пятница, 25 мая 2012 г.
fc5df003ff2f2ec2aa3d4b552dcac112
FileName: 376320_fc5df003ff2f2ec2aa3d4b552dcac112.exe
Size : 376320
Md5 : fc5df003ff2f2ec2aa3d4b552dcac112
PEiD : None
Virus Total Result:
FileInfo:
----------DOS_HEADER----------
[IMAGE_DOS_HEADER]
0x0 0x0 e_magic: 0x5A4D
0x2 0x2 e_cblp: 0x50
0x4 0x4 e_cp: 0x2
0x6 0x6 e_crlc: 0x0
0x8 0x8 e_cparhdr: 0x4
0xA 0xA e_minalloc: 0xF
0xC 0xC e_maxalloc: 0xFFFF
0xE 0xE e_ss: 0x0
0x10 0x10 e_sp: 0xB8
0x12 0x12 e_csum: 0x0
0x14 0x14 e_ip: 0x0
0x16 0x16 e_cs: 0x0
0x18 0x18 e_lfarlc: 0x40
0x1A 0x1A e_ovno: 0x1A
0x1C 0x1C e_res:
0x24 0x24 e_oemid: 0x0
0x26 0x26 e_oeminfo: 0x0
0x28 0x28 e_res2:
0x3C 0x3C e_lfanew: 0x7C
----------NT_HEADERS----------
[IMAGE_NT_HEADERS]
0x7C 0x0 Signature: 0x4550
----------FILE_HEADER----------
[IMAGE_FILE_HEADER]
0x80 0x0 Machine: 0x14C
0x82 0x2 NumberOfSections: 0x4
0x84 0x4 TimeDateStamp: 0x4EA70F40 [Tue Oct 25 19:34:24 2011 UTC]
0x88 0x8 PointerToSymbolTable: 0x0
0x8C 0xC NumberOfSymbols: 0x0
0x90 0x10 SizeOfOptionalHeader: 0xE0
0x92 0x12 Characteristics: 0x10F
Flags: IMAGE_FILE_LOCAL_SYMS_STRIPPED, IMAGE_FILE_32BIT_MACHINE, IMAGE_FILE_EXECUTABLE_IMAGE, IMAGE_FILE_LINE_NUMS_STRIPPED, IMAGE_FILE_RELOCS_STRIPPED
----------OPTIONAL_HEADER----------
[IMAGE_OPTIONAL_HEADER]
0x94 0x0 Magic: 0x10B
0x96 0x2 MajorLinkerVersion: 0xA
0x97 0x3 MinorLinkerVersion: 0x0
0x98 0x4 SizeOfCode: 0x1C00
0x9C 0x8 SizeOfInitializedData: 0x59E00
0xA0 0xC SizeOfUninitializedData: 0x0
0xA4 0x10 AddressOfEntryPoint: 0x1CB0
0xA8 0x14 BaseOfCode: 0x1000
0xAC 0x18 BaseOfData: 0x3000
0xB0 0x1C ImageBase: 0x1000000
0xB4 0x20 SectionAlignment: 0x1000
0xB8 0x24 FileAlignment: 0x200
0xBC 0x28 MajorOperatingSystemVersion: 0x4
0xBE 0x2A MinorOperatingSystemVersion: 0x0
0xC0 0x2C MajorImageVersion: 0x0
0xC2 0x2E MinorImageVersion: 0x0
0xC4 0x30 MajorSubsystemVersion: 0x4
0xC6 0x32 MinorSubsystemVersion: 0x0
0xC8 0x34 Reserved1: 0x0
0xCC 0x38 SizeOfImage: 0xA6000
0xD0 0x3C SizeOfHeaders: 0x1000
0xD4 0x40 CheckSum: 0x0
0xD8 0x44 Subsystem: 0x2
0xDA 0x46 DllCharacteristics: 0x0
0xDC 0x48 SizeOfStackReserve: 0x100000
0xE0 0x4C SizeOfStackCommit: 0x1000
0xE4 0x50 SizeOfHeapReserve: 0x100000
0xE8 0x54 SizeOfHeapCommit: 0x1000
0xEC 0x58 LoaderFlags: 0x0
0xF0 0x5C NumberOfRvaAndSizes: 0x10
DllCharacteristics:
----------PE Sections----------
[IMAGE_SECTION_HEADER]
0x174 0x0 Name: .text
0x17C 0x8 Misc: 0x1B1C
0x17C 0x8 Misc_PhysicalAddress: 0x1B1C
0x17C 0x8 Misc_VirtualSize: 0x1B1C
0x180 0xC VirtualAddress: 0x1000
0x184 0x10 SizeOfRawData: 0x1C00
0x188 0x14 PointerToRawData: 0x400
0x18C 0x18 PointerToRelocations: 0x0
0x190 0x1C PointerToLinenumbers: 0x0
0x194 0x20 NumberOfRelocations: 0x0
0x196 0x22 NumberOfLinenumbers: 0x0
0x198 0x24 Characteristics: 0x60000020
Flags: IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Entropy: 3.670612 (Min=0.0, Max=8.0)
MD5 hash: d22560f977738fc7c09f25be07635bd7
SHA-1 hash: a22bdde7c11079211b009253ef85f56d18a63800
SHA-256 hash: 4eeb1c7c9cc01b38d3e31d87906ae0be796aead5538cb04f2253ceb191c2b6cc
SHA-512 hash: 454d74e291a87bca9852b30d3c8fcedcab77d9c05162497c5d8df3eab29ca21d954c5aefa22577f707b68111024122d549cc5ac88abe23ccc92c4916ec5b9ff2
[IMAGE_SECTION_HEADER]
0x19C 0x0 Name: .rdata
0x1A4 0x8 Misc: 0x49000
0x1A4 0x8 Misc_PhysicalAddress: 0x49000
0x1A4 0x8 Misc_VirtualSize: 0x49000
0x1A8 0xC VirtualAddress: 0x3000
0x1AC 0x10 SizeOfRawData: 0x600
0x1B0 0x14 PointerToRawData: 0x2000
0x1B4 0x18 PointerToRelocations: 0x0
0x1B8 0x1C PointerToLinenumbers: 0x0
0x1BC 0x20 NumberOfRelocations: 0x0
0x1BE 0x22 NumberOfLinenumbers: 0x0
0x1C0 0x24 Characteristics: 0xC0000040
Flags: IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
Entropy: 3.825913 (Min=0.0, Max=8.0)
MD5 hash: 6486c2d98790f1d7a347b8c557b1dcbb
SHA-1 hash: 8c7a6896c35f5b70e11167150d7d6764cb0271a6
SHA-256 hash: ff6173467cc4ca5e25927dd67aed28e9fe6a0018abff860aebb5acfcf223f6ea
SHA-512 hash: 67eae49074ab7d0d4fe8b5d85f6f73d18942e29993dad8188535485c57a680e30a131854dd6ad7b04fdc12ad673cf928411ff5298267a08072c9ac6c8a40864f
[IMAGE_SECTION_HEADER]
0x1C4 0x0 Name: .data
0x1CC 0x8 Misc: 0x49000
0x1CC 0x8 Misc_PhysicalAddress: 0x49000
0x1CC 0x8 Misc_VirtualSize: 0x49000
0x1D0 0xC VirtualAddress: 0x4C000
0x1D4 0x10 SizeOfRawData: 0x48E00
0x1D8 0x14 PointerToRawData: 0x2600
0x1DC 0x18 PointerToRelocations: 0x0
0x1E0 0x1C PointerToLinenumbers: 0x0
0x1E4 0x20 NumberOfRelocations: 0x0
0x1E6 0x22 NumberOfLinenumbers: 0x0
0x1E8 0x24 Characteristics: 0xC0000040
Flags: IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
Entropy: 7.764565 (Min=0.0, Max=8.0)
MD5 hash: 07b889e2c4cb66a4ebbb61be9f990da7
SHA-1 hash: dba6f732b2d44243c8d80f756f27e7e054f45038
SHA-256 hash: 0275ecac8a3136a00f1112bf652cf55c93c42075f89249f5a1061a2720979c05
SHA-512 hash: 7579eb7566429424a0bb37c396b5795c55d2218e765b370618e3cf064568267ad290d97aac9551c00871d5299595f218fbad0bd37ce12bf3d266867689a438ca
[IMAGE_SECTION_HEADER]
0x1EC 0x0 Name: .rsrc
0x1F4 0x8 Misc: 0x108DC
0x1F4 0x8 Misc_PhysicalAddress: 0x108DC
0x1F4 0x8 Misc_VirtualSize: 0x108DC
0x1F8 0xC VirtualAddress: 0x95000
0x1FC 0x10 SizeOfRawData: 0x10A00
0x200 0x14 PointerToRawData: 0x4B400
0x204 0x18 PointerToRelocations: 0x0
0x208 0x1C PointerToLinenumbers: 0x0
0x20C 0x20 NumberOfRelocations: 0x0
0x20E 0x22 NumberOfLinenumbers: 0x0
0x210 0x24 Characteristics: 0x40000040
Flags: IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
Entropy: 3.985287 (Min=0.0, Max=8.0)
MD5 hash: dc33ce70bdf777f41b0b2f63ce76b5fb
SHA-1 hash: f367a995291b7b7cf8ca85a4ef4775cb7219c1c9
SHA-256 hash: 1e313db37947a4c2c9e933279a650a88372295209a2d4006187bf0cd4b2938cf
SHA-512 hash: 243b40d8d161de797e34d9564dd73c0e4d82055e273aa087a82e82720ea5d231d0bc396956ad64b0cccc8eab123ddc0fdf4e2660018f354b7e81482d714a4d37
----------Directories----------
[IMAGE_DIRECTORY_ENTRY_EXPORT]
0xF4 0x0 VirtualAddress: 0x0
0xF8 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_IMPORT]
0xFC 0x0 VirtualAddress: 0x30AC
0x100 0x4 Size: 0x64
[IMAGE_DIRECTORY_ENTRY_RESOURCE]
0x104 0x0 VirtualAddress: 0x95000
0x108 0x4 Size: 0x108DC
[IMAGE_DIRECTORY_ENTRY_EXCEPTION]
0x10C 0x0 VirtualAddress: 0x0
0x110 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_SECURITY]
0x114 0x0 VirtualAddress: 0x0
0x118 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_BASERELOC]
0x11C 0x0 VirtualAddress: 0x0
0x120 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_DEBUG]
0x124 0x0 VirtualAddress: 0x0
0x128 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_COPYRIGHT]
0x12C 0x0 VirtualAddress: 0x0
0x130 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_GLOBALPTR]
0x134 0x0 VirtualAddress: 0x0
0x138 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_TLS]
0x13C 0x0 VirtualAddress: 0x0
0x140 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG]
0x144 0x0 VirtualAddress: 0x0
0x148 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT]
0x14C 0x0 VirtualAddress: 0x0
0x150 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_IAT]
0x154 0x0 VirtualAddress: 0x2428
0x158 0x4 Size: 0xAC
[IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT]
0x15C 0x0 VirtualAddress: 0x0
0x160 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR]
0x164 0x0 VirtualAddress: 0x0
0x168 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_RESERVED]
0x16C 0x0 VirtualAddress: 0x0
0x170 0x4 Size: 0x0
----------Imported symbols----------
[IMAGE_IMPORT_DESCRIPTOR]
0x20AC 0x0 OriginalFirstThunk: 0x3110
0x20AC 0x0 Characteristics: 0x3110
0x20B0 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x20B4 0x8 ForwarderChain: 0x0
0x20B8 0xC Name: 0x32FA
0x20BC 0x10 FirstThunk: 0x3000
KERNEL32.dll.PulseEvent Hint[923]
KERNEL32.dll.GlobalUnlock Hint[711]
KERNEL32.dll.Sleep Hint[1203]
KERNEL32.dll.SetLastError Hint[1140]
KERNEL32.dll.FindClose Hint[304]
KERNEL32.dll.CloseHandle Hint[84]
KERNEL32.dll.CreateFileW Hint[141]
KERNEL32.dll.lstrcpyA Hint[1352]
KERNEL32.dll.GetCommandLineA Hint[392]
KERNEL32.dll.LoadLibraryExW Hint[829]
KERNEL32.dll.LocalFree Hint[841]
KERNEL32.dll.GetComputerNameA Hint[398]
KERNEL32.dll.lstrlenA Hint[1358]
KERNEL32.dll.GetModuleHandleA Hint[375]
KERNEL32.dll.UnmapViewOfFile Hint[1239]
KERNEL32.dll.CreateProcessA Hint[166]
KERNEL32.dll.FindResourceW Hint[334]
KERNEL32.dll.HeapCreate Hint[1265]
KERNEL32.dll.GetCurrentThreadId Hint[455]
KERNEL32.dll.GetCurrentDirectoryA Hint[448]
[IMAGE_IMPORT_DESCRIPTOR]
0x20C0 0x0 OriginalFirstThunk: 0x3164
0x20C0 0x0 Characteristics: 0x3164
0x20C4 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x20C8 0x8 ForwarderChain: 0x0
0x20CC 0xC Name: 0x33C4
0x20D0 0x10 FirstThunk: 0x3054
USER32.dll.CallWindowProcA Hint[1531]
USER32.dll.CreateWindowExA Hint[1618]
USER32.dll.GetCaretPos Hint[1775]
USER32.dll.IsWindow Hint[1984]
USER32.dll.SetFocus Hint[1809]
USER32.dll.DrawMenuBar Hint[1710]
USER32.dll.CreateIcon Hint[1609]
USER32.dll.GetDlgItem Hint[1804]
USER32.dll.DispatchMessageA Hint[1683]
USER32.dll.GetDC Hint[1798]
USER32.dll.DrawEdge Hint[1704]
USER32.dll.CheckRadioButton Hint[1574]
USER32.dll.FillRect Hint[1755]
[IMAGE_IMPORT_DESCRIPTOR]
0x20D4 0x0 OriginalFirstThunk: 0x319C
0x20D4 0x0 Characteristics: 0x319C
0x20D8 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x20DC 0x8 ForwarderChain: 0x0
0x20E0 0xC Name: 0x3412
0x20E4 0x10 FirstThunk: 0x308C
RSAENH.dll.CPHashData Hint[17]
RSAENH.dll.CPDeriveKey Hint[4]
RSAENH.dll.CPGenKey Hint[11]
RSAENH.dll.CPSignHash Hint[27]
RSAENH.dll.CPDecrypt Hint[3]
[IMAGE_IMPORT_DESCRIPTOR]
0x20E8 0x0 OriginalFirstThunk: 0x31B4
0x20E8 0x0 Characteristics: 0x31B4
0x20EC 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x20F0 0x8 ForwarderChain: 0x0
0x20F4 0xC Name: 0x3430
0x20F8 0x10 FirstThunk: 0x30A4
MSASN1.dll.ASN1BERDecEoid Hint[16]
----------Resource directory----------
[IMAGE_RESOURCE_DIRECTORY]
0x4B400 0x0 Characteristics: 0x0
0x4B404 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x4B408 0x8 MajorVersion: 0x0
0x4B40A 0xA MinorVersion: 0x0
0x4B40C 0xC NumberOfNamedEntries: 0x0
0x4B40E 0xE NumberOfIdEntries: 0x2
Id: [0x3] (RT_ICON)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x4B410 0x0 Name: 0x3
0x4B414 0x4 OffsetToData: 0x80000020
[IMAGE_RESOURCE_DIRECTORY]
0x4B420 0x0 Characteristics: 0x0
0x4B424 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x4B428 0x8 MajorVersion: 0x0
0x4B42A 0xA MinorVersion: 0x0
0x4B42C 0xC NumberOfNamedEntries: 0x0
0x4B42E 0xE NumberOfIdEntries: 0x1
Id: [0x1]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x4B430 0x0 Name: 0x1
0x4B434 0x4 OffsetToData: 0x80000050
[IMAGE_RESOURCE_DIRECTORY]
0x4B450 0x0 Characteristics: 0x0
0x4B454 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x4B458 0x8 MajorVersion: 0x0
0x4B45A 0xA MinorVersion: 0x0
0x4B45C 0xC NumberOfNamedEntries: 0x0
0x4B45E 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x4B460 0x0 Name: 0x409
0x4B464 0x4 OffsetToData: 0x80
[IMAGE_RESOURCE_DATA_ENTRY]
0x4B480 0x0 OffsetToData: 0x950A0
0x4B484 0x4 Size: 0x10828
0x4B488 0x8 CodePage: 0x0
0x4B48C 0xC Reserved: 0x0
Id: [0xE] (RT_GROUP_ICON)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x4B418 0x0 Name: 0xE
0x4B41C 0x4 OffsetToData: 0x80000038
[IMAGE_RESOURCE_DIRECTORY]
0x4B438 0x0 Characteristics: 0x0
0x4B43C 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x4B440 0x8 MajorVersion: 0x0
0x4B442 0xA MinorVersion: 0x0
0x4B444 0xC NumberOfNamedEntries: 0x0
0x4B446 0xE NumberOfIdEntries: 0x1
Id: [0x1F4]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x4B448 0x0 Name: 0x1F4
0x4B44C 0x4 OffsetToData: 0x80000068
[IMAGE_RESOURCE_DIRECTORY]
0x4B468 0x0 Characteristics: 0x0
0x4B46C 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x4B470 0x8 MajorVersion: 0x0
0x4B472 0xA MinorVersion: 0x0
0x4B474 0xC NumberOfNamedEntries: 0x0
0x4B476 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x4B478 0x0 Name: 0x409
0x4B47C 0x4 OffsetToData: 0x90
[IMAGE_RESOURCE_DATA_ENTRY]
0x4B490 0x0 OffsetToData: 0xA58C8
0x4B494 0x4 Size: 0x14
0x4B498 0x8 CodePage: 0x0
0x4B49C 0xC Reserved: 0x0
Подписаться на:
Комментарии к сообщению (Atom)
Комментариев нет:
Отправить комментарий