| filename | CafeStation.exe | |
|---|---|---|
| size | 3600384 (0x36f000) | |
| md5 | e8a13c42fb127240695aacad59c6e53b | |
| type | PE32 executable (GUI) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x5344 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0x120 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 150 | 20413 | 7 |
| 109 | 50727 | 18 |
| 149 | 30729 | 62 |
| 132 | 21022 | 8 |
| 147 | 21022 | 2 |
| 138 | 30729 | 7 |
| 131 | 30729 | 353 |
| 4 | 8168 | 2 |
| 0 | 0 | 1 |
| 4 | 8447 | 6 |
| 123 | 50727 | 40 |
| 147 | 30729 | 7 |
| 1 | 0 | 1360 |
| 132 | 30729 | 1385 |
| 146 | 30729 | 1 |
| 148 | 21022 | 1 |
| 145 | 30729 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
This file is packed with ASPack. Analysis will be incomplete without unpacking. |
Sections
Data Directory
| module_name | hint | ord | function_name |
|---|---|---|---|
| kernel32.dll | GetProcAddress | ||
| kernel32.dll | GetModuleHandleA | ||
| kernel32.dll | LoadLibraryA | ||
| ace.dll | public: __thiscall ACE_Atomic_Op<class ACE_Thread_Mutex, long>::ACE_Atomic_Op<class ACE_Thread_Mutex, long>(long) ??0?$ACE_Atomic_Op@VACE_Thread_Mutex@@J@@QAE@J@Z | ||
| advapi32.dll | CryptReleaseContext | ||
| bsutil.dll | GetRegisterString | ||
| comctl32.dll | ImageList_GetImageCount | ||
| comdlg32.dll | FindTextA | ||
| crypt32.dll | CryptMsgControl | ||
| gdi32.dll | CopyMetaFileA | ||
| libeay32.dll | CRYPTO_cleanup_all_ex_data | ||
| msimg32.dll | GradientFill | ||
| odbc32.dll | SQLGetFunctions | ||
| oleaut32.dll | SysAllocStringByteLen | ||
| raptra30.dll | RTPause | ||
| shell32.dll | Shell_NotifyIcon | ||
| shlwapi.dll | PathIsUNCA | ||
| ssleay32.dll | SSL_CTX_ctrl | ||
| skinmagic.dll | InitSkinMagicLib | ||
| user32.dll | GetScrollInfo | ||
| version.dll | VerQueryValueA | ||
| wininet.dll | InternetReadFile | ||
| winmm.dll | PlaySound | ||
| winspool.drv | DeletePrintProcessorA | ||
| ws2_32.dll | htons | ||
| curllib.dll | curl_version_info | ||
| ole32.dll | OleCreateLinkFromData | ||
| oledlg.dll | OleUIInsertObjectA | ||
| pthreadvc2.dll | pthread_self |
StringTable 040904b0
| Comments | Cyber Cafe Management Software |
| CompanyName | CafeSuite |
| FileDescription | CafeStation of CafeSuite |
| FileVersion | 3, 70, 0, 0 |
| InternalName | CafeStation |
| LegalCopyright | Copyright © SOFCIK Przemek Miszczuk |
| LegalTrademarks | CafeSuite |
| OriginalFilename | CafeStation.exe |
| ProductName | CafeStation of CafeSuite |
| ProductVersion | 3.70.0 |
| ProductDate | 08.05.2014 |
VS_FIXEDFILEINFO
| FileVersion | 3.70.0.0 |
| ProductVersion | 3.70.0.0 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x17 |
| FileFlags | 0 |
| FileOS | 4 |
| FileType | 1 |
| FileSubtype | 0 |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] ignoring invalid PEdump::BITMAPINFOHEADER
[?] can't find file_offset of VA 0xbe9c5c
[?] can't find file_offset of VA 0xbe9dc4
[?] can't find file_offset of VA 0xbea41c
[?] can't find file_offset of VA 0xbeab14
[?] can't find file_offset of VA 0xbf5c3c
[?] can't find file_offset of VA 0xbf638c
[?] can't find file_offset of VA 0xbf6f1c
[?] can't find file_offset of VA 0xc02044
[?] can't find file_offset of VA 0xc020fc
[?] ignoring invalid PEdump::BITMAPINFOHEADER
[?] can't find file_offset of VA 0xc34be0
[?] can't find file_offset of VA 0xc34c20
[?] can't find file_offset of VA 0xc34e58
[?] can't find file_offset of VA 0xc34e8c
[?] can't find file_offset of VA 0xc34ee0
[?] can't find file_offset of VA 0xc35eec
[?] can't find file_offset of VA 0xc3632c
[?] can't find file_offset of VA 0xc363fc
[?] can't find file_offset of VA 0xc36650
[?] can't find file_offset of VA 0xc36678
[?] can't find file_offset of VA 0xc3690c
[?] can't find file_offset of VA 0xc36b7c
[?] can't find file_offset of VA 0xc36d20
[?] can't find file_offset of VA 0xc36da4
[?] can't find file_offset of VA 0xc36e20
[?] can't find file_offset of VA 0xc36ec0
[?] can't find file_offset of VA 0xc36efc
[?] can't find file_offset of VA 0xc36f24
[?] can't find file_offset of VA 0xc36f58
[?] can't find file_offset of VA 0xc36fe0
[?] can't find file_offset of VA 0xc37418
[?] can't find file_offset of VA 0xc376a8
[?] can't find file_offset of VA 0xc37a48
[?] can't find file_offset of VA 0xc37c04
[?] can't find file_offset of VA 0xc381a4
[?] can't find file_offset of VA 0xc385bc
[?] can't find file_offset of VA 0xc389a4
[?] can't find file_offset of VA 0xc38b2c
[?] can't find file_offset of VA 0xc38c90
[?] can't find file_offset of VA 0xc390c8
[?] can't find file_offset of VA 0xc39440
[?] can't find file_offset of VA 0xc395d4
[?] can't find file_offset of VA 0xc39784
[?] can't find file_offset of VA 0xc39c30
[?] can't find file_offset of VA 0xc39e8c
[?] can't find file_offset of VA 0xc3a178
[?] can't find file_offset of VA 0xc3a25c
[?] can't find file_offset of VA 0xc3a3a4
[?] can't find file_offset of VA 0xc3a4c8
[?] can't find file_offset of VA 0xc3a814
[?] can't find file_offset of VA 0xc3a9d8
[?] can't find file_offset of VA 0xc3ab44
[?] can't find file_offset of VA 0xc3accc
[?] can't find file_offset of VA 0xc3b0c4
[?] can't find file_offset of VA 0xc3b208
[?] can't find file_offset of VA 0xc3b55c
[?] can't find file_offset of VA 0xc3b69c
[?] can't find file_offset of VA 0xc3b85c
[?] can't find file_offset of VA 0xc3bbc4
[?] can't find file_offset of VA 0xc3c278
[?] can't find file_offset of VA 0xc3c368
[?] can't find file_offset of VA 0xc3c498
[?] can't find file_offset of VA 0xc3c8e8
[?] can't find file_offset of VA 0xc3ca44
[?] can't find file_offset of VA 0xc3cd7c
[?] can't find file_offset of VA 0xc3cec4
[?] can't find file_offset of VA 0xc3d120
[?] can't find file_offset of VA 0xc3d638
[?] can't find file_offset of VA 0xc3da5c
[?] can't find file_offset of VA 0xc3e1e4
[?] can't find file_offset of VA 0xc3eb24
[?] can't find file_offset of VA 0xc3f140
[?] can't find file_offset of VA 0xc3fbc4
[?] can't find file_offset of VA 0xc402c4
[?] can't find file_offset of VA 0xc40a18
[?] can't find file_offset of VA 0xc40c30
[?] can't find file_offset of VA 0xc41194
[?] can't find file_offset of VA 0xc416ec
[?] can't find file_offset of VA 0xc41d50
[?] can't find file_offset of VA 0xc41f48
[?] can't find file_offset of VA 0xc421d0
[?] can't find file_offset of VA 0xc42374
[?] can't find file_offset of VA 0xc42b10
[?] can't find file_offset of VA 0xc42d9c
[?] can't find file_offset of VA 0xc42e30
[?] can't find file_offset of VA 0xc42fd0
[?] can't find file_offset of VA 0xc43264
[?] can't find file_offset of VA 0xc434bc
[?] can't find file_offset of VA 0xc436a0
[?] can't find file_offset of VA 0xc43950
[?] can't find file_offset of VA 0xc43ac0
[?] can't find file_offset of VA 0xc442b8
[?] can't find file_offset of VA 0xc44d9c
[?] can't find file_offset of VA 0xc44f80
[?] can't find file_offset of VA 0xc45014
[?] can't find file_offset of VA 0xc451ec
[?] can't find file_offset of VA 0xc4544c
[?] can't find file_offset of VA 0xc454fc
[?] can't find file_offset of VA 0xc4559c
[?] can't find file_offset of VA 0xc45a90
[?] can't find file_offset of VA 0xc45d90
[?] can't find file_offset of VA 0xc45fc0
[?] too many errors getting resource data, stopped on 0 of 1
[?] too many errors getting resource data, stopped on 0 of 2
[?] too many errors getting resource data, stopped on 0 of 1
[?] can't find file_offset of VA 0x0