news.exe

info
MZ
PE
resources
strings
imports
foremost
7zip
hexdump
disasm
log
discuss
donate

filename	news.exe
size	492904 (0x78568)
md5	4294dfe2d03144e6e08159fa52e3eb82

type	PE32 executable (GUI) Intel 80386, for MS Windows
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0xf8

Rich Header

lib id	version	times used
93	4035	12
14	7299	2
11	8047	2
10	8047	11
4	8047	2
11	9782	3
4	9782	3
1	0	223
11	8168	4
6	1735	1

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x14c
NumberOfSections	4
TimeDateStamp	0x53418218
PointerToSymbolTable	0
NumberOfSymbols	0
SizeOfOptionalHeader	0xe0
Characteristics	0x10f
Magic	0x10b
LinkerVersion	6.0
SizeOfCode	0x3000
SizeOfInitializedData	0x7000
SizeOfUninitializedData	0
AddressOfEntryPoint	0x3630
BaseOfCode	0x1000
BaseOfData	0x4000
ImageBase	0x400000
SectionAlignment	0x1000
FileAlignment	0x1000
OperatingSystemVersion	4.0
ImageVersion	0.0
SubsystemVersion	4.0
Reserved1	0
SizeOfImage	0xb000
SizeOfHeaders	0x1000
CheckSum	0
Subsystem	2
DllCharacteristics	0
SizeOfStackReserve	0x100000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Packer / Compiler

MS Visual C++ v6.0

Sections

name	va	vsize	raw size	flags
.text	0x1000	0x28d6	0x3000	R-X CODE
.rdata	0x4000	0x175e	0x2000	R-- IDATA
.data	0x6000	0x460	0x1000	RW- IDATA
.rsrc	0x7000	0x303c	0x4000	R-- IDATA

Data Directory

type	va	size
EXPORT	0	0
IMPORT	0x4d80	0xa0
RESOURCE	0x7000	0x303c
EXCEPTION	0	0
SECURITY	0	0
BASERELOC	0	0
DEBUG	0	0
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0	0
LOAD_CONFIG	0	0
Bound_IAT	0	0
IAT	0x4000	0x35c
Delay_IAT	0	0
CLR_Header	0	0

show previews

type	name	size	cp
PNG	#133	4071	1252
PNG	#141	1028	1252
PNG	#142	2090	1252
ICON	#1	4264	1252
DIALOG	#100	32	1252
DIALOG	#102	90	1252
DIALOG	#135	106	1252
STRING	#7	64	1252
GROUP_ICON	#1	20	1252

id	lang	string
101	2052	关于 GDIPNG(&A)...

module_name	hint	ord	function_name
MFC42u.DLL		2971
MFC42u.DLL		3825
MFC42u.DLL		3826
MFC42u.DLL		3820
MFC42u.DLL		3074
MFC42u.DLL		4075
MFC42u.DLL		4616
MFC42u.DLL		4418
MFC42u.DLL		3733
MFC42u.DLL		561
MFC42u.DLL		825
MFC42u.DLL		815
MFC42u.DLL		641
MFC42u.DLL		2506
MFC42u.DLL		823
MFC42u.DLL		2613
MFC42u.DLL		1131
MFC42u.DLL		3948
MFC42u.DLL		2717
MFC42u.DLL		5261
MFC42u.DLL		4370
MFC42u.DLL		4847
MFC42u.DLL		4992
MFC42u.DLL		4704
MFC42u.DLL		6048
MFC42u.DLL		4073
MFC42u.DLL		1767
MFC42u.DLL		4401
MFC42u.DLL		5237
MFC42u.DLL		2377
MFC42u.DLL		5157
MFC42u.DLL		6370
MFC42u.DLL		4347
MFC42u.DLL		5276
MFC42u.DLL		3793
MFC42u.DLL		4831
MFC42u.DLL		4435
MFC42u.DLL		2640
MFC42u.DLL		2047
MFC42u.DLL		6372
MFC42u.DLL		3744
MFC42u.DLL		5059
MFC42u.DLL		1720
MFC42u.DLL		5257
MFC42u.DLL		2438
MFC42u.DLL		2116
MFC42u.DLL		3076
MFC42u.DLL		4621
MFC42u.DLL		4419
MFC42u.DLL		3592
MFC42u.DLL		324
MFC42u.DLL		4229
MFC42u.DLL		1143
MFC42u.DLL		1165
MFC42u.DLL		2294
MFC42u.DLL		4294
MFC42u.DLL		6871
MFC42u.DLL		3087
MFC42u.DLL		800
MFC42u.DLL		4155
MFC42u.DLL		540
MFC42u.DLL		2858
MFC42u.DLL		2371
MFC42u.DLL		2854
MFC42u.DLL		755
MFC42u.DLL		470
MFC42u.DLL		6451
MFC42u.DLL		4532
MFC42u.DLL		2567
MFC42u.DLL		3397
MFC42u.DLL		3568
MFC42u.DLL		3688
MFC42u.DLL		6051
MFC42u.DLL		1768
MFC42u.DLL		4390
MFC42u.DLL		5286
MFC42u.DLL		3569
MFC42u.DLL		609
MFC42u.DLL		1634
MFC42u.DLL		567
MFC42u.DLL		3621
MFC42u.DLL		3658
MFC42u.DLL		2406
MFC42u.DLL		4270
MFC42u.DLL		4279
MFC42u.DLL		2859
MFC42u.DLL		5871
MFC42u.DLL		5783
MFC42u.DLL		5784
MFC42u.DLL		4128
MFC42u.DLL		4292
MFC42u.DLL		2855
MFC42u.DLL		2980
MFC42u.DLL		3257
MFC42u.DLL		3131
MFC42u.DLL		4459
MFC42u.DLL		3254
MFC42u.DLL		3142
MFC42u.DLL		2977
MFC42u.DLL		5710
MFC42u.DLL		5285
MFC42u.DLL		5303
MFC42u.DLL		4692
MFC42u.DLL		4074
MFC42u.DLL		5298
MFC42u.DLL		5296
MFC42u.DLL		3341
MFC42u.DLL		2388
MFC42u.DLL		5193
MFC42u.DLL		1089
MFC42u.DLL		3917
MFC42u.DLL		5727
MFC42u.DLL		2504
MFC42u.DLL		2546
MFC42u.DLL		4480
MFC42u.DLL		6371
MFC42u.DLL		4269
MFC42u.DLL		5273
MFC42u.DLL		4667
MFC42u.DLL		1569
MSVCRT.dll	183		_controlfp
MSVCRT.dll	46		void __cdecl terminate(void) ?terminate@@YAXXZ
MSVCRT.dll	390		_onexit
MSVCRT.dll	85		__dllonexit
MSVCRT.dll	202		_except_handler3
MSVCRT.dll	129		__set_app_type
MSVCRT.dll	111		__p__fmode
MSVCRT.dll	106		__p__commode
MSVCRT.dll	157		_adjust_fdiv
MSVCRT.dll	131		__setusermatherr
MSVCRT.dll	271		_initterm
MSVCRT.dll	139		__wgetmainargs
MSVCRT.dll	487		_wcmdln
MSVCRT.dll	72		_XcptFilter
MSVCRT.dll	588		fclose
MSVCRT.dll	605		fread
MSVCRT.dll	682		rewind
MSVCRT.dll	612		ftell
MSVCRT.dll	610		fseek
MSVCRT.dll	515		_wfopen
MSVCRT.dll	599		fopen
MSVCRT.dll	694		strcat
MSVCRT.dll	73		__CxxFrameHandler
MSVCRT.dll	585		exit
MSVCRT.dll	211		_exit
KERNEL32.dll	386		GetModuleHandleW
KERNEL32.dll	973		lstrlenW
KERNEL32.dll	597		LoadLibraryW
KERNEL32.dll	83		CreateFileA
KERNEL32.dll	416		GetProcAddress
KERNEL32.dll	440		GetStartupInfoW
KERNEL32.dll	86		CreateFileW
KERNEL32.dll	382		GetModuleFileNameW
USER32.dll	666		SystemParametersInfoW
USER32.dll	196		EnableWindow
USER32.dll	515		PostMessageW
USER32.dll	325		GetParent
USER32.dll	403		InvalidateRect
USER32.dll	187		DrawStateW
USER32.dll	394		InflateRect
USER32.dll	378		GetWindowTextW
USER32.dll	74		CopyRect
USER32.dll	226		FillRect
USER32.dll	620		SetRect
USER32.dll	179		DrawFocusRect
USER32.dll	349		GetSystemMetrics
USER32.dll	255		GetClientRect
USER32.dll	182		DrawIcon
USER32.dll	268		GetDC
USER32.dll	367		GetWindowLongW
USER32.dll	641		SetWindowLongW
USER32.dll	554		ReleaseDC
USER32.dll	348		GetSystemMenu
USER32.dll	9		AppendMenuW
USER32.dll	576		SendMessageW
USER32.dll	372		GetWindowRect
USER32.dll	447		LoadIconW
USER32.dll	422		IsIconic
GDI32.dll	437		GetTextExtentPoint32W
GDI32.dll	71		CreatePen
GDI32.dll	80		CreateSolidBrush
GDI32.dll	45		CreateCompatibleDC
GDI32.dll	44		CreateCompatibleBitmap
GDI32.dll	526		SelectObject
GDI32.dll	143		DeleteObject
GDI32.dll	140		DeleteDC
GDI32.dll	513		RoundRect
COMCTL32.dll	108		_TrackMouseEvent
gdiplus.dll	45		GdipCloneBrush
gdiplus.dll	607		GdiplusShutdown
gdiplus.dll	134		GdipDeleteGraphics
gdiplus.dll	133		GdipDeleteFontFamily
gdiplus.dll	132		GdipDeleteFont
gdiplus.dll	129		GdipDeleteBrush
gdiplus.dll	454		GdipReleaseDC
gdiplus.dll	575		GdipSetTextRenderingHint
gdiplus.dll	77		GdipCreateFont
gdiplus.dll	78		GdipCreateFontFamilyFromName
gdiplus.dll	165		GdipDrawImageI
gdiplus.dll	175		GdipDrawImageRectRectI
gdiplus.dll	82		GdipCreateFromHDC
gdiplus.dll	33		GdipAlloc
gdiplus.dll	608		GdiplusStartup
gdiplus.dll	224		GdipFree
gdiplus.dll	121		GdipCreateSolidFill
gdiplus.dll	189		GdipDrawString
gdiplus.dll	284		GdipGetImageWidth
gdiplus.dll	275		GdipGetImageHeight

show previews

offset	size	type	comment
0	45056	EXE	04/06/2014 16:34:32	#
15c1	15	HTM		#
7240	4071	PNG	(470 x 320)	#
8228	1028	PNG	(46 x 18)	#
862c	2090	PNG	(62 x 35)	#
b000	447848	BIN	overlay data past EOF	#

Scanning the drive for archives:
1 file, 492904 bytes (482 KiB)



Errors: 1

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

everything is OK