| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | captainphillips2013dvdripx264sparksnzb_013-a4a___.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | 54f7533b1a92b258e7cd1a93f4fcb1a654d121b1 |
| MD5: | faa2f790c93c4d05697ca48d374c3364 |
| First Seen Date: | 2017-10-18 01:33:25.550454 ( ) |
| Number of Clients Seen: | 3 |
| Last Analysis Date: | 2017-10-20 08:46:42.556381 ( ) |
| Human Expert Analysis Result: | No human expert analysis verdict given to this sample yet. |
| Property | Value |
|---|---|
| file type enum | 6 |
| number of sections | 5 |
| compilation time stamp | 0x59E37EA1 [Sun Oct 15 15:28:33 2017 UTC] |
| LegalCopyright | Copyright (C) 2017 |
| ProductVersion | 3, 2, 23, 4348 |
| FileVersion | 3, 2, 23, 4348 |
| ProductName | Anime catron Application |
| Translation | 0x0409 0x04b0 |
| entry point | 0x40918a (.text) |
| machine type | Intel 386 or later - 32Bit |
| file size | 1586152 |
| sha256 | 64cce2ef68063ce8265a52530d776645af9117bc7cd831d76f0e85042d42a169 |
| mime type | application/x-dosexec |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x16e48 | 0x17000 | 5.80670892908 | acc5c8e6031d4a3264d4643887916361 |
| .data | 0x18000 | 0xa0c48 | 0xa0000 | 6.41254353129 | 7ad4bf5fb0191ebb8775f0b2eae13e44 |
| .tls | 0xb9000 | 0x78bc | 0x8000 | 2.04546043 | 146114093fc8ec6efb435b9e1a5aedea |
| .rsrc | 0xc1000 | 0xbed70 | 0xbf000 | 7.52324801101 | 454c41705d349a432bc839f3ea367096 |
| .reloc | 0x180000 | 0x20be | 0x3000 | 2.3702076093 | 1065c69b9cd9d39cc1f8d9915f33ab6f |
-
KERNEL32.dll
- SetEvent
- InterlockedIncrement
- GetBinaryTypeA
- GetProcAddress
- LoadLibraryA
- GetFileSize
- GetCurrentThread
- InterlockedExchange
- CreateFileA
- WriteConsoleW
- GetConsoleOutputCP
- GetTempPathA
- Sleep
- GetSystemDirectoryA
- SetThreadPriority
- LockResource
- GetTickCount
- WriteConsoleA
- CloseHandle
- HeapSize
- RaiseException
- GetCommandLineA
- HeapFree
- GetVersionExA
- HeapAlloc
- GetProcessHeap
- GetStartupInfoA
- EnterCriticalSection
- LeaveCriticalSection
- TerminateProcess
- GetCurrentProcess
- UnhandledExceptionFilter
- SetUnhandledExceptionFilter
- IsDebuggerPresent
- GetModuleHandleA
- MultiByteToWideChar
- GetLastError
- ReadFile
- ExitProcess
- WriteFile
- GetStdHandle
- GetModuleFileNameA
- FreeEnvironmentStringsA
- GetEnvironmentStrings
- FreeEnvironmentStringsW
- WideCharToMultiByte
- GetEnvironmentStringsW
- SetHandleCount
- GetFileType
- DeleteCriticalSection
- TlsGetValue
- TlsAlloc
- TlsSetValue
- TlsFree
- SetLastError
- GetCurrentThreadId
- InterlockedDecrement
- HeapDestroy
- HeapCreate
- VirtualFree
- QueryPerformanceCounter
- GetCurrentProcessId
- GetSystemTimeAsFileTime
- GetCPInfo
- GetACP
- GetOEMCP
- RtlUnwind
- SetFilePointer
- SetStdHandle
- InitializeCriticalSection
- VirtualAlloc
- HeapReAlloc
- GetConsoleCP
- GetConsoleMode
- FlushFileBuffers
- LCMapStringA
- LCMapStringW
- GetStringTypeA
- GetStringTypeW
- GetLocaleInfoA
-
USER32.dll
- GetDC
- EnableWindow
- GetClientRect
- LoadImageW
- LoadBitmapA
-
GDI32.dll
- SelectObject
- GetDeviceCaps
- CreatePen
- CreateBitmap
- SetPixel
-
ole32.dll
- CoUninitialize
-
OLEAUT32.dll
- VariantInit
-
WS2_32.dll
- recv
- closesocket
RT_BITMAP
RT_ICON
RT_GROUP_ICON
RT_VERSION
RT_MANIFEST