Manalyze report for 1418f59196345e2c2778a2347e5aa6da

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2011-May-16 11:06:42
Detected languages	English - United States Russian - Russia
CompanyName	Devart
FileVersion	`4.80.0.29`
ProductVersion	`4.80.0.29`
ProductName	DbxSda

Plugin Output

Suspicious	PEiD Signature:	`ASPack v2.12` `ASProtect SKE 2.1/2.2 (exe) -> Alexey Solodovnikov (h)` `ASProtect SKE 2.1/2.2 (dll) -> Alexey Solodovnikov (h)` `ASProtect SKE 2.1x (exe) -> Alexey Solodovnikov (h)`
Suspicious	The PE is packed with Aspack or Armadillo	`Unusual section name found:` `Section is both writable and executable.` `Unusual section name found:` `Section is both writable and executable.` `Unusual section name found:` `Section is both writable and executable.` `Unusual section name found:` `Section is both writable and executable.` `Unusual section name found:` `Section is both writable and executable.` `Unusual section name found:` `Section is both writable and executable.` `Unusual section name found:` `Section is both writable and executable.` `Section .rsrc is both writable and executable.` `Section .data is both writable and executable.` `Unusual section name found: .adata` `Section .adata is both writable and executable.`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA` `Can access the registry: RegQueryValueExW`
Info	The PE's resources present abnormal characteristics.	`Resource 1 is possibly compressed or encrypted.` `Resource 4082 is possibly compressed or encrypted.` `Resource 4083 is possibly compressed or encrypted.` `Resource 4084 is possibly compressed or encrypted.` `Resource 4085 is possibly compressed or encrypted.` `Resource 4086 is possibly compressed or encrypted.` `Resource 4087 is possibly compressed or encrypted.` `Resource 4088 is possibly compressed or encrypted.` `Resource 4089 is possibly compressed or encrypted.` `Resource 4094 is possibly compressed or encrypted.` `Resource 4095 is possibly compressed or encrypted.` `Resource 4096 is possibly compressed or encrypted.` `Resource CHARTABLE is possibly compressed or encrypted.` `Resource PACKAGEINFO is possibly compressed or encrypted.` `The binary may have been compiled on a machine in the UTC+3 timezone.`
Safe	VirusTotal score: 0/65 (Scanned on 2019-12-02 11:15:56)	`All the AVs think this file is safe.`

Hashes

MD5	`1418f59196345e2c2778a2347e5aa6da`
SHA1	`21eb19753fa8d5b8de9349cda0c181fcaed2af9d`
SHA256	`e4726a6e995d1ee4109e2f09b190083c0f49ee5f4517e0a63d310263a57270e0`
SHA3	`f56b8d6c0acba400035dc7eca6e842a074e944392a694acc8e9762ee11ef530e`
SSDeep	`6144:az/2njZLqdea71nZ6E4wjikyZtSCAf9WIrQzcKwvP6bQ7yMP+DE8277a:azenQBnZ8wjc0r9BUz+6b7MP+Dd2na`
Imports Hash	`b9081ed3a6370bdd783111671b7cdf4c`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`10`
TimeDateStamp	2011-May-16 11:06:42
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_DLL` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x93200`
SizeOfInitializedData	`0x1cc00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000BB001 (Section: .data)`
BaseOfCode	`0x1000`
BaseOfData	`0x95000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.0`
ImageVersion	`0.0`
SubsystemVersion	`5.0`
Win32VersionValue	`0`
SizeOfImage	`0xd5000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0`
SizeofStackCommit	`0`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

Section_1

MD5	`7ddbaadc638181e566f429c98b197dbf`
SHA1	`15fa50b6e4ccaef171b2e11cd05edf200eeaccfc`
SHA256	`7997850877bf9984fa3a253ef86e1714bbdd0ac5b27e57bb5da79e812e378182`
SHA3	`44636fbbd4792b25b4a08d3ab0c2f67ff05c7dad59698dfc8985ebe263d3d723`
VirtualSize	`0x90000`
VirtualAddress	`0x1000`
SizeOfRawData	`0x32000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99918`

Section_2

MD5	`27dc56fd96621961542fe6ff5ccfa94f`
SHA1	`9680af6dc0eeae1b56ac497ebfabe5b73513d641`
SHA256	`0c600bd1811ad22bf492f4970af9d684b58868c6e680c3e13db907c951b648a0`
SHA3	`95e0f6422902a6a3eb0994082bca9dba42ee0d9a940295db4795d15145dfe1ca`
VirtualSize	`0x4000`
VirtualAddress	`0x91000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x32400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.95554`

Section_3

MD5	`e9118dc7d94b754b6d3aa283e6732fab`
SHA1	`7f52f92c177c91622c12a3475974b53f6c3e345f`
SHA256	`db14ab4e75a4264485b85af553fbd6e9163cab3993a9d82609cf717079077eb6`
SHA3	`21ef137ee641f8192dcb586477aa2b3ce59541cc595e98363b73f18f3c1bb29e`
VirtualSize	`0x6000`
VirtualAddress	`0x95000`
SizeOfRawData	`0x3400`
PointerToRawData	`0x33400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.98555`

Section_4

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x6000`
VirtualAddress	`0x9b000`
SizeOfRawData	`0`
PointerToRawData	`0x36800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

Section_5

MD5	`2b44eb691a784213876a90c06f5da7b3`
SHA1	`fb2706d724542ad2716cc5e717b81011f744b28d`
SHA256	`d39f936f4206ba298c12fd479dbbbaae98549757c069b366e4e4566fe401ec0d`
SHA3	`291ba521320936ec9b97246d3dba9169a5fe4445b0021950611f6b04b575e95b`
VirtualSize	`0x2000`
VirtualAddress	`0xa1000`
SizeOfRawData	`0x1200`
PointerToRawData	`0x36800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.95832`

Section_6

MD5	`a2669eb7703db6f43fea604194fb3847`
SHA1	`9ebaf84bfe36b1feae6cd10d69399e734a8e43ab`
SHA256	`fb09e30090d43946e90361ab9474703e9cacdb61a24b3849ab36b718a59e2265`
SHA3	`b37153ac994cc6d93c72070d8cbe907017e304eb936b772e64b74f5afdb70184`
VirtualSize	`0x1000`
VirtualAddress	`0xa3000`
SizeOfRawData	`0xa00`
PointerToRawData	`0x37a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.06228`

Section_7

MD5	`6d845cf95ee1fc012a8b8505429fda58`
SHA1	`db3b07c56d388819361b729a8f2d1e09643a05ac`
SHA256	`7745784f7950a69e9817840c1304ce6b962b9a09b1d1d87c51400315552ae212`
SHA3	`a2c553b9df6b62066336be774120149726d54ed2d9048c1e2b567272a9addc47`
VirtualSize	`0xa000`
VirtualAddress	`0xa4000`
SizeOfRawData	`0x4e00`
PointerToRawData	`0x38400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99134`

.rsrc

MD5	`55c3894c5cce6158360f8549819ddd9c`
SHA1	`bc6e1feb6f7ca05a931dde9cc26b2cd900739855`
SHA256	`163ace522fb0320ff3e0be3e5efc62688fa3711832c6014cac764431200a2a4f`
SHA3	`040cb978c0f818b46a720f33fa4d061f3e44d503e9959ae6e6b4854a438ef618`
VirtualSize	`0xd000`
VirtualAddress	`0xae000`
SizeOfRawData	`0x2600`
PointerToRawData	`0x3d200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.71284`

.data

MD5	`dbb05c692f2a2d81b71e3c78d08bd36a`
SHA1	`96ee4d6d57a071b5b91554aa4c32cc7c4c7aa750`
SHA256	`db37e17e10a3b1800fff734ece74d361c343056dce6a99d5e82d0807e07b9188`
SHA3	`b3389df6a2d3160cb69416dc6d8b81d4d34a8945f0e7f1330dae32c5030c99fe`
VirtualSize	`0x19000`
VirtualAddress	`0xbb000`
SizeOfRawData	`0x18c00`
PointerToRawData	`0x3f800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.78698`

.adata

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x1000`
VirtualAddress	`0xd4000`
SizeOfRawData	`0`
PointerToRawData	`0x58400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

Imports

kernel32.dll	`GetProcAddress` `GetModuleHandleA` `LoadLibraryA`
oleaut32.dll	`SysFreeString`
advapi32.dll	`RegQueryValueExW`
user32.dll	`GetKeyboardType`
user32.dll (#2)	`GetKeyboardType`
oleaut32.dll (#2)	`SysFreeString`
ole32.dll	`CoTaskMemFree`
oleaut32.dll (#3)	`SysFreeString`
wsock32.dll	`WSAStartup`
oleaut32.dll (#4)	`SysFreeString`
kernel32.dll (#2)	`GetProcAddress` `GetModuleHandleA` `LoadLibraryA`

Delayed Imports

getSQLDriverSQLServerCompact

Ordinal	`1`
Address	`0x7999c`

getSQLDriverSQLServer

Ordinal	`2`
Address	`0x797e8`

DBXWritableRow_SetBytes

Ordinal	`3`
Address	`0x90ab8`

DBXWritableRow_SetDate

Ordinal	`4`
Address	`0x90aa0`

DBXWritableRow_SetTime

Ordinal	`5`
Address	`0x90a88`

DBXWritableRow_SetTimeStampOffset

Ordinal	`6`
Address	`0x90a70`

DBXWritableRow_SetTimeStamp

Ordinal	`7`
Address	`0x90a58`

DBXWritableRow_SetBcd

Ordinal	`8`
Address	`0x90a40`

DBXWritableRow_SetSingle

Ordinal	`9`
Address	`0x90a28`

DBXWritableRow_SetDouble

Ordinal	`10`
Address	`0x90a10`

DBXWritableRow_SetInt64

Ordinal	`11`
Address	`0x909f8`

DBXWritableRow_SetInt32

Ordinal	`12`
Address	`0x909e0`

DBXWritableRow_SetInt16

Ordinal	`13`
Address	`0x909c8`

DBXWritableRow_SetInt8

Ordinal	`14`
Address	`0x909b0`

DBXWritableRow_SetUInt8

Ordinal	`15`
Address	`0x90998`

DBXWritableRow_SetBoolean

Ordinal	`16`
Address	`0x90980`

DBXWritableRow_SetWideString

Ordinal	`17`
Address	`0x90964`

DBXWritableRow_SetString

Ordinal	`18`
Address	`0x90948`

DBXWritableRow_SetNull

Ordinal	`19`
Address	`0x90930`

DBXRow_GetObjectTypeName

Ordinal	`20`
Address	`0x908cc`

DBXRow_GetByteLength

Ordinal	`21`
Address	`0x90864`

DBXRow_GetFixedBytes

Ordinal	`22`
Address	`0x907e4`

DBXRow_GetBytes

Ordinal	`23`
Address	`0x906c0`

DBXRow_GetDate

Ordinal	`24`
Address	`0x90670`

DBXRow_GetTime

Ordinal	`25`
Address	`0x90620`

DBXRow_GetTimeStampOffset

Ordinal	`26`
Address	`0x90614`

DBXRow_GetTimeStamp

Ordinal	`27`
Address	`0x905c4`

DBXRow_GetBcd

Ordinal	`28`
Address	`0x90574`

DBXRow_GetDouble

Ordinal	`29`
Address	`0x90524`

DBXRow_GetSingle

Ordinal	`30`
Address	`0x904d4`

DBXRow_GetInt64

Ordinal	`31`
Address	`0x90484`

DBXRow_GetInt32

Ordinal	`32`
Address	`0x90434`

DBXRow_GetInt16

Ordinal	`33`
Address	`0x903e4`

DBXRow_GetInt8

Ordinal	`34`
Address	`0x90394`

DBXRow_GetUInt8

Ordinal	`35`
Address	`0x90344`

DBXRow_GetBoolean

Ordinal	`36`
Address	`0x902f8`

DBXRow_GetWideString

Ordinal	`37`
Address	`0x902a8`

DBXRow_GetString

Ordinal	`38`
Address	`0x90258`

DBXBase_Close

Ordinal	`39`
Address	`0x90bdc`

DBXBase_GetErrorMessage

Ordinal	`40`
Address	`0x90b98`

DBXBase_GetErrorMessageLength

Ordinal	`41`
Address	`0x90b30`

DBXReader_Next

Ordinal	`42`
Address	`0x90240`

DBXReader_GetColumnMetadata

Ordinal	`43`
Address	`0x90100`

DBXReader_GetColumnCount

Ordinal	`44`
Address	`0x900dc`

DBXParameterRow_SetParameterType

Ordinal	`45`
Address	`0x90050`

DBXCommand_SetRowSetSize

Ordinal	`46`
Address	`0x9002c`

DBXCommand_SetMaxBlobSize

Ordinal	`47`
Address	`0x90020`

DBXCommand_GetRowsAffected

Ordinal	`48`
Address	`0x8ffc4`

DBXCommand_GetNextReader

Ordinal	`49`
Address	`0x8ff9c`

DBXCommand_ExecuteImmediate

Ordinal	`50`
Address	`0x8ff3c`

DBXCommand_Execute

Ordinal	`51`
Address	`0x8fe8c`

DBXCommand_Prepare

Ordinal	`52`
Address	`0x8fe08`

DBXCommand_CreateParameterRow

Ordinal	`53`
Address	`0x8f5a8`

DBXConnection_GetIsolation

Ordinal	`54`
Address	`0x8f59c`

DBXConnection_Rollback

Ordinal	`55`
Address	`0x8f56c`

DBXConnection_Commit

Ordinal	`56`
Address	`0x8f53c`

DBXConnection_BeginTransaction

Ordinal	`57`
Address	`0x8f4f8`

DBXConnection_GetMetaData

Ordinal	`58`
Address	`0x8f4ec`

DBXConnection_CreateCommand

Ordinal	`59`
Address	`0x8f3dc`

DBXConnection_SetCallbackEvent

Ordinal	`60`
Address	`0x8f3b4`

DBXConnection_Disconnect

Ordinal	`61`
Address	`0x8f39c`

DBXConnection_Connect

Ordinal	`62`
Address	`0x8f1bc`

DBXDriver_GetVersion

Ordinal	`63`
Address	`0x8f1b0`

DBXDriver_CreateConnection

Ordinal	`64`
Address	`0x8f190`

DBXLoader_GetDriver

Ordinal	`65`
Address	`0x8f054`

1

Type	`RT_ICON`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.72192`
MD5	`ef952157251a1938b3b93459d161027f`
SHA1	`268639530078fdd8761d7067f5762ca54a9d8990`
SHA256	`beee991308e5d96217921e8f400db655ece2b2ff5e18aedda7c22d1eebc35afa`
SHA3	`312e6254729557e75530c03e039eff018746f507161edee8f3b506812db394d7`

4082

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x304`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.72853`
MD5	`52d40948607716a23805bc5fcaa947fc`
SHA1	`5ee6e0f60a2bd286869bdc3445e16e9a353d94fd`
SHA256	`d087286ea67a5371e4c99e3654091c89fb0158d13fb2083e268193bc06928f06`
SHA3	`9c3ec16b92d44c72ee84938301e683275b42f6c5a6ea180d564c5f34df17e2d0`

4083

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4e0`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.83413`
MD5	`b9d2ad6af276a29528e502d15e4163f7`
SHA1	`0252e951fb4395e95459671499e1df4bef1541a0`
SHA256	`cab3683101c30dfa9873121ce766ac86bd3dfc09a9eacbfb75084186c3c35e5d`
SHA3	`de114f003015d8d13ef227da4d226b4d7bba8b3872e8326c58a3d44fc4347f55`

4084

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x870`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.91275`
MD5	`b6f341da2307bb1d8446517baf55f63d`
SHA1	`119fd39595c2a9d1523b61900a06c05d3795cca8`
SHA256	`53a86aa4984e8fd462284876bec86f88dd296654e8bf7389a735e5d82d7de397`
SHA3	`c6ea55d13a0c0d50f44442390e6d954e58dd7c6e10e43d782b20494bbb6e7158`

4085

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x598`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.87426`
MD5	`ffc0c001df9b27040c1a2e912dab5e64`
SHA1	`e97733efa8994b56299cd2d9c0753b8aee603654`
SHA256	`e400bef62eaf62ad08a483d5074aada9083fe80fe6ac95d7b96424f900902443`
SHA3	`b702c20cdfa575f841d4a03068e1e8aa187d23ebde1f261977d4859e66628a89`

4086

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4a0`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.85174`
MD5	`0a0442ef8bde6638a3f41a091caec8ea`
SHA1	`1ca130e504746cb1e6e62eb43e200aca9536cca4`
SHA256	`3d6db38f6cd983e51c5f6a42cf4da3eb87757321ce5e5c116de7f5e5bfca57a3`
SHA3	`ed3d6718e9ebf11c5f40b47bace7efa9667363e38d0d978881c9ffc6cd5d986c`

4087

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x43c`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.74318`
MD5	`c23c598ba8b240cd655610fb96cf70d5`
SHA1	`3b9773901f6361d8ae561f286f83929f7ba37406`
SHA256	`bda24b2951b88e8cd4e5282db25e6883b009cfd51766559768efa53854b1b74b`
SHA3	`259d0322dcfd78e8a20b9cc9ff8478c3d949620bff8ae334dd0b1d7f0abaab0c`

4088

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x344`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.54422`
MD5	`7ddee3a23342088c42ad2609c296f80a`
SHA1	`94e2d85cf0f6919e0f997a2a64a98d7c890666a3`
SHA256	`b0989782c8432814426861063117db480a56431972e1ff292372ee0acc6bed9c`
SHA3	`edda764368eeb006d1a3117044bdc1e982083053f7d17b8d0c4c87cbbd050857`

4089

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x390`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.04628`
MD5	`88d33891237d96fed6a7a2be9c7e9760`
SHA1	`5dec8fb8be2315099e6f974b572787200a21941f`
SHA256	`79ed1c0043ededcc86aae92b60740d0208a5e1449aea0a2b176e26ef5b39767d`
SHA3	`02f6d7668a33d86f477dc6fb977d7494cedc7c48b57db94729ac7fa4bc92f7ea`

4090

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2dc`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`5.80017`
MD5	`c57a19099cda2a7c6596115fb0262b54`
SHA1	`66aef0c9d8e898d0047908de40be855394cbd27d`
SHA256	`607e0a3e23f26756e54b8e6c46e35c7a3c750ae64c9b433dfe798efd4b068ecd`
SHA3	`abd769572c354bdbe758d8c887058721d312d3ccf46fb307113b287946f3a762`

4091

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xb8`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`2.88466`
MD5	`2c87bf3629824d58ba7997bdd5527a5a`
SHA1	`9fe1535caf7504c23ad222d0a64365bcb79f7d20`
SHA256	`2394546190a67dfc1a10b75c206eafd7af52749e866f214b4d30527adf39f14d`
SHA3	`95c04fd76bc0eecdedc2075383af6fc2067e1103af25701c52c3b9eec0ae06fe`

4092

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x9c`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`3.07095`
MD5	`6289fe7132b0cc25387d105d175a5039`
SHA1	`788f2ce2911108a5c52721a1c8c4f6fe68496377`
SHA256	`5a424a9e72e9745ea36adc51676ff1f44b92c83a45ae302ae46453abc685e5f7`
SHA3	`66d19b3072371299d8657ab483d23944d98ca1145c0925c37f38f002e259b089`

4093

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x340`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`4.53118`
MD5	`65df35a00ff9be75297729db0a152658`
SHA1	`c0cdcf15ecf8d52c0cf05f10db0dcf5ba7be497a`
SHA256	`794e0593911b90a46cd53c5bcbe8a6b5adfcf35e0468343729de84b3a50f9afd`
SHA3	`ec8f0229702c6f7a43ac10bed33b0b9c9264ecd948a7c878ac3e59afa878cdb1`

4094

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4b0`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.46885`
MD5	`045ec09dce38565e896613fd4dd8f39a`
SHA1	`276d2e0b658dadf00a7a161be9cefc03b4ba0fb4`
SHA256	`4a56fbf5f0fffcb70970f72ff843284cc50f0793f4da08a227e810b403313488`
SHA3	`a7c43757bde5b99b8edc7d15d8dbe373addf47cdbd10be92f869b62b4e2ed827`

4095

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x36c`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.50455`
MD5	`913bb5bd285e115cb78b683fe8946942`
SHA1	`13296a9b66d8baced27720b6f54bb60d2b33572f`
SHA256	`0af91a5bc10d3d68dc7102016335b27df4d0986dd3769414b4a00f8e615bb61b`
SHA3	`0c6e90b5a8fd1eea3a03e56c5febaf25dc1df9191d0c973a377dda1b5db20a4f`

4096

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2d4`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.48251`
MD5	`6e6a48036ff137ea9daa3c6af69adfa1`
SHA1	`d2183b4ac0af819c63cd7f8c7b8c7d6d67ec9e3f`
SHA256	`9adda25999b42a93c12ac0e5f2b5202a62f0bb52a5b9e48f146c0fd63a51c37a`
SHA3	`91c5030dc54b590fe89374050a141f92a371d77bc7f589ab8222f077f8ac3af6`

CHARTABLE

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x82e8`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.76399`
MD5	`759586ab34cd8ffda5db934b3be5ccc0`
SHA1	`aa6b7e4d59802318b9ced37129e7b7f13066b9aa`
SHA256	`e2f77cd38d660e61dc86ba38b7409dff69cfa604e3593b864373b2399b4d66c1`
SHA3	`81d5c71d56c2aebe9be0e1a91dbd062f51e48e4df8ad64a7e88a17c4ae260876`

DVCLAL

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`4`
MD5	`3f42ab51fb134ae6e477cdb8e2714653`
SHA1	`31c54e57c4dbf0fc787dc27b99beddb212db7bae`
SHA256	`baec42ad652b297415910422286c24344459c42a7d9d71c5e84b7d274370724f`
SHA3	`345075e79b30b33936e2c133dfda5d3615508f48b23cff02e3f4063904dea3e8`

PACKAGEINFO

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x360`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`7.55573`
MD5	`792dbb6167cff1b5bdb6047632788592`
SHA1	`54407ef645e40fa447bb0e0b8a79344c353b5d03`
SHA256	`fabcf87dc4c1448e0248a52fbbc887b7591ebf1c9795bb6dda78f700fb25f049`
SHA3	`15f0cfe7331628d04a1d3d4871eb1535559572bb586520ea9bcdfa4f77d9609a`

MAINICON

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`4.32193`
MD5	`6ee469cbddf6542f645d82cd284edb83`
SHA1	`14ae468c092db7e33f7f7b6a3c0606e0c7be3ca3`
SHA256	`72b22dd6a5ce763d8974ed69b3e1084a68e352d8635c054e5a7f5fb1138301a6`
SHA3	`303ca468896a04e046fafa818a3c87790a9059749a8d255c3db14ea82469ed1c`

1 (#2)

Type	`RT_VERSION`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x1a8`
TimeDateStamp	2011-May-16 14:06:44
Entropy	`3.18329`
MD5	`d4aea2b0830c0df69be1147b59b122b7`
SHA1	`d26fa40407ad2c171444eb96ad450dd1db23562f`
SHA256	`19f181de08fa4f191c4ae78bda5867d8aa44f770360e5cae533a379294da5157`
SHA3	`9a3c9b5625a440fb4e0840d9c507da18a02d3421bf9c570e4bf36814ff516ce8`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	4.80.0.29
ProductVersion	4.80.0.29
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Devart
FileVersion (#2)	4.80.0.29
ProductVersion (#2)	4.80.0.29
ProductName	DbxSda

Resource LangID	Russian - Russia

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section  has a size of 0!
[*] Warning: Section .adata has a size of 0!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Resource 0 is empty!