Manalyze report for 1a11d721fd8fb70a6d73c16f9e401ba6

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2024-Sep-18 09:00:06
Detected languages	English - United States Ukrainian - Ukraine
Comments	https://github.com/henrypp
CompanyName	Henry++
FileDescription	simplewall
FileVersion	`3.8.7`
InternalName	simplewall
LegalCopyright	(c) Henry++. All rights reversed.
OriginalFilename	simplewall-3.8.7-setup.exe
ProductName	simplewall
ProductVersion	`3.8.7`

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: github.com http://nsis.sf.net http://nsis.sf.net/NSIS_Error https://github.com nsis.sf.net`
Suspicious	The PE is an NSIS installer	`Unusual section name found: .ndata`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW` `Can access the registry: RegDeleteKeyW RegCloseKey RegEnumKeyW RegEnumValueW RegQueryValueExW RegSetValueExW RegDeleteValueW RegOpenKeyExW RegCreateKeyExW` `Possibly launches other programs: CreateProcessW` `Can create temporary files: CreateFileW GetTempPathW` `Functions related to the privilege level: AdjustTokenPrivileges OpenProcessToken` `Can shut the system down or lock the screen: ExitWindowsEx`
Suspicious	The file contains overlay data.	`1116055 bytes of data starting at offset 0x14400.` `The overlay data has an entropy of 7.99983 and is possibly compressed or encrypted.` `Overlay data amounts for 93.0822% of the executable.`
Suspicious	VirusTotal score: 2/72 (Scanned on 2026-02-11 03:28:18)	`APEX: Malicious` `Trapmine: suspicious.low.ml.score`

Hashes

MD5	`1a11d721fd8fb70a6d73c16f9e401ba6`
SHA1	`563b41f2cbc77c81d644b30070cd553c04e93aff`
SHA256	`1864b3e2830c5ffadefb01a25d0aedba36a9acbdb8f257a722718b0b1d1aa144`
SHA3	`0b41bc411a7628551343a2f519480fa5592d952a784236ae46155f17f18ce2d5`
SSDeep	`24576:LjEG6cCkgfcRWILFlAdNWgMh45KbmIt9BsWO33JJgMo:L/6uffUNWR45Y10Xg/`
Imports Hash	`3c57c0f266bcc40ea9df5836259e722c`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xd0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2024-Sep-18 09:00:06
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`8.0`
SizeOfCode	`0x7800`
SizeOfInitializedData	`0x22400`
SizeOfUninitializedData	`0x800`
AddressOfEntryPoint	`0x00003AF7 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x9000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`6.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x63000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`d6f5cfe5be14b13c8ddc911b308c3041`
SHA1	`4129e15f0f337c6ffa70012e2fac625356c2d700`
SHA256	`e7dc89f1a5286e571225322b9d03065a0ca4d985eb5d345e23355cd2f841b835`
SHA3	`16476a01c5e3bc37628d743eadb6f71a2a128f97c7c3e317d7f091d233a811c0`
VirtualSize	`0x7770`
VirtualAddress	`0x1000`
SizeOfRawData	`0x7800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.54548`

.rdata

MD5	`9cfca29c3241f429c08dfb6e2535ef18`
SHA1	`1db35d053b89cde74fcd25a6b93bf573c17db14d`
SHA256	`26b4a0315f7555dd06175bb78a12ddb7f33407671d5c698364328736d67ea4cc`
SHA3	`4d74326686870032454a21d6886a81f106d99cc499428feb0befe33acf36bf1c`
VirtualSize	`0x1968`
VirtualAddress	`0x9000`
SizeOfRawData	`0x1a00`
PointerToRawData	`0x7c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.98033`

.data

MD5	`0d7a5918bbed11cdbda523351aae68ab`
SHA1	`9e782245d037f49d8f6fbeb26c3b160d85a7b566`
SHA256	`7faed918a9f4bd8cd32cdb658b96b5234b90123da667be6330ca19bd85050d32`
SHA3	`7b335876f38b59d6b458741d6080693e464b8635fb155397f19dfd578e91b607`
VirtualSize	`0x1f684`
VirtualAddress	`0xb000`
SizeOfRawData	`0x200`
PointerToRawData	`0x9600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.84854`

.ndata

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x2d000`
VirtualAddress	`0x2b000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rsrc

MD5	`9877aab9eb7f90d74d937a1d4c48f20f`
SHA1	`1706e1c74c5466ea375eb3af994e0bd3c7426cd3`
SHA256	`b3a12f40bb0984e3058dc5ccea1f999a3c3667c91ae44c4460227b23cb7392a2`
SHA3	`f6e357e7a94b9362527cbf0ea0da95a43e4f50e8058233042ddef41fd7693409`
VirtualSize	`0xabf8`
VirtualAddress	`0x58000`
SizeOfRawData	`0xac00`
PointerToRawData	`0x9800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.25064`

Imports

ADVAPI32.dll	`RegDeleteKeyW` `RegCloseKey` `RegEnumKeyW` `RegEnumValueW` `RegQueryValueExW` `RegSetValueExW` `RegDeleteValueW` `AdjustTokenPrivileges` `LookupPrivilegeValueW` `OpenProcessToken` `RegOpenKeyExW` `RegCreateKeyExW`
SHELL32.dll	`SHBrowseForFolderW` `SHGetPathFromIDListW` `SHGetFileInfoW` `SHFileOperationW` `ShellExecuteExW`
ole32.dll	`CoCreateInstance` `OleUninitialize` `OleInitialize` `IIDFromString` `CoTaskMemFree`
COMCTL32.dll	`ImageList_Destroy` `#17` `ImageList_AddMasked` `ImageList_Create`
USER32.dll	`GetDlgItemTextW` `SetDlgItemTextW` `RegisterClassW` `SystemParametersInfoW` `CreateWindowExW` `GetClassInfoW` `DialogBoxParamW` `SetWindowPos` `IsWindowEnabled` `SetClassLongW` `GetSystemMenu` `EnableMenuItem` `EndDialog` `GetSystemMetrics` `CreatePopupMenu` `AppendMenuW` `GetWindowRect` `TrackPopupMenu` `OpenClipboard` `EmptyClipboard` `SetClipboardData` `CloseClipboard` `IsWindowVisible` `CallWindowProcW` `GetMessagePos` `ScreenToClient` `CheckDlgButton` `LoadCursorW` `MessageBoxIndirectW` `GetWindowLongW` `GetSysColor` `CharNextW` `ExitWindowsEx` `DestroyWindow` `CreateDialogParamW` `SetTimer` `SetWindowTextW` `PostQuitMessage` `SetForegroundWindow` `ShowWindow` `wsprintfW` `SendMessageTimeoutW` `FindWindowExW` `IsWindow` `GetDlgItem` `SetWindowLongW` `LoadImageW` `GetDC` `ReleaseDC` `EnableWindow` `InvalidateRect` `SendMessageW` `DefWindowProcW` `BeginPaint` `GetClientRect` `FillRect` `DrawTextW` `EndPaint` `CharPrevW` `DispatchMessageW` `PeekMessageW` `wsprintfA` `SetCursor` `CharNextA`
GDI32.dll	`GetDeviceCaps` `SetBkColor` `DeleteObject` `SelectObject` `SetTextColor` `SetBkMode` `CreateFontIndirectW` `CreateBrushIndirect`
KERNEL32.dll	`WaitForSingleObject` `RemoveDirectoryW` `lstrcpyA` `GetExitCodeProcess` `GetModuleHandleA` `GetProcAddress` `GetSystemDirectoryW` `lstrcatW` `WriteFile` `GetTempFileNameW` `lstrcmpiA` `CreateProcessW` `CreateDirectoryW` `CreateThread` `GlobalLock` `GlobalUnlock` `GetDiskFreeSpaceW` `WideCharToMultiByte` `lstrcpynW` `lstrlenW` `SetErrorMode` `GetVersionExW` `GetCommandLineW` `MoveFileExW` `GetWindowsDirectoryW` `SetEnvironmentVariableW` `ExitProcess` `CopyFileW` `GetCurrentProcess` `GetModuleFileNameW` `GetFileSize` `CreateFileW` `GetLastError` `GetTickCount` `Sleep` `SetFileAttributesW` `GetFileAttributesW` `SetCurrentDirectoryW` `MoveFileW` `GetFullPathNameW` `GetShortPathNameW` `SearchPathW` `CompareFileTime` `SetFileTime` `CloseHandle` `lstrcmpiW` `lstrcmpW` `ExpandEnvironmentStringsW` `GlobalAlloc` `GlobalFree` `GetModuleHandleW` `LoadLibraryExW` `FreeLibrary` `WritePrivateProfileStringW` `GetPrivateProfileStringW` `lstrlenA` `MultiByteToWideChar` `ReadFile` `SetFilePointer` `FindClose` `FindNextFileW` `FindFirstFileW` `DeleteFileW` `MulDiv` `InitializeCriticalSection` `DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `CreateEventW` `ResetEvent` `WaitForMultipleObjects` `SetEvent` `GetTempPathW`

Delayed Imports

110

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x666`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82633`
MD5	`b6bf70baab40fe438feff063bfb9ff6f`
SHA1	`7d4659d43e08d368ddacd31945872461c0b06253`
SHA256	`0e90a9e4b8f3a5bf990e8aadfd8096ad7aeaf1a4e032ac7b6395ce191d61c142`
SHA3	`cab98fabaf20118d9a8a4d2bcff4383a7291a0e04ff11a8690e71eed619c75e7`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.35962`
MD5	`093bdf076fcdb0eee0ec47527bdd79c2`
SHA1	`629e239576de958915a891f1184c9a24882c25e2`
SHA256	`a03b036d5cabcc868041b62715e8da5a209e2f3628fdd37cecd944cbae01c6c5`
SHA3	`9b77753024dcde5470eb2d6f214086a335e97a7a91adc048c5a9f3713c3e588c`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.47075`
MD5	`f6e52ac234540dce98d52282aff1160e`
SHA1	`18202e11cd0f6437d237466e29d23c28c6d6b490`
SHA256	`7cfb9314b9ef0afbd831a8b0428d0e66a58d90ffc2032ee37797aeb79062dfd5`
SHA3	`d9db033176d2b0eae57ad5d71e34488dc7fd93cd588bbbed416df996099d1a35`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.53024`
MD5	`fcd52cc54ed2044e538fbe7fcf96216d`
SHA1	`d7c895db938c2abafc525655afd950cd0755c5a0`
SHA256	`a0f32b35923644a719cef2e943710383356f0a4314ec921fd8e54ce082f3a0d0`
SHA3	`50552d0e911901c74ce6b92c320ca5f514178c6696892c8f9d4bed7e65b8a0ff`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.59767`
MD5	`026a2594fa670c1e68c188b0f28a7286`
SHA1	`3e9ba15b03ed2a08bccc91f91b88d70d7e058c50`
SHA256	`25507d41e911c4bb0a5cfffe9f71a69660d6ddfd81a3940f150ef9b4a7f7a0b5`
SHA3	`8eaed7a1c5d4dcd9e558a46950ee3c878c9c59407f627df2c80bc3483a789772`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.78548`
MD5	`56edfd4f3ac5cc2338651da972f43b3b`
SHA1	`8949af103a760813cb5ec68c284f80975216cd6e`
SHA256	`98c2548ff0bbfa8e2d8df9628381da0ff372ca39e6adc3dfd08c007304311d18`
SHA3	`908e5f5a7224bc776c29a511d981c8af855e930199a145979c912df93833b15f`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.43755`
MD5	`c123e6a34c5bf53497775dd73fe15a77`
SHA1	`4d6be02075646fc0f39d73d8e9c34f8693ae625c`
SHA256	`debae6aa81e5364d8ea1cd67c5af2886945dc52e0878cca70323d09f2cef70ff`
SHA3	`777fd41f36579a7f5926951d8f4a3bb882ba0b902bf7dc21b44d35c15e2bc0e3`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.5422`
MD5	`2c53704ff47083497878bbb5aab68b5c`
SHA1	`9bcda339f48f810419484cfe5df06e055e3240bf`
SHA256	`1932fb31c0b32e1f7773b5db67b12f0fb2a83c97521c034389ef9479f732d2a1`
SHA3	`1a385befd1426cb80accd771cacd51a701eb5b86f85d27593dedfcb7a0ed3f29`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.64636`
MD5	`35d5298f9bf59b845a044c4546f06b1e`
SHA1	`84ce400590a6ea944a16e8f2acef8627c2168a6b`
SHA256	`2a9706630d95c70f032505b837f74f46d1c7129b3fc02b681ea5a2f1c7f3c05d`
SHA3	`67c2722b6498934ea6c6d6219d365c19b2aaf2fa98e3ccb3459f65108af58a43`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37471`
MD5	`b00592ab59f6d9b37fba11d126228f5a`
SHA1	`48ea76d0c1c122b4140ab4b0f74cc6c4caef6f2a`
SHA256	`bac7e045c307111fa0a6036cb10ae8d1234e8c54fee1c2475f180b62add87fb0`
SHA3	`917d0b93f95700072b869d8040bfa6bc8e54a71f25bd9b6463121cec2839bfd0`

103

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x120`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.56193`
MD5	`db6dd0434da4d7cac564518725167e09`
SHA1	`a65a1367d7cd96450f089a8f8108239bbcea9f5b`
SHA256	`c50631fc1f8425a95fd1edcc8e730d339e193a38f18d42372c32847a5ad2c016`
SHA3	`4e3be5455c51e1cb04836e318cb69ecdffd2deadd0f338d4bc985d8f5ca653ff`

104

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x118`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.65946`
MD5	`2000509765223fff4a8221925db89b0b`
SHA1	`a45e28aa820f8673bb42b668a32dcebe5378249d`
SHA256	`9dbe7e3450b80b2c3727d80f42af8c4066623f6320b74ce0efbc81c618c9a0b4`
SHA3	`45470481ab29e521fc06e9e3f41674bd9e62f11181ef475a6e46efee741a3351`

105

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67385`
MD5	`d1a92272fbd597e1aa19021483110d5a`
SHA1	`9f75072682b37c6c52361d8c988ebd06dd003f63`
SHA256	`15663576584c947d634dab9848defcc7d8f05eb0b7e7c6d52d81eca695fc7a6e`
SHA3	`704756797695ae34f6fae500852bca70e5066a1d1993348fe40ccf626235d0d6`

106

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.91148`
MD5	`fa83652660409e90e0db9731ad2adb17`
SHA1	`0a8f0af67723c87fe26ccf676b8e19ec6357b4dc`
SHA256	`4a55bd714f5d50cd8eabba10e57f0618f1842717dcfa582d73a917b1933cd1d4`
SHA3	`5b3e1cb25be7a2dbae4f08f0d4794ed23dbd6ea37a3f9702be12dba588f42a7b`

109

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70146`
MD5	`2768de5a1178b35d871ea4e120169292`
SHA1	`6715343b0bc368c77c986db6f7829186b8081310`
SHA256	`210ea5d77428dc5cfc3f57ab6f20db5abafdd12cfb3dcd78b77a0acc80331d21`
SHA3	`97e2f9a4f74c5a08545d01bb2de2c4c183db1a42dd3faaa74620636b87a79f6f`

111

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xee`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92767`
MD5	`1db3e4c32b9560257ddf3506fef9dd3f`
SHA1	`6666e0c8336456cfacec71d84415c6516e9e2673`
SHA256	`587a03198c39f990e77691056bb5705e21374281862ce06de94c68172f50f763`
SHA3	`30ca0affc3f1d2ef8b37f2103db7581caaf88548823fb3ae1d308fae9738dab4`

203

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x120`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.84487`
MD5	`12402b54eddc39fa3dae283957b4eb4c`
SHA1	`beccbeac143c7c78d7271c20c73df7e797c6224b`
SHA256	`4017b96a65ef43c2d6781adc75b048ed8568f3068b81ee971154b90886766250`
SHA3	`d1f0eb13adc7d47e9aa7da0e3a996fd742075668a840e149a5f391955e438793`

204

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x118`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00092`
MD5	`703e421b6d0638bea1a6207854002c71`
SHA1	`41e55f58f99f46ee1f24cf835d92d69c6faad63c`
SHA256	`5e7114d97ed98662c2b61286c6a7e077a56f4c99f90933e086aecf658dc9d712`
SHA3	`98e582928f504e51ab25ac30f379d5c0239770c6569d595d72cfe6d50d0d3bf3`

205

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97219`
MD5	`8862e4aa98b1d5fc07fe6502e91d06d2`
SHA1	`729d8fc72945f0303e81dd04914b2721e90a035a`
SHA256	`ce653ba55bd5aaf5ac9e0929603095b8794a10190fa9ac917f204ae6fd697f95`
SHA3	`a95410994a75373358a9a7e88988f1d6b7585e93ea0b5deda9459bf0ecfed454`

206

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.10966`
MD5	`1ffe62afd7fe045c34a23ea5c9c7eb22`
SHA1	`ac211007f1f7a65d868d6e9e658d5ff26dec9c8e`
SHA256	`184073a317c843cbe92b68cfacebcf5d73dedb538b3f79c048090f3ee5b614ff`
SHA3	`f34fe335d0a39aedd236cfe40879f6624bc468df8195f5360c1d7267f2bd0113`

209

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99117`
MD5	`2cc0626e46643318e757036974bb3c64`
SHA1	`89e610c76d4c7bbae7823eb58df2cea7b7b9baea`
SHA256	`34fbb70e9d6fb452c6872e1b5e739735a7b08c1a93725721ffdf3d7f851bc6c6`
SHA3	`ac43470b731812991c74fa137379697cbdcc1f8c0ae3176307a35f90f58522a0`

211

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xee`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09105`
MD5	`5aa9a98258c88f84605b67648ea41b1e`
SHA1	`36a73ceb531c84a91ad653b0c9a73eaa1c5bc1ac`
SHA256	`46cd6070a212145392b82ee02f02d85f805ab2c5b3c6224c1b06065d905198a1`
SHA3	`038f8ca6e774a2071b1c1e2a7831ecc39bd3d63d683998baed71ef5bcb56609b`

303

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x120`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.84487`
MD5	`12402b54eddc39fa3dae283957b4eb4c`
SHA1	`beccbeac143c7c78d7271c20c73df7e797c6224b`
SHA256	`4017b96a65ef43c2d6781adc75b048ed8568f3068b81ee971154b90886766250`
SHA3	`d1f0eb13adc7d47e9aa7da0e3a996fd742075668a840e149a5f391955e438793`

304

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x118`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00092`
MD5	`703e421b6d0638bea1a6207854002c71`
SHA1	`41e55f58f99f46ee1f24cf835d92d69c6faad63c`
SHA256	`5e7114d97ed98662c2b61286c6a7e077a56f4c99f90933e086aecf658dc9d712`
SHA3	`98e582928f504e51ab25ac30f379d5c0239770c6569d595d72cfe6d50d0d3bf3`

305

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97219`
MD5	`8862e4aa98b1d5fc07fe6502e91d06d2`
SHA1	`729d8fc72945f0303e81dd04914b2721e90a035a`
SHA256	`ce653ba55bd5aaf5ac9e0929603095b8794a10190fa9ac917f204ae6fd697f95`
SHA3	`a95410994a75373358a9a7e88988f1d6b7585e93ea0b5deda9459bf0ecfed454`

306

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.10966`
MD5	`1ffe62afd7fe045c34a23ea5c9c7eb22`
SHA1	`ac211007f1f7a65d868d6e9e658d5ff26dec9c8e`
SHA256	`184073a317c843cbe92b68cfacebcf5d73dedb538b3f79c048090f3ee5b614ff`
SHA3	`f34fe335d0a39aedd236cfe40879f6624bc468df8195f5360c1d7267f2bd0113`

309

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99117`
MD5	`2cc0626e46643318e757036974bb3c64`
SHA1	`89e610c76d4c7bbae7823eb58df2cea7b7b9baea`
SHA256	`34fbb70e9d6fb452c6872e1b5e739735a7b08c1a93725721ffdf3d7f851bc6c6`
SHA3	`ac43470b731812991c74fa137379697cbdcc1f8c0ae3176307a35f90f58522a0`

311

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xee`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09105`
MD5	`5aa9a98258c88f84605b67648ea41b1e`
SHA1	`36a73ceb531c84a91ad653b0c9a73eaa1c5bc1ac`
SHA256	`46cd6070a212145392b82ee02f02d85f805ab2c5b3c6224c1b06065d905198a1`
SHA3	`038f8ca6e774a2071b1c1e2a7831ecc39bd3d63d683998baed71ef5bcb56609b`

403

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.484`
MD5	`b21b5bb94f7cb7111620ebfb32534430`
SHA1	`d4fa9452937d98ccb59bdc96660d588a5183bba9`
SHA256	`eb6f4dac693c6249bb157ef5cfe6057af4088d7bacfce7089e13a85f0661389a`
SHA3	`08dbbf11ee68c7b878492fecb06c7ac64f494ec1cde2b58149e4a6b1af9f3913`

404

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x104`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.60821`
MD5	`4c6801ae01a238765ebc7c5335952ee0`
SHA1	`b720df68648578bb2747e474e867e816b2365656`
SHA256	`b89c944cec2b05f8028dffc0edbc27d185b251d927ac94eb2b4dd797ca3de394`
SHA3	`26f1c2c8c09f3cc63320b09b578f313542e81643f2211142a36db771d7d8b4aa`

405

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1ec`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.61`
MD5	`6ce2e4ec1c8fd96d2c66f197c0734558`
SHA1	`709ce74d2bf4eec6a2c2010d8e5599ee481e4d3e`
SHA256	`a1082eddd56f0def44e4ce3c82b0a9a09cee9dbcb3097ab31d49ff98bcd6681c`
SHA3	`03ad5128d8a033a66344e19fc7594ff2503089df916d71240295ed66cd032ec3`

406

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86295`
MD5	`cc0021533c65b44747600689ff5fbd43`
SHA1	`b1d1e4594f5ad7b08d56a25cdbe6d9b9378e482b`
SHA256	`ab1e3ad5b5d87630cb0f6a6671c10fe49d9c33839be0d5daeba89ec053dda92c`
SHA3	`84d6def5cee15efe0091dd2b0c1f1293ccd14684a0736bd33e1c5aa70c3471f7`

409

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6232`
MD5	`f0b88499a7ddf69256658621b85cb0a7`
SHA1	`f3d35204bf8fa4fb7c605dedcb01628cdfdef8f7`
SHA256	`f01196d63cc04ebb1a1636d3ef9a33b3daae9a04968e0e2b73ea54633b96b2be`
SHA3	`337ade41b1e92c05ced651c4afcffe0384b751cead4aa7e9d9917ed5ce42a9cd`

411

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xda`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.95838`
MD5	`9f37bba855db60cbddcdc0e9d88a03f2`
SHA1	`8a7f4fa8924db25494d2a75c75b703121027dae9`
SHA256	`959acc2fcf9ca7521fd783d32cd82186feee58ad1748c8f4f5debe287e2efddf`
SHA3	`5c53e66e96aa1ad5883173036a0cb8264659ac69d3652790f99492a37a127079`

503

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x118`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.64541`
MD5	`44c009c9e1abc2355198b432965c61ef`
SHA1	`4c090f75f279e474a9ca4a07ac84935aa769b0dd`
SHA256	`85f659842e9aa525dc22d0ff4e18e14d4e4ccfc924d1fdfa03d50a0410e6c0d6`
SHA3	`f829f224ca0ee8e4f9b0c51c79cc819098ab16c3d55912e0c1aade1677d1a921`

504

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x110`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76092`
MD5	`4b77b4ff97f4f7e650683c639a4c7fcf`
SHA1	`22a88c50a7309fc131dba78761a3f662511329c8`
SHA256	`c260baf8fb5f594581bf312f6a140f890f582ab45081cdba3184afc1b202ecdb`
SHA3	`b50d91eddafba8b4dc1d77eebcb282b429eec2e4ed9b168a5ee8d7108d5b7fae`

505

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1f8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71643`
MD5	`cae4b9e0d6b26cd47ff08bf9caa17328`
SHA1	`9ac464bef48ffaa183c841c233b5191355cc0172`
SHA256	`cb1fbea7e1572cf89436c06cc6f9a8a80b2d373ab34168f507caf6096439059b`
SHA3	`617c1131b8dc21344105aea8affaa21aec2972b56b8aa95075595d8a95bc8a83`

506

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04696`
MD5	`c7239ce55362dabbe3887e5fc4bdf5fe`
SHA1	`a2908207ffb889a12da3cbdbe7446e04b254e7ed`
SHA256	`012557f58e68234d4a88df0b713c59800f798ecce19dfd589d326b458dddcbd8`
SHA3	`34f4adf15b3169820de0c298735a1ea7bc4e5c9737c5baac458a5fbfb356b1f6`

509

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xcc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82628`
MD5	`c845f6d736a4128fd844b01fedf50cfa`
SHA1	`0b1d7c8fc22fae77b304f6b0d174e1cad0e5dd62`
SHA256	`5edcae5279b46d3d969f22aaa150f73d193bace4a225368a4a09b2c3f4232a3f`
SHA3	`75d4b1aa041154ca40ee5f34bd469ac7a3f4dc12c50fb57eadbe4adf10beb157`

511

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.12655`
MD5	`dfa579a6118dced788b606485a6f1884`
SHA1	`bbe189e4f9c250854ff219a65689c57e8240cb6e`
SHA256	`9ae364ac7c7e6d7563a266c58f8d47e83554d88f125a9d4f22677a9327ba0dbd`
SHA3	`17a64fe95dd06290ed81eddb5e65206d51d103b703e87b7c580e7c469ef4a434`

603

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.47654`
MD5	`888fbcc92ebd6174786b32d45350005a`
SHA1	`ba4959d06247a07012fbca926691e2e709c7aa8f`
SHA256	`b98ac97ffc283bc465d34958c79f8a31480c0f98eb44c5e23977bee9ba52b703`
SHA3	`1ec3fb0c9114bc10f7c71e9bf1d15c48a5e39fd99193dfce3db02c097cbb626c`

604

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x104`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.60052`
MD5	`2ac7a2303882039555ba28f516e8d978`
SHA1	`02ec3486072d0db4813b4aba8fb88396d689453d`
SHA256	`5c30f995410de79da0f688e4faa8c570fec75310b00ef9e145b0f756d96f2de3`
SHA3	`f7734f78091a32e8c4a5f5c25ad9e5723cf6a7e835eb7acc17417e0e86787f1b`

605

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1ec`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6156`
MD5	`928bbd8e7e4f5c1aebcc8d7aea0126f4`
SHA1	`254ea8c62c604bcf3be54284a1ee6b8d35864efd`
SHA256	`f77c0b2757f974432c964c850a53a5b98db6d90ce3862e167793811eed0d1347`
SHA3	`a27d85d5aa2a3cecbf2a5d9084ed440678e5689b85e4bb385aa74fdc8ec96ff9`

606

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86626`
MD5	`8c69d2c81dd2d9050d0fa94df90ff16b`
SHA1	`cd71d904da747d7141e5abdde9363f7e240b26bd`
SHA256	`1a39a3aabdee2aa68c507c55ff37c38722b05b7f8bde66185a2462792381d8cd`
SHA3	`b80b33ab6bf40b07bc32c7a6a11831084f7c97a27dff86d576769d0aab14b979`

609

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6232`
MD5	`8308c463c3818368e96094ae96fd187f`
SHA1	`6d48d17b821c251f6d463fab26f5d6708cb9e076`
SHA256	`c516c8cf775d756bde6dd6c3a0a2d8567f9d8f0f5b3e31d1efb1e87fc9233e58`
SHA3	`b30d6ab68e851d66fe8942f8113a7d7ca27e33b85cdea80f6f95a892797a089f`

611

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xda`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.96184`
MD5	`105b6270da58ec2fde8a18c4d38f6e9c`
SHA1	`2c7f5a125ef4a2da5c10371fca6711f6a50fef5d`
SHA256	`f6d446610083806ccee5a86b83c5206339bebb34cf128100f778ce555f0d1592`
SHA3	`31dfc308051c9e46262913547d7a019d762dceab8c2078a39ddf1636786491bb`

703

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x110`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.58011`
MD5	`088199de88ee4293982cec0b65748394`
SHA1	`ccce70fc022137c746dfb6bf52cd785b8675768d`
SHA256	`583b62d87b496612f7e10bf1da5113b8a4c83f0a2155184d03c0b2ec14fb5ed1`
SHA3	`855ba3bd893d691d7c7f704da34c23efd96142d6deefc65d3bdb0e2968f97d95`

704

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x108`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68954`
MD5	`a1ae173ce0f239aaa0461cd2aa65309a`
SHA1	`923fc6dcbae42f7a1c17c0976bc9a82e68ca1b1f`
SHA256	`bf92707348307413fc9b20ad584de30792f83bf332b4cda286a5f64f665b1a1f`
SHA3	`e53c8b87c652503e986bcc40bd17d05ddb0e1728fe3c8e5ece0eb7abd81117ca`

705

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.66995`
MD5	`327c4c7d72cfccbc825db2223fff0194`
SHA1	`ac964308ef6baa20aa381b269ecad756e98f5109`
SHA256	`c8908172569e23a001394e98e4dea3f5e1c57e8cb6f1703ec1c9983adbff35d0`
SHA3	`bd235e490c85fd86b25086046a00ea0d514984003ce377e6978dd87c040a780b`

706

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.96511`
MD5	`c33758ab32a791644973dfd60cbf6034`
SHA1	`ee7eb0a27279d39a959f5d35b6dfd4c18c7123fa`
SHA256	`6e7bca0054a1785929747807906d8527c2c2a231ca5975d8ebb3a3f98353f129`
SHA3	`8883e9e9fe2e8e33f0c0a0dcb5c13456e825a62100aa3e10099e225770ecc9ff`

709

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.75421`
MD5	`69e1d1623040867ecf346643b32703cc`
SHA1	`e401bcaf6582f96e1d3200f748f8d2f242f8136f`
SHA256	`5fcae4276073692a4b07a060c63114409cc1f49f179be57ab80432d22e28ccd8`
SHA3	`39fc49844efbd57496bed8a9afc73393752f17a4e311278db6d94ec97f63ca13`

711

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xde`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06743`
MD5	`3d805e8b1db664350920fa54af00bffb`
SHA1	`9f35315a83ae85588061c505a0a6524d57aa6f64`
SHA256	`48fcd7489aebd54872d91bbc6ec188804e3cb27d28597d1879c442bfd6a1f093`
SHA3	`bf8de8797eb0cc6a2cc5b67a3077c52ee61efc50ec99a50aebb2d6d64d6181f3`

103 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.73226`
Detected Filetype	Icon file
MD5	`5af8cb4af6cecaed564b1177546db10a`
SHA1	`87694c3d85073df7cd106761c4b652c068ee53f2`
SHA256	`4d5a08222594765eb4f41119e9be9b9558c68b580c8de332d172a89a6fe68c01`
SHA3	`25eba2ecf3abd5de8082c16079adc56319893c8837e933a58c1d77e6d9ffe64a`

1 (#2)

Type	`RT_VERSION`
Language	Ukrainian - Ukraine
Codepage	UNKNOWN
Size	`0x330`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37266`
MD5	`bfd40a19bbe1e4cfc43e2cd3a295bbf0`
SHA1	`a3200da939351db95da42f83d27a72a4f2c56bc2`
SHA256	`c9d039320281118fe188bab3ec6b6d217e3483afd3d05bf3ecb419e0fea7e141`
SHA3	`dae1207dde398734f857618a813d908ef3c6d95a51a3a0c56effb50e7e81ce5e`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x592`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.30838`
MD5	`73840d48b5168aa7e19d1d3896912265`
SHA1	`74d5c457d7efe9c56e6d96438ae6bfe5b837ec84`
SHA256	`09c7e443180cf58c9087eb886f49e64549fbe15f23d396dd193fa85c9ac5d176`
SHA3	`c71e2beca398dbc0401aa5b33b72531b34f2ae6db4358cbc0c3f3a7d3b2204bc`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0`
FileVersion	3.8.7.0
ProductVersion	3.8.7.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Ukrainian - Ukraine
Comments	https://github.com/henrypp
CompanyName	Henry++
FileDescription	simplewall
FileVersion (#2)	3.8.7
InternalName	simplewall
LegalCopyright	(c) Henry++. All rights reversed.
OriginalFilename	simplewall-3.8.7-setup.exe
ProductName	simplewall
ProductVersion (#2)	3.8.7

Resource LangID	Ukrainian - Ukraine

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xfeab8c2d`
Unmarked objects	`0`
C objects (VS2003 (.NET) build 4035)	`2`
Imports (VS2003 (.NET) build 4035)	`15`
Total imports	`171`
C objects (VS2012 build 50727 / VS2005 build 50727)	`15`
Resource objects (VS2012 build 50727 / VS2005 build 50727)	`1`
Linker (VS2012 build 50727 / VS2005 build 50727)	`1`

Errors

[*] Warning: Section .ndata has a size of 0!