Manalyze report for 16c29fefd14ada0dbf9ef254fe39a089

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1992-Jun-19 22:22:17
Detected languages	Turkish - Turkey
CompanyName	Synaptics
FileDescription	Synaptics Pointing Device Driver
FileVersion	`1.0.0.4`
InternalName
LegalCopyright
LegalTrademarks
OriginalFilename
ProductName	Synaptics Pointing Device Driver
ProductVersion	`1.0.0.0`
Comments

Plugin Output

Suspicious	PEiD Signature:	`D1S1G v1.1 beta --> D1N`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentVersion\Run` `Miscellaneous malware strings: cmd.exe` Contains domain names: afraid.org docs.google.com dropbox.com freedns.afraid.org gmail.com google.com http://freedns.afraid.org http://freedns.afraid.org/api/?action http://xred.site50.net http://xred.site50.net/syn/SSLLibrary.dll http://xred.site50.net/syn/SUpdate.ini http://xred.site50.net/syn/Synaptics.rar https://docs.google.com https://docs.google.com/uc?id https://www.dropbox.com https://www.dropbox.com/s/fzj752whr3ontsm/SSLLibrary.dll?dl https://www.dropbox.com/s/n1w4p8gc6jzo0sg/SUpdate.ini?dl https://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl site50.net smtp.gmail.com www.dropbox.com xred.mooo.com xred.site50.net
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExA GetProcAddress LoadLibraryA` `Functions which can be used for anti-debugging purposes: FindWindowA` `Code injection capabilities (PowerLoader): GetWindowLongA FindWindowA` `Can access the registry: RegQueryValueExA RegOpenKeyExA RegCloseKey RegSetValueExA RegNotifyChangeKeyValue RegFlushKey RegDeleteValueA RegCreateKeyExA` `Possibly launches other programs: CreateProcessA` `Can create temporary files: CreateFileA GetTempPathA` `Uses functions commonly found in keyloggers: MapVirtualKeyA GetForegroundWindow CallNextHookEx` `Has Internet access capabilities: InternetGetConnectedState InternetReadFile InternetOpenUrlA InternetOpenA InternetCloseHandle` `Functions related to the privilege level: OpenProcessToken AdjustTokenPrivileges` `Interacts with services: OpenSCManagerA` `Enumerates local disk drives: GetDriveTypeA` `Manipulates other processes: OpenProcess` `Can take screenshots: CreateCompatibleDC BitBlt GetDCEx GetDC FindWindowA` `Reads the contents of the clipboard: GetClipboardData`
Malicious	The PE is possibly a dropper.	`Resource KBHKS detected as a PE Executable.`
Malicious	VirusTotal score: 65/70 (Scanned on 2024-01-27 12:17:22)	`ALYac: Win32.Comet.A` `APEX: Malicious` `AVG: Win32:Zorex-E [Wrm]` `Acronis: suspicious` `AhnLab-V3: Win32/Zorex.X1800` `Alibaba: Backdoor:Win32/DarkKomet.353` `Antiy-AVL: Virus/Win32.DarkKomet.a` `Arcabit: HEUR.VBA.Trojan.d` `Avast: Win32:Zorex-E [Wrm]` `Avira: TR/Dldr.Agent.SH` `BitDefender: Win32.Comet.A` `BitDefenderTheta: AI:Packer.F5AF03D517` `Bkav: W32.Common.A575260F` `CAT-QuickHeal: Sus.Nocivo.E0011` `ClamAV: Win.Trojan.Emotet-9850453-0` `CrowdStrike: win/malicious_confidence_100% (W)` `Cybereason: malicious.6fc9db` `Cylance: unsafe` `Cynet: Malicious (score: 100)` `DeepInstinct: MALICIOUS` `DrWeb: Win32.HLLW.Siggen.10555` `ESET-NOD32: Win32/Delf.NBX` `Elastic: malicious (high confidence)` `Emsisoft: Win32.Comet.A (B)` `F-Secure: Trojan:W97M/MaliciousMacro.GEN` `FireEye: Generic.mg.16c29fefd14ada0d` `Fortinet: VBA/Agent.IGI!tr.dldr` `GData: Win32.Backdoor.Agent.AXS` `Google: Detected` `Gridinsoft: Malware.Win32.Gen.sm!s1` `Ikarus: Trojan-PWS.Win32.QQPass` `Jiangmin: Win32/Synaptics.Gen` `K7AntiVirus: Trojan ( 000112511 )` `K7GW: Trojan ( 000112511 )` `Kaspersky: Trojan.Win32.XRed.mg` `Kingsoft: malware.kb.a.1000` `MAX: malware (ai score=82)` `Malwarebytes: Generic.Malware.AI.DDS` `MaxSecure: Trojan.Malware.1767938.susgen` `McAfee: GenericRXBW-CE!16C29FEFD14A` `MicroWorld-eScan: Win32.Comet.A` `Microsoft: Worm:Win32/AutoRun!atmn` `NANO-Antivirus: Trojan.Win32.DarkKomet.fazbwq` `Panda: Trj/Genetic.gen` `Rising: Virus.Synaptics!1.E51C (CLASSIC)` `SUPERAntiSpyware: Adware.FileTour/Variant` `Sangfor: Trojan.Win32.Save.a` `SentinelOne: Static AI - Malicious PE` `Skyhigh: BehavesLike.Win32.Obfuscated.bh` `Sophos: Troj/DocDl-JJH` `Symantec: W32.Zorex` `TACHYON: Backdoor/W32.DP-DarkKomet.771584` `Tencent: Virus.Win32.DarkKomet.a` `TrendMicro: Virus.Win32.NAPWHICH.D.orig` `TrendMicro-HouseCall: Backdoor.Win32.DARKCOMET.ENR` `VBA32: TScope.Trojan.Delf` `VIPRE: Win32.Comet.A` `Varist: W32/Backdoor.OAZM-5661` `ViRobot: Win32.Zorex.A` `Webroot: W32.Malware.gen` `Xcitium: Virus.Win32.Agent.DE@74b38h` `Yandex: BackDoor.Optix!acYWFyhu7MM` `Zillya: Trojan.Delf.Win32.76144` `ZoneAlarm: Trojan.Win32.XRed.mg` `Zoner: Trojan.DOC.132395`

Hashes

MD5	`16c29fefd14ada0dbf9ef254fe39a089`
SHA1	`ab193346fc9dbf759fbd3b95539e7828021fd883`
SHA256	`abcad88ae34bfc5bf2f1096f8bfdde70f3319a1cbf636e01d86aef4a7e7f349f`
SHA3	`17a3c0f9b0481b65fee3d854ce948fdf85d6622f4871ee0457fc6593dce92bdb`
SSDeep	`12288:aMSApJVYG5lDLyjsb0eOzkv4R7QnvUUilQ35+6G75V9Izr:ansJ39LyjbJkQFMhmC+6GD90`
Imports Hash	`266afb38c295eeb8e170454b2e86b3e1`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`8`
TimeDateStamp	1992-Jun-19 22:22:17
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x99c00`
SizeOfInitializedData	`0x22600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0009AB80 (Section: CODE)`
BaseOfCode	`0x1000`
BaseOfData	`0x9b000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xc2000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

CODE

MD5	`33fbe30e8a64654287edd1bf05ae7c8c`
SHA1	`55c4a89a3f388e5fbedf2bd1a233d36b4e71a565`
SHA256	`9251b16208e38d5de48130230d5f51036c979843ac33bc52cd31c298dd9cb105`
SHA3	`f5f2a73a83fe8c7c20f45a1c23d83cfa002dde0db49434df0a0ce92297c200f1`
VirtualSize	`0x99bec`
VirtualAddress	`0x1000`
SizeOfRawData	`0x99c00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.57296`

DATA

MD5	`1f5e19e7d20c1d128443d738ac7bc610`
SHA1	`16555dc80f87a8e2c78d0d8485184637e66dfac4`
SHA256	`129985e4da5b562480c914a8de410391a05923389435cc9522ed748e7f98d3b5`
SHA3	`17182de7b9bb60dfbcfa748f5742f6fc3ebab5a560fd5599aaad58652b1632ec`
VirtualSize	`0x2e54`
VirtualAddress	`0x9b000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x9a000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.85462`

BSS

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x11e5`
VirtualAddress	`0x9e000`
SizeOfRawData	`0`
PointerToRawData	`0x9d000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`21ff53180b390dc06e3a1adf0e57a073`
SHA1	`dcee39fc7cafbadf9c633832630a29b1707ece27`
SHA256	`d6a1275d99a3868b1ad4e08d271e536003d2928555df8cc4bba6b8187e781e90`
SHA3	`995c89a915f3574e31c127ad65e98e13ad0e0187203d8772d4b35aaefb17417c`
VirtualSize	`0x2a42`
VirtualAddress	`0xa0000`
SizeOfRawData	`0x2c00`
PointerToRawData	`0x9d000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.91933`

.tls

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x10`
VirtualAddress	`0xa3000`
SizeOfRawData	`0`
PointerToRawData	`0x9fc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rdata

MD5	`a92cf494c617731a527994013429ad97`
SHA1	`f47979e8a85bb490619bc05b0bfff2ad9c6cb39a`
SHA256	`2b2a2e7496ace1620c7434b74797fea556a4d807ac2b2a0bd4525b3d0ca27866`
SHA3	`5beabc7a1224d1990fb7044fc214600ffbe142c5293d03e7daf0155e87cd5db8`
VirtualSize	`0x39`
VirtualAddress	`0xa4000`
SizeOfRawData	`0x200`
PointerToRawData	`0x9fc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`0.78462`

.reloc

MD5	`dcd1b1c3f3d28d444920211170d1e8e6`
SHA1	`80abf169f0339cdc8c7d22f62101ab59476e953c`
SHA256	`b7ebc6b9fd3c1e722904985a3fa20de074ca12bb832ecaa6d7889c2ac807ca94`
SHA3	`739f9f97ca204fb832cdcc7ef5263f42ad7b9de4df942ec9042c0c99e44b8587`
VirtualSize	`0xa980`
VirtualAddress	`0xa5000`
SizeOfRawData	`0xaa00`
PointerToRawData	`0x9fe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`6.67412`

.rsrc

MD5	`a72dd197163ed07c23ae5fdac434ccfc`
SHA1	`3d0102542bc0f9b6b4e5790b239a4d6b7aa9969f`
SHA256	`e426771e1fd8219ae0c44508c8fca5f8e68b9cabfd4b9f4fed0098a116a40973`
SHA3	`ba7984d772edb48ed321537e9681fa3ed72b7f3c3d905abea0cd5b01dad7c551`
VirtualSize	`0x11cf0`
VirtualAddress	`0xb0000`
SizeOfRawData	`0x11e00`
PointerToRawData	`0xaa800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`5.68885`

Imports

kernel32.dll	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `GetTickCount` `QueryPerformanceCounter` `GetVersion` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `SetCurrentDirectoryA` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCurrentDirectoryA` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `ExitThread` `CreateThread` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
user32.dll	`GetKeyboardType` `LoadStringA` `MessageBoxA` `CharNextA`
advapi32.dll	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
oleaut32.dll	`SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
kernel32.dll (#2)	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `GetTickCount` `QueryPerformanceCounter` `GetVersion` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `SetCurrentDirectoryA` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCurrentDirectoryA` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `ExitThread` `CreateThread` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
advapi32.dll (#2)	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
kernel32.dll (#3)	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `GetTickCount` `QueryPerformanceCounter` `GetVersion` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `SetCurrentDirectoryA` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCurrentDirectoryA` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `ExitThread` `CreateThread` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
version.dll	`VerQueryValueA` `GetFileVersionInfoSizeA` `GetFileVersionInfoA`
gdi32.dll	`UnrealizeObject` `StretchBlt` `SetWindowOrgEx` `SetWinMetaFileBits` `SetViewportOrgEx` `SetTextColor` `SetStretchBltMode` `SetROP2` `SetPixel` `SetEnhMetaFileBits` `SetDIBColorTable` `SetBrushOrgEx` `SetBkMode` `SetBkColor` `SelectPalette` `SelectObject` `SaveDC` `RestoreDC` `RectVisible` `RealizePalette` `PlayEnhMetaFile` `PatBlt` `MoveToEx` `MaskBlt` `LineTo` `IntersectClipRect` `GetWindowOrgEx` `GetWinMetaFileBits` `GetTextMetricsA` `GetTextExtentPoint32A` `GetSystemPaletteEntries` `GetStockObject` `GetPixel` `GetPaletteEntries` `GetObjectA` `GetEnhMetaFilePaletteEntries` `GetEnhMetaFileHeader` `GetEnhMetaFileBits` `GetDeviceCaps` `GetDIBits` `GetDIBColorTable` `GetDCOrgEx` `GetCurrentPositionEx` `GetClipBox` `GetBrushOrgEx` `GetBitmapBits` `GdiFlush` `ExcludeClipRect` `DeleteObject` `DeleteEnhMetaFile` `DeleteDC` `CreateSolidBrush` `CreatePenIndirect` `CreatePalette` `CreateHalftonePalette` `CreateFontIndirectA` `CreateDIBitmap` `CreateDIBSection` `CreateCompatibleDC` `CreateCompatibleBitmap` `CreateBrushIndirect` `CreateBitmap` `CopyEnhMetaFileA` `BitBlt`
user32.dll (#2)	`GetKeyboardType` `LoadStringA` `MessageBoxA` `CharNextA`
ole32.dll	`CLSIDFromString`
kernel32.dll (#4)	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `GetTickCount` `QueryPerformanceCounter` `GetVersion` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `SetCurrentDirectoryA` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCurrentDirectoryA` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `ExitThread` `CreateThread` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
oleaut32.dll (#2)	`SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
ole32.dll (#2)	`CLSIDFromString`
oleaut32.dll (#3)	`SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
comctl32.dll	`ImageList_SetIconSize` `ImageList_GetIconSize` `ImageList_Write` `ImageList_Read` `ImageList_GetDragImage` `ImageList_DragShowNolock` `ImageList_SetDragCursorImage` `ImageList_DragMove` `ImageList_DragLeave` `ImageList_DragEnter` `ImageList_EndDrag` `ImageList_BeginDrag` `ImageList_Remove` `ImageList_DrawEx` `ImageList_Draw` `ImageList_GetBkColor` `ImageList_SetBkColor` `ImageList_ReplaceIcon` `ImageList_Add` `ImageList_GetImageCount` `ImageList_Destroy` `ImageList_Create`
shell32.dll	`ShellExecuteExA` `ExtractIconExW`
wininet.dll	`InternetGetConnectedState` `InternetReadFile` `InternetOpenUrlA` `InternetOpenA` `InternetCloseHandle`
shell32.dll (#2)	`ShellExecuteExA` `ExtractIconExW`
advapi32.dll (#3)	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
wsock32.dll	`WSACleanup` `WSAStartup` `gethostname` `gethostbyname` `inet_ntoa`
netapi32.dll	`Netbios`

Delayed Imports

1

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6633`
MD5	`ff4e5862f26ea666373e5fab2bddfb11`
SHA1	`cfa13c0ab30f1bbd566900dee3631902f9b6451c`
SHA256	`b8e6fc93d423931acbddae3c27dd3c4eb2a394005d746951a971cb700e0ee510`
SHA3	`91dae12a9f43c5443e0661091a336f882fa1482f75fa9a57c9298d1d70c8ae69`

2

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80231`
MD5	`2e87b3c111e3073a841775c1f8ec5a90`
SHA1	`20292304fa2ef1bfdc4a1000e90a1c16d4765a96`
SHA256	`ce19ace18e87b572e6912306776226af5b8e63959c61cde70a8ff05b3bbdcc41`
SHA3	`9527f09e739c2064835800a7e5c317cb422bdd7237f00fca079a1c62f58a2612`

3

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00046`
MD5	`a04c3c368cb37c07bd5f63e7e6841ebd`
SHA1	`699300bceaa1256818c43fecfc8cad93a59156b2`
SHA256	`ee1c9c194199c320c893b367602ccc7ee7270bd4395d029f727e097634f47f8c`
SHA3	`58722e3138aad1382e284c1605ecd665ced536de4906749ac8d6e11252cc9558`

4

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.56318`
MD5	`9929115b21c2c59348058d4190392e75`
SHA1	`626fba1825d572ea441d36363307c9935de3c565`
SHA256	`9d9edf87ca203ecc60b246cc783d54218dd0ce77d3a025d0bafc580995a4abd8`
SHA3	`fea156e872544252c625076a6bf3baa733ee5b3d5399716e156734af7a841369`

5

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6949`
MD5	`f321ad13d1c3f35a05d67773b4bc27d6`
SHA1	`30aded8525417e2531d5eb88bf2f868172945baa`
SHA256	`99676c52310db365580965ea646ece86c62951bfd97ec0aae9f738a202a90593`
SHA3	`04c839da98a8c50a36697076af5bc6d527560a69153b2f718f065908fd4fe3ad`

6

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.62527`
MD5	`5ca217e52bdc6f23b43c7b6a23171e6e`
SHA1	`d99dc22ec1b655a42c475431cc3259742d0957a4`
SHA256	`11726dcf1eebe23a1df5eb0ee2af39196b702eddd69083d646e4475335130b28`
SHA3	`b358d8a5b0f400dd2671956ec45486ae1035556837b5289df5f418fe69348b3f`

7

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.91604`
MD5	`6be7031995bb891cb8a787b9052f6069`
SHA1	`487eb59fd083cf4df02ce59d9b079755077ba1b5`
SHA256	`6f938aab0a03120de4ef8b27aff6ba5146226c92a056a6f04e5ec8d513ce5f9d`
SHA3	`0f1c6c0378a3646c9fbf3678bbeeccf929d32192f02d1ea9d6ba0be5c769e6ab`

BBABORT

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92079`
MD5	`c987e709cafd3a191333610e4c44914d`
SHA1	`901e4db5d379a222dd416776633ca9738db32e14`
SHA256	`c0ede68a98bd2bc58c78564dfb42f1640dc29766d3ab2782ab8b5ed28c6fd414`
SHA3	`7b14efd89b642988834daf08c97db5bb847f941d75f44a3915e3e5dca2510c53`
Preview

BBALL

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1e4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16995`
MD5	`f8a9b4a8f4097cea6a482026484c4d12`
SHA1	`2057a63edce2cbb165512bfad326728cf1053d60`
SHA256	`46cfc44afa8ab31ae3da35fa8346e4c085c441659d9992b09fc8ad517f2b289a`
SHA3	`f3852a8bcb1b38f498231cca2b0427af6c4c52886f92f980968d40fd8e8c5337`
Preview

BBCANCEL

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92079`
MD5	`c987e709cafd3a191333610e4c44914d`
SHA1	`901e4db5d379a222dd416776633ca9738db32e14`
SHA256	`c0ede68a98bd2bc58c78564dfb42f1640dc29766d3ab2782ab8b5ed28c6fd414`
SHA3	`7b14efd89b642988834daf08c97db5bb847f941d75f44a3915e3e5dca2510c53`
Preview

BBCLOSE

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.68492`
MD5	`6c2fba077bd332b3a48d6b5e43fe4a22`
SHA1	`e7d12e9fd5659881742773884db8ca537765dc81`
SHA256	`f8e1696801fe89b88936ac4226cea03bfa5aa345aa33ca982822ae7fbc6557e2`
SHA3	`39193ea4b2ffb32f16c75ca88ca20465a374cd928aac9b4b3ba5739bbb6222de`
Preview

BBHELP

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.88085`
MD5	`1021657335ba4838db07f5231723df3b`
SHA1	`68f04f6ecbf628029e4e0061392029edec2b0e43`
SHA256	`cb7421b5c6af74c3159c361f3bb78bba8a488d8979d1250e106fa96cbf928789`
SHA3	`888ed4f8473561552d848c3d6624e2331c4ec7795bc5001237cb752b96e4929c`
Preview

BBIGNORE

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.29718`
MD5	`098b5f6c87471f5a83a4e55a6a036d6c`
SHA1	`e16d9186ffa72cc3e373cdf8e40f9e570f0082e7`
SHA256	`41f05a4df5f42d92b879493d51941de342d36460fe15c0f3b63b2b706b928fef`
SHA3	`7939e94342a45e6742dbf7c93f5b42fb861ac81b1fe5e8e04e49c0421338b2cf`
Preview

BBNO

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.58804`
MD5	`8832519641f28981f87e1b3006896eef`
SHA1	`916eaafcf9ffb12bfd6338419bdd22764778ebbd`
SHA256	`81265e63c89ee5c2e5126452e22f84e9be9452449f3e5959ab6d346cb58b2bde`
SHA3	`39743ce838b215420cbb732e107e4c45f63384dcdd5b830d15097fa06cf32cc2`
Preview

BBOK

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67459`
MD5	`4b349737af0b7e5a5308dff7b93b274b`
SHA1	`b3d36a94fa9a57ad7a68a3b30be92947e811e760`
SHA256	`6b97877cdd547e6ba6467f86055f1fc7b06660b034439f0da4c137538ef14a83`
SHA3	`b9e9646067eae58ad9aded92130651d090a92771bae94676003e9aba47f77cd6`
Preview

BBRETRY

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.53344`
MD5	`7daf7522622a4fe823701fd2ff6f4996`
SHA1	`89f40bad3052afafbd71e80c07b928ec1aa7f4e5`
SHA256	`c925e4a8cbf6d42dbb1220a510614df725558f8d843338982bab8c4e020f6429`
SHA3	`95aa592de7b91edb5889cf5f9a7b042d3b6f6910bbd657ba85632f0d0ed557fb`
Preview

BBYES

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67459`
MD5	`4b349737af0b7e5a5308dff7b93b274b`
SHA1	`b3d36a94fa9a57ad7a68a3b30be92947e811e760`
SHA256	`6b97877cdd547e6ba6467f86055f1fc7b06660b034439f0da4c137538ef14a83`
SHA3	`b9e9646067eae58ad9aded92130651d090a92771bae94676003e9aba47f77cd6`
Preview

PREVIEWGLYPH

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xe8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.85172`
MD5	`48276e8432af5a23af78e1d23de8ef5a`
SHA1	`12fb57606d03e3fe28263e3e9e96b4eedc79aef7`
SHA256	`78507a772de646626b196a743cee75b298a68c33a0fd482842071519d59037b2`
SHA3	`1cf31d53c7ea5dbe90181cb2db39ce6cd21484f5495b0af59f5c6164d9b3d3d0`
Preview

1 (#2)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0951`
MD5	`d77c6965b992d65d776da7730fbcb672`
SHA1	`59d10799b0a5ac9e8c1217695352734e50fa60a8`
SHA256	`d6dd08ff7c2b0ab50ec56969f2b487c486e8d4e4194045b1d8c2f3540afc3d7d`
SHA3	`5d9ff5c507693894a6acaf6f55a6a3c3cfa586b5ab3c4a60c874088910b4618a`

1 (#3)

Type	`RT_ICON`
Language	Turkish - Turkey
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.51839`
MD5	`3f9038d76d7a3b4ad13a5ccda818b73f`
SHA1	`6a58af8024e321d2d2f4f1e917764bfbfad57046`
SHA256	`6337744af29ef05448693f358ecca2ebaf50c1e5727984b3ded297eaad620656`
SHA3	`9e68e0db5bdba6ab4fbc1e1df75bfdb5273ec7f7a58ea17974dbce342ddd4e1e`

DLGTEMPLATE

Type	`RT_DIALOG`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x52`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.5627`
MD5	`db949b51eec31f37281a7fa424a3e158`
SHA1	`f61214ce31a91d174e77f12c90f18ddd4e265a1d`
SHA256	`771f64afb45a9edc8c4f6c5b2039f9b32623cea53bf0cab5bf1f371cc5d1abe4`
SHA3	`4a2bc09771734352d594a48fe2249ca0697c471d80a4001f60c6d86c46b6319e`

4073

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x358`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23351`
MD5	`a6f2373b99beb650aa1caeab168b3d39`
SHA1	`dd5367f985745376fa19fb239d14bafa6638bc0a`
SHA256	`9406ad45100979271d17583bd0a5b96faf9fc8e2c404d119243c7a07dec91ea5`
SHA3	`eb372a087bb0944d4f477979347bc8ff80bda4cc30212b1062ea68b63bdeadfb`

4074

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x428`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23989`
MD5	`5892bee886fd0ddf12acb0fe8d8473a0`
SHA1	`f92fdebc36e4af41774b16b0204826371c0da039`
SHA256	`48f94d39fddf5b49cd62e37f087ac3b173867887b6a0c7910c2823ebf154c45a`
SHA3	`9384c6069d8eef859af826891889048ae91229c8b69da0e4c925adb9da64acf9`

4075

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x3a4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.15413`
MD5	`098adb52b563368c5e7e3c77b4a9b3c3`
SHA1	`b58900734c73d0ba08ff7dd8fcf700773e056c48`
SHA256	`8d5c0458d17f37b964ffbede71dad948082861df4ac4ef52b9df9660a1dbfd5e`
SHA3	`26df17ff49360cf58de14f43d4b25fa77298f35094d88dadd8858a3e360a0ff8`

4076

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x3bc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14046`
MD5	`0f8af353fed94799ea3c812a99aea8a3`
SHA1	`722a73503bcfe91409d6f1878e8c3f935f2e64af`
SHA256	`fd892046a2c300ae0db1b95758644a279ae55deb5ede1aee3b0762f644dadab1`
SHA3	`a5e08cb6ddbc520cc8b52035b80ec858d57d371459ccd28a0ac29cdec587d63c`

4077

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2d4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.30247`
MD5	`710161b53ad834835cf2eaf81cc39182`
SHA1	`3650a8cca58ee875398676ba9346a40f05a5c216`
SHA256	`f1c4ccdaf0b6b9497838b39b4192241d3e234e8049416300ac784c2fd8a2f4d2`
SHA3	`d7fdb2c180395087bacb63539f5d6f69e8ace5e237b3713aa86187fac5cd8593`

4078

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x334`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.306`
MD5	`64b481d00e723ebdd04436b11ddea3f5`
SHA1	`62e8d6e7a8a53a0e08a5557a4f264b9649322044`
SHA256	`73059ae649fdcc96c78d5bb590de1b31a930e3289091d3cdb50f1b5790fa568c`
SHA3	`8ab1918b1b4e752b402b250bacdedcc2aae90074c747ef673ba2e7dc97d20baa`

4079

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x42c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.29848`
MD5	`6d29e877dee0ddce59864d42c8ef85e1`
SHA1	`0547368e7ce9ac5ec5a902295fa8ef580fce8d5a`
SHA256	`606fb52153d458210317a109d47686cdc16b014bcb3bdfc0289e957064089b9b`
SHA3	`ca1891c7a3f46e2518e4e452623b59132707b46bf97694f2f62665917b7f47e7`

4080

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33189`
MD5	`1902837f7c063afc70da410f12f7879c`
SHA1	`b5d613abc959c00aa9076af5f812a53d311184f9`
SHA256	`f534be58036ba5fe6d0304f55a7854eb3be404b9749f90b377aae264fafff9e6`
SHA3	`8c8273cbfcbc411afe78a3a6d8fea5fbb4fe611bbec0f076831b7281cd07961b`

4081

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1c0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28338`
MD5	`d9590e4f1b2cf38b28ab727e130b10bb`
SHA1	`98debb95d7de69657b42e3787c72c59cb9548941`
SHA256	`051b09c8f17e697b0bd33cf78f6c1353a57952311ce0c42b8247b9b95dfa55b4`
SHA3	`4a7c0142584ccd12ed60d8ac67ac3244c1fafeb450550941b789e01031360a96`

4082

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xdc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03099`
MD5	`d3a50c099029374ad001864ee974ed89`
SHA1	`3990879815a751e3d69840465372c0abc3a8bc42`
SHA256	`9793da0b5d865b5c7459898963efdded269c1adbf9f9e1642a41022767602487`
SHA3	`2c82ba3c538d9993d10eae30c5ba8fa32f94d5498d6100fa78dacb54da905da6`

4083

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x320`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24199`
MD5	`f06779f034cfbdab1e27e2f7bb9c9fbf`
SHA1	`65ba8d24345089a800ca3f15feee0f910a205766`
SHA256	`6f21318189a8fa483926858c8c2ccb45b443ad29ec952c55888e2f2fc0db73a4`
SHA3	`11cd1a747219f7a8cd4b09dcc6c19b6abb39104240d3e79c03f9d7cd75712f0c`

4084

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xd8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09173`
MD5	`25695a954609ca8abe40e8c1d7ce8b70`
SHA1	`0076d0bedff6e3332994667a702d45945decb78b`
SHA256	`8a116965e47a126e76a52213dd5c82d32988b906d4c98a90f483a5d8d4a4731e`
SHA3	`269b61e990c47329e67f45e11d7d6d409b1fd1eb8eb019a1be2a009dd74cc3f4`

4085

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x118`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16123`
MD5	`4f1b1b03683befc152382b1c5fdb94de`
SHA1	`3d01f7f502352ed868ca4ec1e93b03c8289a57ef`
SHA256	`b916a1a33c30ee9f9ce0f66d301c2a8680174e765fa64c97fbab32cf31690638`
SHA3	`1ee8d98c56a3afd4c14eadc4aabef811b2ec3bfad1afb6f17ff9aabfa4b829e1`

4086

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x268`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25574`
MD5	`5de5280a801918f3af8126196f247411`
SHA1	`5a82dfd66abeb985dfc137aa630c0fe7f21c42b0`
SHA256	`1fb450810c56933c01a31ede713549ec027f70e9e9c93cc87f1fbf0fa69fc266`
SHA3	`0ce19a05532a5922e9be9bf9a9dfbc1baf13f5bc2ef68b50b6dbb2c710ed7392`

4087

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x3f8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.21043`
MD5	`0dc1a90ce8c4b67c00226054464432a7`
SHA1	`853b38a6753c97be7f12b18ad47226d812c266ad`
SHA256	`db72fc4acec5aec31f6965314a9dc108611a1b82b1cb675b0570ed8d61b59007`
SHA3	`af2b4203f6cdf7abcf3e6fbae4a77e3c57ff54b13136eb16e38d8ae506a186d6`

4088

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x378`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.19243`
MD5	`0ab9ceafe097427fd53db8af43d296c4`
SHA1	`cf92520b74232811fcc9a113b03f4b0783be4cee`
SHA256	`9ab26754885eda425dcf0a58977d4da2307b5793b8fa5f8b7df31761d2c80b6c`
SHA3	`17b1d02402ee5c9ace6c4878bbacf1ef4b48418771c4e8cf9c0e7a71c2d02a3f`

4089

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x380`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25179`
MD5	`4697032f2f886db875d89bf3cf599fd8`
SHA1	`38b5b9883c55f976ba68fe4b1d3f1a9009dcb4f1`
SHA256	`2c19967d95bd04d6d4a5fabca1188b266bc5b3d5e22b414537acc746fcd92ef6`
SHA3	`ca3170e27544c1fe3edb1890a3b048185e53de5b23542eafe055b5bbdc193800`

4090

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x374`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25246`
MD5	`f688f35e311fdb2e373ab0ab1d5d52bb`
SHA1	`00d186488ecc36ade025cb63b1743573e0628d1b`
SHA256	`7f4902d1959e79f5816454e6798a5d72b772cefe4b3bb8dbfffafb1834568697`
SHA3	`f61402701fbaca88c86a1efbcdc58cef081eb98e0483f8afb0949b1848db6115`

4091

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xe0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97649`
MD5	`edacfeae8b456a96821e97ae18c4a691`
SHA1	`38e59e8842a2a59f0be1a408b0273bb7c642c51b`
SHA256	`05460789da581e375d4a9626e7dc592714a2cc7535497a08dbbb78521fc7a964`
SHA3	`53315876399bdf8a02d6dea55a8cfd9457c7b00d79a2d3c28baefe7c14a764a2`

4092

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xbc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76133`
MD5	`55fa4cc1ed4ce4e726d0098875d2b5cb`
SHA1	`7dae1a9180164a1813efd50041ffbe048ad7beef`
SHA256	`8a87da2d7d96cc00a994fd755cac4285d1d05f578c6f7f9292bda53cb182b0b8`
SHA3	`88e01c5611f4ad1b44a969f2e270f7f19121f86a4491490bd526bd3829e9c1b7`

4093

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26968`
MD5	`3eeb9f878a484bb3eb0713dc4af9ec4f`
SHA1	`5ee6a53027e6106d384d247720a884ed92524bd3`
SHA256	`28fa1bdd9fde66292bf9e89d02f8ee2fe49a9fdcade6cf07d917ee59075c345e`
SHA3	`2e5307906661bb4299d3c6d917bdb906367754852933203c0e50f7cdcb4c25bf`

4094

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x3fc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24135`
MD5	`976c5021d43aba4932c3860d073401b4`
SHA1	`ab5a6952cae8d2f35236ee5c04d20519e3f965a8`
SHA256	`50724df651f6ecc7dcb00851d5003cd0bec67c99445a41b5fe1a46ddc3f88024`
SHA3	`4401263a58540e5aa2436cbaf939b63c29832a10a3cb754906924a0a0204e7d9`

4095

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2fc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.20486`
MD5	`f70e9c316c8b4e969172b418391d0708`
SHA1	`9f209a20bb08cb94c167fe5bd20bdf0f238768f5`
SHA256	`b6764bfcca8110bf12518f0c04d74c3e5c5d2b83bad0c55947c4a70cd20cbfc2`
SHA3	`a9cfb5d02a78b56d40ef6f3766c92c9b65d9b85fcd520d480b8c724d1948edb7`

4096

Type	`RT_STRING`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x354`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11098`
MD5	`3a6124c4b8bd2ee5751d3fca9914355b`
SHA1	`915ba1f2fd596911cea7903dd187d07b0d87614a`
SHA256	`d5a14a12e214945e49ef2029984a595603bf41798a8555b27f0c1907c9167f6b`
SHA3	`9c811c5bd841032d284c89c168bf7b0efb1a77bc622ccccd11ae0aaeae197b04`

DESCRIPTION

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x44`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82288`
MD5	`e335b1a3cbc8391f431005bd104dab0c`
SHA1	`5e91464e73e79358e44bd35eb05616245d1eedd0`
SHA256	`b81183489531e29e300a262d179a86a174fbd787e4ca40e50970912a5b1785bc`
SHA3	`cef5560996af4fae81e3ed285ce311e02e874bf04b9eec39e7619b595eb9a5b6`

DVCLAL

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4`
MD5	`d8090aba7197fbf9c7e2631c750965a8`
SHA1	`04f73efb0801b18f6984b14cd057fb56519cd31b`
SHA256	`88d14cc6638af8a0836f6d868dfab60df92907a2d7becaefbbd7e007acb75610`
SHA3	`a5a67ad8166061d38fc75cfb2c227911de631166c6531a6664cd49cfb207e8bb`

EXEVSNX

Type	`RT_RCDATA`
Language	Turkish - Turkey
Codepage	Latin 1 / Western European
Size	`0x3`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.58496`
MD5	`f0935e4cd5920aa6c7c996a5ee53a70f`
SHA1	`7224f997fc148baa0b7f81c1eda6fcc3fd003db0`
SHA256	`482d9673cfee5de391f97fde4d1c84f9f8d6f2cf0784fcffb958b4032de7236c`
SHA3	`8d61b12bdec88ea7f968739c5d7a4b16315a37125c1d6711e79b34aa23ce8e05`

KBHKS

Type	`RT_RCDATA`
Language	Turkish - Turkey
Codepage	Latin 1 / Western European
Size	`0x3c00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.85221`
Detected Filetype	PE Executable
MD5	`c0ef4d6237d106bf51c8884d57953f92`
SHA1	`f1da7ecbbee32878c19e53c7528c8a7a775418eb`
SHA256	`b9eae90f8e942cc4586d31dc484f29079651ad64c49f90d99f86932630c66af2`
SHA3	`7d13c1e8da7cb8125c6495aaa1b563a7f0c586ca2179986f87645ba04f7b8ce0`

PACKAGEINFO

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x64c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.33641`
MD5	`98e803a5cf7d91eb62dcf31a384f50cb`
SHA1	`e7e490e537e64f7ad9327fc39c71008b9b1e390f`
SHA256	`0e76bcb8dd589d6b867c947bcd558ab8e3f81c8e76075575214a574f3f998eb7`
SHA3	`f0cd43213725daf7a5f74ab31633972b09d0f22746e0e0174d5f72aff0af78b8`

TFORMVIR

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x153`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.4107`
MD5	`79eb760bd27b55c01c6838dd329055b4`
SHA1	`d3746004fa1e46bbe2c499744c5d95be1a3afbde`
SHA256	`274de2cda082c44a6680e508948f01cd14f75631b65af1be920a8cad7cd5394c`
SHA3	`87fd9a03a616f85ef47d21b47ad01f8dc76b8a2906e33cc66cc2ca81666cf57e`

XLSM

Type	`RT_RCDATA`
Language	Turkish - Turkey
Codepage	Latin 1 / Western European
Size	`0x47d3`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.52306`
Detected Filetype	Microsoft Office Open XML Format
Detected Filetype (#2)	Zip Compressed Archive
MD5	`e566fc53051035e1e6fd0ed1823de0f9`
SHA1	`00bc96c48b98676ecd67e81a6f1d7754e4156044`
SHA256	`8e574b4ae6502230c0829e2319a6c146aebd51b7008bf5bbfb731424d7952c15`
SHA3	`360d429239645ce0968d72e30a3138520f27c83f87d6296e32e3e9b3df4f5111`

32761

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.83876`
Detected Filetype	Cursor file
MD5	`a2baa01ccdea3190e4998a54dbc202a4`
SHA1	`e8217df98038141ab4e449cb979b1c3bbea12da3`
SHA256	`c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710`
SHA3	`8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc`
Preview

32762

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Cursor file
MD5	`aff0f5e372bd49ceb9f615b9a04c97df`
SHA1	`e3205724d7ee695f027ab5ea8d8e1a453aaad0dd`
SHA256	`b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c`
SHA3	`9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712`
Preview

32763

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`48e064acaba0088aa097b52394887587`
SHA1	`310b283d52aa218e77c0c08db694c970378b481d`
SHA256	`43f40dd5140804309a4c901ec3c85b54481316e67a6fe18beb9d5c0ce3a42c3a`
SHA3	`38753084b0ada40269914e80dbacf7656dc94764048bd5dff649b08b700f3ed5`
Preview

32764

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`1ae28d964ba1a2b1b73cd813a32d4b40`
SHA1	`8883cd93b8ef7c15928177de37711f95f9e4cd22`
SHA256	`ff47a48c11c234903a7d625cb8b62101909f735ad84266c98dd4834549452c39`
SHA3	`a85dadd416ce2d22aa291c0794c45766a0613b853c6e3b884a2b05fc791427b8`
Preview

32765

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`0893f6ba80d82936ebe7a8216546cd9a`
SHA1	`0754cbdf56c53de9ed7fbd47859d20b788c6f056`
SHA256	`a0adcedb82b57089f64e2857f97cefd6cf25f4d27eefc6648bda83fd5fef66bb`
SHA3	`ce6148ade08ef9b829f83cb13b4c650d9d4a7012bfd1ab697a7870a05f4104f8`
Preview

32766

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`dcaa3c032fe97281b125d0d8f677c219`
SHA1	`58fe36409f932549e2f101515abee7a40cf47b2c`
SHA256	`6e1e7738a1b6373d8829f817915822ef415a1727bb5bb7cfe809e31b3c143ac5`
SHA3	`02ef292e1b4a70e439e362af6b4fa213e3816ade45222b78dabab712b6afba54`
Preview

32767

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`a95c7c78d0a0b30b87e3c4976e473508`
SHA1	`b19f3999f1b302a2d28977cb18a3416c918d486c`
SHA256	`326c048595bbc72e3f989cb3b95fbf09dc83739ced3cb13eb6f03336f95d74f1`
SHA3	`8157b4e6afa7ed2e2ffc174d655bec9fb81db609e4c5864faa5ead931ff60689`
Preview

MAINICON

Type	`RT_GROUP_ICON`
Language	Turkish - Turkey
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.7815`
Detected Filetype	Icon file
MD5	`3c68f77c35c26ff079a1c410ee44fa62`
SHA1	`0b40150c95fc2c6414c90d44ee78b8d8814b3393`
SHA256	`a14e70ed824f3f17d3a51136aa08839954d6d3ccadaa067415c7bfc08e6636b0`
SHA3	`590dcbf2ec3f485a6c24e3e627f383ee7588eb49978321f12c07d8190a6c1396`

1 (#4)

Type	`RT_VERSION`
Language	Turkish - Turkey
Codepage	Latin 1 / Western European
Size	`0x304`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.22416`
MD5	`a6e9aa8194353930c6cd9072304cc826`
SHA1	`9b3e64e8f09252a40f099102e440e73e3290b11e`
SHA256	`85f6fa8b937925722f2daca9091fbbfbabe54189e016fd51ecc79e2d941ad045`
SHA3	`94cf6a698ee8ef79aba0da2369df21c6845695d110d7cb170a0e11a3fe2bdc12`

String Table contents

Error connecting with SSL.
SetCipher failed.
Error creating SSL context.
Could not load root certificate.
Could not load certificate.
Could not load key, check password.
Error geting SSL method.
Error binding data to SSL socket.
Mode has not been set.
Could not load SSL library.
SSL status: "%s"
Uneven size in DecodeToStream.
Uneven size in Encode.
Message encoder not found
Unrecognized UUE encoding scheme.
Request rejected or failed.
Request rejected because SOCKS server cannot connect.
Request rejected because the client program and identd report different user-ids.
Unknown socks error.
Socks server did not respond.
Invalid socks authentication method.
Authentication error to socks server.
General SOCKS server failure.
Connection not allowed by ruleset.
Network unreachable.
Host unreachable.
Connection refused.
TTL expired.
Command not supported.
Address type not supported.
Error accepting connection with SSL.
Software caused connection abort.
Connection reset by peer.
No buffer space available.
Socket is already connected.
Socket is not connected.
Cannot send or receive after socket is closed.
Too many references, cannot splice.
Connection timed out.
Connection refused.
Too many levels of symbolic links.
File name too long.
Host is down.
No route to host.
Directory not empty
Host not found.
TIdMessagePart can not be created. Use descendant classes.
Operation already in progress.
Socket operation on non-socket.
Destination address required.
Message too long.
Protocol wrong type for socket.
Bad protocol option.
Protocol not supported.
Socket type not supported.
Operation not supported on socket.
Protocol family not supported.
Address family not supported by protocol family.
Address already in use.
Cannot assign requested address.
Network is down.
Network is unreachable.
Net dropped connection or reset.
%s
Connect timed out.
Encoding text
Encoding attachment
Unknown Message Part Type.
Invalid Encoding. UU only allows Body and Attachments
%s is not a valid service.
Socket Error # %d
%s
Interrupted system call.
Bad file number.
Access denied.
Bad address.
Invalid argument.
Too many open files.
Operation would block.
Operation now in progress.
Only one TIdAntiFreeze can exist per application.
Not Connected
Object type not supported.
No data to read.
Can not bind in port range (%d - %d)
Invalid Port Range (%d - %d)
Read Timeout
Max line length exceeded.
@ Outside address
Error on call Winsock2 library function %s
Error on loading Winsock2 library (%s)
Resolving hostname %s.
Connecting to %s.
Connected.
Disconnecting.
Disconnected.
Cannot change the size of a JPEG image
JPEG error #%d
JPEG Image File
OLE error %.8x
Method '%s' not supported by automation object
Variant does not reference an automation object
Dispatch methods do not support more than 64 parameters
Already connected.
Cannot allocate socket.
Connection Closed Gracefully.
Could not bind socket. Address and port are already in use.
Failed attempting to retrieve time zone information.
Not enough data in buffer.
Winsock Initialization Error.
Set Size Exceeded.
File "%s" not found
Highlight Text
Inactive Border
Inactive Caption
Inactive Caption Text
Info Background
Info Text
Menu Background
Menu Text
None
Scroll Bar
3D Dark Shadow
3D Light
Window Background
Window Frame
Window Text
No help keyword specified.
Money Green
Sky Blue
Cream
Medium Gray
Active Border
Active Caption
Application Workspace
Background
Button Face
Button Highlight
Button Shadow
Button Text
Caption Text
Default
Gray Text
Highlight Background
Black
Maroon
Green
Olive
Navy
Purple
Teal
Gray
Silver
Red
Lime
Yellow
Blue
Fuchsia
Aqua
White
Ins
Del
Shift+
Ctrl+
Alt+
Clipboard does not support Icons
Text exceeds memo capacity
Menu '%s' is already being used by another form
Docked control must have a name
Error removing control from dock tree
- Dock zone not found
- Dock zone has no control
Unable to find a Table of Contents
No help found for %s
No context-sensitive help installed
No topic-based help system installed
&All
N&o to All
Yes to &All
BkSp
Tab
Esc
Enter
Space
PgUp
PgDn
End
Home
Left
Up
Right
Down
Metafiles
Enhanced Metafiles
Icons
Bitmaps
Warning
Error
Information
Confirm
&Yes
&No
OK
Cancel
&Help
&Abort
&Retry
&Ignore
Sub-menu is not in menu
Not enough timers available
GroupIndex cannot be less than a previous menu item's GroupIndex
Cannot create form. No MDI forms are currently active
A control cannot have itself as its parent
OK
Cancel
&Yes
&No
&Help
&Close
&Ignore
&Retry
Abort
&All
Cannot drag a form
Out of system resources
Canvas does not allow drawing
Invalid image size
Invalid ImageList
Invalid ImageList Index
Failed to read ImageList data from stream
Failed to write ImageList data to stream
Error creating window device context
Error creating window class
Cannot focus a disabled or invisible window
Control '%s' has no parent window
Cannot hide an MDI Child Form
Cannot change Visible in OnShow or OnHide
Cannot make a visible window modal
Menu index out of range
Menu inserted twice
Failed to set data for '%s'
Resource %s not found
%s.Seek not implemented
Operation not allowed on sorted list
%s not in a class registration group
Property %s does not exist
Stream write error
Thread creation error: %s
Thread Error: %s (%d)
Bitmap image is not valid
Icon image is not valid
Metafile is not valid
Invalid pixel format
Scan line index out of range
Cannot change the size of an icon
Unsupported clipboard format
Cannot open file "%s". %s
Unable to write to %s
Invalid stream format
''%s'' is not a valid component name
Invalid property value
Invalid property path
Invalid property value
Invalid data type for '%s'
List capacity out of bounds (%d)
List count out of bounds (%d)
List index out of bounds (%d)
Out of memory while expanding memory stream
Error reading %s%s%s: %s
Stream read error
Property is read-only
Failed to get data for '%s'
Tuesday
Wednesday
Thursday
Friday
Saturday
Ancestor for '%s' not found
Cannot assign a %s to a %s
Bits index out of range
Can't write to a read-only resource stream
CheckSynchronize called from thread $%x, which is NOT the main thread
Class %s not found
A class named %s already exists
List does not allow duplicates ($0%x)
A component named %s already exists
String list does not allow duplicates
Cannot create file "%s". %s
June
July
August
September
October
November
December
Sun
Mon
Tue
Wed
Thu
Fri
Sat
Sunday
Monday
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
January
February
March
April
May
Overflow while converting variant of type (%s) into type (%s)
Variant overflow
Invalid argument
Invalid variant type
Operation not supported
Unexpected variant error
External exception %x
Assertion failed
Interface not supported
Exception in safecall method
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
System Error. Code: %d.
%s
A call to an OS function failed
Jan
Operation aborted
Exception %s in module %s at %p.
%s%s

Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
Variant method calls not supported
Read
Write
Error creating variant or safe array
Variant or safe array index out of bounds
Variant or safe array is locked
Invalid variant type conversion
Invalid variant operation
Invalid NULL variant operation
Invalid variant operation (%s%.8x)
%s
Could not convert variant of type (%s) into type (%s)
Disk full
Invalid numeric input
Division by zero
Range check error
Integer overflow
Invalid floating point operation
Floating point division by zero
Floating point overflow
Floating point underflow
Invalid pointer operation
Invalid class typecast
Access violation at address %p. %s of address %p
Access violation
Stack overflow
Control-C hit
Privileged instruction
'%s' is not a valid integer value
'%s' is not a valid floating point value
'%s' is not a valid date
'%s' is not a valid time
'%s' is not a valid date and time
'%s' is not a valid GUID value
'%s' is not a valid boolean value
Invalid argument to time encode
Invalid argument to date encode
Out of memory
I/O error %d
File not found
Invalid filename
Too many open files
File access denied
Read beyond end of file

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.4
ProductVersion	1.0.0.4
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Turkish - Turkey
CompanyName	Synaptics
FileDescription	Synaptics Pointing Device Driver
FileVersion (#2)	1.0.0.4
InternalName
LegalCopyright
LegalTrademarks
OriginalFilename
ProductName	Synaptics Pointing Device Driver
ProductVersion (#2)	1.0.0.0
Comments

Resource LangID	Turkish - Turkey

TLS Callbacks

StartAddressOfRawData	`0x4a3000`
EndAddressOfRawData	`0x4a3010`
AddressOfIndex	`0x49b0c4`
AddressOfCallbacks	`0x4a4010`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`(EMPTY)`

Load Configuration

RICH Header

Errors

[*] Warning: Section BSS has a size of 0!
[*] Warning: Section .tls has a size of 0!