Manalyze report for 2a2f8e9614bdbf9ce7f4d4681dae6e31

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2016-Oct-17 13:02:05
Detected languages	English - United States
CompanyName	Hikari Calyx Tech
FileDescription	PNX-AOP Bootloader Unlocker
FileVersion	`1,0,3,11`
ProductName	Bootloader Unlocker
InternalName	0x8 UBLK
ProductVersion	`1.0.3.11`
LegalCopyright	2019 (C) Hikari Calyx Tech. All rights Reserved.

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig2(h)`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Possibly launches other programs: CreateProcessA` `Can create temporary files: CreateFileA GetTempPathA` `Can take screenshots: GetDC CreateCompatibleDC BitBlt`
Suspicious	The PE is possibly a dropper.	`Resource 21BC3F6BA4ACA90E2A4595727F1B1A23 is possibly compressed or encrypted.` `Resource E2AF5C45D04AFA77225A7ED7DB23BA33 is possibly compressed or encrypted.` `Resources amount for 98.2668% of the executable.`
Malicious	VirusTotal score: 21/65 (Scanned on 2019-05-21 14:28:23)	`FireEye: Generic.mg.2a2f8e9614bdbf9c` `CAT-QuickHeal: Trojan.KillProc.S219381` `K7GW: Riskware ( 0040eff71 )` `K7AntiVirus: Riskware ( 0040eff71 )` `Cyren: W32/Trojan.CJFR-5972` `APEX: Malicious` `Tencent: Dropper.Win32.Agent.f` `DrWeb: Trojan.MulDrop7.63872` `Invincea: heuristic` `McAfee-GW-Edition: BehavesLike.Win32.Downloader.wc` `Trapmine: malicious.high.ml.score` `SentinelOne: DFI - Malicious PE` `F-Prot: W32/Trojan2.PBHJ` `Antiy-AVL: Trojan/Win32.AGeneric` `Endgame: malicious (high confidence)` `Acronis: suspicious` `VBA32: BScope.Trojan.MulDrop` `Cylance: Unsafe` `Rising: Malware.Heuristic.MLite(91%) (AI-LITE:isXvONvxpXPFDzsPp1o6VQ)` `Cybereason: malicious.0c6707` `CrowdStrike: win/malicious_confidence_80% (D)`

Hashes

MD5	`2a2f8e9614bdbf9ce7f4d4681dae6e31`
SHA1	`b0407240c67074f522924cde34b9f6935c0f9f31`
SHA256	`26743704d8f95b7fdf1b10a5a89796312d7b1799f92dd62f798afe855381f499`
SHA3	`b4a8eac45cdb7505f2a314ed1404af2ab21a6f09120375264bcdf042211d21d1`
SSDeep	`98304:0Kj63xlZu+zUw2aSIeQvorF+pqh6x7A5zaDs6:0KAxlZRQIe+oJS46xWao6`
Imports Hash	`29b9cc44d3e2287540325b486d563745`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2016-Oct-17 13:02:05
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0xec00`
SizeOfInitializedData	`0x3e5c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00001000 (Section: .code)`
BaseOfCode	`0x1000`
BaseOfData	`0x11000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x3f8000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x2000`
SizeofHeapReserve	`0x200000`
SizeofHeapCommit	`0x2000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.code

MD5	`24c108e1fa1a841cebf4bc56da5e49aa`
SHA1	`0e84f62d156ee8b07eb4938bff7309418b1db884`
SHA256	`521d017f3e8c354f96423a92657c8f389ce47ad744d361c32a0b8e537a382f9e`
SHA3	`f0348a66a152f32cad6ce6da9ddd9c58a5911b527489c70c0ac6647394d5091d`
VirtualSize	`0x3201`
VirtualAddress	`0x1000`
SizeOfRawData	`0x3400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.10602`

.text

MD5	`9865587e2adceeebe060c869c1de5c1a`
SHA1	`13c35899693878eea70e11c54349e58e1c8f6fdb`
SHA256	`e55a1f276716ff9c827abb0831548d18862e64eacd746afb40bde017bdd7852f`
SHA3	`97a1b8b0fe945faaa6f9681a4d97a200b6ef870380d3a2fb6d25267c9fad5327`
VirtualSize	`0xb7f5`
VirtualAddress	`0x5000`
SizeOfRawData	`0xb800`
PointerToRawData	`0x3800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.60043`

.rdata

MD5	`ede3479610009809efe84d66a4ce1888`
SHA1	`39d8a6489626d2dc153cd0f98d0fc8c97d2c5af6`
SHA256	`8c69788a7ce05023d9ff3ec57cb07632bc06beb9d9538c2e90b674bb7f49b815`
SHA3	`ae31fbbf4a1ea957bb6ce75e43134c66e5afd151e614d507ec40bca04a9a261c`
VirtualSize	`0x98e`
VirtualAddress	`0x11000`
SizeOfRawData	`0xa00`
PointerToRawData	`0xf000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.61645`

.data

MD5	`e6a845f9a19765743fe5404857491fc9`
SHA1	`0c56972eebfdb81ff6537e2b6ef6105b56192bf8`
SHA256	`e8ca628d92f878e846e15f55600b14370a1dc1b7f7b186152151a115a92991c3`
SHA3	`e04fae9cd98788cf96fda7d6ac0bb4a74fec8613bd858b14e3487718ce76c6b9`
VirtualSize	`0x1c98`
VirtualAddress	`0x12000`
SizeOfRawData	`0x1600`
PointerToRawData	`0xfa00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.4882`

.rsrc

MD5	`74b2cf1cfd7a49fae066919704592890`
SHA1	`f54d02482da070652289a7e48cb33935fd02aef0`
SHA256	`fe64581f20615c8ff1a19b221525df04741aa6dc9945dc2a39d124affcd015c4`
SHA3	`3900ba67c72ea44d419701b1cd5d1d524577c000d1148f7fe2f5950df799b27b`
VirtualSize	`0x3e3a54`
VirtualAddress	`0x14000`
SizeOfRawData	`0x3e3c00`
PointerToRawData	`0x11000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.99346`

Imports

MSVCRT.dll	`memset` `strncmp` `memmove` `strncpy` `strstr` `_strnicmp` `_stricmp` `strlen` `strcmp` `strcpy` `strcat` `memcpy` `sprintf` `fabs` `ceil` `malloc` `floor` `free` `fclose` `tolower`
KERNEL32.dll	`GetModuleHandleA` `HeapCreate` `SetConsoleCtrlHandler` `GetCommandLineA` `RemoveDirectoryA` `GetTempFileNameA` `GetShortPathNameA` `GetWindowsDirectoryA` `GetSystemDirectoryA` `HeapDestroy` `ExitProcess` `GetNativeSystemInfo` `FindResourceA` `LoadResource` `SizeofResource` `HeapAlloc` `HeapFree` `Sleep` `LoadLibraryA` `GetProcAddress` `FreeLibrary` `GetCurrentThreadId` `GetCurrentProcessId` `CloseHandle` `InitializeCriticalSection` `GetModuleFileNameA` `GetEnvironmentVariableA` `SetEnvironmentVariableA` `GetCurrentProcess` `DuplicateHandle` `CreatePipe` `GetStdHandle` `CreateProcessA` `WaitForSingleObject` `EnterCriticalSection` `LeaveCriticalSection` `TerminateProcess` `GetExitCodeProcess` `CreateFileA` `ReadFile` `WriteFile` `SetFilePointer` `DeleteFileA` `GetFileSize` `HeapReAlloc` `SetUnhandledExceptionFilter` `GetVersionExA` `SetLastError` `HeapSize` `TlsAlloc` `GetCurrentDirectoryA` `SetCurrentDirectoryA` `GetTempPathA` `SetFileAttributesA` `CreateDirectoryA` `DeleteCriticalSection` `MultiByteToWideChar` `WideCharToMultiByte`
USER32.DLL	`CharUpperA` `CharLowerA` `MessageBoxA` `SendMessageA` `PostMessageA` `GetWindowThreadProcessId` `IsWindowVisible` `GetWindowLongA` `GetForegroundWindow` `IsWindowEnabled` `EnableWindow` `EnumWindows` `SetWindowPos` `DestroyWindow` `GetDC` `GetWindowTextLengthA` `GetWindowTextA` `SetRect` `DrawTextA` `GetSystemMetrics` `ReleaseDC` `GetSysColor` `GetSysColorBrush` `CreateWindowExA` `CallWindowProcA` `SetWindowLongA` `SetFocus` `RedrawWindow` `RemovePropA` `DefWindowProcA` `SetPropA` `GetParent` `GetPropA` `GetWindow` `SetActiveWindow` `UnregisterClassA` `DestroyAcceleratorTable` `LoadIconA` `LoadCursorA` `RegisterClassA` `AdjustWindowRectEx` `ShowWindow` `CreateAcceleratorTableA` `PeekMessageA` `MsgWaitForMultipleObjects` `GetMessageA` `GetActiveWindow` `TranslateAcceleratorA` `TranslateMessage` `DispatchMessageA` `GetFocus` `GetClientRect` `FillRect` `EnumChildWindows` `DefFrameProcA` `GetWindowRect` `IsChild` `GetClassNameA` `GetKeyState` `DestroyIcon` `RegisterWindowMessageA`
GDI32.DLL	`GetStockObject` `SelectObject` `SetBkColor` `SetTextColor` `GetTextExtentPoint32A` `CreateSolidBrush` `DeleteObject` `GetObjectA` `CreateCompatibleDC` `GetDIBits` `DeleteDC` `GetObjectType` `CreateDIBSection` `BitBlt` `CreateBitmap` `SetPixel`
COMCTL32.DLL	`InitCommonControlsEx`
OLE32.DLL	`CoInitialize` `CoTaskMemFree` `RevokeDragDrop`
SHELL32.DLL	`ShellExecuteExA`
SHLWAPI.DLL	`PathQuoteSpacesA` `PathGetArgsA` `PathAddBackslashA` `PathRenameExtensionA` `PathUnquoteSpacesA`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09534`
MD5	`02f50ec0052d532b1d6c7c053b964c70`
SHA1	`9adc0da7260820d6ccb8c5ca769d487a1d048652`
SHA256	`f29efc0f1b461cad6268a810f115cfb93bf4279367add82ce68074a90a1aacd7`
SHA3	`07a55da34774fa326ff678a69a23e38c9e98d947d9d38ae2c92030b63d323f17`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.76691`
MD5	`f6ed1d5da706bb8d9a460e12bc0261ff`
SHA1	`17f97e6ae19a52f6e96e38ea21b5b05c7b0bb1d4`
SHA256	`9e57af4f146f18a46fad334697e8e4d81696b6b7495749ffa2fe4b70e128de87`
SHA3	`f5c6febf95a312342d5ed805dd63a2afa86395c9c9b00245b8bd92d3363bdedc`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.82476`
MD5	`96da3df2825928f74665356ca08e05f8`
SHA1	`2e366135f084c1baaec2ff8822e9730b2b930444`
SHA256	`4bb87f70f512c2a548b8800a43c6b4dd00032c7b615056fed8f6127817cfcd78`
SHA3	`a2cdb855cdd2fc5ba894440c070181ec8ef5b62e960dea522b28dd9b8508724b`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.68435`
MD5	`43af9314d255deb7954509703e8d4491`
SHA1	`37d387d30a1f03f98d53fe7c2275bd8eb3ca68e7`
SHA256	`80c8bb4d8591eaae2b904e30d240893b8794dc58d45d7864e5b9d97d705874a0`
SHA3	`5bfe8a7f6efc137d6e98c708161efa54b33485b7a350bfc352643fe61ba7e156`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x6c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.36196`
MD5	`c81b54f0ac6062918edc8379af489bc2`
SHA1	`bfcf4583e6bfb0f084ea96f76098bbb93f945d16`
SHA256	`e25d94983e0e71b9372d4f9e1b9f30921ec43f2f826013e5ee88e954a1f2e380`
SHA3	`918b345d3764a0d3939dca60592e324802c77fba6d981e0c6cb8f2e839c9df5d`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.62557`
MD5	`4fd5ad708e2e94adc7b9ff3bca815a64`
SHA1	`99f18902abf192f604c32f1c0b7e4b22a0b01d89`
SHA256	`5ee643ee5b434bd2148e3eeb4151dd9d2d01d614b53d5264331316bf21f9fb42`
SHA3	`7aa3aa5880fa1cf5eb1bd9d1a179fd580127d9a359364b59593c19fce2e8055a`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.70884`
MD5	`a5bdaa085ba6c5a9dc29169abbbd4778`
SHA1	`6527b733f92e6e590a067d27c587e64bc50882c1`
SHA256	`e1365e18f4b5a85f83ac545b45e5d762417a86c8e595162aa2c48abe07f444f6`
SHA3	`a23b1a23f9fe1a076a57cb2b8fd8ef03041db38652dae50e3454b47e597d8b3f`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.7103`
MD5	`b774cc2b3abfc3867478561c7a4d2b99`
SHA1	`0bdc6ce26484fb91f0e5ee8c685a3ede51f779e8`
SHA256	`c57455fe64058cfce03ff4862cdafd1cb9f736886d73bc3828dd15068919cc76`
SHA3	`5fe0d4cc80952c752ccbd29ad8df4a4af1f010fb1f3ea836ad9751fe16c471b1`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4146`
MD5	`e18c8c0757361ab30ff761a36e8a8cb3`
SHA1	`57699ebe5cd81ee5cf86bcb720f0ec405d940956`
SHA256	`f45f0678355053d449ab2624347de33649d5e9764c6313ac697ee144ae1f8a4e`
SHA3	`dd44ca4e73c6bd2f241f1ac576b9c436293934253758397452611603b37a1a8f`

10

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4857`
MD5	`05e352a2d2fd1b215ec882bd4909b9a1`
SHA1	`133337aff93a5dc5cf8ef894497a4bc8aa9bb35b`
SHA256	`1166e0b0a98e310f27abc22edac5fa0120057edd6848eda2e710add903f8ed99`
SHA3	`c0f68ef9da4b30fb4d27e22e1dfb5dac1c788108ea336729ec51356113415465`

11

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9646`
MD5	`71f3e64d9c47f834291ddff18028b758`
SHA1	`e6666e4565ad8b0b7b2b5b227bb2f850b0d6e0e4`
SHA256	`f7a6ed32502c8ec09d8bfaacae57486c03219c90f737c0a1ff8f1d7bf6d92cd5`
SHA3	`612cdcd9c7d4354c2bba769629bc9a6da5b24eb86f65382c7dfea7ebea5f5d53`

12

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.20196`
MD5	`86291fabd0ed029cdbe86a10715606d4`
SHA1	`40020c19f89d03a397153c1987ad19bd504bcfce`
SHA256	`a61c042d1a912c3ecada2025b0cc6bce5de5a52e83331e50a799f14f4e3eba98`
SHA3	`0b0f3368e2811566c62b9ddd58e7107406d00c056f7c98f74fe472f3fba37b6d`

13

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xa68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.46586`
MD5	`e602733999ec0c36e64353c59715ec85`
SHA1	`af4aea00728a54465d4b358817ae6196df82863b`
SHA256	`0346a7e7f9303814833ec440724d32041118f82e517919a938efd57cb03cb6a1`
SHA3	`775418033d79f57da3947f289dfd0a6cf9677f187527d5f1f401a5d7589b2a74`

14

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1628`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87897`
MD5	`5cbc3e7d2556f2cce96815c300d1d94f`
SHA1	`c748435681e4a9635d5f07af1e67378b3d2a4f11`
SHA256	`5f2711c6d259140215d2956dd00a95e0225a1330401f5fb89827474a07584fcf`
SHA3	`d9f08a66693923230cbd0ffa1988846a7e2cb448f64b5de9a7cfb6110ff1c46a`

15

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.96593`
MD5	`d572bd124c46cb1e1dd303f1b84b02a8`
SHA1	`3933f8f7463a5d6d59462a25eb20acf8acbf044b`
SHA256	`04acf4ea41a604cfe80f286d8592b444cee01a4d5e87ec37523b4af76d91514a`
SHA3	`64eaca343144ac78e49e6ec058737491ac310cf697efcd068ca2c8945a63ed1d`

16

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2a1b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.95697`
Detected Filetype	PNG graphic file
MD5	`3a10f4b629371cfda8030711f0076c57`
SHA1	`cd40cd7a6ac0964c3a3b4418b0119159b1db198a`
SHA256	`eb2cdfd0431a7760f4c5628d07f6b68e39abff1fbd96f96caabfdb9a7753b96f`
SHA3	`e882a45fdf500906681ce667e2bf337759b6ce6aabf75151155a32609ab155fc`

17

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2968`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.93472`
Detected Filetype	PNG graphic file
MD5	`a6779fbce095f9878d8fa465522312c7`
SHA1	`717568fbf7667ca2edd841aec15712d820dd10f1`
SHA256	`4c43d34bc738799f05872f5fe919ae4b298d8f3e1c0e55bd6faeabca7a9cbded`
SHA3	`4036a7b5b8afc3c482bc2468644fd3c76e83e0bdd14e05ddc29366b3b1dc8653`

18

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x30dc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.92596`
Detected Filetype	PNG graphic file
MD5	`9855e45a8ee25b97427e29d654d1c167`
SHA1	`84e2eb30d9414f937b597dddf53cc3dc1545811e`
SHA256	`bce4a031fcf93c5e252b7f424ea53acd49b090d3d1bb8142a7f9cc760f6bdf62`
SHA3	`bf8503e8a051dc717ce0a74b5d111e9200ea007d5ffab9104ac635823af1c71d`

133AF2EAE999411A9E5C8B4EE4B7AE68

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.918296`
MD5	`8871f7fbe3f06cd7e5f97a25697bf6fc`
SHA1	`0112a852da125aded6bebc5b6c6464e91bcd20b4`
SHA256	`413732deed5b11cae7c255ecb06978e123a8a120496ea079daf4bf48af4aab54`
SHA3	`b6b2ced55ff2b4823819ca79ed5b60d3ad38da9971d1f66ff8831a0bb2c0fd9c`

21BC3F6BA4ACA90E2A4595727F1B1A23

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x3cb988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99996`
MD5	`aeecb0dcb7c6ac093e16f11ab77b574f`
SHA1	`304101a2d3a42c18fe630696f4c67ccba27c09e3`
SHA256	`ad0f17391b69cb8a85d1de148afbff00a00f1fb4c6c511f0139e59ed94198fb7`
SHA3	`31020416a8e39783c1d0833c592465ea2033bbf917fe37d3ed1da7b0ddb339f7`

A2010CDDCC5D283DAA8F8A6B68C42FA0

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x20`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.60534`
MD5	`d3bf3fc209460bd2d1d5cec74a77e276`
SHA1	`c2a088fb707d6a4ed4902a6a476623d6846ad533`
SHA256	`0a1a547cb184ee6579fdb99238056e684fc1279779914423a37780092a49d53c`
SHA3	`b4322b4a60285466db5f530a4f13ea2c26828c19a143e287c4b564f19b608ae7`

BCED76CEAC8F287CA7C3837522CB0C39

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37663`
MD5	`47d3b0566a0c1b9f40884fe354911d95`
SHA1	`074c8c5a8ebc4f3d60f8355fd47adc6420290b5b`
SHA256	`84fe0efc6fa5c73feb9fcccbd216861279ff5e7756ebcde6ff07e4a45cb756d2`
SHA3	`82c97d29f6b2fc3a6963f4806f549373ec4dfedb9cb418689917efcb1b96b6a4`

E2AF5C45D04AFA77225A7ED7DB23BA33

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x174c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97568`
MD5	`bb0feb13bff790cac60cc2ba14bfae82`
SHA1	`1eab58f1878910a233d54590e9ea9d855e8bb096`
SHA256	`7180fe272edd720c66df6e211c69aa2fce30f2d385f16a6cbc119a3ea2908044`
SHA3	`115d15570cd52ad6aebe68269f8973151e5fb8c7c2d29a7db8bfae63e3ed381d`

EE26249C233C246103AD815FD1D70790

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x72`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.35026`
MD5	`2143b2ce7ebb33b1a1f44c9859e4bd88`
SHA1	`08e71c08d20d41f7eb4d8c876f92e03eee8377f3`
SHA256	`37212941edc7c5f7779272ec6fdf05005fc6a3a2479933f623c6b86e24d43f28`
SHA3	`96e5f65ebd2c88f7db88ab1cf1add218abdcc8447036d74e83cf0e9230b23462`

1 (#2)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x102`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16964`
Detected Filetype	Icon file
MD5	`4d7ee028039fa17aea46ab63eaf36a66`
SHA1	`36204451e7dfc8e63093d4863379013a21c61a5f`
SHA256	`9dafd861462896473cde795ab468a77e2a7a9ad4490a22dd861121f8d8545af8`
SHA3	`e98016195f2cf2c0b627337abe9cbeb91a146534204445ed1fdcf126a0f11640`

1 (#3)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47465`
MD5	`9bb238d092bca592c9eca0233abbccf5`
SHA1	`d1540a06a80f320e1c8f162108910c2bac7850c0`
SHA256	`d31092a3a17fed114c20d1865e5b19b852a3a7f8ad8cb1d25ad30aa88005cb8e`
SHA3	`d1f7ffb419bc5a9a5ca90fff8d33658220fae2b5347ceb4feb1cda108a8e66bc`

1 (#4)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x263`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.92322`
MD5	`841795bb3b61ebd511249778aa26af77`
SHA1	`59f426938522ef9906b0740821e8cc270d1ca897`
SHA256	`be809cba9d14bfb52a969d766992832b10e99e133babcdd99dc6d1bba5597cf7`
SHA3	`5fa5c36711cc5c3661248b1180ce35543201ff1dc77d158129b844f03a2144c9`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.3.11
ProductVersion	1.0.3.11
FileFlags	`VS_FF_DEBUG` `VS_FF_PRERELEASE` `VS_FF_PRIVATEBUILD`
FileOs	`VOS_DOS` `VOS_DOS_WINDOWS16` `VOS_DOS_WINDOWS32` `VOS_OS232` `VOS_OS232_PM32` `VOS_WINCE` `VOS__PM32` `VOS__WINDOWS16`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Hikari Calyx Tech
FileDescription	PNX-AOP Bootloader Unlocker
FileVersion (#2)	1,0,3,11
ProductName	Bootloader Unlocker
InternalName	0x8 UBLK
ProductVersion (#2)	1.0.3.11
LegalCopyright	2019 (C) Hikari Calyx Tech. All rights Reserved.

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

2a2f8e9614bdbf9ce7f4d4681dae6e31

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.code

.text

.rdata

.data

.rsrc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

133AF2EAE999411A9E5C8B4EE4B7AE68

21BC3F6BA4ACA90E2A4595727F1B1A23

A2010CDDCC5D283DAA8F8A6B68C42FA0

BCED76CEAC8F287CA7C3837522CB0C39

E2AF5C45D04AFA77225A7ED7DB23BA33

EE26249C233C246103AD815FD1D70790

1 (#2)

1 (#3)

1 (#4)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors