filename | Magnify_injected.exe | |
---|---|---|
size | 641536 (0x9ca00) | |
md5 | 181d0ff90beedd0595afc3b77fe432e4 | |
type | PE32 executable (GUI) Intel 80386, for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0xd8 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
Data Directory
module_name | hint | ord | function_name |
---|---|---|---|
kernel32.dll | LoadLibraryA | ||
kernel32.dll | GetProcAddress |
StringTable 040904B0
CompanyName | Microsoft Corporation |
FileDescription | Microsoft Screen Magnifier |
FileVersion | 6.1.7600.16385 (win7_rtm.090713-1255) |
InternalName | ScreenMagnifier.exe |
LegalCopyright | © Microsoft Corporation. All rights reserved. |
OriginalFilename | ScreenMagnifier.exe |
ProductName | Microsoft® Windows® Operating System |
ProductVersion | 6.1.7600.16385 |
VS_FIXEDFILEINFO
FileVersion | 6.1.7600.16385 |
ProductVersion | 6.1.7600.16385 |
StrucVersion | 0x10000 |
FileFlagsMask | 0x3f |
FileFlags | 0 |
FileOS | 0x40004 |
FileType | 1 |
FileSubtype | 0 |
offset | size | type | comment | |
---|---|---|---|---|
0 | 641536 | EXE | 01/08/1970 07:28:14 | # |
15c1 | 15 | HTM | # | |
334c8 | 7986 | PNG | (59 x 68) | # |
35400 | 6786 | PNG | (47 x 54) | # |
36e88 | 5880 | PNG | (40 x 45) | # |
38580 | 4965 | PNG | (32 x 36) | # |
398e8 | 8094 | PNG | (56 x 64) | # |
3b888 | 7458 | PNG | (52 x 59) | # |
3d5b0 | 7126 | PNG | (49 x 56) | # |
3f188 | 6521 | PNG | (45 x 52) | # |
40b08 | 6243 | PNG | (43 x 49) | # |
42370 | 6021 | PNG | (41 x 47) | # |
43af8 | 5629 | PNG | (38 x 43) | # |
450f8 | 5397 | PNG | (36 x 41) | # |
46610 | 5115 | PNG | (34 x 38) | # |
47a10 | 8082 | PNG | (59 x 68) | # |
499a8 | 6915 | PNG | (47 x 54) | # |
4b4b0 | 5965 | PNG | (40 x 45) | # |
4cc00 | 5014 | PNG | (32 x 36) | # |
4df98 | 8249 | PNG | (56 x 64) | # |
4ffd8 | 7605 | PNG | (52 x 59) | # |
51d90 | 7179 | PNG | (49 x 56) | # |
539a0 | 6666 | PNG | (45 x 52) | # |
553b0 | 6341 | PNG | (43 x 49) | # |
56c78 | 6095 | PNG | (41 x 47) | # |
58448 | 5695 | PNG | (38 x 43) | # |
59a88 | 5474 | PNG | (36 x 41) | # |
5aff0 | 5162 | PNG | (34 x 38) | # |
5f400 | 52481 | PNG | (256 x 256) | # |
735e8 | 52481 | PNG | (256 x 256) | # |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
[?] ignoring invalid PEdump::BITMAPINFOHEADER