filename | pe_1.exe | |
---|---|---|
size | 4608 (0x1200) | |
md5 | 9b8cad09a79c5509cb59f1793fcee5c4 | |
type | MS-DOS executable | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0xf0ff8081 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......| 00000040: 00 00 20 20 01 4c 05 00 4c 6d a8 4d 00 00 00 00 |.. .L..Lm.M....| 00000050: 00 00 00 00 e0 00 0f 03 0b 01 02 38 00 06 00 00 |...........8....| 00000060: 00 0e 00 00 00 02 00 00 30 11 00 00 00 10 00 00 |........0.......| 00000070: 00 20 00 00 00 00 40 00 13 11 ff 00 01 02 00 00 |. ....@.........| 00000080: 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 |................| 00000090: 00 60 00 00 00 04 00 00 cb 3f 00 00 02 00 00 00 |.`.......?......| 000000a0: 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 |.. .............| 000000b0: 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 |................| 000000c0: 00 50 00 00 1c 02 00 00 00 00 00 00 00 00 00 00 |.P..............| 000000d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00000130: 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 |.........text...| 00000140: d4 05 00 00 00 10 00 00 00 06 00 00 00 04 00 00 |................| 00000150: 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 |............`.P`| 00000160: 2e 64 61 74 61 00 00 00 10 00 00 00 00 20 00 00 |.data........ ..| 00000170: 00 02 00 00 00 0a 00 00 00 00 00 00 00 00 00 00 |................| 00000180: 00 00 00 00 40 00 30 c0 2e 72 64 61 74 61 00 00 |....@.0..rdata..| 00000190: 34 00 00 00 00 30 00 00 00 02 00 00 00 0c 00 00 |4....0..........| 000001a0: 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 |............@.0@| 000001b0: 2e 62 73 73 00 00 00 00 44 00 00 00 00 40 00 00 |.bss....D....@..| 000001c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 000001d0: 00 00 00 00 80 00 40 c0 2e 69 64 61 74 61 00 00 |......@..idata..| 000001e0: 1c 02 00 00 00 50 00 00 00 04 00 00 00 0e 00 00 |.....P..........| 000001f0: 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 |............@.0.| 00000200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000003c0: 55 8b 0d cc 50 40 00 89 e5 5d ff e1 8d 74 26 00 |U...P@...]...t&.| 000003d0: 55 8b 0d c4 50 40 00 89 e5 5d ff e1 8d 74 26 00 |U...P@...]...t&.| 000003e0: 55 89 e5 53 83 ec 20 68 50 11 40 00 e8 4f 05 00 |U..S.. hP.@..O..| 000003f0: 00 83 c4 0c e8 f7 02 00 00 e8 12 04 00 00 83 ec |................| 00000400: 0c 8d 45 f4 c7 45 f4 00 00 00 00 50 8d 45 f8 8b |..E..E.....P.E..| 00000410: 1d 00 20 40 00 53 50 68 04 40 40 00 68 00 40 40 |.. @.SPh.@@.h.@@| 00000420: 00 e8 da 04 00 00 a1 08 40 40 00 83 c4 20 85 c0 |........@@... ..| 00000430: 75 44 e8 d9 04 00 00 8b 15 04 20 40 00 89 10 e8 |uD........ @....| 00000440: dc 03 00 00 83 e4 f0 e8 94 04 00 00 e8 cf 04 00 |................| 00000450: 00 53 8b 08 51 8b 15 04 40 40 00 52 a1 00 40 40 |.S..Q...@@.R..@@| 00000460: 00 50 e8 49 02 00 00 89 c3 e8 ba 04 00 00 89 1c |.P.I............| 00000470: 24 e8 d2 04 00 00 8b 1d c0 50 40 00 a3 04 20 40 |$........P@... @| 00000480: 00 51 51 50 8b 53 10 52 e8 7b 04 00 00 83 c4 10 |.QQP.S.R.{......| 00000490: 83 fb e0 74 19 50 50 a1 08 40 40 00 50 8b 43 30 |...t.PP..@@.P.C0| 000004a0: 50 e8 62 04 00 00 83 c4 10 83 fb c0 74 84 50 50 |P.b.........t.PP| 000004b0: a1 08 40 40 00 50 8b 43 50 50 e8 49 04 00 00 83 |..@@.P.CPP.I....| 000004c0: c4 10 e9 6b ff ff ff 89 f6 8d bc 27 00 00 00 00 |...k.......'....| 000004d0: 55 89 e5 83 ec 14 6a 02 ff 15 b4 50 40 00 e8 fd |U.....j....P@...| 000004e0: fe ff ff 8d b6 00 00 00 00 8d bc 27 00 00 00 00 |...........'....| 000004f0: 55 89 e5 83 ec 14 6a 01 ff 15 b4 50 40 00 e8 dd |U.....j....P@...| 00000500: fe ff ff 8d b6 00 00 00 00 8d bc 27 00 00 00 00 |...........'....| 00000510: 55 89 e5 53 83 ec 04 8b 45 08 8b 00 8b 00 3d 91 |U..S....E.....=.| 00000520: 00 00 c0 77 3b 3d 8d 00 00 c0 72 4b bb 01 00 00 |...w;=....rK....| 00000530: 00 50 50 6a 00 6a 08 e8 dc 03 00 00 83 c4 10 83 |.PPj.j..........| 00000540: f8 01 0f 84 d6 00 00 00 85 c0 0f 85 90 00 00 00 |................| 00000550: 31 c0 8b 5d fc c9 c2 04 00 8d b4 26 00 00 00 00 |1..].......&....| 00000560: 3d 94 00 00 c0 74 49 3d 96 00 00 c0 74 17 3d 93 |=....tI=....t.=.| 00000570: 00 00 c0 75 db eb b5 3d 05 00 00 c0 74 39 3d 1d |...u...=....t9=.| 00000580: 00 00 c0 75 cb 50 50 6a 00 6a 04 e8 88 03 00 00 |...u.PPj.j......| 00000590: 83 c4 10 83 f8 01 74 5a 85 c0 74 b4 83 ec 0c 6a |......tZ..t....j| 000005a0: 04 ff d0 83 c8 ff 83 c4 10 eb a7 90 8d 74 26 00 |.............t&.| 000005b0: 31 db e9 7a ff ff ff 50 50 6a 00 6a 0b e8 56 03 |1..z...PPj.j..V.| 000005c0: 00 00 83 c4 10 83 f8 01 74 3e 85 c0 74 82 83 ec |........t>..t...| 000005d0: 0c 6a 0b ff d0 83 c8 ff 83 c4 10 e9 72 ff ff ff |.j..........r...| 000005e0: 83 ec 0c 6a 08 ff d0 83 c8 ff 83 c4 10 e9 60 ff |...j..........`.| 000005f0: ff ff 50 50 6a 01 6a 04 e8 1b 03 00 00 83 c8 ff |..PPj.j.........| 00000600: 83 c4 10 e9 4a ff ff ff 50 50 6a 01 6a 0b e8 05 |....J...PPj.j...| 00000610: 03 00 00 83 c8 ff 83 c4 10 e9 34 ff ff ff 50 50 |..........4...PP| 00000620: 6a 01 6a 08 e8 ef 02 00 00 83 c4 10 83 c8 ff 85 |j.j.............| 00000630: db 0f 84 1b ff ff ff e8 d4 01 00 00 83 c8 ff e9 |................| 00000640: 0e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 |................| 00000650: 55 89 e5 83 ec 18 a1 0c 20 40 00 85 c0 74 37 c7 |U....... @...t7.| 00000660: 04 24 00 30 40 00 e8 e5 02 00 00 89 c2 b8 00 00 |.$.0@...........| 00000670: 00 00 51 85 d2 74 12 89 14 24 c7 44 24 04 0d 30 |..Q..t...$.D$..0| 00000680: 40 00 e8 d1 02 00 00 52 52 85 c0 74 09 c7 04 24 |@......RR..t...$| 00000690: 0c 20 40 00 ff d0 c9 c3 90 8d b4 26 00 00 00 00 |. @........&....| 000006a0: 55 89 e5 5d c3 90 90 90 90 90 90 90 90 90 90 90 |U..]............| 000006b0: 55 89 e5 83 e4 f0 83 ec 10 e8 22 02 00 00 c7 04 |U.........".....| 000006c0: 24 24 30 40 00 e8 66 02 00 00 a1 c0 50 40 00 8b |$$0@..f.....P@..| 000006d0: 50 04 4a 89 50 04 85 d2 78 09 8b 10 42 89 10 31 |P.J.P...x...B..1| 000006e0: c0 c9 c3 89 04 24 e8 4d 02 00 00 31 c0 c9 c3 90 |.....$.M...1....| 000006f0: 55 89 e5 53 9c 9c 5a 89 d0 81 f2 00 00 20 00 52 |U..S..Z...... .R| 00000700: 9d 9c 5a 9d 31 d0 a9 00 00 20 00 0f 84 e1 00 00 |..Z.1.... ......| 00000710: 00 31 c0 0f a2 85 c0 0f 84 d5 00 00 00 b8 01 00 |.1..............| 00000720: 00 00 0f a2 f6 c6 01 74 0f 8b 1d 0c 40 40 00 83 |.......t....@@..| 00000730: cb 01 89 1d 0c 40 40 00 66 85 d2 79 0d a1 0c 40 |.....@@.f..y...@| 00000740: 40 00 83 c8 02 a3 0c 40 40 00 f7 c2 00 00 80 00 |@......@@.......| 00000750: 74 0d a1 0c 40 40 00 83 c8 04 a3 0c 40 40 00 f7 |t...@@......@@..| 00000760: c2 00 00 00 01 74 0d a1 0c 40 40 00 83 c8 08 a3 |.....t...@@.....| 00000770: 0c 40 40 00 f7 c2 00 00 00 02 74 0d a1 0c 40 40 |.@@.......t...@@| 00000780: 00 83 c8 10 a3 0c 40 40 00 81 e2 00 00 00 04 74 |......@@.......t| 00000790: 0d a1 0c 40 40 00 83 c8 20 a3 0c 40 40 00 f6 c1 |...@@... ..@@...| 000007a0: 01 74 0d a1 0c 40 40 00 83 c8 40 a3 0c 40 40 00 |.t...@@...@..@@.| 000007b0: 80 e5 20 74 0f 8b 1d 0c 40 40 00 80 cb 80 89 1d |.. t....@@......| 000007c0: 0c 40 40 00 b8 00 00 00 80 0f a2 3d 00 00 00 80 |.@@........=....| 000007d0: 76 20 b8 01 00 00 80 0f a2 85 d2 78 18 81 e2 00 |v .........x....| 000007e0: 00 00 40 74 0d a1 0c 40 40 00 80 cc 02 a3 0c 40 |..@t...@@......@| 000007f0: 40 00 5b 5d c3 8b 0d 0c 40 40 00 80 cd 01 89 0d |@.[]....@@......| 00000800: 0c 40 40 00 eb d7 90 90 90 90 90 90 90 90 90 90 |.@@.............| 00000810: 55 89 e5 db e3 5d c3 90 90 90 90 90 90 90 90 90 |U....]..........| 00000820: 55 b9 34 30 40 00 89 e5 81 f9 34 30 40 00 73 18 |U.40@.....40@.s.| 00000830: 8b 51 04 8b 01 81 c2 00 00 40 00 83 c1 08 01 02 |.Q.......@......| 00000840: 81 f9 34 30 40 00 72 e8 5d c3 90 90 90 90 90 90 |..40@.r.].......| 00000850: 55 89 e5 83 ec 08 a1 08 20 40 00 8b 00 85 c0 74 |U....... @.....t| 00000860: 15 ff d0 a1 08 20 40 00 83 c0 04 a3 08 20 40 00 |..... @...... @.| 00000870: 8b 00 85 c0 75 eb c9 c3 90 8d b4 26 00 00 00 00 |....u......&....| 00000880: 55 a1 c0 15 40 00 89 e5 83 f8 ff 56 53 74 30 85 |U...@......VSt0.| 00000890: c0 74 15 8d 34 85 c0 15 40 00 89 c3 8d 74 26 00 |.t..4...@....t&.| 000008a0: ff 16 83 ee 04 4b 75 f8 83 ec 0c 68 90 14 40 00 |.....Ku....h..@.| 000008b0: e8 0b fb ff ff 83 c4 10 8d 65 f8 5b 5e 5d c3 31 |.........e.[^].1| 000008c0: c0 eb 02 89 d0 8d 50 01 8b 0c 95 c0 15 40 00 85 |......P......@..| 000008d0: c9 75 f0 eb ba 8d 74 26 00 8d bc 27 00 00 00 00 |.u....t&...'....| 000008e0: 55 a1 10 40 40 00 89 e5 85 c0 74 04 5d c3 66 90 |U..@@.....t.].f.| 000008f0: c7 05 10 40 40 00 01 00 00 00 5d eb 83 90 90 90 |...@@.....].....| 00000900: ff 25 a8 50 40 00 90 90 ff 25 c8 50 40 00 90 90 |.%.P@....%.P@...| 00000910: ff 25 b0 50 40 00 90 90 ff 25 d4 50 40 00 90 90 |.%.P@....%.P@...| 00000920: ff 25 ac 50 40 00 90 90 ff 25 b8 50 40 00 90 90 |.%.P@....%.P@...| 00000930: ff 25 d0 50 40 00 90 90 ff 25 bc 50 40 00 90 90 |.%.P@....%.P@...| 00000940: ff 25 9c 50 40 00 90 90 ff 25 90 50 40 00 90 90 |.%.P@....%.P@...| 00000950: ff 25 94 50 40 00 90 90 ff 25 98 50 40 00 90 90 |.%.P@....%.P@...| 00000960: 55 89 e5 83 ec 18 e8 e5 fc ff ff c7 04 24 e0 12 |U............$..| 00000970: 40 00 e8 49 fa ff ff c9 c3 90 90 90 90 90 90 90 |@..I............| 00000980: ff ff ff ff a0 15 40 00 00 00 00 00 ff ff ff ff |......@.........| 00000990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000009c0: ff ff ff ff 00 40 00 00 d0 15 40 00 00 00 00 00 |.....@....@.....| 000009d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00000bc0: 6c 69 62 67 63 6a 5f 73 2e 64 6c 6c 00 5f 4a 76 |libgcj_s.dll._Jv| 00000bd0: 5f 52 65 67 69 73 74 65 72 43 6c 61 73 73 65 73 |_RegisterClasses| 00000be0: 00 00 00 00 48 65 6c 6c 6f 20 57 6f 72 6c 64 21 |....Hello World!| 00000bf0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00000dc0: 40 50 00 00 00 00 00 00 00 00 00 00 d0 51 00 00 |@P...........Q..| 00000dd0: 90 50 00 00 58 50 00 00 00 00 00 00 00 00 00 00 |.P..XP..........| 00000de0: 10 52 00 00 a8 50 00 00 00 00 00 00 00 00 00 00 |.R...P..........| 00000df0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000e00: dc 50 00 00 ea 50 00 00 fe 50 00 00 10 51 00 00 |.P...P...P...Q..| 00000e10: 00 00 00 00 00 00 00 00 2e 51 00 00 3e 51 00 00 |.........Q..>Q..| 00000e20: 4e 51 00 00 5c 51 00 00 6e 51 00 00 78 51 00 00 |NQ..\Q..nQ..xQ..| 00000e30: 82 51 00 00 8a 51 00 00 94 51 00 00 a0 51 00 00 |.Q...Q...Q...Q..| 00000e40: aa 51 00 00 b4 51 00 00 00 00 00 00 00 00 00 00 |.Q...Q..........| 00000e50: dc 50 00 00 ea 50 00 00 fe 50 00 00 10 51 00 00 |.P...P...P...Q..| 00000e60: 00 00 00 00 00 00 00 00 2e 51 00 00 3e 51 00 00 |.........Q..>Q..| 00000e70: 4e 51 00 00 5c 51 00 00 6e 51 00 00 78 51 00 00 |NQ..\Q..nQ..xQ..| 00000e80: 82 51 00 00 8a 51 00 00 94 51 00 00 a0 51 00 00 |.Q...Q...Q...Q..| 00000e90: aa 51 00 00 b4 51 00 00 00 00 00 00 9c 00 45 78 |.Q...Q........Ex| 00000ea0: 69 74 50 72 6f 63 65 73 73 00 51 01 47 65 74 4d |itProcess.Q.GetM| 00000eb0: 6f 64 75 6c 65 48 61 6e 64 6c 65 41 00 00 6c 01 |oduleHandleA..l.| 00000ec0: 47 65 74 50 72 6f 63 41 64 64 72 65 73 73 00 00 |GetProcAddress..| 00000ed0: e3 02 53 65 74 55 6e 68 61 6e 64 6c 65 64 45 78 |..SetUnhandledEx| 00000ee0: 63 65 70 74 69 6f 6e 46 69 6c 74 65 72 00 37 00 |ceptionFilter.7.| 00000ef0: 5f 5f 67 65 74 6d 61 69 6e 61 72 67 73 00 4d 00 |__getmainargs.M.| 00000f00: 5f 5f 70 5f 5f 65 6e 76 69 72 6f 6e 00 00 4f 00 |__p__environ..O.| 00000f10: 5f 5f 70 5f 5f 66 6d 6f 64 65 00 00 63 00 5f 5f |__p__fmode..c.__| 00000f20: 73 65 74 5f 61 70 70 5f 74 79 70 65 00 00 93 00 |set_app_type....| 00000f30: 5f 63 65 78 69 74 00 00 c8 00 5f 66 69 6c 62 75 |_cexit...._filbu| 00000f40: 66 00 0a 01 5f 69 6f 62 00 00 7f 01 5f 6f 6e 65 |f..._iob...._one| 00000f50: 78 69 74 00 aa 01 5f 73 65 74 6d 6f 64 65 00 00 |xit..._setmode..| 00000f60: 4e 02 61 74 65 78 69 74 00 00 b1 02 70 72 69 6e |N.atexit....prin| 00000f70: 74 66 00 00 c2 02 73 69 67 6e 61 6c 00 00 00 00 |tf....signal....| 00000f80: 00 50 00 00 00 50 00 00 00 50 00 00 00 50 00 00 |.P...P...P...P..| 00000f90: 4b 45 52 4e 45 4c 33 32 2e 64 6c 6c 00 00 00 00 |KERNEL32.dll....| 00000fa0: 14 50 00 00 14 50 00 00 14 50 00 00 14 50 00 00 |.P...P...P...P..| * 00000fd0: 6d 73 76 63 72 74 2e 64 6c 6c 00 00 00 00 00 00 |msvcrt.dll......| 00000fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00001000:
offset | size | type | comment | |
---|---|---|---|---|
15c1 | 15 | HTM | # |
Scanning the drive for archives: 1 file, 4608 bytes (5 KiB) Errors: 1
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
[!] PE offset beyond EOF. cannot continue.
[!] NE offset beyond EOF.
[!] PE offset beyond EOF. cannot continue.
[?] DOS stub size too big (4043276353), limiting to 0x1000
[!] PE offset beyond EOF. cannot continue.