VMRay Analyzer Report
File Information
Sample files count1
Created files count1
Modified files count0
Explorer Pro.exe
-
File Properties
NamesExplorer Pro.exe (Sample File)
Size3.19 MB (3340288 bytes)
Hash ValuesMD5: be66787e9a1933b319e3694b4c348e38
SHA1: 05ed9e77fc98cfce1bb9e4acad1b95f4167c5129
SHA256: ce7ddc6318d4e76ef0ad3d9b1a8f8ad90eb77a0bf53ab49e8440a0fb0b67aa39
Actions
PE Information
+
File Properties
Image Base0x400000
Entry Point0x4d0014
Size Of Code0x98800
Size Of Initialized Data0x26000
Size Of Uninitialized Data0x0
Formatx86
TypeExecutable
SubsystemIMAGE_SUBSYSTEM_WINDOWS_GUI
Machine TypeIMAGE_FILE_MACHINE_I386
Compile Timestamp1973-12-21 14:23:07
Compiler/PackerThemida/WinLicense V1.8.0.2 + -> Oreans Technologies
Sections (4)
+
NameVirtual AddressVirtual SizeRaw Data SizeRaw Data OffsetFlagsEntropy
0x4010000xb30000x516000x1000CNT_INITIALIZED_DATA, MEM_READ, MEM_WRITE7.99
.rsrc0x4b40000x1ae380x70000x52600CNT_INITIALIZED_DATA, MEM_READ, MEM_WRITE7.54
.idata 0x4cf0000x10000x2000x59600CNT_INITIALIZED_DATA, MEM_READ, MEM_WRITE1.43
xp 0x4d00000x2db0000x2d60000x59800CNT_CODE, CNT_INITIALIZED_DATA, MEM_EXECUTE, MEM_READ, MEM_WRITE4.57
Imports (3)
+
KERNEL32.dll (2)
+
API NameOrdinalIAT AddressThunk RVAThunk Offset
CreateFileA0x00x4cf0000xcf0000x59600
ExitProcess0x00x4cf0040xcf0040x59604
COMCTL32.dll (1)
+
API NameOrdinalIAT AddressThunk RVAThunk Offset
InitCommonControls0x00x4cf00c0xcf00c0x5960c
Icons (14)
+
Icon Icon Icon Icon Icon Icon Icon Icon Icon Icon Icon Icon Icon Icon
c:\program files\common files\microsoft shared\msinfo\fieleway.txt
-
File Properties
Namesc:\program files\common files\microsoft shared\msinfo\fieleway.txt (Created File)
Size0.04 KB (46 bytes)
Hash ValuesMD5: 5718f05d3bdebb944ec1c02d56ff3a63
SHA1: 035e87a09dad57fd972df857579fdb65f36a1395
SHA256: 444ea6025185bf690be65b937723cd74ec2cf1030fc42f7a8f191ff6a238a5d6
Actions
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefox with deactivated setting "security.fileuri.strict_origin_policy". 
































Screenshot



Expand-Icon


Exit-Icon






icon_left




icon_left








image