filename | 2d04d2a43e1d5a6920a806d8086da9c47f90e1cd25aa99b95af182ee9e1960b3 | |
---|---|---|
size | 412672 (0x64c00) | |
md5 | e28a0ed74e78e75710b0d46742e407e3 | |
type | PE32 executable (GUI) Intel 80386, for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0xd8 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
name | va | vsize | raw size | flags | |
---|---|---|---|---|---|
.text | 0x1000 | 0x22966 | 0x22a00 | R-X CODE | |
.rdata | 0x24000 | 0x3802 | 0x3a00 | R-- IDATA | |
.data | 0x28000 | 0x27aa8 | 0x7000 | RW- IDATA | |
.rsrc | 0x50000 | 0x372a4 | 0x37400 | R-- IDATA |
Data Directory
type | va | size | |
---|---|---|---|
EXPORT | 0 | 0 | |
IMPORT | 0x2601c | 0x8c | |
RESOURCE | 0x50000 | 0x372a4 | |
EXCEPTION | 0 | 0 | |
SECURITY | 0 | 0 | |
BASERELOC | 0 | 0 | |
DEBUG | 0 | 0 | |
ARCHITECTURE | 0 | 0 | |
GLOBALPTR | 0 | 0 | |
TLS | 0 | 0 | |
LOAD_CONFIG | 0x25b70 | 0x40 | |
Bound_IAT | 0 | 0 | |
IAT | 0x24000 | 0x458 | |
Delay_IAT | 0 | 0 | |
CLR_Header | 0 | 0 |
id | lang | string |
---|---|---|
65440 | 1033 | Friday |
65441 | 1033 | Saturday |
65442 | 1033 | Invalid file name - %s |
65456 | 1033 | September |
65457 | 1033 | October |
65458 | 1033 | November |
65459 | 1033 | December |
65460 | 1033 | Sun |
65461 | 1033 | Mon |
65462 | 1033 | Tue |
65463 | 1033 | Wed |
65464 | 1033 | Thu |
65465 | 1033 | Fri |
65466 | 1033 | Sat |
65467 | 1033 | Sunday |
65468 | 1033 | Monday |
65469 | 1033 | Tuesday |
65470 | 1033 | Wednesday |
65471 | 1033 | Thursday |
65472 | 1033 | May |
65473 | 1033 | Jun |
65474 | 1033 | Jul |
65475 | 1033 | Aug |
65476 | 1033 | Sep |
65477 | 1033 | Oct |
65478 | 1033 | Nov |
65479 | 1033 | Dec |
65480 | 1033 | January |
65481 | 1033 | February |
65482 | 1033 | March |
65483 | 1033 | April |
65484 | 1033 | May |
65485 | 1033 | June |
65486 | 1033 | July |
65487 | 1033 | August |
65488 | 1033 | Invalid variant type conversion |
65489 | 1033 | Invalid variant operation |
65490 | 1033 | Invalid argument |
65491 | 1033 | External exception %x |
65492 | 1033 | Assertion failed |
65493 | 1033 | Interface not supported |
65494 | 1033 | Exception in safecall method |
65495 | 1033 | Object lock not owned |
65496 | 1033 | Monitor support function not initialized |
65497 | 1033 | %s (%s, line %d) |
65498 | 1033 | Abstract Error |
65499 | 1033 | Access violation at address %p in module '%s'. %s of address %p |
65500 | 1033 | Jan |
65501 | 1033 | Feb |
65502 | 1033 | Mar |
65503 | 1033 | Apr |
65504 | 1033 | Invalid class typecast |
65505 | 1033 | Access violation at address %p. %s of address %p |
65506 | 1033 | Access violation |
65507 | 1033 | Stack overflow |
65508 | 1033 | Control-C hit |
65509 | 1033 | Privileged instruction |
65510 | 1033 | Operation aborted |
65511 | 1033 | Exception %s in module %s at %p. %s%s |
65512 | 1033 | Application Error |
65513 | 1033 | Format '%s' invalid or incompatible with argument |
65514 | 1033 | No argument for format '%s' |
65515 | 1033 | Variant method calls not supported |
65516 | 1033 | Read |
65517 | 1033 | Write |
65518 | 1033 | Error creating variant or safe array |
65519 | 1033 | Variant or safe array index out of bounds |
65520 | 1033 | Out of memory |
65521 | 1033 | I/O error %d |
65522 | 1033 | File not found |
65523 | 1033 | Too many open files |
65524 | 1033 | File access denied |
65525 | 1033 | Read beyond end of file |
65526 | 1033 | Disk full |
65527 | 1033 | Invalid numeric input |
65528 | 1033 | Division by zero |
65529 | 1033 | Range check error |
65530 | 1033 | Integer overflow |
65531 | 1033 | Invalid floating point operation |
65532 | 1033 | Floating point division by zero |
65533 | 1033 | Floating point overflow |
65534 | 1033 | Floating point underflow |
65535 | 1033 | Invalid pointer operation |
module_name | hint | ord | function_name |
---|---|---|---|
USER32.dll | 625 | ScrollWindowEx | |
USER32.dll | 94 | CreateDesktopW | |
USER32.dll | 276 | GetClientRect | |
USER32.dll | 590 | RegisterClassW | |
USER32.dll | 774 | UnregisterClassW | |
USER32.dll | 164 | DestroyMenu | |
USER32.dll | 491 | LoadCursorW | |
USER32.dll | 380 | GetSysColorBrush | |
USER32.dll | 220 | EndPaint | |
USER32.dll | 14 | BeginPaint | |
USER32.dll | 613 | ReleaseDC | |
USER32.dll | 289 | GetDC | |
USER32.dll | 71 | ClientToScreen | |
USER32.dll | 424 | GrayStringW | |
USER32.dll | 207 | DrawTextExW | |
USER32.dll | 208 | DrawTextW | |
USER32.dll | 750 | TabbedTextOutW | |
USER32.dll | 420 | GetWindowThreadProcessId | |
USER32.dll | 648 | SetCursor | |
USER32.dll | 349 | GetMessageW | |
USER32.dll | 764 | TranslateMessage | |
USER32.dll | 288 | GetCursorPos | |
USER32.dll | 796 | ValidateRect | |
USER32.dll | 567 | PostQuitMessage | |
USER32.dll | 735 | ShowWindow | |
USER32.dll | 715 | SetWindowTextW | |
USER32.dll | 461 | IsDialogMessageW | |
USER32.dll | 65 | CheckRadioButton | |
USER32.dll | 672 | SetMenuItemBitmaps | |
USER32.dll | 333 | GetMenuCheckMarkDimensions | |
USER32.dll | 487 | LoadBitmapW | |
USER32.dll | 535 | ModifyMenuW | |
USER32.dll | 214 | EnableMenuItem | |
USER32.dll | 611 | RegisterWindowMessageW | |
USER32.dll | 493 | LoadIconW | |
USER32.dll | 627 | SendDlgItemMessageW | |
USER32.dll | 809 | WinHelpW | |
USER32.dll | 264 | GetCapture | |
USER32.dll | 719 | SetWindowsHookExW | |
USER32.dll | 28 | CallNextHookEx | |
USER32.dll | 272 | GetClassLongW | |
USER32.dll | 685 | SetPropW | |
USER32.dll | 363 | GetPropW | |
USER32.dll | 617 | RemovePropW | |
USER32.dll | 301 | GetForegroundWindow | |
USER32.dll | 324 | GetLastActivePopup | |
USER32.dll | 175 | DispatchMessageW | |
USER32.dll | 768 | UnhookWindowsHookEx | |
USER32.dll | 348 | GetMessageTime | |
USER32.dll | 347 | GetMessagePos | |
USER32.dll | 563 | PeekMessageW | |
USER32.dll | 521 | MapWindowPoints | |
USER32.dll | 317 | GetKeyState | |
USER32.dll | 668 | SetMenu | |
USER32.dll | 480 | IsWindowVisible | |
USER32.dll | 785 | UpdateWindow | |
USER32.dll | 216 | EnableWindow | |
USER32.dll | 63 | CheckMenuItem | |
USER32.dll | 554 | OpenInputDesktop | |
USER32.dll | 799 | VkKeyScanExA | |
USER32.dll | 533 | MessageBoxW | |
USER32.dll | 110 | CreateWindowExW | |
USER32.dll | 269 | GetClassInfoExW | |
USER32.dll | 270 | GetClassInfoW | |
USER32.dll | 379 | GetSysColor | |
USER32.dll | 3 | AdjustWindowRectEx | |
USER32.dll | 156 | DefWindowProcW | |
USER32.dll | 30 | CallWindowProcW | |
USER32.dll | 85 | CopyRect | |
USER32.dll | 576 | PtInRect | |
USER32.dll | 331 | GetMenu | |
USER32.dll | 747 | SystemParametersInfoA | |
USER32.dll | 411 | GetWindowPlacement | |
USER32.dll | 412 | GetWindowRect | |
USER32.dll | 418 | GetWindowTextLengthW | |
USER32.dll | 419 | GetWindowTextW | |
USER32.dll | 626 | SendDlgItemMessageA | |
USER32.dll | 698 | SetThreadDesktop | |
USER32.dll | 744 | SwitchDesktop | |
USER32.dll | 74 | CloseDesktop | |
USER32.dll | 636 | SendMessageW | |
USER32.dll | 566 | PostMessageW | |
USER32.dll | 382 | GetSystemMetrics | |
USER32.dll | 465 | IsIconic | |
USER32.dll | 300 | GetFocus | |
USER32.dll | 389 | GetTopWindow | |
USER32.dll | 406 | GetWindowLongW | |
USER32.dll | 274 | GetClassNameW | |
USER32.dll | 398 | GetWindow | |
USER32.dll | 708 | SetWindowLongW | |
USER32.dll | 710 | SetWindowPos | |
USER32.dll | 659 | SetForegroundWindow | |
USER32.dll | 218 | EndDialog | |
USER32.dll | 354 | GetNextDlgTabItem | |
USER32.dll | 356 | GetParent | |
USER32.dll | 476 | IsWindowEnabled | |
USER32.dll | 658 | SetFocus | |
USER32.dll | 342 | GetMenuState | |
USER32.dll | 338 | GetMenuItemID | |
USER32.dll | 337 | GetMenuItemCount | |
USER32.dll | 378 | GetSubMenu | |
USER32.dll | 291 | GetDesktopWindow | |
USER32.dll | 256 | GetActiveWindow | |
USER32.dll | 639 | SetActiveWindow | |
USER32.dll | 97 | CreateDialogIndirectParamW | |
USER32.dll | 166 | DestroyWindow | |
USER32.dll | 475 | IsWindow | |
USER32.dll | 295 | GetDlgItem | |
USER32.dll | 292 | GetDialogBaseUnits | |
USER32.dll | 530 | MessageBoxIndirectW | |
USER32.dll | 62 | CheckDlgButton | |
USER32.dll | 263 | GetAsyncKeyState | |
USER32.dll | 612 | ReleaseCapture | |
USER32.dll | 172 | DialogBoxParamW | |
USER32.dll | 421 | GetWindowWord | |
USER32.dll | 82 | CopyAcceleratorTableW | |
USER32.dll | 294 | GetDlgCtrlID | |
USER32.dll | 332 | GetMenuBarInfo | |
USER32.dll | 462 | IsDlgButtonChecked | |
USER32.dll | 341 | GetMenuItemRect | |
SHELL32.dll | 188 | SHGetFileInfoA | |
ole32.dll | 303 | OleGetClipboard | |
GDI32.dll | 669 | SetPixelV | |
GDI32.dll | 632 | SelectPalette | |
GDI32.dll | 301 | EqualRgn | |
GDI32.dll | 510 | GetOutlineTextMetricsA | |
GDI32.dll | 694 | StrokePath | |
GDI32.dll | 508 | GetObjectType | |
GDI32.dll | 229 | DeleteMetaFile | |
GDI32.dll | 227 | DeleteDC | |
GDI32.dll | 481 | GetGlyphIndicesW | |
GDI32.dll | 680 | SetViewportExtEx | |
COMCTL32.dll | 17 | ||
KERNEL32.dll | 664 | GetTimeZoneInformation | |
KERNEL32.dll | 390 | GetCommandLineA | |
KERNEL32.dll | 1273 | WaitForSingleObject | |
KERNEL32.dll | 1297 | WideCharToMultiByte | |
KERNEL32.dll | 715 | HeapAlloc | |
KERNEL32.dll | 719 | HeapFree | |
KERNEL32.dll | 1048 | RtlUnwind | |
KERNEL32.dll | 945 | RaiseException | |
KERNEL32.dll | 722 | HeapReAlloc | |
KERNEL32.dll | 1202 | Sleep | |
KERNEL32.dll | 281 | ExitProcess | |
KERNEL32.dll | 724 | HeapSize | |
KERNEL32.dll | 1189 | SetUnhandledExceptionFilter | |
KERNEL32.dll | 612 | GetStdHandle | |
KERNEL32.dll | 531 | GetModuleFileNameA | |
KERNEL32.dll | 353 | FreeEnvironmentStringsW | |
KERNEL32.dll | 474 | GetEnvironmentStringsW | |
KERNEL32.dll | 1135 | SetHandleCount | |
KERNEL32.dll | 499 | GetFileType | |
KERNEL32.dll | 610 | GetStartupInfoA | |
KERNEL32.dll | 717 | HeapCreate | |
KERNEL32.dll | 1260 | VirtualFree | |
KERNEL32.dll | 935 | QueryPerformanceCounter | |
KERNEL32.dll | 633 | GetSystemTimeAsFileTime | |
KERNEL32.dll | 1216 | TerminateProcess | |
KERNEL32.dll | 1235 | UnhandledExceptionFilter | |
KERNEL32.dll | 768 | IsDebuggerPresent | |
KERNEL32.dll | 611 | GetStartupInfoW | |
KERNEL32.dll | 360 | GetACP | |
KERNEL32.dll | 567 | GetOEMCP | |
KERNEL32.dll | 778 | IsValidCodePage | |
KERNEL32.dll | 813 | LCMapStringW | |
KERNEL32.dll | 1257 | VirtualAlloc | |
KERNEL32.dll | 739 | InitializeCriticalSectionAndSpinCount | |
KERNEL32.dll | 811 | LCMapStringA | |
KERNEL32.dll | 614 | GetStringTypeA | |
KERNEL32.dll | 617 | GetStringTypeW | |
KERNEL32.dll | 667 | GetUserDefaultLCID | |
KERNEL32.dll | 516 | GetLocaleInfoA | |
KERNEL32.dll | 269 | EnumSystemLocalesA | |
KERNEL32.dll | 780 | IsValidLocale | |
KERNEL32.dll | 410 | GetConsoleCP | |
KERNEL32.dll | 428 | GetConsoleMode | |
KERNEL32.dll | 1306 | WriteConsoleA | |
KERNEL32.dll | 432 | GetConsoleOutputCP | |
KERNEL32.dll | 1316 | WriteConsoleW | |
KERNEL32.dll | 136 | CreateFileA | |
KERNEL32.dll | 1112 | SetErrorMode | |
KERNEL32.dll | 343 | FlushFileBuffers | |
KERNEL32.dll | 1126 | SetFilePointer | |
KERNEL32.dll | 1357 | lstrlenA | |
KERNEL32.dll | 1222 | TlsFree | |
KERNEL32.dll | 209 | DeleteCriticalSection | |
KERNEL32.dll | 843 | LocalReAlloc | |
KERNEL32.dll | 1224 | TlsSetValue | |
KERNEL32.dll | 352 | FreeEnvironmentStringsA | |
KERNEL32.dll | 738 | InitializeCriticalSection | |
KERNEL32.dll | 701 | GlobalHandle | |
KERNEL32.dll | 705 | GlobalReAlloc | |
KERNEL32.dll | 238 | EnterCriticalSection | |
KERNEL32.dll | 1223 | TlsGetValue | |
KERNEL32.dll | 825 | LeaveCriticalSection | |
KERNEL32.dll | 697 | GlobalFlags | |
KERNEL32.dll | 533 | GetModuleHandleA | |
KERNEL32.dll | 105 | ConvertDefaultLocale | |
KERNEL32.dll | 254 | EnumResourceLanguagesW | |
KERNEL32.dll | 1345 | lstrcmpA | |
KERNEL32.dll | 518 | GetLocaleInfoW | |
KERNEL32.dll | 453 | GetCurrentThreadId | |
KERNEL32.dll | 690 | GlobalAddAtomW | |
KERNEL32.dll | 695 | GlobalFindAtomW | |
KERNEL32.dll | 693 | GlobalDeleteAtom | |
KERNEL32.dll | 831 | LoadLibraryW | |
KERNEL32.dll | 100 | CompareStringW | |
KERNEL32.dll | 828 | LoadLibraryA | |
KERNEL32.dll | 1346 | lstrcmpW | |
KERNEL32.dll | 536 | GetModuleHandleW | |
KERNEL32.dll | 581 | GetProcAddress | |
KERNEL32.dll | 675 | GetVersionExA | |
KERNEL32.dll | 1139 | SetLastError | |
KERNEL32.dll | 691 | GlobalAlloc | |
KERNEL32.dll | 350 | FormatMessageW | |
KERNEL32.dll | 1358 | lstrlenW | |
KERNEL32.dll | 870 | MulDiv | |
KERNEL32.dll | 702 | GlobalLock | |
KERNEL32.dll | 709 | GlobalUnlock | |
KERNEL32.dll | 698 | GlobalFree | |
KERNEL32.dll | 357 | FreeResource | |
KERNEL32.dll | 871 | MultiByteToWideChar | |
KERNEL32.dll | 447 | GetCurrentDirectoryW | |
KERNEL32.dll | 867 | MoveFileW | |
KERNEL32.dll | 514 | GetLastError | |
KERNEL32.dll | 840 | LocalFree | |
KERNEL32.dll | 896 | OpenProcess | |
KERNEL32.dll | 168 | CreateProcessW | |
KERNEL32.dll | 467 | GetDriveTypeW | |
KERNEL32.dll | 687 | GetWindowsDirectoryW | |
KERNEL32.dll | 676 | GetVersionExW | |
KERNEL32.dll | 448 | GetCurrentProcess | |
KERNEL32.dll | 1323 | WritePrivateProfileStringW | |
KERNEL32.dll | 578 | GetPrivateProfileStringW | |
KERNEL32.dll | 302 | FindClose | |
KERNEL32.dll | 325 | FindNextFileW | |
KERNEL32.dll | 214 | DeleteFileW | |
KERNEL32.dll | 313 | FindFirstFileW | |
KERNEL32.dll | 920 | Process32NextW | |
KERNEL32.dll | 918 | Process32FirstW | |
KERNEL32.dll | 190 | CreateToolhelp32Snapshot | |
KERNEL32.dll | 449 | GetCurrentProcessId | |
KERNEL32.dll | 836 | LocalAlloc | |
KERNEL32.dll | 391 | GetCommandLineW | |
KERNEL32.dll | 659 | GetTickCount | |
KERNEL32.dll | 472 | GetEnvironmentStrings | |
KERNEL32.dll | 751 | InterlockedIncrement | |
KERNEL32.dll | 747 | InterlockedDecrement | |
KERNEL32.dll | 1110 | SetEnvironmentVariableA | |
KERNEL32.dll | 97 | CompareStringA | |
KERNEL32.dll | 1221 | TlsAlloc | |
KERNEL32.dll | 1159 | SetStdHandle | |
KERNEL32.dll | 1037 | RequestDeviceWakeup | |
KERNEL32.dll | 154 | CreateMemoryResourceNotification | |
KERNEL32.dll | 452 | GetCurrentThread | |
KERNEL32.dll | 943 | QueueUserAPC | |
KERNEL32.dll | 280 | EscapeCommFunction | |
KERNEL32.dll | 370 | GetCPInfo | |
KERNEL32.dll | 1201 | SizeofResource | |
KERNEL32.dll | 852 | LockResource | |
KERNEL32.dll | 833 | LoadResource | |
KERNEL32.dll | 334 | FindResourceW | |
KERNEL32.dll | 1121 | SetFileAttributesW | |
KERNEL32.dll | 143 | CreateFileW | |
KERNEL32.dll | 496 | GetFileSize | |
KERNEL32.dll | 960 | ReadFile | |
KERNEL32.dll | 1317 | WriteFile | |
KERNEL32.dll | 82 | CloseHandle | |
KERNEL32.dll | 572 | GetPrivateProfileIntW | |
KERNEL32.dll | 830 | LoadLibraryExW | |
KERNEL32.dll | 354 | FreeLibrary | |
KERNEL32.dll | 532 | GetModuleFileNameW |
StringTable 040904B0
CompanyName | Microsoft Corporation |
FileDescription | System Integrity Check and Repair |
FileVersion | 6.1.7600.16385 (win7_rtm.090713-1255) |
InternalName | sfc.exe |
LegalCopyright | © Microsoft Corporation. All rights reserved. |
OriginalFilename | sfc.exe |
ProductName | Microsoft® Windows® Operating System |
ProductVersion | 6.1.7600.16385 |
VS_FIXEDFILEINFO
FileVersion | 6.1.7600.16385 |
ProductVersion | 6.1.7600.16385 |
StrucVersion | 0x10000 |
FileFlagsMask | 0x3f |
FileFlags | 0 |
FileOS | 0x40004 |
FileType | 1 |
FileSubtype | 0 |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
[?] ignoring invalid PEdump::BITMAPINFOHEADER