filenameKeygen.exe
size2466816 (0x25a400)
md5b340239934eea5acd3024ea0772add58
typePE32 executable (GUI) Intel 80386, for MS Windows, PECompact2 compressed
mimetypeapplication/x-dosexec
clamavOK
virustotal→ scan with virustotal.com
histogram

MZ Header

signatureMZ
bytes_in_last_block0x90
blocks_in_file3
num_relocs0
header_paragraphs4
min_extra_paragraphs0
max_extra_paragraphs0xffff
ss0
sp0xb8
checksum0
ip0
cs0
reloc_table_offset0x40
overlay_number0
reserved00
oem_id0
oem_info0
reserved20
reserved30
reserved40
reserved50
reserved60
lfanew0x128

Rich Header

lib idversiontimes used
1312102293
1502041311
1493072967
13130729250
13230729523
10844731
13221022127
1095072717
1235072744
007
4990445
48904475
147307293
101106
13830729287
148210221
145307291

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

SignaturePE
Machine0x14c
NumberOfSections2
TimeDateStamp0x4fda36cc
PointerToSymbolTable0
NumberOfSymbols0
SizeOfOptionalHeader0xe0
Characteristics0x103
Magic0x10b
LinkerVersion9.0
SizeOfCode0x3d7c00
SizeOfInitializedData0x249000
SizeOfUninitializedData0
AddressOfEntryPoint0x1000
BaseOfCode0x1000
BaseOfData0x3d9000
ImageBase0x400000
SectionAlignment0x1000
FileAlignment0x200
OperatingSystemVersion5.0
ImageVersion0.0
SubsystemVersion5.0
Reserved10
SizeOfImage0x6ac000
SizeOfHeaders0x400
CheckSum0x264a8d
Subsystem2
DllCharacteristics0x8000
SizeOfStackReserve0x100000
SizeOfStackCommit0x1000
SizeOfHeapReserve0x100000
SizeOfHeapCommit0x1000
LoaderFlags0
NumberOfRvaAndSizes0x10

Packer / Compiler

PeCompact 2.xx (BitSum Technologies / v2.0)

Sections

namevavsizeraw sizeflags
.text0x10000x6750000x224000RWX CODE
.rsrc0x6760000x360000x36000RWX CODE

Data Directory

typevasize
EXPORT00
IMPORT0x6aaca40x5b5
RESOURCE0x6760000x344d8
EXCEPTION00
SECURITY00
BASERELOC00
DEBUG00
ARCHITECTURE00
GLOBALPTR00
TLS00
LOAD_CONFIG00
Bound_IAT00
IAT00
Delay_IAT0x4a98c40x60
CLR_Header00
typenamesizecp
PNGAQUA_IDB_OFFICE2007_GRIPPER1191252
PNGAQUA_IDB_OFFICE2007_MAINBORDER7571252
PNGAQUA_IDB_OFFICE2007_MAINBORDER_CAPTION7691252
PNGAQUA_IDB_OFFICE2007_MDICHILDBORDER6471252
PNGAQUA_IDB_OFFICE2007_MENUBAR_BTN8781252
PNGAQUA_IDB_OFFICE2007_MENU_BTN3491252
PNGAQUA_IDB_OFFICE2007_MENU_BTN_DISABLED3181252
PNGAQUA_IDB_OFFICE2007_MENU_BTN_SCROLL_T2771252
PNGAQUA_IDB_OFFICE2007_MENU_ITEM_BACK2981252
PNGAQUA_IDB_OFFICE2007_MENU_ITEM_MARKER_C5241252
PNGAQUA_IDB_OFFICE2007_MENU_ITEM_MARKER_R2531252
PNGAQUA_IDB_OFFICE2007_POPUPMENU_BORDER1661252
PNGAQUA_IDB_OFFICE2007_POPUPMENU_RESIZEBAR1241252
PNGAQUA_IDB_OFFICE2007_POPUPMENU_RESIZEBAR_ICON_HV1501252
PNGAQUA_IDB_OFFICE2007_POPUPMENU_RESIZEBAR_ICON_HVT1451252
PNGAQUA_IDB_OFFICE2007_POPUPMENU_RESIZEBAR_ICON_V1321252
PNGAQUA_IDB_OFFICE2007_RIBBON_BORDER_FLOATY1631252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_CHECK19051252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_DEFAULT16871252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_DEFAULT_IMAGE8341252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_DEFAULT_QAT11191252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_DEFAULT_QAT_ICON4191252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUPMENU_F_C27601252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUPMENU_F_M8921252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUPMENU_L_C26401252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUPMENU_L_M11661252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUPMENU_M_C26401252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUPMENU_M_M8961252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUP_F27361252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUP_L28471252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUP_M27021252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_GROUP_S28641252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_LAUNCH_ICON9341252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_MAIN43791252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_MENU_H_C9771252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_MENU_H_M5391252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_MENU_V_C28341252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_MENU_V_M19641252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_NORMAL_B33951252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_NORMAL_S9321252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_PAGE_L8001252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_PAGE_R7991252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_PALETTE_B7011252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_PALETTE_M6271252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_PALETTE_T7131252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_PANEL_MAIN3551252
PNGAQUA_IDB_OFFICE2007_RIBBON_BTN_STATUS_PANE3381252
PNGAQUA_IDB_OFFICE2007_RIBBON_CAPTION_QA9061252
PNGAQUA_IDB_OFFICE2007_RIBBON_CAPTION_QA_GLASS13301252
PNGAQUA_IDB_OFFICE2007_RIBBON_CATEGORY_BACK4121252
PNGAQUA_IDB_OFFICE2007_RIBBON_CATEGORY_TAB88541252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_B_BTN_DEFAULT16941252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_B_CATEGORY_BACK4521252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_B_CATEGORY_CAPTION13141252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_B_CATEGORY_TAB93331252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_G_BTN_DEFAULT16941252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_G_CATEGORY_BACK4511252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_G_CATEGORY_CAPTION12851252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_G_CATEGORY_TAB94271252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_I_BTN_DEFAULT16941252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_I_CATEGORY_BACK4551252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_I_CATEGORY_CAPTION13341252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_I_CATEGORY_TAB94561252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_O_BTN_DEFAULT16941252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_O_CATEGORY_BACK4531252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_O_CATEGORY_CAPTION12411252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_O_CATEGORY_TAB91711252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_PANEL_BACK_B3931252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_PANEL_BACK_T4441252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_R_BTN_DEFAULT16941252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_R_CATEGORY_BACK4521252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_R_CATEGORY_CAPTION12631252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_R_CATEGORY_TAB91221252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_SEPARATOR1971252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_V_BTN_DEFAULT16941252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_V_CATEGORY_BACK4421252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_V_CATEGORY_CAPTION12521252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_V_CATEGORY_TAB94871252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_Y_BTN_DEFAULT16941252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_Y_CATEGORY_BACK4501252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_Y_CATEGORY_CAPTION12571252
PNGAQUA_IDB_OFFICE2007_RIBBON_CONTEXT_Y_CATEGORY_TAB91581252
PNGAQUA_IDB_OFFICE2007_RIBBON_KEYTIP_BACK1811252
PNGAQUA_IDB_OFFICE2007_RIBBON_PANEL_BACK_B3901252
PNGAQUA_IDB_OFFICE2007_RIBBON_PANEL_BACK_T4371252
PNGAQUA_IDB_OFFICE2007_RIBBON_PANEL_SEPARATOR1021252
PNGAQUA_IDB_OFFICE2007_RIBBON_PROGRESS_BACK2491252
PNGAQUA_IDB_OFFICE2007_RIBBON_PROGRESS_INFINITY60831252
PNGAQUA_IDB_OFFICE2007_RIBBON_PROGRESS_NORMAL6431252
PNGAQUA_IDB_OFFICE2007_RIBBON_PROGRESS_NORMAL_EXT1131252
PNGAQUA_IDB_OFFICE2007_RIBBON_SLIDER_BTN_MINUS18211252
PNGAQUA_IDB_OFFICE2007_RIBBON_SLIDER_BTN_PLUS19401252
PNGAQUA_IDB_OFFICE2007_RIBBON_SLIDER_THUMB6441252
PNGAQUA_IDB_OFFICE2007_STATUSBAR_BACK5151252
PNGAQUA_IDB_OFFICE2007_STATUSBAR_BACK_EXT4371252
PNGAQUA_IDB_OFFICE2007_STATUSBAR_PANEBORDER1781252
PNGAQUA_IDB_OFFICE2007_STATUSBAR_SIZEBOX2091252
PNGAQUA_IDB_OFFICE2007_SYS_BTN_BACK5401252
PNGAQUA_IDB_OFFICE2007_SYS_BTN_BACK_S5401252
PNGAQUA_IDB_OFFICE2007_SYS_BTN_CLOSE4301252
ICON#116401252
ICON#27441252
ICON#34881252
ICON#42961252
ICON#537521252
ICON#622161252
ICON#717361252
ICON#813841252
ICON#9842481252
ICON#10169361252
ICON#1196401252
ICON#1242641252
ICON#1324401252
ICON#1411281252
GROUP_ICON#1282021252
VERSION#110801252
MANIFEST#112211252
module_namehintordfunction_name
kernel32.dllLoadLibraryA
kernel32.dllGetProcAddress
kernel32.dllVirtualAlloc
kernel32.dllVirtualFree
lua5.1.dlllua_pushfstring
WINMM.dllmixerOpen
WSOCK32.dll23
VERSION.dllGetFileVersionInfoA
MSACM32.dllacmStreamOpen
USER32.dllDefMDIChildProcA
GDI32.dllAddFontResourceA
MSIMG32.dllTransparentBlt
COMDLG32.dllGetSaveFileNameA
WINSPOOL.DRVClosePrinter
ADVAPI32.dllAdjustTokenPrivileges
SHELL32.dllShellExecuteExA
COMCTL32.dllImageList_GetImageInfo
SHLWAPI.dllPathFindFileNameA
oledlg.dll1
ole32.dllCreateStreamOnHGlobal
OLEAUT32.dll185
urlmon.dllURLDownloadToFileA
gdiplus.dllGdipCloneImage
NETAPI32.dllNetbios
IMM32.dllImmGetOpenStatus
imagehlp.dllImageDirectoryEntryToData

StringTable 040904b0

CommentsCreated with AutoPlay Media Studio
FileDescriptionAutoPlay Application
FileVersion8.1.0.0
InternalNameams_runtime
LegalCopyrightRuntime Engine Copyright © 2012 Indigo Rose Corporation (www.indigorose.com)
LegalTrademarksAutoPlay Media Studio is a Trademark of Indigo Rose Corporation
OriginalFilenameams_runtime.exe
ProductNameAutoPlay Media Studio Runtime
ProductVersion8.1.0.0

VS_FIXEDFILEINFO

FileVersion8.1.0.0
ProductVersion8.1.0.0
StrucVersion0x10000
FileFlagsMask0x3f
FileFlags0
FileOS0x40004
FileType1
FileSubtype0
offsetsizetypecomment
02466816EXE06/14/2012 19:09:00#
15c115HTM#
23af8884248PNG(256 x 256)#
offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable







[?] can't find file_offset of VA 0x526000
[?] can't find file_offset of VA 0x526078
[?] can't find file_offset of VA 0x526370
[?] can't find file_offset of VA 0x526678
[?] can't find file_offset of VA 0x526900
[?] can't find file_offset of VA 0x526c70
[?] can't find file_offset of VA 0x526dd0
[?] can't find file_offset of VA 0x526f10
[?] can't find file_offset of VA 0x527028
[?] can't find file_offset of VA 0x527158
[?] can't find file_offset of VA 0x527368
[?] can't find file_offset of VA 0x527468
[?] can't find file_offset of VA 0x527510
[?] can't find file_offset of VA 0x527590
[?] can't find file_offset of VA 0x527628
[?] can't find file_offset of VA 0x5276c0
[?] can't find file_offset of VA 0x527748
[?] can't find file_offset of VA 0x5277f0
[?] can't find file_offset of VA 0x527f68
[?] can't find file_offset of VA 0x528600
[?] can't find file_offset of VA 0x528948
[?] can't find file_offset of VA 0x528da8
[?] can't find file_offset of VA 0x528f50
[?] can't find file_offset of VA 0x529a18
[?] can't find file_offset of VA 0x529d98
[?] can't find file_offset of VA 0x52a7e8
[?] can't find file_offset of VA 0x52ac78
[?] can't find file_offset of VA 0x52b6c8
[?] can't find file_offset of VA 0x52ba48
[?] can't find file_offset of VA 0x52c4f8
[?] can't find file_offset of VA 0x52d018
[?] can't find file_offset of VA 0x52daa8
[?] can't find file_offset of VA 0x52e5d8
[?] can't find file_offset of VA 0x52e980
[?] can't find file_offset of VA 0x52faa0
[?] can't find file_offset of VA 0x52fe78
[?] can't find file_offset of VA 0x530098
[?] can't find file_offset of VA 0x530bb0
[?] can't find file_offset of VA 0x531360
[?] can't find file_offset of VA 0x5320a8
[?] can't find file_offset of VA 0x532450
[?] can't find file_offset of VA 0x532770
[?] can't find file_offset of VA 0x532a90
[?] can't find file_offset of VA 0x532d50
[?] can't find file_offset of VA 0x532fc8
[?] can't find file_offset of VA 0x533298
[?] can't find file_offset of VA 0x533400
[?] can't find file_offset of VA 0x533558
[?] can't find file_offset of VA 0x5338e8
[?] can't find file_offset of VA 0x533e20
[?] can't find file_offset of VA 0x533fc0
[?] can't find file_offset of VA 0x536258
[?] can't find file_offset of VA 0x5368f8
[?] can't find file_offset of VA 0x536ac0
[?] can't find file_offset of VA 0x536fe8
[?] can't find file_offset of VA 0x539460
[?] can't find file_offset of VA 0x539b00
[?] can't find file_offset of VA 0x539cc8
[?] can't find file_offset of VA 0x53a1d0
[?] can't find file_offset of VA 0x53c6a8
[?] can't find file_offset of VA 0x53cd48
[?] can't find file_offset of VA 0x53cf10
[?] can't find file_offset of VA 0x53d448
[?] can't find file_offset of VA 0x53f938
[?] can't find file_offset of VA 0x53ffd8
[?] can't find file_offset of VA 0x5401a0
[?] can't find file_offset of VA 0x540680
[?] can't find file_offset of VA 0x542a58
[?] can't find file_offset of VA 0x542be8
[?] can't find file_offset of VA 0x542da8
[?] can't find file_offset of VA 0x543448
[?] can't find file_offset of VA 0x543610
[?] can't find file_offset of VA 0x543b00
[?] can't find file_offset of VA 0x545ea8
[?] can't find file_offset of VA 0x545f70
[?] can't find file_offset of VA 0x546610
[?] can't find file_offset of VA 0x5467d0
[?] can't find file_offset of VA 0x546cb8
[?] can't find file_offset of VA 0x5491c8
[?] can't find file_offset of VA 0x549868
[?] can't find file_offset of VA 0x549a30
[?] can't find file_offset of VA 0x549f20
[?] can't find file_offset of VA 0x54c2e8
[?] can't find file_offset of VA 0x54c3a0
[?] can't find file_offset of VA 0x54c528
[?] can't find file_offset of VA 0x54c6e0
[?] can't find file_offset of VA 0x54c748
[?] can't find file_offset of VA 0x54c848
[?] can't find file_offset of VA 0x54e010
[?] can't find file_offset of VA 0x54e298
[?] can't find file_offset of VA 0x54e310
[?] can't find file_offset of VA 0x54ea30
[?] can't find file_offset of VA 0x54f1c8
[?] can't find file_offset of VA 0x54f450
[?] can't find file_offset of VA 0x54f658
[?] can't find file_offset of VA 0x54f810
[?] can't find file_offset of VA 0x54f8c8
[?] can't find file_offset of VA 0x54f9a0
[?] can't find file_offset of VA 0x54fbc0
[?] can't find file_offset of VA 0x54fde0
[?] can't find file_offset of VA 0x54ff90
[?] too many errors getting resource data, stopped on 0 of 1
[?] ignoring invalid PEdump::BITMAPINFOHEADER
[?] too many errors getting resource data, stopped on 0 of 1
[?] can't find file_offset of VA 0x4a98c4