filename | AFK jelzo figyelo.exe | |
---|---|---|
size | 407520 (0x637e0) | |
md5 | 0ccb3e25b500c038c14364a4a5521f0c | |
type | PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0x80 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
name | va | vsize | raw size | flags | |
---|---|---|---|---|---|
.text | 0x2000 | 0x3368c | 0x33800 | R-X CODE | |
.rsrc | 0x36000 | 0x2f7ac | 0x2f800 | R-- IDATA | |
.reloc | 0x66000 | 0xc | 0x200 | R-- IDATA DISCARDABLE |
Data Directory
type | name | size | cp | |
---|---|---|---|---|
ICON | #1 | 20567 | 0 | |
ICON | #2 | 10568 | 0 | |
ICON | #3 | 67624 | 0 | |
ICON | #4 | 38056 | 0 | |
ICON | #5 | 21640 | 0 | |
ICON | #6 | 16936 | 0 | |
ICON | #7 | 9640 | 0 | |
ICON | #8 | 4264 | 0 | |
ICON | #9 | 2440 | 0 | |
ICON | #10 | 1128 | 0 | |
GROUP_ICON | #32512 | 146 | 0 | |
VERSION | #1 | 796 | 0 |
module_name | hint | ord | function_name |
---|---|---|---|
mscoree.dll | _CorExeMain |
StringTable 000004b0
Comments | |
CompanyName | |
FileDescription | AFK jelző |
FileVersion | 1.0.0.0 |
InternalName | AFK jelzo.exe |
LegalCopyright | Copyright © 2020 |
LegalTrademarks | |
OriginalFilename | AFK jelzo.exe |
ProductName | AFK jelző |
ProductVersion | 1.0.0.0 |
Assembly Version | 1.0.0.0 |
VS_FIXEDFILEINFO
FileVersion | 1.0.0.0 |
ProductVersion | 1.0.0.0 |
StrucVersion | 0x10000 |
FileFlagsMask | 0x3f |
FileFlags | 0 |
FileOS | 4 |
FileType | 1 |
FileSubtype | 0 |
Signers (1)
issuer: /CN=\x00D\x00E\x00S\x00K\x00T\x00O\x00P\x00-\x006\x006\x003\x00E\x00B\x00C\x00Q\x00\\x00d\x00i\x00o\x00g\x00e
serial: 729F79D06CE8D6AA461E9B9882158DDE
Certificates (1)
Certificate: Data: Version: 3 (0x2) Serial Number: 72:9f:79:d0:6c:e8:d6:aa:46:1e:9b:98:82:15:8d:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=\x00D\x00E\x00S\x00K\x00T\x00O\x00P\x00-\x006\x006\x003\x00E\x00B\x00C\x00Q\x00\\x00d\x00i\x00o\x00g\x00e Validity Not Before: May 27 02:08:26 2020 GMT Not After : May 27 08:08:26 2021 GMT Subject: CN=\x00D\x00E\x00S\x00K\x00T\x00O\x00P\x00-\x006\x006\x003\x00E\x00B\x00C\x00Q\x00\\x00d\x00i\x00o\x00g\x00e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (1024 bit) Modulus: 00:c8:41:28:fa:26:e2:42:0b:2c:e0:84:c7:8c:c8: 5c:f9:9d:72:c8:00:7e:ed:26:fe:c0:99:4d:6d:9e: 9f:d2:0a:32:1f:dd:e6:8e:ca:b0:f0:b1:f4:5f:f5: 6e:c3:1b:85:92:7a:9d:df:4c:40:6e:0d:a9:52:7f: f3:09:18:9f:f7:84:32:41:86:61:5c:40:7b:39:20: 16:e7:10:8e:5e:c3:28:d4:da:bd:72:9d:7b:f8:12: 17:de:7b:f3:f9:fc:9a:6b:6f:f6:ad:b9:6a:4b:a3: 4d:f4:da:b6:98:4c:c0:90:ca:46:97:ff:4a:78:53: 0f:59:0d:5c:26:e0:02:10:fd Exponent: 65537 (0x10001) Signature Algorithm: sha256WithRSAEncryption be:71:bc:a3:8a:51:68:71:0a:ff:0e:8f:46:e1:7a:6b:75:10: 97:e7:bd:a8:66:5d:23:43:a2:b2:90:51:cd:e3:85:c3:f2:d7: ea:11:ec:17:8f:9c:9c:de:19:55:a6:60:40:61:b6:05:19:c7: 5b:c1:3e:91:05:f6:28:21:c2:c3:ef:27:9d:3a:94:76:a9:db: c0:8f:31:76:fb:2e:ff:9c:9a:7b:1d:f8:a6:c8:52:41:c5:f7: a2:4f:9a:ab:72:06:48:f6:ca:a7:80:d2:44:4c:8d:a1:6b:88: 10:b6:03:0b:05:ea:12:26:96:d3:22:0e:d1:43:1d:2e:d3:d9: 68:8f
pkcs7-signedData
- 1
- SHA256: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
- :
- SHA256
31 be 99 50 44 9e fb 77 0e 00 a2 15 81 c6 4d 7a |1..PD..w......Mz| bc 49 28 3f 9b bf ae 39 2b f6 7a 68 ad 22 7d ac |.I(?...9+.zh."}.|
- 1.3.6.1.4.1.311.2.1.15
- #0
- #2
- 2
- 72:9F:79:D0:6C:E8:D6:AA:46:1E:9B:98:82:15:8D:DE
- RSA-SHA256: nil
- CN:
00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d |.D.E.S.K.T.O.P.-| 00 36 00 36 00 33 00 45 00 42 00 43 00 51 00 5c |.6.6.3.E.B.C.Q.\| 00 64 00 69 00 6f 00 67 00 65 |.d.i.o.g.e |
- 2020-05-27 02:08:26 UTC: 2021-05-27 08:08:26 UTC
- CN:
00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d |.D.E.S.K.T.O.P.-| 00 36 00 36 00 33 00 45 00 42 00 43 00 51 00 5c |.6.6.3.E.B.C.Q.\| 00 64 00 69 00 6f 00 67 00 65 |.d.i.o.g.e |
- #5
- rsaEncryption: nil
- C8:41:28:FA:26:E2:42:0B:2C:E0:84:C7:8C:C8:5C:F9:
9D:72:C8:00:7E:ED:26:FE:C0:99:4D:6D:9E:9F:D2:0A:
32:1F:DD:E6:8E:CA:B0:F0:B1:F4:5F:F5:6E:C3:1B:85:
92:7A:9D:DF:4C:40:6E:0D:A9:52:7F:F3:09:18:9F:F7:
84:32:41:86:61:5C:40:7B:39:20:16:E7:10:8E:5E:C3:
28:D4:DA:BD:72:9D:7B:F8:12:17:DE:7B:F3:F9:FC:9A:
6B:6F:F6:AD:B9:6A:4B:A3:4D:F4:DA:B6:98:4C:C0:90:
CA:46:97:FF:4A:78:53:0F:59:0D:5C:26:E0:02:10:FD: 0x010001
- RSA-SHA256:
be 71 bc a3 8a 51 68 71 0a ff 0e 8f 46 e1 7a 6b |.q...Qhq....F.zk| 75 10 97 e7 bd a8 66 5d 23 43 a2 b2 90 51 cd e3 |u.....f]#C...Q..| 85 c3 f2 d7 ea 11 ec 17 8f 9c 9c de 19 55 a6 60 |.............U.`| 40 61 b6 05 19 c7 5b c1 3e 91 05 f6 28 21 c2 c3 |@a....[.>...(!..| ef 27 9d 3a 94 76 a9 db c0 8f 31 76 fb 2e ff 9c |.'.:.v....1v....| 9a 7b 1d f8 a6 c8 52 41 c5 f7 a2 4f 9a ab 72 06 |.{....RA...O..r.| 48 f6 ca a7 80 d2 44 4c 8d a1 6b 88 10 b6 03 0b |H.....DL..k.....| 05 ea 12 26 96 d3 22 0e d1 43 1d 2e d3 d9 68 8f |...&.."..C....h.|
- 2
- 1
- #0
- CN:
00 44 00 45 00 53 00 4b 00 54 00 4f 00 50 00 2d |.D.E.S.K.T.O.P.-| 00 36 00 36 00 33 00 45 00 42 00 43 00 51 00 5c |.6.6.3.E.B.C.Q.\| 00 64 00 69 00 6f 00 67 00 65 |.d.i.o.g.e |
- 72:9F:79:D0:6C:E8:D6:AA:46:1E:9B:98:82:15:8D:DE
- CN:
- SHA256: nil
- #2
- 1.3.6.1.4.1.311.2.1.12
- nil
- contentType: 1.3.6.1.4.1.311.2.1.4
- messageDigest:
aa 68 a4 03 67 1e 4b 09 c4 84 a8 d0 69 f8 a6 ce |.h..g.K.....i...| aa 4e 6d 9d ca 42 cb a0 42 01 6e 4b 37 90 d0 4b |.Nm..B..B.nK7..K|
- 1.3.6.1.4.1.311.2.1.12
- rsaEncryption:
0a af cb 48 d8 d8 e2 63 1a 69 67 79 ea 4d 92 80 |...H...c.igy.M..| 72 07 70 a7 c4 f7 7a 8b 04 b1 cc 23 f1 c3 78 ac |r.p...z....#..x.| 48 ee eb 0d a0 da f3 66 ad 70 11 92 d9 5b e9 3d |H......f.p...[.=| f2 91 9b 45 e4 f3 88 48 5d 93 b5 05 74 bd 36 bc |...E...H]...t.6.| 96 c7 fa 94 ff 7c a2 45 68 61 ca fa cd 7f 4c ea |.....|.Eha....L.| a4 32 1d 7d 6e 0c 5f 84 b2 10 c7 ba 89 f4 e4 22 |.2.}n._........"| ae 7f a9 20 b7 a5 92 e6 df 27 62 18 b7 cc 3b 8b |... .....'b...;.| 2c 05 e1 4f eb 3e 14 0f 40 53 cf 0b d9 d8 81 b8 |,..O.>..@S......|
- #0
offset | size | type | comment | |
---|---|---|---|---|
0 | 406528 | EXE | 02/13/2093 15:56:03 | # |
15c1 | 15 | HTM | # | |
457f | 20567 | PNG | (512 x 512) | # |
95d6 | 10568 | PNG | (256 x 256) | # |
33be8 | 20567 | PNG | (512 x 512) | # |
38c50 | 10568 | PNG | (256 x 256) | # |
63400 | 992 | PKCS7 | Authenticode Signature | # |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
[?] ignoring invalid PEdump::BITMAPINFOHEADER