09e3e8dd93fd062cd73363ccb3665527

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2021-Aug-19 03:20:28
Detected languages Chinese - PRC
English - United States
FileDescription Best Trace
FileVersion 3.9.1.0
InternalName Best Trace
LegalCopyright Copyright 2013 - 2021
OriginalFilename 17monipdb.exe
ProductName Best Trace
ProductVersion 3.9.1.0

Plugin Output

Info Cryptographic algorithms detected in the binary: Uses constants related to MD5
Uses constants related to SHA256
Uses known Mersenne Twister constants
Suspicious The PE is packed with UPX Unusual section name found: UPX0
Section UPX0 is both writable and executable.
Unusual section name found: UPX1
Section UPX1 is both writable and executable.
Suspicious The PE contains functions most legitimate programs don't use. [!] The program may be hiding some of its imports:
  • LoadLibraryA
  • GetProcAddress
Possibly launches other programs:
  • ShellExecuteW
Has Internet access capabilities:
  • InternetOpenW
Leverages the raw socket API to access the Internet:
  • htonl
Interacts with the certificate store:
  • CertOpenStore
Info The PE's resources present abnormal characteristics. Resource 233 is possibly compressed or encrypted.
Resource 100 is possibly compressed or encrypted.
Resource 129 is possibly compressed or encrypted.
Resource 202 is possibly compressed or encrypted.
Resource 212 is possibly compressed or encrypted.
Resource 220 is possibly compressed or encrypted.
Resource 222 is possibly compressed or encrypted.
Resource 234 is possibly compressed or encrypted.
Resource 242 is possibly compressed or encrypted.
Resource 245 is possibly compressed or encrypted.
Resource 247 is possibly compressed or encrypted.
Resource 256 is possibly compressed or encrypted.
Resource 3601 is possibly compressed or encrypted.
Resource 3603 is possibly compressed or encrypted.
Resource 3604 is possibly compressed or encrypted.
Resource 3605 is possibly compressed or encrypted.
Resource 3825 is possibly compressed or encrypted.
Resource 206 is possibly compressed or encrypted.
Resource 216 is possibly compressed or encrypted.
Resource 225 is possibly compressed or encrypted.
Resource 226 is possibly compressed or encrypted.
Resource 231 is possibly compressed or encrypted.
Resource 237 is possibly compressed or encrypted.
Resource 253 is possibly compressed or encrypted.
Resource 254 is possibly compressed or encrypted.
Resource 255 is possibly compressed or encrypted.
Resource 259 is possibly compressed or encrypted.
Info The PE is digitally signed. Signer: \xE5\x8C\x97\xE4\xBA\xAC\xE5\xA4\xA9\xE7\x89\xB9\xE4\xBF\xA1\xE7\xA7\x91\xE6\x8A\x80\xE6\x9C\x89\xE9\x99\x90\xE5\x85\xAC\xE5\x8F\xB8
Issuer: DigiCert SHA2 Assured ID Code Signing CA
Safe VirusTotal score: 0/69 (Scanned on 2022-05-14 08:20:55) All the AVs think this file is safe.

Hashes

MD5 09e3e8dd93fd062cd73363ccb3665527
SHA1 7d5dcdf1878b314ff48365dd96881963af093e60
SHA256 9e8600b30b10f0a2cb37b32748ed8d308bda379db4a10077b289b601c8caa4f2
SHA3 abad533854f8059557c900c6fc6c79aab0f6586a6f2d5e2359d795d6741292bf
SSDeep 49152:kHD9BYjfWxyjnw/C3phXYAtlb27y+B7tcmNBVI:mDzYyxyzKC3jYb7HtXNBVI
Imports Hash cc82fd8ca32ad8508f5ac6c6242bdc22

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x120

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 3
TimeDateStamp 2021-Aug-19 03:20:28
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0x153000
SizeOfInitializedData 0x71000
SizeOfUninitializedData 0x327000
AddressOfEntryPoint 0x0000000000479C80 (Section: UPX1)
BaseOfCode 0x328000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x4ec000
SizeOfHeaders 0x1000
Checksum 0x1cb282
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

UPX0

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x327000
VirtualAddress 0x1000
SizeOfRawData 0
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1

MD5 e1f38d91544d50d284a22c33fc6fde11
SHA1 4a6df651b13e44cb9c044ef5ab23c667343d946e
SHA256 463c232311e5e8db135a00ebb58b11c81e1335336813662b8b731a507efb4470
SHA3 a50a3d664421f4016a9e3d4a34e053c65196dbf02ca8391eb23a45f7a7d3af6f
VirtualSize 0x153000
VirtualAddress 0x328000
SizeOfRawData 0x152200
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 7.92146

.rsrc

MD5 428241e9ee5c121536569f58092b3222
SHA1 41d0c946acf9cadec5ef927f2e996dfd4e6d8496
SHA256 6530b5afe553110c7a1ee8a2643bf11447ab2e7c682e74a17467669da5d248ee
SHA3 bc0049f9b4ba1a3b643a3e6b29f4e28fbb6a4f1f1e35b7afe43fd926459572ec
VirtualSize 0x71000
VirtualAddress 0x47b000
SizeOfRawData 0x70c00
PointerToRawData 0x152600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 5.23859

Imports

ADVAPI32.dll FreeSid
COMCTL32.dll InitCommonControlsEx
COMDLG32.dll GetSaveFileNameW
CRYPT32.dll CertOpenStore
dbghelp.dll MiniDumpWriteDump
DNSAPI.dll DnsFree
GDI32.dll PatBlt
gdiplus.dll GdipFree
IPHLPAPI.DLL IcmpSendEcho
KERNEL32.DLL LoadLibraryA
ExitProcess
GetProcAddress
VirtualProtect
ole32.dll CoInitialize
OLEAUT32.dll DispCallFunc
SHELL32.dll ShellExecuteW
SHLWAPI.dll PathCombineW
USER32.dll GetDC
VERSION.dll VerQueryValueW
WININET.dll InternetOpenW
WINMM.dll timeGetTime
WLDAP32.dll #143
WS2_32.dll htonl

Delayed Imports

100

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 2da89adc774dff3b37a306da71fce9db
SHA1 5415cebb9addcc85546333aac9462602b4797918
SHA256 5ba4466fd3ce3604162083eb8348901e262ad804cdabe1c5da22e2763f8cb95d
SHA3 010fd9ce2dcf8a8ce25860411be562ec4a27396135637fa2a228e6e12ab4cec4

129

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 5bf0eea66b26779b62be73d5b57227c5
SHA1 58eda793e971f05c071fdeecec68b07d2e378a6f
SHA256 b51b0eda848a3fe9b37ad7e155f123699e577f4694739ab4f75c0ed2ad9a7d3c
SHA3 e08d65b0b419e05e71aa494e5a4a8151cf5178ab06359900ff0aa63a34827bc6

202

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 51efcf96c5704170f27fb8f1d5dfeb41
SHA1 6fdf57c8d51d639c449409d9a4a1172084a872cd
SHA256 837288ca516238b23c20e39d6f5e75906e8cc78c89c4d52942d56990ecb103f3
SHA3 18d0e76ec1335f790fc89b125cf5d5f976eea5a58375df868ecb1bc63444dcb5

210

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 fea2d6aa21a994b1d1c5868685f09a86
SHA1 889dafe75e2ff3e156c19c64970e831e780340b2
SHA256 108ab61eaf62e774dcf793c4755ce0d43ea752c8fd4b5cbceb1908c5cec5ec8d
SHA3 fbbf5a7e9aa5a25d24fba41ea32350d85240310ae33886b8b809e0df4b97d1d1

212

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 9ee941f391e071da8833fcf03f384203
SHA1 18ee4f8b43eb5229dc29a1dfa9e4afd9aec8837f
SHA256 1d3ca788db08546310207f0e1d4b2c3728875e5f8957edec0f25e2f61526a819
SHA3 ab6a46bc3bd2601364f2afc4354c8cd3d6a5aa1a91e4e1612c6e5020bd21f2b2

220

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 8abd1051a6bdde0aef1fd7dee324bff5
SHA1 fdd0584dd8caf17a4c4ec32594aab92d5479af10
SHA256 97ce40f3caeff374ca7a8dcb0fe2111ddaf7c5c54d7a576ba3ffebb673ea4b55
SHA3 496f0a2b4f900c1ec06000f49e8a45bafda55e950efc55cb328436994bb31c7e

222

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 3c78c102b2bea59b78d44229c6526584
SHA1 c368abdff52d56bbb59fda59d674d5887a45a325
SHA256 63f1184117629f84b4daf27ce554653e48d11b0fb97ae51f1af6c4347f86c7d9
SHA3 bd078f9c9755b40d4040396b186a6ff583e35940ba17c2b7a7cbb5929b3bc48a

227

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 09113470392056c92e1427a6b1bd3aa0
SHA1 053f5a7b20b4738314af3255e1011765a8aa60b0
SHA256 074a5b96b7d1178acb271315cd0f7274262bdaccacc76f58e97ff884001b18a6
SHA3 8635630638f99a36dd5719cd6fe99d7b8f48a4461b1e0cef1f84b5f075a1cf5e

234

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 809d584c44bf2111c3b585243276a875
SHA1 fb49cd92fc82f1213c4f287fbe98d93a6fadfa22
SHA256 53dbbe57e6128f3f4ae002fd07e0de1daab5c3f8534b87e355c7c641ddacf053
SHA3 8cab658510bd8dc81868ac76d49a617ea1b6e5c80239b7c94b4fc8fe74e454ae

238

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 eb9d2bb6dc4444213442fabb3e65f4ae
SHA1 7b5258344f3886011aa93a5c3b0bedd319cff0ed
SHA256 137c6e048acb547e1c539f23ea0463e258cadbb788efb1c6d52cf3be540e656e
SHA3 4ac25265e5f5f3f8e21b9317c129bc38148d7a41d3f1b8ec188f37814c229e40

240

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 fae3c6a586e3994b9fdfdfa8f1762a32
SHA1 3fbf26181d0d0dacbea8b5b7a1c62566843b2e51
SHA256 c1367a0e2a81d9e8dff52fec9f97837c960c6a91faa4630c93f96a41e02308d5
SHA3 2e69aab3decc746cf7539aefebd158b8e31000e242119220b20d129668256f0a

242

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 9d87eea2e0e4a9b789f1dde0b84bbe8b
SHA1 c37a56cedf21d1de135f12953a684918619086a2
SHA256 ba2aef4e8af127c8f03568484df25f4bee98dc0bf6c24517381230f8b29f97ff
SHA3 0080043c9c07b2c241fa46103f89e7f9f8e3bb0b3109a45bae7ce6dc2a97e84d

245

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 44104f69867f21ca45bcbf057c0fb28f
SHA1 93e00005b7b7a8a19bce6012d02a5572700170c2
SHA256 8b61d85369e4191a22ed7a4b6626e818b50afe7ef2406c5ad0171f6eef431151
SHA3 973b0a933f98082577b3774d6a468e70935ae971f50f06357cb57dc23bcdc55f

247

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 47ddb17f9ad44ce096a6fdc57c98efb1
SHA1 e7a442abf8cd6b48f4572724febb1488eceedcf2
SHA256 e3ac48109508f61eec15e0a0b1ea9bfd0301f9ad2b606f7f78695e47b9b3b6ff
SHA3 d50cb0721eecc43eb1288162cf6da9453f2513f4ca6b3ffa32ac93bb378cf0f9

250

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 ffd9a27e3700050db66ad70861b839ab
SHA1 ae868edf7cfc5a49a26cd5cce69d300b534dc6e7
SHA256 15cef043acf952ba39c6f8a3eabde6bdd0f960d67036af3d999bf053d0765559
SHA3 17be3c688c80d3fedeedeadeaf9d90174425b9f056197105e346afacfab95cd6

256

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 a36c71eb239a0231ba0c6e7a4590f062
SHA1 cde1fd5b82420801431766c301a008f272965f42
SHA256 c9ce451e2fc5170591d16ed845619f5e667c8719eafc7b657a9d4aba134e982e
SHA3 baa57ad51cc9a502d057a211d3dadebd9dfa20397c3189899ca87471dca18031

260

Type AFX_DIALOG_LAYOUT
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1
MD5 f7adf0ba18d705092fa0a1e2f2c0bafb
SHA1 9fcb8e351fa873324f5b111196609d0dfbd09a10
SHA256 14ce1aee45e9674785ec3d74be8b516ba8605facd430afebee086f3efbc7a3dd
SHA3 791eedec391f4b08966a215b9d94b0cd456054cf20cdcdd3a01db49439bcaf51

233

Type JS
Language Chinese - PRC
Codepage UNKNOWN
Size 0x17c7b
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.59146
MD5 c965c6aabe6e6cb683c68103229e985c
SHA1 42903e44356bfb1afbccee87789eb3d0e6185788
SHA256 5cc15fd7f7ef3c02fa59fcf2d2dd6c94c7af365b7a20b3e1ace7b3d92295d4f5
SHA3 587cbbf945f18dd37db521046c71855ee4fa18b3d835384f76e009a14d4d2b8e

1

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x12428
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.36848
MD5 3637fb53969d7dce7bf168684dd5c57e
SHA1 13e2861be2404d35e257f2df793d2eed0f844691
SHA256 1f770b424ca98dad2ef4da3b53cfe6014b6b387b149e93882ee289beb4cee77c
SHA3 79d84e5d154039c00991d819ec4302aaa9a4d1acbe65545e4966324e996a53fc

2

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x4c28
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.8473
MD5 8e610f645c520a08bfdb995c093b18e5
SHA1 95a2674983b3647f59c22533155885ce8a18fb64
SHA256 57ae0f076cea3a0d8bdb5b2b264dbfe8aa8a02b5fb96fa97889f4cb524f5c69f
SHA3 95c6a8da4bf3e84ec9579061343f8d7a0b648a8b169b7a8ff8c21bac985011e0

3

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.57141
MD5 9fe365cc8b55a3ab14b1aa42a67a20c2
SHA1 3924a0b0a678642d9022a8e8d15e084f3b808589
SHA256 e6ecbcf531001e57831866e49d8f0717de0e7a15cec0662ded409d6fe6b9ee08
SHA3 265cc0fed510beb99c6856340b481c5532d657312ea877c45e63514cf0281d2c

4

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.19965
MD5 9f44afee1fa5f7d53e1d8b57d4031c31
SHA1 47575015599e823b9434afcaeddeb1a68545269b
SHA256 2eb0320c2be88b6b29cabab43a05bee20f65f24f26b9184fdd3cf246e86b7e48
SHA3 4ecd97ea905560de9ceb4843325de2c3854714eb716598892457cf7b3305618b

5

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.34021
MD5 7b8818a63eafa5cbd47f7257bfafef07
SHA1 caffeff9948dbdf5a68763bce0062603b0c63c1f
SHA256 d54c6c603a410157363b16c4a21e93898dfb2597f4edde99a6190ab1d743fd20
SHA3 517b4a1f0b7daa8180083a93fb1cd8ea7c5ede1b358ae9910cf2198c60540a86

6

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x42028
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.48053
MD5 249a7ceed7d84fc73b96c75fb210b222
SHA1 379069f6004e2c42f86b800b0b37fe781cc8f3a3
SHA256 a3774debc4a28c203651fbb18962d8582aeb3e4fa1d5118f4aab2a7076747432
SHA3 63d891a08ac657c2ab1ae9451ae3dc3a04ec502c5fd95cd0e8113d1287e8a603

7

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.7908
MD5 12c3c68ab228b929a4c3da981ed41971
SHA1 c09aa54c9f72fe0963d7634e1aa310eb32bd9c52
SHA256 631544b4a30c9464d53df1e631a844e6b6df118e850a1c99fe342763b04e7c78
SHA3 a497d6169017712e5ef2dedb183938de079538d64247ceef259d67d3302b6612

8

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.21329
MD5 a99dfb96b48a8f80d5ad04e6e0c2426d
SHA1 2f3296fe16972a5202e4115e383dc50554965d5c
SHA256 1075b762c2c4e15ef494ddb58fddd27a6168874d945c6ef34f9ccb4922390123
SHA3 66a93d1f7c9a189a6d56c216eae677fdb965c24ca574434564cdc9590a3505bc

9

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.71165
MD5 26de9b864bcc1ff4c6b1355f73577e4b
SHA1 e5f6e2008cfa6f5644b6b5d21bea68f3ffb19ff0
SHA256 052b2b3f2811c257937e07da95d891a0547a8cbfb34ed4dc3432cffa96c15a78
SHA3 70b0e4e0768522cfdde31154b99dd637db912a6904215089519cb7c4b6b5d266

10

Type RT_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.43195
MD5 6cfa8d0cbf9d62a11e14d8f50969e198
SHA1 5f0e0b352e789934d851c2be4dde162c2aca72cb
SHA256 ba5d06014d365333c39f08abaee3aaaafd889d69cb67f272dae40de18d5ab1c9
SHA3 0e83bb30dd04a27ad48b66afae0cb79ec2e923a7932e00853686a3be80021e2b

100 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x27e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.57097
MD5 381bded003d9d1974872ed3071877ddd
SHA1 b5ac99e547d75c9ec4ed54305c21dcf958e0bb73
SHA256 1d244572c38310167872b94bdfc59a467861b3665d46e2bfdf07f3e842ad9c53
SHA3 e7fb13f5bb2343a2bbf7dd0e100f95519e25c6fb066049cda05ec37e71230e92

129 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x358
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.72384
MD5 29f27e010554ee6e15963df8c8aafeaf
SHA1 18fe89ad967d5da5186ad80f1ec333b74dd6556e
SHA256 90706feb8c0a21a69cd2a9f61f7e9eb2c875c6a4c33eea9e1c36b2f7b2831ee3
SHA3 375bc9d8451de990563dfc1a278eb42cf49824522209dad6837178b67c9e8d63

202 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x3a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.71867
MD5 8f235779d49100751e1ed11c1bda8e1a
SHA1 2f1259800415cf3f17f178f9419c3a59ef36b8c1
SHA256 61e810819ab26bdf5d4b8cead80a60df9b5b6837c307eefea0fdf3442b74f0ec
SHA3 c74b1fd8e2bf87112f268522e2601cbed71fd8e671f8bd4e7ef345623bcbb112

210 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0xd4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.72939
MD5 dd4681c760c6906139b2df7efe9e7042
SHA1 2c0eb5db20a4d94a2d64ae2dad18953fc0c4e26b
SHA256 b6bdeb54c1f5205d3fba9aac61357cefd30e79227564750b04ac9cca95ad576e
SHA3 27027128bce2cf6fe9c33ff84ca97bf44819cad4bfcef9784d5b0a6696be8bf3

212 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x1b8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.45069
MD5 93178a68b656e8c3afb5bb41639843ad
SHA1 77bdd4a0e240387049e563c8cdc8f514f68b81d5
SHA256 5f7eb26136742542981196718322d7fe0961e04f19f0701c2515ee6cf1966332
SHA3 e5b8f29f47f673f3163adcf3c9d0740af4443cde04d6f1ff15f95a0242f491c6

220 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x428
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.35252
MD5 ccb39b9465385aa01c0733f6c736fb4f
SHA1 17021499fb4c9587446af0b3b1603a0647a48f5e
SHA256 6c5c39f6900e4ae83868a3a9c8d55c6d08b42cdf489b56898bc2c0303ff66ae2
SHA3 6a47ee799aaa9908ddd228771b279cb54cf7e24553f9a0ca8a04ee49a72c0fcc

222 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x25a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.50898
MD5 e9ea657c73895befc6d4820784201414
SHA1 9290ac9a8943e70504efaf3d5bfa70b6ad3e1410
SHA256 c89ace631a033b941f478f8a04da33b81a1572c49b75039c2eb71c7c8dd31e87
SHA3 c4230a383cd0435984f6012c3bd0c36d1e598637f1c088051290816b1d203206

227 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0xba
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.8104
MD5 1a1f5c49bd5403ca2ffd18e46d150b43
SHA1 b6596c9a1afb19b20d542de630a5becf68533ff9
SHA256 47260a27bcad70d76abce3ed503de97edce1e4c18632f08187008c149cb5ce83
SHA3 ab90285959557e4e033207f3cfeaf50b666231d3465b75422ba22eece1f520d3

234 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x3c4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.70811
MD5 0cd656266ec1325fb39204452cb0cdbe
SHA1 11afbc35b92a7494039bddaa73652a5b656339e9
SHA256 49367597349b5cdf1679b2aedd388d82006b1b2361f82537c99c2aad58d1f201
SHA3 859d2202d70f1643010d0d04f9c05ad430f8a2325167585dc89827a1ec6fe59c

238 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x6c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.41456
MD5 89e8b431faa948731389dba5076f341a
SHA1 13325faa5382c24d5cec3e70816098af6735c8c0
SHA256 1835dfd87f2692523cf5103847c3a07a881997afd4980076e0df89b40ac4a9d4
SHA3 37cafc3546c9090d9d5d3355f338a219409266627427ccb8f56a1230862303e2

240 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x64
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.08121
MD5 4006e2432499def7101d89893c06844e
SHA1 7a0a8d7d586d216361125ad406695ad3b6c0abc8
SHA256 14f5e7d6514d9131743d0ac9237246d0d1cf2870ff25cdb9b80b8f3acca5094c
SHA3 bc99b71d068ec01f468e7fd45883587018a09b88e5ebf0fe9625f55cefcd6c78

242 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x37a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.70239
MD5 7f742b7958c5d6990ae63346d74f8c17
SHA1 8cf73dee32bc0aa83b7b49c561c33cc954305634
SHA256 f087aefded10a12d604a533cddcf79bf5b766b54009c320c6b74e8a94f84f5d4
SHA3 6dc2acffe66728dc53a8c8b82922da5107b3f6fb35b5f89c0d3f64a0adc37865

245 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x180
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.32263
MD5 c373390dc0b1f037512f1ec5ba52c3aa
SHA1 1fd6d276bab6817156f5b01857bda3f8f6dabd94
SHA256 e8dd5790932c0dd0f2cc132297f44f4c167cb96e88c74ce3677c32ca0de30d0e
SHA3 bb1b2a010aa7919554bc8bef8e80d58a06e5095d92ce0153e0e0d41419859ca9

247 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x114
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.08208
MD5 e96e2f9c243c649199b9b1b41db21d1b
SHA1 f334726f9ab61277eb0f1ab39c976226585e7372
SHA256 56852970fbbfbac4db32bccf5608fa9c0d6d437549f0db414834b9d76b36bd09
SHA3 b04997553cee82b12866cc163e165448db88e726279c992ee734d6bb2742611c

250 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0xb6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.80698
MD5 cebd3088f10ccfc1c5cffa7be630ffbd
SHA1 b400c35be75261b3de0202dd38d34913a6b909ff
SHA256 c6d0435bb1d368c4058cb0095514c7099c338cf90d3cf63f6ae8751cd8b32c1f
SHA3 e0f0fbabf25d61300208d07f548055572685d01a94719ac8e4537b899909c64a

256 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x15a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.31446
MD5 d919e002f94b483c272c85ad43d270b4
SHA1 197f52a0af24b3f05a8179efd1de3c9325294c1d
SHA256 7ca60aa452f9fd00ce4a1e56be55f8233ca715d2114863b917ec7e1c019ed01f
SHA3 8ac23e0292e877c3fe23f7a8063f2055387d7c99b53025da7b3a7e4dacee85c3

260 (#2)

Type RT_DIALOG
Language Chinese - PRC
Codepage UNKNOWN
Size 0x6c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.20387
MD5 7933f3abe1dacda0acdf5d26ec3da72a
SHA1 7c1e7cca2c7d58b8b040a4575d150cfeb2643b45
SHA256 00b05257d3da22f5ab650fb307df3dbb865a9bcbe28d1d4d250f62fe434dbdb4
SHA3 dc25313412b9e7e1efec4c52a22630aa307dfbf6d1b71227fb4198614713010e

9 (#2)

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0x34
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.43121
MD5 7a746c4b3ba0be4aa29538e2823c6357
SHA1 f9805b393254bdb8a1515a079cf7673ad1c20793
SHA256 0f7b0c5596313534ad9fbbdb6f1a6b74bd3bbf2b7ca7521c06586537ec26bb73
SHA3 9f57af7401fafb5810067b20c11b54ecab7734f1a4c6fd6e04adf0734feded36

3585

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.13625
MD5 b4cab51474d8cd14a3e987a94b2eaf6d
SHA1 1c1aaf58ccc37c143b445b2e0e2543e63538135c
SHA256 57ad3aa029ba7a72a370cb1d10dee099430634b661b4a4cb7b5bb0d276e59402
SHA3 e5f35f59361be9c1a585df6b7f5c2a97c1da39e5f3b28582f0cb9e09c8b70c2c

3601

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0x296
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.50587
MD5 b82507ef0f890e099f7c0be9dbe45ff6
SHA1 2c07b309434c8abfa0f2629295ce063f4cb25bf9
SHA256 3e6635a18427e9ca205916b590c79bda7e3e60138e7920f5654750eca314ed36
SHA3 f39675cdc07f898e4a3a84c19d9d4819ee9a3319c48aec0f28ea5d5fac43586b

3603

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0x328
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.5684
MD5 ea3b949b88c8ee3dfdf25af13a90d401
SHA1 b3228580e92ad40ef89bf50732c97ccd732c777b
SHA256 240673b981332829f9b69e75a251304fd39d7fc69c31feee4bda01a10cd1c27b
SHA3 5970bf8ab88272024aa82273be5a22d24be43ecbf295d77ab4d7b3ffcf230ba7

3604

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0x27c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.5
MD5 9557b4d3d6477a2b2dc49286c437ff18
SHA1 c82f2e01ac5ea8341f736799f2b4c80b72eca5bc
SHA256 3ce1b7d3b16f9031b4a4b3ab7a1dcf1764266527ae907e103ff5e40b5265596e
SHA3 02a74a53f54e719e205cf5120c94bea8647b57e6715fbc33b53a084c2a7b5c47

3605

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0x106
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.10705
MD5 6a16dcc0330dfc52204652d7b974ff3a
SHA1 89673d40d0266d2238369c891a8dd061c10a2786
SHA256 c1062e2a5e6c518a90210f03e0d22bb683429690eb013b1b50112ee32a5a5fd0
SHA3 c6ef5ad55def0bb08e527ecb963ec303c8b15ab8d520aa11f40362dd2176d0ec

3606

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0xda
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.96291
MD5 2b2e607c0335e0c5781dd26d91b49798
SHA1 93f885c57aef0da4d08d5b4d2bc78abe20b8bc40
SHA256 417f0535afce4872555c2d18042721002704de3ecda15e5c2d7c867c8e5582d2
SHA3 c88168dd325771dfae6742348366c6b94773359d4570178ac3e7606ddb7b7ec9

3825

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0x1f8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.40271
MD5 1ce233539a80d6ae4649970018e61e7f
SHA1 619217e1be8e07035b553258521c5035e102031a
SHA256 fba2fb90b26f72f457ef2af532ab8a8513d173acac10a0acbc8c431e332eafcc
SHA3 0f4c03919be1397db4c20f8156c51b81b14edb2bb199a43f0a1dae87bf98d6f5

3826

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0xae
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.84502
MD5 dc370baed58cb859e70de58a926fd909
SHA1 f31e4bc96703d9edd4cc4ef76f1dc001addd181b
SHA256 23ea059d3f68a4ed7171cafc764612f98d4e416795028e093cc3a53f7413828c
SHA3 5b91eb3acc460c11ec117ddce4c348762b8f869959d9183a8df90bae3c534a8d

3838

Type RT_STRING
Language Chinese - PRC
Codepage UNKNOWN
Size 0x44
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.79335
MD5 273a5b32f0c5ba703cb591f30ea982f8
SHA1 715045aec8366f66724397f2a6b67ebb1b634921
SHA256 c1a27acca32078244c0de6aa3d25749735a1274b5b20e4c3f7a5ff4d71831a93
SHA3 bece07abbe78ff21cf484991b54f5f8d5fdd82514b94f9c11f77263f494c321d

128

Type RT_ACCELERATOR
Language Chinese - PRC
Codepage UNKNOWN
Size 0x70
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.34071
MD5 7c1e38be1e39c7e82757edaafa270684
SHA1 6fa3dc7f19b4ad266e09e7fb96a19579fa8958f1
SHA256 b8d7221cdc93820c52917befb17735f7ff936a5c73034e3ffa43799713799ce9
SHA3 5e84870016a484130757e33b9caee8cc00dba907209dcf18b0a7c796c70ccd58

249

Type RT_ACCELERATOR
Language Chinese - PRC
Codepage UNKNOWN
Size 0x8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3
MD5 9727da9dc132b2ca1cde3dbc01da1421
SHA1 bae25bea14d122ff234b412cc98bda832039afb6
SHA256 6a783b41d9a2a7f8e62e3b134e08eace581125291b1a865ecabcced16209754b
SHA3 63103d11d221f92b717fd5606f22f2b8ad58fa86e9cf62af7488da3508d7e030

128 (#2)

Type RT_GROUP_ICON
Language Chinese - PRC
Codepage UNKNOWN
Size 0x92
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.86073
Detected Filetype Icon file
MD5 b28b5dbf2632c849e17ca5799345a738
SHA1 801f03246f5a4263ec3b5173319f3d3251553167
SHA256 83119264d92c7789f4492d90cb29d13ce668a066665d4712f117143c2a4b6ea1
SHA3 edd62bc1f027cce83aac18543a35b068819e6bc9a282f00ba815fd47d8a24de0

1 (#2)

Type RT_VERSION
Language Chinese - PRC
Codepage UNKNOWN
Size 0x284
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.38354
MD5 3f3952aa16ddbed65c07d33966b5f78c
SHA1 a498a9bb80393c378b9e8d167c7c4f9ecbff99c1
SHA256 5c21837b251d347f4ca2c8bfc11bfc9102ca9326626be74e53def05eb393cdb1
SHA3 ee4b4b7b666fe78953e3b115f4263a0054666297f35f8212e1dac869d366c556

206

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x3625
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.81108
MD5 0bb4625891e64e582c0be374f204948f
SHA1 dd41d45cac966477ad12fa397072292b6f8b1ee8
SHA256 450c91503cefb804be0c183ad08664f94d019f5cbb9a60006f26bac2055a088e
SHA3 4e78598e8fe9aa0c71432d131d03515928903691cd8046e74b1b19a183bb097b

216

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x259d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.81335
MD5 10560338e4111fa870e8bb3877865c6d
SHA1 d22518df25b2fedd3aceb1f96a773f147aaa22d6
SHA256 c2287f17ec7f6245bb1a33f2c65757f0906cffa80625434f33c318813a816703
SHA3 f19aa6ef6b332208dbb8a7ab789248570f144f8e935e23975390dbaaf94d31f0

225

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x1620
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.78514
MD5 1b35e7cc7eec623214d824cfbc1718b9
SHA1 64b0f91e6851e183396885c677eac44c18c5aa44
SHA256 a8845eaa80e8b9732b5cb02de199842385459589acd0ab0b9e536ed40f70f1dc
SHA3 b36d34667d233156bba576af23099979129480c40940d80725303dd56953e22d

226

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x123f
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.82719
MD5 c8e4b040c95db0f3400c55cc70b017e0
SHA1 50319ad517d0f343938a52f7c7e7f1c2face92fb
SHA256 1e95db2293207ec281df8634fab70352804d4f8d9c9e50a6a476edd5bf59a09f
SHA3 7aeb32a6b2dc3f35ec84211fb3304ad6680ea04ff20043db65607a0648c42888

231

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x176a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.77395
MD5 88986d1f48fc912fa3083ebf0bf44260
SHA1 c58952a6ba7e2ebfc683d4341ec5054c68d177d4
SHA256 3acb7ab414701fa28e4dc3c43d12e304782b85a0969659327388544a3f173ca6
SHA3 95e52d77cd1083d6d99c80333ecc78d00b0d169d0f64aa1729306f8a1c03c208

237

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x3b82
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.82612
MD5 fea4b4116ca6aa7f4314ffcda3a881c1
SHA1 e0a3ab7625708a5e6d46b588a81e672e23270454
SHA256 5009eb8e0cfabc76767aa60b288e91c2a08888a9099aaae1804c18463a1bfe50
SHA3 e297181d905ec3194d53210a76a3ff28cc589d6d264b10341b6870c1c0a90d82

253

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x432f
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.83882
MD5 48e19021669d97e7535da634a0a6fca4
SHA1 a3fe0b2904656cb0f477ded47069c5d95e4ea9b1
SHA256 6442f848ff26cef0057f48a44b910a48a70552756d04ed847d7cfaccf3a12298
SHA3 294c01578ea46adac91bca25978f78753d32a1cd399e6a8ed6d02e2523a87aa2

254

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x2df1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.80524
MD5 fb146f458223b338f64aad5d28756b9d
SHA1 f5a60e37411161e05712306dca613316f065266e
SHA256 d7e402ac979fe8d0d6f85748bd501a945eb00ecc850f136a45b1ae6ac8e94e43
SHA3 219238ea8051a03fa448821cd02088a9708f344fad041b25f459d6b925dd4913

255

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x25b6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.78189
MD5 45a683928dbe5eb555c3642c8e1c0b87
SHA1 b0c64edc977a4e0d17a39dfbe546fb1ddefb75a8
SHA256 9c8f0326c5ceeabc1ca73def2d0aca9e0ce446433abad74482acfd9e04093129
SHA3 1b310374a9e0c1db458be520080afa8c2312dc15003efc4aea24ed64be34e2f4

259

Type RT_HTML
Language Chinese - PRC
Codepage UNKNOWN
Size 0x4472
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.67442
MD5 b79e2b378d68f79c1eadd1a613c69940
SHA1 f82bbbd41783a4c5d3e108a937b6431a9f00ade4
SHA256 e8a3eabb4ec301e50be0f349777338bc0135ced05cb595b203bcf8d75663c7d6
SHA3 ba35bf14f0b786dd39a9af4818564dfa88da64e9976248de0e98f4f30db0aa67

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x282
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.0672
MD5 b2ced3969f764cf58d1e3f898073333a
SHA1 d4e26a5bc1ae0f1b8c21554308ee5a20614e6a56
SHA256 1d8a782b70eaa4d474727b0c68e8dfb3105966bac2fd3ed0c23df96388957674
SHA3 ce1e576a590d4453de91b4877643a36e09055955d3cca3f8571b549853470182

202 (#3)

Type UNKNOWN
Language Chinese - PRC
Codepage UNKNOWN
Size 0xaa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.5644
MD5 43ded560efea69da1070165c86186b59
SHA1 23a492a512537a6205ab9ddbdeca1d25a78fd27d
SHA256 fbfe1b0292ef3bfe93001699856a07f98e27b5d1653207be4c925301bcfe0437
SHA3 4ffa927723644ae39dd6201837cb1f9f33efbdb28864aca134e28e0912f65d4c

212 (#3)

Type UNKNOWN
Language Chinese - PRC
Codepage UNKNOWN
Size 0xaa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.63489
MD5 a4fbc04d832dc931c700fa03bd6b4fa7
SHA1 db9f4a135c7121785305feebc6d2082cd0ed250c
SHA256 87b3fdaf91e8661cfd6e27116da22617d1fe0636fab08a762ce1c31656ca2d7f
SHA3 db54eaadcac17ea7644ed2bbb37106cf8a58c3235cd571f68ede841353acd7fd

227 (#3)

Type UNKNOWN
Language Chinese - PRC
Codepage UNKNOWN
Size 0xaa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.64578
MD5 960c16faf610f6e4da04702156d04dae
SHA1 7565a32f21a34207efbe32803e1ddc8f23690525
SHA256 f42c5f457d9f13e73303c8115824a0da8982434d7c8d9f08e7c3dc53947cacb7
SHA3 3f836f244e0496a679c2f83e7cd86beb9f0987c1a6a01c4993be3487464d9273

234 (#3)

Type UNKNOWN
Language Chinese - PRC
Codepage UNKNOWN
Size 0xaa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.71157
MD5 affbc8d0ce5728681aefdd65dd89468b
SHA1 1d377a0dfd4bf6572b4e7a41a9b15f13e425b41b
SHA256 f961e7f001f4520ab0131b252d697ecfe35136c648ee6ecdde7ecbd014c3579d
SHA3 44cee61e09a8291700c9def925241315a7d47c15ed237d224032d717348d46e5

242 (#3)

Type UNKNOWN
Language Chinese - PRC
Codepage UNKNOWN
Size 0xaa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.59081
MD5 052ca3b84652e9679fe888b503e55506
SHA1 c3fdcaab4dbaae0fe485b824c80f1409707136d9
SHA256 64b4eb2915e7120fe622de9eff8b55c26f66566b34d88336f8c61005d6a8d206
SHA3 9c04ba30e89da63ecdb56d40d5de35203ddb9688e6e7885221515cb2230730c2

250 (#3)

Type UNKNOWN
Language Chinese - PRC
Codepage UNKNOWN
Size 0xaa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.63415
MD5 67b9ee4cd11aa8cedcd7d551a89f9e23
SHA1 cea7ab25e1f449ac5d5bd2305bb11c7f1fd901fc
SHA256 592863cb686cda5fe16f97f4f33fdd5146f2a5375c09b0f6c1992b945a847711
SHA3 8b53c2551f09cec2601e2a56054329f0a3edffe11eca3babf26331a87a9bf4ae

256 (#3)

Type UNKNOWN
Language Chinese - PRC
Codepage UNKNOWN
Size 0xaa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.71446
MD5 30eedb0761ac9ac1c21d08a0121558a1
SHA1 f591645620a7e49a2068d4260f6c73c06f963f7e
SHA256 d796c6a9e4567e8d318ff7c620eac1d534f1d220ac799cb813dc262380924769
SHA3 a8ee1138b2faf99747ba09028a045b4f9bfb1ba2207586d4770741d94e3b6e92

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 3.9.1.0
ProductVersion 3.9.1.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_DLL
Language Chinese - PRC
FileDescription Best Trace
FileVersion (#2) 3.9.1.0
InternalName Best Trace
LegalCopyright Copyright 2013 - 2021
OriginalFilename 17monipdb.exe
ProductName Best Trace
ProductVersion (#2) 3.9.1.0
Resource LangID Chinese - PRC

TLS Callbacks

Load Configuration

Size 0x138
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x140395dd8

RICH Header

XOR Key 0x5c4f5f61
Unmarked objects 0
ASM objects (27412) 12
C++ objects (27412) 218
253 (28518) 8
C objects (30034) 19
C++ objects (CVTCIL) (27412) 1
Imports (27412) 41
Total imports 533
C++ objects (30034) 102
ASM objects (30034) 11
C objects (27412) 23
C objects (VS2019 Update 10 (16.10.4) compiler 30040) 119
C++ objects (VS2019 Update 10 (16.10.4) compiler 30040) 35
Resource objects (VS2019 Update 10 (16.10.4) compiler 30040) 1
151 1
Linker (VS2019 Update 10 (16.10.4) compiler 30040) 1

Errors

[!] Error: Could not reach the TLS callback table. [*] Warning: Section UPX0 has a size of 0! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
<-- -->