| filename | AntiTest.exe | |
|---|---|---|
| size | 1375744 (0x14fe00) | |
| md5 | 58e5f7d10f1a3c64050d023051b9b4a0 | |
| type | PE32 executable (GUI) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x50 |
| blocks_in_file | 2 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0xf |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0x1a |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0x100 |
DOS stub
00000000: ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 |........!..L.!..| 00000010: 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 |This program mus| 00000020: 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 |t be run under W| 00000030: 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 |in32..$7........| 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000000c0:
PE Header
Packer / Compiler
Sections
Data Directory
TLS
| raw start | raw end | index | callbks | zero fill | flags | |
|---|---|---|---|---|---|---|
| 0x531000 | 0x531034 | 0x521788 | 0x65fcec | 0 | 0 |
| module_name | hint | ord | function_name |
|---|---|---|---|
| oleaut32.dll | VariantCopy | ||
| advapi32.dll | RegCreateKeyExA | ||
| user32.dll | GetMenuItemRect | ||
| kernel32.dll | GetVersion | ||
| kernel32.dll | GetVersionExA | ||
| kernel32.dll | GetSystemInfo | ||
| msimg32.dll | AlphaBlend | ||
| gdi32.dll | PatBlt | ||
| version.dll | GetFileVersionInfoSizeA | ||
| comctl32.dll | ImageList_EndDrag | ||
| shell32.dll | SHGetFileInfoA | ||
| winspool.drv | EnumPrintersA | ||
| winmm.dll | waveInClose | ||
| AVICAP32.DLL | capCreateCaptureWindowA | ||
| MSVFW32.DLL | MCIWndCreateA | ||
| SHFolder.dll | SHGetFolderPathA | ||
| kernel32.dll | GetModuleFileNameW | ||
| kernel32.dll | GetModuleHandleA | ||
| kernel32.dll | LoadLibraryA | ||
| kernel32.dll | LocalAlloc | ||
| kernel32.dll | LocalFree | ||
| kernel32.dll | GetModuleFileNameA | ||
| kernel32.dll | ExitProcess |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] can't find file_offset of VA 0x310084
[?] can't find file_offset of VA 0x3101b8
[?] can't find file_offset of VA 0x3102ec
[?] can't find file_offset of VA 0x310420
[?] can't find file_offset of VA 0x310554
[?] ignoring invalid PEdump::BITMAPINFOHEADER
[?] can't find file_offset of VA 0x310688
[?] can't find file_offset of VA 0x310858
[?] can't find file_offset of VA 0x310a3c
[?] can't find file_offset of VA 0x310c0c
[?] can't find file_offset of VA 0x310ddc
[?] can't find file_offset of VA 0x310fac
[?] can't find file_offset of VA 0x31117c
[?] can't find file_offset of VA 0x31134c
[?] can't find file_offset of VA 0x31151c
[?] can't find file_offset of VA 0x3116ec
[?] can't find file_offset of VA 0x3118bc
[?] can't find file_offset of VA 0x31197c
[?] can't find file_offset of VA 0x311a5c
[?] can't find file_offset of VA 0x311b3c
[?] can't find file_offset of VA 0x311c1c
[?] can't find file_offset of VA 0x311cdc
[?] can't find file_offset of VA 0x311d9c
[?] can't find file_offset of VA 0x311e7c
[?] can't find file_offset of VA 0x3121a4
[?] can't find file_offset of VA 0x312264
[?] can't find file_offset of VA 0x312344
[?] can't find file_offset of VA 0x31242c
[?] can't find file_offset of VA 0x312754
[?] can't find file_offset of VA 0x312814
[?] can't find file_offset of VA 0x312b3c
[?] can't find file_offset of VA 0x312e64
[?] can't find file_offset of VA 0x31318c
[?] can't find file_offset of VA 0x31326c
[?] can't find file_offset of VA 0x3132c0
[?] can't find file_offset of VA 0x313314
[?] can't find file_offset of VA 0x313360
[?] can't find file_offset of VA 0x3133f4
[?] can't find file_offset of VA 0x31357c
[?] can't find file_offset of VA 0x31374c
[?] can't find file_offset of VA 0x313890
[?] can't find file_offset of VA 0x313910
[?] can't find file_offset of VA 0x313934
[?] can't find file_offset of VA 0x313990
[?] can't find file_offset of VA 0x313d70
[?] can't find file_offset of VA 0x314104
[?] can't find file_offset of VA 0x3142b0
[?] can't find file_offset of VA 0x31437c
[?] can't find file_offset of VA 0x314488
[?] can't find file_offset of VA 0x314794
[?] can't find file_offset of VA 0x314b64
[?] can't find file_offset of VA 0x314f3c
[?] can't find file_offset of VA 0x3152b8
[?] can't find file_offset of VA 0x3156bc
[?] can't find file_offset of VA 0x3157b0
[?] can't find file_offset of VA 0x315874
[?] can't find file_offset of VA 0x315aa0
[?] can't find file_offset of VA 0x315e54
[?] can't find file_offset of VA 0x3161bc
[?] can't find file_offset of VA 0x316474
[?] can't find file_offset of VA 0x317134
[?] can't find file_offset of VA 0x317e8c
[?] can't find file_offset of VA 0x318b9c
[?] can't find file_offset of VA 0x318bac
[?] can't find file_offset of VA 0x319208
[?] can't find file_offset of VA 0x31963c
[?] can't find file_offset of VA 0x319af0
[?] can't find file_offset of VA 0x319c94
[?] can't find file_offset of VA 0x31a308
[?] can't find file_offset of VA 0x31aabc
[?] can't find file_offset of VA 0x32d5dc
[?] can't find file_offset of VA 0x32f0e4
[?] can't find file_offset of VA 0x330c74
[?] can't find file_offset of VA 0x330c88
[?] can't find file_offset of VA 0x330c9c
[?] can't find file_offset of VA 0x330cb0
[?] can't find file_offset of VA 0x330cc4
[?] can't find file_offset of VA 0x330cd8
[?] can't find file_offset of VA 0x330cec
[?] can't find file_offset of VA 0x121788