Manalyze report for 1b7f4b2ff37655a9f3b2325b3ac2bbbd

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2023-Apr-28 16:53:45
Detected languages	English - United States
Debug artifacts	C:\Users\Asus\Desktop\Challenge1\x64\Debug\Challenge1.pdb

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Suspicious	The PE is possibly packed.	`Section .textbss is both writable and executable.` `Unusual section name found: .msvcjmc`
Malicious	VirusTotal score: 6/71 (Scanned on 2023-05-25 08:47:40)	`Cynet: Malicious (score: 100)` `APEX: Malicious` `Google: Detected` `Ikarus: Trojan.Win64.Rozena` `Fortinet: Malicious_Behavior.SB` `DeepInstinct: MALICIOUS`

Hashes

MD5	`1b7f4b2ff37655a9f3b2325b3ac2bbbd`
SHA1	`d3a63aa91a28911a53159792e49a80bab00841be`
SHA256	`c779e46e9cdbb754ffb81025b21d1e82143221533197bd97e90d04b99237c44f`
SHA3	`4bc02f8b0291abea0943911fd8335b3365dc3e53b25ceedc18d498227505c97a`
SSDeep	`1536:3MY/t0oD4QUqaWatYBBFzlJEugUYCqZ7S:cY/tZD4Q/apYBB7bYCqZ7`
Imports Hash	`c19a265dff9458889d511d96edcb3102`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`10`
TimeDateStamp	2023-Apr-28 16:53:45
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xd800`
SizeOfInitializedData	`0x26600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000011456 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x49000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.textbss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x10000`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.text

MD5	`33672902fe6d9682f306bfaa340848f3`
SHA1	`8cde969dce0d26a61b3b13a14ab48beb361a59b4`
SHA256	`0373b080a1be5d9b6c0e8910590e0712e27082e82077c18f14589e969992b250`
SHA3	`577760cd648f9bbf9120a75874a6ec0548ee1d4b726281fbc379c069fc7b3d58`
VirtualSize	`0xd769`
VirtualAddress	`0x11000`
SizeOfRawData	`0xd800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`4.14109`

.rdata

MD5	`e1eb917dea8b23de3617e7458829fabc`
SHA1	`6782f012eaa2f2b8f312f7cf60181e03b52c1043`
SHA256	`bcb2f94a77cc1e74f1b22e98b559a974ecc1cf4328136e12e64eb3a7d928b12f`
SHA3	`23f32f4fbdb6acf7a07bc242995109b61237a6f9b709dec43331a5c273ba7b34`
VirtualSize	`0x4b71`
VirtualAddress	`0x1f000`
SizeOfRawData	`0x4c00`
PointerToRawData	`0xdc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.76235`

.data

MD5	`44133c7d33a921885f406a1db311465e`
SHA1	`53f3bf0ae7d5313070c76b445c84e8b671d48406`
SHA256	`d746eb3b53b3a3374e283a6a49b66e17eccbe5a84cc2047712fac3c2a7b8241a`
SHA3	`f2c1ee7b6c04f00ab00511353712e5cc68e3f18d1d6e02e4f1d7498ffe54a83e`
VirtualSize	`0xbc0`
VirtualAddress	`0x24000`
SizeOfRawData	`0x600`
PointerToRawData	`0x12800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.851989`

.pdata

MD5	`5e6b31aa35a51e4d07b670fd417e2b28`
SHA1	`c3b0453ce9adff839ea569f965f269216cc307af`
SHA256	`751309f7f15bd9eb571b700485cff050aa03a84016b9db756c435f8ea4647fe7`
SHA3	`11edf1c357c2edf362ac86414f79777d79289e5d5e9db83f194d6a563e5cd0e2`
VirtualSize	`0x285c`
VirtualAddress	`0x25000`
SizeOfRawData	`0x2a00`
PointerToRawData	`0x12e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.95285`

.idata

MD5	`04dbaa520046cf684cca79328d6d6fc0`
SHA1	`6ce3a2fb5d67bf5169769912ac7d92d086d951c8`
SHA256	`c0b9962fa0e8055136740d7aa1b6961bb9d8909b1fa90388486eee44fbcfc42f`
SHA3	`7d3410410565577d87225f7fb2869462b19b2403382afc381ebc9b687f209bf7`
VirtualSize	`0x1808`
VirtualAddress	`0x28000`
SizeOfRawData	`0x1a00`
PointerToRawData	`0x15800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.76974`

.msvcjmc

MD5	`5ad7d8e66f7357581ff358bbba8f4218`
SHA1	`147c01d1c453a4f0ae76a45f292f4fcefb72581e`
SHA256	`e2729800a9ef26f4f6e8b2b59c117ea20f97e515c171a9aeb006bd92afe38864`
SHA3	`81691396c764ca807e7a940eaf635ddcf038d87cef4b27b625540a772062ad1f`
VirtualSize	`0x223`
VirtualAddress	`0x2a000`
SizeOfRawData	`0x400`
PointerToRawData	`0x17200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.790529`

.00cfg

MD5	`d96a0c8d26ec9de882e22fd953316a53`
SHA1	`1621d7f665e590e7c26819107e6c305661b3ac4c`
SHA256	`09128cbece4c30bdf94952f05ae814167467de00b63cffefbd0c425cded0b0b1`
SHA3	`0c5b92d54ff9d3cbdad83b543616242d37bb7be1fa0ec9f015d88023d513dd62`
VirtualSize	`0x175`
VirtualAddress	`0x2b000`
SizeOfRawData	`0x200`
PointerToRawData	`0x17600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.468649`

.rsrc

MD5	`17c79ce51f4de4befff9aef972088f4b`
SHA1	`45420f7504f55ac5d264fc3dbeeed1490d1a530b`
SHA256	`def4e6d49a14209f7108cbd4c3ff1286e83e13a05822d3382af2942be906157c`
SHA3	`bed4b45a7508fd5b0eb1a40ac22a9447b26cc58265c6a0c48f17e840f442c33f`
VirtualSize	`0x1bdf0`
VirtualAddress	`0x2c000`
SizeOfRawData	`0x1be00`
PointerToRawData	`0x17800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.60668`

.reloc

MD5	`3f6eb62303f1db3793b55b2f4d410ab1`
SHA1	`372ef703cc78d782ffac37a43e108a41e07a3841`
SHA256	`db4fdbdbec3ca8f48d6972010c652b1980e4488a8766d68dd02ffdcf45c77d08`
SHA3	`9d53c3248effd3031042ab47e3227d23f3098a81c207258ec50aafe82b97bfa5`
VirtualSize	`0x448`
VirtualAddress	`0x48000`
SizeOfRawData	`0x600`
PointerToRawData	`0x33600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`1.039`

Imports

KERNEL32.dll	`Sleep` `FreeLibrary` `VirtualQuery` `GetProcessHeap` `HeapFree` `HeapAlloc` `GetLastError` `GetModuleHandleW` `GetStartupInfoW` `InitializeSListHead` `GetSystemTimeAsFileTime` `GetCurrentProcessId` `QueryPerformanceCounter` `IsProcessorFeaturePresent` `TerminateProcess` `GetCurrentProcess` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `RtlCaptureContext` `WideCharToMultiByte` `MultiByteToWideChar` `RaiseException` `IsDebuggerPresent` `GetCurrentThreadId` `GetProcAddress`
MSVCP140D.dll	`?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ` `?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ` `?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ` `??1_Lockit@std@@QEAA@XZ` `?_Xlength_error@std@@YAXPEBD@Z` `?uncaught_exception@std@@YA_NXZ` `?good@ios_base@std@@QEBA_NXZ` `?flags@ios_base@std@@QEBAHXZ` `?width@ios_base@std@@QEBA_JXZ` `?width@ios_base@std@@QEAA_J_J@Z` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `??0_Lockit@std@@QEAA@H@Z`
VCRUNTIME140D.dll	`__vcrt_GetModuleHandleW` `__vcrt_GetModuleFileNameW` `__current_exception_context` `__vcrt_LoadLibraryExW` `__std_type_info_destroy_list` `_CxxThrowException` `__C_specific_handler_noexcept` `__C_specific_handler` `__current_exception` `memcpy` `memmove` `__std_exception_copy` `__std_exception_destroy`
VCRUNTIME140_1D.dll	`__CxxFrameHandler4`
ucrtbased.dll	`__p__commode` `_configthreadlocale` `strcpy_s` `strcat_s` `__stdio_common_vsprintf_s` `_seh_filter_dll` `_initialize_onexit_table` `_register_onexit_function` `_execute_onexit_table` `_crt_atexit` `_crt_at_quick_exit` `terminate` `_wmakepath_s` `_wsplitpath_s` `wcscpy_s` `_register_thread_local_exe_atexit_callback` `_c_exit` `_cexit` `__p___argv` `__p___argc` `_set_fmode` `_exit` `exit` `_initterm` `_get_initial_narrow_environment` `_initialize_narrow_environment` `_configure_narrow_argv` `__setusermatherr` `_set_app_type` `_seh_filter_exe` `_CrtDbgReportW` `malloc` `_callnewh` `toupper` `isalpha` `strlen` `_CrtDbgReport` `_invalid_parameter` `_set_new_mode` `_free_dbg` `_initterm_e`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x115a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.40514`
Detected Filetype	PNG graphic file
MD5	`80effeaf0f7f73030c8c163b1d372a73`
SHA1	`2fe13eb3e7bca557f85fc8f9b9cae0bcc471b2b8`
SHA256	`fb2d880da70a3656bd101b0abef32bf9fa1cd534f722390a89726d6688a9b69a`
SHA3	`09fc211cee1c94a133ffcd534ee37fbf0cbc1361fd7597fdae82672b1a5ed951`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.26975`
MD5	`f1116353e3532f47558905b9bf055ccd`
SHA1	`c811f9279167c9403f4ace49d15ea4903e111a4c`
SHA256	`8449d82e04180f53b51638f4be40711c0ec460a6d8974814281ca3ad023a6f7c`
SHA3	`8b370bb368464c8ef4b224957a67081802a791c011f3a79505fcbb00750bf58d`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.1346`
MD5	`556efe1176ce501c76135e739a4e351f`
SHA1	`8111ff3a50a39de110c9e7ec763b6e8ff7ee0ef2`
SHA256	`4d473837de08a8436ca2395d0c5f32c21520932efdeddc1901a10af5392f88d9`
SHA3	`5ee61c09e5a367b13359b017f3154d6b35c0ba5c7ca0b56adde22d7aa36b8507`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.398`
MD5	`837e52eb38d74315e357d8f125c4df81`
SHA1	`03c8def2cd7c7cb2ed4104ecddfe81b6ddd4e658`
SHA256	`98174f3472ca0f9554ba63205b25c32599203ed666ed11fe97b0ea8e139bfcbb`
SHA3	`e311783462de1ba36b6ee0703350bf7e2e1d4bdd64e4290fbc2ac4d4be1fb838`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x90b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.34276`
Detected Filetype	PNG graphic file
MD5	`6ddb2971171f0cbb5a7a1e24daf9c058`
SHA1	`a92c044ebf614033ebcecb80ab7da6db5b0f47ba`
SHA256	`29f3cf41dd19aae1f411e6682ad4076909714abcec3c7604da2865d8781f4435`
SHA3	`4e91d648365b090fd3d80a8178669937da27063df98faebc1f0e9b2bcc9fd26e`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68124`
MD5	`020378554aef476bca9321efd923987b`
SHA1	`bf562d60d3cfcd46edc694b514067f794f889b4d`
SHA256	`f12c4d9291ec41fe83d9f607e7e5e97c9ad91d4b6ce630362c90a7bbb6a33f87`
SHA3	`5bdea54b791bb08ed05c13760559a65dc1094e9359b70070333f561218217d3c`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80715`
MD5	`ee6aab0d2a2a3b593c956cf42f77ae3a`
SHA1	`80eea6b72d811395a7ae8faa087f6c4e023113c1`
SHA256	`5d3accd3fffb51a126c51b31c8c702eb82d7d263adc40f79cef611505b657b2e`
SHA3	`10af8fd3eb86072414476d7292ca23b3cc81a97950e0b2de7c174c7fdc0b2829`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82161`
MD5	`754e2bdcacf6a45aeae73a4fe1e18874`
SHA1	`4201cb1e3adbad8d330ed3b4a5dbd93be8d7a23a`
SHA256	`26109c3d569485c1a47d9387a1c01c8ba80e5f72c5b3e68349e1fb445f3c8a91`
SHA3	`2b9b049adf2fa9fad570f5e40eaa1b32f374d686a03f2b3ca42dbd584e169a2e`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9458`
MD5	`049adcf7dae1847bdc61e2839c33815f`
SHA1	`63ed6cc6be6dfc49080de6a75c19fdda47bb6e4d`
SHA256	`6b75bee5cf9b91b5365172e6cec8710325aea24bfd15eb71343b1e4e048f5558`
SHA3	`20ce7114961ea521dc59b71b0cad68fc3896c90b7813b067e75a3174dd19a79b`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x115a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.40514`
Detected Filetype	PNG graphic file
MD5	`80effeaf0f7f73030c8c163b1d372a73`
SHA1	`2fe13eb3e7bca557f85fc8f9b9cae0bcc471b2b8`
SHA256	`fb2d880da70a3656bd101b0abef32bf9fa1cd534f722390a89726d6688a9b69a`
SHA3	`09fc211cee1c94a133ffcd534ee37fbf0cbc1361fd7597fdae82672b1a5ed951`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.26975`
MD5	`f1116353e3532f47558905b9bf055ccd`
SHA1	`c811f9279167c9403f4ace49d15ea4903e111a4c`
SHA256	`8449d82e04180f53b51638f4be40711c0ec460a6d8974814281ca3ad023a6f7c`
SHA3	`8b370bb368464c8ef4b224957a67081802a791c011f3a79505fcbb00750bf58d`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.1346`
MD5	`556efe1176ce501c76135e739a4e351f`
SHA1	`8111ff3a50a39de110c9e7ec763b6e8ff7ee0ef2`
SHA256	`4d473837de08a8436ca2395d0c5f32c21520932efdeddc1901a10af5392f88d9`
SHA3	`5ee61c09e5a367b13359b017f3154d6b35c0ba5c7ca0b56adde22d7aa36b8507`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.398`
MD5	`837e52eb38d74315e357d8f125c4df81`
SHA1	`03c8def2cd7c7cb2ed4104ecddfe81b6ddd4e658`
SHA256	`98174f3472ca0f9554ba63205b25c32599203ed666ed11fe97b0ea8e139bfcbb`
SHA3	`e311783462de1ba36b6ee0703350bf7e2e1d4bdd64e4290fbc2ac4d4be1fb838`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x90b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.34276`
Detected Filetype	PNG graphic file
MD5	`6ddb2971171f0cbb5a7a1e24daf9c058`
SHA1	`a92c044ebf614033ebcecb80ab7da6db5b0f47ba`
SHA256	`29f3cf41dd19aae1f411e6682ad4076909714abcec3c7604da2865d8781f4435`
SHA3	`4e91d648365b090fd3d80a8178669937da27063df98faebc1f0e9b2bcc9fd26e`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68124`
MD5	`020378554aef476bca9321efd923987b`
SHA1	`bf562d60d3cfcd46edc694b514067f794f889b4d`
SHA256	`f12c4d9291ec41fe83d9f607e7e5e97c9ad91d4b6ce630362c90a7bbb6a33f87`
SHA3	`5bdea54b791bb08ed05c13760559a65dc1094e9359b70070333f561218217d3c`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80715`
MD5	`ee6aab0d2a2a3b593c956cf42f77ae3a`
SHA1	`80eea6b72d811395a7ae8faa087f6c4e023113c1`
SHA256	`5d3accd3fffb51a126c51b31c8c702eb82d7d263adc40f79cef611505b657b2e`
SHA3	`10af8fd3eb86072414476d7292ca23b3cc81a97950e0b2de7c174c7fdc0b2829`

17

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82161`
MD5	`754e2bdcacf6a45aeae73a4fe1e18874`
SHA1	`4201cb1e3adbad8d330ed3b4a5dbd93be8d7a23a`
SHA256	`26109c3d569485c1a47d9387a1c01c8ba80e5f72c5b3e68349e1fb445f3c8a91`
SHA3	`2b9b049adf2fa9fad570f5e40eaa1b32f374d686a03f2b3ca42dbd584e169a2e`

18

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9458`
MD5	`049adcf7dae1847bdc61e2839c33815f`
SHA1	`63ed6cc6be6dfc49080de6a75c19fdda47bb6e4d`
SHA256	`6b75bee5cf9b91b5365172e6cec8710325aea24bfd15eb71343b1e4e048f5558`
SHA3	`20ce7114961ea521dc59b71b0cad68fc3896c90b7813b067e75a3174dd19a79b`

109

Type	`RT_MENU`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71163`
MD5	`2886ccd7dc1bd6dec8413a00b53046a0`
SHA1	`a09dea8ae745541a9d191d42d68510db8f648b5d`
SHA256	`a29831e4a3fac395e2aa86df5a0906ed2beebda018745be869477d636148f7af`
SHA3	`fc89873b946c12a8b176b7eff05b2c4445b56a96c045e40e9d49ecc09a4d0fcb`

103

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x13c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16875`
MD5	`2ed9248b3f121f9668731373de3e683e`
SHA1	`0efaa239a651c8806929ee1130527a996ee0eb1d`
SHA256	`c64f267f0d3479a69e259537a69e781de08512ee19a94e8b51da125b142c2c46`
SHA3	`160a849229df43ad73cfe5c1aa06af8bb7c9e1cd86750aaba669cee917dd9cb1`

7 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x48`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.05614`
MD5	`47cfa1ff200f92edd4ffa1923a2738db`
SHA1	`31b622686f88822bfe39590d25d3c35153c589d9`
SHA256	`a2d1b195a74d46a04501162bac6830c801c393d8394bbd35525b33203a3a2634`
SHA3	`310f1b35a24903f457e9eba93786558e133dd22d4b52178d42b2e0f4e882acd0`

109 (#2)

Type	`RT_ACCELERATOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.79879`
MD5	`3d2b1af3424dbcd504f73918619c7d99`
SHA1	`10d6ed54ea742211a14a05414883f6c00c03080a`
SHA256	`c2f0c188d6c493d7827bf83fb89c704815796445a0178bb2ae79658d96703a3c`
SHA3	`b8c5f28d2c132e5bc304e4dc1b314a3f32a2e48675c06828a2a8a014ea05e7fb`

107

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80887`
Detected Filetype	Icon file
MD5	`3c05e220887a3ece785e94ba01ef2365`
SHA1	`58b72f9ecac3827e770a073030bf1c48de0e31f1`
SHA256	`b89482d2dfd349ed0465241aa76507fd25a49dfafed3c7233afd53a3ff36f6a7`
SHA3	`2cd355b6a0b659201c97af9c629791d1d7e083c8a4dca9ab93ce5582cae117ae`

108

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.85121`
Detected Filetype	Icon file
MD5	`761371fb444ffe3cba9630fa53a07e52`
SHA1	`09e05edf4a7a8d5b314e96d9aae9250fd86ea068`
SHA256	`ca27366c72f3cad07bc9e39d6626a6a059cb939d6985475e49dd8e5b93cbbe86`
SHA3	`32af3f3ea06c3d9cc09fb775f4610d3b91f2af87cb8a700b5d1b0ab04f95b0ce`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

String Table contents

Challenge1
CHALLENGE1

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-Apr-28 16:53:45
Version	`0.0`
SizeofData	`82`
AddressOfRawData	`0x21ce8`
PointerToRawData	`0x108e8`
Referenced File	C:\Users\Asus\Desktop\Challenge1\x64\Debug\Challenge1.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2023-Apr-28 16:53:45
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x21d3c`
PointerToRawData	`0x1093c`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140024010`

RICH Header

XOR Key	`0x1c69e579`
Unmarked objects	`0`
C++ objects (VS2022 Update 2 (17.2.0-1) compiler 31328)	`30`
C objects (VS2022 Update 2 (17.2.0-1) compiler 31328)	`11`
ASM objects (VS2022 Update 2 (17.2.0-1) compiler 31328)	`3`
Imports (VS2022 Update 2 (17.2.0-1) compiler 31328)	`6`
Imports (30795)	`5`
Total imports	`101`
C++ objects (VS2022 Update 2 (17.2.5-6) compiler 31332)	`1`
Resource objects (VS2022 Update 2 (17.2.5-6) compiler 31332)	`1`
151	`1`
Linker (VS2022 Update 2 (17.2.5-6) compiler 31332)	`1`

Errors

[*] Warning: Section .textbss has a size of 0!