home

AnalyzePESig.exe

AnalyzePESig

Didier Stevens

Publisher:
Didier Stevens (https://DidierStevens.com)  (signed by Didier Stevens)

Product:
AnalyzePESig

Version:
0.0.0.3

MD5:
5e86425acf2ecb1e0a625b47cbc4778f

SHA-1:
7713b69bc886406b823764e25ac55902b645a2d0

SHA-256:
ed0f84b411140a6a1227fc83cef7830b978e4ff37f0c276e1fc41727bcdbd910

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 1:21:30 AM UTC  (today)

File size:
99 KB (101,336 bytes)

Product version:
0.0.0.3

Copyright:
Public domain

Original file name:
AnalyzePESig.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Digital Signature
Signed by:
Didier Stevens

Authority:
GlobalSign nv-sa

Valid from:
10/4/2012 10:20:18 AM

Valid to:
11/24/2013 11:46:08 AM

Subject:
CN=Didier Stevens, C=BE

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121C09C7F085493BFFEF26D4560BA359F37

File PE Metadata
Compilation timestamp:
8/15/2013 4:53:46 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
10.0

CTPH (ssdeep):
3072:WmkGopO9fW+iNxhqJaxUxVdcxFO7PcJai:WRpO9fW+ejqcUxDKO7wJ

Entry address:
0xF2BC

Entry point:
E8, D2, 04, 00, 00, E9, B3, FD, FF, FF, FF, 25, 30, 12, 41, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 18, 60, 41, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, 6A, 14, 68, 78, 33, 41, 00, E8, C1, 01, 00, 00, FF, 35, 68, 65, 41, 00, 8B, 35, 88, 10, 41, 00, FF, D6, 89, 45, E4, 83, F8, FF, 75, 0C, FF, 75, 08, FF, 15, 7C, 12...
 
[+]

Entropy:
6.5021

Code size:
63.5 KB (65,024 bytes)

Scan AnalyzePESig.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.