| filename | iDezender.exe | |
|---|---|---|
| size | 6343168 (0x60ca00) | |
| md5 | d68a96c93afcf616df708f036a2ddb80 | |
| type | PE32 executable (GUI) Intel 80386, for MS Windows, PECompact2 compressed | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0x128 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 131 | 21022 | 93 |
| 150 | 20413 | 11 |
| 149 | 30729 | 67 |
| 10 | 8447 | 31 |
| 132 | 21022 | 127 |
| 109 | 50727 | 17 |
| 123 | 50727 | 44 |
| 0 | 0 | 7 |
| 49 | 9044 | 5 |
| 48 | 9044 | 75 |
| 147 | 30729 | 3 |
| 1 | 0 | 1106 |
| 131 | 30729 | 251 |
| 132 | 30729 | 809 |
| 148 | 21022 | 1 |
| 145 | 30729 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
| name | va | vsize | raw size | flags | |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x6eb000 | 0x24aa00 | RWX CODE | |
| .rsrc | 0x6ec000 | 0x1e000 | 0x1dc00 | RWX CODE | |
| .enigma1 | 0x70a000 | 0x1000 | 0x367000 | RWX IDATA | |
| .enigma2 | 0x70b000 | 0x3d000 | 0x3d000 | RWX CODE IDATA UDATA |
Data Directory
TLS
| raw start | raw end | index | callbks | zero fill | flags | |
|---|---|---|---|---|---|---|
| 0xb0a018 | 0xb0a040 | 0xb0a040 | 0xb0a044 | 0 | 0 |
StringTable 04090000
| CompanyName | Motionite Corporation |
| FileDescription | iDezender |
| FileVersion | 9.3.0.0 |
| LegalCopyright | Copyright © 2010-2013 Motionite Corporation (www.motionite.com) |
| LegalTrademarks | iDezender is a Motionite Trademark |
| OriginalFilename | iDezender.exe |
| ProductVersion | 9.3.0.0 |
VS_FIXEDFILEINFO
| FileVersion | 9.3.0.0 |
| ProductVersion | 9.3.0.0 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x3f |
| FileFlags | 0 |
| FileOS | 4 |
| FileType | 1 |
| FileSubtype | 0 |
| offset | size | type | comment | |
|---|---|---|---|---|
| 15c1 | 15 | HTM | # | |
| 269b24 | 872 | PNG | (48 x 48) | # |
| 269ee0 | 5957 | GIF | (128 x 48) | # |
| 26b679 | 11480 | PNG | (251 x 52) | # |
| 26e3a5 | 10161 | PNG | (251 x 52) | # |
| 270baa | 11140 | PNG | (251 x 52) | # |
| 273782 | 8335 | PNG | (251 x 52) | # |
| 275865 | 540452 | PNG | (1920 x 1200) | # |
| 2f97dd | 10186 | PNG | (96 x 96) | # |
| 2fbffb | 6399 | PNG | (96 x 96) | # |
| 2fe897 | 733 | PNG | (64 x 64) | # |
| 2febc6 | 359 | PNG | (48 x 48) | # |
| 2fed7f | 1115 | PNG | (48 x 48) | # |
| 2ff22c | 1405 | PNG | (48 x 48) | # |
| 2ff7fb | 1086 | PNG | (48 x 48) | # |
| 2ffc8b | 1574 | PNG | (48 x 48) | # |
| 300303 | 1063 | PNG | (48 x 48) | # |
| 320b4a | 729600 | DLL | 05/18/2013 14:26:48 | # |
| 3d4649 | 208896 | DLL | 05/22/2011 11:27:39 | # |
| 3f7ac6 | 8271 | HTM | # | |
| 4076c8 | 994137 | ZIP | # | |
| 56228c | 322048 | DLL | 03/08/2010 16:22:17 | # |
| 5b1c32 | 11264 | DLL | 08/28/2008 18:04:40 | # |
| 5cfa00 | 228864 | DLL | 06/19/1992 22:22:17 | # |
| 607800 | 20992 | BIN | overlay data past EOF | # |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] can't find file_offset of VA 0x595000
[?] can't find file_offset of VA 0x595078
[?] can't find file_offset of VA 0x595370
[?] can't find file_offset of VA 0x595678
[?] can't find file_offset of VA 0x595900
[?] can't find file_offset of VA 0x595c70
[?] can't find file_offset of VA 0x595dd0
[?] can't find file_offset of VA 0x595f10
[?] can't find file_offset of VA 0x596028
[?] can't find file_offset of VA 0x596158
[?] can't find file_offset of VA 0x596368
[?] can't find file_offset of VA 0x596468
[?] can't find file_offset of VA 0x596510
[?] can't find file_offset of VA 0x596590
[?] can't find file_offset of VA 0x596628
[?] can't find file_offset of VA 0x5966c0
[?] can't find file_offset of VA 0x596748
[?] can't find file_offset of VA 0x5967f0
[?] can't find file_offset of VA 0x596f68
[?] can't find file_offset of VA 0x597600
[?] can't find file_offset of VA 0x597948
[?] can't find file_offset of VA 0x597da8
[?] can't find file_offset of VA 0x597f50
[?] can't find file_offset of VA 0x598a18
[?] can't find file_offset of VA 0x598d98
[?] can't find file_offset of VA 0x5997e8
[?] can't find file_offset of VA 0x599c78
[?] can't find file_offset of VA 0x59a6c8
[?] can't find file_offset of VA 0x59aa48
[?] can't find file_offset of VA 0x59b4f8
[?] can't find file_offset of VA 0x59c018
[?] can't find file_offset of VA 0x59caa8
[?] can't find file_offset of VA 0x59d5d8
[?] can't find file_offset of VA 0x59d980
[?] can't find file_offset of VA 0x59eaa0
[?] can't find file_offset of VA 0x59ee78
[?] can't find file_offset of VA 0x59f098
[?] can't find file_offset of VA 0x59fbb0
[?] can't find file_offset of VA 0x5a0360
[?] can't find file_offset of VA 0x5a10a8
[?] can't find file_offset of VA 0x5a1450
[?] can't find file_offset of VA 0x5a1770
[?] can't find file_offset of VA 0x5a1a90
[?] can't find file_offset of VA 0x5a1d50
[?] can't find file_offset of VA 0x5a1fc8
[?] can't find file_offset of VA 0x5a2298
[?] can't find file_offset of VA 0x5a2400
[?] can't find file_offset of VA 0x5a2558
[?] can't find file_offset of VA 0x5a28e8
[?] can't find file_offset of VA 0x5a2e20
[?] can't find file_offset of VA 0x5a2fc0
[?] can't find file_offset of VA 0x5a5258
[?] can't find file_offset of VA 0x5a58f8
[?] can't find file_offset of VA 0x5a5ac0
[?] can't find file_offset of VA 0x5a5fe8
[?] can't find file_offset of VA 0x5a8460
[?] can't find file_offset of VA 0x5a8b00
[?] can't find file_offset of VA 0x5a8cc8
[?] can't find file_offset of VA 0x5a91d0
[?] can't find file_offset of VA 0x5ab6a8
[?] can't find file_offset of VA 0x5abd48
[?] can't find file_offset of VA 0x5abf10
[?] can't find file_offset of VA 0x5ac448
[?] can't find file_offset of VA 0x5ae938
[?] can't find file_offset of VA 0x5aefd8
[?] can't find file_offset of VA 0x5af1a0
[?] can't find file_offset of VA 0x5af680
[?] can't find file_offset of VA 0x5b1a58
[?] can't find file_offset of VA 0x5b1be8
[?] can't find file_offset of VA 0x5b1da8
[?] can't find file_offset of VA 0x5b2448
[?] can't find file_offset of VA 0x5b2610
[?] can't find file_offset of VA 0x5b2b00
[?] can't find file_offset of VA 0x5b4ea8
[?] can't find file_offset of VA 0x5b4f70
[?] can't find file_offset of VA 0x5b5610
[?] can't find file_offset of VA 0x5b57d0
[?] can't find file_offset of VA 0x5b5cb8
[?] can't find file_offset of VA 0x5b81c8
[?] can't find file_offset of VA 0x5b8868
[?] can't find file_offset of VA 0x5b8a30
[?] can't find file_offset of VA 0x5b8f20
[?] can't find file_offset of VA 0x5bb2e8
[?] can't find file_offset of VA 0x5bb3a0
[?] can't find file_offset of VA 0x5bb528
[?] can't find file_offset of VA 0x5bb6e0
[?] can't find file_offset of VA 0x5bb748
[?] can't find file_offset of VA 0x5bb848
[?] can't find file_offset of VA 0x5bd010
[?] can't find file_offset of VA 0x5bd298
[?] can't find file_offset of VA 0x5bd310
[?] can't find file_offset of VA 0x5bda30
[?] can't find file_offset of VA 0x5be1c8
[?] can't find file_offset of VA 0x5be450
[?] can't find file_offset of VA 0x5be658
[?] can't find file_offset of VA 0x5be810
[?] can't find file_offset of VA 0x5be8c8
[?] can't find file_offset of VA 0x5be9a0
[?] can't find file_offset of VA 0x5bebc0
[?] can't find file_offset of VA 0x5bede0
[?] can't find file_offset of VA 0x5bef90
[?] too many errors getting resource data, stopped on 0 of 1
[?] can't find file_offset of VA 0x518e90