c07454475fc61d4f1e27c9976e83e95ca3abf15bf5a37d7c4749bea1c7500ca8

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
Compilation Date 2026-Mar-02 12:53:01
Detected languages English - United States
Debug artifacts C:\Users\zlinkur\Documents\Formations\Kaspersky\Reverser101\xtraining-re101\Track 02\Code 1\Release\Track 1.pdb

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ 8.0
Suspicious No VirusTotal score. This file has never been scanned on VirusTotal.

Hashes

MD5 161c493656aa211fe1e7c48e0a545464
SHA1 0fba241e1c039de85324b1118bbc7d80b839aa43
SHA256 c07454475fc61d4f1e27c9976e83e95ca3abf15bf5a37d7c4749bea1c7500ca8
SHA3 46d604b9c1247f42facef085abae03b88f9b8c815f13b006b95e2ae17122b382
SSDeep 192:QAq8FKpo8gXk4HaWH9PMqgst07E5pz6OQ3l3FN:7q8p80k4Ha8UjsW77h
Imports Hash 7c8b7bbcddc96d64a76c687c6f591ee4

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x100

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2026-Mar-02 12:53:01
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x1000
SizeOfInitializedData 0x1400
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000012EC (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x2000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x6000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_CUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 0a749b1adcc62b0b716b7000c2d634f7
SHA1 2a786672b762ffc49c2c5448c821d14e3a66e9bf
SHA256 c98c9ac27f4bd3d7ebf5e439b2b0daa107c2625366c5d96add51e236264c6929
SHA3 d7cdfac5564262590a03c5c1906550c4846661f81fc58e883164fb543c5c7b66
VirtualSize 0xe59
VirtualAddress 0x1000
SizeOfRawData 0x1000
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.87115

.rdata

MD5 7796d35a1e36426527deaa4aafb7de27
SHA1 e0e615c3932739b1d463f32494255426f5477e18
SHA256 6c3a568115470fe2ea95aa22a5eed77e87b3a19191dfbb02cebbf712b2688e99
SHA3 51bb02227048602e94f22fdd6e5324991c7ab2e3163be6050ad0ef5811521a7d
VirtualSize 0xb8e
VirtualAddress 0x2000
SizeOfRawData 0xc00
PointerToRawData 0x1400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.63171

.data

MD5 f83fcceec5f501767bbb7f370072316c
SHA1 b280a1548eeeed34a698e4093afde92e6d0ed251
SHA256 2ef0b5f063fd979b4a7f8bede02e6915a49e97db4d9ef3b90ba049668ba003ce
SHA3 6117258c4fef6ccea01903b16671bc7705910440462031a206a30a38690b5c3c
VirtualSize 0x3e0
VirtualAddress 0x3000
SizeOfRawData 0x200
PointerToRawData 0x2000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0.603903

.rsrc

MD5 8d096de51d16180d98ba04bad2632f19
SHA1 ad9bd665ebf9360b8f94274ae4444943cfb7f8d5
SHA256 be30993728cf7b6046d5c0511706c3272da7548620bf079e9dc854ef47dfc4e2
SHA3 9f696717be3cf0b0e6cc6aa6dd11c3beb00b278baedd4b617bc99bd1670c45f7
VirtualSize 0x1e0
VirtualAddress 0x4000
SizeOfRawData 0x200
PointerToRawData 0x2200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.7015

.reloc

MD5 1ed95ba089d4c40689324d75e8143181
SHA1 5e7f4fcda11a915768cf7ba32712fa0e03ec4177
SHA256 fabdb671209a7a658dfc3514ce8b37c44019da031923c76ee56191555e014fc2
SHA3 dd76a71d78fa6b824cb2194593385cc765cdd6219cf73160086dc47f9f90df4b
VirtualSize 0x188
VirtualAddress 0x5000
SizeOfRawData 0x200
PointerToRawData 0x2400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.29785

Imports

VCRUNTIME140.dll __current_exception_context
__current_exception
memset
_except_handler4_common
api-ms-win-crt-stdio-l1-1-0.dll __stdio_common_vfprintf
__acrt_iob_func
__p__commode
_set_fmode
api-ms-win-crt-runtime-l1-1-0.dll _c_exit
_seh_filter_exe
_initialize_onexit_table
_cexit
_crt_atexit
_controlfp_s
terminate
_set_app_type
_register_thread_local_exe_atexit_callback
__p___argv
_register_onexit_function
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__p___argc
api-ms-win-crt-math-l1-1-0.dll __setusermatherr
api-ms-win-crt-locale-l1-1-0.dll _configthreadlocale
api-ms-win-crt-heap-l1-1-0.dll _set_new_mode
KERNEL32.dll GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
UnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Delayed Imports

1

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x17d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.91161
MD5 1e4a89b11eae0fcf8bb5fdd5ec3b6f61
SHA1 4260284ce14278c397aaf6f389c1609b0ab0ce51
SHA256 4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df
SHA3 4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2026-Mar-02 12:53:01
Version 0.0
SizeofData 136
AddressOfRawData 0x22b0
PointerToRawData 0x16b0
Referenced File C:\Users\zlinkur\Documents\Formations\Kaspersky\Reverser101\xtraining-re101\Track 02\Code 1\Release\Track 1.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2026-Mar-02 12:53:01
Version 0.0
SizeofData 20
AddressOfRawData 0x2338
PointerToRawData 0x1738

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2026-Mar-02 12:53:01
Version 0.0
SizeofData 620
AddressOfRawData 0x234c
PointerToRawData 0x174c

IMAGE_DEBUG_TYPE_ILTCG

Characteristics 0
TimeDateStamp 2026-Mar-02 12:53:01
Version 0.0
SizeofData 0
AddressOfRawData 0
PointerToRawData 0

TLS Callbacks

Load Configuration

Size 0xc0
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x403000
SEHandlerTable 0x402240
SEHandlerCount 1

RICH Header

XOR Key 0xff2e6f07
Unmarked objects 0
Imports (VS2008 SP1 build 30729) 10
Imports (35207) 3
ASM objects (35207) 1
C objects (35207) 12
C++ objects (35207) 19
Imports (33145) 2
Total imports 47
C objects (LTCG) (35221) 1
Resource objects (35221) 1
Linker (35221) 1

Errors

Leave a comment

No comments yet.