Manalyze report for 1cb4a1ad9ee27f8da3a3838f1d0a1573

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2019-Nov-15 23:53:03
Detected languages	English - United States
TLS Callbacks	2 callback(s) detected.
Debug artifacts	chrome.exe.pdb
CompanyName	Google LLC
FileDescription	Google Chrome
FileVersion	`78.0.3904.108`
InternalName	chrome_exe
LegalCopyright	Copyright 2019 Google LLC. All rights reserved.
OriginalFilename	chrome.exe
ProductName	Google Chrome
ProductVersion	`78.0.3904.108`
CompanyShortName	Google
ProductShortName	Chrome
LastChange	4b26898a39ee037623a72fcfb77279fce0e7d648-refs/branch-heads/3904@{#889}
Official Build	1

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: rundll32.exe` `Contains references to internet browsers: chrome.exe`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES`
Suspicious	The PE is possibly packed.	`Unusual section name found: .retplne` `Unusual section name found: CPADinfo` `Unusual section name found: prot`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExA LoadLibraryExW LoadLibraryW` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Code injection capabilities: CreateRemoteThread OpenProcess VirtualAllocEx WriteProcessMemory` `Code injection capabilities (mapping injection): CreateFileMappingW CreateRemoteThread MapViewOfFile` `Possibly launches other programs: CreateProcessW` `Can create temporary files: CreateFileW GetTempPathW` `Memory manipulation functions often used by packers: VirtualAllocEx VirtualProtect VirtualProtectEx` `Enumerates local disk drives: GetDriveTypeW` `Manipulates other processes: OpenProcess ReadProcessMemory WriteProcessMemory`
Info	The PE is digitally signed.	`Signer: Google LLC` `Issuer: DigiCert SHA2 Assured ID Code Signing CA`
Safe	VirusTotal score: 0/68 (Scanned on 2019-12-03 04:38:08)	`All the AVs think this file is safe.`

Hashes

MD5	`1cb4a1ad9ee27f8da3a3838f1d0a1573`
SHA1	`f461f1427c461a9a2d386c244f0d62e43cdc5ccb`
SHA256	`98a8c0168e17133fd6cc240c1af3dd5fed3e0c3c677dfabfb28c93974595c411`
SHA3	`52be916aba8881dd54c31d49bbdcf29320e1ae918bc30107a871619184e2a0f0`
SSDeep	`24576:WbmhjNU+kR46WhPyq+dmGkyw6paCHHSTC7r90oQ:WbmVN2R46AIc/yw8dHyT5`
Imports Hash	`33a5b26a702addd392b9d897c658b474`

DOS Header

e_magic	`MZ`
e_cblp	`0x78`
e_cp	`0x1`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0`
e_ss	`0`
e_sp	`0`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x78`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`11`
TimeDateStamp	2019-Nov-15 23:53:03
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x117200`
SizeOfInitializedData	`0x84c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000000F04C0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.2`
ImageVersion	`0.0`
SubsystemVersion	`5.2`
Win32VersionValue	`0`
SizeOfImage	`0x1ac000`
SizeOfHeaders	`0x400`
Checksum	`0x1abf76`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x800000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`7a08b2563fe375535b67f768e7038c54`
SHA1	`4c9e0c0761dcdbdb4eb5d8d42d9fdc1e3ee90150`
SHA256	`e54a2b7e8448d53809de91dc56abc375f623b3444a06de0935fe081b7e3d3b93`
SHA3	`58cb468bf05ac7ba3d17248ad5cf0f640faedd84f8286ab44a049fe386361354`
VirtualSize	`0x117184`
VirtualAddress	`0x1000`
SizeOfRawData	`0x117200`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.50777`

.rdata

MD5	`30898d22294ea7fb1b74fb71416a2c26`
SHA1	`5b77d62f40e87236d47ee9fb3b44dbae1b2f3ed2`
SHA256	`9f2a11b41a0545a92325825df013c89fd6e02a892ecf4a838631bd098ba5c1dd`
SHA3	`e5b2e90bfa55d6094fc066da520580f15b2f180f48cb26ebd0244a8ec6aed2b8`
VirtualSize	`0x31b1c`
VirtualAddress	`0x119000`
SizeOfRawData	`0x31c00`
PointerToRawData	`0x117600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.69862`

.data

MD5	`6a1cfe8f12ececf4b82c408d80efd806`
SHA1	`5f8d3f617c63444c244a3deb463793d6abd6ce9b`
SHA256	`45a479b77dff9c7e4687fdf86fae8038db1eb0407b0d4263895cace81647df29`
SHA3	`afc0c70df6646ce0912b780e81e1de04dcc34a09fc5183350c9be0f8f01941b5`
VirtualSize	`0xb118`
VirtualAddress	`0x14b000`
SizeOfRawData	`0x3800`
PointerToRawData	`0x149200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.25519`

.pdata

MD5	`12420478e6ed5338698a9426f07df950`
SHA1	`52d0835896274203ebe22b11e56620482c298de2`
SHA256	`15412335d1b3eb38a65aa8ff1e0f782d22121e06f65c40126e77b50d30974cd4`
SHA3	`42503025b229fbcdfe66d4a75c1b373c3a0d07d76f5b1e69fb044211c58731a6`
VirtualSize	`0xba90`
VirtualAddress	`0x157000`
SizeOfRawData	`0xbc00`
PointerToRawData	`0x14ca00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.95064`

.00cfg

MD5	`ccfb193f76ebd3aebbbf2693db1362f9`
SHA1	`b49f7d408d7b2ae31d00191de3b3595fbc4cee8d`
SHA256	`112c86be5541be3d8a3326e32edf9ae1db5d1737d08fc6102cb2705f0594e464`
SHA3	`0573ba956302222795527b758a67757812a5e221fc0427bb16d8cea805ee883c`
VirtualSize	`0x10`
VirtualAddress	`0x163000`
SizeOfRawData	`0x200`
PointerToRawData	`0x158600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.175526`

.retplne

MD5	`bcdee87f658a7bf4080188f07db97ca9`
SHA1	`b39e6a63392c43a2a2310b05f34539a40d08ab89`
SHA256	`cd7e321e97c97e7868f84d576463927c198cae07e3a7bfef1e7946eeae0a2de4`
SHA3	`84c1a226c0a000aaafed916616a5fee7cc655286427c324e2f74ac12ddd2eaf5`
VirtualSize	`0xc`
VirtualAddress	`0x164000`
SizeOfRawData	`0x200`
PointerToRawData	`0x158800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`(EMPTY)`
Entropy	`0.220113`

.tls

MD5	`cee49f38e4febb61d807cbf80d6a3735`
SHA1	`2a95f0b741021c2d9705b7af84b12df9da24ecdd`
SHA256	`f333cbf02061e1aeaec7bf2ec09a1e7c8184f5ce8277b142e84c0369500319dd`
SHA3	`01e4bc0abb51d2d3e550efa3cd7d11d9ffc3b43cc8b5f0a4eda3a327c920ee17`
VirtualSize	`0x19`
VirtualAddress	`0x165000`
SizeOfRawData	`0x200`
PointerToRawData	`0x158a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.136464`

CPADinfo

MD5	`60d3ea61d541c9be2e845d2787fb9574`
SHA1	`a314e912df98dd680cdb9679390177a970ee9ac8`
SHA256	`911d1a12eca8935990172cfcd6768f9c6351ed94b700833b2cf0cf457a1d752d`
SHA3	`44f366ded1e40e29d2543686d5e4f2fc6daf379b056e4f94af32c16e9f6b2205`
VirtualSize	`0x38`
VirtualAddress	`0x166000`
SizeOfRawData	`0x200`
PointerToRawData	`0x158c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.122276`

prot

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x174`
VirtualAddress	`0x167000`
SizeOfRawData	`0x200`
PointerToRawData	`0x158e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0`

.rsrc

MD5	`d0662eddcaf1167bffe393a192af6383`
SHA1	`a04f7b45534868a4f7115b20dd1bec7cf0f9e3ce`
SHA256	`e1221bc89ce1b01dac6e743f80d3742c4c2beb1fa54407859f2e71e772f41bbc`
SHA3	`5235cd0f18e28e2daf2a873c845e610c97c88d76265db21b875bbac47f5bc92b`
VirtualSize	`0x41330`
VirtualAddress	`0x168000`
SizeOfRawData	`0x41400`
PointerToRawData	`0x159000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.73113`

.reloc

MD5	`e23a7b0474bec2fddcbd7c16289280c7`
SHA1	`453b4c8720700df2a5561325b044f58f6a77213a`
SHA256	`ed061817be968da189d7265f1a6d7eb047b5d49c57de3e2d9e6404e042a20ed3`
SHA3	`761e15ea41aa243e254d142991cbfcd0f7242fb89cd7857691e348c80b2a8263`
VirtualSize	`0x1ee0`
VirtualAddress	`0x1aa000`
SizeOfRawData	`0x2000`
PointerToRawData	`0x19a400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.40664`

Imports

chrome_elf.dll	`GetInstallDetailsPayload` `SignalChromeElf` `SignalInitializeCrashReporting`
KERNEL32.dll	`AcquireSRWLockExclusive` `AssignProcessToJobObject` `CloseHandle` `CompareStringW` `ConnectNamedPipe` `CreateDirectoryW` `CreateEventW` `CreateFileMappingW` `CreateFileW` `CreateIoCompletionPort` `CreateJobObjectW` `CreateMutexW` `CreateNamedPipeW` `CreateProcessW` `CreateRemoteThread` `CreateSemaphoreW` `CreateThread` `DebugBreak` `DeleteCriticalSection` `DeleteFileW` `DeleteProcThreadAttributeList` `DisconnectNamedPipe` `DuplicateHandle` `EncodePointer` `EnterCriticalSection` `EnumSystemLocalesEx` `EnumSystemLocalesW` `ExitProcess` `ExpandEnvironmentStringsW` `FileTimeToSystemTime` `FindClose` `FindFirstFileExW` `FindNextFileW` `FlushFileBuffers` `FlushViewOfFile` `FormatMessageA` `FreeEnvironmentStringsW` `FreeLibrary` `GetACP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `GetComputerNameExW` `GetConsoleCP` `GetConsoleMode` `GetCurrentDirectoryW` `GetCurrentProcess` `GetCurrentProcessId` `GetCurrentProcessorNumber` `GetCurrentThread` `GetCurrentThreadId` `GetDateFormatW` `GetDriveTypeW` `GetEnvironmentStringsW` `GetExitCodeProcess` `GetFileAttributesW` `GetFileInformationByHandle` `GetFileInformationByHandleEx` `GetFileSizeEx` `GetFileType` `GetFullPathNameW` `GetLastError` `GetLocalTime` `GetLocaleInfoW` `GetLongPathNameW` `GetModuleFileNameW` `GetModuleHandleA` `GetModuleHandleExW` `GetModuleHandleW` `GetNativeSystemInfo` `GetOEMCP` `GetProcAddress` `GetProcessHandleCount` `GetProcessHeaps` `GetProcessId` `GetProcessTimes` `GetProductInfo` `GetQueuedCompletionStatus` `GetStartupInfoW` `GetStdHandle` `GetStringTypeW` `GetSystemDefaultLCID` `GetSystemDirectoryW` `GetSystemInfo` `GetSystemTimeAsFileTime` `GetTempPathW` `GetThreadContext` `GetThreadId` `GetThreadLocale` `GetThreadPriority` `GetTickCount` `GetTimeFormatW` `GetTimeZoneInformation` `GetUserDefaultLCID` `GetUserDefaultLangID` `GetUserDefaultLocaleName` `GetVersion` `GetVersionExW` `GetWindowsDirectoryW` `HeapAlloc` `HeapCreate` `HeapDestroy` `HeapFree` `HeapReAlloc` `HeapSetInformation` `HeapSize` `InitOnceExecuteOnce` `InitializeCriticalSection` `InitializeCriticalSectionAndSpinCount` `InitializeProcThreadAttributeList` `InitializeSListHead` `IsDebuggerPresent` `IsProcessorFeaturePresent` `IsValidCodePage` `IsValidLocale` `IsWow64Process` `K32GetPerformanceInfo` `K32GetProcessMemoryInfo` `K32QueryWorkingSetEx` `LCMapStringW` `LeaveCriticalSection` `LoadLibraryExA` `LoadLibraryExW` `LoadLibraryW` `LocalFree` `LockFileEx` `MapViewOfFile` `MoveFileW` `MultiByteToWideChar` `OpenProcess` `OutputDebugStringA` `OutputDebugStringW` `PeekNamedPipe` `PostQueuedCompletionStatus` `ProcessIdToSessionId` `QueryDosDeviceW` `QueryPerformanceCounter` `QueryPerformanceFrequency` `QueryThreadCycleTime` `RaiseException` `ReadConsoleW` `ReadFile` `ReadProcessMemory` `RegisterWaitForSingleObject` `ReleaseSRWLockExclusive` `ReleaseSemaphore` `RemoveDirectoryW` `ReplaceFileW` `ResetEvent` `ResumeThread` `RtlCaptureContext` `RtlCaptureStackBackTrace` `RtlLookupFunctionEntry` `RtlPcToFileHeader` `RtlUnwind` `RtlUnwindEx` `RtlVirtualUnwind` `SearchPathW` `SetConsoleCtrlHandler` `SetCurrentDirectoryW` `SetEndOfFile` `SetEnvironmentVariableW` `SetEvent` `SetFileAttributesW` `SetFilePointerEx` `SetHandleInformation` `SetInformationJobObject` `SetLastError` `SetNamedPipeHandleState` `SetProcessShutdownParameters` `SetStdHandle` `SetThreadAffinityMask` `SetThreadPriority` `SetUnhandledExceptionFilter` `SignalObjectAndWait` `Sleep` `SleepConditionVariableSRW` `SleepEx` `SuspendThread` `SwitchToThread` `SystemTimeToTzSpecificLocalTime` `TerminateJobObject` `TerminateProcess` `TlsAlloc` `TlsFree` `TlsGetValue` `TlsSetValue` `TransactNamedPipe` `TryAcquireSRWLockExclusive` `UnhandledExceptionFilter` `UnlockFileEx` `UnmapViewOfFile` `UnregisterWaitEx` `UpdateProcThreadAttribute` `VirtualAllocEx` `VirtualFree` `VirtualFreeEx` `VirtualProtect` `VirtualProtectEx` `VirtualQuery` `VirtualQueryEx` `WaitForSingleObject` `WaitForSingleObjectEx` `WaitNamedPipeW` `WakeAllConditionVariable` `WideCharToMultiByte` `Wow64GetThreadContext` `WriteConsoleW` `WriteFile` `WriteProcessMemory` `lstrlenW`
VERSION.dll	`GetFileVersionInfoSizeW` `GetFileVersionInfoW` `VerQueryValueW`
SHELL32.dll (delay-loaded)	`CommandLineToArgvW` `SHGetFolderPathW` `SHGetKnownFolderPath`

Delayed Imports

Attributes	`0x1`
Name	`SHELL32.dll`
ModuleHandle	`0x14e488`
DelayImportAddressTable	`0x14e4d8`
DelayImportNameTable	`0x13ec90`
BoundDelayImportTable	`0`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

GetHandleVerifier

Ordinal	`1`
Address	`0x48130`

IsSandboxedProcess

Ordinal	`2`
Address	`0x396d0`

1

Type	`GOOGLEUPDATEAPPLICATIONCOMMANDS`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.811278`
MD5	`4352d88a78aa39750bf70cd6f27bcaa5`
SHA1	`3c585604e87f855973731fea83e21fab9392d2fc`
SHA256	`67abdd721024f0ff4e0b3f4c2fc13bc5bad42d0b7851d456d88d203d15aaa450`
SHA3	`295cd1698c6ac5bd804a09e50f19f8549475e52db1c6ebd441ed0c7b256e1ddf`

1 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.83636`
MD5	`21e86632149118ddf1513af97ab326a4`
SHA1	`784e9b0d737edbbe2d42b987d8c879afcb847a02`
SHA256	`1613adec73ece8547aedf99b900b90a56a75b119aef6bb8a2abc74ba7d030d9f`
SHA3	`4f08cc3fda91586c7d248bf5f4d31c1d112da9810ddc804ea5759e52453d3964`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.38732`
MD5	`66d02c2cd3fdf2a2ea974f10f06be9e2`
SHA1	`a9a9277163cb12ca12e02d896ccef3dc04a12f2d`
SHA256	`c72008030d38a91f6fdd1cd94c0e87bdfb476daf98582e4e1c526fecb1bdc192`
SHA3	`d2452ae759a94907f8f0e136eca096e66456974ee320ff7466c86bda90bed581`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.85963`
MD5	`0fa99286225ab650ad2cbb9f1f30543a`
SHA1	`8194ddcba274f4754cfbd27fc59c6dc38dbe13dc`
SHA256	`8563e68e3edcfa8b005678e16c34e48d13fe1911b583f6b2568b72a9aa172857`
SHA3	`0d21ca180ebcd3f1ee6522793d238f7394ea9fa67fae27257f8429d42124ad46`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.94888`
MD5	`cce3458a8ede462bc68565a40b850d2a`
SHA1	`0c39e78875e80eafda54692624e02932f91c2597`
SHA256	`22ee761ee2ca1cfd5d8c905b7f469cead6d70f63c747ff6ee96b2d145d965321`
SHA3	`f0891c6cf887d9e765b0453dc21db694a5bcb3085c281cd2761485da3d1f9197`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.12819`
MD5	`49a59e4ed93451434e8e68fd1babadb3`
SHA1	`c8a4a6ae3c50d402362339a6d093bc0198b4d9b2`
SHA256	`775a14102c986291192a6092082449d1d1af13a8f47ff708bdf7ca5d00bf7da6`
SHA3	`94ffc16e26e6c46190a6b9c453a6eca6d54a1dcdb3025447a8b2e117adbe47ed`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.75663`
MD5	`20426e0ed02ef9b348665a2265f9b7f3`
SHA1	`9add3343edc634ba17cfcaf88d623ffcd916b7f3`
SHA256	`03f828832b0ed1b5a2dbef4e1377d5a2557fa95167272fa954aeed190e78fb72`
SHA3	`e08ae70399d3a3b767b39fdc170871e0b670a87bf178e72880ec150c0712613b`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x763d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97292`
Detected Filetype	PNG graphic file
MD5	`879084eb72bc336136393bcec02dcc4f`
SHA1	`d822b20a35cc2a5fe1901454a5387d079bc754ad`
SHA256	`35a240ac166c48bf47f535ea492d999d20c49fa22f102bea222988486ebefc67`
SHA3	`95a4dbb04071fccd3373f9f6e363c15d864d2f896dcbea8ffbcf8220b9c0f8e3`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.683289`
MD5	`8ef7201191780e973dce0102f6fefb81`
SHA1	`44e9bcc350bcf5171f4c67ec6eb6b9aceb3a929f`
SHA256	`5b307e70dd01cb65696f2c5186909178df8661624905ca84ee1253a03331970a`
SHA3	`c5c1172e7758f71205540c12506eb4e7e4110195b747836e314bb546ebeba294`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01487`
MD5	`f8b00e298d51e0d6ae7dc037c8974128`
SHA1	`acc19ade1e742e1e2162c36daa6ecbaee98dc12a`
SHA256	`9bf1698e2de763035bf9fd261262cffd3e7b073eb9f093876d9af3cb01a8dbf2`
SHA3	`d4b18207616699516bc5616ba88038adf65b04085f0dadd0f0eb930f4d76eb68`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.09086`
MD5	`b9a254a091e61478ee6252009c2602c5`
SHA1	`a5fb256d1591ca4ccd0a433c69004cc45d4140c6`
SHA256	`34671a8ad7c8c8a1a985d3d91a58cdf94fe1fcdf8bdf21d333bd6dca9eec7600`
SHA3	`b6c15cb91cef01b6b7123e6d2056243ce7bb41a85278b9cab139fcb11005699d`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.94881`
MD5	`2749d82d4f866db7087d3e593a2a4341`
SHA1	`46f40b5929b953e5ecaee8174e1cd2464cf1cdda`
SHA256	`7ff9751bff7ffd2200d112c3390be850ab74ae40f0696ff78e1477facd8a8287`
SHA3	`55533f79c5a983f5d3bfb97c6e599032ff875b396b8d9023d4cbac79c2621265`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.41469`
MD5	`925590c64cd768dce462fdb25a5ce5eb`
SHA1	`d54f9193681e2a87ffd06d702199046e00a1ed36`
SHA256	`183ee8f87cb70f90e994bd8c524b42fc4b8e91c69645a237a9630708597088ca`
SHA3	`a751a014be61af39d8a30150ed2ba3ebaa288850fe44d6a9e635518eb575bd55`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.2485`
MD5	`7891d76f542aa3f41eca9ecda5c9eae8`
SHA1	`6e33828db3f41ea75c13544f68932ffc99ab218e`
SHA256	`ae29f86e34b99194e28d4e7054762f4a825b4c0b881115a753f46c2b050f8c9b`
SHA3	`9d173e1fd622d324836477c557b0fa0340766e6db8aaba58b153464d998f8fe9`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91524`
MD5	`0dd9468e44bae8120caa794783ea6dd5`
SHA1	`e614456737905bbcc8a8670da1ee71d1aaa2d612`
SHA256	`fe2e1c459274139888f901555a6d18b7b5dc5d1fcd77edf3fe7c420d2c09584a`
SHA3	`bb8e99bdc41b4d19f8f8b1a3230e0e97c82ce838164d5a18a0187c7831c9ccbd`

17

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4ad4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94381`
Detected Filetype	PNG graphic file
MD5	`52d92596cc04712f855022250d0326b3`
SHA1	`c6205683e0326067c3146901f7d71bc09af39803`
SHA256	`dc8c3e8b7df6124fcb52166675b758f06510ebfd2dc12338b2b964c998a612d8`
SHA3	`75ffedcee5c8323b2c0df08f7b675642b1d73cb19c9adaaabfa3ed02d359dda8`

18

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.2177`
MD5	`709e57a14a93b9d9afb7d524a8d7fbae`
SHA1	`2348373ed7bdfbf45d6ccc3f2729b836463d2212`
SHA256	`5ed6a5b996c51a861436b244ba5894edb1e25d431f954c0db84ad86a7c37394a`
SHA3	`4306276f528f553a331c568291a1bd3baaca7bf43206c5ea0fb5fc6329bc1a0a`

19

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50519`
MD5	`2be7cf502029821d227c5526f72b2407`
SHA1	`a83a5416dda4fea6e756f128ff60bc24be03adb3`
SHA256	`4f0a444631d150557a83b2fc6b45f5c13de5a6781bc21d739144c80364d0b23a`
SHA3	`a40951f877476e0ac6c6fabf0c3cf499dedcb944fcc99894e752370b8b9789f6`

20

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.48311`
MD5	`6cb366d6e930c9cc52c8b667eba3e33e`
SHA1	`03d7b524730be2f996eb06c11e4c84bae966c298`
SHA256	`d2e94c9d59a94d86224f1789ff7b3b6c5a20a36ea2ed714ee90f969791915fcf`
SHA3	`67243cc44eae8e5ff1e3f5795c72e0e0f42e3dcdddf494a3653d2c616d109b4d`

21

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.23684`
Detected Filetype	PNG graphic file
MD5	`daea97dc33d39711f852add32f016aad`
SHA1	`33b56832ec8f281d4e930efba39f799cf5c72316`
SHA256	`3db59ef5287bcbcabcece9f62096730c4fb22f4dd37886e24dcde6475e40b0ad`
SHA3	`fccf6cd294555489592d7f4ecd7fc70e6e04c037e1fa5e0b679347c6aa1d176a`

22

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50939`
MD5	`66e6b61ce6f7d21ac44d41fa9e25f0ed`
SHA1	`48d4149809669c7587e6053c0a74200b729ca650`
SHA256	`7318cf61f1c6a78ead9818f56903eb233fbf7e4002afe265589df4ac2ed424ed`
SHA3	`2425d60c47c6f4968a11ac6261261a9f1886c0c20572cb39d2fbe92680a93cc3`

23

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.38571`
MD5	`a00e1a7b96131d5adf42c20068ae81c1`
SHA1	`a350dfa4091bace86ae842e2d47a77ff6385ea08`
SHA256	`871551205d56446ffba7bc05219b3845976deac5fa604e1bad5f32feab95ddc2`
SHA3	`9303359883e8487df1ac3ea68f1b895c01e370b66c6526d85b9c43dbab1b5a6a`

24

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.78098`
MD5	`fbef85a618976961a75dd005f8c49ab6`
SHA1	`ea31563ffcb10741e20538efd188f220d7a664f7`
SHA256	`7b910259b9195288f78676025810d3746e41d0d8954106a40d44786933a4339a`
SHA3	`4556397da1ee2ce63744649f4e835e9a3aa3110668980b1707befc48b2f15030`

25

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.04932`
MD5	`bcfce9992791cf08b3fe6261aab09f10`
SHA1	`fef27acf80c0f428b6e0d995a57e3055b2a5e63a`
SHA256	`dc38ed877d398fc13fdf7b4f973972d42c0f95a610fc229c80686ad67fffd850`
SHA3	`121d843b8b939b2c48ef056030e5de3e685a9819a9ba531decb6b02cb2aa80c3`

26

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.36206`
MD5	`c1c01972831543fe2a5ef4c0040078a1`
SHA1	`d788fd0d44d09e1902b02c25c45e9a9c19d5f7a4`
SHA256	`70a1e88ba27e4812bbd76effad00d384e3b41bd9b3769420d6324b09c5533476`
SHA3	`a7d445d2c4098129a013664ee6b207ac55f1867fac7e729c90083466bfa2a279`

27

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32848`
MD5	`c356bd600928338b8f0e051ffffa189c`
SHA1	`13d9cc50f84b79e681ffefecb81ce6a2f09432d6`
SHA256	`c09211ff01d51888346b65fcff0f2aacc1b690e4b962284864403c1a992ea77f`
SHA3	`08f6a44101017036a9060e0a6cfd0e21c0043666a8cb08e1b6a73d58a7f6edbb`

28

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.26182`
Detected Filetype	PNG graphic file
MD5	`0f189417b942f34ce8368c87f4d31142`
SHA1	`069ef73de075012d8841c92a6c82bb75e4958498`
SHA256	`b453bd151060d95195de6f3d5525d84d6ec5b9eb015dadd141191e44a761ff3d`
SHA3	`9bebe9aca991c872995eed0156cfbc05f014e9f39a8eb6f0f9d30ad838daae6b`

29

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.26371`
MD5	`dba22c253a5ba4318c87a1454250a99d`
SHA1	`beddfe88fc6ad93419be2b1a8b4fe630a94dbbb5`
SHA256	`6dc5afe1d6b3bb10447cd60b6e7f4f9765d1761a425ca8a654d5d07992e57dc6`
SHA3	`2b80aa9fa20db3e1aa28e2c0e079dd70a27763c5ef7f5a70bf834a545a36597e`

30

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.14085`
MD5	`095a457ede21d64fc5b30f2c79ed9a7a`
SHA1	`a150641558c4fa6af377dc5fed4bf185625a4f20`
SHA256	`531a74d0203d447acc9b8c3dfc22ff9dedf54c9f6f59c59fac85e45444eba221`
SHA3	`9b1b462018c339023681ee15cef6ddadb9a39241930e090abb7ccddcb7184e7b`

31

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.5746`
MD5	`f17a5aa31adb97277ebcef702b26d81f`
SHA1	`daa62ab7d2cec7239fc588c6a54d3a54f60ed358`
SHA256	`6b38ccc080d2867b5d7c454c051efe089053008ae44c989bf3db02f7d4f0461b`
SHA3	`d8332a487115a68a03b541067efb3922b37166eba6f8f38e94707aef7f2f78a0`

32

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70621`
MD5	`7a8fd82c16489f1ed6e5cdc5dc38c815`
SHA1	`595b39dc0c92b6e3943ea918a213cec58503daf4`
SHA256	`9260d8b6f0fd7fc00e9a960db1b1283180efd59049be2c8867a4e660b1ff0123`
SHA3	`2eec2ac06df13fa72c5317fe2f7e049cddea95363b53620674c73c866a7f8d52`

33

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1234`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.90997`
MD5	`11921cfff61b5877c53bb37c86b6d09c`
SHA1	`3800127e39a03ea9b2a9f79538d40227ef4d0c89`
SHA256	`c714566bd8b7f0be360e68950a5615a2fb365d53b14ea7c2812f23c458497799`
SHA3	`0e2df531413bcc400f2f42179d34b093d3229754f3ee9d7c982faacd2f766e18`

34

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.72497`
MD5	`0e559d7f5897727c98dfdd1e6c3631e7`
SHA1	`fcd9803592250e14d186e9c8fd0f094e7debfdf0`
SHA256	`6e6dd7cc3df380721e4678fb1825b982df22a4dc058091634e733c33f3543b1f`
SHA3	`54cc4d475eb6e3066dda379e7ce197dad0d994522cc58d68673a5707d4aa46cf`

35

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x184b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91162`
Detected Filetype	PNG graphic file
MD5	`e3e595605f7ba7a83a424e5698b342b4`
SHA1	`b7cf89a883818649ffeab77f323b07808b1b717e`
SHA256	`05de73b49e62f848770d877a92a4a920e2ef6812538b84ab3a3255ee89bf3666`
SHA3	`0a0834c7fc8c9270e4ef414eb9095219a154fefc631b38f811eb7639a46a3aec`

36

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.66902`
MD5	`0a1bae1bb33d6a31b45e549593702748`
SHA1	`b3d58b4d10a003a9aa71e663f2e97a37a22e12f3`
SHA256	`24dd4a2bc100e424e4ff0cb52438ec7963b5db91bb2c3e7f51f94f079575ef24`
SHA3	`2c2fc48a2d5261fef0cd6a72252a1c9f006bbf9f458e84d1f11e91231607009e`

37

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.70138`
MD5	`2c063ebe81bfe367657369f84794f788`
SHA1	`89fe55e99910974dde3448220d9f525899df94fe`
SHA256	`27ff87a71d18d4e1ceaf34262f76a54865b86930abc6b08574e9e399cc4e59e5`
SHA3	`dfdd5b0eb674828d6c168b52cce6d95806fc4c8b9cf42e1095c49332b12946db`

38

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.47022`
MD5	`d166696d7ef458502d8976b7cdf2fa22`
SHA1	`d12e4dcbe786d9884594b30e2e4a2b465b5d0ae3`
SHA256	`fde738891bde474d1103b9a861cb0237cba76375e989f21ec004916620d82c97`
SHA3	`e815decedabbad2b838e464c9ada619b7a3011d595fd40bdeea6f45884cc5ec1`

39

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.84304`
MD5	`34bd7d1b025712ab20d7009efffe46a9`
SHA1	`73a54178d167d842914ee4dab7b7abeae999424d`
SHA256	`794eca90c9886289855ccad7ff4b90955e27ce5e339e932d1efb7b3751784fad`
SHA3	`1d82147ade703e9104f48ed7ddfe0d367c42e632fb00cf970c8db69d98b24a05`

40

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.90012`
MD5	`41615ee9091f386587920568fb85544f`
SHA1	`8bc4beadc60b6d419a61a85875bfa008a10f920e`
SHA256	`2646e75dd3f4904e090e328314543ca6d9d2b1285e35529c2888b5b35dca3850`
SHA3	`67919164cd679e74b65c631f0c450eebbada1d3439f332beeac027d739899a21`

41

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.46812`
MD5	`19c8ff3857ac33265f2ab7c520b8a3e3`
SHA1	`1c2d4dade5acb3faee5162cbd22343d9f6960ea1`
SHA256	`c0ee3dc43bb9b981dcbd879e258d8162a46cea9260fbac8176618329925e77c3`
SHA3	`65c78cc6ed1d4ce024433200d6c5a7cb8b99ec2912d0fedaf71c6191ddfd04a1`

42

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x61df`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97162`
Detected Filetype	PNG graphic file
MD5	`594dd9a54daf9c18b633f7f677a0c166`
SHA1	`35a4bcff2c467104923591109077c6f3e2d5aae8`
SHA256	`fc27905e16852cfc4f1a6aba55849dee9dcbc70fad95d67d6d805a2b3fc1f0e8`
SHA3	`b9181b5a9ea9702bbb25de190ed308cd9a1c2c65e94e65fd4c1fb4512b0087d4`

43

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.73095`
MD5	`b298c0eedcc3a4068e20f695ccfdba85`
SHA1	`4b8bcfb9668e5bb68f5ca85b7b9f3aca41cbdc03`
SHA256	`1d1171f3da4d77417a55ad55e7f5a9c04ac6df832df58482d1d72045bfb40e16`
SHA3	`ef461853101bd2d989cb0fa503484a30cb68bea84f2021ac63a93bd87b80fd90`

44

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.84816`
MD5	`87eda49d26b12d32d999a49cf75602fe`
SHA1	`cbb20f3df45ea5aa4f56115498fd34bfaebdd017`
SHA256	`43d04a1bbdb4fa968ad72fece95cf5975b5363f6241ee4be81c31adc39c42d88`
SHA3	`ca361cc0aa987438730639e1a54578405c6c182b7ba761717ee68da87391b3aa`

45

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.48338`
MD5	`c69502c7cdd3f2e41b1f92e827829804`
SHA1	`f03ecec6dd2031bbdfab9762d0fcf49cffe4b9b9`
SHA256	`9cc306084a84cc79b2992a12dc3bf428d1e44bce64de5d187bd99859e71b3828`
SHA3	`206cf2615b57574e708807672fa9cd1a385a0cf700ef65bf479d7c33f968b3e9`

46

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.87451`
MD5	`57a2bb0e05c7185f79a41d80436187f2`
SHA1	`29504f8ee77a08dc43b0607ef36f55cded065b90`
SHA256	`8b8f7f994fcb5609e82dde8862e4957d7c0e9b321bd36dc32b3763ddfa6b3fd8`
SHA3	`388c5ef52c7e232d3c004dcb7835809d282a7646a70a03fb167bf6123d650ade`

47

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.95588`
MD5	`f1e07f8bf95e32e7501dd0a098150a25`
SHA1	`2f53e6b335342fa3f6e37b5cf57ceaecfb99fb4a`
SHA256	`da9dbaa7d018c2918c81d7f6b93c8229eba81f635a20b9ac4be14033c3d651bb`
SHA3	`5d6989659bf7a2b0d68e8f0836f2d9bb20e30d50f63d4fe3617e96609e8a1bd1`

48

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50782`
MD5	`9f7c8f627aacce1cd476a97a049118cb`
SHA1	`9a55a7b711cf9890e131a67ab9ad76844998fc8c`
SHA256	`e9e464ce50ba36210cbb2df2bd7e38c96349835c78b2b074bc22d0d808513b34`
SHA3	`991988812c8dabf4a32aaf1e6089bdad05c8ef47146d678bdf3b27af8014dec1`

49

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x63c3`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97184`
Detected Filetype	PNG graphic file
MD5	`f240f6036310374dcb3edab325db869e`
SHA1	`225ad3b749cfd28afb98377e29280fd5ed4fd2fc`
SHA256	`10aeabb1c598b6d48691ffb89ebcfd864ec91b46ca97367675d20f196b8d0062`
SHA3	`d27fac903523699e448f5063c9d61d955d0b7330dd77727a095229dba0da367c`

IDR_MAINFRAME

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71858`
Detected Filetype	Icon file
MD5	`2def445ec18037fa3e27c345007d6e42`
SHA1	`f7a0581bb995fca5885a3e7adeb156a6e2732c56`
SHA256	`d6617ef4a080eebc4cb0167495e0147a12d805941d84f8672d2da243e2bf96ec`
SHA3	`49a0ee33b0d7752cc14d93e47b1b19d3d8934b7f0b700108cd8e13edbb41f310`

IDR_MAINFRAME_2

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`873bcb0a4f260dafb74951ad3e5fd322`
SHA1	`28b3c3eefeb1d2d358b7cfad8c9bad3b58af5bad`
SHA256	`5d2d1780d6c9b7d5f10f09e3d3961dcaa76ae352b3779ee5e61d85a2cb6abc93`
SHA3	`bd41ae6b3165ea2dc355430746fac4cf547c32339f4b6c62901a4d37d9b77318`

IDR_MAINFRAME_3

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`3b0fd43b3680282401c0cb3c4c612b68`
SHA1	`f64624ace0e4dff68270d1514a920c316620eb8a`
SHA256	`1c1f0f6b102eb5312f2f38521369e520d19875584393d97fb180fb4c1d62abe6`
SHA3	`83d68819966dde5f63533cf1b40b67949da624117160bdfa6a918b5b2abd033d`

IDR_MAINFRAME_4

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.64375`
Detected Filetype	Icon file
MD5	`271e7c2b08ba11d591e860928dc779e6`
SHA1	`30b1f8b82b283b8ea13a06193335af0b17974090`
SHA256	`d0e027b4c6cf8e62ac274c864d81f88f3efffa4adade1bf1c371aa7b7ac230e1`
SHA3	`f980cc5a5ba7a4c16389b78c438950f846eff946bfad6e716ed1d34149d4c5a9`

IDR_SXS

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76309`
Detected Filetype	Icon file
MD5	`b1a60164531332541205113a67bb7a4d`
SHA1	`c21fcc6e34bf2991dcf714fe8bc7730bb7ebc2ea`
SHA256	`2b4a1ffac26402e82798f63d68f6b13b6a2611da8c2dd3de5690e38586f3f26d`
SHA3	`ed6d26bb7cafeeff2a93c9bd991dadcd55444cb84e4c51f81724a2cf21923b14`

IDR_X001_APP_LIST

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`7e59398cf39211644e47a8226d6866a0`
SHA1	`d74d3597dde5ba1ee9cee7ba282eb879e07e7842`
SHA256	`cf97f0124f7c390ff347f63f62f55ec6ae10bdfc8dfed840358932f89ca00648`
SHA3	`3f6b204972cd80f74a78fac523d22fe10455e3ec4d6c0852921e00282cffb2fb`

IDR_X002_APP_LIST_SXS

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`4472fd1b9f64afb390c6c818b7559b60`
SHA1	`2432fbc0a12ff3258df50cadf37bfa1d5ad3184d`
SHA256	`78d1b59ae4e1a03ce6e179b92467867824e888dc00ce8c396a589a1c237cb49e`
SHA3	`03005179999f010ef511a223aa22f95bc6a472162d01a3e98023488ef4639d4b`

IDR_X003_INCOGNITO

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68084`
Detected Filetype	Icon file
MD5	`b361eaa37f3efe2f6305eabb4922df36`
SHA1	`24abf6089ba045c7154d8eae7f2619c1d7a7e794`
SHA256	`556bad1ea9fc323da5e5e6f28a10dbc9112e9e0e0bc72ea42a4dd161ff82dc54`
SHA3	`c463e01e1200f8312bf4903c52a19574e86455f12d39d6033ae5f6870acdb7bf`

IDR_X004_DEV

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.80059`
Detected Filetype	Icon file
MD5	`0964f519d7e50007ced56132cd682f3a`
SHA1	`ee1202f06f79bf948d8198b0dcc58058919507ff`
SHA256	`e01ed79612c8eaa7cce52f6e0fd46ffbdd3cca3c6a7b5d56003a8eee30b31430`
SHA3	`fc795a155ca9925e73a82b1302ac9bab0e1b06b46ddde515026653f60abb840d`

IDR_X005_BETA

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.78511`
Detected Filetype	Icon file
MD5	`6447ee17c47ba71b671ab693c7d175b3`
SHA1	`228a2302f3884dcc6560172912fdd3710fc6db43`
SHA256	`e34b2099026b3e1c84638ab437bfc1264c2d601d05d488870dcad77e4bfbdf62`
SHA3	`cf7047e33c21c643179b5f26390ffa258bb8d2eabaf4b83c495e588bac31536c`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x450`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.51572`
MD5	`4b2660915228e60d7ec2185c5d90520d`
SHA1	`b94635b46f89d366e06d24b75efc724e583cc8da`
SHA256	`91d34eac95d81fbc88181dcf9d406aefa66acad8232306b9f01188723f2c5608`
SHA3	`ce9955d4ba5006bad347639fa8e0d63e3911d5060fe8c422560480c0f84abbb0`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4d8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3107`
MD5	`236de5d6aa4bca9f2f380cb21963931e`
SHA1	`59f4a9ed648483a65bce11d285ef4d84f58aa8b2`
SHA256	`c5ecbadbed1c0a2808724a5599ffa79985935f8764132a5da0374177ed83d79a`
SHA3	`6e3020a9b4c141b6601a6acadf71301dacc091f6c421e7870ec890ecc0bd396e`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	78.0.3904.108
ProductVersion	78.0.3904.108
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Google LLC
FileDescription	Google Chrome
FileVersion (#2)	78.0.3904.108
InternalName	chrome_exe
LegalCopyright	Copyright 2019 Google LLC. All rights reserved.
OriginalFilename	chrome.exe
ProductName	Google Chrome
ProductVersion (#2)	78.0.3904.108
CompanyShortName	Google
ProductShortName	Chrome
LastChange	4b26898a39ee037623a72fcfb77279fce0e7d648-refs/branch-heads/3904@{#889}
Official Build	1

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2019-Nov-15 23:53:03
Version	`0.0`
SizeofData	`39`
AddressOfRawData	`0x13d648`
PointerToRawData	`0x13bc48`
Referenced File	chrome.exe.pdb

TLS Callbacks

StartAddressOfRawData	`0x140165000`
EndAddressOfRawData	`0x140165018`
AddressOfIndex	`0x140152050`
AddressOfCallbacks	`0x14013eae0`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`0x000000014008B9A0` `0x00000001400C94B0`

Load Configuration

Size	`0x100`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14014c378`
GuardCFCheckFunctionPointer	`5370163200`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

Errors

[*] Warning: 1 invalid export(s) not shown.