Manalyze report for 0faa9dbdbb40aafb95e1c8068f8d70e5

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2021-Oct-07 00:07:02
Detected languages	English - United States
TLS Callbacks	4 callback(s) detected.
Debug artifacts	chrome.exe.pdb
CompanyName	Google LLC
FileDescription	Google Chrome
FileVersion	`94.0.4606.81`
InternalName	chrome_exe
LegalCopyright	Copyright 2021 Google LLC. All rights reserved.
OriginalFilename	chrome.exe
ProductName	Google Chrome
ProductVersion	`94.0.4606.81`
CompanyShortName	Google
ProductShortName	Chrome
LastChange	5a03c5f1033171d5ee1671d219a59e29cf75e054-refs/branch-heads/4606@{#1320}
Official Build	1

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: rundll32.exe` `Contains references to internet browsers: chrome.exe` `Contains domain names: blink.net chromium.org crashpad.chromium.org crbug.com https://crashpad.chromium.org https://crashpad.chromium.org/ https://crashpad.chromium.org/bug/new openssl.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to RC5 or RC6`
Suspicious	The PE is possibly packed.	`Unusual section name found: .retplne` `Unusual section name found: CPADinfo`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExA LoadLibraryExW LoadLibraryW` `Code injection capabilities: CreateRemoteThread OpenProcess VirtualAlloc VirtualAllocEx WriteProcessMemory` `Code injection capabilities (mapping injection): CreateFileMappingW CreateRemoteThread MapViewOfFile` `Can access the registry: RegCloseKey RegCreateKeyExW RegDeleteValueW RegOpenKeyExW RegQueryValueExW RegSetValueExW` `Possibly launches other programs: CreateProcessW CreateProcessAsUserW` `Can create temporary files: CreateFileW GetTempPathW` `Memory manipulation functions often used by packers: VirtualAlloc VirtualAllocEx VirtualProtect VirtualProtectEx` `Functions related to the privilege level: DuplicateToken DuplicateTokenEx OpenProcessToken` `Enumerates local disk drives: GetDriveTypeW` `Manipulates other processes: OpenProcess ReadProcessMemory WriteProcessMemory` `Changes object ACLs: SetKernelObjectSecurity SetSecurityInfo`
Info	The PE is digitally signed.	`Signer: Google LLC` `Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1`
Safe	VirusTotal score: 0/66 (Scanned on 2021-10-13 13:13:49)	`All the AVs think this file is safe.`

Hashes

MD5	`0faa9dbdbb40aafb95e1c8068f8d70e5`
SHA1	`a95bd4258eecf9c37d68592a8c0e589b98d5600b`
SHA256	`75cdfe546f80ad27ed7f19624e2107209f937e9d94f195de522a2588106d9533`
SHA3	`8ff5e52cb3c4d285086eeb0102b98e1ae4b28351a6cf11461528dc82879d0e0e`
SSDeep	`49152:9gyJCHd/FnfkyqAQsGcLIjDrgRWSWV+vBZsBIalTNb:KkCHdNhB9WS6F`
Imports Hash	`814365dfb884f01733dd859a7b226851`

DOS Header

e_magic	`MZ`
e_cblp	`0x78`
e_cp	`0x1`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0`
e_ss	`0`
e_sp	`0`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x78`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`11`
TimeDateStamp	2021-Oct-07 00:07:02
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x1b5200`
SizeOfInitializedData	`0xad400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000113A00 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.2`
ImageVersion	`0.0`
SubsystemVersion	`5.2`
Win32VersionValue	`0`
SizeOfImage	`0x273000`
SizeOfHeaders	`0x400`
Checksum	`0x26aac8`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x800000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`63309a9c5e8cb910770fe3fb539e5990`
SHA1	`9ef5327f39658f748b6522d8359afbde82185406`
SHA256	`4d4a560a240858e7f48a52761a7e23f4edaff9d0951665c4ca24cca3d1bb456e`
SHA3	`62b70044b282ea06227b6d653c176e4da91c68a643e64f7a1bb6d05df0c89bb5`
VirtualSize	`0x1b50bc`
VirtualAddress	`0x1000`
SizeOfRawData	`0x1b5200`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.57459`

.rdata

MD5	`49e60cfc7cfb07ba8f5859a45b0d27cb`
SHA1	`56b720ca5cd3552c657a1d7ccb1fac8de05b3277`
SHA256	`9a8f4120115f3b348234765258ce1d1bf7c44a4b1892efd92f500b78a96970a7`
SHA3	`191043e9bd50c6328fa48daccd1c6894bed9333f070d265cf6b6b4b7be2682bb`
VirtualSize	`0x54284`
VirtualAddress	`0x1b7000`
SizeOfRawData	`0x54400`
PointerToRawData	`0x1b5600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.52399`

.data

MD5	`2113df536bd4591951e8c3a23f09856a`
SHA1	`65c3631952a85a0f6c6f8ae7ea11ab123a7a0b6b`
SHA256	`bfbb244d8958aac3e9b02b8f3f5618876f8b8a7e7e1775cb1fa49a7b0140ac7b`
SHA3	`ac683eda160c797c37d41f29f894d807bb245eaabf360d86df077e9bf2c320a2`
VirtualSize	`0xee94`
VirtualAddress	`0x20c000`
SizeOfRawData	`0x7a00`
PointerToRawData	`0x209a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.51544`

.pdata

MD5	`d13f169021d72dda847a7d5d1ab67285`
SHA1	`69df98bb40253e195c398506136f542edbf4c94d`
SHA256	`d27a834fc6f60589448baf2c69d43257708544ef42c5d9a4fb9d3848e32b902a`
SHA3	`a64d68a2a3fa7b5c9eac9546cd7372bd73cefb6d3034d619cf8b2fa9f8c14787`
VirtualSize	`0xd2fc`
VirtualAddress	`0x21b000`
SizeOfRawData	`0xd400`
PointerToRawData	`0x211400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.97872`

.00cfg

MD5	`b1ffadde3df0662f9be1db48124a8ae3`
SHA1	`69096a7f13c21da95a91ba827758fd5271fcda4d`
SHA256	`f5e68e474227ec4a9910848103f1d513f1d4c72be093ffcf36dc9710260c5fb1`
SHA3	`d8956d92407e012476758f670da156a91f7fd520c2abe85437862aa8876c498e`
VirtualSize	`0x28`
VirtualAddress	`0x229000`
SizeOfRawData	`0x200`
PointerToRawData	`0x21e800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.416799`

.retplne

MD5	`2523f52e128493f3a56e9683bde9244c`
SHA1	`21df0ce1680e2da084fc7c9c1a1e3293cdeffb7b`
SHA256	`8640c1a8e55aa5343647304cbc0f74a77371e89c1ab227cba3b0db8e62cbf9a3`
SHA3	`7bfcc8700a880c6147f1f0d1ba8206797120314c604980d5270b5974c66dc1b1`
VirtualSize	`0x18`
VirtualAddress	`0x22a000`
SizeOfRawData	`0x200`
PointerToRawData	`0x21ea00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`(EMPTY)`
Entropy	`0.396577`

.tls

MD5	`9aa06f145d2598570c21005b86668587`
SHA1	`e7cc2f443a1d646aa3f4dd09d86959829da6bf8f`
SHA256	`242e9d6b75f9ac087844f012a8eed9e25d594be3d89be03d78eb28da270cf8a2`
SHA3	`0f93ba53c83470880a1b31ba203111368429f9a9fbad807c09541351f8206ce6`
VirtualSize	`0x139`
VirtualAddress	`0x22b000`
SizeOfRawData	`0x200`
PointerToRawData	`0x21ec00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.136464`

CPADinfo

MD5	`60d3ea61d541c9be2e845d2787fb9574`
SHA1	`a314e912df98dd680cdb9679390177a970ee9ac8`
SHA256	`911d1a12eca8935990172cfcd6768f9c6351ed94b700833b2cf0cf457a1d752d`
SHA3	`44f366ded1e40e29d2543686d5e4f2fc6daf379b056e4f94af32c16e9f6b2205`
VirtualSize	`0x38`
VirtualAddress	`0x22c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x21ee00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.122276`

_RDATA

MD5	`4b3fad003c3b284fc509d52442b5956d`
SHA1	`4cb7ed5d3648b6a50fe9f1c56905832ef136444c`
SHA256	`bd4c14f5737b0c6067dfb43b6d7080f3dbf6fbc5e0d77ab4060973460a951a8c`
SHA3	`9105d0e5c6665d5b23821b077e8813e1aec4df7276b9cda31fe07820a0daf2f4`
VirtualSize	`0x94`
VirtualAddress	`0x22d000`
SizeOfRawData	`0x200`
PointerToRawData	`0x21f000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.4311`

.rsrc

MD5	`365fa450fd5f5379f2af0c64d8f54122`
SHA1	`ebb91fba5da7662b1882e714ceb479e81b8098fa`
SHA256	`d144d8d0a12f2ca05a07f5c81f936a8c78af772c30a8305bf6ec2a6bcc60bd60`
SHA3	`5ba4e5e69d4a69d32f26a4a6173b76448bcf6a74cbef9337910bfb921485cc1c`
VirtualSize	`0x41330`
VirtualAddress	`0x22e000`
SizeOfRawData	`0x41400`
PointerToRawData	`0x21f200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.73106`

.reloc

MD5	`84e5498b2f8b5a3fcd16412c86d93899`
SHA1	`9756180f906e9e9e925950b06c321ad5a4737440`
SHA256	`fc5d2a2284265e2b9205e73065772cc563f1ac7fa62bc85a33519b79672b6d2b`
SHA3	`ebacafaff04ee8fe7d75407bba4936d221633235a18e159160d3317c8cdc9e6d`
VirtualSize	`0x240c`
VirtualAddress	`0x270000`
SizeOfRawData	`0x2600`
PointerToRawData	`0x260600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.38098`

Imports

chrome_elf.dll	`GetInstallDetailsPayload` `IsBrowserProcess` `SignalChromeElf` `SignalInitializeCrashReporting`
KERNEL32.dll	`AcquireSRWLockExclusive` `AssignProcessToJobObject` `CloseHandle` `CompareStringW` `ConnectNamedPipe` `CreateDirectoryW` `CreateEventW` `CreateFileMappingW` `CreateFileW` `CreateIoCompletionPort` `CreateJobObjectW` `CreateMutexW` `CreateNamedPipeW` `CreateProcessW` `CreateRemoteThread` `CreateSemaphoreW` `CreateThread` `DebugBreak` `DeleteCriticalSection` `DeleteFileW` `DeleteProcThreadAttributeList` `DisconnectNamedPipe` `DuplicateHandle` `EncodePointer` `EnterCriticalSection` `EnumSystemLocalesEx` `EnumSystemLocalesW` `ExitProcess` `ExitThread` `ExpandEnvironmentStringsW` `FileTimeToSystemTime` `FindClose` `FindFirstFileExW` `FindNextFileW` `FlsAlloc` `FlsSetValue` `FlushFileBuffers` `FlushViewOfFile` `FormatMessageA` `FreeEnvironmentStringsW` `FreeLibrary` `FreeLibraryAndExitThread` `GetACP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `GetComputerNameExW` `GetConsoleMode` `GetConsoleOutputCP` `GetCurrentDirectoryW` `GetCurrentProcess` `GetCurrentProcessId` `GetCurrentProcessorNumber` `GetCurrentThread` `GetCurrentThreadId` `GetDateFormatW` `GetDriveTypeW` `GetEnvironmentStringsW` `GetExitCodeProcess` `GetFileAttributesW` `GetFileInformationByHandle` `GetFileInformationByHandleEx` `GetFileSizeEx` `GetFileTime` `GetFileType` `GetFullPathNameW` `GetLastError` `GetLocalTime` `GetLocaleInfoW` `GetLongPathNameW` `GetModuleFileNameW` `GetModuleHandleA` `GetModuleHandleExW` `GetModuleHandleW` `GetNativeSystemInfo` `GetOEMCP` `GetProcAddress` `GetProcessHandleCount` `GetProcessHeap` `GetProcessHeaps` `GetProcessId` `GetProcessTimes` `GetProductInfo` `GetQueuedCompletionStatus` `GetStartupInfoW` `GetStdHandle` `GetStringTypeW` `GetSystemDefaultLCID` `GetSystemDirectoryW` `GetSystemInfo` `GetSystemTimeAsFileTime` `GetTempPathW` `GetThreadContext` `GetThreadId` `GetThreadLocale` `GetThreadPriority` `GetTickCount` `GetTimeFormatW` `GetTimeZoneInformation` `GetUserDefaultLCID` `GetUserDefaultLangID` `GetUserDefaultLocaleName` `GetVersion` `GetVersionExW` `GetWindowsDirectoryW` `HeapDestroy` `HeapSetInformation` `InitOnceExecuteOnce` `InitializeCriticalSection` `InitializeCriticalSectionAndSpinCount` `InitializeProcThreadAttributeList` `InitializeSListHead` `IsDebuggerPresent` `IsProcessorFeaturePresent` `IsValidCodePage` `IsValidLocale` `IsWow64Process` `K32GetPerformanceInfo` `K32GetProcessMemoryInfo` `K32QueryWorkingSetEx` `LCMapStringW` `LeaveCriticalSection` `LoadLibraryExA` `LoadLibraryExW` `LoadLibraryW` `LocalFree` `LockFileEx` `MapViewOfFile` `MoveFileW` `MultiByteToWideChar` `OpenProcess` `OutputDebugStringA` `PeekNamedPipe` `PostQueuedCompletionStatus` `ProcessIdToSessionId` `QueryDosDeviceW` `QueryInformationJobObject` `QueryPerformanceCounter` `QueryPerformanceFrequency` `QueryThreadCycleTime` `RaiseException` `ReadConsoleW` `ReadFile` `ReadProcessMemory` `RegisterWaitForSingleObject` `ReleaseSRWLockExclusive` `ReleaseSemaphore` `RemoveDirectoryW` `ReplaceFileW` `ResetEvent` `ResumeThread` `RtlCaptureContext` `RtlCaptureStackBackTrace` `RtlLookupFunctionEntry` `RtlPcToFileHeader` `RtlUnwind` `RtlUnwindEx` `RtlVirtualUnwind` `SearchPathW` `SetConsoleCtrlHandler` `SetCurrentDirectoryW` `SetEndOfFile` `SetEnvironmentVariableW` `SetEvent` `SetFileAttributesW` `SetFilePointerEx` `SetHandleInformation` `SetInformationJobObject` `SetLastError` `SetNamedPipeHandleState` `SetProcessShutdownParameters` `SetStdHandle` `SetThreadAffinityMask` `SetThreadPriority` `SetUnhandledExceptionFilter` `SignalObjectAndWait` `Sleep` `SleepConditionVariableSRW` `SleepEx` `SuspendThread` `SystemTimeToTzSpecificLocalTime` `TerminateJobObject` `TerminateProcess` `TlsAlloc` `TlsFree` `TlsGetValue` `TlsSetValue` `TransactNamedPipe` `TryAcquireSRWLockExclusive` `UnhandledExceptionFilter` `UnlockFileEx` `UnmapViewOfFile` `UnregisterWait` `UnregisterWaitEx` `UpdateProcThreadAttribute` `VerSetConditionMask` `VerifyVersionInfoW` `VirtualAlloc` `VirtualAllocEx` `VirtualFree` `VirtualFreeEx` `VirtualProtect` `VirtualProtectEx` `VirtualQuery` `VirtualQueryEx` `WaitForMultipleObjects` `WaitForSingleObject` `WaitForSingleObjectEx` `WaitNamedPipeW` `WakeAllConditionVariable` `WakeConditionVariable` `WideCharToMultiByte` `Wow64GetThreadContext` `WriteConsoleW` `WriteFile` `WriteProcessMemory` `lstrlenW`
VERSION.dll	`GetFileVersionInfoSizeW` `GetFileVersionInfoW` `VerQueryValueW`
ADVAPI32.dll (delay-loaded)	`AccessCheck` `BuildExplicitAccessWithNameW` `BuildSecurityDescriptorW` `ConvertSidToStringSidW` `ConvertStringSecurityDescriptorToSecurityDescriptorW` `ConvertStringSidToSidW` `CopySid` `CreateProcessAsUserW` `CreateRestrictedToken` `CreateWellKnownSid` `DuplicateToken` `DuplicateTokenEx` `EqualSid` `EventRegister` `EventUnregister` `EventWrite` `FreeSid` `GetAce` `GetKernelObjectSecurity` `GetLengthSid` `GetNamedSecurityInfoW` `GetSecurityDescriptorSacl` `GetSecurityInfo` `GetSidSubAuthority` `GetTokenInformation` `ImpersonateLoggedOnUser` `ImpersonateNamedPipeClient` `InitializeSid` `IsValidSid` `LookupPrivilegeValueW` `MapGenericMask` `OpenProcessToken` `RegCloseKey` `RegCreateKeyExW` `RegDeleteValueW` `RegDisablePredefinedCache` `RegOpenKeyExW` `RegQueryValueExW` `RegSetValueExW` `RevertToSelf` `SetEntriesInAclW` `SetKernelObjectSecurity` `SetSecurityInfo` `SetThreadToken` `SetTokenInformation` `SystemFunction036`

Delayed Imports

Attributes	`0x1`
Name	`ADVAPI32.dll`
ModuleHandle	`0x213598`
DelayImportAddressTable	`0x2135e8`
DelayImportNameTable	`0x1fd170`
BoundDelayImportTable	`0`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

GetHandleVerifier

Ordinal	`1`
Address	`0x5d660`

GetMainTargetServices

Ordinal	`2`
Address	`0x146bd0`

GetPakFileHashes

Ordinal	`3`
Address	`0xac4c0`

IsSandboxedProcess

Ordinal	`4`
Address	`0xb0190`

1

Type	`GOOGLEUPDATEAPPLICATIONCOMMANDS`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.811278`
MD5	`4352d88a78aa39750bf70cd6f27bcaa5`
SHA1	`3c585604e87f855973731fea83e21fab9392d2fc`
SHA256	`67abdd721024f0ff4e0b3f4c2fc13bc5bad42d0b7851d456d88d203d15aaa450`
SHA3	`295cd1698c6ac5bd804a09e50f19f8549475e52db1c6ebd441ed0c7b256e1ddf`

1 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.83636`
MD5	`21e86632149118ddf1513af97ab326a4`
SHA1	`784e9b0d737edbbe2d42b987d8c879afcb847a02`
SHA256	`1613adec73ece8547aedf99b900b90a56a75b119aef6bb8a2abc74ba7d030d9f`
SHA3	`4f08cc3fda91586c7d248bf5f4d31c1d112da9810ddc804ea5759e52453d3964`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.38732`
MD5	`66d02c2cd3fdf2a2ea974f10f06be9e2`
SHA1	`a9a9277163cb12ca12e02d896ccef3dc04a12f2d`
SHA256	`c72008030d38a91f6fdd1cd94c0e87bdfb476daf98582e4e1c526fecb1bdc192`
SHA3	`d2452ae759a94907f8f0e136eca096e66456974ee320ff7466c86bda90bed581`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.85963`
MD5	`0fa99286225ab650ad2cbb9f1f30543a`
SHA1	`8194ddcba274f4754cfbd27fc59c6dc38dbe13dc`
SHA256	`8563e68e3edcfa8b005678e16c34e48d13fe1911b583f6b2568b72a9aa172857`
SHA3	`0d21ca180ebcd3f1ee6522793d238f7394ea9fa67fae27257f8429d42124ad46`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.94888`
MD5	`cce3458a8ede462bc68565a40b850d2a`
SHA1	`0c39e78875e80eafda54692624e02932f91c2597`
SHA256	`22ee761ee2ca1cfd5d8c905b7f469cead6d70f63c747ff6ee96b2d145d965321`
SHA3	`f0891c6cf887d9e765b0453dc21db694a5bcb3085c281cd2761485da3d1f9197`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.12819`
MD5	`49a59e4ed93451434e8e68fd1babadb3`
SHA1	`c8a4a6ae3c50d402362339a6d093bc0198b4d9b2`
SHA256	`775a14102c986291192a6092082449d1d1af13a8f47ff708bdf7ca5d00bf7da6`
SHA3	`94ffc16e26e6c46190a6b9c453a6eca6d54a1dcdb3025447a8b2e117adbe47ed`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.75663`
MD5	`20426e0ed02ef9b348665a2265f9b7f3`
SHA1	`9add3343edc634ba17cfcaf88d623ffcd916b7f3`
SHA256	`03f828832b0ed1b5a2dbef4e1377d5a2557fa95167272fa954aeed190e78fb72`
SHA3	`e08ae70399d3a3b767b39fdc170871e0b670a87bf178e72880ec150c0712613b`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x763d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97292`
Detected Filetype	PNG graphic file
MD5	`879084eb72bc336136393bcec02dcc4f`
SHA1	`d822b20a35cc2a5fe1901454a5387d079bc754ad`
SHA256	`35a240ac166c48bf47f535ea492d999d20c49fa22f102bea222988486ebefc67`
SHA3	`95a4dbb04071fccd3373f9f6e363c15d864d2f896dcbea8ffbcf8220b9c0f8e3`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01487`
MD5	`f8b00e298d51e0d6ae7dc037c8974128`
SHA1	`acc19ade1e742e1e2162c36daa6ecbaee98dc12a`
SHA256	`9bf1698e2de763035bf9fd261262cffd3e7b073eb9f093876d9af3cb01a8dbf2`
SHA3	`d4b18207616699516bc5616ba88038adf65b04085f0dadd0f0eb930f4d76eb68`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.09086`
MD5	`b9a254a091e61478ee6252009c2602c5`
SHA1	`a5fb256d1591ca4ccd0a433c69004cc45d4140c6`
SHA256	`34671a8ad7c8c8a1a985d3d91a58cdf94fe1fcdf8bdf21d333bd6dca9eec7600`
SHA3	`b6c15cb91cef01b6b7123e6d2056243ce7bb41a85278b9cab139fcb11005699d`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.94881`
MD5	`2749d82d4f866db7087d3e593a2a4341`
SHA1	`46f40b5929b953e5ecaee8174e1cd2464cf1cdda`
SHA256	`7ff9751bff7ffd2200d112c3390be850ab74ae40f0696ff78e1477facd8a8287`
SHA3	`55533f79c5a983f5d3bfb97c6e599032ff875b396b8d9023d4cbac79c2621265`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.41469`
MD5	`925590c64cd768dce462fdb25a5ce5eb`
SHA1	`d54f9193681e2a87ffd06d702199046e00a1ed36`
SHA256	`183ee8f87cb70f90e994bd8c524b42fc4b8e91c69645a237a9630708597088ca`
SHA3	`a751a014be61af39d8a30150ed2ba3ebaa288850fe44d6a9e635518eb575bd55`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.2485`
MD5	`7891d76f542aa3f41eca9ecda5c9eae8`
SHA1	`6e33828db3f41ea75c13544f68932ffc99ab218e`
SHA256	`ae29f86e34b99194e28d4e7054762f4a825b4c0b881115a753f46c2b050f8c9b`
SHA3	`9d173e1fd622d324836477c557b0fa0340766e6db8aaba58b153464d998f8fe9`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91524`
MD5	`0dd9468e44bae8120caa794783ea6dd5`
SHA1	`e614456737905bbcc8a8670da1ee71d1aaa2d612`
SHA256	`fe2e1c459274139888f901555a6d18b7b5dc5d1fcd77edf3fe7c420d2c09584a`
SHA3	`bb8e99bdc41b4d19f8f8b1a3230e0e97c82ce838164d5a18a0187c7831c9ccbd`

17

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4ad4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94381`
Detected Filetype	PNG graphic file
MD5	`52d92596cc04712f855022250d0326b3`
SHA1	`c6205683e0326067c3146901f7d71bc09af39803`
SHA256	`dc8c3e8b7df6124fcb52166675b758f06510ebfd2dc12338b2b964c998a612d8`
SHA3	`75ffedcee5c8323b2c0df08f7b675642b1d73cb19c9adaaabfa3ed02d359dda8`

18

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.2177`
MD5	`709e57a14a93b9d9afb7d524a8d7fbae`
SHA1	`2348373ed7bdfbf45d6ccc3f2729b836463d2212`
SHA256	`5ed6a5b996c51a861436b244ba5894edb1e25d431f954c0db84ad86a7c37394a`
SHA3	`4306276f528f553a331c568291a1bd3baaca7bf43206c5ea0fb5fc6329bc1a0a`

19

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50519`
MD5	`2be7cf502029821d227c5526f72b2407`
SHA1	`a83a5416dda4fea6e756f128ff60bc24be03adb3`
SHA256	`4f0a444631d150557a83b2fc6b45f5c13de5a6781bc21d739144c80364d0b23a`
SHA3	`a40951f877476e0ac6c6fabf0c3cf499dedcb944fcc99894e752370b8b9789f6`

20

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.48311`
MD5	`6cb366d6e930c9cc52c8b667eba3e33e`
SHA1	`03d7b524730be2f996eb06c11e4c84bae966c298`
SHA256	`d2e94c9d59a94d86224f1789ff7b3b6c5a20a36ea2ed714ee90f969791915fcf`
SHA3	`67243cc44eae8e5ff1e3f5795c72e0e0f42e3dcdddf494a3653d2c616d109b4d`

21

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.23684`
Detected Filetype	PNG graphic file
MD5	`daea97dc33d39711f852add32f016aad`
SHA1	`33b56832ec8f281d4e930efba39f799cf5c72316`
SHA256	`3db59ef5287bcbcabcece9f62096730c4fb22f4dd37886e24dcde6475e40b0ad`
SHA3	`fccf6cd294555489592d7f4ecd7fc70e6e04c037e1fa5e0b679347c6aa1d176a`

22

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50939`
MD5	`66e6b61ce6f7d21ac44d41fa9e25f0ed`
SHA1	`48d4149809669c7587e6053c0a74200b729ca650`
SHA256	`7318cf61f1c6a78ead9818f56903eb233fbf7e4002afe265589df4ac2ed424ed`
SHA3	`2425d60c47c6f4968a11ac6261261a9f1886c0c20572cb39d2fbe92680a93cc3`

23

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.38571`
MD5	`a00e1a7b96131d5adf42c20068ae81c1`
SHA1	`a350dfa4091bace86ae842e2d47a77ff6385ea08`
SHA256	`871551205d56446ffba7bc05219b3845976deac5fa604e1bad5f32feab95ddc2`
SHA3	`9303359883e8487df1ac3ea68f1b895c01e370b66c6526d85b9c43dbab1b5a6a`

24

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.78098`
MD5	`fbef85a618976961a75dd005f8c49ab6`
SHA1	`ea31563ffcb10741e20538efd188f220d7a664f7`
SHA256	`7b910259b9195288f78676025810d3746e41d0d8954106a40d44786933a4339a`
SHA3	`4556397da1ee2ce63744649f4e835e9a3aa3110668980b1707befc48b2f15030`

25

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.04932`
MD5	`bcfce9992791cf08b3fe6261aab09f10`
SHA1	`fef27acf80c0f428b6e0d995a57e3055b2a5e63a`
SHA256	`dc38ed877d398fc13fdf7b4f973972d42c0f95a610fc229c80686ad67fffd850`
SHA3	`121d843b8b939b2c48ef056030e5de3e685a9819a9ba531decb6b02cb2aa80c3`

26

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.36206`
MD5	`c1c01972831543fe2a5ef4c0040078a1`
SHA1	`d788fd0d44d09e1902b02c25c45e9a9c19d5f7a4`
SHA256	`70a1e88ba27e4812bbd76effad00d384e3b41bd9b3769420d6324b09c5533476`
SHA3	`a7d445d2c4098129a013664ee6b207ac55f1867fac7e729c90083466bfa2a279`

27

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32848`
MD5	`c356bd600928338b8f0e051ffffa189c`
SHA1	`13d9cc50f84b79e681ffefecb81ce6a2f09432d6`
SHA256	`c09211ff01d51888346b65fcff0f2aacc1b690e4b962284864403c1a992ea77f`
SHA3	`08f6a44101017036a9060e0a6cfd0e21c0043666a8cb08e1b6a73d58a7f6edbb`

28

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.26182`
Detected Filetype	PNG graphic file
MD5	`0f189417b942f34ce8368c87f4d31142`
SHA1	`069ef73de075012d8841c92a6c82bb75e4958498`
SHA256	`b453bd151060d95195de6f3d5525d84d6ec5b9eb015dadd141191e44a761ff3d`
SHA3	`9bebe9aca991c872995eed0156cfbc05f014e9f39a8eb6f0f9d30ad838daae6b`

29

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.26371`
MD5	`dba22c253a5ba4318c87a1454250a99d`
SHA1	`beddfe88fc6ad93419be2b1a8b4fe630a94dbbb5`
SHA256	`6dc5afe1d6b3bb10447cd60b6e7f4f9765d1761a425ca8a654d5d07992e57dc6`
SHA3	`2b80aa9fa20db3e1aa28e2c0e079dd70a27763c5ef7f5a70bf834a545a36597e`

30

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.14085`
MD5	`095a457ede21d64fc5b30f2c79ed9a7a`
SHA1	`a150641558c4fa6af377dc5fed4bf185625a4f20`
SHA256	`531a74d0203d447acc9b8c3dfc22ff9dedf54c9f6f59c59fac85e45444eba221`
SHA3	`9b1b462018c339023681ee15cef6ddadb9a39241930e090abb7ccddcb7184e7b`

31

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.5746`
MD5	`f17a5aa31adb97277ebcef702b26d81f`
SHA1	`daa62ab7d2cec7239fc588c6a54d3a54f60ed358`
SHA256	`6b38ccc080d2867b5d7c454c051efe089053008ae44c989bf3db02f7d4f0461b`
SHA3	`d8332a487115a68a03b541067efb3922b37166eba6f8f38e94707aef7f2f78a0`

32

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70621`
MD5	`7a8fd82c16489f1ed6e5cdc5dc38c815`
SHA1	`595b39dc0c92b6e3943ea918a213cec58503daf4`
SHA256	`9260d8b6f0fd7fc00e9a960db1b1283180efd59049be2c8867a4e660b1ff0123`
SHA3	`2eec2ac06df13fa72c5317fe2f7e049cddea95363b53620674c73c866a7f8d52`

33

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1234`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.90997`
MD5	`11921cfff61b5877c53bb37c86b6d09c`
SHA1	`3800127e39a03ea9b2a9f79538d40227ef4d0c89`
SHA256	`c714566bd8b7f0be360e68950a5615a2fb365d53b14ea7c2812f23c458497799`
SHA3	`0e2df531413bcc400f2f42179d34b093d3229754f3ee9d7c982faacd2f766e18`

34

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.72497`
MD5	`0e559d7f5897727c98dfdd1e6c3631e7`
SHA1	`fcd9803592250e14d186e9c8fd0f094e7debfdf0`
SHA256	`6e6dd7cc3df380721e4678fb1825b982df22a4dc058091634e733c33f3543b1f`
SHA3	`54cc4d475eb6e3066dda379e7ce197dad0d994522cc58d68673a5707d4aa46cf`

35

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x184b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91162`
Detected Filetype	PNG graphic file
MD5	`e3e595605f7ba7a83a424e5698b342b4`
SHA1	`b7cf89a883818649ffeab77f323b07808b1b717e`
SHA256	`05de73b49e62f848770d877a92a4a920e2ef6812538b84ab3a3255ee89bf3666`
SHA3	`0a0834c7fc8c9270e4ef414eb9095219a154fefc631b38f811eb7639a46a3aec`

36

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.66902`
MD5	`0a1bae1bb33d6a31b45e549593702748`
SHA1	`b3d58b4d10a003a9aa71e663f2e97a37a22e12f3`
SHA256	`24dd4a2bc100e424e4ff0cb52438ec7963b5db91bb2c3e7f51f94f079575ef24`
SHA3	`2c2fc48a2d5261fef0cd6a72252a1c9f006bbf9f458e84d1f11e91231607009e`

37

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.70138`
MD5	`2c063ebe81bfe367657369f84794f788`
SHA1	`89fe55e99910974dde3448220d9f525899df94fe`
SHA256	`27ff87a71d18d4e1ceaf34262f76a54865b86930abc6b08574e9e399cc4e59e5`
SHA3	`dfdd5b0eb674828d6c168b52cce6d95806fc4c8b9cf42e1095c49332b12946db`

38

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.47022`
MD5	`d166696d7ef458502d8976b7cdf2fa22`
SHA1	`d12e4dcbe786d9884594b30e2e4a2b465b5d0ae3`
SHA256	`fde738891bde474d1103b9a861cb0237cba76375e989f21ec004916620d82c97`
SHA3	`e815decedabbad2b838e464c9ada619b7a3011d595fd40bdeea6f45884cc5ec1`

39

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.84304`
MD5	`34bd7d1b025712ab20d7009efffe46a9`
SHA1	`73a54178d167d842914ee4dab7b7abeae999424d`
SHA256	`794eca90c9886289855ccad7ff4b90955e27ce5e339e932d1efb7b3751784fad`
SHA3	`1d82147ade703e9104f48ed7ddfe0d367c42e632fb00cf970c8db69d98b24a05`

40

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.90012`
MD5	`41615ee9091f386587920568fb85544f`
SHA1	`8bc4beadc60b6d419a61a85875bfa008a10f920e`
SHA256	`2646e75dd3f4904e090e328314543ca6d9d2b1285e35529c2888b5b35dca3850`
SHA3	`67919164cd679e74b65c631f0c450eebbada1d3439f332beeac027d739899a21`

41

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.46812`
MD5	`19c8ff3857ac33265f2ab7c520b8a3e3`
SHA1	`1c2d4dade5acb3faee5162cbd22343d9f6960ea1`
SHA256	`c0ee3dc43bb9b981dcbd879e258d8162a46cea9260fbac8176618329925e77c3`
SHA3	`65c78cc6ed1d4ce024433200d6c5a7cb8b99ec2912d0fedaf71c6191ddfd04a1`

42

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x61df`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97162`
Detected Filetype	PNG graphic file
MD5	`594dd9a54daf9c18b633f7f677a0c166`
SHA1	`35a4bcff2c467104923591109077c6f3e2d5aae8`
SHA256	`fc27905e16852cfc4f1a6aba55849dee9dcbc70fad95d67d6d805a2b3fc1f0e8`
SHA3	`b9181b5a9ea9702bbb25de190ed308cd9a1c2c65e94e65fd4c1fb4512b0087d4`

43

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.73095`
MD5	`b298c0eedcc3a4068e20f695ccfdba85`
SHA1	`4b8bcfb9668e5bb68f5ca85b7b9f3aca41cbdc03`
SHA256	`1d1171f3da4d77417a55ad55e7f5a9c04ac6df832df58482d1d72045bfb40e16`
SHA3	`ef461853101bd2d989cb0fa503484a30cb68bea84f2021ac63a93bd87b80fd90`

44

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.84816`
MD5	`87eda49d26b12d32d999a49cf75602fe`
SHA1	`cbb20f3df45ea5aa4f56115498fd34bfaebdd017`
SHA256	`43d04a1bbdb4fa968ad72fece95cf5975b5363f6241ee4be81c31adc39c42d88`
SHA3	`ca361cc0aa987438730639e1a54578405c6c182b7ba761717ee68da87391b3aa`

45

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.48338`
MD5	`c69502c7cdd3f2e41b1f92e827829804`
SHA1	`f03ecec6dd2031bbdfab9762d0fcf49cffe4b9b9`
SHA256	`9cc306084a84cc79b2992a12dc3bf428d1e44bce64de5d187bd99859e71b3828`
SHA3	`206cf2615b57574e708807672fa9cd1a385a0cf700ef65bf479d7c33f968b3e9`

46

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.87451`
MD5	`57a2bb0e05c7185f79a41d80436187f2`
SHA1	`29504f8ee77a08dc43b0607ef36f55cded065b90`
SHA256	`8b8f7f994fcb5609e82dde8862e4957d7c0e9b321bd36dc32b3763ddfa6b3fd8`
SHA3	`388c5ef52c7e232d3c004dcb7835809d282a7646a70a03fb167bf6123d650ade`

47

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.95588`
MD5	`f1e07f8bf95e32e7501dd0a098150a25`
SHA1	`2f53e6b335342fa3f6e37b5cf57ceaecfb99fb4a`
SHA256	`da9dbaa7d018c2918c81d7f6b93c8229eba81f635a20b9ac4be14033c3d651bb`
SHA3	`5d6989659bf7a2b0d68e8f0836f2d9bb20e30d50f63d4fe3617e96609e8a1bd1`

48

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50782`
MD5	`9f7c8f627aacce1cd476a97a049118cb`
SHA1	`9a55a7b711cf9890e131a67ab9ad76844998fc8c`
SHA256	`e9e464ce50ba36210cbb2df2bd7e38c96349835c78b2b074bc22d0d808513b34`
SHA3	`991988812c8dabf4a32aaf1e6089bdad05c8ef47146d678bdf3b27af8014dec1`

49

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x63c3`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97184`
Detected Filetype	PNG graphic file
MD5	`f240f6036310374dcb3edab325db869e`
SHA1	`225ad3b749cfd28afb98377e29280fd5ed4fd2fc`
SHA256	`10aeabb1c598b6d48691ffb89ebcfd864ec91b46ca97367675d20f196b8d0062`
SHA3	`d27fac903523699e448f5063c9d61d955d0b7330dd77727a095229dba0da367c`

IDR_MAINFRAME

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71858`
Detected Filetype	Icon file
MD5	`2def445ec18037fa3e27c345007d6e42`
SHA1	`f7a0581bb995fca5885a3e7adeb156a6e2732c56`
SHA256	`d6617ef4a080eebc4cb0167495e0147a12d805941d84f8672d2da243e2bf96ec`
SHA3	`49a0ee33b0d7752cc14d93e47b1b19d3d8934b7f0b700108cd8e13edbb41f310`

IDR_MAINFRAME_2

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`873bcb0a4f260dafb74951ad3e5fd322`
SHA1	`28b3c3eefeb1d2d358b7cfad8c9bad3b58af5bad`
SHA256	`5d2d1780d6c9b7d5f10f09e3d3961dcaa76ae352b3779ee5e61d85a2cb6abc93`
SHA3	`bd41ae6b3165ea2dc355430746fac4cf547c32339f4b6c62901a4d37d9b77318`

IDR_MAINFRAME_3

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`3b0fd43b3680282401c0cb3c4c612b68`
SHA1	`f64624ace0e4dff68270d1514a920c316620eb8a`
SHA256	`1c1f0f6b102eb5312f2f38521369e520d19875584393d97fb180fb4c1d62abe6`
SHA3	`83d68819966dde5f63533cf1b40b67949da624117160bdfa6a918b5b2abd033d`

IDR_MAINFRAME_4

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`271e7c2b08ba11d591e860928dc779e6`
SHA1	`30b1f8b82b283b8ea13a06193335af0b17974090`
SHA256	`d0e027b4c6cf8e62ac274c864d81f88f3efffa4adade1bf1c371aa7b7ac230e1`
SHA3	`f980cc5a5ba7a4c16389b78c438950f846eff946bfad6e716ed1d34149d4c5a9`

IDR_SXS

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76309`
Detected Filetype	Icon file
MD5	`b1a60164531332541205113a67bb7a4d`
SHA1	`c21fcc6e34bf2991dcf714fe8bc7730bb7ebc2ea`
SHA256	`2b4a1ffac26402e82798f63d68f6b13b6a2611da8c2dd3de5690e38586f3f26d`
SHA3	`ed6d26bb7cafeeff2a93c9bd991dadcd55444cb84e4c51f81724a2cf21923b14`

IDR_X001_APP_LIST

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`7e59398cf39211644e47a8226d6866a0`
SHA1	`d74d3597dde5ba1ee9cee7ba282eb879e07e7842`
SHA256	`cf97f0124f7c390ff347f63f62f55ec6ae10bdfc8dfed840358932f89ca00648`
SHA3	`3f6b204972cd80f74a78fac523d22fe10455e3ec4d6c0852921e00282cffb2fb`

IDR_X002_APP_LIST_SXS

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`4472fd1b9f64afb390c6c818b7559b60`
SHA1	`2432fbc0a12ff3258df50cadf37bfa1d5ad3184d`
SHA256	`78d1b59ae4e1a03ce6e179b92467867824e888dc00ce8c396a589a1c237cb49e`
SHA3	`03005179999f010ef511a223aa22f95bc6a472162d01a3e98023488ef4639d4b`

IDR_X003_INCOGNITO

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68084`
Detected Filetype	Icon file
MD5	`b361eaa37f3efe2f6305eabb4922df36`
SHA1	`24abf6089ba045c7154d8eae7f2619c1d7a7e794`
SHA256	`556bad1ea9fc323da5e5e6f28a10dbc9112e9e0e0bc72ea42a4dd161ff82dc54`
SHA3	`c463e01e1200f8312bf4903c52a19574e86455f12d39d6033ae5f6870acdb7bf`

IDR_X004_DEV

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`0964f519d7e50007ced56132cd682f3a`
SHA1	`ee1202f06f79bf948d8198b0dcc58058919507ff`
SHA256	`e01ed79612c8eaa7cce52f6e0fd46ffbdd3cca3c6a7b5d56003a8eee30b31430`
SHA3	`fc795a155ca9925e73a82b1302ac9bab0e1b06b46ddde515026653f60abb840d`

IDR_X005_BETA

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.78511`
Detected Filetype	Icon file
MD5	`6447ee17c47ba71b671ab693c7d175b3`
SHA1	`228a2302f3884dcc6560172912fdd3710fc6db43`
SHA256	`e34b2099026b3e1c84638ab437bfc1264c2d601d05d488870dcad77e4bfbdf62`
SHA3	`cf7047e33c21c643179b5f26390ffa258bb8d2eabaf4b83c495e588bac31536c`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x450`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.53431`
MD5	`af1ef9531403840569fc04e3ed6a8eef`
SHA1	`ecfc8a05ebcb04e98991b4b9a56fcdc524b97364`
SHA256	`5af0630b2e35caf6456464f70f6263a7e61d12dce6aee497ae8ce4a081b9e4f7`
SHA3	`956f27bc8a40dcc47500b75574b920f455f0c29c7d156c4351e2a70c6b98fdf2`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4d6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.30756`
MD5	`47c23416c4d5208213bc576714d29c43`
SHA1	`875dc6045493ffd8b5b3df2125bdd38ec79fd8fe`
SHA256	`9516793f9c4cf3bb9c26421cb836ff353822241fd6c0eff59d20c2d9023db8b3`
SHA3	`2ed717e9fe711b8769e858d95d2fbe512870256ede6e8db8f1b09cf220266237`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	94.0.4606.81
ProductVersion	94.0.4606.81
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Google LLC
FileDescription	Google Chrome
FileVersion (#2)	94.0.4606.81
InternalName	chrome_exe
LegalCopyright	Copyright 2021 Google LLC. All rights reserved.
OriginalFilename	chrome.exe
ProductName	Google Chrome
ProductVersion (#2)	94.0.4606.81
CompanyShortName	Google
ProductShortName	Chrome
LastChange	5a03c5f1033171d5ee1671d219a59e29cf75e054-refs/branch-heads/4606@{#1320}
Official Build	1

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2021-Oct-07 00:07:02
Version	`0.0`
SizeofData	`39`
AddressOfRawData	`0x1fb6dc`
PointerToRawData	`0x1f9cdc`
Referenced File	chrome.exe.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	2021-Oct-07 00:07:02
Version	`0.0`
SizeofData	`4`
AddressOfRawData	`0x1fb704`
PointerToRawData	`0x1f9d04`

TLS Callbacks

StartAddressOfRawData	`0x14022b000`
EndAddressOfRawData	`0x14022b138`
AddressOfIndex	`0x140213a3c`
AddressOfCallbacks	`0x1401fcfb0`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_16BYTES`
Callbacks	`0x000000014002E460` `0x000000014005E190` `0x0000000140112090` `0x00000001400BB210`

Load Configuration

Size	`0x130`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14020c018`
GuardCFCheckFunctionPointer	`5370974208`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

Errors

[*] Warning: 1 invalid export(s) not shown.