Manalyze report for 17c89fae2ca1c86fdeface8c7cb44bc4

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Dec-13 21:33:53
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.
Debug artifacts	C:\b\c\b\win64_pgo\src\out\Release_x64\initialexe\chrome.exe.pdb
CompanyName	Google Inc.
FileDescription	Google Chrome
FileVersion	`63.0.3239.108`
InternalName	chrome_exe
LegalCopyright	Copyright 2016 Google Inc. All rights reserved.
OriginalFilename	chrome.exe
ProductName	Google Chrome
ProductVersion	`63.0.3239.108`
CompanyShortName	Google
ProductShortName	Chrome
LastChange	d2626860fae283daee484943e6820af18fc73fd9-refs/branch-heads/3239@{#676}
Official Build	1

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to internet browsers: chrome.exe iexplore.exe` `Accesses the WMI: ROOT\CIMV2`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1`
Suspicious	The PE is possibly packed.	`Unusual section name found: .didat` `Unusual section name found: CPADinfo`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW LoadLibraryW LoadLibraryExA` `Code injection capabilities: VirtualAlloc OpenProcess WriteProcessMemory VirtualAllocEx CreateRemoteThread` `Code injection capabilities (mapping injection): CreateFileMappingW MapViewOfFile CreateRemoteThread` `Can access the registry: RegQueryValueExW RegDeleteValueW RegOpenKeyExW RegSetValueExW RegCreateKeyExW RegCloseKey` `Possibly launches other programs: CreateProcessAsUserW CreateProcessW` `Can create temporary files: CreateFileW GetTempPathW` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtectEx VirtualAllocEx VirtualProtect` `Has Internet access capabilities: WinHttpConnect WinHttpOpen WinHttpCrackUrl WinHttpCloseHandle WinHttpOpenRequest WinHttpReadData WinHttpQueryHeaders WinHttpAddRequestHeaders WinHttpSetTimeouts WinHttpReceiveResponse WinHttpSendRequest WinHttpWriteData` `Functions related to the privilege level: OpenProcessToken DuplicateTokenEx DuplicateToken` `Enumerates local disk drives: GetDriveTypeW` `Manipulates other processes: OpenProcess WriteProcessMemory ReadProcessMemory` `Changes object ACLs: SetKernelObjectSecurity SetSecurityInfo`
Info	The PE is digitally signed.	`Signer: Google Inc` `Issuer: Symantec Class 3 SHA256 Code Signing CA`
Safe	VirusTotal score: 0/67 (Scanned on 2019-11-21 14:59:59)	`All the AVs think this file is safe.`

Hashes

MD5	`17c89fae2ca1c86fdeface8c7cb44bc4`
SHA1	`75ac16e2b8d057bc089851e151e3559158f138e8`
SHA256	`f459649857c06d6f92d979a22181f29d4017a95a336f06d12911c6b8a3f8aadc`
SHA3	`d2103405144995d519731dd72fc185985320f881ab8a1d64d8e17042dd1b191d`
SSDeep	`49152:ukhrn8a54t8t6w604Nmw0BvF32jtCGs2pTYxbI6Wi:B+6pb`
Imports Hash	`8801baa6a9c873274f023db996b529dc`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x130`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`8`
TimeDateStamp	2017-Dec-13 21:33:53
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xfc800`
SizeOfInitializedData	`0x8b200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000000D7440 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.2`
ImageVersion	`0.0`
SubsystemVersion	`5.2`
Win32VersionValue	`0`
SizeOfImage	`0x18c000`
SizeOfHeaders	`0x400`
Checksum	`0x1863e0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`c834f818085c3476c7e61819e060fa6e`
SHA1	`b041c70ab368437d3267b534b63d53000c1be2fe`
SHA256	`66b9e543a7af3ba4a4bfed330c65c1d28629d01707c917a39dae612cb32dc443`
SHA3	`99bb31d8c27a2fac7c6aa31a92f91726599c1f7d46d7eb1fa4dda11e12c40d27`
VirtualSize	`0xfc6cc`
VirtualAddress	`0x1000`
SizeOfRawData	`0xfc800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.42528`

.rdata

MD5	`4e4354c2f8c46b354d7705d54bb3219f`
SHA1	`a998dd528cbf59cb13746424e2bc0013d2e0da3e`
SHA256	`273f1039f7200fc0ad6de6452f09d2a05fdb33490d839e8ae10a9698519238a4`
SHA3	`b6eb34434fb0a781d741bc74bcd61ed9d8811317dd6ea990a72011e15b5aecc8`
VirtualSize	`0x34f1c`
VirtualAddress	`0xfe000`
SizeOfRawData	`0x35000`
PointerToRawData	`0xfcc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.65473`

.data

MD5	`958da0d2dfbdb1bc8b4a263f7b7ac898`
SHA1	`bfb8f7127b06adf3bdcbb631f58a7c1aed96f7bc`
SHA256	`0e85551005085639613420d92eb0912c00355458c2638daead817464574f8958`
SHA3	`45a4a8fc6180d84944b44566ccf1db698c45da5c039457cbc079c79effd8f3d7`
VirtualSize	`0x6c00`
VirtualAddress	`0x133000`
SizeOfRawData	`0x2000`
PointerToRawData	`0x131c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.01745`

.pdata

MD5	`28452c2331af2b52216c76209d908de1`
SHA1	`28ae5b9507fe0ed239b09b69b1b70b0a4f9d73d3`
SHA256	`fe3156c13b003a24f8e49c6f822be0bba5e16b30716ac1a43e8ced205882424f`
SHA3	`b6e272be0eb2a76ce81fd655c01cfa9e7e3ca92a9defac011d650b47a768a60f`
VirtualSize	`0xc738`
VirtualAddress	`0x13a000`
SizeOfRawData	`0xc800`
PointerToRawData	`0x133c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.01697`

.didat

MD5	`cc8c843dc4bde939b5496703b7ee19d3`
SHA1	`1aafb3473855a78b655bd4a2fe7612ae78a183f3`
SHA256	`5b61a16fb2b49df4d860c2e5569f826d98fe7356438790e32bcbfa74c5e0404e`
SHA3	`cb7a5981bda299ad627e61a84fbdc5dc7d197ddfc0c99303dafd7eb3db8f8cab`
VirtualSize	`0x70`
VirtualAddress	`0x147000`
SizeOfRawData	`0x200`
PointerToRawData	`0x140400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.805749`

CPADinfo

MD5	`a154967d3d33a42a5b18a2d2179eafc2`
SHA1	`cbab8363d3d31cee94df271f36646977bda7a406`
SHA256	`e03d2e7c1f9143a975309854f727969b9637993e251d44d3cb2abfe781761458`
SHA3	`3d32022437a0bb8874da0fc99294143b749bec301233d7e6586906fc5c452285`
VirtualSize	`0x30`
VirtualAddress	`0x148000`
SizeOfRawData	`0x200`
PointerToRawData	`0x140600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.122276`

.rsrc

MD5	`132d52879f4f362cc3f2d3645ee00666`
SHA1	`769cc3d86d73a267de526dd169142b297d385b77`
SHA256	`f94b8dceba14ce41323a143c9f356829ed5892fb0f79f31188516abebb81820d`
SHA3	`3bae5b83e798602a1099f82837a3de523ebb17543c1c4b1a6d136dcdf45f6ea2`
VirtualSize	`0x40a90`
VirtualAddress	`0x149000`
SizeOfRawData	`0x40c00`
PointerToRawData	`0x140800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.93289`

.reloc

MD5	`d8c23eb7ef4fa8764b99aad565629dcb`
SHA1	`6a186ee014804b0458adce9aa657329f73220b80`
SHA256	`ccb73ad76e6ea126707806dd26dcbac6fce295b5693e14efc9168b0ad52f14a3`
SHA3	`28639b9e2a9493c241ecb27333347dc3c861d85150a080d1209c1743f5d37c68`
VirtualSize	`0x1ca4`
VirtualAddress	`0x18a000`
SizeOfRawData	`0x1e00`
PointerToRawData	`0x181400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.38907`

Imports

chrome_elf.dll	`SignalInitializeCrashReporting` `GetInstallDetailsPayload` `SignalChromeElf`
ADVAPI32.dll	`ImpersonateNamedPipeClient` `SetEntriesInAclW` `GetSecurityInfo` `CreateWellKnownSid` `GetTokenInformation` `ConvertSidToStringSidW` `OpenProcessToken` `RegQueryValueExW` `RegDeleteValueW` `RegOpenKeyExW` `RegSetValueExW` `RegCreateKeyExW` `RegCloseKey` `SystemFunction036` `EventUnregister` `EventRegister` `EventWrite` `RegDisablePredefinedCache` `RevertToSelf` `GetLengthSid` `SetKernelObjectSecurity` `ConvertStringSecurityDescriptorToSecurityDescriptorW` `GetKernelObjectSecurity` `SetSecurityInfo` `ConvertStringSidToSidW` `SetTokenInformation` `GetAce` `GetSecurityDescriptorSacl` `CreateProcessAsUserW` `SetThreadToken` `DuplicateTokenEx` `DuplicateToken` `CreateRestrictedToken` `EqualSid` `LookupPrivilegeValueW` `CopySid`
KERNEL32.dll	`InitOnceExecuteOnce` `GetThreadLocale` `GetSystemDefaultLCID` `GetModuleFileNameW` `SetLastError` `GetCurrentThreadId` `CreateEventW` `GetLastError` `GetCurrentProcess` `GetProcessId` `WaitForSingleObject` `DuplicateHandle` `SetProcessShutdownParameters` `SetCurrentDirectoryW` `GetProcAddress` `LoadLibraryExW` `VirtualFree` `VirtualAlloc` `MultiByteToWideChar` `WideCharToMultiByte` `GetModuleHandleW` `ReleaseSRWLockExclusive` `lstrlenW` `LoadLibraryW` `LocalFree` `ExpandEnvironmentStringsW` `GetModuleHandleA` `GetCommandLineW` `SetThreadPriority` `QueryThreadCycleTime` `Sleep` `FileTimeToSystemTime` `GetCurrentThread` `QueryPerformanceFrequency` `GetThreadPriority` `SystemTimeToTzSpecificLocalTime` `GetSystemTimeAsFileTime` `QueryPerformanceCounter` `HeapCreate` `HeapDestroy` `WriteFile` `CreateFileW` `DeleteFileW` `CloseHandle` `GetLocalTime` `GetCurrentDirectoryW` `GetCurrentProcessId` `FormatMessageA` `GetTickCount` `TerminateProcess` `OpenProcess` `GetExitCodeProcess` `ReadFile` `GetFileSizeEx` `SetEndOfFile` `GetFileInformationByHandle` `SetFilePointerEx` `FlushFileBuffers` `AcquireSRWLockExclusive` `GetVersionExW` `GetNativeSystemInfo` `RegisterWaitForSingleObject` `UnregisterWaitEx` `CreateDirectoryW` `QueryDosDeviceW` `GetLongPathNameW` `RemoveDirectoryW` `GetTempPathW` `GetFileAttributesW` `UnmapViewOfFile` `SetFileAttributesW` `ReplaceFileW` `CreateFileMappingW` `MapViewOfFile` `MoveFileW` `GetSystemDirectoryW` `GetWindowsDirectoryW` `RaiseException` `CreateThread` `GetThreadId` `IsDebuggerPresent` `HeapFree` `HeapSize` `HeapReAlloc` `HeapAlloc` `TlsGetValue` `GetUserDefaultLangID` `FreeLibrary` `FindFirstFileExW` `FindNextFileW` `FindClose` `GetModuleHandleExW` `FlushViewOfFile` `RtlCaptureStackBackTrace` `SetUnhandledExceptionFilter` `TlsSetValue` `TlsAlloc` `TlsFree` `SizeofResource` `LockResource` `LoadResource` `FindResourceW` `HeapSetInformation` `VirtualQuery` `GetProcessTimes` `WakeAllConditionVariable` `WakeConditionVariable` `SleepConditionVariableSRW` `GetSystemInfo` `VirtualQueryEx` `SetEvent` `ResetEvent` `SetInformationJobObject` `GetQueuedCompletionStatus` `PostQueuedCompletionStatus` `CreateIoCompletionPort` `InitializeCriticalSectionAndSpinCount` `DecodePointer` `DeleteCriticalSection` `CreateProcessW` `OutputDebugStringW` `GetComputerNameExW` `UnlockFileEx` `LockFileEx` `SetConsoleCtrlHandler` `GetUserDefaultLCID` `EnterCriticalSection` `LeaveCriticalSection` `InitializeCriticalSection` `TerminateJobObject` `GetProcessHeaps` `SetHandleInformation` `GetProcessHandleCount` `SignalObjectAndWait` `ProcessIdToSessionId` `GetFileType` `WriteProcessMemory` `AssignProcessToJobObject` `VirtualProtectEx` `ReadProcessMemory` `VirtualAllocEx` `VirtualFreeEx` `CreateRemoteThread` `CreateJobObjectW` `CreateNamedPipeW` `CreateMutexW` `DebugBreak` `SearchPathW` `VirtualProtect` `LoadLibraryExA` `GetThreadContext` `SuspendThread` `Wow64GetThreadContext` `SleepEx` `CreateSemaphoreW` `ReleaseSemaphore` `WaitNamedPipeW` `TransactNamedPipe` `GetVersion` `SetNamedPipeHandleState` `IsWow64Process` `ConnectNamedPipe` `DisconnectNamedPipe` `GetFileInformationByHandleEx` `GetUserDefaultUILanguage` `ResumeThread` `WriteConsoleW` `SetEnvironmentVariableA` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `GetCommandLineA` `GetOEMCP` `IsValidCodePage` `GetTimeZoneInformation` `EnumSystemLocalesW` `IsValidLocale` `ReadConsoleW` `GetACP` `GetStdHandle` `ExitProcess` `SetStdHandle` `GetFullPathNameW` `GetConsoleMode` `GetConsoleCP` `PeekNamedPipe` `GetDriveTypeW` `RtlPcToFileHeader` `RtlUnwindEx` `GetCPInfo` `GetLocaleInfoW` `LCMapStringW` `CompareStringW` `EncodePointer` `GetStringTypeW` `InitializeSListHead` `GetStartupInfoW` `IsProcessorFeaturePresent` `UnhandledExceptionFilter` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `RtlCaptureContext` `WaitForSingleObjectEx`
PSAPI.DLL	`GetProcessMemoryInfo` `GetPerformanceInfo` `QueryWorkingSetEx`
SHELL32.dll	`SHGetKnownFolderPath` `SHGetFolderPathW` `ShellExecuteExW` `CommandLineToArgvW`
SHLWAPI.dll	`PathMatchSpecW`
USER32.dll	`RegisterClassW` `GetMessageW` `SetTimer` `SetProcessDPIAware` `GetThreadDesktop` `CreateDesktopW` `SetProcessWindowStation` `GetUserObjectInformationW` `GetProcessWindowStation` `CreateWindowStationW` `CloseWindowStation` `CloseDesktop` `wsprintfW` `GetWindowThreadProcessId` `AllowSetForegroundWindow` `SendMessageTimeoutW` `IsWindow` `DefWindowProcW` `FindWindowExW` `DestroyWindow` `SetWindowLongPtrW` `CreateWindowExW` `UnregisterClassW` `GetWindowLongPtrW` `RegisterClassExW` `PostMessageW` `DispatchMessageW` `PeekMessageW` `MsgWaitForMultipleObjectsEx` `GetQueueStatus` `TranslateMessage` `KillTimer` `PostQuitMessage`
VERSION.dll	`GetFileVersionInfoW` `VerQueryValueW` `GetFileVersionInfoSizeW`
WINMM.dll	`timeEndPeriod` `timeGetTime` `timeBeginPeriod`
USERENV.dll	`CreateEnvironmentBlock` `DestroyEnvironmentBlock`
WINHTTP.dll	`WinHttpConnect` `WinHttpOpen` `WinHttpCrackUrl` `WinHttpCloseHandle` `WinHttpOpenRequest` `WinHttpReadData` `WinHttpQueryHeaders` `WinHttpAddRequestHeaders` `WinHttpSetTimeouts` `WinHttpReceiveResponse` `WinHttpSendRequest` `WinHttpWriteData`
dbghelp.dll (delay-loaded)	`MiniDumpWriteDump`

Delayed Imports

Attributes	`0x1`
Name	`dbghelp.dll`
ModuleHandle	`0x134f00`
DelayImportAddressTable	`0x147030`
DelayImportNameTable	`0x130aa8`
BoundDelayImportTable	`0x130b78`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

GetHandleVerifier

Ordinal	`1`
Address	`0x1cab0`

IsSandboxedProcess

Ordinal	`2`
Address	`0x79050`

1

Type	`GOOGLEUPDATEAPPLICATIONCOMMANDS`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.811278`
MD5	`4352d88a78aa39750bf70cd6f27bcaa5`
SHA1	`3c585604e87f855973731fea83e21fab9392d2fc`
SHA256	`67abdd721024f0ff4e0b3f4c2fc13bc5bad42d0b7851d456d88d203d15aaa450`
SHA3	`295cd1698c6ac5bd804a09e50f19f8549475e52db1c6ebd441ed0c7b256e1ddf`

1 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6167`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97711`
Detected Filetype	PNG graphic file
MD5	`2de7670b136d47f24d80c7a7f151f653`
SHA1	`39a7fa5b8b95822f3443115f7fe0c384d9c150a2`
SHA256	`a83bf0e6c6a8851fc88c7b14c3484d23ccb20507fedeca573991edaed998090e`
SHA3	`f25067d2c6f119953bd75acca65fbbae0988471094190700ebd79e02d766fbc6`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.31568`
MD5	`f79ec451f08c0619f2c4d067303b2f90`
SHA1	`568613424c0d8cde01a575c676cc690fc1c06024`
SHA256	`15b861577f235a649fe968bd2d1fab5922e405cbb9422994000e60d0d33b862f`
SHA3	`23d8e3ddcc1308c7ace958790c0a4ae9abb99fc784b503c7ee15839e8aa3b4bf`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.57106`
MD5	`d25c28b8e7a58ee6c49eae31f535b17c`
SHA1	`e670238fc808df56b819330fb1d24b76776a318f`
SHA256	`34ed8326ad33a8c447dc5b091f6163bd9c7ffc569445f71eb3b929f86c3758fc`
SHA3	`1709961cf392842c90c378b9648227f90e4c1ed5b3443ccb5722d982d6f436bb`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3245`
MD5	`8c97cf96d11098a5ed3e29ef230c1f7f`
SHA1	`79263dac98266f797d894649356f507c419faca7`
SHA256	`a175b3e7af358691980af60bde461f0b76a045a18561aa1f4475d9943ebb8230`
SHA3	`f3c40ac7135cd9c427e0551318910c2602fff839e18052a20fa6807ec03e7326`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.90157`
MD5	`0e97e6963f6c927919c1998d8e5a8781`
SHA1	`16f87c143bd853c2d9fc5131de58b7fd5f0e5293`
SHA256	`40746282b4b956bf554573a2fb9220599ecfaa3412343801b017bb00333e6352`
SHA3	`5e15f655820493c80777d47fb2cea46d10055f0a7e6ea93bde729974232078bf`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.13336`
MD5	`2371c149c8ca53404f13964df44de5a2`
SHA1	`0799e792d526c33a29a5b653059e02b015dd75ac`
SHA256	`a040fddd4342a03426f897a8b05670cfd9c782158e37c36c4f15cfb66facebba`
SHA3	`5ad30d6088fe92386ad8896555e6e4e0d7dc30831cf347997e81111aa362a4b9`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.29213`
MD5	`25ed344bec5918708ebf1df5d2eab252`
SHA1	`5bc53cc0adaf943526365487c782cb49dcaa16cc`
SHA256	`75cbf087a603c6b1deee6d219cd91fd348ca9c50865abee98441b925361a39b0`
SHA3	`5f56b10f6abc797f8cca4a3631e970b2ec109f4ab010f788de9209a7c0025fba`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5152`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94942`
Detected Filetype	PNG graphic file
MD5	`82f69d0659f3fbbdbcd8de58b67d77ed`
SHA1	`dc9dfa0e70d0d73e9421671fe73a59db77da37f1`
SHA256	`0b1c10cb4ceaffd6ba1fb873fa1220327d0daa545e912174a94c01df52b70240`
SHA3	`45aff08f74a2fb16fa9b75dd7c88d358d8ab1d35f9482a0248baa48d0b98c39e`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.09199`
MD5	`2fed05bae442eb904953e00f3b9d2593`
SHA1	`1b1da5754f0f3785e293fdd7ed4b85500de892c6`
SHA256	`ed0644dbc88aec137b6eadef555819f38712ee523f0630f6c4d7e2f8d4ed9f61`
SHA3	`9a511d33756e1eb1688b40903445813b11d8839e5fb813459c5694b49667df6b`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.44041`
MD5	`1ac49edf38c62206194776152569b926`
SHA1	`b42ef87cd8d4d2fc4f9deb86b4976bbb98b64df9`
SHA256	`4fe47e9ac9fab61da3c15322dc8b52d69a6ef62034761214ebd96544d37f819f`
SHA3	`4de809b04ac500f9aad550ff833126a113e65c7766e8b02808646cf4eaeb1791`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.01484`
MD5	`5c59619ed31196b1fea12f7e6d0dcc90`
SHA1	`69831fa6430ab330d6059deeef95b4ee2fbc0d35`
SHA256	`2ea4f52c159c59355e36aa1e30316d1353cd92ec68dc551c46da88d9291d726b`
SHA3	`c053794781e2a9229111f7c2fd2d9526145396d6a0b79bd5e272ccb17872261c`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.81708`
MD5	`25e3ab129ee682d068b60341d3bc0125`
SHA1	`727805212aa13c8f1e79cfcb0b7970469106094a`
SHA256	`ad6142e4180b30d41a5a92bbad9c8959c8e095a8d1117c12b393acde41bd9511`
SHA3	`2c89a0899d9e4634615d26c3a3ecf67292223856df996f5be1667249fada1c2d`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.06237`
MD5	`bfdd6342cb3eab8d073c64223e0661e0`
SHA1	`90ec4a83736f1db44f45d8c571f897e32b0d4015`
SHA256	`21452ae8b397b0e86ceebc0328acc607a56701a7a3e519b422a6be43df1932bd`
SHA3	`833e584a0ba776a26d5817e9d53b25cba06ced5d0285a739dda64bd57bc0b8b4`

17

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.18826`
MD5	`9d6a27ef826531d46825b0457dd0ba11`
SHA1	`f1c711d00df6a3be16ec8b3f3e8d7b6e42843f6b`
SHA256	`ea509cd437951da438cbf997f274ad13b61a0bfc13c0170bc47985de5506e50f`
SHA3	`e8f2b69ecd729bdd326005da0964c2ba523b7b2dcf4d0eb452decc24b854112c`

18

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.2177`
MD5	`709e57a14a93b9d9afb7d524a8d7fbae`
SHA1	`2348373ed7bdfbf45d6ccc3f2729b836463d2212`
SHA256	`5ed6a5b996c51a861436b244ba5894edb1e25d431f954c0db84ad86a7c37394a`
SHA3	`4306276f528f553a331c568291a1bd3baaca7bf43206c5ea0fb5fc6329bc1a0a`

19

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50519`
MD5	`2be7cf502029821d227c5526f72b2407`
SHA1	`a83a5416dda4fea6e756f128ff60bc24be03adb3`
SHA256	`4f0a444631d150557a83b2fc6b45f5c13de5a6781bc21d739144c80364d0b23a`
SHA3	`a40951f877476e0ac6c6fabf0c3cf499dedcb944fcc99894e752370b8b9789f6`

20

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.48311`
MD5	`6cb366d6e930c9cc52c8b667eba3e33e`
SHA1	`03d7b524730be2f996eb06c11e4c84bae966c298`
SHA256	`d2e94c9d59a94d86224f1789ff7b3b6c5a20a36ea2ed714ee90f969791915fcf`
SHA3	`67243cc44eae8e5ff1e3f5795c72e0e0f42e3dcdddf494a3653d2c616d109b4d`

21

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.23684`
Detected Filetype	PNG graphic file
MD5	`daea97dc33d39711f852add32f016aad`
SHA1	`33b56832ec8f281d4e930efba39f799cf5c72316`
SHA256	`3db59ef5287bcbcabcece9f62096730c4fb22f4dd37886e24dcde6475e40b0ad`
SHA3	`fccf6cd294555489592d7f4ecd7fc70e6e04c037e1fa5e0b679347c6aa1d176a`

22

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50939`
MD5	`66e6b61ce6f7d21ac44d41fa9e25f0ed`
SHA1	`48d4149809669c7587e6053c0a74200b729ca650`
SHA256	`7318cf61f1c6a78ead9818f56903eb233fbf7e4002afe265589df4ac2ed424ed`
SHA3	`2425d60c47c6f4968a11ac6261261a9f1886c0c20572cb39d2fbe92680a93cc3`

23

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.38571`
MD5	`a00e1a7b96131d5adf42c20068ae81c1`
SHA1	`a350dfa4091bace86ae842e2d47a77ff6385ea08`
SHA256	`871551205d56446ffba7bc05219b3845976deac5fa604e1bad5f32feab95ddc2`
SHA3	`9303359883e8487df1ac3ea68f1b895c01e370b66c6526d85b9c43dbab1b5a6a`

24

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.78098`
MD5	`fbef85a618976961a75dd005f8c49ab6`
SHA1	`ea31563ffcb10741e20538efd188f220d7a664f7`
SHA256	`7b910259b9195288f78676025810d3746e41d0d8954106a40d44786933a4339a`
SHA3	`4556397da1ee2ce63744649f4e835e9a3aa3110668980b1707befc48b2f15030`

25

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.04932`
MD5	`bcfce9992791cf08b3fe6261aab09f10`
SHA1	`fef27acf80c0f428b6e0d995a57e3055b2a5e63a`
SHA256	`dc38ed877d398fc13fdf7b4f973972d42c0f95a610fc229c80686ad67fffd850`
SHA3	`121d843b8b939b2c48ef056030e5de3e685a9819a9ba531decb6b02cb2aa80c3`

26

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.36206`
MD5	`c1c01972831543fe2a5ef4c0040078a1`
SHA1	`d788fd0d44d09e1902b02c25c45e9a9c19d5f7a4`
SHA256	`70a1e88ba27e4812bbd76effad00d384e3b41bd9b3769420d6324b09c5533476`
SHA3	`a7d445d2c4098129a013664ee6b207ac55f1867fac7e729c90083466bfa2a279`

27

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32848`
MD5	`c356bd600928338b8f0e051ffffa189c`
SHA1	`13d9cc50f84b79e681ffefecb81ce6a2f09432d6`
SHA256	`c09211ff01d51888346b65fcff0f2aacc1b690e4b962284864403c1a992ea77f`
SHA3	`08f6a44101017036a9060e0a6cfd0e21c0043666a8cb08e1b6a73d58a7f6edbb`

28

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.26182`
Detected Filetype	PNG graphic file
MD5	`0f189417b942f34ce8368c87f4d31142`
SHA1	`069ef73de075012d8841c92a6c82bb75e4958498`
SHA256	`b453bd151060d95195de6f3d5525d84d6ec5b9eb015dadd141191e44a761ff3d`
SHA3	`9bebe9aca991c872995eed0156cfbc05f014e9f39a8eb6f0f9d30ad838daae6b`

29

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.26371`
MD5	`dba22c253a5ba4318c87a1454250a99d`
SHA1	`beddfe88fc6ad93419be2b1a8b4fe630a94dbbb5`
SHA256	`6dc5afe1d6b3bb10447cd60b6e7f4f9765d1761a425ca8a654d5d07992e57dc6`
SHA3	`2b80aa9fa20db3e1aa28e2c0e079dd70a27763c5ef7f5a70bf834a545a36597e`

30

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.14085`
MD5	`095a457ede21d64fc5b30f2c79ed9a7a`
SHA1	`a150641558c4fa6af377dc5fed4bf185625a4f20`
SHA256	`531a74d0203d447acc9b8c3dfc22ff9dedf54c9f6f59c59fac85e45444eba221`
SHA3	`9b1b462018c339023681ee15cef6ddadb9a39241930e090abb7ccddcb7184e7b`

31

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.5746`
MD5	`f17a5aa31adb97277ebcef702b26d81f`
SHA1	`daa62ab7d2cec7239fc588c6a54d3a54f60ed358`
SHA256	`6b38ccc080d2867b5d7c454c051efe089053008ae44c989bf3db02f7d4f0461b`
SHA3	`d8332a487115a68a03b541067efb3922b37166eba6f8f38e94707aef7f2f78a0`

32

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70621`
MD5	`7a8fd82c16489f1ed6e5cdc5dc38c815`
SHA1	`595b39dc0c92b6e3943ea918a213cec58503daf4`
SHA256	`9260d8b6f0fd7fc00e9a960db1b1283180efd59049be2c8867a4e660b1ff0123`
SHA3	`2eec2ac06df13fa72c5317fe2f7e049cddea95363b53620674c73c866a7f8d52`

33

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1234`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.90997`
MD5	`11921cfff61b5877c53bb37c86b6d09c`
SHA1	`3800127e39a03ea9b2a9f79538d40227ef4d0c89`
SHA256	`c714566bd8b7f0be360e68950a5615a2fb365d53b14ea7c2812f23c458497799`
SHA3	`0e2df531413bcc400f2f42179d34b093d3229754f3ee9d7c982faacd2f766e18`

34

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.72497`
MD5	`0e559d7f5897727c98dfdd1e6c3631e7`
SHA1	`fcd9803592250e14d186e9c8fd0f094e7debfdf0`
SHA256	`6e6dd7cc3df380721e4678fb1825b982df22a4dc058091634e733c33f3543b1f`
SHA3	`54cc4d475eb6e3066dda379e7ce197dad0d994522cc58d68673a5707d4aa46cf`

35

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x184b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91162`
Detected Filetype	PNG graphic file
MD5	`e3e595605f7ba7a83a424e5698b342b4`
SHA1	`b7cf89a883818649ffeab77f323b07808b1b717e`
SHA256	`05de73b49e62f848770d877a92a4a920e2ef6812538b84ab3a3255ee89bf3666`
SHA3	`0a0834c7fc8c9270e4ef414eb9095219a154fefc631b38f811eb7639a46a3aec`

36

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6542`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97832`
Detected Filetype	PNG graphic file
MD5	`19056ecb238e03807aab6b78cd2f1dcf`
SHA1	`533d974cdf11acc8a4adbd94aaf275063674800d`
SHA256	`5cd756c4b353d00d72e10c91074dadf1073cf43f148aa1fd1ef1ead648f48637`
SHA3	`fd5d20468894df77fada930c7135eb9db68c11b7fbffafeaba040251772653fd`

37

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.64082`
MD5	`fcd3dd6d9b8c1b1881ae9c476fe6a351`
SHA1	`418d60fb91ecf99538f8dca2326516b3f86c5c6d`
SHA256	`e6152244c8b5a896ede3a8d1d826f3a5e1f7f3badb9e6636cc36fd7e44e2ce02`
SHA3	`b484fbfe8f01cd1654a9801eda2d0374f219640061d05798f1e6b0c97c9c539d`

38

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.78257`
MD5	`4cac13dd129d2dd3f2e7b76a53a29c2b`
SHA1	`a29f09910d2ae10f77a198ec6c3a2f3a137c0d40`
SHA256	`36e09c8ed73e38ab0d37c141ab172cd2490ecb0da4cab1bef9f3ea22bd329e36`
SHA3	`b2ba33f8e2d578bfe1241de927abcd5fccbd73293f76f8b0dbe28bf89f2aca50`

39

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.78015`
MD5	`ae7fe4ca59cae6779a77a2ff503b9478`
SHA1	`58f472849a4c199f3f9f71550229d2c3bce93a3f`
SHA256	`4194c1d33dcccdc7420448f1018165f188df568a377af51a0fe6ff38a553013f`
SHA3	`b0df9362713e190855dcabf4d9b9a9fce6acf1db0edac4e00c243b682c3e13f6`

40

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.15973`
MD5	`1b179e141fc2ce3a4885aaee83196734`
SHA1	`406bf1ca7859cccf1a927e2acfb9371f91fdfd3b`
SHA256	`b53733d120b79d7dddfd8fe7ed58b164af08572b8d7bab273b7d7f5999fa259a`
SHA3	`68891768597b63c49898a4db4e1a3741fdefac21822e77baf308626fc040c6a8`

41

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.38285`
MD5	`9e5b90dfdd2b7e9165f536c4b1fe3c4d`
SHA1	`72ca9f674458473282878541db70ea90332393f2`
SHA256	`c3fc4073c2572beb8bfca3b64ce70ea8ada73773509e785a90335efac2df3ce4`
SHA3	`70412718cf9e4b3bc0791177b825b9ba13d4ffa1b0696ea5eea49cb936708c0b`

42

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.44339`
MD5	`e76cd3603c94a1631de626c721c323a0`
SHA1	`b1f5fbf5b95d40e9cca5eaebc97554a2bd891720`
SHA256	`dbc430992e8c8712f8c6ae082fc3fa60c371eb42f55dd8ff22198a04badd4511`
SHA3	`d38006aa5399cb52ec04afa9bd52127062ff476a517e8f1792862964395dd3b4`

43

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6615`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97373`
Detected Filetype	PNG graphic file
MD5	`6476797a6732522e20f4f753596a3117`
SHA1	`af606bd0bf0d8792a1e98f2b2870a6cd052aaa7d`
SHA256	`387480a675473a1275a74d0ab5d23591ef185f83cee51a5b22dcf836234c89f6`
SHA3	`5a13b2cfef941b785238e7d460a799f1745f1347b110dfaf1a64206da452725b`

44

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.66878`
MD5	`28aad487801bd04e132271f44f7d7e26`
SHA1	`1e15190ff7ad59026af33f50cc6f9c2757b60f4b`
SHA256	`5594cbf9e65a4afc7650f5c2676344ee2a310148e42e48331c5d42c08c61db0e`
SHA3	`e8fed0382933396caca419c88ed3aacf8dfba815957c0fd71143731f2622ca79`

45

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.81542`
MD5	`ed848408d5de1e3a52916d209ad20a66`
SHA1	`085955efdee42d6fa502c3b9528cfd04b8ab43b9`
SHA256	`3fe8daaddea0ec17b0232c9b2fafe2a9558be92be9f5dbc6bb6ecc7597824c41`
SHA3	`28b5dd29826a406fd3c00791b0dc6c8d2b771815fd552416cef059c7a29e3596`

46

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.86926`
MD5	`7530df44d65c2f9b3cf520776eabfa89`
SHA1	`6c85f8f2489eb1a531b07a3c8cd2f139a4889c8d`
SHA256	`c3453112631d95fd9fc1b44567267b1ca3a1084da316317d1d3401b59091a266`
SHA3	`b651751a80b7253e90e1838e3743a6197e67ea4d191c331f76dba4f160d1aed3`

47

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.10332`
MD5	`d0a72a5438245159cedad3f68712a00f`
SHA1	`8559bbf12d88512798f5db67bdcf95745c0f7735`
SHA256	`4f17877470f2b9e2c9983987260369cd60f0f1800b4bfc57f49c74d43295e94d`
SHA3	`09dc55b3d19375e34348744e70f4bcfc8a86b845dc49214bee04c34e97431e03`

48

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.44876`
MD5	`57aa143c68ede3436ca3376b364a4b8e`
SHA1	`ec9d4dcc556f19315649491663e22abf6cd6af5f`
SHA256	`e5001c9b9f30c38b470c5b45313bdf9cc4cd6f9164100830592d6c2bad1c819f`
SHA3	`8c176816a3d9d6738f2b58cb5a6341879bf82896680ba40f164b3545d9711352`

49

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.46267`
MD5	`a376bf8646531100cc64f6cccf42ef2f`
SHA1	`cb199075b14caaa369c7ee077462ab3988c28a9e`
SHA256	`1799929795390604ae27326eff1a96bb9422137adb2d3d9b1d647949a6dd7c8b`
SHA3	`089b9057f6d82c1e16c8b14b0654731beecae828ba3dc395add04ddfc4089fb3`

IDR_MAINFRAME

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71858`
Detected Filetype	Icon file
MD5	`26deb637d6c8b617feba45d2dc0dd1b2`
SHA1	`ce85d52bc0bb91da2a45eb09532354f947dffaed`
SHA256	`a0f2be7f2f652d6facc9f410d6f334951926a6f553c70af78c9008be7eb1d2c5`
SHA3	`0c705b373ae6fe4307090e1d814db3b5358a90af5b74d8bf83ad86bf8e2f1600`

IDR_MAINFRAME_2

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`873bcb0a4f260dafb74951ad3e5fd322`
SHA1	`28b3c3eefeb1d2d358b7cfad8c9bad3b58af5bad`
SHA256	`5d2d1780d6c9b7d5f10f09e3d3961dcaa76ae352b3779ee5e61d85a2cb6abc93`
SHA3	`bd41ae6b3165ea2dc355430746fac4cf547c32339f4b6c62901a4d37d9b77318`

IDR_MAINFRAME_3

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`3b0fd43b3680282401c0cb3c4c612b68`
SHA1	`f64624ace0e4dff68270d1514a920c316620eb8a`
SHA256	`1c1f0f6b102eb5312f2f38521369e520d19875584393d97fb180fb4c1d62abe6`
SHA3	`83d68819966dde5f63533cf1b40b67949da624117160bdfa6a918b5b2abd033d`

IDR_MAINFRAME_4

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`271e7c2b08ba11d591e860928dc779e6`
SHA1	`30b1f8b82b283b8ea13a06193335af0b17974090`
SHA256	`d0e027b4c6cf8e62ac274c864d81f88f3efffa4adade1bf1c371aa7b7ac230e1`
SHA3	`f980cc5a5ba7a4c16389b78c438950f846eff946bfad6e716ed1d34149d4c5a9`

IDR_SXS

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76309`
Detected Filetype	Icon file
MD5	`e2207917c7b5de34e7b2f13a5d017727`
SHA1	`4c136f9034c6ba38efe93321402c8645f000c7a0`
SHA256	`42cc53216d7c80e97c8a86a2437dcd172453e35a4118dc98631e05d7b5cd963d`
SHA3	`2fe172eea800bb0a9165ff7b8bcbce5d2ac542061b73355fba4470aa010a1430`

IDR_X001_APP_LIST

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`7e59398cf39211644e47a8226d6866a0`
SHA1	`d74d3597dde5ba1ee9cee7ba282eb879e07e7842`
SHA256	`cf97f0124f7c390ff347f63f62f55ec6ae10bdfc8dfed840358932f89ca00648`
SHA3	`3f6b204972cd80f74a78fac523d22fe10455e3ec4d6c0852921e00282cffb2fb`

IDR_X002_APP_LIST_SXS

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`4472fd1b9f64afb390c6c818b7559b60`
SHA1	`2432fbc0a12ff3258df50cadf37bfa1d5ad3184d`
SHA256	`78d1b59ae4e1a03ce6e179b92467867824e888dc00ce8c396a589a1c237cb49e`
SHA3	`03005179999f010ef511a223aa22f95bc6a472162d01a3e98023488ef4639d4b`

IDR_X003_INCOGNITO

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68084`
Detected Filetype	Icon file
MD5	`b361eaa37f3efe2f6305eabb4922df36`
SHA1	`24abf6089ba045c7154d8eae7f2619c1d7a7e794`
SHA256	`556bad1ea9fc323da5e5e6f28a10dbc9112e9e0e0bc72ea42a4dd161ff82dc54`
SHA3	`c463e01e1200f8312bf4903c52a19574e86455f12d39d6033ae5f6870acdb7bf`

IDR_X004_DEV

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`b9bb4ff289497a2383bb504e25a4093f`
SHA1	`dc6f80e3d57e0129c6b3c3c703d6154b69be6ac5`
SHA256	`1e88cb601c0f317a1a0491bc70a86f00e4990b2ebb3c376772645680d54d38e6`
SHA3	`93fa49b16251c6014772aa81fb75b0a34e9f4d3e110b70b6e1e74788060b1151`

IDR_X005_BETA

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.78511`
Detected Filetype	Icon file
MD5	`9946ef8cbeb3b028211dc1038463c48b`
SHA1	`db419b8005cce7667db1f80221e2667cb13664e3`
SHA256	`07a91a01188319960f29da7e8fd8e2bf9c0cb2ab3f384647ffdfea9a7623b60d`
SHA3	`eb84d3d6161f5c41bbad71d196edf8bd5c39fcad56e571ae32180a94e94b3743`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x450`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.51943`
MD5	`57aee76dd5eaf77c99466b6e79350bbf`
SHA1	`d4d706a861e34a7ebf3f88a3144d4da862ae4714`
SHA256	`ef873f45e38369484f413c9c73b585b2c2da22fe152a512b43f88d73aa8d30f6`
SHA3	`45153653f06da2e6545b4571ecce1d1a7f030b219d422f3ad65fa6b39b82acb4`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4d8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.30972`
MD5	`46eb2860ce5d9f93af4cb61155cdf61a`
SHA1	`3d828b6ff8b644fac8bb0ef902af2a4949e4f6af`
SHA256	`6d2b8f083720d73369c7f7ea073758f326db7d0f58769ef63341c8b2bd78b006`
SHA3	`d68db975274036848358ace3c3f21c1b6e5c85a4abd31f97b560c12cfa2bfcac`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	63.0.3239.108
ProductVersion	63.0.3239.108
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Google Inc.
FileDescription	Google Chrome
FileVersion (#2)	63.0.3239.108
InternalName	chrome_exe
LegalCopyright	Copyright 2016 Google Inc. All rights reserved.
OriginalFilename	chrome.exe
ProductName	Google Chrome
ProductVersion (#2)	63.0.3239.108
CompanyShortName	Google
ProductShortName	Chrome
LastChange	d2626860fae283daee484943e6820af18fc73fd9-refs/branch-heads/3239@{#676}
Official Build	1

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2017-Dec-13 21:33:53
Version	`0.0`
SizeofData	`89`
AddressOfRawData	`0x123a50`
PointerToRawData	`0x122650`
Referenced File	C:\b\c\b\win64_pgo\src\out\Release_x64\initialexe\chrome.exe.pdb

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2017-Dec-13 21:33:53
Version	`0.0`
SizeofData	`1180`
AddressOfRawData	`0x123aac`
PointerToRawData	`0x1226ac`

TLS Callbacks

StartAddressOfRawData	`0x140123f68`
EndAddressOfRawData	`0x140123f84`
AddressOfIndex	`0x140135500`
AddressOfCallbacks	`0x1400feab0`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_8BYTES`
Callbacks	`0x00000001400382B0`

Load Configuration

Size	`0x70`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0x200000`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140133008`
GuardCFCheckFunctionPointer	`0`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

XOR Key	`0xfaca5da4`
Unmarked objects	`0`
C++ objects (24610)	`181`
199 (41118)	`5`
ASM objects (25305)	`8`
C objects (25305)	`35`
262 (24610)	`2`
ASM objects (24610)	`15`
C objects (24610)	`22`
C++ objects (25305)	`68`
Imports (24610)	`24`
ASM objects (25507)	`1`
C++ objects (25507)	`1`
Imports (25507)	`3`
Total imports	`422`
265 (25507)	`473`
Exports (25507)	`1`
Resource objects (25507)	`1`
151	`2`
Linker (25507)	`1`