filename | DXgBpgLJH12.exe.bin | |
---|---|---|
size | 344064 (0x54000) | |
md5 | dca99f7e9b6f29e80f4af8482e7a841b | |
type | PE32 executable (GUI) Intel 80386, for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0xd8 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Sections
name | va | vsize | raw size | flags | |
---|---|---|---|---|---|
.text | 0x1000 | 0x3718a | 0x37200 | R-X CODE | |
.rdata | 0x39000 | 0x812c | 0x8200 | R-- IDATA | |
.data | 0x42000 | 0x5034 | 0x5000 | RW- IDATA | |
.rsrc | 0x48000 | 0xf7e8 | 0xf800 | R-- IDATA |
Data Directory
type | va | size | |
---|---|---|---|
EXPORT | 0 | 0 | |
IMPORT | 0x40e88 | 0x78 | |
RESOURCE | 0x48000 | 0xf7e8 | |
EXCEPTION | 0 | 0 | |
SECURITY | 0 | 0 | |
BASERELOC | 0 | 0 | |
DEBUG | 0 | 0 | |
ARCHITECTURE | 0 | 0 | |
GLOBALPTR | 0 | 0 | |
TLS | 0 | 0 | |
LOAD_CONFIG | 0 | 0 | |
Bound_IAT | 0 | 0 | |
IAT | 0x39000 | 0x6c | |
Delay_IAT | 0 | 0 | |
CLR_Header | 0 | 0 |
id | lang | string |
---|---|---|
65488 | 0 | @DDoctor_Finish |
65489 | 0 | @SetCent_Never |
65490 | 0 | @DDoctor_Step_d |
65491 | 0 | @DDoctor_Checking_file_system |
65492 | 0 | @DDoctor_Checking_files_and |
65493 | 0 | @DDoctor_Checking_files |
65494 | 0 | @DDoctor_Checking_indexes |
65495 | 0 | @DDoctor_Checking_security_descriptors |
65496 | 0 | @DDoctor_Checking_file_data |
65497 | 0 | @DDoctor_Checking_free_space |
65504 | 0 | @DDoctor_No_errors_found |
65505 | 0 | @DDoctor_Errors_were_corrected |
65506 | 0 | @CFormsCmp_Restart_required |
65507 | 0 | @DDoctor_No_analysis |
65508 | 0 | @DDoctor_Analysis_complete |
65509 | 0 | @OCM_Restart_Windows |
65510 | 0 | @DDoctor_Restart_now_and |
65511 | 0 | @DDoctor_Perform_analysis_the |
65512 | 0 | @DDoctor_Restart_now_and_1 |
65513 | 0 | @DDoctor_Complete_analysis_on |
65514 | 0 | @DDoctor_Windows_will_now |
65515 | 0 | @DDoctor_Windows_will_now_1 |
65516 | 0 | @DDoctor_The_analysis_will |
65517 | 0 | @DDoctor_The_analysis_will_1 |
65518 | 0 | @DDoctor_Drive |
65519 | 0 | @DDoctor_Next |
65520 | 0 | @DDoctor_No_drives_have |
65521 | 0 | @DDoctor_No_drives_selected |
65522 | 0 | @DDoctor_Initializing_drive |
65523 | 0 | @DDoctor_Analyzed_drive |
65524 | 0 | @DDoctor_Windows_restart_required |
65525 | 0 | @DDoctor_Not_supported |
65526 | 0 | @DDoctor_No_errors_were |
65527 | 0 | @DDoctor_All_errors_were |
65528 | 0 | @DDoctor_Is_in_use |
65529 | 0 | @DDoctor_Windows_must_restart |
65530 | 0 | @DDoctor_The_file_system |
65531 | 0 | @DDoctor_The_drive_is |
65532 | 0 | @DDoctor_No_disk_is |
65533 | 0 | @DDoctor_The_drive_is_1 |
65534 | 0 | @DDoctor_Access_to_the |
65535 | 0 | @DDoctor_The_analysis_has |
module_name | hint | ord | function_name |
---|---|---|---|
KERNEL32.dll | 1045 | SetUnhandledExceptionFilter | |
KERNEL32.dll | 629 | GetVersionExA | |
KERNEL32.dll | 571 | GetStdHandle | |
KERNEL32.dll | 673 | HeapFree | |
KERNEL32.dll | 502 | GetModuleHandleA | |
KERNEL32.dll | 367 | GetCommandLineA | |
KERNEL32.dll | 260 | ExitProcess | |
KERNEL32.dll | 505 | GetModuleHandleW | |
KERNEL32.dll | 1109 | VirtualAllocEx | |
KERNEL32.dll | 669 | HeapAlloc | |
KERNEL32.dll | 1165 | WriteFile | |
USER32.dll | 470 | LoadIconA | |
USER32.dll | 438 | IsClipboardFormatAvailable | |
USER32.dll | 276 | GetClipboardViewer | |
USER32.dll | 432 | IsCharAlphaW | |
USER32.dll | 193 | DrawMenuBar | |
GDI32.dll | 205 | DeleteDC | |
COMDLG32.dll | 14 | GetSaveFileNameW | |
COMDLG32.dll | 12 | GetOpenFileNameW | |
COMDLG32.dll | 10 | GetFileTitleW | |
ADVAPI32.dll | 601 | RegOpenKeyA | |
ADVAPI32.dll | 615 | RegQueryValueExA |
StringTable 040704B0
Comments | @CompanyName |
eUp Software | NFileDescription |
eUp Disk Doctor | <FileVersion |
0.1000.340 | r'LegalCopyright |
yright © AVG Netherlands B. V. 2011 | LLegalTrademarks |
eUp Utilities™ | LProductName |
eUp Utilities 2014 | @ProductVersion |
0.1000.340 | D |
StringTable 040904B0
Comments | @CompanyName |
eUp Software | NFileDescription |
eUp Disk Doctor | <FileVersion |
0.1000.340 | r'LegalCopyright |
yright © AVG Netherlands B. V. 2011 | LLegalTrademarks |
eUp Utilities™ | LProductName |
eUp Utilities 2014 | @ProductVersion |
0.1000.340 | D |
VS_FIXEDFILEINFO
FileVersion | 14.0.1000.340 |
ProductVersion | 14.0.1000.340 |
StrucVersion | 0x10000 |
FileFlagsMask | 0x17 |
FileFlags | 0 |
FileOS | 0x40004 |
FileType | 0 |
FileSubtype | 0 |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
everything is OK