Manalyze report for 008567cd1ebfa11a76985fff0a0db65496172d59a517ea1baaf4184704ae4006

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Apr-21 18:32:52
Detected languages	English - United States
FileDescription	AutoHotkey 64-bit
FileVersion	`2.0`
CompanyName	AutoHotkey Foundation LLC
ProductName	AutoHotkey
ProductVersion	`2.0`

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: .exe.bat.com autohotkey.com exe.bat.com http://www.w3.org http://www.w3.org/2001/XMLSchema http://www.w3.org/2001/XMLSchema-instance https://autohotkey.com www.w3.org`
Suspicious	The PE is possibly packed.	`Unusual section name found: .fptable`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress LoadLibraryW LoadLibraryExW` `Functions which can be used for anti-debugging purposes: FindWindowW` `Code injection capabilities (PowerLoader): FindWindowW GetWindowLongW` `Can access the registry: RegisterHotKey RegDeleteKeyW RegSetValueExW RegCreateKeyExW RegQueryValueExW RegDeleteValueW RegCloseKey RegOpenKeyExW RegQueryInfoKeyW RegEnumValueW RegEnumKeyExW RegDeleteKeyExW` `Possibly launches other programs: CreateProcessW CreateProcessWithLogonW` `Can create temporary files: CreateFileW GetTempPathW` `Uses functions commonly found in keyloggers: MapVirtualKeyW GetAsyncKeyState AttachThreadInput CallNextHookEx GetForegroundWindow` `Interacts with services: OpenSCManagerW` `Manipulates other processes: OpenProcess` `Can take screenshots: GetDC FindWindowW CreateCompatibleDC` `Reads the contents of the clipboard: GetClipboardData`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`87376c428946ae5523037d22573668f1`
SHA1	`5e9baea8dd1c8e73ed3cac7cae2e425d001b7a55`
SHA256	`008567cd1ebfa11a76985fff0a0db65496172d59a517ea1baaf4184704ae4006`
SHA3	`e3dc1bcad99eb03eeaee549bee0b2c3e1e503a3f1a253eca3708eca3a0255724`
SSDeep	`24576:n46bXRMbqgspNUzmCISwrd3rDlx2fC3dGlw:nFXRMbKpNsmCjwrd3/lxOW`
Imports Hash	`64f4518c229fffc45616474cb0420add`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-Apr-21 18:32:52
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xca600`
SizeOfInitializedData	`0x53600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000000A6DAC (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x122000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA`
SizeofStackReserve	`0x400000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`d29ef102be03c4c98d69ca131b0a887a`
SHA1	`c41337010c99cf36f2a180520b9f07e8040b8e58`
SHA256	`8ddcd9afc3f9ca300eb38c49d442fc1f1de8bbc9d7e7d53a67566ac70c0d816a`
SHA3	`3c5aaaf230181481532855588ee6e3fe4f10a5358e42a90b7cead401b14d403e`
VirtualSize	`0xca546`
VirtualAddress	`0x1000`
SizeOfRawData	`0xca600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.52924`

.rdata

MD5	`b1475a7503ff220c705fa6ac2f82477c`
SHA1	`85ce94ef79e884308d9cdeeaf45f9250d50955b4`
SHA256	`aec0598d7c8c253c690df65e623019b37e4995b45092ed25c7a4ab1352b3f55a`
SHA3	`d1114db7400c7c8953cbe6c8e68c9924ecb09ebb29196b8e2db107e8fa2e6c85`
VirtualSize	`0x39176`
VirtualAddress	`0xcc000`
SizeOfRawData	`0x39200`
PointerToRawData	`0xcaa00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.23445`

.data

MD5	`7e74d82c936cda64d71a6a89ae70c913`
SHA1	`364ed52023f62f5cfc4356ded0e6dbe7b6a2182d`
SHA256	`f6445f79043c149d819683194e3820de2f9b6ef7c61d7c712acc7b69e082b506`
SHA3	`1b9cc807902ee74e9be4a536afc787a23c34c4fd371ee0a546a4bb3e376915ea`
VirtualSize	`0xab2c`
VirtualAddress	`0x106000`
SizeOfRawData	`0x6400`
PointerToRawData	`0x103c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.15362`

.pdata

MD5	`87be54a9e7f0912ac95b4ff72a4ccdb5`
SHA1	`0e79d2342e650e8b62d257035ad7f780730b9c68`
SHA256	`a0efbc6fa5c36ca1e7ac1d3672bb719a1e3d34c8e6b2945f8676f2be15c3553c`
SHA3	`40b4b80a476b9c3b30f6304292fed441539fca6f73c9ebf4ae57bf462c118b7c`
VirtualSize	`0x6ed0`
VirtualAddress	`0x111000`
SizeOfRawData	`0x7000`
PointerToRawData	`0x10a000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.9632`

.fptable

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x100`
VirtualAddress	`0x118000`
SizeOfRawData	`0x200`
PointerToRawData	`0x111000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`847d5bf252fb7be3c6a914281bd804e9`
SHA1	`3b117f3e3828944bd7ee5226355bf94dd3d7f31d`
SHA256	`6dbdcfc0839bbe293cedab497ef0a413e23ababac5f6aff797fcad90b27195a2`
SHA3	`1e07ec21b408e85602ed2c38b3b9d655e0ff2c900fe0ce8f2756aecf682c39fb`
VirtualSize	`0x85b0`
VirtualAddress	`0x119000`
SizeOfRawData	`0x8600`
PointerToRawData	`0x111200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.23516`

Imports

WSOCK32.dll	`WSAGetLastError` `getservbyname` `htonl` `send` `recv` `inet_addr` `WSAAsyncSelect` `inet_ntoa` `gethostbyname` `WSASetLastError` `ioctlsocket` `htons` `gethostbyaddr` `getservbyport` `ntohs` `WSAStartup` `shutdown` `WSACleanup` `closesocket` `connect` `socket`
WINMM.dll	`joyGetPosEx` `mciSendStringW`
COMCTL32.dll	`ImageList_GetIconSize` `CreateStatusWindowW`
PSAPI.DLL	`GetProcessImageFileNameW`
SHLWAPI.dll	`StrCmpLogicalW`
UxTheme.dll	`EnableThemeDialogTexture` `SetWindowTheme` `IsAppThemed`
dwmapi.dll	`DwmGetWindowAttribute`
KERNEL32.dll	`GlobalFree` `GlobalUnlock` `WideCharToMultiByte` `GetCPInfo` `GetSystemDirectoryA` `LoadLibraryA` `GetProcAddress` `FreeLibrary` `GetCurrentThreadId` `GetEnvironmentVariableW` `IsValidCodePage` `LoadLibraryW` `GetLastError` `OutputDebugStringW` `lstrcmpiW` `GetStringTypeExW` `CreateThread` `SetThreadPriority` `GetExitCodeThread` `CloseHandle` `CreateMutexW` `VirtualProtect` `SetLastError` `GetModuleHandleW` `CreateFileW` `MultiByteToWideChar` `GetFullPathNameW` `GetFileAttributesW` `ReadFile` `LoadResource` `LockResource` `WriteFile` `SizeofResource` `SetCurrentDirectoryW` `CompareStringOrdinal` `FindFirstFileW` `FindNextFileW` `FindClose` `FileTimeToLocalFileTime` `GetSystemTimeAsFileTime` `GetFileSizeEx` `GetCurrentProcessId` `GlobalLock` `TerminateProcess` `GetProcessId` `QueryDosDeviceW` `EnterCriticalSection` `LeaveCriticalSection` `GetLocalTime` `GetDateFormatW` `GetTimeFormatW` `GetDateFormatEx` `GetTickCount64` `GetSystemTime` `GetSystemDefaultUILanguage` `GetComputerNameW` `GetCurrentDirectoryW` `GetSystemWindowsDirectoryW` `GetTempPathW` `WaitForSingleObject` `GetExitCodeProcess` `GetVersionExW` `InitializeCriticalSection` `DeleteCriticalSection` `GetModuleFileNameW` `SetDllDirectoryW` `GetModuleHandleExW` `GetShortPathNameW` `CreateProcessW` `FormatMessageW` `GetCurrentProcess` `SetEndOfFile` `GetACP` `GetFileType` `GetStdHandle` `SetFilePointerEx` `SystemTimeToFileTime` `FileTimeToSystemTime` `GetFileSize` `EnumResourceNamesW` `LoadLibraryExW` `GlobalSize` `FindResourceW` `SetErrorMode` `Sleep` `GetTickCount` `MulDiv` `RaiseException` `EncodePointer` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `GetCommandLineA` `GetCommandLineW` `ExitProcess` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `InitializeSListHead` `RtlUnwindEx` `HeapSize` `HeapReAlloc` `HeapQueryInformation` `HeapFree` `HeapAlloc` `GetProcessHeap` `FindFirstFileExW` `GetOEMCP` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `InitializeCriticalSectionEx` `LCMapStringW` `GlobalAlloc` `SetStdHandle` `GetStringTypeW` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `WriteConsoleW` `OpenProcess` `RtlPcToFileHeader`
USER32.dll	`IsZoomed` `IsIconic` `DestroyWindow` `RegisterClassExW` `SystemParametersInfoW` `CreateWindowExW` `GetMenu` `EnableMenuItem` `LoadAcceleratorsW` `RemoveClipboardFormatListener` `LoadImageW` `PostQuitMessage` `CheckMenuItem` `RegisterWindowMessageW` `DefWindowProcW` `SetForegroundWindow` `GetMenuItemCount` `GetPropW` `GetClassLongW` `SetMenu` `SetPropW` `RemovePropW` `GetSysColor` `RedrawWindow` `DrawTextW` `SetParent` `GetClassInfoExW` `AdjustWindowRectEx` `GetAncestor` `UpdateWindow` `FlashWindow` `GetMessagePos` `GetSysColorBrush` `FillRect` `GetClassLongPtrW` `CallWindowProcW` `CheckRadioButton` `IntersectRect` `GetUpdateRect` `PtInRect` `CreateDialogIndirectParamW` `CreateAcceleratorTableW` `DestroyAcceleratorTable` `InsertMenuItemW` `RemoveMenu` `SetMenuItemInfoW` `GetMenuItemInfoW` `SetMenuDefaultItem` `CreateMenu` `CreatePopupMenu` `SetMenuInfo` `DestroyMenu` `TrackPopupMenuEx` `CopyImage` `CreateIconIndirect` `CreateIconFromResourceEx` `DrawIconEx` `EnumClipboardFormats` `GetWindow` `BringWindowToTop` `GetQueueStatus` `MapVirtualKeyW` `VkKeyScanExW` `EnumWindows` `GetKeyboardLayoutNameW` `ActivateKeyboardLayout` `GetGUIThreadInfo` `GetWindowTextW` `mouse_event` `WindowFromPoint` `keybd_event` `SetKeyboardState` `GetKeyboardState` `GetCursorPos` `GetAsyncKeyState` `AttachThreadInput` `SendInput` `UnregisterHotKey` `RegisterHotKey` `SendMessageTimeoutW` `CharUpperW` `UnhookWindowsHookEx` `SetWindowsHookExW` `PostThreadMessageW` `IsCharAlphaNumericW` `IsCharUpperW` `IsCharLowerW` `ToUnicodeEx` `CallNextHookEx` `CharLowerW` `ReleaseDC` `GetDC` `DialogBoxParamW` `ScrollWindow` `GetSystemMetrics` `GetWindowRect` `GetWindowLongPtrW` `SetFocus` `DefDlgProcW` `MoveWindow` `MapWindowPoints` `GetClientRect` `EnableWindow` `MapDialogRect` `GetDlgItem` `SetWindowLongPtrW` `SetWindowTextW` `MessageBoxW` `OpenClipboard` `GetClipboardData` `GetClipboardFormatNameW` `CloseClipboard` `SetClipboardData` `EmptyClipboard` `SetWindowPos` `IsChild` `IsWindowVisible` `EnumChildWindows` `GetLastInputInfo` `LoadCursorW` `GetCursorInfo` `ClientToScreen` `GetIconInfo` `GetWindowTextLengthW` `InvalidateRect` `PostMessageW` `FindWindowW` `EndDialog` `IsWindow` `DispatchMessageW` `TranslateMessage` `ShowWindow` `IsClipboardFormatAvailable` `CountClipboardFormats` `SetWindowLongW` `ScreenToClient` `DestroyIcon` `IsDialogMessageW` `SendMessageW` `IsWindowEnabled` `GetWindowLongW` `GetKeyState` `TranslateAcceleratorW` `KillTimer` `PeekMessageW` `GetFocus` `GetClassNameW` `GetWindowThreadProcessId` `GetForegroundWindow` `GetMessageW` `SetTimer` `GetParent` `GetDlgCtrlID` `IsCharAlphaW` `MapVirtualKeyExW` `GetKeyboardLayout`
GDI32.dll	`GdiFlush` `CreateDIBSection` `EnumFontFamiliesExW` `GetObjectW` `SetBrushOrgEx` `CreatePatternBrush` `GetClipBox` `SetBkMode` `SetBkColor` `GetDeviceCaps` `CreateCompatibleDC` `CreateFontIndirectW` `GetStockObject` `CreateSolidBrush` `GetCharABCWidthsW` `GetTextMetricsW` `GetDIBits` `SelectObject` `CreateFontW` `DeleteObject` `CreateCompatibleBitmap` `DeleteDC` `SetTextColor`
ADVAPI32.dll	`UnlockServiceDatabase` `RegDeleteKeyW` `RegSetValueExW` `RegCreateKeyExW` `RegQueryValueExW` `RegDeleteValueW` `GetUserNameW` `RegConnectRegistryW` `RegCloseKey` `RegOpenKeyExW` `RegQueryInfoKeyW` `RegEnumValueW` `RegEnumKeyExW` `CreateProcessWithLogonW` `OpenSCManagerW` `LockServiceDatabase` `CloseServiceHandle` `RegDeleteKeyExW`
SHELL32.dll	`DragFinish` `SHGetKnownFolderPath` `ExtractIconW` `DragQueryPoint` `DragQueryFileW` `ShellExecuteExW` `SHGetFolderPathW` `Shell_NotifyIconW`
ole32.dll	`CoCreateInstance` `CoTaskMemFree` `CLSIDFromString` `OleInitialize` `OleFlushClipboard` `OleUninitialize` `CLSIDFromProgID` `CoGetObject` `StringFromGUID2` `CreateStreamOnHGlobal`
OLEAUT32.dll	`SafeArrayDestroy` `SysFreeString` `GetActiveObject` `SysStringLen` `SafeArrayCreate` `VariantClear` `VariantChangeType` `OleLoadPicture` `SafeArrayCopy` `SysAllocStringLen` `VariantCopyInd` `SafeArrayGetUBound` `SafeArrayGetLBound` `SafeArrayGetDim` `SafeArrayLock` `SysAllocString` `SafeArrayPtrOfIndex` `SafeArrayUnlock` `SafeArrayAccessData` `SafeArrayGetElemsize` `SafeArrayUnaccessData`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x244`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.33249`
Detected Filetype	PNG graphic file
MD5	`9d07814a27f482c2d7c563ff6868c539`
SHA1	`bcfd3b11a28ff193373d7dab4ffca072b533c3de`
SHA256	`8f5cb2266f8445405c75921de831112f60a2262041ed60039e0871bffd6d7203`
SHA3	`e8c0f6c3cf8716e8c9e004156c373dbfa924237651b3d0306f07367cad85be43`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x197`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.85349`
Detected Filetype	PNG graphic file
MD5	`95eee4f269dc68bf7d0937d648cf38bf`
SHA1	`f9226a77de6ec90b53720252560cdd466ac244ef`
SHA256	`efe628398ba9727fe5341b60615e17b10977f05bce50adf6af5d4d1da7c740d2`
SHA3	`1929d34939e214cf8df483e60d239f7d70d422883bb4f9212f6124742a68b253`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.09487`
Detected Filetype	PNG graphic file
MD5	`9a3ea4fc3821f4b35ab512fe156de5df`
SHA1	`7fe5efea95e344b46d89b258e0235728bb1bf530`
SHA256	`18fc0f58bc71965f32e49f236adc23ee32155a8d00c805838692a3f98cffb1f9`
SHA3	`5f1691754db788ca6254c0c5f5d9cc1040a04b87f4eba36956671e52e92f96c8`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x229`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.29607`
Detected Filetype	PNG graphic file
MD5	`defd3602a640726e1335484c2ee9c265`
SHA1	`04f31f314ace2e0410a2c90c24c0df5cbe0da589`
SHA256	`53f2680efff7f2fb903f30bf590e8fb8111053f382011deaed2f6f90607d0a5e`
SHA3	`14e47b005e52020fe7315308c909705be19e9ca3c1ba9b0b9362dea6f5d31121`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x26f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.36765`
Detected Filetype	PNG graphic file
MD5	`6db39e3193561f607a6020f15fe6c1bd`
SHA1	`efaa36a2d23a92a8b315c07c27166d17d238cd7c`
SHA256	`7e4f77e0f5362354999d079e0f27f864c2a277922ce727da05d837c136cc146f`
SHA3	`c8ba3cb2955e14184b52c97d767f8966a789cbd49b3ba0db387765673139a6a6`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x322`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.53731`
Detected Filetype	PNG graphic file
MD5	`990feace7c4409fae8e239931c5abd5a`
SHA1	`c75d568990b914bf6a5ff158cffea8ba8c9f9eae`
SHA256	`48f08d3608f503a2d816727054dd09d8f2f42f079592a63f1de366224ba3af30`
SHA3	`d0e2060b781480d3753759ddc5e8cd3cfad31326a1cfb9d9ebe9441c242e873a`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3ab`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.58591`
Detected Filetype	PNG graphic file
MD5	`d3d22e825073cc221f9a9fc53896ec1d`
SHA1	`14dfa1ce4e91c635f6682c124ac93a9e8a511504`
SHA256	`66f975428676309833a756c08a8baa591a61e24256e6227b194d42ec660473c4`
SHA3	`90de716265e2556928e97c414c8f8aa79941235312646d9f1815adca8e7e7f4c`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x413`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.61505`
Detected Filetype	PNG graphic file
MD5	`55610ca28a4fef948e52acb26c9f22d0`
SHA1	`9bf26e1e03ecfb149cbd9efe3e049a1dcb2f78cf`
SHA256	`74a5a43f25592d2ce093f28b4c0a459a7726f9dbec604832e69ee50805474baa`
SHA3	`cb49c8bde1f4b67fbbb8200af86afd0dacced6970074ddfb9a7a95ae3a0f0ff3`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x26b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.29574`
Detected Filetype	PNG graphic file
MD5	`1ddb64d710c05dafe3256176d12bc3ad`
SHA1	`4ef7a3714d72ef572a887f10c1c10afbf3ea41ad`
SHA256	`b6fbf3ceb35024a07fd66ee0824d2cef959ab17a1b68200710f3b0c880f72f32`
SHA3	`84e3a33e368b978c0672d43045526b49746cc0f58c73538693b0d8ad8a28b41d`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x19b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.00148`
Detected Filetype	PNG graphic file
MD5	`6a35ea83990a3d13af252a5022572494`
SHA1	`abcb7f00e1c673c07ffbc882e47826c208417c3b`
SHA256	`8d6d8a637a5f657b305fddd9d66596005909bf53d5ab3d518923b1c3dca7652f`
SHA3	`37c122057bc5cd9719683a37328a4b747a72312067bdc885d3f014ed3d2c0ff2`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.15376`
Detected Filetype	PNG graphic file
MD5	`e79ede524fa56efc003e874587f63206`
SHA1	`3d4bf14637525979fa60130c418e63e139bf2cfd`
SHA256	`942cf5c52660c7a527c9517493b60b4f60eb71dcfca736f0f8e8185cb5be2d0f`
SHA3	`af2673688f8bdf64d70f49b42b633d23b09d39d9c5b3f3b81fe5aca4159094f8`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.28867`
Detected Filetype	PNG graphic file
MD5	`47395a13bc1650a3d82734b132aec81e`
SHA1	`e7eb5c0c4a184ed4ada61fa26e5e9bcaf6b3eb73`
SHA256	`7cf0fd6c17edcc198c60512f8421b4c1fe2d9fd28c73c4f4488e8a3be7b0c438`
SHA3	`53b53782fb4ac322c95967c33a6c565bcfab3bdf4b50106ae9ceedeb6328a221`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x252`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.39902`
Detected Filetype	PNG graphic file
MD5	`7b8f4b199f8d141a44c0ba54790fede1`
SHA1	`060d69286cc4333d983f87c131f50c8a954c038f`
SHA256	`47669513bb1877096089bb363dcaf8daf877274381e8f6f2e4fb9e89f4b83a44`
SHA3	`376dc5063489cbd158e8c1482086a28ff5f8eb454ba59339781c2ac82967d66a`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x16e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.69583`
Detected Filetype	PNG graphic file
MD5	`fec1048117bb1e558e784c7ba3793e7e`
SHA1	`b0517af8129fa5e61b6d44695c5e544945b14ba3`
SHA256	`dc3085cae57efefe7ff1b589740823f72eed1f5d20e6f5958479d8472a31237d`
SHA3	`aa12c4a92f09e24a803709a698272b1a3e7ce7560c6b7b231d5cf142ff21d8a7`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1b0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.08313`
Detected Filetype	PNG graphic file
MD5	`4f9a17a9976d74d6047bc6c067748fba`
SHA1	`cf0958a9a3bee216684a5b48543441f17c3ebf39`
SHA256	`625e6ebc94122061e7bae32a778e666694569aa95a37093481c7d8df404bcf8c`
SHA3	`fe8b139dd869747c178bf9753ab1bd6b1ec13659c1403849c545939488816daa`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1ed`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.17673`
Detected Filetype	PNG graphic file
MD5	`fa817e56e99d52835450e687d18e9bfd`
SHA1	`c3270b47bc88387b649c71da1049ced23e736ec7`
SHA256	`41db533b488d82833c324b20c9ba4e0ad6b0ce88aea4d80b93db7d017f01242e`
SHA3	`800598656c8625bd3d6dac5b335d7ef1b22bc40865fd7843db8cd7987e45c730`

17

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.25042`
Detected Filetype	PNG graphic file
MD5	`0cbacd3ff15622acdbcd00098b6ffb5d`
SHA1	`a4a605284ac1eb1962de2d2ce897ed7da8dc780f`
SHA256	`8543aca233240bd4b3c2f4f9d334afb94498f17fab05f0d75604bc52d15c6d2c`
SHA3	`fb7bcde5ef21e7a9476be6bc735abbf0b51720a207a4d7d198e64afd1d046423`

18

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x203`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.17458`
Detected Filetype	PNG graphic file
MD5	`df3fd59104aeb107f6a2e14bbaa70767`
SHA1	`f5857de0e40c8f975772af21229657bbd0828cac`
SHA256	`0f294cc35adb7f211ba0a6df3883c4df3d1433ddecba1c55ddc2c12bdb12647d`
SHA3	`8e998c215a0c603479d97e4bbb0c8c282183580fe7b8c2fdf8d05f709ba9c092`

19

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x163`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.74336`
Detected Filetype	PNG graphic file
MD5	`03aa5938612807bbac00d4a8610a75c1`
SHA1	`0b4293a1d0b38e2efacbe6b349a024a8263ac144`
SHA256	`b027d29c6b1e9ec2576b1e84e116c4142c0a52c28106dbde21184ae4c018d554`
SHA3	`1666547579c26ea1e309e5500360e1a9080abc2869f1305ffb8e2c8eb6a5c27d`

20

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x19f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.00224`
Detected Filetype	PNG graphic file
MD5	`61fe63e8d5cef481e88d801dc7e951d1`
SHA1	`d2e78a03ef9a776c4cb78fa6506f2f366a0564dc`
SHA256	`8f9a3ea6252e894176a5b0c1fe743f00d7c27d659682d3be5ca68bee7962b60c`
SHA3	`8861dde39d4e41da9ea0c7f45964a8b871afbf225eb615904363aaef3b349ba9`

21

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.13641`
Detected Filetype	PNG graphic file
MD5	`ae372a3fd458088ab25f071dea4cfcab`
SHA1	`0a54b45783828f63cd68da4ccef124b6bbb05f87`
SHA256	`e1022f2f3acdbe70f624fbee8d99b9ced7d97f6761be5fda371e6b2c4ddfbad9`
SHA3	`5ac0fa63ff019b9387d8761801926187ba0d807dcd9d3889936b935b13865be3`

22

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x20f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.23266`
Detected Filetype	PNG graphic file
MD5	`1e1e54d4fd4eb384c5930bb0e97edfcf`
SHA1	`b6feddd1e0e9950c4a78fcc934a940a274e7a082`
SHA256	`cd65509518e02434177b8bb71aa67018fbdfd9f5141cfe9c7c02f85a56086c33`
SHA3	`cb7845a017c90c16fcd2f38e1a2e20d1d06a1d155753a0772f99809becff90cc`

23

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.06546`
Detected Filetype	PNG graphic file
MD5	`98c9044262916ccd7f52c38ca67a2640`
SHA1	`b352c3fcac7381e3d5f3b092159d4b6edbbe81e9`
SHA256	`27322b9ead450123f89ef52e2f8d9738d90b28d423278e9104d9b34d22972c2e`
SHA3	`5e83f91edede7e303529c40299e929ad260eeade4a30663e04f2fec5c7ca814f`

24

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.60719`
MD5	`7a7fd531976bf5d5962ce6bd512ec4f9`
SHA1	`5d6dc5099fdac2d02ef7e225e392710810518a79`
SHA256	`028ea5589efb612bc2129a09b3e3ce73ab811de0344e9ef58a4b85af5fb3ca40`
SHA3	`2ffc02d1ad8fc89d9a4deb38df4ca7ccc6b486507f0a66967ead0547c292ae75`

25

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.60406`
MD5	`71ba081b94218e8364dd2e4e8b804c51`
SHA1	`63096c0a4dff3b067b6e619e5e6a38c5ed5cc943`
SHA256	`8a5ac6abb43180226052148a21c3b919701cfdf797b43b39ba2611d5230d3e80`
SHA3	`7908406b9e7ea05d6a597e10b9801003dab62e73a24157dae82aea95d9362170`

26

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.72735`
MD5	`4452d334b20a4a74f1c614d62c75d35c`
SHA1	`1c8aed9c27ab287ba8687bdd973c1bdc1fab02fc`
SHA256	`2c1bb9b12fb5684a5c1b89aca9e3870e658e12fc1c0e5bca453b18c93518862c`
SHA3	`5462052da40668ec7849fabe1a011a1287b06dc0eba1e12194c8ec554337b2d9`

27

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.19142`
MD5	`83f6a1c8b60d451f6851d741522a4501`
SHA1	`5b237fb5cac5086ed9c4bf904c5afbdbb9f094f9`
SHA256	`4b7f70d81e67bec9132a9d008a81be3717e430f6422c07cc5e5edf6e10783cba`
SHA3	`d20d8555d489a977a0cc43274a2b8e386f8430f57685db0b093d4853585ff366`

211

Type	`RT_MENU`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37124`
MD5	`2cfd05e0e8346abd1be8b6933d0684ad`
SHA1	`898c4f11bceec1fb399cc9e0f305e09b9a2df803`
SHA256	`c0306fb5f7462e74df09e5e0627c01a238f291bbdc89c24c0ea1f46e7341ab5a`
SHA3	`8f3778cee4660e3c85805aa4bce2602547080ca7cfc425029bce1441a5af9a1f`

205

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.7949`
MD5	`4b54c50878e900edccf0410ee62936bd`
SHA1	`e611915c5346058db710121d89c444aa7b5e503a`
SHA256	`ffa9c8ef0bc17102bd0afd2d82569ec0c1d1bc9b960183c191f5753f5c105703`
SHA3	`2fbe970575523b53f36fb2d5f9deb2c512807889cc39c4fbc22b133603816d1d`

500

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x18e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98802`
MD5	`81191ea3495c7e543b7910a2f3a21d10`
SHA1	`1c09cf05b6a527dcbd90dfcde939af115e794853`
SHA256	`6d9ea40e76e80569d9feade3a56c7eebe48808372db5c87667b622aa43889eb8`
SHA3	`3527b88be5776411ba4eeb8345237451e6ee46a73d225f5569e19c2c2b7f6196`

212

Type	`RT_ACCELERATOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x48`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.96144`
MD5	`7fb94687aa0fe2b18873dba5ac59ab1d`
SHA1	`e19e8d6b0e33da063de27c83fa0bab4058513332`
SHA256	`86286a59831ad1d0d84eb411ae6fa236b21bca5d3ebfc93a59cf4b6bf1d466d0`
SHA3	`33011788d35d1127a1ee6fbdb975c0d4ef6b36d3896e0d27d3f75f0ff68e3aec`

159

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97241`
Detected Filetype	Icon file
MD5	`9fb9077af1c4b1a2a5b5d0a142cd53fb`
SHA1	`243b6f0733c5d6eba208ca108238a76119490bbc`
SHA256	`48523ac82d2330704737c7acba2691a35e6255c2c8f44704a0f76dcbc7aa70f8`
SHA3	`90c62cc33ea186e7f4a9e7a13b4a57b600c10369d1f22c638aa17bd859a4e007`

160

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70265`
Detected Filetype	Icon file
MD5	`d3dacebc43cc41c482c0c6132c72d710`
SHA1	`f2fec6996b3e117810db48a987dbc4540eae9cb9`
SHA256	`0f60c796453a424ba91f01710162395f52287aefd2dabfe9f6c3cb7ea90d6fed`
SHA3	`7c5586ffc59c3ec52f93aa2be4a1e98defd677d3808816842943a4d0b3880421`

206

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79349`
Detected Filetype	Icon file
MD5	`56bc843c2228363318721c8e48f8089d`
SHA1	`8a40b1efe5f5663ebf177e5c12e0579027b2e95b`
SHA256	`2407a1db2e60b58687d2ab4f936205a80833cc1c29331896b678cea298b29b7e`
SHA3	`898f9dc95fc47db0ed3dfa6a043cbe0d780c82618b06f5d6b4fed958adb6c422`

207

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.7339`
Detected Filetype	Icon file
MD5	`917012b14a88fcc79a3a6017cce15ba4`
SHA1	`4286eba6df373db6b6ebf28a1f5c818a52a5b289`
SHA256	`0894c6ebf577910dbeafa70b6167b9d39b2e80a1965d96ff8dabfea8799d0f42`
SHA3	`a67e97a621b81afb024740542b060f885b5cd30e43ad329da5a69ac267712f14`

208

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6985`
Detected Filetype	Icon file
MD5	`81690092de8afae80c3e61469a647a9d`
SHA1	`9a4a9e8c2fddf362318017d24c4e12389b56c750`
SHA256	`bbf948d6ecb3a0dc2af289573953839b9a09e04a1cf5b5708ffad5dd2c1e7bbb`
SHA3	`afd8389134ab6a3e196e05b3b0d65b03d078068de7ae789c8966ef2648ed3263`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x208`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27037`
MD5	`2fedfed8f4c03c3c501b28e30d6463f2`
SHA1	`25030f42514245aed64240da196a4d8b5ca23d63`
SHA256	`74cd5e334f68d7d7dc12dc09f37cebb5fc3c14135b46eb6229dd8835d9b2c445`
SHA3	`ff3f6a684b13c102b2eca4aa2194728c0eb3a48c8a16d61f14c2213e6a10e9b0`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x519`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.34899`
MD5	`ae6cbabd61462b1c75647641e27471e0`
SHA1	`ab09ac1c8f01cae017456ea50d62dded0f2d8e0a`
SHA256	`1ac065102b08a083e659f8c0bc22d36e611e9a3fd59af54f3e24a5759ad27e5f`
SHA3	`cf59127e0acec85cabbe5259628d30a408de2609c40f939b05b633df13caee74`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.0.0.0
ProductVersion	2.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
FileDescription	AutoHotkey 64-bit
FileVersion (#2)	2.0
CompanyName	AutoHotkey Foundation LLC
ProductName	AutoHotkey
ProductVersion (#2)	2.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Apr-21 18:32:52
Version	`0.0`
SizeofData	`900`
AddressOfRawData	`0xf9a0c`
PointerToRawData	`0xf840c`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2026-Apr-21 18:32:52
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140106040`

RICH Header

XOR Key	`0x936bd1de`
Unmarked objects	`0`
ASM objects (33145)	`23`
ASM objects (35207)	`9`
C objects (35207)	`19`
C++ objects (35207)	`46`
C objects (33145)	`35`
C++ objects (33145)	`159`
C objects (CVTCIL) (33145)	`1`
Imports (33145)	`33`
Total imports	`497`
ASM objects (35225)	`2`
C++ objects (LTCG) (35225)	`66`
Resource objects (35225)	`1`
Linker (35225)	`1`

Errors

Leave a comment

No comments yet.