_page_granulepos` `ogg_page_eos` `ogg_stream_reset` `ogg_page_continued` `ogg_stream_packetpeek` `ogg_stream_clear`
vorbis.dll	`vorbis_synthesis_headerin` `vorbis_block_clear` `vorbis_comment_init` `vorbis_info_clear` `vorbis_comment_clear` `vorbis_info_init` `vorbis_packet_blocksize` `vorbis_synthesis_halfrate` `vorbis_synthesis_halfrate_p` `vorbis_synthesis_restart` `vorbis_synthesis_read` `vorbis_synthesis_pcmout` `vorbis_synthesis_blockin` `vorbis_synthesis_trackonly` `vorbis_info_blocksize` `vorbis_block_init` `vorbis_synthesis_init` `vorbis_synthesis` `_analysis_output_always` `vorbis_synthesis_lapout` `vorbis_window` `vorbis_dsp_clear`
KERNEL32.dll	`RtlUnwind` `LCMapStringW` `LCMapStringA` `GetStringTypeW` `GetStringTypeA` `MultiByteToWideChar` `LoadLibraryA` `GetOEMCP` `GetACP` `GetCPInfo` `InterlockedIncrement` `InterlockedDecrement` `FlushFileBuffers` `SetStdHandle` `WriteFile` `GetEnvironmentStringsW` `GetEnvironmentStrings` `WideCharToMultiByte` `FreeEnvironmentStringsW` `FreeEnvironmentStringsA` `GetModuleFileNameA` `GetCurrentProcess` `TerminateProcess` `GetModuleHandleA` `GetProcAddress` `RaiseException` `HeapFree` `HeapAlloc` `HeapReAlloc` `GetCommandLineA` `GetVersion` `HeapDestroy` `HeapCreate` `VirtualFree` `InitializeCriticalSection` `DeleteCriticalSection` `EnterCriticalSection` `LeaveCriticalSection` `ExitProcess` `VirtualAlloc` `GetCurrentThreadId` `TlsSetValue` `TlsAlloc` `TlsFree` `SetLastError` `TlsGetValue` `GetLastError` `SetHandleCount` `GetStdHandle` `GetFileType` `GetStartupInfoA` `SetFilePointer` `CloseHandle` `ReadFile`

Delayed Imports

ov_bitrate

Ordinal	`1`
Address	`0x1ec0`

ov_bitrate_instant

Ordinal	`2`
Address	`0x2020`

ov_clear

Ordinal	`3`
Address	`0x1000`

ov_comment

Ordinal	`4`
Address	`0x3520`

ov_crosslap

Ordinal	`5`
Address	`0x3970`

ov_halfrate

Ordinal	`6`
Address	`0x1d10`

ov_halfrate_p

Ordinal	`7`
Address	`0x1dd0`

ov_info

Ordinal	`8`
Address	`0x34e0`

ov_open

Ordinal	`9`
Address	`0x1ca0`

ov_open_callbacks

Ordinal	`10`
Address	`0x1100`

ov_pcm_seek

Ordinal	`11`
Address	`0x2b60`

ov_pcm_seek_lap

Ordinal	`12`
Address	`0x3fb0`

ov_pcm_seek_page

Ordinal	`13`
Address	`0x2570`

ov_pcm_seek_page_lap

Ordinal	`14`
Address	`0x3fd0`

ov_pcm_tell

Ordinal	`15`
Address	`0x33d0`

ov_pcm_total

Ordinal	`16`
Address	`0x2150`

ov_raw_seek

Ordinal	`17`
Address	`0x2250`

ov_raw_seek_lap

Ordinal	`18`
Address	`0x3e40`

ov_raw_tell

Ordinal	`19`
Address	`0x33b0`

ov_raw_total

Ordinal	`20`
Address	`0x20d0`

ov_read

Ordinal	`21`
Address	`0x3560`

ov_read_float

Ordinal	`22`
Address	`0x38d0`

ov_seekable

Ordinal	`23`
Address	`0x1eb0`

ov_serialnumber

Ordinal	`24`
Address	`0x2090`

ov_streams

Ordinal	`25`
Address	`0x1ea0`

ov_test

Ordinal	`26`
Address	`0x1e30`

ov_test_callbacks

Ordinal	`27`
Address	`0x1df0`

ov_test_open

Ordinal	`28`
Address	`0x1e80`

ov_time_seek

Ordinal	`29`
Address	`0x31b0`

ov_time_seek_lap

Ordinal	`30`
Address	`0x3ff0`

ov_time_seek_page

Ordinal	`31`
Address	`0x32b0`

ov_time_seek_page_lap

Ordinal	`32`
Address	`0x4160`

ov_time_tell

Ordinal	`33`
Address	`0x33f0`

ov_time_total

Ordinal	`34`
Address	`0x21c0`

Version Info

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x5a1c7536`
Unmarked objects	`0`
C++ objects (VS98 build 8168)	`1`
14 (7299)	`21`
Total imports	`110`
19 (8034)	`2`
C objects (VS98 build 8168)	`94`
Linker (VS98 build 8168)	`6`

Errors

Leave a comment

No comments yet.