Architecture |
IMAGE_FILE_MACHINE_I386
|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
Compilation Date |
2019-Dec-20 03:53:01
|
Detected languages |
English - United States
|
FileDescription |
The Fabulous Toontown Rewritten Engine
|
FileVersion |
3.1.111.107
|
InternalName |
TTREngine.exe
|
LegalCopyright |
(C) Toontown Rewritten 2019
|
OriginalFilename |
TTREngine.exe
|
ProductName |
TTREngine
|
ProductVersion |
3.1.111.107
|
Info |
Interesting strings found in the binary: |
Contains domain names:
- crl.symauth.com
- http://pki-crl.symauth.com
- http://pki-crl.symauth.com/ca_d409a5cb737dc0768fd08ed5256f3633/LatestCRL.crl07
- http://pki-crl.symauth.com/offlineca/TheInstituteofElectricalandElectronicsEngineersIncIEEERootCA.crl0
- http://pki-ocsp.symauth.com0
- pki-crl.symauth.com
- symauth.com
|
Info |
Libraries used to perform cryptographic operations: |
Microsoft's Cryptography API
|
Suspicious |
This PE is packed with Themida |
Unusual section name found:
Unusual section name found:
Unusual section name found:
Unusual section name found:
Unusual section name found:
Unusual section name found:
Unusual section name found:
Unusual section name found:
Unusual section name found: .imports
Unusual section name found: .themida
Section .themida is both writable and executable.
Unusual section name found: .boot
Unusual section name found: .taggant
|
Suspicious |
The PE contains functions most legitimate programs don't use. |
Uses Microsoft's cryptographic API:
Leverages the raw socket API to access the Internet:
|
Malicious |
VirusTotal score: 11/71 (Scanned on 2020-06-09 05:28:40) |
Bkav:
HW32.Packed.
FireEye:
Generic.mg.17a4eebabaadf6a8
Cybereason:
malicious.1273b7
Invincea:
heuristic
APEX:
Malicious
Trapmine:
suspicious.low.ml.score
SentinelOne:
DFI - Suspicious PE
Endgame:
malicious (high confidence)
VBA32:
BScope.Trojan.Fuerboos
Rising:
Malware.Heuristic!ET#90% (RDMK:cmRtazopGGpmGIm568+/FN11B1Fz)
Qihoo-360:
Generic/HEUR/QVM19.1.0AFF.Malware.Gen
|
MD5 |
17a4eebabaadf6a842392c7d7106557c
|
SHA1 |
728071e1273b77a6109cced449b42624966caea2
|
SHA256 |
55a094b378582c30220e3cb8e00259fc3db6c31da323689326ae1c0cad295e0b
|
SHA3 |
fee898c165129e4eda08ce5721e87b881583e14e5bbcec91dd6cbc2a31ddd44b
|
SSDeep |
393216:DNtRgrjKR1xwreBR0HMSM29h2KWRCE5wdKNp:BtEjw1ureBUC29cKWkE+dKNp
|
Imports Hash |
a273d35efcc1e0d03af535c4e3a9ca16
|
e_magic |
MZ
|
e_cblp |
0x78
|
e_cp |
0x1
|
e_crlc |
0
|
e_cparhdr |
0x4
|
e_minalloc |
0
|
e_maxalloc |
0
|
e_ss |
0
|
e_sp |
0
|
e_csum |
0
|
e_ip |
0
|
e_cs |
0
|
e_ovno |
0
|
e_oemid |
0
|
e_oeminfo |
0
|
e_lfanew |
0x78
|
Signature |
PE
|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections |
15
|
TimeDateStamp |
2019-Dec-20 03:53:01
|
PointerToSymbolTable |
0
|
NumberOfSymbols |
0
|
SizeOfOptionalHeader |
0xe0
|
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
|
Magic |
PE32
|
LinkerVersion |
14.0
|
SizeOfCode |
0x1335000
|
SizeOfInitializedData |
0x570400
|
SizeOfUninitializedData |
0
|
AddressOfEntryPoint |
0x0313C000 (Section: .taggant)
|
BaseOfCode |
0x1000
|
BaseOfData |
0
|
ImageBase |
0x400000
|
SectionAlignment |
0x1000
|
FileAlignment |
0x200
|
OperatingSystemVersion |
6.0
|
ImageVersion |
0.0
|
SubsystemVersion |
6.0
|
Win32VersionValue |
0
|
SizeOfImage |
0x313f000
|
SizeOfHeaders |
0x400
|
Checksum |
0x12f3c08
|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_CUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve |
0x100000
|
SizeofStackCommit |
0x1000
|
SizeofHeapReserve |
0x100000
|
SizeofHeapCommit |
0x1000
|
LoaderFlags |
0
|
NumberOfRvaAndSizes |
16
|
MD5 |
e9b00223958ba390ffde05fd204be4bb
|
SHA1 |
776933bd3dbef24a0c20861b3d81d41883972e25
|
SHA256 |
10fd95b866485d833a917f44ac4b93b43927a152c93eaa81dbf88c475cb3bbd5
|
SHA3 |
c790cfe6f8c178f2c2b49a0dd77606761a1ce8528055ee37f29046590ec47b82
|
VirtualSize |
0x1334f91
|
VirtualAddress |
0x1000
|
SizeOfRawData |
0x709ca4
|
PointerToRawData |
0x400
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
Entropy |
7.98952
|
MD5 |
9e23add9606507d2ef1887f4688341cb
|
SHA1 |
870590fbc4bd14c540f3601f0e9b734b88e114e8
|
SHA256 |
d263c590845e3d641bcb454f1575c9847bfce3a21434932201096f359ed0989a
|
SHA3 |
3573636e65002b363fac0edb2c0301e39ba95a000d5d55fc702da1de3bd0f038
|
VirtualSize |
0x36cb24
|
VirtualAddress |
0x1336000
|
SizeOfRawData |
0x14d767
|
PointerToRawData |
0x70a200
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
Entropy |
7.98387
|
MD5 |
ae20bf00c15f1e7fe40fe56d5e86ca14
|
SHA1 |
b2e53c70adfc3d150b524219e89b9d8700e29ced
|
SHA256 |
45a6b1426761a1cca73c1de0ad5dbb9ef5be924cabf5d3a04c35bde5e80ccb17
|
SHA3 |
af6aac215c95d9ef75a96fba17db96dc063db4c961313eadf873b1c582b256d6
|
VirtualSize |
0x159074
|
VirtualAddress |
0x16a3000
|
SizeOfRawData |
0x2bf11
|
PointerToRawData |
0x857a00
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
Entropy |
7.96365
|
MD5 |
f51a5276241a50a07765d53880d233f5
|
SHA1 |
65d01dab94bd94c310624d6d5a9dfb9c879e5aa3
|
SHA256 |
0704fdded205bdaf80489b560e4b0bb80a22b32b848cab2f6f27d16d8c896f6a
|
SHA3 |
33aa2e8978d326401ed17a1bef23e491c7f228d48050bb85ab62135583107f78
|
VirtualSize |
0x4
|
VirtualAddress |
0x17fd000
|
SizeOfRawData |
0xb
|
PointerToRawData |
0x883a00
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
Entropy |
3.27761
|
MD5 |
885eb9f7c879568afe317cecfb42a738
|
SHA1 |
7c1ca7a4643823212a0acbfacf95628506e75082
|
SHA256 |
d70fa83c49affcadeceb93f33102abd198d189fde261cff8dbf2db475f2ca757
|
SHA3 |
1b86e59a87fd0bc76a4f2a70280214b31b34b77cdd7f28780da01a19eebb7b83
|
VirtualSize |
0x104
|
VirtualAddress |
0x17fe000
|
SizeOfRawData |
0xbc
|
PointerToRawData |
0x883c00
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
Entropy |
6.89741
|
MD5 |
ea820994c7d4b40f8fb5c159f943cc08
|
SHA1 |
ba50a27ce55508bca03e38e55cbcef010e5d24bc
|
SHA256 |
9a99bdd3650b5bcd5f58dd9459a4b365046c8af140f4eab89a4b2f71fc878e34
|
SHA3 |
277751655f1781481d17d9e2ddf12e1a162e4e2b2ae2dd4c527aca4baf8a1f39
|
VirtualSize |
0x9
|
VirtualAddress |
0x17ff000
|
SizeOfRawData |
0x9
|
PointerToRawData |
0x883e00
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
Entropy |
3.16993
|
MD5 |
b66575598f32ae855c4c8c0db203ca7e
|
SHA1 |
a2b5e8ff5facedbf10aef34ed7a7a6f1ef05523a
|
SHA256 |
7607488f3ad61ebda4bb4cd06016cf90e77fa8535990533b38cf2b68ea87aec7
|
SHA3 |
9859d77f8f4de9f5faf55254f6b6297b02508820a21f4f34f4a6f0091d0ef1cb
|
VirtualSize |
0x2b4f8
|
VirtualAddress |
0x1800000
|
SizeOfRawData |
0x1cc18
|
PointerToRawData |
0x884000
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
Entropy |
7.94834
|
MD5 |
0409aaf5c378cdbf53473452b5381468
|
SHA1 |
f8c0cd004867fec3250b9253ff5f65ccdb5a5c99
|
SHA256 |
a101e90ad351114db2f7b7d10461356a0b483d644b2e488d23796882c93cc130
|
SHA3 |
ce264eaeff0808517c46aafeca1859293a209f0f96270b64a733d47fda6a6099
|
VirtualSize |
0x137cd0
|
VirtualAddress |
0x182c000
|
SizeOfRawData |
0xb6123
|
PointerToRawData |
0x8a0e00
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
Entropy |
7.97214
|
MD5 |
549ce7ae1e380f0d7a10b2a54d0f63eb
|
SHA1 |
fac406b3d09ad41653e287ae9aa82a9dd7dc3bc2
|
SHA256 |
592890112b5c72337e212ac816af9cdde2c74fa3ae16ab3dabcb6ea8144d8242
|
SHA3 |
18c6f0fc2835b362e31236cfa673caf9636eb45a49eb7773d56dc195bddb7f79
|
VirtualSize |
0x1000
|
VirtualAddress |
0x1964000
|
SizeOfRawData |
0x400
|
PointerToRawData |
0x957000
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
Entropy |
3.89438
|
MD5 |
040f732ce9195de2373521db7cdf1477
|
SHA1 |
cd833927d3b02674325bcab76dc61dd20db96186
|
SHA256 |
5a701bd68b07a42bcf78f8cc1adc9ddf2daf96b3a858fe000ad774861171cccf
|
SHA3 |
991c4e28b9ae5482e4fbb67d534291726853dbd15d583e933f33d430acea692f
|
VirtualSize |
0x1000
|
VirtualAddress |
0x1965000
|
SizeOfRawData |
0x200
|
PointerToRawData |
0x957400
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
Entropy |
0.212584
|
MD5 |
ae0a5510cf6bb9a022d28b257f794db1
|
SHA1 |
e05b99cb53b769604ce165c29423ee357063f8ca
|
SHA256 |
b6b1fccb07586c7c2bfb8ebb085578440c194f0d63099da9c1c41129033041c8
|
SHA3 |
bf41c88d42c326f4cce441a09e0784ff99bb3a22bb711832a5fd7a9d50f0dfc9
|
VirtualSize |
0x2b600
|
VirtualAddress |
0x1966000
|
SizeOfRawData |
0x2b600
|
PointerToRawData |
0x957600
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
Entropy |
6.1419
|
MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
VirtualSize |
0xe42000
|
VirtualAddress |
0x1992000
|
SizeOfRawData |
0
|
PointerToRawData |
0x982c00
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
MD5 |
d599e329535293db668ad3139b73600b
|
SHA1 |
4f1eb243d4c1b9e5b1b3a08ca0e6851df3eee254
|
SHA256 |
e2af515541c2a24b9e854b3f762e51ab31ca568a87e9e421996407cff8eec7b4
|
SHA3 |
069c1b47fc3bc2203239e0c0eb9f9000d71f5b8b6bdfe6c7294a13ce1b04e143
|
VirtualSize |
0x966c00
|
VirtualAddress |
0x27d4000
|
SizeOfRawData |
0x966c00
|
PointerToRawData |
0x982c00
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
Entropy |
7.91229
|
MD5 |
8b22cc1657ede389f2215a0400861946
|
SHA1 |
317567fd3b7be02449eb06d898fd1c43ea77eca1
|
SHA256 |
08a515d966f1d6198627739e7359b98109e252a5efd6aa37cc5b3bcd57deb2dc
|
SHA3 |
06c4136b1245b95eb0c08b93b53fbb497ae6423a9d66ef21b4058be2647ba3a9
|
VirtualSize |
0x1000
|
VirtualAddress |
0x313b000
|
SizeOfRawData |
0x200
|
PointerToRawData |
0x12e9800
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_MEM_READ
|
Entropy |
0.194395
|
MD5 |
b6ea289b4a9ea12aa7872b1c40a11c2d
|
SHA1 |
71124464f16da4602e9089da612033ee4a64874d
|
SHA256 |
6963c2ac5c7ca3b69730adfa76298012669f86312c2bc82c5b50c92b984e1287
|
SHA3 |
3a727a943b9af08c8dbf479c48880fc643477079751eb12e5316dfcc7b024be4
|
VirtualSize |
0x2200
|
VirtualAddress |
0x313c000
|
SizeOfRawData |
0x2014
|
PointerToRawData |
0x12e9a00
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
Entropy |
3.88447
|
kernel32.dll |
GetModuleHandleA
|
USER32.dll |
AdjustWindowRect
|
WS2_32.dll |
WSAAddressToStringA
|
OpenAL32.dll |
alBufferData
|
ADVAPI32.dll |
CryptReleaseContext
|
SHELL32.dll |
CommandLineToArgvW
|
CFGMGR32.dll |
CM_Get_DevNode_Registry_PropertyA
|
IPHLPAPI.DLL |
GetAdaptersAddresses
|
OPENGL32.dll |
glAlphaFunc
|
GDI32.dll |
CreateCompatibleBitmap
|
IMM32.dll |
ImmGetCandidateWindow
|
CRYPT32.dll |
CertCloseStore
|
OLEAUT32.dll |
#200
|
ole32.dll |
ProgIDFromCLSID
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x468
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
5.56291
|
MD5 |
6a130853154f81d22a937587da7ed309
|
SHA1 |
593002e63f1dd0c8f2af9c530f23436e29571eaa
|
SHA256 |
0e3d1b7610a21f9d75dd0cfd0eb7dea617d6a45bae711506bf0258611ab2caf1
|
SHA3 |
04144d5106031e2101a7ecaf0bb0514bf05c5801f26fff7f2588d384fd5abcb8
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x988
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
4.72183
|
MD5 |
277b5c266899319101dc28d6ea3d7cb0
|
SHA1 |
e56542b9227445a687135526c8153adc9931c41b
|
SHA256 |
69af4e6e677981f2e3d7dc369f999945199b03579be82220d0e26ec473a34bce
|
SHA3 |
f3cce4e6bd301c048eb3c6a7197b8dda133624cec14fd86b792a95329dfa6af4
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x10a8
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
4.08828
|
MD5 |
a027164452671d8b46f73fb98df31e4e
|
SHA1 |
e7e538c9ccdb98627c90baf6a3c09828dcff40b0
|
SHA256 |
6fbaa2537d0cfed96f1e1f40ee6b7c968b3533173a587f7e1d0b30d50139657a
|
SHA3 |
b64b889b0d04c5417f579a0e29d3646648af027d7ec13b809c26253ebd1b5e44
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x25a8
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
3.4467
|
MD5 |
148c83f0a770875d46535c4e420bb57f
|
SHA1 |
792f280194dd8c1f5db0940eb9c5041d992ab2f0
|
SHA256 |
0139faa52e35b281a2b37d0d37acc0ff5f9cc8aae53be2454cb589f556498d2c
|
SHA3 |
c52ff3d1b8cbac1c4612f2b64ca20de3a4b771209a1c705533b976fa868d6ab6
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x10828
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
2.68903
|
MD5 |
a7d8a82e971ccb6b13ccb26825c654bb
|
SHA1 |
cb93f93362d836516e62a8ff7ae1f15156a50d45
|
SHA256 |
bf3db0a1857a871719f53fc69f1f8c5caee48704414365410147b1e269c28528
|
SHA3 |
bf0369602c35ef4311884d13aaa2e76aa3d9f6dd7501cde2183cbb8b04c4f341
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x161ec
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.97992
|
Detected Filetype |
PNG graphic file
|
MD5 |
4131ba256e5f257d93700d8a8178d1a7
|
SHA1 |
efa4bd20f63d9053ad0368c0e260c729f90153ca
|
SHA256 |
e9f915ac7f77e0657abdbf9cd8df8e0705c1da41552f05138a178017a506ae74
|
SHA3 |
8494f028cb16d24ff097dedf6f880f60355e444c0757838a5e8d5ef4a6bea887
|
Type |
RT_GROUP_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x5a
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
2.84676
|
Detected Filetype |
Icon file
|
MD5 |
191008cf823f06ab3c4a23f953d41476
|
SHA1 |
0b639441a9afb4749d9db6a60598a27b5b66d2b2
|
SHA256 |
40da8647f170a7245c844ca7e01ba86d0a78fb26d34c3e9957a7c2b9776e48c3
|
SHA3 |
7cd23e6029a9813759343fe0ac8ddc7ffa55e3274bc898ff7f9947afeb01e0d6
|
Type |
RT_VERSION
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2d8
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
3.43424
|
MD5 |
67d8e0a722d365d91cfee6a5540afb41
|
SHA1 |
53a0e32d1b9e5a0087f8c92ced5f474d9e2bd601
|
SHA256 |
e8c72c919151ac9f5489aa065267ef822ece0f24c32786f2bcec30cbbefbf30e
|
SHA3 |
f38215a7d580ab7a438216c9118298be6d3e77ea3beb81f5fde52e5cb89887cc
|
Type |
RT_MANIFEST
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x143
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
4.71208
|
MD5 |
9ce8c70178061cc4cf4a6bb1e291df93
|
SHA1 |
dc9804dd3aa348fb0c05f53c53c698518af514a0
|
SHA256 |
6f88bc7cb02ccb2dbc26b5f4ce53e355b331e31bb920b2ba8cbbcd1b5d4cd5a0
|
SHA3 |
9492809889cb617928395fd8b46fc6dd11eeb9b1101175bd478b7c4ca5bc10e1
|
Signature |
0xfeef04bd
|
StructVersion |
0x10000
|
FileVersion |
3.1.111.107
|
ProductVersion |
3.1.111.107
|
FileFlags |
(EMPTY)
|
FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
FileType |
VFT_APP
|
Language |
English - United States
|
FileDescription |
The Fabulous Toontown Rewritten Engine
|
FileVersion (#2) |
3.1.111.107
|
InternalName |
TTREngine.exe
|
LegalCopyright |
(C) Toontown Rewritten 2019
|
OriginalFilename |
TTREngine.exe
|
ProductName |
TTREngine
|
ProductVersion (#2) |
3.1.111.107
|
Resource LangID |
English - United States
|
[!] Error: Could not reach the TLS callback table.
[*] Warning: Section .themida has a size of 0!