057d09ff866001fd6e232e014632e719
Summary
| Architecture |
IMAGE_FILE_MACHINE_I386
|
|---|---|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date | 2017-Mar-10 00:04:55 |
| Detected languages |
English - United States
Russian - Russia |
| FileDescription | Adobe Acrobat Reader DX |
| FileVersion | 10.7.20033.13741 |
| InternalName | Adobe Acrobat Reader DX |
| LegalCopyright | Copyright 1984-2016 Adobe Systems Incorporated and its licensors. All rights reserved. |
| OriginalFilename | AcroRd32.exe |
| ProductName | Adobe Acrobat Reader DX |
| ProductVersion | 10.7.20033.13741 |
Plugin Output
| Suspicious | PEiD Signature: |
UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser
UPX v2.0 -> Markus, Laszlo & Reiser (h) UPX 2.00-3.0X -> Markus Oberhumer & Laszlo Molnar & John Reiser UPX -> www.upx.sourceforge.net UPX Protector v1.0x (2) UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser UPX 2.00-3.0X -> Markus Oberhumer & Laszlo Molnar & John Reiser |
| Info | Cryptographic algorithms detected in the binary: | Uses constants related to MD5 |
| Suspicious | The PE is packed with UPX |
Unusual section name found: UPX0
Section UPX0 is both writable and executable. Unusual section name found: UPX1 Section UPX1 is both writable and executable. |
| Suspicious | The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
|
| Info | The PE's resources present abnormal characteristics. |
Resource 1 is possibly compressed or encrypted.
Resource 3 is possibly compressed or encrypted. Resource 4 is possibly compressed or encrypted. Resource 5 is possibly compressed or encrypted. Resource 6 is possibly compressed or encrypted. Resource 7 is possibly compressed or encrypted. Resource CERT is possibly compressed or encrypted. Resource CERTMGR is possibly compressed or encrypted. Resource PACKAGEINFO is possibly compressed or encrypted. The binary may have been compiled on a machine in the UTC-3 timezone. |
| Malicious | The program tries to mislead users about its origins. | The PE pretends to be from Adobe but is not signed! |
| Suspicious | No VirusTotal score. | This file has never been scanned on VirusTotal. |
Hashes
DOS Header
| e_magic | MZ |
|---|---|
| e_cblp | 0x50 |
| e_cp | 0x2 |
| e_crlc | 0 |
| e_cparhdr | 0x4 |
| e_minalloc | 0xf |
| e_maxalloc | 0xffff |
| e_ss | 0 |
| e_sp | 0xb8 |
| e_csum | 0 |
| e_ip | 0 |
| e_cs | 0 |
| e_ovno | 0x1a |
| e_oemid | 0 |
| e_oeminfo | 0 |
| e_lfanew | 0x100 |
PE Header
| Signature | PE |
|---|---|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections | 3 |
| TimeDateStamp | 2017-Mar-10 00:04:55 |
| PointerToSymbolTable | 0 |
| NumberOfSymbols | 0 |
| SizeOfOptionalHeader | 0xe0 |
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED
|
Image Optional Header
| Magic | PE32 |
|---|---|
| LinkerVersion | 2.0 |
| SizeOfCode | 0xcf000 |
| SizeOfInitializedData | 0x53000 |
| SizeOfUninitializedData | 0x28c000 |
| AddressOfEntryPoint | 0x0035B5B0 (Section: UPX1) |
| BaseOfCode | 0x28d000 |
| BaseOfData | 0x35c000 |
| ImageBase | 0x400000 |
| SectionAlignment | 0x1000 |
| FileAlignment | 0x200 |
| OperatingSystemVersion | 5.0 |
| ImageVersion | 0.0 |
| SubsystemVersion | 5.0 |
| Win32VersionValue | 0 |
| SizeOfImage | 0x3af000 |
| SizeOfHeaders | 0x1000 |
| Checksum | 0x129877 |
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| SizeofStackReserve | 0x100000 |
| SizeofStackCommit | 0x4000 |
| SizeofHeapReserve | 0x100000 |
| SizeofHeapCommit | 0x1000 |
| LoaderFlags | 0 |
| NumberOfRvaAndSizes | 16 |
UPX0
UPX1
.rsrc
Imports
| KERNEL32.DLL |
LoadLibraryA
GetProcAddress VirtualProtect VirtualAlloc VirtualFree ExitProcess |
|---|---|
| advapi32.dll |
RegCloseKey
|
| comctl32.dll |
ImageList_Add
|
| gdi32.dll |
Pie
|
| msvcrt.dll |
memset
|
| netapi32.dll |
NetWkstaGetInfo
|
| ole32.dll |
IsEqualGUID
|
| oleaut32.dll |
VariantCopy
|
| shell32.dll |
ShellExecuteW
|
| user32.dll |
GetDC
|
| version.dll |
VerQueryValueW
|
| winspool.drv |
OpenPrinterW
|
Delayed Imports
1
2
3
4
5
6
7
1 (#2)
2 (#2)
3 (#2)
4 (#2)
5 (#2)
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
CERT
CERTMGR
DVCLAL
PACKAGEINFO
PLATFORMTARGETS
32761
32762
32763
32764
32765
32766
32767
MAINICON
1 (#3)
1 (#4)
String Table contents
| Variant does not reference an automation object |
| Dispatch methods do not support more than 64 parameters |
| Style class '%s' not found |
| Invalid style handle |
| Invalid style format |
| Class '%s' is already registered for '%s' |
| Class '%s' is not registered for '%s' |
| %s parameter cannot be nil |
| Feature not supported by this style |
| Style '%s' is not registered |
| Cannot unregister the system style |
| Style not registered |
| Cannot call BeginInvoke on a control with no parent or window handle |
| Cannot change the size of a JPEG image |
| JPEG error #%d |
| JPEG Image File |
| OLE error %.8x |
| Method '%s' not supported by automation object |
| Length of value array must be >= length of prompt array |
| Prompt array must not be empty |
| &Username |
| &Password |
| &Domain |
| Login |
| Cannot remove shell notification icon |
| %s requires Windows Vista or later |
| Button%d |
| RadioButton%d |
| Caption cannot be empty |
| Unable to load style '%s' |
| Unable to load styles: %s |
| Style '%s' already registered |
| Style class '%s' already registered |
| Style '%s' not found |
| Del |
| Shift+ |
| Ctrl+ |
| Alt+ |
| Value must be between %d and %d |
| All |
| Clipboard does not support Icons |
| Cannot open clipboard: %s |
| Operation not supported on selected printer |
| There is no default printer currently selected |
| Menu '%s' is already being used by another form |
| Docked control must have a name |
| Error removing control from dock tree |
| - Dock zone not found |
| - Dock zone has no control |
| Error loading dock zone from the stream. Expecting version %d, but found %d. |
| Yes to &All |
| &Close |
| BkSp |
| Tab |
| Esc |
| Enter |
| Space |
| PgUp |
| PgDn |
| End |
| Home |
| Left |
| Up |
| Right |
| Down |
| Ins |
| PNG Images |
| GIF Images |
| Warning |
| Error |
| Information |
| Confirm |
| &Yes |
| &No |
| OK |
| Cancel |
| &Help |
| &Abort |
| &Retry |
| &Ignore |
| &All |
| N&o to All |
| Printer is not currently printing |
| Printing in progress |
| Printer index out of range |
| Printer selected is not valid |
| %s on %s |
| GroupIndex cannot be less than a previous menu item's GroupIndex |
| Cannot create form. No MDI forms are currently active |
| Can only modify an image if it contains a bitmap |
| A control cannot have itself as its parent |
| Cannot drag a form |
| Metafiles |
| Enhanced Metafiles |
| Icons |
| Bitmaps |
| TIFF Images |
| JPEG Images |
| Failed to read ImageList data from stream |
| Failed to write ImageList data to stream |
| Error creating window device context |
| Error creating window class |
| Cannot focus a disabled or invisible window |
| Control '%s' has no parent window |
| Parent given is not a parent of '%s' |
| Cannot hide an MDI Child Form |
| Cannot change Visible in OnShow or OnHide |
| Cannot make a visible window modal |
| Scrollbar property out of range |
| %s property out of range |
| Menu index out of range |
| Menu inserted twice |
| Sub-menu is not in menu |
| Not enough timers available |
| Metafile is not valid |
| Invalid pixel format |
| Invalid image |
| Scan line index out of range |
| Cannot change the size of an icon |
| Cannot change the size of a WIC Image |
| Unknown picture file extension (.%s) |
| Unsupported clipboard format |
| Out of system resources |
| Canvas does not allow drawing |
| Text format flag '%s' not supported |
| Invalid image size |
| Invalid ImageList |
| Unable to Replace Image |
| Unable to Insert Image |
| Invalid ImageList Index |
| Client policy does not allow credential delegation to target server with NLTM only authentication. |
| The recipient rejected the renegotiation request. |
| The required security context does not exist. |
| The PKU2U protocol encountered an error while attempting to utilize the associated certificates. |
| The identity of the server computer could not be verified. |
| Unknown error |
| SSPI %s returns error #%d(0x%x): %s |
| SSPI interface has failed to initialise properly |
| No PSecPkgInfo specified |
| No credential handle acquired |
| Can not change credentials after handle aquired. Use Release first |
| Unknown credentials use |
| Do AcquireCredentialsHandle first |
| CompleteAuthToken is not supported |
| Bitmap image is not valid |
| Icon image is not valid |
| The certificate is not valid for the requested usage. |
| The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. |
| The smartcard certificate used for authentication has been revoked. Please contact your system administrator. There may be additional information in the event log. |
| An untrusted certificate authority was detected While processing the smartcard certificate used for authentication. Please contact your system administrator. |
| The revocation status of the smartcard certificate used for authentication could not be determined. Please contact your system administrator. |
| The smartcard certificate used for authentication was not trusted. Please contact your system administrator. |
| The smartcard certificate used for authentication has expired. Please contact your system administrator. |
| The Kerberos subsystem encountered an error. A service for user protocol request was made against a domain controller which does not support service for user. |
| An attempt was made by this server to make a Kerberos constrained delegation request for a target outside of the server's realm. This is not supported, and indicates a misconfiguration on this server's allowed to delegate to list. Please contact your administrator. |
| The revocation status of the domain controller certificate used for smartcard authentication could not be determined. There is additional information in the system event log. Please contact your system administrator. |
| An untrusted certificate authority was detected while processing the domain controller certificate used for authentication. There is additional information in the system event log. Please contact your system administrator. |
| The domain controller certificate used for smartcard logon has expired. Please contact your system administrator with the contents of your system event log. |
| The domain controller certificate used for smartcard logon has been revoked. Please contact your system administrator with the contents of your system event log. |
| A signature operation must be performed before the user can authenticate. |
| One or more of the parameters passed to the function was invalid. |
| Client policy does not allow credential delegation to target server. |
| The number of maximum ticket referrals has been exceeded. |
| The local machine must be a Kerberos KDC (domain controller) and it is not. |
| The other end of the security negotiation is requires strong crypto but it is not supported on the local machine. |
| The KDC reply contained more than one principal name. |
| Expected to find PA data for a hint of what etype to use, but it was not found. |
| The client certificate does not contain a valid UPN, or does not match the client name in the logon request. Please contact your administrator. |
| Smartcard logon is required and was not used. |
| A system shutdown is in progress. |
| An invalid request was sent to the KDC. |
| The KDC was unable to generate a referral for the service requested. |
| The encryption type requested is not supported by the KDC. |
| An unsupported preauthentication mechanism was presented to the Kerberos package. |
| The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation. |
| Client's supplied SSPI channel bindings were incorrect. |
| The received certificate was mapped to multiple accounts. |
| SEC_E_NO_KERB_KEY |
| The target principal name is incorrect. |
| There is no LSA mode context associated with this context. |
| The clocks on the client and server machines are skewed. |
| The certificate chain was issued by an untrusted authority. |
| The message received was unexpected or badly formatted. |
| An unknown error occurred while processing the certificate. |
| The received certificate has expired. |
| The specified data could not be encrypted. |
| The specified data could not be decrypted. |
| The client and server cannot communicate, because they do not possess a common algorithm. |
| The security context could not be established due to a failure in the requested quality of service (e.g. mutual authentication or delegation). |
| A security context was deleted before the context was completed. This is considered a logon failure. |
| The client is trying to negotiate a context and the server requires user-to-user but didn't send a TGT reply. |
| Unable to accomplish the requested task because the local machine does not have any IP addresses. |
| The supplied credential handle does not match the credential associated with the security context. |
| The crypto system or checksum function is invalid because a required function is unavailable. |
| The credentials supplied to the package were not recognized |
| No credentials are available in the security package |
| The message or signature supplied for verification has been altered |
| The message supplied for verification is out of sequence |
| No authority could be contacted for authentication. |
| The function completed successfully, but must be called again to complete the context |
| The function completed successfully, but CompleteToken must be called |
| The function completed successfully, but both CompleteToken and this function must be called to complete the context |
| The logon was completed, but no network authority was available. The logon was made using locally known information |
| The requested security package does not exist |
| The context has expired and can no longer be used. |
| The supplied message is incomplete. The signature was not verified. |
| The credentials supplied were not complete, and could not be verified. The context could not be initialized. |
| The buffers supplied to a function was too small. |
| The credentials supplied were not complete, and could not be verified. Additional information can be returned from the context. |
| The context data must be renegotiated with the peer. |
| Handshake Start |
| Handshake Done |
| Successfull API call |
| Not enough memory is available to complete this request |
| The handle specified is invalid |
| The function requested is not supported |
| The specified target is unknown or unreachable |
| The Local Security Authority cannot be contacted |
| The requested security package does not exist |
| The caller is not the owner of the desired credentials |
| The security package failed to initialize, and cannot be installed |
| The token supplied to the function is invalid |
| The security package is not able to marshall the logon buffer, so the logon attempt has failed |
| The per-message Quality of Protection is not supported by the security package |
| The security context does not allow impersonation of the client |
| The logon attempt failed |
| Could not encode header data using charset "%s" |
| Failed to load %s. |
| Mode has not been set. |
| Could not load SSL library. |
| SSL status: "%s" |
| %s Alert |
| %s Read Alert |
| %s Write Alert |
| Accept Loop |
| Accept Error |
| Accept Failed |
| Accept Exit |
| Connect Loop |
| Connect Error |
| Connect Failed |
| Connect Exit |
| Message decoder not found |
| Message encoder not found |
| Unrecognized UUE encoding scheme. |
| Unsupported object type. You can assign only one of the following types or their descendants: TStrings, TStream. |
| Unsupported transfer type. You can assign only an empty string or one of the following values: 7bit, 8bit, binary, quoted-printable, base64. |
| Unsupported encoding. You can assign only one of the following values: Q, B, 8. |
| Protocol field is empty |
| Host field is empty |
| SSL IOHandler is required for this setting |
| This value can not be set while the client is connected. |
| SSL is not available on this server. |
| Start SSL negotiation command failed. |
| SSL negotiation failed. |
| Invalid Reply String. |
| Invalid Reply Class. |
| Unsupported operation. |
| TIdMessagePart can not be created. Use descendant classes. |
| Error saving attachment. |
| Attachment %s is blocked. |
| Error accepting connection with SSL. |
| Error connecting with SSL. |
| SetCipher failed. |
| Error creating SSL session. |
| Error creating SSL context. |
| Could not load root certificate. |
| Could not load certificate. |
| Could not load key, check password. |
| Could not load DH Parameters. |
| Error getting SSL method. |
| Error setting File Descriptor for SSL |
| Error binding data to SSL socket. |
| EOF was observed that violates the protocol |
| Algorithm %s not permitted in FIPS mode |
| The specified SASL handlers are not ready!! |
| Doesn't support AUTH or the specified SASL handlers!! |
| Need SASL mechanisms to login with it!! |
| Extension is empty |
| Mimetype is empty |
| Extension already exits |
| Cannot load message from file %s |
| Encoding text |
| Encoding attachment |
| Message parts cannot be used in a message which has a ContentTransferEncoding value. |
| Chunk Started |
| Not Acceptable |
| Unknown Protocol |
| Request method requires HTTP version 1.1 |
| Unsupported hash algorithm. This implementation supports only MD5 encoding. |
| Set LargeStream to True to send streams greater than 2GB |
| Data is too large for stream |
| Connect timed out. |
| Cannot call TerminateAndWaitFor on FreeAndTerminate threads |
| Already connected. |
| Maximum number of line allowed exceeded |
| The IOHandler already has a different Intercept assigned |
| Transparent proxy cannot bind. |
| UDP Not supported by this proxy. |
| Buffer terminator must be specified. |
| Buffer start position is invalid. |
| Cannot change a connected IOHandler. |
| No IOHandler of type %s is installed. |
| Reply Code is not valid: %s |
| Reply Code already exists: %s |
| IOHandler value is not valid |
| Network unreachable. |
| Host unreachable. |
| Connection refused. |
| TTL expired. |
| Command not supported. |
| Address type not supported. |
| %s: Circular links are not allowed |
| Not enough data in buffer. (%d/%d) |
| Too much data in buffer. |
| File "%s" not found |
| Not Connected |
| Object type not supported. |
| No data to read. |
| Read timed out. |
| Max line read attempts exceeded. |
| Max line length exceeded. |
| %s is not a valid IPv6 address |
| The requested IPVersion / Address family is not supported. |
| Not all bytes sent. |
| Package Size Too Big. |
| Set Size Exceeded. |
| End of stream: Class %s at %d |
| UDP is not support in this SOCKS version. |
| Request rejected or failed. |
| Request rejected because SOCKS server cannot connect. |
| Request rejected because the client program and identd report different user-ids. |
| Unknown socks error. |
| Socks server did not respond. |
| Invalid socks authentication method. |
| Authentication error to socks server. |
| General SOCKS server failure. |
| Connection not allowed by ruleset. |
| Connection refused. |
| Too many levels of symbolic links. |
| File name too long. |
| Host is down. |
| No route to host. |
| Directory not empty |
| Host not found. |
| Stack Class is undefined. |
| Stack already created. |
| Only one TIdAntiFreeze can exist per application. |
| Cannot change IPVersion when connected |
| Can not bind in port range (%d - %d) |
| Connection Closed Gracefully. |
| Could not bind socket. Address and port are already in use. |
| Invalid Port Range (%d - %d) |
| %s is not a valid service. |
| Operation not supported on socket. |
| Protocol family not supported. |
| Address family not supported by protocol family. |
| Address already in use. |
| Cannot assign requested address. |
| Network is down. |
| Network is unreachable. |
| Net dropped connection or reset. |
| Software caused connection abort. |
| Connection reset by peer. |
| No buffer space available. |
| Socket is already connected. |
| Socket is not connected. |
| Cannot send or receive after socket is closed. |
| Too many references, cannot splice. |
| Connection timed out. |
| Interrupted system call. |
| Bad file number. |
| Access denied. |
| Buffer fault. |
| Invalid argument. |
| Too many open files. |
| Operation would block. |
| Operation now in progress. |
| Operation already in progress. |
| Socket operation on non-socket. |
| Destination address required. |
| Message too long. |
| Protocol wrong type for socket. |
| Bad protocol option. |
| Protocol not supported. |
| Socket type not supported. |
| Invalid source array |
| Invalid destination array |
| Character index out of bounds (%d) |
| Invalid count (%d) |
| Invalid destination index (%d) |
| Invalid codepage (%d) |
| Failed attempting to retrieve time zone information. |
| Error on call to Winsock2 library function %s |
| Error on loading Winsock2 library (%s) |
| Resolving hostname %s. |
| Connecting to %s. |
| Connected. |
| Disconnecting. |
| Disconnected. |
| %s |
| Socket Error # %d |
| %s |
| Windows Server 2012 |
| Windows Server 2012 R2 |
| Windows 8 |
| Windows 8.1 |
| Windows 10 |
| Observer is not supported |
| Cannot have multiple single cast observers added to the observers collection |
| The object does not implement the observer interface |
| No single cast observer with ID %d was added to the observer collection |
| No multi cast observer with ID %d was added to the observer collection |
| Observer is not available |
| Invalid date string: %s |
| Invalid time string: %s |
| Invalid time Offset string: %s |
| Must wait on at least one event |
| Cannot call BeginInvoke on a TComponent in the process of destruction |
| Type '%s' is not declared in the interface section of a unit |
| VAR and OUT arguments must match parameter type exactly |
| Specified Login Credential Service not found |
| %s (Version %d.%d, Build %d, %5:s) |
| %s Service Pack %4:d (Version %1:d.%2:d, Build %3:d, %5:s) |
| 32-bit Edition |
| 64-bit Edition |
| Windows |
| Windows Vista |
| Windows Server 2008 |
| Windows 7 |
| Windows Server 2008 R2 |
| Windows 2000 |
| Windows XP |
| Windows Server 2003 |
| Windows Server 2003 R2 |
| Negating the minimum value of a Timespan is invalid |
| Invalid Timespan format |
| Timespan element too long |
| No context-sensitive help installed |
| No help found for context %d |
| Unable to open Index |
| Unable to open Search |
| Unable to find a Table of Contents |
| No topic-based help system installed |
| No help found for %s |
| Argument out of range |
| Argument must not be nil |
| Item not found |
| Duplicates not allowed |
| Insufficient RTTI available to support this operation |
| Parameter count mismatch |
| Parameter %s cannot be a negative value |
| Input buffer exceeded for %s = %d, %s = %d |
| Invalid characters in path |
| The specified file was not found |
| No help viewer that supports filters |
| Index out of range (%d). Must be >= 0 and < %d |
| String index out of range (%d). Must be >= %d and <= %d |
| High surrogate char without a following low surrogate char at index: %d. Check that the string is encoded properly |
| Low surrogate char without a preceding high surrogate char at index: %d. Check that the string is encoded properly |
| Length of Strings and Objects arrays must be equal |
| Class %s is not intended to be constructed |
| Invalid Timeout value: %s |
| SpinCount out of range. Must be between 0 and %d |
| Timespan too long |
| The duration cannot be returned because the absolute value exceeds the value of TTimeSpan.MaxValue |
| Value cannot be NaN |
| Failed to get data for '%s' |
| Failed to set data for '%s' |
| Resource %s not found |
| %s.Seek not implemented |
| Operation not allowed on sorted list |
| %s not in a class registration group |
| Property %s does not exist |
| Stream write error |
| Thread creation error: %s |
| Thread Error: %s (%d) |
| Cannot terminate an externally created thread |
| Cannot wait for an externally created thread |
| Cannot call Start on a running or suspended thread |
| Cannot call CheckTerminated on an externally created thread |
| Cannot call SetReturnValue on an externally create thread |
| Parameter %s cannot be nil |
| Invalid file name - %s |
| Invalid stream format |
| ''%s'' is not a valid component name |
| Invalid property value |
| Invalid property path |
| Invalid property value |
| Invalid data type for '%s' |
| List capacity out of bounds (%d) |
| List count out of bounds (%d) |
| List index out of bounds (%d) |
| Out of memory while expanding memory stream |
| %s has not been registered as a COM class |
| Error reading %s%s%s: %s |
| Stream read error |
| Property is read-only |
| Failed to create key %s |
| Invalid destination index (%d) |
| Invalid code page |
| Invalid encoding name |
| No mapping for the Unicode character exists in the target multi-byte code page |
| Ancestor for '%s' not found |
| Cannot assign a %s to a %s |
| Bits index out of range |
| Can't write to a read-only resource stream |
| CheckSynchronize called from thread $%x, which is NOT the main thread |
| Class %s not found |
| A class named %s already exists |
| List does not allow duplicates ($0%x) |
| A component named %s already exists |
| String list does not allow duplicates |
| Cannot create file "%s". %s |
| Cannot open file "%s". %s |
| Wed |
| Thu |
| Fri |
| Sat |
| Sunday |
| Monday |
| Tuesday |
| Wednesday |
| Thursday |
| Friday |
| Saturday |
| Invalid source array |
| Invalid destination array |
| Character index out of bounds (%d) |
| Start index out of bounds (%d) |
| Invalid count (%d) |
| Dec |
| January |
| February |
| March |
| April |
| May |
| June |
| July |
| August |
| September |
| October |
| November |
| December |
| Sun |
| Mon |
| Tue |
| %s (%s, line %d) |
| Abstract Error |
| Access violation at address %p in module '%s'. %s of address %p |
| System Error. Code: %d. |
| %s%s |
| A call to an OS function failed |
| Jan |
| Feb |
| Mar |
| Apr |
| May |
| Jun |
| Jul |
| Aug |
| Sep |
| Oct |
| Nov |
| Too many custom variant types have been registered |
| Could not convert variant of type (%s) into type (%s) |
| Overflow while converting variant of type (%s) into type (%s) |
| Variant overflow |
| Invalid argument |
| Invalid variant type |
| Operation not supported |
| Unexpected variant error |
| External exception %x |
| Assertion failed |
| Interface not supported |
| Exception in safecall method |
| Object lock not owned |
| Monitor support function not initialized |
| Feature not implemented |
| Method called on disposed object |
| No argument for format '%s' |
| Variant method calls not supported |
| Read |
| Write |
| Execution |
| Invalid access |
| Error creating variant or safe array |
| Variant or safe array index out of bounds |
| Variant or safe array is locked |
| Invalid variant type conversion |
| Invalid variant operation |
| Invalid NULL variant operation |
| Invalid variant operation (%s%.8x) |
| %s |
| Custom variant type (%s%.4x) is out of range |
| Custom variant type (%s%.4x) already used by %s |
| Custom variant type (%s%.4x) is not usable |
| Integer overflow |
| Invalid floating point operation |
| Floating point division by zero |
| Floating point overflow |
| Floating point underflow |
| Invalid pointer operation |
| Invalid class typecast |
| Access violation at address %p. %s of address %p |
| Access violation |
| Stack overflow |
| Control-C hit |
| Privileged instruction |
| Operation aborted |
| Exception %s in module %s at %p. |
| %s%s |
| Application Error |
| Format '%s' invalid or incompatible with argument |
| <unknown> |
| '%s' is not a valid integer value |
| '%s' is not a valid floating point value |
| '%d.%d' is not a valid timestamp |
| '%s' is not a valid GUID value |
| Invalid argument to time encode |
| Invalid argument to date encode |
| Out of memory |
| I/O error %d |
| Too many open files |
| File access denied |
| Read beyond end of file |
| Disk full |
| Invalid numeric input |
| Division by zero |
| Range check error |
Version Info
| Signature | 0xfeef04bd |
|---|---|
| StructVersion | 0x10000 |
| FileVersion | 10.7.20033.13741 |
| ProductVersion | 10.7.20033.13741 |
| FileFlags | (EMPTY) |
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
|
| FileType |
VFT_APP
|
| Language | English - United States |
| FileDescription | Adobe Acrobat Reader DX |
| FileVersion (#2) | 10.7.20033.13741 |
| InternalName | Adobe Acrobat Reader DX |
| LegalCopyright | Copyright 1984-2016 Adobe Systems Incorporated and its licensors. All rights reserved. |
| OriginalFilename | AcroRd32.exe |
| ProductName | Adobe Acrobat Reader DX |
| ProductVersion (#2) | 10.7.20033.13741 |
| Resource LangID | English - United States |
|---|
TLS Callbacks
Load Configuration
RICH Header
Errors
[*] Warning: Could not read the name of the DLL to be delay-loaded!
[*] Warning: IMAGE_EXPORT_DIRECTORY field Characteristics is reserved and should be 0!
[!] Error: Could not read the exported DLL name.
[!] Error: Could not reach the TLS callback table.
[*] Warning: Section UPX0 has a size of 0!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 32761 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 32762 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 32763 is empty!
[*] Warning: Resource 32764 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 32765 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 32766 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 32767 is empty!