home

AnalyzePESig.exe

AnalyzePESig

Didier Stevens

Publisher:
Didier Stevens (https://DidierStevens.com)  (signed by Didier Stevens)

Product:
AnalyzePESig

Version:
0.0.0.3

MD5:
ce700a857296ae352c05ccf91ea0a5d9

SHA-1:
37fa35b65af57335dd6780baad4966eb2b4383ac

SHA-256:
096925c109e245b64c0a54618506bff9481ec2ce38c542fbc2f753254b68d53a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/19/2024 3:27:00 PM UTC  (today)

File size:
233.5 KB (239,064 bytes)

Product version:
0.0.0.3

Copyright:
Public domain

Original file name:
AnalyzePESig.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
Didier Stevens

Authority:
GlobalSign nv-sa

Valid from:
10/4/2012 10:20:18 AM

Valid to:
11/24/2013 11:46:08 AM

Subject:
CN=Didier Stevens, C=BE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C09C7F085493BFFEF26D4560BA359F37

File PE Metadata
Compilation timestamp:
8/15/2013 4:52:55 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
6144:zekr93bj7ke2E7F38wZ0+djatzgn/2MVtgj:zekrJP7yE7qwZfdjatM/Baj

Entry address:
0x15482

Entry point:
E8, 6A, 8F, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 78, C5, 42, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 18, C1, 42, 00, C9, C2, 08, 00, FF, 35, 20, 88, 43, 00, FF, 15, 04, C1, 42, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, BA, 87, 00, 00, 6A, 01, 6A, 00, E8, 00, 2F, 00, 00, 83, C4, 0C, E9, C5, 2E, 00, 00...
 
[+]

Entropy:
6.5330

Code size:
169.5 KB (173,568 bytes)

Scan AnalyzePESig.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.