Manalyze report for 0eed6a270c65ab473f149b8b13c46c68

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2021-Mar-16 23:53:01
Detected languages	English - United States
CompanyName	Microsoft Corporation
FileDescription	Microsoft Direct3D
FileVersion	`9.23.949.2378`
InternalName	D3DX10.dll
LegalCopyright	Copyright © Microsoft Corp. 1994-2007
OriginalFilename	D3DX10.dll
ProductName	Microsoft® DirectX for Windows®
ProductVersion	`9.23.949.2378`

Plugin Output

Suspicious	The PE is possibly packed.	`Section .text is both writable and executable.`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: LoadLibraryExW LoadLibraryA GetProcAddress`
Malicious	The PE's digital signature is invalid.	`Signer: Kaspersky Lab` `Issuer: VeriSign Class 3 Code Signing 2009-2 CA` `The file was modified after it was signed.`
Malicious	VirusTotal score: 58/67 (Scanned on 2022-01-10 12:43:44)	`Bkav: W32.AIDetect.malware2` `Lionic: Trojan.Win32.Shiz.lmYV` `Elastic: malicious (high confidence)` `Cynet: Malicious (score: 99)` `ALYac: Trojan.Ransom.Ryuk` `Cylance: Unsafe` `Zillya: Trojan.Generic.Win32.1381288` `Sangfor: Trojan.Win32.Generic.ky` `K7AntiVirus: Trojan ( 0057a1ad1 )` `BitDefender: Gen:Variant.Razy.852916` `K7GW: Trojan ( 0057a1ad1 )` `Cybereason: malicious.70c65a` `VirIT: Ransom.Win32.Ryuk.DAX` `Symantec: Downloader` `ESET-NOD32: a variant of Win32/Kryptik.HKDT` `APEX: Malicious` `Paloalto: generic.ml` `Kaspersky: HEUR:Trojan.Win32.Generic` `Alibaba: Ransom:Win32/Ryuk.ali1020007` `NANO-Antivirus: Trojan.Win32.Packed2.irircx` `ViRobot: Trojan.Win32.RyukRansom.270848` `MicroWorld-eScan: Gen:Variant.Razy.852916` `Avast: Win32:Malware-gen` `Tencent: Malware.Win32.Gencirc.11bbd64d` `Ad-Aware: Gen:Variant.Razy.852916` `Emsisoft: Gen:Variant.Razy.852916 (B)` `Comodo: Malware@#18mxhjovdjpmd` `DrWeb: Trojan.Packed2.42920` `VIPRE: Trojan.Win32.Generic!BT` `TrendMicro: Ransom.Win32.RYUK.FAIMDEW` `McAfee-GW-Edition: RDN/Ransom` `FireEye: Generic.mg.0eed6a270c65ab47` `Sophos: Mal/Generic-S` `Ikarus: Trojan-Spy.Win32.CoinStealer` `GData: Gen:Variant.Razy.852916` `Jiangmin: Trojan.Generic.guufx` `Webroot: W32.Gen.BT` `Avira: TR/Crypt.XPACK.Gen` `Antiy-AVL: Trojan/Generic.ASMalwS.32045A9` `Gridinsoft: Ransom.Win32.Wacatac.oa!s1` `Arcabit: Trojan.Razy.DD03B4` `Microsoft: Ransom:Win32/Sodinokibi.AD!MTB` `TACHYON: Ransom/W32.Ryuk.279664` `AhnLab-V3: Trojan/Win.Dridex.C4384280` `McAfee: RDN/Ransom` `MAX: malware (ai score=100)` `VBA32: BScope.P2P-Worm.Palevo` `Malwarebytes: Ransom.Ryuk` `TrendMicro-HouseCall: Ransom.Win32.RYUK.FAIMDEW` `Rising: Trojan.Kryptik!8.8 (CLOUD)` `Yandex: Trojan.Agent!BT5vXCIL8d0` `SentinelOne: Static AI - Malicious PE` `MaxSecure: Trojan.Malware.7164915.susgen` `Fortinet: W32/Generic!tr` `BitDefenderTheta: Gen:NN.ZexaE.34114.rq2@aycKqtgi` `AVG: Win32:Malware-gen` `Panda: Trj/GdSda.A` `CrowdStrike: win/malicious_confidence_100% (W)`

Hashes

MD5	`0eed6a270c65ab473f149b8b13c46c68`
SHA1	`bffb380ef3952770464823d55d0f4dfa6ab0b8df`
SHA256	`7faeb64c50cd15d036ca259a047d6c62ed491fff3729433fefba0b02c059d5ed`
SHA3	`9ca85e53ad3cedbd31d6870eefc59b14c128f8db5481a77c5bb6da0967363f48`
SSDeep	`3072:n/YRw64GUbH9dpWYEFq5hY9e1Z36NS31gs03ApyCb6DnE/PdrfS6sOK5hI+z7XI:Qa6owYEFq5hY9aqNS1y4/PdzS+s64I`
Imports Hash	`486ce563ebcda011bada80d689878d7b`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2021-Mar-16 23:53:01
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`1.0`
SizeOfCode	`0x2bc00`
SizeOfInitializedData	`0x41200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0002C923 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x1000`
ImageBase	`0x35000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x60000`
SizeOfHeaders	`0x1000`
Checksum	`0x45ba9`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`9f56957aa1a0f21a9ebd71186724c8d8`
SHA1	`2c22e27f08744cfd5aa7bc3894d659f2f4624832`
SHA256	`ee1f5e6360f69008840cebb4a0ce0154d195cb887941710cb8430e44b6a7e07f`
SHA3	`1793474bcb3e46e2cb7a226abdd2c73e5eeef3f656bc2fbba44dfee9954bf768`
VirtualSize	`0x39e69`
VirtualAddress	`0x1000`
SizeOfRawData	`0x2bc00`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.84594`

.rdata

MD5	`fcbedb56fc3fa27effc4fa704e27f6ac`
SHA1	`810a94fbf78021b637e3b3ae11c9eb2797497f48`
SHA256	`b7301a921dbd564c59158b41f09852d72018b7069e3d7370462f56e1ba6ab4b4`
SHA3	`ce80132c276a5246dcedd310da009c5d4537fe2d7062c72b0cc657dd86c041db`
VirtualSize	`0xdc`
VirtualAddress	`0x3b000`
SizeOfRawData	`0x200`
PointerToRawData	`0x2cc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.02424`

.data

MD5	`35dbf0d61c94de203636d6045265ac29`
SHA1	`0edcf5564e15d204fce307e75cbd6140ca460b75`
SHA256	`827c1bd34185befe45003036f8975817f84b7d1d601997b8c57931d2ef6c708e`
SHA3	`e000483c5ca0da48ab11917ad35b33ef9c83b844812d60866c43e0a075c868d7`
VirtualSize	`0x16a41`
VirtualAddress	`0x3c000`
SizeOfRawData	`0x8800`
PointerToRawData	`0x2ce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.46173`

.rsrc

MD5	`e6e746396a44547af88a7a8490138767`
SHA1	`ff1b0771c76063c73de4d11ad88ae73cec2fdac5`
SHA256	`8d95d5cc6c462c6319c4a8113d3e2e201f66e6775ab159cfe554af4dd5f28181`
SHA3	`426151179d586b702fb10e306904155f7a519bb00bb13bed1764b437abc3998a`
VirtualSize	`0xca55`
VirtualAddress	`0x53000`
SizeOfRawData	`0xcc00`
PointerToRawData	`0x35600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.94005`

Imports

catsrv.dll	`DllUnregisterServer`
kernel32.dll	`IsProcessorFeaturePresent` `GlobalUnlock` `GetUserDefaultUILanguage` `GetCurrentProcess` `QueryPerformanceCounter` `GetFileAttributesW` `LoadLibraryExW` `CloseHandle` `InitializeCriticalSectionAndSpinCount` `InitializeSListHead` `GetCurrentThreadId` `LoadLibraryA` `TerminateProcess` `CreateEventW` `GetModuleHandleW` `GetProcAddress` `SetUnhandledExceptionFilter` `VirtualProtectEx` `UnhandledExceptionFilter` `GlobalAlloc` `GlobalLock` `DeleteCriticalSection` `IsDebuggerPresent` `GetModuleFileNameW` `GetCurrentProcessId` `GetLastError` `OutputDebugStringW` `GetStartupInfoW`
msident.dll	`DllGetClassObject`
ole32.dll	`CoUninitialize` `CoInitialize` `CoCreateGuid`
rpcrt4.dll	`UuidCreate`
user32.dll	`CloseClipboard` `EnableWindow` `DrawIcon` `IsIconic` `EmptyClipboard` `OpenClipboard` `GetClientRect` `SendMessageW` `GetSystemMenu` `GetParent` `GetForegroundWindow` `SetClipboardData` `LoadIconW` `AppendMenuW` `GetSystemMetrics`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44087`
MD5	`f85456b1db1a4676975fdeed9e051c89`
SHA1	`83577e81ac1a571c717b05d7413858939abb5bf0`
SHA256	`34c83c400983494b13975a767dbfb3e555352bfa3f225c98ca3d3bd96913b8ac`
SHA3	`041264eada2a0fb1711533c97d70761804838694236e2a7f476e6efcad83ed75`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.72297`
MD5	`2b0a9c89dacfdfdecf9115d80c23fa2a`
SHA1	`16ab4eb3d474d495d67687e5f0a2e622557edebf`
SHA256	`f270bc698310ce48f0afe1033f59208a264628d9e98e3e75a6f7ca32e9199cd5`
SHA3	`7e3c63ccc0be3d54e87dc1278ae543c328459711eeef242edcd73047ae2fc636`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44924`
MD5	`586a5d89de59f3df1e52161ca17e8a67`
SHA1	`f90fd41dfd3f1284fa173d3179fb099ecbc36e26`
SHA256	`d135bc044cd8fd1a3837de0c1801e675e51b6908d67abec231e30169876b7fa8`
SHA3	`812445680915a3ca784484a8510d86697788f223eac05c23402540e6ba2da6f8`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.73627`
MD5	`54a76ea3da82fac963e0dbbee291b097`
SHA1	`8c685deb5d10cb0a1399848d2148fc354554f0b5`
SHA256	`043a0c179a77d0d4f9841050603cd3ad4646cb501f2ada11465b862650c68ffb`
SHA3	`b30db39e9b443f85452859767f1ef41383e63f45f06de6207944a1996990f042`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.22044`
MD5	`ff263d8a4df0459257d7cd4de6782916`
SHA1	`e77c17c47d7c1e56498e0657f5111e92387bae48`
SHA256	`8f88f3806dbf13f717658eb9e8c47f0e01b8d242201e5803b17d03dc89e9476e`
SHA3	`cba85674383279563ae32f9b5d3534affaa7af236ea5eb0ecd4e7693c93f116d`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.93173`
MD5	`8476a6450f8b6f4f04a102dfb2f0b376`
SHA1	`d1dbcf7766969525a770eaafafabe2e615761cd9`
SHA256	`27016074cb8787878144d9e833fb4e92435cdd18aa24a68d41f0df20f405eed0`
SHA3	`44c76fd774c32c013dc1cfbd944a01a602bf9f78e7d4bd971809576ca5abd271`

7

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26075`
MD5	`e65ff56181f11c48def4bb1cd75e038b`
SHA1	`5d1b3790f7dfc5d292c98336c9aa160875465bdd`
SHA256	`8fb398bc5488c80e0897d57eade909841b4d9004fab853642becb8a0da94a529`
SHA3	`276c7d4f4103360634d1da5d101c606cadaf393f92530dc41f96f0a4fe4882e0`

8

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87921`
MD5	`ae66c97b9f789e991b8294057ded6a2a`
SHA1	`09f92b96b0785592760a8df2be3c9f7bb19e31aa`
SHA256	`53316d2e208a0acbda4325d338ca6f97c681b7a9241530d67f6ff9b3bdd5f30f`
SHA3	`0ba9f246af5338c27816e6405aa0291cabde33b32b4b58d2397cad2abfd78127`

9

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91193`
MD5	`52c980602d95391c1e5e3b3254522b92`
SHA1	`2d3099b6875fb023755307c89bf1c859fc3772c1`
SHA256	`7bdc353a2c26c86317ab65dd38542e9e9b4cebe28db3331947a495020ed0d10d`
SHA3	`b6ff41a3b4225fad92f308368dbbe59220e3abc6b4de61c5c365500fb39ba74f`

10

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.13539`
MD5	`3466b4e109137fed1fa096f25ae18e54`
SHA1	`f05a1fad772aed85e9b4ca11d44c84a4ad1dbe57`
SHA256	`880cbc1d876fd83c68d9cf3396357e297bcbf4e4900b7fabf1f94b8ab37e83c2`
SHA3	`780adb81c9b9e7ff271038106c8c5ba124a1c12bc61518f5314cf2238eee1761`

11

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.92564`
MD5	`1d028137594f45c41ffc3e088a98af46`
SHA1	`9a8993444ece4343f65a29d4d6573506562e04e9`
SHA256	`92cccbbd772d8bce3272195f776d4687e718593303fce3a043a56e8cb3aaf42b`
SHA3	`879d24cba0f497e53a8793dd40890b5b5a2846b345ff613d27357768af77984f`

12

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.11668`
MD5	`1eff4bc2ff9b8dd4f4eeecedaadefe22`
SHA1	`6be171c90bc836f9db890bfc9e3f5a2ecd85e33e`
SHA256	`b6dc3a34dc77888fbb1e0d71c666636abd5467b5fe1c54084e6d92cc48721100`
SHA3	`211f09aadf5cdc8bf13b240e5c70bf2694657f573e855f3cdb97b930c08bdba4`

13

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.88276`
MD5	`e3ad2d526db3f342652074ebcfd6b60d`
SHA1	`22d5cb56948d51db0c3c242659cad8edc661c04a`
SHA256	`946e1ef175406a06e8f53b3841590d6f403cb03965812c03daebe647a37c4404`
SHA3	`2023ec973309e7bf9afcaa3b14f3c65158c8bd45a1daff50216f71018f45a15d`

1 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.5789`
Detected Filetype	Icon file
MD5	`0ff22963979a69ff909f1ce95a705681`
SHA1	`ed9c287aa8d5d049a6e6841ce03cd4cfbd640d74`
SHA256	`5229ebc9de78c7349a3eace7cdc13219d7da7d66bd1006e5fc494ff29b48f6e2`
SHA3	`e095232b59feedbc19f3f0ab50ce0cc03df1016330a748208b07445b53eaf031`

2 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.71664`
Detected Filetype	Icon file
MD5	`dd5f246fd7b5f696cc10dee0fb0bf53f`
SHA1	`3817c51c852058a4947d0ef97de73dfafb7fbfd4`
SHA256	`448ed5bb6c905a777ba1ed35d92db654bb2e2045ed7fcefab5663ac5d3a2f3d4`
SHA3	`d04e17299a5f14478626a34b9cedf3399e070dd8f8f612459b87855db36d6a81`

3 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.71664`
Detected Filetype	Icon file
MD5	`3b43ea6c452fd778f894dda254b9c0d0`
SHA1	`ff4339a36daa74dc1357676eb60f5408861decf7`
SHA256	`9122527d2ffb3f505f1b1db5b624b1852cd5a45b6aa439726b3acf1a4e36849d`
SHA3	`f8080a46840f5297fb1b5c7bef91425101ae09f4bac2b40948746e35d388ee0a`

4 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.71664`
Detected Filetype	Icon file
MD5	`39ebdde08248cbcd41ee1a3ecace0ac7`
SHA1	`cfd6b28bf1abd93fefc7c6cede4f7b61c5807085`
SHA256	`8bde19ac83b492637cf3856b9f2449a9f7239ef94b30a5835b642f1d8ac77526`
SHA3	`775787d9457aeb4db80ea700ce92481af6895bcb5582063fb5f77fae3ddcde49`

5 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.71664`
Detected Filetype	Icon file
MD5	`b2413e9387efad7e220e2bac480c0874`
SHA1	`47068d15b5c011e601b0c555b6bfb45c7440713f`
SHA256	`5bfec5c5dd4b0e97fca4eaacc0a6288080932cd2c434bc9300b1e804a2306cd0`
SHA3	`49e9522f2d8eea68482d42560f2e00c2e292fb8578dfd2649230beb91166d062`

6 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.69546`
Detected Filetype	Icon file
MD5	`1d0db6f38c5e0d65420f2c004a4564c7`
SHA1	`74e34a89ca9eb16123375c64d00b6898a68873a7`
SHA256	`ccd79817ea0016d1eed7b09cc71743581fa2a6c0a20bd091d4f3985ab70d4c9a`
SHA3	`c23c4e3bed31d977239e8f4b1e17738104584d6536fa62e9722339d0377681f5`

7 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.97095`
Detected Filetype	Icon file
MD5	`e7d510a17c0ced90075f201f11918503`
SHA1	`ff831cf1ce68fe8c1a12c35dc42d753b253f4fcc`
SHA256	`737e1235dc2f336b033de3466162855c002f201892c271c20c37c8c4eea260af`
SHA3	`de62aaaaa124105bf781124b6491c1710cfb05f59425e242c42cd35282ae69ad`

8 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.97095`
Detected Filetype	Icon file
MD5	`db108e75e22cef038a8cd9ce3caa6476`
SHA1	`ba0267beb19e7b8ed9a830d1517c47bb0b0fdc3e`
SHA256	`75b11c64017bdd55697d80611bfead2df77eb1b26f1c7f8bf84dbe9b9fed1e04`
SHA3	`abb3c446240352f99ce83e713626fe0c872acdae6b2760da4ddccf4693854cc9`

9 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`e0174ef5c8fccd4a4d45abd3504e0ec6`
SHA1	`5938b0aa15911d87802464702890615b3e4525cf`
SHA256	`56caa9da391ca0d9b44e55063ce13e183bf02cf7e5ea4810e7ffa0764277ae04`
SHA3	`d1184890970ddf5b0e5c31b397a81b16c1e87a56c53182b7e0bc12672264bfec`

10 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`3e653ab5177652cde09fd544ac39ccda`
SHA1	`cd52ccc781f4556d38f8ca74c3be90d3bde9c6a3`
SHA256	`677af26d01d600980e6e635c9a7c8425094a12c15341f651126de4b543738ad3`
SHA3	`5e975b87315f13927af1689447fda41573d8b91e5748db6e15ac357f91dd0ecc`

11 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.94375`
Detected Filetype	Icon file
MD5	`0fc2479ec9f63429d0eada23255e25d6`
SHA1	`bdce55613f187ba19018162d6f1eefc7a01f0482`
SHA256	`32bdba27a87605ae884415e124dc1dca4c0ce722af5ab5b826a40bc029d0ae2b`
SHA3	`40ccd041e07d87362876df580446cefe613a4729679a859e32341946a65b383e`

12 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`908238d3c7cbb3412431a2dcddd81af4`
SHA1	`007d2ce5571099ce2fd78a1e3f267c69b72ae8b8`
SHA256	`c3cd0df33c3164081fa612b6f709a12fb9d00bbe3cc999cd5164fb01a9cf6eea`
SHA3	`50cfcec612896dc26d0c822ad5ea12240f75193db39f207330b59bca93f5cfb3`

13 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`5ab6dbfe92ad7e1796b2485ae73ead28`
SHA1	`cb37d89cf9caf98d64d9f419f338b5b43cbff0a4`
SHA256	`8c3fde3587fb44a776acb23ae9079e960996a54f3ae5644be338b3288186d59c`
SHA3	`b3cbd40351a2cff75e26048a5fe4a81e1d9cfd4ca268809d8288185b1d4bc729`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x33c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.55311`
MD5	`e83ce1a70e85d1ad84e53686157c129b`
SHA1	`f615e6e404915dee92dbc4b9fea0d79e64900b8e`
SHA256	`63a3b5f29a1d99cfa0df0a9ba0c1f90e0b270e633a702d55b15abbef7886d92a`
SHA3	`0388887e4bc36e685417a57ce6ad9528a8becd9137ba15b5fa25e34a0ea89b8b`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.81604`
MD5	`6b57c64e1d0a1415d952bebde8b7a232`
SHA1	`b8230899ebd9a2e8ee7f3b78b02abdb6dbb527d5`
SHA256	`9eae5017c42682debd9dec71f576fa07837e002f15ba6a3825df91dbcaaecccf`
SHA3	`66ba43d4526b40d007147d2719326d41f094653362c99b3f4bf7597bf1cb7a4d`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	9.23.949.2378
ProductVersion	9.23.949.2378
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS` `VOS_DOS_WINDOWS16` `VOS_DOS_WINDOWS32` `VOS_OS232` `VOS_OS232_PM32` `VOS_WINCE` `VOS__PM32` `VOS__WINDOWS16`
FileType	`VFT_DLL`
Language	English - United States
CompanyName	Microsoft Corporation
FileDescription	Microsoft Direct3D
FileVersion (#2)	9.23.949.2378
InternalName	D3DX10.dll
LegalCopyright	Copyright © Microsoft Corp. 1994-2007
OriginalFilename	D3DX10.dll
ProductName	Microsoft® DirectX for Windows®
ProductVersion (#2)	9.23.949.2378

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

0eed6a270c65ab473f149b8b13c46c68

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

10

11

12

13

1 (#2)

2 (#2)

3 (#2)

4 (#2)

5 (#2)

6 (#2)

7 (#2)

8 (#2)

9 (#2)

10 (#2)

11 (#2)

12 (#2)

13 (#2)

1 (#3)

1 (#4)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors