dcdc109069b6e0d80d776c143fecde3f

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 1992-Jun-19 22:22:17
Detected languages English - United States

Plugin Output

Suspicious PEiD Signature: dUP 2.x Patcher --> www.diablo2oo2.cjb.net
dUP 2.x Patcher -> www.diablo2oo2.cjb.net
Suspicious Strings found in the binary may indicate undesirable behavior: Contains references to system / monitoring tools:
  • regedit.exe
 Contains references to internet browsers:
  • IEXPLORE.EXE
  • chrome.exe
  • firefox.exe
 Contains another PE executable:
  • This program cannot be run in DOS mode.
 Miscellaneous malware strings:
  • cmd.exe
 Contains domain names:
  • http://koti.mbnet.fi
  • http://koti.mbnet.fi/vaultec/
  • http://www.softpedia.com
  • http://www.softpedia.com/get/PORTABLE-SOFTWARE/Security/Password-Managers---Generators/IDM-Password-Decryptor-Portable.shtml
  • http://www.softpedia.com/get/PORTABLE-SOFTWARE/System/Backup-and-Recovery/Portable-IDM-Backup-Manager.shtml
  • https://www.internetdownloadmanager.com
  • https://www.internetdownloadmanager.com/register/new_faq/functions7.html
  • internetdownloadmanager.com
  • softpedia.com
  • www.internetdownloadmanager.com
  • www.softpedia.com
Suspicious The PE contains functions most legitimate programs don't use. Functions which can be used for anti-debugging purposes:
  • FindWindowA
 Can access the registry:
  • RegQueryValueExA
  • RegOpenKeyExA
  • RegCloseKey
  • RegSetValueExW
  • RegQueryValueExW
  • RegOpenKeyExW
 Possibly launches other programs:
  • WinExec
  • CreateProcessW
  • ShellExecuteW
  • ShellExecuteA
 Can create temporary files:
  • GetTempPathW
  • CreateFileW
  • CreateFileA
 Checks if it has admin rights:
  • IsUserAnAdmin
Malicious The PE header may have been manually modified. Resource UNSIGNER detected as a PE Executable.
The resource timestamps differ from the PE header:
  • 2022-Apr-14 01:47:28
Malicious VirusTotal score: 46/71 (Scanned on 2023-05-14 22:52:54) Bkav: W32.AIDetectMalware
Lionic: Trojan.Win32.Generic.4!c
Cynet: Malicious (score: 100)
Cylance: unsafe
Zillya: Tool.Crack.Win32.4961
Sangfor: Trojan.Win32.Save.a
K7AntiVirus: Unwanted-Program ( 00517dbc1 )
K7GW: Unwanted-Program ( 00517dbc1 )
Cybereason: malicious.069b6e
Cyren: W32/ABRisk.POTB-5362
Symantec: PUA.Keygen
Elastic: malicious (high confidence)
ESET-NOD32: a variant of Win32/HackTool.Crack.FO potentially unsafe
APEX: Malicious
Paloalto: generic.ml
Avast: Win32:MiscX-gen [PUP]
TrendMicro: Trojan.Win32.BIANLIAN.YXCIHZ
McAfee-GW-Edition: BehavesLike.Win32.Wabot.lh
Trapmine: malicious.high.ml.score
FireEye: Generic.mg.dcdc109069b6e0d8
Sophos: Generic Reputation PUA (PUA)
Ikarus: Trojan-GameThief.Win32.OnLineGames
Webroot: W32.Malware.Gen
MAX: malware (ai score=99)
Antiy-AVL: GrayWare/Win32.Presenoker
Microsoft: HackTool:Win32/Agent
Gridinsoft: Trojan.Win32.Agent.cl
Xcitium: ApplicUnwnt@#2gep82bydwcs9
SUPERAntiSpyware: Hack.Tool/Gen-Crack
GData: Win32.Application.Agent.CP92WF
Google: Detected
AhnLab-V3: HackTool/Win.Agent.R550111
McAfee: RDN/Generic PUP.z
TACHYON: Trojan/W32.DP-Agent.76288.R
VBA32: BScope.Trojan.Bitrep
Malwarebytes: Crack.Trojan.HackTool.DDS
Panda: PUP/Crack
TrendMicro-HouseCall: Trojan.Win32.BIANLIAN.YXCIHZ
Rising: HackTool.Crack!8.38F (TFE:5:8LCIRMtZgKG)
Yandex: Trojan.GenAsa!goBHvcP+dPg
MaxSecure: Trojan.Malware.185080952.susgen
Fortinet: Riskware/Crack
BitDefenderTheta: Gen:NN.ZelphiF.36196.eGW@aqV7IDni
AVG: Win32:MiscX-gen [PUP]
DeepInstinct: MALICIOUS
CrowdStrike: win/grayware_confidence_100% (W)

Hashes

MD5 dcdc109069b6e0d80d776c143fecde3f
SHA1 761589c94ba8c2fd57d3ae9666a0fdc0d1b72eb5
SHA256 fe44f050ab9ea33f87acef449ed57157a331a19956207d6243522676c894e284
SHA3 41b6bef856655e59ec3cfa387712b06e1863cd03cf8c29448cc62428b9c0a95b
SSDeep 768:Jfs8N18U/TZklIrB/zkHsXaH61xxpBf/0y1gGAT/ZHgf4sMM34zCT1Ty:lrf9kY7kyaE8DzjCf4sMM0CFy
Imports Hash 8d06472751a48003a4a3909de9a29f53

DOS Header

e_magic MZ
e_cblp 0x50
e_cp 0x2
e_crlc 0
e_cparhdr 0x4
e_minalloc 0xf
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0x1a
e_oemid 0
e_oeminfo 0
e_lfanew 0x100

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 8
TimeDateStamp 1992-Jun-19 22:22:17
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 2.0
SizeOfCode 0x7e00
SizeOfInitializedData 0xa800
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000089C4 (Section: CODE)
BaseOfCode 0x1000
BaseOfData 0x9000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x18000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
SizeofStackReserve 0x100000
SizeofStackCommit 0x4000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

CODE

MD5 98a771451d98f5cd26f8f3b4ce0fd18d
SHA1 1667f18da5c6e8121650123ad626d323677097eb
SHA256 91eef25f7cc5de23faf6aa4bcc0bb93a7a161422961ea89f883222e4619da72c
SHA3 ca039bb917ff7172d20509d629885980d1ac00a3a2a2e719a3bf65d3d9e99bf7
VirtualSize 0x7c8c
VirtualAddress 0x1000
SizeOfRawData 0x7e00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.35511

DATA

MD5 d6c6456ab7c441389a74a8f41e9d3a0f
SHA1 f11b82ae994ae7c221451131e17dcd34fe50acf8
SHA256 599e1b4a0a1af6d5239e8744441caecc46d5efce78311c8333cc17e8eae2e082
SHA3 2e8dc5597496e6b922ca72ed6ca63a3daba08505fb04331ef49a68174832214d
VirtualSize 0x47c
VirtualAddress 0x9000
SizeOfRawData 0x600
PointerToRawData 0x8200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.78158

BSS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x691
VirtualAddress 0xa000
SizeOfRawData 0
PointerToRawData 0x8800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata

MD5 fbad136cfa6e215a86bd65b1ed12573e
SHA1 35b012f73fef2ff97cb53e497d6aaf308d90a3fc
SHA256 8a0067a5b0301e24483516f69b58777bc4ea8a23a4254f912d23ff72d9e450d0
SHA3 dacb7bc62124613fae5ac9eb3a5b1443529f12eec60d2adbcad8e60b9576f0c6
VirtualSize 0xa3a
VirtualAddress 0xb000
SizeOfRawData 0xc00
PointerToRawData 0x8800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.18345

.tls

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x8
VirtualAddress 0xc000
SizeOfRawData 0
PointerToRawData 0x9400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata

MD5 d61303205e73ca096826f93772cb8a34
SHA1 489996058c68b3afbea98f27af782cf2e2cc7568
SHA256 0b96500eb2ee862b46b2ded8e7c603dd0d950086182f68033674f87af0bd8431
SHA3 b7ff1bbdec54348054e176781d962335438b541f485857e17b6b7c06e77fd7ef
VirtualSize 0x18
VirtualAddress 0xd000
SizeOfRawData 0x200
PointerToRawData 0x9400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_SHARED
Entropy 0.204488

.reloc

MD5 e9d7d59a805beb3e93e9f50376f2a3b3
SHA1 b13765af477912d6d28dfac0d09bea1ed54149ae
SHA256 1045b043d2aa9468d5a0a2b76051198eb138571b555d2e5d38fb3946a86f259a
SHA3 f8790faaa9f01dd78a27a40ce9ac862ce56fa35aafc4e87923f3a10e2b7d6bdc
VirtualSize 0x718
VirtualAddress 0xe000
SizeOfRawData 0x800
PointerToRawData 0x9600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_SHARED
Entropy 6.27072

.rsrc

MD5 734fa21f09146b2bb3cff37f58cedaa7
SHA1 87b72ff7806cfb2273738a27ee47f759fc059085
SHA256 25bb223c2bbe5b1f9a7d4d06c5be726b55f901afc2d523cc0e2a78e4680bed60
SHA3 c42522002ff95135b021cded74d419beab42d0736398b07b8abd7ddf6881057f
VirtualSize 0x8c00
VirtualAddress 0xf000
SizeOfRawData 0x8c00
PointerToRawData 0x9e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_SHARED
Entropy 6.1177

Imports

kernel32.dll DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
ExitProcess
CreateThread
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
user32.dll GetKeyboardType
MessageBoxA
CharNextA
advapi32.dll RegQueryValueExA
RegOpenKeyExA
RegCloseKey
oleaut32.dll SysFreeString
SysReAllocStringLen
SysAllocStringLen
kernel32.dll (#2) DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
ExitProcess
CreateThread
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
advapi32.dll (#2) RegQueryValueExA
RegOpenKeyExA
RegCloseKey
kernel32.dll (#3) DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
ExitProcess
CreateThread
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
gdi32.dll SetTextColor
SetBkColor
user32.dll (#2) GetKeyboardType
MessageBoxA
CharNextA
shell32.dll ShellExecuteExA
shell32.dll (#2) ShellExecuteExA

Delayed Imports

BATCLEN

Type BINRES
Language English - United States
Codepage UNKNOWN
Size 0x2c6d
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.76831
MD5 8b673eee3ede90fa71a7c636f5fa4afe
SHA1 6d289f878736afbfaccc60f245621af3915f5525
SHA256 0187e89585143e50537e3ec23789b4aeed78aab657ee8d7a7e6b06e03dba2096
SHA3 7434e95667a7f450de051b46ff9028d83b00d5f547bdaed862c066f930a96c68

CLEAN

Type BINRES
Language English - United States
Codepage UNKNOWN
Size 0x1a22
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.50066
MD5 5e7c73fecfdc71e75a35231c2e941e4f
SHA1 efd53834b15078d68507c11470adc81340708d79
SHA256 1e13c1062b2956f073b3abf363d6ab6ca45c52ab79bab175c21cc609c845c207
SHA3 26a9e8ff4911952f5642ae38d790e86eecb5e6ce9a864b6000ea998311748890

CRKRST

Type BINRES
Language UNKNOWN
Codepage UNKNOWN
Size 0x112
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.02225
MD5 25f3b2262e92449c5d9e7fa2b8f7d171
SHA1 5a56bb8277e1b0aff566ab9e19dd89a159752940
SHA256 e76b171fe79f4f24809d709aaf0440873993b9583cbeef9829f327bbda51aaeb
SHA3 a5c26cd6d547a8df7219fda9ee3b049ee5a0c3d9af892d9a4558b5fb0aefcb10

HEAD

Type BINRES
Language UNKNOWN
Codepage UNKNOWN
Size 0x31e
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.36471
MD5 c9f46ce1c43c5690159ffd1544e7cd65
SHA1 a7b9dd7ea8a68408f0e9f1e6fb81b1412c8da4ba
SHA256 fefb9f428921baca4d0e6101c527cebb3a4c6c8e44406bfa20e96d634a7b126d
SHA3 e9a69e1255b9cd1f9635226252b0d1559a3b2ef5446214b74482df9839b370db

IDMBAK

Type BINRES
Language UNKNOWN
Codepage UNKNOWN
Size 0x143
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 4.898
MD5 9541ed9ee1530ed742d75acdd23f57fc
SHA1 595a914910303a13ceca86e5495a21d897e46954
SHA256 81e4324156c1237002ec96ab162187b026a8e51fe828b24f027eb4ab478c374c
SHA3 3543bd877da005a56712d1fa459842113b32cb672c473c08bb73955ef2c133d5

IDMREG

Type BINRES
Language UNKNOWN
Codepage UNKNOWN
Size 0x280
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.16471
MD5 3320960abf4e179e6f0209d60982b028
SHA1 c3e554a472244e13d4b8a426782d418e49f375ed
SHA256 6c0fa346879b63eb5b64f552dcc433a86d28f86e54a6fd027eebfa26d9cb5301
SHA3 a9f21d30e74edbe1b478c133bb262c06556d6242e8cdc8abfcb3b6bec0880a36

IDMSPD

Type BINRES
Language UNKNOWN
Codepage UNKNOWN
Size 0x3a6
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.07133
MD5 5eff73e8838586c0ba8db20dbda6d637
SHA1 6b1f995470986c35f47786c2db7d333738ff12ac
SHA256 9a858fe69a74e2e4517e9c64da6cc596355d6f80c1998caa920bfa7346f51bbd
SHA3 6c74da14e440033e7535bb141db05688852e2dc9c54e7f0cd6acff3a37439710

SELFDEL

Type BINRES
Language UNKNOWN
Codepage UNKNOWN
Size 0x37
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 4.48118
MD5 cc01f6b92b77682f7f45c48b10791391
SHA1 fb313c691a2bd4e71b8767c6b75d52274586fb61
SHA256 714fd053e67fa99f02ff051f8cb6c53f5ec096ba282fe27e4dbae7c39bb826a1
SHA3 d9743801dc8695456826959c476b28cabc73c3adf94e65c3aa8101ac4c6846a8

UNSIGNER

Type BINRES
Language UNKNOWN
Codepage UNKNOWN
Size 0x2400
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.00944
Detected Filetype PE Executable
MD5 b69afe73ccfa949818fcd721bd32d8b3
SHA1 3e961e7bd9cb456b6778668dee98afa2cf8782dd
SHA256 a9a6e074eaf2c90325a84797c24d17ed755d79ce0e608ce54fe584fa54ed9ecc
SHA3 2882fe517ee339d46544a4834ff680a4d35a474c7cbd48be4aaee4e4442aa1c9

UPDT

Type BINRES
Language UNKNOWN
Codepage UNKNOWN
Size 0x3d2
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.4452
MD5 11d0034eb00ad20ece527bb71875bcbc
SHA1 52215fd6585afd3afd9657231215efefa7a74ea7
SHA256 d5d58c1288265fd44f62b50fb6975903ee9e29221d1590f7f033c4009409c9fa
SHA3 d0672c80eca01680bfd04faa50ee9b7cf270f8ded61585d0ea70c9d31a67f21c

1

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 1.96237
MD5 40fdaec38f1a963cc6cc516d07d0fc75
SHA1 3125f7180443836a3dc965bbf21d76217b88f9a0
SHA256 c7895ea64e2cae0a1abc529deb762a477a41461a38d20c85362b59c0208eadcf
SHA3 34be37c0b64f1945d2f0380110504e6df36b0f7fdba1619f234b72726f006f76

101

Type RT_DIALOG
Language UNKNOWN
Codepage UNKNOWN
Size 0x178
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 3.23595
MD5 8c6b2e5d6646a0764c5b84311f1744e7
SHA1 ca4ac4a78274dbbaaf71b18e96619c05491c27f7
SHA256 315b0fad05063a507cadbef411882e82a6483a0a7f6a4a80ce3c741b6c3ef3c8
SHA3 06347a1d93fadfe83a1f1ee0f6a6573ff0471f66f91e9bd9b3739be05b117cb9

DVCLAL

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x10
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 4
MD5 d8090aba7197fbf9c7e2631c750965a8
SHA1 04f73efb0801b18f6984b14cd057fb56519cd31b
SHA256 88d14cc6638af8a0836f6d868dfab60df92907a2d7becaefbbd7e007acb75610
SHA3 a5a67ad8166061d38fc75cfb2c227911de631166c6531a6664cd49cfb207e8bb

PACKAGEINFO

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x64
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 4.57243
MD5 427bad538591c3254ade66990197aa01
SHA1 36fd87b6ecfbce60922c3b131a18bb9dead59fe5
SHA256 81203b2da3a9169eb5a07b2e9f5e62d80306aab5c3751f277541d15f02a30f68
SHA3 7a6742a07d81937bfd6cbcd883511171b4b0e4b21129de585927000098a58b7f

MAINICON

Type RT_GROUP_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x14
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 2.16096
Detected Filetype Icon file
MD5 42cf62b780813706e75fb9f2b2e8c258
SHA1 a022d5c1cfdd8aace0089f3e72f2eedd41bda464
SHA256 a0c9d012e2bf6b2fe05c2d97cb5594d97cf2f539e97935c12abd7a3562f4d9bf
SHA3 0aafc8e3d8b6bde595537da4ffe0efc5fe53f01dafe336a2a5828b6a71283d3c

1 (#2)

Type RT_MANIFEST
Language UNKNOWN
Codepage UNKNOWN
Size 0x691
TimeDateStamp 2022-Apr-14 01:47:28
Entropy 5.03348
MD5 c9448541f24100ba334219eb0ae3fe1f
SHA1 09fbebe9249b02e7fe58ece0d1c62312d494328a
SHA256 955eac893c9afd4de61ef83507f2e247be93336459d5b511e0476c308fc2d360
SHA3 8f7b8eeb7e9c9227d5a142732e9d5a62e407e1b2ae6577cd464b7b4df4874ff1

Version Info

TLS Callbacks

StartAddressOfRawData 0x40c000
EndAddressOfRawData 0x40c008
AddressOfIndex 0x409088
AddressOfCallbacks 0x40d010
SizeOfZeroFill 0
Characteristics IMAGE_SCN_TYPE_REG
Callbacks (EMPTY)

Load Configuration

RICH Header

Errors

[*] Warning: Section BSS has a size of 0! [*] Warning: Section .tls has a size of 0!