filenameventrilo-2.1.4-Windows-i386.exe
size1336832 (0x146600)
md508e6b7d81e5faf8cb9d69e7931de66d5
typePE32 executable (GUI) Intel 80386, for MS Windows, WISE installer self-extracting archive
mimetypeapplication/x-dosexec
clamavOK
virustotal→ scan with virustotal.com
histogram

MZ Header

signatureMZ
bytes_in_last_block0x90
blocks_in_file3
num_relocs0
header_paragraphs4
min_extra_paragraphs0
max_extra_paragraphs0xffff
ss0
sp0xb8
checksum0
ip0
cs0
reloc_table_offset0x40
overlay_number0
reserved00
oem_id0
oem_info0
reserved20
reserved30
reserved40
reserved50
reserved60
lfanew0xe8

Rich Header

lib idversiontimes used
25921011
1094
0025
2894663
6394661
6994661
6194661

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

SignaturePE
Machine0x14c
NumberOfSections5
TimeDateStamp0x3fbe5685
PointerToSymbolTable0
NumberOfSymbols0
SizeOfOptionalHeader0xe0
Characteristics0x10f
Magic0x10b
LinkerVersion7.0
SizeOfCode0x4e00
SizeOfInitializedData0x151400
SizeOfUninitializedData0
AddressOfEntryPoint0x39e0
BaseOfCode0x1000
BaseOfData0x6000
ImageBase0x400000
SectionAlignment0x1000
FileAlignment0x200
OperatingSystemVersion4.0
ImageVersion4.0
SubsystemVersion4.0
Reserved10
SizeOfImage0x15a000
SizeOfHeaders0x400
CheckSum0
Subsystem2
DllCharacteristics0
SizeOfStackReserve0x100000
SizeOfStackCommit0x1000
SizeOfHeapReserve0x1000
SizeOfHeapCommit0x1000
LoaderFlags0
NumberOfRvaAndSizes0x10

Packer / Compiler

MASM/TASM - sig1(h)

Sections

namevavsizeraw sizeflags
.text0x10000x4df00x4e00R-X CODE
.rdata0x60000x167a0x1800R-- IDATA
.data0x80000x104100x600RW- IDATA
.WISE0x190000x13a1b20x13a200RW- IDATA
.rsrc0x1540000x53d80x5400R-- IDATA

Data Directory

typevasize
EXPORT0x75c00xba
IMPORT0x6d140x8c
RESOURCE0x1540000x53d8
EXCEPTION00
SECURITY00
BASERELOC00
DEBUG00
ARCHITECTURE00
GLOBALPTR00
TLS00
LOAD_CONFIG00
Bound_IAT00
IAT0x60000x1c0
Delay_IAT00
CLR_Header00
typenamesizecp
AVI#11266040
ICON#137520
ICON#222160
ICON#313840
ICON#416400
ICON#57440
ICON#62960
DIALOG#1094420
DIALOG#1104360
DIALOG#1114420
STRING#115840
STRING#23660
GROUP_ICON#108900
VERSION#15880
idlangstring
11033You must have administrator rights to run this installation. Please login as an administrator and re-run this installation.
21033Corrupt installation detected, check source media or re-download.
31033Not enough free temporary disk space.
41033This system must reboot before the installation can begin. After the reboot the installation will restart automatically. Do you want to reboot this system?
51033%s Version %s is already installed. You must uninstall the existing version before installing %s Version %s. Do you want to uninstall the existing version of %s?
61033An attempt to install this product from the Internet has failed, possibly due to a missing Internet connection or server error. Please check your Internet connection and contact the vendor of this product for additional information.
191033The Windows Installer 2.0 runtime can only be installed with Windows NT Service Pack 6 or higher. Please install Windows NT Service Pack 6 and rerun this installation.
module_namehintordfunction_name
WSOCK32.dll116
WSOCK32.dll115
WSOCK32.dll19
WSOCK32.dll23
WSOCK32.dll9
WSOCK32.dll4
WSOCK32.dll101
WSOCK32.dll111
WSOCK32.dll22
WSOCK32.dll16
WSOCK32.dll21
WSOCK32.dll3
WSOCK32.dll10
WSOCK32.dll52
KERNEL32.dll920lstrcpyA
KERNEL32.dll926lstrlenA
KERNEL32.dll909_lwrite
KERNEL32.dll757SetFileTime
KERNEL32.dll566LocalFileTimeToFileTime
KERNEL32.dll132DosDateTimeToFileTime
KERNEL32.dll904_lclose
KERNEL32.dll393GetProcAddress
KERNEL32.dll558LoadLibraryA
KERNEL32.dll905_lcreat
KERNEL32.dll389GetPrivateProfileStringA
KERNEL32.dll383GetPrivateProfileIntA
KERNEL32.dll482GlobalLock
KERNEL32.dll471GlobalAlloc
KERNEL32.dll478GlobalFree
KERNEL32.dll489GlobalUnlock
KERNEL32.dll436GetTempFileNameA
KERNEL32.dll911lstrcatA
KERNEL32.dll229FreeLibrary
KERNEL32.dll120DeleteFileA
KERNEL32.dll906_llseek
KERNEL32.dll914lstrcmpA
KERNEL32.dll908_lread
KERNEL32.dll253GetCommandLineA
KERNEL32.dll44CloseHandle
KERNEL32.dll335GetFileTime
KERNEL32.dll74CreateFileA
KERNEL32.dll231FreeResource
KERNEL32.dll577LockResource
KERNEL32.dll563LoadResource
KERNEL32.dll808SizeofResource
KERNEL32.dll212FindResourceA
KERNEL32.dll324GetExitCodeProcess
KERNEL32.dll869WaitForSingleObject
KERNEL32.dll357GetModuleFileNameA
KERNEL32.dll66CreateDirectoryA
KERNEL32.dll422GetSystemDirectoryA
KERNEL32.dll456GetVersionExA
KERNEL32.dll592MulDiv
KERNEL32.dll451GetUserDefaultLangID
KERNEL32.dll740SetCurrentDirectoryA
KERNEL32.dll917lstrcmpiA
KERNEL32.dll174ExpandEnvironmentStringsA
KERNEL32.dll809Sleep
KERNEL32.dll333GetFileSize
KERNEL32.dll171ExitProcess
KERNEL32.dll907_lopen
KERNEL32.dll745SetEnvironmentVariableA
KERNEL32.dll359GetModuleHandleA
KERNEL32.dll747SetErrorMode
KERNEL32.dll438GetTempPathA
KERNEL32.dll303GetCurrentProcess
USER32.dll268GetDC
USER32.dll476MessageBoxA
USER32.dll153DestroyWindow
USER32.dll42CharNextA
USER32.dll456LoadStringA
USER32.dll571SendMessageA
USER32.dll273GetDlgItem
USER32.dll203EnumChildWindows
USER32.dll554ReleaseDC
USER32.dll198EndDialog
USER32.dll275GetDlgItemTextA
USER32.dll728wsprintfA
USER32.dll595SetDlgItemTextA
USER32.dll85CreateDialogParamA
USER32.dll225ExitWindowsEx
USER32.dll196EnableWindow
USER32.dll658ShowWindow
USER32.dll634SetTimer
USER32.dll158DialogBoxParamA
USER32.dll682TranslateMessage
USER32.dll161DispatchMessageA
USER32.dll646SetWindowTextA
USER32.dll509PeekMessageA
GDI32.dll363GetDeviceCaps
GDI32.dll143DeleteObject
GDI32.dll57CreateFontA
ADVAPI32.dll331LookupPrivilegeValueA
ADVAPI32.dll465RegDeleteValueA
ADVAPI32.dll472RegEnumValueA
ADVAPI32.dll425OpenSCManagerA
ADVAPI32.dll62CloseServiceHandle
ADVAPI32.dll424OpenProcessToken
ADVAPI32.dll456RegCloseKey
ADVAPI32.dll28AdjustTokenPrivileges
ADVAPI32.dll460RegCreateKeyExA
ADVAPI32.dll504RegSetValueExA
ADVAPI32.dll490RegQueryValueA
ADVAPI32.dll481RegOpenKeyExA
ADVAPI32.dll491RegQueryValueExA
SHELL32.dll154ShellExecuteExA
ordentry_vafunction_name
10x34af_LanguageDlg@16
20x33ad_PasswordDlg@16
30x3404_ProgressDlg@16
40x2927_UpdateCRC@8
50x1d53_t1@40
60x1737_t2@12
module_nameSTUB32.EXE
flags0
timestamp2003-11-21 18:16:37
version0.0
ordinal_base1
nFunctions6
nNames6
Names(6)0x7600
Functions(6)0x75e8
NameOrdinals(6)0x7618

StringTable 040904E4

CompanyNameFlagship Industries, Inc.XXXXXXXXXXXXXXXXX
FileDescriptionVentriloXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
FileVersion2.1.4XXXXXXXXX
LegalCopyrightFlagship Industries, Inc.XXXXXXXXXXXXXXXXX

VS_FIXEDFILEINFO

FileVersion2.1.4.0
ProductVersion2.1.4.0
StrucVersion0x10000
FileFlagsMask0x3f
FileFlags0
FileOS0x10001
FileType1
FileSubtype0
offsetsizetypecomment
01336832EXE11/21/2003 18:16:37#
15c115HTM#
fcf2e818BMP(35 x 35)#
fd26e3976BMP(500 x 63)#
1001ae47448BMP(501 x 314)#
1442186596AVI#
offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable











[?] invalid VS_VERSIONINFO child type "{\x00Y\x00o\x00"