updata.exe - XXXXXXX

info
MZ
PE
resources
strings
imports
exports
foremost
version info
hexdump
disasm
log
discuss
donate

filename	updata.exe
size	239616 (0x3a800)
md5	123eea567f5754280e5e36669b44d245

type	PE32 executable (GUI) Intel 80386, for MS Windows
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0xd8

Rich Header

lib id	version	times used
147	30729	9
1	0	38
171	30319	41
155	30319	1
154	30319	1
157	30319	1

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x14c
NumberOfSections	5
TimeDateStamp	0x4f45047c
PointerToSymbolTable	0
NumberOfSymbols	0
SizeOfOptionalHeader	0xe0
Characteristics	0x102
Magic	0x10b
LinkerVersion	10.0
SizeOfCode	0x31800
SizeOfInitializedData	0x70000
SizeOfUninitializedData	0
AddressOfEntryPoint	0x1be0
BaseOfCode	0x1000
BaseOfData	0x33000
ImageBase	0x10000000
SectionAlignment	0x1000
FileAlignment	0x200
OperatingSystemVersion	5.1
ImageVersion	0.0
SubsystemVersion	5.1
Reserved1	0
SizeOfImage	0xa5000
SizeOfHeaders	0x400
CheckSum	0
Subsystem	2
DllCharacteristics	0x8540
SizeOfStackReserve	0x100000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Sections

name	va	vsize	raw size	flags
.text	0x1000	0x317c5	0x31800	R-X CODE
.rdata	0x33000	0x3505	0x3600	R-- IDATA
.data	0x37000	0x67ded	0xa00	RW- IDATA
.rsrc	0x9f000	0x770	0x800	R-- IDATA
.reloc	0xa0000	0x4362	0x4400	R-- IDATA DISCARDABLE

Data Directory

type	va	size
EXPORT	0x362e0	0x225
IMPORT	0x35f08	0x64
RESOURCE	0x9f000	0x770
EXCEPTION	0	0
SECURITY	0	0
BASERELOC	0xa0000	0x3ea4
DEBUG	0	0
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0	0
LOAD_CONFIG	0	0
Bound_IAT	0	0
IAT	0x33000	0xa8
Delay_IAT	0	0
CLR_Header	0	0

show previews

type	name	size
BITMAP	#103	224
MENU	#102	12
DIALOG	#101	148
DIALOG	#106	148
STRING	#7	252
VERSION	#1	668

id	lang	string
105	2052	You must have cookies enabled to log in to StrategyWiki
106	2052	Your Slim Women Perm anomalous
107	2052	create account Namespaces

module_name	hint	function_name
KERNEL32.dll	514	GetLastError
KERNEL32.dll	143	CreateFileW
KERNEL32.dll	388	GetCommState
KERNEL32.dll	581	GetProcAddress
KERNEL32.dll	348	FoldStringW
KERNEL32.dll	1126	SetFilePointer
KERNEL32.dll	365	GetAtomNameA
KERNEL32.dll	1175	SetThreadLocale
KERNEL32.dll	137	CreateFileMappingA
KERNEL32.dll	758	IsBadHugeWritePtr
KERNEL32.dll	1202	Sleep
KERNEL32.dll	1317	WriteFile
KERNEL32.dll	82	CloseHandle
KERNEL32.dll	65	CancelDeviceWakeupRequest
KERNEL32.dll	1116	SetFileApisToANSI
KERNEL32.dll	935	QueryPerformanceCounter
KERNEL32.dll	399	GetComputerNameW
KERNEL32.dll	828	LoadLibraryA
KERNEL32.dll	659	GetTickCount
KERNEL32.dll	636	GetSystemWindowsDirectoryW
USER32.dll	419	GetWindowTextW
USER32.dll	274	GetClassNameW
USER32.dll	94	CreateDesktopW
USER32.dll	698	SetThreadDesktop
USER32.dll	623	ScrollDC
USER32.dll	556	OpenWindowStationA
USER32.dll	266	GetCaretPos
USER32.dll	624	ScrollWindow
USER32.dll	259	GetAltTabInfoW
USER32.dll	356	GetParent
GDI32.dll	293	EnumFontFamiliesExW
GDI32.dll	598	Polygon
GDI32.dll	601	PtInRegion
GDI32.dll	8	AngleArc
GDI32.dll	442	GetCharWidthFloatW
ADVAPI32.dll	628	RegRestoreKeyW
ADVAPI32.dll	128	CreateServiceA
ADVAPI32.dll	631	RegSaveKeyExW

ord	entry_va	function_name
1	0x1f90	SjfgBbih
2	0x2450	SjfgDecxab
3	0x2230	SjfgEgsls
4	0x1d70	SjfgEtg
5	0x1ea0	SjfgFp
6	0x25b0	SjfgGegqd
7	0x22d0	SjfgGi
8	0x1e60	SjfgIoto
9	0x1f00	SjfgJi
10	0x2300	SjfgLyot
11	0x2000	SjfgMeohnu
12	0x2350	SjfgMn
13	0x2120	SjfgMqt
14	0x2340	SjfgNz
15	0x23e0	SjfgPzx
16	0x1ec0	SjfgQhgvd
17	0x2090	SjfgQkx
18	0x22f0	SjfgQp
19	0x1990	SjfgRv
20	0x1ce0	SjfgTauxf
21	0x2530	SjfgVs
22	0x1e90	SjfgWmnlt
23	0x21b0	SjfgWndtnl
24	0x2320	SjfgXgobl
25	0x1e80	SjfgXl
26	0x1e10	SjfgYtx
27	0x24c0	SjfgZq

module_name	Idzyryt.
flags	0
timestamp	2012-02-22 15:06:36
version	0.0
ordinal_base	1
nFunctions	27
nNames	27
Names(27)	0x36374
Functions(27)	0x36308
NameOrdinals(27)	0x363e0

StringTable 000804b0

CompanyName	XXXXXXX
FileDescription	XXXXXXX
FileVersion	1.0.0.1
InternalName	XXXXXXX
LegalCopyright	XXXXXXX Copyright (C) 2011
OriginalFilename	XXXXXXX
ProductName	XXXXXXX
ProductVersion	1.0.0.1

VS_FIXEDFILEINFO

FileVersion	1.0.0.1
ProductVersion	1.0.0.1
StrucVersion	0x10000
FileFlagsMask	0x3f
FileFlags	0
FileOS	0x40004
FileType	1
FileSubtype	0

show previews

offset	size	type	comment
0	239616	EXE	02/22/2012 15:06:36	#
15c1	15	HTM		#

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

everything is OK

updata.exe-

MZ Header

Rich Header

DOS stub

PE Header

Sections

Data Directory

StringTable 000804b0

VS_FIXEDFILEINFO

updata.exe
-