Manalyze report for 0aaf089c03623b6052a304ca56dcf2fb

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2020-Oct-28 08:35:14
Detected languages	English - United States
Comments	Vote for it on www.planet-source-code.com and visit my german website: www.vb-empire.de.vu
CompanyName	KIRCHMAIER PRODUCTIONS
LegalCopyright	Stephan Kirchmaier
ProductName	SEK Paint 2.0
FileVersion	`1.00`
ProductVersion	`1.00`
InternalName	SEKPaint2
OriginalFilename	SEKPaint2.exe

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual Basic 5.0` `Microsoft Visual Basic v5.0/v6.0` `Microsoft Visual Basic v5.0 - v6.0` `Microsoft Visual Basic v6.0`
Info	Interesting strings found in the binary:	`Contains domain names: empire.de planet-source-code.com source-code.com vb-empire.de www.planet-source-code.com www.vb-empire.de`
Malicious	VirusTotal score: 58/70 (Scanned on 2022-02-18 06:12:32)	`ALYac: Trojan.GenericKDZ.71038` `APEX: Malicious` `AVG: Win32:Trojan-gen` `Ad-Aware: Trojan.GenericKDZ.71038` `AhnLab-V3: Trojan/Win32.Emotet.R354378` `Alibaba: Trojan:Win32/Emotet.abe450ad` `Antiy-AVL: Trojan/Win32.Emotet` `Arcabit: Trojan.Generic.D1157E` `Avast: Win32:Trojan-gen` `Avira: TR/AD.Emotet.fky` `BitDefender: Trojan.GenericKDZ.71038` `ClamAV: Win.Malware.Generic-9784688-0` `Comodo: Malware@#ajstg3f3lbh1` `CrowdStrike: win/malicious_confidence_100% (W)` `Cybereason: malicious.c03623` `Cylance: Unsafe` `Cynet: Malicious (score: 100)` `Cyren: W32/Emotet.AWG.gen!Eldorado` `DrWeb: Trojan.Emotet.1044` `ESET-NOD32: Win32/Emotet.CB` `Elastic: malicious (high confidence)` `Emsisoft: Trojan.Emotet (A)` `FireEye: Generic.mg.0aaf089c03623b60` `Fortinet: W32/Emotet.GENP!tr` `GData: Trojan.GenericKDZ.71038` `Gridinsoft: Trojan.Win32.Emotet.oa!s1` `Ikarus: Trojan-Banker.Emotet` `Jiangmin: Trojan.Banker.Emotet.pcv` `K7AntiVirus: Riskware ( 0040eff71 )` `K7GW: Riskware ( 0040eff71 )` `Kaspersky: Trojan-Banker.Win32.Emotet.gens` `Kingsoft: Win32.Troj.Generic_a.a.(kcloud)` `Lionic: Trojan.Win32.Emotet.trAW` `MAX: malware (ai score=100)` `Malwarebytes: Trojan.MalPack.TRE` `MaxSecure: Win.MxResIcn.Heur.Gen` `McAfee: Emotet-FRN!0AAF089C0362` `McAfee-GW-Edition: BehavesLike.Win32.Trickbot.hh` `MicroWorld-eScan: Trojan.GenericKDZ.71038` `Microsoft: Trojan:Win32/EmotetCrypt.ARJ!MTB` `NANO-Antivirus: Trojan.Win32.Emotet.iabefk` `Paloalto: generic.ml` `Panda: Trj/Genetic.gen` `Rising: Trojan.Emotet!8.B95 (CLOUD)` `Sangfor: Trojan.Win32.EmotetCrypt.ARJ` `SentinelOne: Static AI - Malicious PE` `Sophos: Mal/Generic-R + Troj/Emotet-CSJ` `Symantec: ML.Attribute.HighConfidence` `TACHYON: Banker/W32.VB-Emotet.585728` `Tencent: Malware.Win32.Gencirc.10ce0eb7` `VBA32: TScope.Trojan.VB` `VIPRE: Trojan.Win32.Generic!BT` `VirIT: Trojan.Win32.Emotet.CNM` `Webroot: W32.Trojan.Emotet` `Yandex: Trojan.PWS.Emotet!Sx64A3yX/RM` `Zillya: Trojan.Emotet.Win32.51595` `ZoneAlarm: Trojan-Banker.Win32.Emotet.gens` `eGambit: Generic.Malware`

Hashes

MD5	`0aaf089c03623b6052a304ca56dcf2fb`
SHA1	`cecf10d47d51eea875bf2d8a3faaae714b559f5a`
SHA256	`ed65679659cf7def1a0d4fb30d53626d3d65bd82bfe809eb6039b65ede0a9fbc`
SHA3	`279d30dbc934a454ed975c7d51bfb5dc3986b45480d795a2bd2feee39a6314b2`
SSDeep	`12288:3gyDT8PLvvaKrtURPnMXSVL6ZRwO+4DQDf2TPexaaiQgyDT+ctnRl3:3JDT8PjiKZcPM86rw0QJDTrnJ`
Imports Hash	`ee32a7d07aff9fd88159f3d8028f0500`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xb8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2020-Oct-28 08:35:14
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x6b000`
SizeOfInitializedData	`0x23000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000021E4 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x6c000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`1.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x92000`
SizeOfHeaders	`0x1000`
Checksum	`0x8839b`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`dae3a68dd92e916d3fcd93559d774075`
SHA1	`3e261ee4d42abc78ab6475b5d59634c0a7a867b3`
SHA256	`6e3ff5e065b79426b2513f0b8c1a0a7981565c6a31b7e51d7827ba5b75ecdb44`
SHA3	`7d24c2d446fe862cad98b247ef9a1de3b85a00cdbbb94f70581f2831c09cf224`
VirtualSize	`0x6ab00`
VirtualAddress	`0x1000`
SizeOfRawData	`0x6b000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.95651`

.data

MD5	`620f0b67a91f7f74151bc5be745b7110`
SHA1	`1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d`
SHA256	`ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7`
SHA3	`a99f9ed58079237f7f0275887f0c03a0c9d7d8de4443842297fceea67e423563`
VirtualSize	`0x33d0`
VirtualAddress	`0x6c000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x6c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`e13bf9e7a4de2e0b2e6f53a5f77870eb`
SHA1	`7e63f00e0f3929b8e94ca0b85a9d9b19488ac606`
SHA256	`c5ec49af62287308c27ffc532d48ea346cd77484385891fcbfa291138b079892`
SHA3	`8c9b0644eeef72fb1a8f55a395ffed97aa18009b5401f6d2542a7fcebd087146`
VirtualSize	`0x21158`
VirtualAddress	`0x70000`
SizeOfRawData	`0x22000`
PointerToRawData	`0x6d000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.19164`

Imports

MSVBVM60.DLL	`__vbaVarTstGt` `#582` `__vbaVarSub` `__vbaStrI2` `#583` `__vbaI2Sgn` `_CIcos` `_adj_fptan` `__vbaStrI4` `__vbaVarMove` `#585` `__vbaVarVargNofree` `__vbaAryMove` `__vbaFreeVar` `__vbaLenBstr` `__vbaLateIdCall` `__vbaStrVarMove` `#588` `__vbaFreeVarList` `_adj_fdiv_m64` `__vbaFreeObjList` `#516` `#517` `_adj_fprem1` `__vbaStrCat` `#553` `__vbaSetSystemError` `__vbaHresultCheckObj` `#557` `__vbaVargVarCopy` `_adj_fdiv_m32` `__vbaAryDestruct` `__vbaLateMemSt` `__vbaVarPow` `__vbaVarForInit` `#593` `__vbaObjSet` `__vbaOnError` `#595` `#596` `_adj_fdiv_m16i` `__vbaObjSetAddref` `_adj_fdivr_m16i` `__vbaBoolVar` `__vbaRefVarAry` `__vbaBoolVarNull` `_CIsin` `__vbaErase` `#632` `__vbaVarCmpGt` `__vbaChkstk` `__vbaFileClose` `EVENT_SINK_AddRef` `__vbaGet3` `#529` `__vbaStrCmp` `__vbaGet4` `__vbaAryConstruct2` `__vbaVarTstEq` `__vbaR4Str` `__vbaDateR8` `__vbaPrintObj` `#561` `DllFunctionCall` `#670` `__vbaCastObjVar` `__vbaRedimPreserve` `__vbaLbound` `__vbaStrR4` `_adj_fpatan` `__vbaR4Var` `__vbaLateIdCallLd` `__vbaStrR8` `__vbaRedim` `EVENT_SINK_Release` `_CIsqrt` `__vbaVarAnd` `EVENT_SINK_QueryInterface` `__vbaExceptHandler` `__vbaStrToUnicode` `_adj_fprem` `_adj_fdivr_m64` `__vbaI2Str` `#608` `__vbaFPException` `__vbaInStrVar` `__vbaStrVarVal` `__vbaUbound` `__vbaGetOwner4` `__vbaVarCat` `__vbaI2Var` `#537` `_CIlog` `__vbaFileOpen` `__vbaVar2Vec` `__vbaR8Str` `__vbaNew2` `#648` `_adj_fdiv_m32i` `_adj_fdivr_m32i` `__vbaStrCopy` `__vbaI4Str` `__vbaFreeStrList` `__vbaVarCmpLt` `_adj_fdivr_m32` `__vbaR8Var` `__vbaPowerR8` `_adj_fdiv_r` `#685` `#100` `#579` `__vbaI4Var` `__vbaVarCmpEq` `#610` `__vbaAryLock` `__vbaVarAdd` `__vbaStrToAnsi` `__vbaVarDup` `__vbaFpI2` `#614` `__vbaVarTstGe` `__vbaFpI4` `__vbaVarCopy` `__vbaLateMemCallLd` `#617` `__vbaR8IntI2` `_CIatan` `__vbaStrMove` `#618` `#619` `__vbaR8IntI4` `#542` `_allmul` `__vbaLateIdSt` `#545` `_CItan` `#546` `__vbaAryUnlock` `__vbaVarForNext` `_CIexp` `__vbaFreeObj` `__vbaFreeStr`

Delayed Imports

30001

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.58281`
MD5	`5ef5ffad8ac31788c7afee8eca8e7996`
SHA1	`22f21492d9a6676321e8a0a53d2fd0b986839300`
SHA256	`558649bc5d654d05769ad6b5639035fab5172019c262051bbbb32a47f10a247b`
SHA3	`dfefde514badabbca03884d3e5a5c5a522f5fc8819879faead6f67502e1119d6`

30002

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6287`
MD5	`6b329f2bcba163d889da76d686a20f31`
SHA1	`e86a7544a6f079ae0876f8dd32508818cc4c1a1d`
SHA256	`ed18addb104a4dac2983c8d459473b886076badb58c7dfef22aa78b25e6534f3`
SHA3	`c3879566051ded66d2dd73a60810258c9fc25b36f5dc50afaa53e4b34bc99e3e`

30003

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.73252`
MD5	`cef092664bafb0cf199e05bd61db4cc6`
SHA1	`9891ed92292258a2352a160d6f16d8ff81532a6f`
SHA256	`f9476f27c9257f9f4924892912c257d580087ba6070842c1497487662fb9e2d5`
SHA3	`d97a236535ebd8a55f9f9d50a40a8d6afc766448569b9292599b5620d51d8c1e`

30004

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.27782`
MD5	`c7867662985b55a01ae43c2c766526f2`
SHA1	`c3852a188be2729b2e0a9ed75220126488cc00e7`
SHA256	`71cd7d1e36873388682bd13d53932237fc875986edf9ceacbff03bc0ececdc79`
SHA3	`93fea74e89d00cc62b36e06006cac876347659db14d808b34ae7582899d0736f`

30005

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x6c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.26426`
MD5	`a23e1b3b1cc650bc6d07c707c1f27a05`
SHA1	`1f8a37708ab68018096b2bba3f9d431d5b808f2e`
SHA256	`1ad1382e74961ad870ae24ea48c51bf1434d9df84eb41c2c925af2ad0bf1bbd3`
SHA3	`6b0dfedac4edb89f92067a6af8f23560200597020622321814787d8a21407e50`

30006

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.66719`
MD5	`7c7727eaa5b6fac6af8da6db89e316b9`
SHA1	`6583fa9185a2b3a5a22f36180c95d65acb8d719e`
SHA256	`a5ea33f6628f10924914f90b29908c6720199ab063a9a7fd7ef952255001d999`
SHA3	`78ac4303e82914bf20c1a996e1cb034766b67e97949fbc8b7ecc714ebbaecced`

30007

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.64598`
MD5	`ac37cb294ac54f7b01246e1e09c5ab17`
SHA1	`51e46e00967b4f17c7c2593f952c5f850306c860`
SHA256	`2e8aa802c5108399de39da93f0f963db72293413924ac1cf1144531c78ffaef5`
SHA3	`7b7137e220a4e6e2880c2ad9511a50c7fb5555bf3eb0c5026bb6f3657bf8f290`

30008

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.14213`
MD5	`8b048c9f68277b0acc6037b895455f1e`
SHA1	`986d56c163b8d07e14d1385ae1e34d01a145fd6a`
SHA256	`2f3526aa864f59bc56c040c194e95ff02aa993951c5fe15aab9971894330a3f5`
SHA3	`aa7a3f0db6b35a9025d72ab86ac43c4af9f0ca9332e6bc04a67a51146089beb1`

30009

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.3968`
MD5	`eb991daeda22b6126f68bbadce3a0869`
SHA1	`9d8ec1449fbc25bf7804f43b93385a399fc5567d`
SHA256	`6f2e5d68444059289166e8d25314d1eb2c6871deb2b7cd74d14fa13d08e2743b`
SHA3	`824b4f202a4d09d267aba925b8951b15adf01ef78983a94fe0ccc923a88ceb72`

30010

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.81674`
MD5	`84839d0f8a3f8803f856b2be028f25e3`
SHA1	`1abc7262d2b11cc08defc3cbc3ce4fdae8b5f18a`
SHA256	`aba2732a6f47c2d09dba59946d0fe7eda8761b1b83c586fb45e9488d3c25e1ae`
SHA3	`b535a6fc578527055c2178283a3c73e50d4835c51ca6850a623ddac91427179f`

30011

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.01041`
MD5	`9472c11574691bd2c61e641683b3f962`
SHA1	`800834acc25230a2e2db8732d9f1990bccb7f2fd`
SHA256	`735a6e77dc0069a3b2f0820fb61bcfa1be11801a5ed1f769b7aeed9861d9ffff`
SHA3	`463f4c9b174744a1043cbedf0067b147b575e9c96dd44e72062f4b37a9aa5a9c`

382

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x34`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.49126`
MD5	`10ea3df74808c0b3064879be6f607ed1`
SHA1	`a4056899c3dfa1ce1549b3a2a0e55e8e93d2cc92`
SHA256	`6360762dacfd2fa491e2a6a1466919d04b4797c49e110778af4be90aca8ca495`
SHA3	`674cc3d6e04b408038e137c221eb99e38133ef0e9abf7de220603d981b2e1e49`

383

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.0673`
MD5	`161444c37a6e5905cc37d08558d20891`
SHA1	`3b39edd4f34a599d926c0e1f58b3288916387fb7`
SHA256	`f15235ab6855c0b24df93d5ca7e0986277a67c537971aa3b8a9f27c068b4d0ab`
SHA3	`d1cec5928bd33a30ae9a936b1032f069dfc223e59750f18a9d262b7ff9ec99b7`

384

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x140`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.12734`
MD5	`738b9ff2d15d61b93c12eb875bfe6731`
SHA1	`76a522a332560b6d3cd1be346beec261aa09653c`
SHA256	`34dba8d83110416378927152056a2673245f0c544f38a40efaa16f74ca49fef1`
SHA3	`ee91a436488462f8ffdd1aa8813760df85e9e9877ca262760a97013c0a4bd70f`

385

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.15309`
MD5	`0b62c2674df27c5d8d3e15789ddf628f`
SHA1	`536c4997a7fb4478d8b7d2269bf048b91c2c1aaa`
SHA256	`bf851966da314640fe2880d13314230f16d6fcf49b61822728f40ccddaca44a6`
SHA3	`cafdd9eefcbe53664a44d1387a0c974ec3e84659f4d439a7a7013196cd6a1d0d`

389

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x220`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11539`
MD5	`4704bc79377d54525723d0d19482854e`
SHA1	`52f4a8a74aa55813a7440d3391b0066e9b109568`
SHA256	`c9abfdeb4f00e0b0c471c8d72ab11f44551c67d3483e8437a0fdec1e5498b04f`
SHA3	`578b4fd11de4da93dabec370efdc863f5640b05adb7221a051e4e13e73b3cbe5`

390

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x3cc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34614`
MD5	`9de094bc0963d981e3fc0af6a9112676`
SHA1	`c94408c0e72dfd221551899e133d5dd4c4fd4747`
SHA256	`caac570a08ea634384c74e716e4438a63be555f724c6f3a7e08b1027c06f50dd`
SHA3	`61eb3ccebdc759d70c8031d6fd93c152042311dfd6c8fea9d288d934cb44ba65`

391

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x5c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.45731`
MD5	`317327e4efbdcf05240dbfc4cb7cac06`
SHA1	`35a81a24274f18dafecd1976d4c19632d5039956`
SHA256	`3e14bec8a8d97617d62f7f2aa9448f87b8f85ae1567acf8ec24aa699eadd3812`
SHA3	`3761c831e8ffa9bca1e6a2f96ed4eb9f20811577d54569569ec81f61c8a5816f`

394

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x3c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.95302`
MD5	`c971b49b9e3c7dce7cef3d8d5ec2beca`
SHA1	`548f9dcbbace4d74b67e5f7f70341791baaf8e83`
SHA256	`03dc3cab65bf2f97957429683082251cc13aa67e6a2427e7be2c2d53e9abf8cc`
SHA3	`65d794a8858963ce8b76ca45ad0e34dcc57ccbe9dc9851aba6f03ee7eb94fe52`

395

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x130`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.2187`
MD5	`9e4412ccee706a912cc1daca7c922452`
SHA1	`afb564f891125221fc10c3d24b0a15f4451d0770`
SHA256	`80bc2de50572f0ee043e30f100c9ebcb840a7c336d01a7c9559527266b4a837b`
SHA3	`1643533569ea55aa8a9840f862446f836a3878872b1acaa08e5b42e167c49020`

396

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1f4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41817`
MD5	`2b9b607a480ed6d4fb6df4e686e62951`
SHA1	`13a517c28ec8c9d5c210bc344d58344d37e2be4b`
SHA256	`a0a16eb16728a944548bdfc5cac85ddfed0f0c7ba0f853ff113f4e256715e6d8`
SHA3	`a31a74ed110a56aa60e14a3c64404c6391749c3ed34702d8f4c657e49fbd7167`

397

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.60338`
MD5	`dec4bf4a6af63dfae4d0527f87bead09`
SHA1	`6cbc90dbfa6d7f5a65a79442d262d36257e56070`
SHA256	`e862b168ff44582fe09ca191d760c1fb4de1d218eb01468a1c6f17af598b4bf6`
SHA3	`adf7834a459657e68ff79af6f9534fa3203a554cda093d4a70caeffb6a0acd15`

400

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x40`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.95104`
MD5	`91411816a6ebf8d6049c04da4e646264`
SHA1	`2d40a5c673e9feef77b1aeca4abadb4f6f6b1990`
SHA256	`5fcc991e88450a85ccdaec47195ec267cdebf5347f0f345e5e6e755460a5ee4b`
SHA3	`f05fa3867bdfce678a4794f3dd969c9992620aad85153edeeb41b3a6d25bf6a7`

401

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x150`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03519`
MD5	`5470a1e9963f7f39ff53bafd5917182e`
SHA1	`352d89b76aadce72cbefae6f44d4a9bb4c4500d2`
SHA256	`3a34c658178e16d95effae9302f4ec05cf83c85c01711d0d5c67c4cabb53243b`
SHA3	`e882715467dddeb942bbf6ccd858428eb2d20a7ef18b97e8a0cc2900767741db`

402

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x100`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.1265`
MD5	`b41d36962e64960fca183eb542b6ebdb`
SHA1	`206f95fed93785bcd6dc1db49c932595ba45660e`
SHA256	`eebd5a0a0f940f95ab50c1da6e2ea692fa9ed62056cf5e58436d2b6cf0619e21`
SHA3	`0420c59523bbfc70c0663cd81c907d29e7a16d39c42122a1eff8fc294e088f61`

407

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x64`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.39266`
MD5	`d71c2add645a2a8aca24f2bbc228c0fc`
SHA1	`431ad41d4dbaac2988517025fb824a5ec7365d18`
SHA256	`224aa7d19e2b3d3b6f6fec61b520944afb5fee9c4c3165779eda1722e22ae510`
SHA3	`da9b697d168648745a44de507f22a9f7f5581d53981c8572ca376f6179612869`

408

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x70`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71526`
MD5	`c2d20fadfe18fd28448c461c142f0fd1`
SHA1	`9fe15ca66ba5fe9661bf61ac4b7fcf2b1645743c`
SHA256	`fc75503f12000fbf9766dbc09bdfdd6439bbd23f68aacab19e0fc389a72d7a22`
SHA3	`b5e3b577536f37c718939297dd2ed42f3e20f1cf2869448927d0e51b4fc49cac`

409

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x34`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.30664`
MD5	`b79fb6f24827a6fb3a023293e4db6aae`
SHA1	`62dd72600185ce9f6ba4cecf3e60423d4ce9b818`
SHA256	`eaa3a64d8f040ca1908c0570195153db63374da1296c15dab59fdbf54eee813f`
SHA3	`f46cb29a8d0df8a06c14606e713b8110cbfc5de6f8723e5044ed5aaf3cbab3ac`

410

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x60`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.42299`
MD5	`bcefb7142c60abc8e6b30394c0fdd723`
SHA1	`e7d1dd645a8b4fff61f0edf1694a1c59b0789031`
SHA256	`3a5abd5f5bc80b68ede5089d68f77f4c5600ccc153599a4d03f7a8169ed9dde2`
SHA3	`7ba7efeaeb00544390cb2f9c4ccd63a3c0119bbae9dc78bb0fbf7b6e177cc09c`

413

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06877`
MD5	`991c20e4de12079593bb2a60b5003acf`
SHA1	`8a9c1ee566eca92d4aa0e45f97fb71b705d1124f`
SHA256	`1255575321cca0cd71f6090723058761b800b31d1a7aaa0498caf0049bbe662d`
SHA3	`476a283928d3585e2cbc62ec359d304dc3f480ccacbb3f98128f59c72c5cfff6`

414

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x64`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.36611`
MD5	`f96f5f82b735b35ffec7cf48958bb7cb`
SHA1	`e6caf1cff115b6100065a6f9f36c1ffaa32240b5`
SHA256	`f36ab5fd9f28bf6743e08485b4e81924b16eb559e745ee5e5a3ae1216326d2aa`
SHA3	`c832bc812e563e7661fb2057cdab4296ef2263c99efb316f8bc3501ec87c7dea`

415

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x168`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.95811`
MD5	`d56d1cbb3e55077abb384944a4cebe67`
SHA1	`1cb0a6db66711eb8b5b60514dc5915713b6560ba`
SHA256	`19a4b1ab44405e1ca1d608d5c80e38e4c49e66fe54552a8edb8bc12eef119ee9`
SHA3	`5e8198164d919e553d6da28eb4738c814bc26af14d0ac4368cdb26639cb9fe1f`

416

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23`
MD5	`e849e4d76adbec8285a829dad7fd1c49`
SHA1	`b223dd00ae140eacd11b6e082dcccd89c8c04e95`
SHA256	`47b17dd2e43282a42687ead505fdc0c9bdd8e24a367c9fce818b7bf5d9de9dd7`
SHA3	`808ca48be0de90d59bdb55fb4600b47446ce7eefd34f0f7a39fa4f54ae78f3da`

420

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x7c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68846`
MD5	`f92836878e722efc811735617c9dc254`
SHA1	`8049c8ce0ee903ead460498581d903431bbed880`
SHA256	`cb2663868e3d0f519a577177cd12aeefd8f904d4ed763b628f42daf668c629ec`
SHA3	`bef1868a7124770d55a06af3f5b33c3c82b9a4eb173815eaa10e9ad249587fc2`

422

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x48`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.00258`
MD5	`55eaaed35e40660c781027930e25dddd`
SHA1	`a90e899370d510cdd42d3e0f624ffbcc6ea52d28`
SHA256	`4787fd59f5542f86e1600b60ba31864e4920d6ca3a9ca3367c9a421c7f9756e6`
SHA3	`e372c9f388839f8e62c2b9750a8555aed4bfa4f76deba29025c7e920d6d507c7`

423

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xd8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26625`
MD5	`e714c1573ff851a530cc4b569f81c111`
SHA1	`221bad738fad60126b9957bf3f9c09de211f3e0f`
SHA256	`25b02489e4e593a3406eb8a5e405c98a4e0d3041e6063b79b37a606424ce2a03`
SHA3	`3196d785dc70edc77be22ac3d7d0895d4ba26c4065ae9c9b5108f0afff0e2830`

426

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xfc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37589`
MD5	`eb7853a6ba721515731142bef85b76ae`
SHA1	`0641871f9dc4d19900020574f99a147a97e7888a`
SHA256	`8aaeffc3d0ccd86b93ea480089e1c4fcec9e25402b4a8d65d0a706ef323d827d`
SHA3	`057e53654bfa9e2fa092e9eb78efe5f150ac4306c1462056bea5678213c5f76c`

429

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x188`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.46202`
MD5	`998983cec7155390afb7963ca50da531`
SHA1	`b692dad0993be8ceb56e2acba5350fe5ece104f3`
SHA256	`9157eabdf9ccedfdd72b67effaffece68cfc53cab14c443eb486bdbeb80e7340`
SHA3	`ce19e1c2c2863025f7d5fa9881036a383a2af1add28e3aaf48dd957ec8e172d8`

430

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x138`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.43274`
MD5	`e49166ba1c5dc3db4630bff9a61fb9c0`
SHA1	`47cb98805f65470e27f2af10f4358c23dd88cd43`
SHA256	`aa0daeeb3a3cda81f29534a9c2033b071940d4d6dbad78dd361a45873c065335`
SHA3	`b4e3ba817456743ab661402c4cb5a653181243e5433599f3a101226c55976700`

431

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xd0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00255`
MD5	`2cc64a869083cda623a638c1dd297ac3`
SHA1	`ca1d4c8182ac771b89032b0a31ceadc66b7f7af8`
SHA256	`bc1c1edd3a0e6d2532d73ada484e71d04e75aa2d81b62ae1fd7c5ec6e8fe0f98`
SHA3	`f0f7611bef66116aacf343f6dab4d2d1f3248741f5ecce4966d260ac304d5d44`

432

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xdc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27952`
MD5	`0722fae52cc228c9c4bf09b7e22645f1`
SHA1	`fb23b18b8022ed4849701c601c263167fd50a5b7`
SHA256	`04ab1579249748a0a7abb5524792fbbc2d5a358abb09eaee8e9072b35531094d`
SHA3	`6c347494f09ef096191bf3e4ce3b917535f4dc42700a6594c341b09f7777018f`

444

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x7c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.56371`
MD5	`c7ff7d312989407150633b861f408b0b`
SHA1	`8e91413ba15f9bb0f31359b1bbeb90a955394f7e`
SHA256	`c67f98cb256a20df4e5613203d77c629ec9012aac71137a3e234fbc557d32d88`
SHA3	`5de48cf6c3e1cdf89ff7317e5fa19d516cce99c0fa9b5f72cdb89a635bd505d1`

445

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xfc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14719`
MD5	`93e06e39ef02178b8b7f08c28728a6a5`
SHA1	`7f5e070d1865daa2b3dfb80487b5ac5c36062e5e`
SHA256	`98319b4fc7c53727839fd9a17c568794997fc4d1d9f00038d84b2482485f4f26`
SHA3	`263a15516c4f8b4485706930cc81603a1ebca213fdf42fcd36cdb475413947e5`

451

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x5c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.39929`
MD5	`fa0eb44a882d9eced77c6c00c352d729`
SHA1	`a126e76ec728af8ef2a742fac53beffbc9c5d173`
SHA256	`3fa41cd3f4944ff4b9fc11e57423c6ffa4f6b8b8fa70e16ca5eba6b58a1986bc`
SHA3	`1c09750d810b5507c3d4c0639ac9aecad3a4c5b2deb76238737ec222c3db8ab6`

1

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xa0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.49034`
Detected Filetype	Icon file
MD5	`7d2ec3a173915ef8f6992a42b35405f9`
SHA1	`838f6aa89862ae28f6468eb32dd2e7a1230ead59`
SHA256	`182c1805368730060038d876c358aa7b9eb88e50e9eb26ca86eef4ad0672aefb`
SHA3	`ab949a37862bd75d59e0403ad58887c56b13ccf631d7aeb1aa1de9d985c64442`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x358`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41433`
MD5	`264c09ee0923534a7d94408051702cce`
SHA1	`289910139d2f4a940a3de564a0e738b20bcdc97d`
SHA256	`f36c7629fe46b5460e8fce326db6fe49329e25f8715a29c98537c44ad853b231`
SHA3	`5739c64658b65f718d4c15c6280e6637aea7b96a0ff2ff16c9017edf0500890f`

OPENGL

Type	`RT_HTML`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1384a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10516`
MD5	`aeb0b164aa7dd68e709fc5bc89338ba9`
SHA1	`f6fb868d34533ba44c0a4254a0233cc33ab56200`
SHA256	`11b4025c87a976a39af25108fba9d52afabf1e1a14305aca1a1b971d33fa389f`
SHA3	`213718ae685156ecd2d0bd89af9c077915c0244a5b7db462f89a6a5fda89c33b`

String Table contents

Zip
Recicle
Data
CxForte
Atrib
ddd
Idioma
Classif
Triture
Fonte
OpenGL
Ajuda de Arquivo Pro
Edite arquivo selecionado
Utilidades Zip
Recicle [envie a caixa de reciclagem]
Mude Data, Tempo
Cópia arquivos para caixa forte
Modifique atributos
Dia de ano
Idioma
Classificar arquivos por...
Triture(destrua) arquivos selecionado
Scanear
Selecione Pasta de Fonte
Selecione Pasta de Destino
Entre em Senha:
Nota: a senha será aplicada subseqüentemente a arquivos você extrato deste arquivo e será clareada automaticamente quando o arquivo estiver fechado.
Você quer sobreescrever a cópia existente de %1?
Advertência final! OK para rasgar arquivos?
Você está em modo de Vigor.
FTP não pode transferir a si mesmo.
Você não está em FTP.
Você tem que conectar primeiro a FTP.
Rede conecta falhado.
Rede conectou como R:
Rede desconecta falhado.
Rede desconectou.
Este arquivo será extraído a uma pasta temporária.
Qualquer mudança feita a este arquivo é temporária.
O arquivo de Zip original não será mudado!
Não permitido em Zip ou FTP.
Erro. Entre em um nome de arquivo válido (ou Esc).
Renomeie falhado.
Nada para fazer.
Sobreescrevem
Avançado
Conteúdos
Índice
Buscam
Mês
Dia
Ano
Horas
Minutos
Segundos
Data
Hora
Criptografado
Verdadeiro
Falso
Data/Tempo local nova
Selecionado (Tabulador Delimita)
Selecionado (Vírgula Delimita)d
Tudo (Tabulador Delimita)
Tudo (Vírgula Delimita)
Format Diskette (Dialog)
Synchronize via Atomic Clock (Internet)
Build Database of Folder Sizes
Find Files (Dialog)
Disk Copy (Dialog)
ToolTips
Volume Label
Map Network Drive
UnMap Network Drive
Presente
Nome
Série
Bandeiras
Capacidade
Detalhe
Assoc
Pele
Copie Nome Longo
Copie Caminho Longo
Copie Caminho + Nome Longo
Copie Pseudônimo(8.3) Nome
Copie Pseudônimo(8.3) Caminho
Copie Pseudônimo(8.3) Caminho + Nome
Dia de ano
Verdadeiro Nome
Filtro
Abra com Programa... Associe
Detalhes ou Ícones Grandes
Associe cores
Mude a pele
Som
Atualize que datas?
Cancele
Aplique
Seleção
Nome
Extensão
Tipo
Tamanho
Data
Tempo
Atributos
Acrescente
Apague
Extraia
Conserte
Sinc
Sim
Não
Cancele
Aplique a todos os arquivos
Arquivo
Ferramentas
Controle
Drive
Adicionar novo hardware
Rede
Sistema
Uma pasta não pode ser solta sobre
sua pasta de parente
isto
um subpasta de si mesmo
Próspero solta de pasta
sobre
Um Zip não pode ser derrubado sobre outro Zip
Criptografe (Blowfish)
Decifre (Blowfish)
Extraia a Pasta ...
Use Nomes de Pasta
Lembrete Sobrescreve
Extraia
Cancele
Nova...
Compactação
Proporção
Método
Criptografado
Caminho
Armazenado
Encolhido
Reduzido:
Implodido
Símbolizado
Esvaziado:
Desconhecido
Fonte
Destino
Arquivos
Igual
Perdido
Mais novo
Só leia
Oculto
Sistema
Volume
Diretório
Arquivo
Pseudônimo
Normal
Temporário

Pseudônimo
Compactado
Offline

Criptografado
Sobrescreve Destino Archivos
Sempre (Refresque)
Só se mais Novo
Armazene Nomes como
Nome longo
MsDos 8.3 formato
Nível de compressão (0-9)
Nenhum
Mínimo
Normal
Máximo
Pasta Info
Salva
Segurança
Criptografar
Arquivo zip
Cancela
OK
Navegue
Filtros de arquivo
Separe com ponto-e-vírgula (;)
Exemplo: .doc;.exe
Exiba em Vidraça de Arquivo
Pastas
Arquivos
Arquivos zip
Exiba estes atributos:
Ordene arquivos zip como
Arquivo
Grupo Separado
Nenhum
Embrulhar (Mínimo)
&H2000
Encolher
&H40
Espremer
Esvaziar (Normal)
Destilar
Obliterar (Máximo)
kernel32
VirtualAlloc
VirtualProtect
VirtualFree
RtlMoveMemory
RtlFillMemory
lstrcpynW
LoadLibraryA
GetProcAddress
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcess
ntdll
NtQueryInformationProcess

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
Comments	Vote for it on www.planet-source-code.com and visit my german website: www.vb-empire.de.vu
CompanyName	KIRCHMAIER PRODUCTIONS
LegalCopyright	Stephan Kirchmaier
ProductName	SEK Paint 2.0
FileVersion (#2)	1.00
ProductVersion (#2)	1.00
InternalName	SEKPaint2
OriginalFilename	SEKPaint2.exe

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x91a515f9`
Unmarked objects	`0`
14 (7299)	`1`
9 (8041)	`8`
13 (8169)	`1`

0aaf089c03623b6052a304ca56dcf2fb

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.data

.rsrc

Imports

Delayed Imports

30001

30002

30003

30004

30005

30006

30007

30008

30009

30010

30011

382

383

384

385

389

390

391

394

395

396

397

400

401

402

407

408

409

410

413

414

415

416

420

422

423

426

429

430

431

432

444

445

451

1

1 (#2)

OPENGL

String Table contents

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors