Manalyze report for 0b4c3c4bee71b93215f8070943675ae8

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1970-Jan-01 00:00:00
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.

Plugin Output

Suspicious	The PE is packed with UPX	`Unusual section name found: UPX0` `Section UPX0 is both writable and executable.` `Unusual section name found: UPX1` `Section UPX1 is both writable and executable.`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Possibly launches other programs: ShellExecuteA` `Has Internet access capabilities: InternetOpenA` `Leverages the raw socket API to access the Internet: send` `Manipulates other processes: EnumProcesses`
Suspicious	The PE is possibly a dropper.	`Resource CYGWIN-SETUP.ICON is possibly compressed or encrypted.` `Resource CYGWIN-TERMINAL.ICON is possibly compressed or encrypted.` `Resource CYGWIN.ICON is possibly compressed or encrypted.` `Resource 7 is possibly compressed or encrypted.` `Resource 8 is possibly compressed or encrypted.` `Resource 9 is possibly compressed or encrypted.` `Resource 10 is possibly compressed or encrypted.` `Resource 11 is possibly compressed or encrypted.` `Resource 12 is possibly compressed or encrypted.` `Resource 13 is possibly compressed or encrypted.` `Resource 14 is possibly compressed or encrypted.` `Resource 15 is possibly compressed or encrypted.` `Resource 16 is possibly compressed or encrypted.` `Resource 17 is possibly compressed or encrypted.` `Resource 18 is possibly compressed or encrypted.` `Resource 19 is possibly compressed or encrypted.` `Resource 20 is possibly compressed or encrypted.` `Resource 21 is possibly compressed or encrypted.` `Resource 22 is possibly compressed or encrypted.` `Resource 23 is possibly compressed or encrypted.` `Resource 24 is possibly compressed or encrypted.` `Resource 25 is possibly compressed or encrypted.` `Resource 26 is possibly compressed or encrypted.` `Resource 27 is possibly compressed or encrypted.` `Resource 28 is possibly compressed or encrypted.` `Resource 29 is possibly compressed or encrypted.` `Resource 30 is possibly compressed or encrypted.` `Resource 35 is possibly compressed or encrypted.` `Resource 36 is possibly compressed or encrypted.` `Resource 37 is possibly compressed or encrypted.` `Resource 38 is possibly compressed or encrypted.` `Resource 39 is possibly compressed or encrypted.` `Resource 200 is possibly compressed or encrypted.` `Resource 201 is possibly compressed or encrypted.` `Resource 202 is possibly compressed or encrypted.` `Resource 204 is possibly compressed or encrypted.` `Resource 205 is possibly compressed or encrypted.` `Resource 206 is possibly compressed or encrypted.` `Resource 207 is possibly compressed or encrypted.` `Resource 208 is possibly compressed or encrypted.` `Resource 209 is possibly compressed or encrypted.` `Resource 213 is possibly compressed or encrypted.` `Resource 216 is possibly compressed or encrypted.` `Resource 218 is possibly compressed or encrypted.` `Resource 219 is possibly compressed or encrypted.` `Resource 220 is possibly compressed or encrypted.` `Resource 221 is possibly compressed or encrypted.` `Resource 222 is possibly compressed or encrypted.` `Resource 223 is possibly compressed or encrypted.` `Resource 224 is possibly compressed or encrypted.` `Resource 225 is possibly compressed or encrypted.` `Resource 7 is possibly compressed or encrypted.` `Resource 8 is possibly compressed or encrypted.` `Resource 9 is possibly compressed or encrypted.` `Resources amount for 86.1662% of the executable.`
Suspicious	The file contains overlay data.	`19 bytes of data starting at offset 0x14a000.`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`0b4c3c4bee71b93215f8070943675ae8`
SHA1	`a67e9ca4a55b13579f3f059f855bbc43e5fc7614`
SHA256	`cdc54af1bb55adcf33bc9ee0477f6a6ca64a400667e2b0ff9ada110fd2d591e4`
SHA3	`008db4e6d82b844e1e22f19bf7cb16f1ac21496ac603858505d2dfc83e9609df`
SSDeep	`24576:YoYgD0nbvuQWTQPP4iTUU+fg7XmBkZhN/FryVCan2uKETOBJ:YoYCUyQWTQ33Tt+o72Ba/BA2Xv`
Imports Hash	`6991b4f5b1a464addc0d4394358fe5ec`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`3`
TimeDateStamp	1970-Jan-01 00:00:00
PointerToSymbolTable	`0x4a8800`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`2.0`
SizeOfCode	`0x13a000`
SizeOfInitializedData	`0x11000`
SizeOfUninitializedData	`0x395000`
AddressOfEntryPoint	`0x00000000004CEAA0 (Section: UPX1)`
BaseOfCode	`0x396000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`5.2`
Win32VersionValue	`0`
SizeOfImage	`0x4e1000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

UPX0

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x395000`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

UPX1

MD5	`4ab53d973229fa9d20716376f4b25251`
SHA1	`081c549f5bd6f39ee93558a0384fc05b1c75463c`
SHA256	`5199a82a898944c032185975b67a414062652134d14c4718cd64724389ea6d25`
SHA3	`4c0cfb004d6b3d0c50292915fab9fd9a0fb6a5d12dd7fa2bfd0d31986f752493`
VirtualSize	`0x13a000`
VirtualAddress	`0x396000`
SizeOfRawData	`0x139800`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.4798`

.rsrc

MD5	`5d2e73e3d112024f2a893f35e463755d`
SHA1	`27c949353a49b29eb6c075173f49790b17a20560`
SHA256	`7df22b52277aed136e4f89e4f8436bf4c53c43df64ad90e48fce29eb7344c47e`
SHA3	`9d627f6fef55e9c0d694498cca9670c91b79cce29f96eab1e406fbd897be7352`
VirtualSize	`0x11000`
VirtualAddress	`0x4d0000`
SizeOfRawData	`0x10600`
PointerToRawData	`0x139a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.74434`

Imports

ADVAPI32.dll	`FreeSid`
COMCTL32.dll	`PropertySheetA`
GDI32.dll	`SetBkColor`
KERNEL32.DLL	`LoadLibraryA` `ExitProcess` `GetProcAddress` `VirtualProtect`
msvcrt.dll	`exit`
ntdll.dll	`atoi`
ole32.dll	`CoInitializeEx`
PSAPI.DLL	`EnumProcesses`
SHELL32.dll	`ShellExecuteA`
SHLWAPI.dll	`StrStrIA`
USER32.dll	`GetDC`
WININET.dll	`InternetOpenA`
WS2_32.dll	`send`

Delayed Imports

CYGWIN-SETUP.ICON

Type	`FILE`
Language	English - United States
Codepage	UNKNOWN
Size	`0xebcb`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99699`
MD5	`46ef3ff4e2f111d929e1d0439f48ad2e`
SHA1	`9c6e677a3d72256aa7d6f69b28df531998e17671`
SHA256	`154885e38cb9ffa0279fe0904500a1af40158e87811235002800d680d46f8175`
SHA3	`35c45dd6971c613036e8d16fd2a3f54a66c1c276d79d2e23937ad796720eacbd`

CYGWIN-TERMINAL.ICON

Type	`FILE`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd05e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99659`
MD5	`d333c9d181fb7f263f0e9e3f6fe4ed0f`
SHA1	`f3ae2c4a8f7ec4ebf7d54494dea2772a0f2ac6fc`
SHA256	`db2d978d13301abaaf113c7c62841dc9ef9fd99add95466e264c8bc57f098de4`
SHA3	`78c2c62e475f7ad593b6e67404d57d9ca12d072fe92117f401e1249d743e98ef`

CYGWIN.ICON

Type	`FILE`
Language	English - United States
Codepage	UNKNOWN
Size	`0x265a9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99896`
MD5	`4da2f8dbbca836ad17075f598abfcd6a`
SHA1	`f4ec4cdd54dae2fcd323f1785da969a173fccb23`
SHA256	`25f5ea8af8771a5561ae911bedee90c7104139955271cd493b76a088640217c3`
SHA3	`3b8ca164aeaf064e60213a627da21cce26243a2e41bed4a625949073329f9bf8`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.41813`
MD5	`ac302dd273f917a98bba11d1f9c65027`
SHA1	`e0ca3f97162b080eb5540243425eb24ddd10c1c2`
SHA256	`4bc65176858c2bcd2ef6b32f18973e2ac3e79e9dbd1974ce4015b9c7a4c287a0`
SHA3	`bbe9e09acd51fb35196656e76edf2505d335175d2fb3f1ca2400f1eca31cac8c`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.66245`
MD5	`f66d12796d38d0b741cf6f6ec14570ee`
SHA1	`52ecb33e226ef6b50debc5ae5454777bd2a8afc2`
SHA256	`ee99f4ead908f626e67095aae2a79d6c1cb5b44661b7b86f472bd0e797af513c`
SHA3	`f5267cea316209b354bd23c69a854ec79d6d3f7223171f72902a0c100e0ab035`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.58137`
MD5	`229913f6d5f4146736717f56fd5623b4`
SHA1	`1b24096aaba3f97d6852800d34654ddaeb4f68e3`
SHA256	`f5031c23170f0b2cc739419f6c8634650ed6f7cc23dc1070e0ca23c8567bc373`
SHA3	`005a77bb561293fd9e0bb85bacf39868bd260ec03fd231841667930d4f1c5f7b`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.27586`
MD5	`d9a271c738f2e0bc5fea8fa88fa4fcae`
SHA1	`ba368a9dbd305529427d008703eb8ae5545dbcd4`
SHA256	`e7e84f017691c04dfbf4f5177b2f786d71b1013ae8104ade1098b56a548fc35e`
SHA3	`c4b996316fddf931000ce537d6caa6d98e4dc79ccaf920fc6251c802d08b0cd5`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.18593`
MD5	`d5857d8161bad2ec154e3f89043e6613`
SHA1	`b2a788297f1c557758b3750d7547b285c2ab0642`
SHA256	`bf365de1ab8d6c9be5f0c8afe6b344173fb1023c116b18cd8962a1fee990f9ce`
SHA3	`d892848784fd4929e3d5aaf9aa8405c57d02c50043dadbb9f97891018de6d44c`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x64fd`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96865`
Detected Filetype	PNG graphic file
MD5	`1d88a55cffa1285b3a23950c7c0ef8d7`
SHA1	`8634f06f9eee4ddfa06d14f3f75c72e365c5519e`
SHA256	`5e2f83126f734dbb87a800fa1b9f45ded1d46c64b9546cf1690e4d0213593901`
SHA3	`138331dfe55886c072e1576a9ff82453ab2cc9a9e7ee7afd7f08ebe44c8ba0b8`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17508`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99812`
MD5	`aba1aa1e300eb7495f8c8e786a353d0c`
SHA1	`e3921f0d208bf49d258586f45b3ce31bfd107235`
SHA256	`9117223a4cab5af4378f55d26b4b6b3314e236e514d619e0fae582a5aea79593`
SHA3	`209fa4157e177ab011a6d2ba6726bef33fb2db9a4372c340e1137bee66675214`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.82587`
MD5	`35dc3d026581e1b9ab75cdbcc2da64f0`
SHA1	`c1cbbc3517a7aad8c4e3a83772900c8079d7adbc`
SHA256	`3427264d52a7b3c6ea40b7e9e0d5db3a58c50dfb7e566c6cd0b07812d21e412e`
SHA3	`249ef3a407f4e581db1d4168a0272f4eac8351d68838754e70033c7ba10cbf9b`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.92584`
MD5	`d0485b13c6916d0129b2a833a00a349a`
SHA1	`0ea3a2d109130a6f2fdd322bcac3b996a4d67ee2`
SHA256	`19bff7f42546ff09f9dd35cd2a5d2a01f9b49a9e4b89d747b3d2381fe6f480e1`
SHA3	`3d94709ff90131de716236b6b42a8bf73f23069df8f25f4a730c4c10e9c4539e`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.95643`
MD5	`7eae16ad7519fdccf387899d2f465eec`
SHA1	`63539385fcc14ffb225163a30c915ed9dc172e7d`
SHA256	`ce3c5c14aac01a44a7d604f7036f14a6d7447383e830c6b40571d57acbc48734`
SHA3	`932025940c426edeb4838874a7e54fc0fa64be3b60854aa70d5dffae269bffea`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97781`
MD5	`c9bb492f92b009ed7ffcb8f29ce7938e`
SHA1	`a0e832253ee8cff898a8b361d35fa8104f0c25b6`
SHA256	`f2ceac259c08e8eb729140e0726f91c013b33ba59f09c981a5d0285276f0a40a`
SHA3	`a16fd1e9aa207b05baf070b81acdb4c5a5d9d63a909a14c17958b77bc3c95723`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98991`
MD5	`ea5ed79cac339ce2743c5f6c6c8e9691`
SHA1	`be67172fc90dae3d2420568e02137f02fbcd9e34`
SHA256	`0061815d6316d504860378327dd3903ddc3524b61f578d1eece9263b4f9e4b5d`
SHA3	`fd2e2fe954da1dd480c98068a7fff2cf680af159e65bece40d755391acaaabc5`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x69c3`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99318`
MD5	`a616eb70622dbb3f2044f89a699b2f78`
SHA1	`56ec76871e7e20a8de92996cb691f8a942ce21a6`
SHA256	`d3966e435dc39789f0217e1dc14d4a07fababbb4c09948afc3ce397f94097af7`
SHA3	`3c97d2e2fde6002ba5803e7a59512699a20a176ba67e11ebacbb4c6a0ef3dadc`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.8262`
MD5	`ace25ef5fc4a881835b92348c2eea482`
SHA1	`1250e8a78c0b5c38d13754adc76832f72d30e433`
SHA256	`bf4257c7ab2882eaa8185348a22a991e49d2d47f9c52c1e1034071af69868c96`
SHA3	`f22d994b3f06b4f8bb1c1190c774dbbde1090d55bf47d5c5b11fc503ef1262bf`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9158`
MD5	`333da4aa584e6aeef872349488bf2e1b`
SHA1	`6cdefbf53bf699cbff33336fca837bdcf6eba57a`
SHA256	`c1c2db35af622b58faa6a6a58e075b5b7907cfab24889159ad171a25c5e61f8a`
SHA3	`5bfb6aec17ba0c13b079e5b23e704f745ad467518fd13590c0d90ba175fdb9ce`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9533`
MD5	`c6cf479dc082934b4edfcf221207ff5a`
SHA1	`8936b45a22794536afeb4d1a3dd93a2eda5bc4cc`
SHA256	`89f1cc07f30e0c94182882ffa78f4a2518bde3f4ed9d9f066407d13abaec3bd9`
SHA3	`f6ea0e817a454c0d34969d59278fc91a1d0f31fe3fa5718a7c11b4237462d72d`

17

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97873`
MD5	`cb0ff5047b58d733218eb2cebaec04ac`
SHA1	`b555b91cdb096f49f948b6638cd7c02df55d7548`
SHA256	`0d287eddd68eb275e16a79359b091fe0510f154ba749f6655924a61bb3e06874`
SHA3	`4ddbdcff160c1f5b04bc07b1502e1faee3cfcb677fee452396006e52b4629f84`

18

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98815`
MD5	`434a69ef5e5c91aad05545abd62ece1e`
SHA1	`57d3be6ec8127762dca5432b9b67ac45eecc6d2b`
SHA256	`cb17bdd34472a4eaeba7ad8d2744ca6c02fd688b146782daa57280e55a1b8cd2`
SHA3	`3b3dfbae7fba795d59478966817b558c5cf690f4fe41e8c7f46c6c54277524e2`

19

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4990`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9905`
MD5	`ac201a47a94a2cba73ebd5089518383c`
SHA1	`b67253dd563689b010a6cb7d9c8300e4d8d58b5e`
SHA256	`34a7a4a1a82c620441a20c354bad6f0e4e2dd25cce6e9c81e164b63d6b52fab4`
SHA3	`7d2a8fd91641b5138c91ef7416709a7dac664a90faa7ea1c766531c826b7896e`

20

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x229`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.61126`
MD5	`a8082cd699b535c000384a3b9a5e2d78`
SHA1	`369f9d3f65f9a8a140ce3ddc0f055861bd75477f`
SHA256	`8b18c3561f52d2074c271e0f4d3e996090dd92a776fdb22e68799647d3210234`
SHA3	`83df1b02bd8694b5f587d8ed80f015331e952fbd3df518b5413fd7b6a91792b5`

21

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99883`
MD5	`62667a66cb92b43815dee0ac2f97f76c`
SHA1	`a2e3f7c7017fc22a05843172cc7c62d3ff7b37d7`
SHA256	`6472a749483949f8284f3edb927f09a32bc7cc2452fce1b66e233ebb5204ad6c`
SHA3	`9119d8401acc69e82ffb73bb45027fb8410b2aff925a3667ff4cf338d391b0df`

22

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99716`
MD5	`1df8c4b91e01d8ea4b8639e5dc6ed8fe`
SHA1	`216b998e7e4abe504976bec24ebf416b776d031f`
SHA256	`005f38977f7cf211c5a6647dcbf26796e2654c42e183df9e2edb511f5154db67`
SHA3	`ab47139a14541855034914f3a8c5ac811df6a257b29f7f4f0f31044494ee31e1`

23

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99508`
MD5	`b3f1e9f18ea6deb3cb60e69270588a68`
SHA1	`e3c3d74e2eb0e974cf44f986d5c03b9cd4e63921`
SHA256	`0d92891c19387d5af1fa8139d73ea8b9595da97c4c90e7ad09392898fadcc886`
SHA3	`1e0de930350c4ebbdbdffd731c381be5099f1a201dd868b0142dc85dd45e95a4`

24

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99048`
MD5	`561a9baa7441abf484b95f00d87bdb04`
SHA1	`2681952029ae8ee330c43eeda3d149eb7620cb14`
SHA256	`76f0b9213e7a4c45f83574dfdae2f9219aa30e20a478e6bc4218ba22b548bd7c`
SHA3	`32538c6548437c5b57ce844907e8fa887afd3ed563147195edb8c2288a8ea8c4`

25

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98253`
MD5	`5f9bc328fcc072607a66901d0e745f36`
SHA1	`207351c7636fba0c031c8576891becf44d1e263b`
SHA256	`ddddc167d7fd0a5cee069193589553018a80e164b0dad6d2dd214af0a521f3bd`
SHA3	`e990e0635f12caa67e51a7218ec9891870c641f4b959f56d8aff87790fa91ebc`

26

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1a68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96784`
MD5	`56544ed5890a8aecfd9a0438dc5ee9ce`
SHA1	`6aef0da55931774116a6365ca0b087fb404fa21a`
SHA256	`13e355b6845ded9a318cccb9242be0bc1424204916a74f3faacf64f461f57219`
SHA3	`b8b229af7f7c83d3d33d4d7247248d67bcd370345d54aa7981d61e2698e5e271`

27

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.95433`
MD5	`28df426ba12d0acf0d03ca75c36019b3`
SHA1	`286712225cf7083f02c6fc2307569e95132e183d`
SHA256	`4da6e1917c13f2523cdc0dfd2f4c3c4db6c9d5853073c4229a51772a72b82ef7`
SHA3	`6f4f175f4fc5552fe91321235a51475569cda65ec43b10f689c732db24d1a228`

28

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91739`
MD5	`b66610f76e81dcd64912dbcbb5be742e`
SHA1	`bfa7a8f4cc01913ac121e98f783d8a2b473eba3c`
SHA256	`a05f14659188afc6fc41b0fb3f9d134af88f497f85c9a7bc823d4c3db4cd72e9`
SHA3	`d3080be0d7c7c5d2505147793c1cf6e83a120402089884fdf04e127f1b9e530f`

29

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.85214`
MD5	`c786144358402754d641f508a442dda2`
SHA1	`2c90d74af2c441d653d486082937724c45b122f1`
SHA256	`05a2285693e633d7dbae68718824528d85b92dd76308825222ecf867f1ea87c4`
SHA3	`b7faede2a4448fe4d4fc5211f026ec70417f6623d7707e7eec5598fc0f292e8c`

30

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x218`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.56618`
MD5	`17d1004815d233de44cde21bde7551a1`
SHA1	`4ed8890900fb2dc028afc502b34ca5bbf4453a92`
SHA256	`55132589cfdb4075dbe5a22b333da56f4070648dd363bb3ea8b045171c24eefa`
SHA3	`513b9d77ff9407267dfa6108ec7235ac3a20323effc7cdae06babeec51c64afa`

31

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.05497`
MD5	`46773c3a89d68a61e356031ed6825bff`
SHA1	`8c1500f5fb710cfe9364627e09105622457d0633`
SHA256	`d6d16f71eef6b6a37f23a1bffb4d1d17949745a26922c11a888b7639f29f1c27`
SHA3	`2809edb286bc8943683aa8d703c9495e2ff31d0683e489731391b7c5bb90b0c5`

32

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`079443fb4e231ef2b8fd6dfca98a9f6e`
SHA1	`dcd5f28ee416332da67fcc8f4fa69f45a41f0608`
SHA256	`b8405678b3b07a09c16ca42a895c979c12a0c798f0af3e3fbb119d38afe8f11b`
SHA3	`d8e2df1e60423deb0d49e5debf320379a5509384984ea8d37c08f64deae3a8ff`

33

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`2ccc6e4d1626745fe4b8c3996723456f`
SHA1	`74611da2168a7dd11afd5d283255dbe8fcabed0b`
SHA256	`f0dab762015e29baca8d097e0c60158efdc41eca3449c2d005decc337369a7c7`
SHA3	`e34da5e9b7bd2f72c7400124876f81990164f79987ff6576200180b1216f58b7`

34

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.33422`
MD5	`19f47bec1e7faeaadc76b63b1a2d12e4`
SHA1	`bd86e13528d269059277af0f53b2d8e59601b3de`
SHA256	`6882c28ee3df200ffc4c97abf52e0c6d6d1baa8cc63e24662d54c3ac644af10e`
SHA3	`dddeeb5fff4950e2b069765c945ef93fbcd5bb8ec5bcbd48b55d5d618242f969`

35

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98242`
MD5	`4b16f7404418666abe3c715ec408ccf5`
SHA1	`89e1a1cb2b395bf20b20efce02ecaf28316d66ce`
SHA256	`ec6844f83e57b9c9d9e3711eb9c9c5d518e0cd1c3c993e551369fad73a6d13e0`
SHA3	`6832c4fb45fc6b4e04245744304d945b923d0ad1711a28fe7e045665ec24de80`

36

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1a68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96997`
MD5	`647c95cb2b2c8a84c2cf17c1cb254ec0`
SHA1	`d81b2f7086118d9b83433485a9037fe0d64237cf`
SHA256	`6911a91225bd10dac07b7993b4291a6ecd45999ffbf326b6fb5d74ee5cebd832`
SHA3	`d681343e1a6f9be9fbb13c1a34309b1ac0ca1fff8c14ee0890336c373e7c6e06`

37

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.95691`
MD5	`289b128a3d90af855f4ffae106dc6e5e`
SHA1	`cfee7fda90f435fe8ec200980716988af85c6b9c`
SHA256	`ffbbeb8432faa07fc31119beff29f72b00528f9f23c82be7744e55618ff39c4f`
SHA3	`ad4897c24577d2a2b3bbebe8ea85e993b9f2daf7b201645f29207c4db08f6387`

38

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91826`
MD5	`5a5b188848b365ce83164a6fdb522925`
SHA1	`a354c825ff94c986b9b738ec4a46792394fe15fc`
SHA256	`c456ae9581335f51f3faee4058db1c97b1f6913b5f3ff6e34e33c4f49ee15c69`
SHA3	`3244de49816de82bb693443a6dfbc43146d88cffeecb4f2f3b618d27dadb7345`

39

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.81014`
MD5	`683bf228432f71eab55271569d594689`
SHA1	`a4a3be8ff49d429291813f25dcd06e4701bdbe78`
SHA256	`df7391cc4c9770e443d87d90804d0ed1b77da0f22302e2626bd0f48d03e21b27`
SHA3	`b7908139f94f225e9590ce7fbb8d73e9d4d94419933f249cae35bad032c657f3`

200

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x510`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.85677`
MD5	`565236627baa2ae607b8988a30544673`
SHA1	`b531859146b9e435ce82ce7879d9696e908d1c94`
SHA256	`bf639429542a5be5300e8d14c6f9bee6d25306fa7a8d939690bd00cb52044a24`
SHA3	`97ed28417a66f9e88d6895921245baee4c0bfa0bf41777d852ba3d72264060fb`

201

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5c6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.87952`
MD5	`9c15ae7b62e0513d5a35f731b3a9881d`
SHA1	`f46f55fc997541ea9f0eee385cfb4572a8efa40c`
SHA256	`b3f56ac41392de1c56fd1f03a5db01b2541785a691969e323a1663c26bae2290`
SHA3	`89175a73d9b0943b96e29c579e6bc4d647d18b1aef421775d1ef11e569018498`

202

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x362`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.78127`
MD5	`081e085e123cd9bbbcb8465e29c289cd`
SHA1	`da9fe8bd004a5cec4ce32f192eebba7a20b90c21`
SHA256	`b0f902f2ef5b6173b0fd1242162b2763e2a9ddbe2e2f3cc99c8142ae0045d59b`
SHA3	`4998ba0188104a0533992779d4eabe451d6046f3851bb55ddb2ec9f3db4fb57a`

204

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x270`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.7134`
MD5	`0b478f37cb9897692066a068158b144a`
SHA1	`eafc0207bebda96f2f515b7a42a19239d76bb05c`
SHA256	`3f807b5dadb5963342094f787a4fcadd6284aaeb6a36ace9d15a3276ebf3a832`
SHA3	`ca348b454d30bf08727e63802efd2ce28ff52053bc98c07d5c94ed841496527b`

205

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x394`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.77441`
MD5	`ec9b31d0e4e4cd2b0b07af1de81f7dae`
SHA1	`db67791b31fca075999126134d4533b514918433`
SHA256	`6e8fb3cd2059d33bf0a4a22b32569bc957421e839d842f12b576ea7cb1132788`
SHA3	`161634e5c5dd6f831d45924a0b017d814a6c1510f9928b978d96b4df2d34dec6`

206

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1c2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.55378`
MD5	`ae56f12c60a6ebf8aa952bd6ed274bdc`
SHA1	`53b66c85f2df92cec096bdfa4cef47ef49e48acc`
SHA256	`f847c24b772ce9633ff42082076f766df806f0bfca76b92451c35ff6236fdf63`
SHA3	`b5f3a5f5a6eb57106550e4d4af9adb3a24c9bb927181f61ea2c5eed6c32ff44c`

207

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1b6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.53218`
MD5	`faa8330619c3289de0e58498a782559f`
SHA1	`b337cfb1e36bde170151e0dfbb09fd2a273f7faf`
SHA256	`24d86438d9a1ae949bd6d8c13b56f19b1ac9415a12588e9b1f923ee43d0c9396`
SHA3	`347f8eb0cc4e8509704510db78da6613e8367034e64b14f686c7be0566bc0d1d`

208

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1ae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.57524`
MD5	`1e469d46ba0e3c30066b10ccde0970e7`
SHA1	`e705bd1802accf719efe0715e7b144ca7deb2d70`
SHA256	`575a58c2c9686d77adc906a97383970dcd210935e7905fce72f3d020fbc09650`
SHA3	`f4455cff152e49530964a00ea93b0c5de3ba17e5f64b9667a9806c67b8ad261e`

209

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.59581`
MD5	`6afdc2514a8df7c45fe8c94f39412ef6`
SHA1	`bd23e51e0832126e030c5a6dde1548b477a2c245`
SHA256	`b424fe52ccde6edaa3f7b1248e6837908a635d83ca2bc9ce322f2a142a50597f`
SHA3	`6c5d4bce2246f6cb149353cf2b44b50423e0f0b59e5582a60dd7a60fa2d3ec2f`

213

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x388`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.79608`
MD5	`5b29ec960f7d63e37e4621e7522db526`
SHA1	`8b270c7f8448cebe8d28ad78e80baf0f4bba230b`
SHA256	`46245d89d9384f71656baf6c0dd07430e44cd394e753ce31f480d5e803141cc0`
SHA3	`ed2b728d5152248f66828bbbdbc80bd24557630fe759b72be66209ab16821d3b`

216

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x32e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.78436`
MD5	`ae120c37e28f472cfe0bb0c71133806b`
SHA1	`35e619c811cee604c0ebec9d8ad6faa7314a2cee`
SHA256	`36edda3cc33bfc0ac19791605f8428ff231e86dfaafcb49ffda33e3f510d81ba`
SHA3	`9f9fa3cd3165dc02ec0e7e4bf2511aebb73f36b6864bc103d0f2f83ee1d9f72b`

218

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x44e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.81735`
MD5	`48f72524828bd890049f0bce40d184f2`
SHA1	`46273df31866b932aa83d0c28bd7ef327656ccb6`
SHA256	`17a4d75d8eb69c5139119069e8f1bd6fbb5262f29458ead305dc831d148d8f92`
SHA3	`c9fd1fa10534d805f4d50bcbe835c457ad6ca0f30189aacd712971f2fb80c158`

219

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.7444`
MD5	`39f86b77bc6c4b24b763e3ce543de42e`
SHA1	`c87fb21d11971396990efbf8b683513faf14b18a`
SHA256	`ca5cdb8f893f02f031656910029632b4d52899fd4e2a27525cb0385154eb0805`
SHA3	`4bfb38e5f54fd347663e4c4061c2d6127cf1e4b2b96e884f475d0b4d78c5241a`

220

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x222`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.60823`
MD5	`adf1e173fa0ad334affc39b318bf5db2`
SHA1	`d9621550f9c0f896b938acce2514f1e619168b4a`
SHA256	`d451811e75b4f8a47609d3f5fbefbe9eb0fca4c314298b2f16c70d111e2bda9a`
SHA3	`8edc95ac6a4ab4c142f4509334c251cc707a5064b2a6c08e58eae56520a98d4e`

221

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x444`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.80902`
MD5	`4ed5f4b320c6d5952101be11c795e140`
SHA1	`8eddfef5a7681fd19ef0e888bced2c95a3e76871`
SHA256	`d47ec0ea5e83d43c2f24203bc2560339a1c62144f7f1c364e80aa565149dab80`
SHA3	`7023bb783844ad7f046ac05b587786c88c4932a8a6c2f963c540fd6ee6e27e82`

222

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x276`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.61035`
MD5	`c3f08acc2b74c2ab50627b3ff1711d06`
SHA1	`52ec0d6b7bffb3567abf7b2f42d414c846c39758`
SHA256	`8c1b9617d1051c76ce7f2afb07558e15651086152c02ac8bacdf60f98cdbe123`
SHA3	`b04ebfd785150651adcf44154cfd2d193548981106c5304ee4f4bc8d77781aa7`

223

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x31c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.77083`
MD5	`8e053ee36376090100ed1d8f92f63dd1`
SHA1	`fed28d54cb43748e8cc9494bd8d3e298de4371fc`
SHA256	`8561c427821b392f2a9d63805631c3ab6e3ec4e2ea79130c67143cbd08daeac5`
SHA3	`24396629b80329231469da5aac40ae36883b700def3c5638c22b03ebed469392`

224

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2f2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.76974`
MD5	`e478504caf386c18b115cfaf58b18e61`
SHA1	`ca89eac1add92536dbdc99562994a71ced4e96c0`
SHA256	`7b78e8775bda94a7234d5d0e287fc74a1bb2f057c0f32198bdc414ddfb51294d`
SHA3	`22b7b063d873fa9df6e556572446edbe69fa634af0c57f47e02204338ab641d6`

225

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x132`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.29449`
MD5	`8663d94cd4459397bb9a65fc1e2d86b0`
SHA1	`7e06f6b8bd1afc53279dd6dc88843482d3078f12`
SHA256	`6e1da0f40b0d3b71884740ee889bde1378edc782180bb96acc91ef8c6909af3c`
SHA3	`aa2c72777592f8f2db711ad54d43d1475fc8a88630dc95ff678320c73e371249`

7 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x536`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.84578`
MD5	`c741438c4d56948451d7cd0c5a96d5e6`
SHA1	`ec893f83ed8b52c5239f5789457d8d5596d3ab0a`
SHA256	`b71c8d4ae8dbcb0cfaa972ca236c4bc872505d4dbd80e99eff318de3bc47d34a`
SHA3	`22197bbe0ff9a2f1eac25f0f46b54f15917580f4ee57e768312ef6cda65e199e`

8 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x73a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.89845`
MD5	`6ed822f33c7a6a64e0fa8b9ca0c8c5eb`
SHA1	`d5894a85b4ddb78ec7f58f026838f52121aa8eb1`
SHA256	`619d938bc50735832066b26c45cccde50fa23dcc994cbc4af9a326f5de39ab8e`
SHA3	`fd80e40e34cddb68ebf88678183110c4f0fca46f0ef698b309fb3bed6aa5aba5`

9 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf0a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.95072`
MD5	`c0f03989fd084149b07ad8c17d89ef4e`
SHA1	`6190a7f8849efa0923057364895cc9044b970eff`
SHA256	`e06b6b5b1411e159359f11a9592d064d7f35d0e3704e0cec4cb3e51cd973bd40`
SHA3	`89bffd5dd76e27028f2e220dd07fbf8f5392e27fe0503775dedf2f9f9b912a2e`

10 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.20732`
MD5	`07414e6950a866b118f21df910724ab8`
SHA1	`8f414dd3e30f9aa64c8dc64374265eb1f541cf48`
SHA256	`95c71571b92699c7953128a9312087f93585fb60177fcc162a513f9aec676be4`
SHA3	`aab1a37fd60ad942fb629c74a6d1fabee07ef847e32d806d90924cdd2aa374da`

401

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79371`
Detected Filetype	Icon file
MD5	`b61d3d62db24ead37f8b156aaa033115`
SHA1	`bf6f38137ca8aae2c037e151ebe972378da60f11`
SHA256	`39dbb91831e6ebde6983341d30455301e1e3abd06edb5f7f9251132e5582919c`
SHA3	`c5b95d345fb3b6efa7be1e03f14d13f5421e570568f6fd9e5a40a2a13b32418b`

402

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.21713`
MD5	`28b0b454ce99174501beea394a8bba19`
SHA1	`76cd9df1327637d8d717a721ea299f96b73926c1`
SHA256	`8a3a60d2ac724f8f180010ac148bb68b06d88831ada1cc8daba0146b900bd21e`
SHA3	`0577d1e693f70ea7a7f6c3b74aa4e8a8ad2a9263aa62ff8f500814a36a6b9d3d`

403

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.07508`
MD5	`b9a3019fda0497b51e5e069c08914dbf`
SHA1	`15377eb246d6528d4099b5421db854f231bc1330`
SHA256	`45635a96aaf381882fbb6158ccefda03c4b5d4b15745ccbe193c54382ee4664f`
SHA3	`d3887f395df56521e8face885f823c5ae9aa10ae62a60f5999770dd692acaac3`

404

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x92`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.70675`
MD5	`ea90bd6227a4eae084b9e8b9a8daaaff`
SHA1	`ffe1b54d9afa4ca652001fb13912ee3ec83807a0`
SHA256	`a50a66c8fddb8028aac3ec8cbbf4b6def30a6ea1c5b1a01e722b6a2552cc9f6b`
SHA3	`acc96e0c9c501d371eac782e962571e3a337dcc952b9d9e2e3653a83307ec181`

405

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x92`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.64342`
MD5	`b37e519d174d41c757a93ef23c70396e`
SHA1	`0e2dbeaaf616aa23c60637daa67b0071a6b3b0ce`
SHA256	`ef63f18b05a8dc9dc6e41e09641f9b820f116895fbbe47de7dd4cfea45005acc`
SHA3	`e4b271fa3e1095c276c7bddc5ea626b4f4b32d5c9b49fec213efa6617ef98475`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x78e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.05371`
MD5	`76421e71482794c0a332b8bbd5da25a3`
SHA1	`8229a1945c0fc53fcc3717863d65b85b705f2b21`
SHA256	`1be7f470e8b2826011d1d65ca7248d98db12ea8af3ef9fb5c37dfe948d978f35`
SHA3	`64d9d83f8938aeec05438eed610e19a5867b98fa6285eb275031b7ae012bae36`

String Table contents

戭愹ⴵ㠴摦〵ㅡ愵愹≽㸯 †㰠愯灰楬慣楴湯ਾ†⼼潣灭瑡扩汩瑩㹹㰠獡癭㨳灡汰捩瑡潩⁮浸湬㩳獡癭㴳產湲猺档浥獡洭捩潲潳瑦挭浯愺浳瘮∳ਾ††愼浳㍶眺湩潤獷敓瑴湩獧砠汭獮∽瑨灴⼺猯档浥獡洮捩潲潳瑦挮浯匯䥍㈯〰⼵楗摮睯即瑥楴杮≳ਾ†††搼楰睁牡㹥牴敵⼼灤䅩慷敲ਾ††⼼獡癭㨳楷摮睯即瑥楴杮㹳㰠愯浳㍶愺灰楬慣楴湯ਾ⼼獡敳扭祬ਾϔNˬNϡN˼NϮŇNϸN̜NЅN̈́NАN͔NКNͤNФNʹNЮN΄NкNΔNцNΤNёNδNѝNτNѨNѲN҂NҬNҎNҜNҺNӊNӐNӖNӦNӶNԆNԐNԘNԨN䑁䅖䥐㈳搮汬䌀䵏呃㍌⸲汤l䑇㍉⸲汤l䕋乒䱅㈳䐮䱌洀癳牣⹴汤l瑮汤⹬汤l汯㍥⸲汤l卐偁⹉䱄L䡓䱅㍌⸲汤l䡓坌偁⹉汤l单剅㈳搮汬圀义义呅搮汬圀㉓㍟⸲汤l牆敥楓d牐灯牥祴桓敥䅴敓䉴䍫汯牯硅瑩牐捯獥s敇側潲䅣摤敲獳潌摡楌牢牡䅹楖瑲慵偬潲整瑣硥瑩瑡楯潃湉瑩慩楬敺硅湅浵牐捯獥敳s桓汥䕬數畣整A瑓卲牴䅉敇䑴C湉整湲瑥灏湥A敳摮Lꛈꛐꛘꛠ꛸Lꛈꛐꛘꛠ꛸朮畮摟扥杵楬歮

Version Info

TLS Callbacks

StartAddressOfRawData	`0x8cf6f0`
EndAddressOfRawData	`0x8cf6f8`
AddressOfIndex	`0x79e59c`
AddressOfCallbacks	`0x8cf6f8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`0x00000000008CF6A2`

Load Configuration

RICH Header

Errors

[*] Warning: IMAGE_EXPORT_DIRECTORY field Characteristics is reserved and should be 0!
[!] Error: Could not read the exported DLL name.
[*] Warning: Section UPX0 has a size of 0!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Resource 402 is empty!
[*] Warning: Resource 403 is empty!
[*] Warning: Resource 404 is empty!
[*] Warning: Resource 405 is empty!