Manalyze report for 2a6cd451adf6f59a07611e9ef6496d4d

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2015-Feb-12 18:50:20
Detected languages	English - United States Russian - Russia
Debug artifacts	P:\MultiLauncher\Release\MultiLauncher.pdb

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: sc.exe` `May have dropper capabilities: %temp% CurrentVersion\Run` `Contains domain names: curl.haxx.se example.com http://curl.haxx.se http://curl.haxx.se/docs/http-cookies.html http://wxanalytics.ru wxanalytics.ru`
Info	Libraries used to perform cryptographic operations:	`Microsoft's Cryptography API`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryExW GetProcAddress LoadLibraryA LoadLibraryW` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Can access the registry: RegSetValueExW RegCloseKey RegOpenKeyExW RegOpenKeyW RegQueryValueExW` `Possibly launches other programs: ShellExecuteW` `Uses Microsoft's cryptographic API: CryptEncrypt CryptGetHashParam CryptDestroyKey CryptReleaseContext CryptAcquireContextA CryptImportKey CryptCreateHash CryptHashData CryptDestroyHash` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Leverages the raw socket API to access the Internet: socket WSAIoctl getaddrinfo freeaddrinfo setsockopt sendto accept listen ioctlsocket gethostname ntohs htons getsockopt getsockname getpeername connect closesocket bind send recv WSASetLastError select __WSAFDIsSet WSAGetLastError WSACleanup WSAStartup recvfrom` `Enumerates local disk drives: GetLogicalDriveStringsW GetDriveTypeW`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`2a6cd451adf6f59a07611e9ef6496d4d`
SHA1	`3cedb967b0e7233461890d5872cebf107689cccf`
SHA256	`8b218423243aacf9209678c7e7c5207c1e05cc5bd317e1ccfac27949daf19c3d`
SHA3	`e2aee964f19b226f1a71f5685f252cce43d8ef4d2873951682f5396171de1b4e`
SSDeep	`49152:BYrC8UsGuTw5VYRqCHdeQKyZURQ1EjTH:V8UsG2RqC9eQKyZURQ1EjT`
Imports Hash	`e9a18295b3fe00449f587b8a33bc0e3e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2015-Feb-12 18:50:20
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0x93000`
SizeOfInitializedData	`0x115000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0005A8C5 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x94000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x1af000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`5e2e34de8ba014267b0ebff88fe1b0c7`
SHA1	`72d4464a802c4fe838642d6985bbd1ff416e684c`
SHA256	`7c73788165532d252617c9954f3d8e9b0aad863c251d6b7160935047f272b26e`
SHA3	`99f561ec43756f0f31bfd15d2c2072cf438d7532b1d0da3b9212b2be36b4687b`
VirtualSize	`0x92f1c`
VirtualAddress	`0x1000`
SizeOfRawData	`0x93000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.60848`

.rdata

MD5	`93cc051b9b4cb496978977e12ee4d54a`
SHA1	`5c9a17cc10643b5f3809929675f0e60e73d97ed9`
SHA256	`c3c16b725497e637958fa51fb506c03e90ce84f7f540ed4ca2629cf2c04b6132`
SHA3	`117d0aac85f76e9cd7714eff847ae4251f5ab77aaaf35c80065b2322d0679919`
VirtualSize	`0x19bf6`
VirtualAddress	`0x94000`
SizeOfRawData	`0x19c00`
PointerToRawData	`0x93400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.05705`

.data

MD5	`5bd11c1fe9bbbf2486bf535cfa96f68b`
SHA1	`12642b4b8cd60a9cfaf1f545f13a6c16cde1916e`
SHA256	`8b7d4ec7b4ddae6da05d7197a8355641dfda1b637a520c748da7f91b21f7d038`
SHA3	`be4f59bf28459ff36d195de4ec8b196fec2cdb4b448b844597b99e09573d6e7b`
VirtualSize	`0x80c4`
VirtualAddress	`0xae000`
SizeOfRawData	`0x3c00`
PointerToRawData	`0xad000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.7084`

.rsrc

MD5	`531b7c0a37010c88a2b4da39218022af`
SHA1	`d2d0d11d17273f74e5567bead2a7cafece51ee3b`
SHA256	`07bc953aa59380fb5aefea7e818ef15ab798fa89b4d47a214b5f96ddcdffd5f6`
SHA3	`c499d2bb0eabe8d2b461951721a932506560ae5a4b68091e1ca3af82065ec178`
VirtualSize	`0xe3c1c`
VirtualAddress	`0xb7000`
SizeOfRawData	`0xe3e00`
PointerToRawData	`0xb0c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.64739`

.reloc

MD5	`f7e4946db6c91a71b3202805be499c9c`
SHA1	`879f8041e5bb7d940c0ca8aa187c555a21e47530`
SHA256	`8621312d31bf1a329365dd7d57fae97a161dc71d9287c4e5899eaa36740a4905`
SHA3	`4c1247e022f9c854b8d9263da98d9060010f21b68d0637e3ca1faedffdbdda62`
VirtualSize	`0x138fe`
VirtualAddress	`0x19b000`
SizeOfRawData	`0x13a00`
PointerToRawData	`0x194a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`3.18054`

Imports

KERNEL32.dll	`ReleaseMutex` `FreeResource` `FindResourceW` `FreeLibrary` `LoadResource` `LoadLibraryExW` `SizeofResource` `LockResource` `EndUpdateResourceW` `BeginUpdateResourceW` `UpdateResourceW` `ConnectNamedPipe` `CreateNamedPipeW` `GetLastError` `CreateThread` `FindFirstFileW` `PeekNamedPipe` `GetLogicalDriveStringsW` `GetModuleFileNameW` `FindClose` `FindNextFileW` `SetFileAttributesW` `ExpandEnvironmentStringsW` `GetModuleHandleW` `WaitForSingleObject` `CreateMutexW` `DeleteFileW` `GetFileAttributesW` `CopyFileW` `Sleep` `MoveFileExW` `GetTickCount` `SetLastError` `InitializeCriticalSection` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `VerSetConditionMask` `SleepEx` `VerifyVersionInfoA` `FormatMessageA` `GetProcAddress` `WaitForMultipleObjects` `GetFileType` `GetStdHandle` `LoadLibraryA` `ExpandEnvironmentStringsA` `WideCharToMultiByte` `InterlockedIncrement` `InterlockedDecrement` `MultiByteToWideChar` `GetStringTypeW` `GetCurrentThreadId` `EncodePointer` `DecodePointer` `InterlockedExchange` `DuplicateHandle` `GetCurrentProcess` `GetCurrentThread` `GetSystemTimeAsFileTime` `GetCommandLineW` `HeapFree` `FileTimeToLocalFileTime` `FindFirstFileExW` `FileTimeToSystemTime` `HeapAlloc` `GetCPInfo` `IsDebuggerPresent` `IsProcessorFeaturePresent` `GetDriveTypeW` `ExitThread` `SetFilePointerEx` `GetFileInformationByHandle` `GetCurrentProcessId` `RaiseException` `RtlUnwind` `InitializeCriticalSectionAndSpinCount` `CreateTimerQueue` `CreateTimerQueueTimer` `TlsGetValue` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `TerminateProcess` `TlsAlloc` `TlsSetValue` `TlsFree` `GetStartupInfoW` `CreateSemaphoreW` `GetDateFormatW` `GetTimeFormatW` `CompareStringW` `LCMapStringW` `GetLocaleInfoW` `IsValidLocale` `GetUserDefaultLCID` `EnumSystemLocalesW` `ExitProcess` `GetModuleHandleExW` `AreFileApisANSI` `GetProcessHeap` `QueryPerformanceCounter` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `HeapSize` `FlushFileBuffers` `GetConsoleCP` `GetConsoleMode` `GetFullPathNameW` `GetCurrentDirectoryW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetTimeZoneInformation` `ReadConsoleW` `SetStdHandle` `DeleteTimerQueueTimer` `GetProcessAffinityMask` `SetThreadAffinityMask` `OutputDebugStringW` `SwitchToThread` `GetThreadTimes` `FreeLibraryAndExitThread` `GetModuleHandleA` `SetEvent` `CreateEventW` `SetThreadPriority` `GetVersionExW` `VirtualAlloc` `VirtualFree` `VirtualProtect` `ReleaseSemaphore` `InitializeSListHead` `InterlockedPopEntrySList` `InterlockedPushEntrySList` `InterlockedFlushSList` `QueryDepthSList` `UnregisterWaitEx` `ChangeTimerQueueTimer` `GetNumaHighestNodeNumber` `RegisterWaitForSingleObject` `LoadLibraryW` `WriteConsoleW` `SetEndOfFile` `SetEnvironmentVariableA` `GetThreadPriority` `UnregisterWait` `SignalObjectAndWait` `ReadFile` `SetFilePointer` `CloseHandle` `CreateFileW` `HeapReAlloc` `WriteFile`
ADVAPI32.dll	`CryptEncrypt` `CryptGetHashParam` `CryptDestroyKey` `CryptReleaseContext` `CryptAcquireContextA` `CryptImportKey` `CryptCreateHash` `CryptHashData` `CryptDestroyHash` `RegSetValueExW` `RegCloseKey` `RegOpenKeyExW` `RegOpenKeyW` `RegQueryValueExW`
SHELL32.dll	`SHCreateDirectoryExW` `ShellExecuteW`
WS2_32.dll	`socket` `WSAIoctl` `getaddrinfo` `freeaddrinfo` `setsockopt` `sendto` `accept` `listen` `ioctlsocket` `gethostname` `ntohs` `htons` `getsockopt` `getsockname` `getpeername` `connect` `closesocket` `bind` `send` `recv` `WSASetLastError` `select` `__WSAFDIsSet` `WSAGetLastError` `WSACleanup` `WSAStartup` `recvfrom`
WLDAP32.dll	`#301` `#200` `#30` `#79` `#35` `#33` `#32` `#27` `#26` `#22` `#41` `#50` `#60` `#211` `#46` `#143`

Delayed Imports

105

Type	`DATA`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x105`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.81036`
MD5	`2d11f1b610fb0d1d927d46801ef61550`
SHA1	`5b24e113db32555cdfd8c916e414a5592dcfe0ab`
SHA256	`c431f8caec9712e8a378d2ff9c3cceefbcffd54c0da0c93b12d0de57b99f78ee`
SHA3	`4579904368f8dc2578e28ff10d3b4e7a62255f6e846b382ccc2f0ec84d3d7149`

200

Type	`DATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1b200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.96708`
Detected Filetype	Word Document
Detected Filetype (#2)	OLE Compound File
MD5	`aee76750264b06e0c3be60d855b4b4e2`
SHA1	`476501e4856ee4fcba5220a5b99ae04df5f552c5`
SHA256	`6f02f56ca9c4e38fffa5ee8299a56a080e29e182c5d290b2e93ad85af472a809`
SHA3	`eddb236e3cae6804234d0ebaad72992b801dd2f08ce82300e96dc81d02c74296`

300

Type	`DATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2`
MD5	`dbd2831d5cab7352876a6b56c44e940f`
SHA1	`f6c0e0e0920c01c9b69f84cac2398e9bba658935`
SHA256	`c9f5c362916f10e24e36f8181381686eb4fbf5e340fc900c6ba0832890eb1493`
SHA3	`4e87e9966938dc1c784970b0683963120e65994ab77a01546f3dba35a293a35f`

1

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.17971`
MD5	`408e3453e2839ab43e6cfb7e5b32836f`
SHA1	`cfe29547a4b7dcc9bee08bea605c11fe41563232`
SHA256	`3614566ec2ade0c18a68945f1bc0ad60c5d4d56e3b6d9074863179bd9c477159`
SHA3	`810e97547680dccc11d7002d1998654cea70210fa36e2957f7aec6e6f5e4e28e`

2

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.7778`
MD5	`022cf931375284674e8efa021c6dbf89`
SHA1	`0b124e485f26e4648a6fa91379812920e71c7d78`
SHA256	`aa04301607ffb7e78ac1356a1d648e17c4213817136c61dcd709c630c0ff686f`
SHA3	`382cfa9c1f1190fc951ebdefe5bc902fc141f2417de8a7cbf63e2b292f03ebfd`

3

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.08113`
MD5	`315a487481d78010d269378be16b8e5b`
SHA1	`c97e6c3ef743edc82133a5c5466335141ef8d241`
SHA256	`3323b1f145af3f2a9686d4a9e1ff99886a3cf6258cf8f5fa9e8ed1e16f972177`
SHA3	`f9e50cd5e77c29c3df53eadfb001ed7570ebc6a7e56ca971ececeeee26e9934a`

4

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.22289`
MD5	`082d902e9dac4a611abeb5e5254031dd`
SHA1	`d7d9aa3619a766416408c364e37cae8bcd4ac4ed`
SHA256	`05ddae85a124735cb4189b48be317980910db57409972d3c5b937ce3aed938a8`
SHA3	`940614328e66a89f1e2ac38bda6c86aa2697cc3187228e37f1038407cb52894a`

5

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.79909`
MD5	`4d6f1cb813db90e55a89f8b1cc20a7c7`
SHA1	`f00a2a702e40d8fb3e601130f0f3a3996ac4056d`
SHA256	`5914741af3cb5c5d297668431e5f00bc7fe3d26adb8575dfaa59d69857855e4c`
SHA3	`6e51db1ae83c14a7b86c64c1d1747242950430dfb812fc452ec4b53ab633b3cc`

6

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67275`
MD5	`c5e35166cb10e362132963d8a8053827`
SHA1	`7245c0edecc643069307d3d4dc7ff71979238bca`
SHA256	`e43b73ec16a2a1df08ed741daa6ec7716df974c2b19f27189abd90b779a1f9d5`
SHA3	`d380641814c3b3725595347f59495c3f840e835eeee7309e71756d3c3308878a`

7

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.60555`
MD5	`5a2ed703d2b737b809e616ec65886ba5`
SHA1	`167691cc09e7e2f4d5ddb7fdc14a02ed0952248f`
SHA256	`7f715ca2acbcd369e7ad24ede7637c01b75299d5a2bda97330e62dfdb2607aa7`
SHA3	`432c3cb57b70452ec6acfec47818dd5db250c9b07f2d5b98a8f5b4293108e7f4`

8

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.64679`
MD5	`eec0d743689769c365450aed5e131c16`
SHA1	`fb4cf5ace973398d950d50502f3bde0620c0e7d7`
SHA256	`e1e4e6251938db542ef7246d5af351083ddae836423b39de4716cb69c88f15a9`
SHA3	`f337aaf367458231bbf1596d39e273aaf31425cde3788ca06bb58a66fc0f89ca`

9

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.67284`
MD5	`363e8b9515d82e4eec37f54756aaefe7`
SHA1	`36c80a7dd5bcd125e5ba0870682f67d8b230fb73`
SHA256	`8cd126a5f42ea1c2fd67cabaf244e0cef76a30179faa13ec2bfffda4800b1ba4`
SHA3	`088f25e18048cbe146f75319f51c278039ad550297ee2c91588afd50762025db`

10

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.90988`
MD5	`64580af1e3b4739e5fb8ec58b79ee7f8`
SHA1	`e65fe86e8570d87e4960036d76ba1afb34eae588`
SHA256	`b5e04db150e4026784c113de315e64419cdf751973aff7205bf9a6d4be7074c7`
SHA3	`3b4aab7235f6ee7cd002da6eb8c7988580d3176a9b10593ddea5356a1cd4c564`

11

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.89186`
MD5	`137f549d5ca7b9fbe85d17c2cde1947d`
SHA1	`ea3563a2a0ace9a22be37017ca24d7389520a820`
SHA256	`578d7c1c129132a1f0e0baef6938dde987828368c4d4ccb497a5bfcc3af69067`
SHA3	`db46128fe40f06c3b4eee6d48b7635bc9788b79663065666b389d5a2afce0889`

12

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.16639`
MD5	`c618c9640e539622e4a3789e801b1867`
SHA1	`3c050d9f8aacc288b6bf45902d7fabec42dd022e`
SHA256	`2305950e1fb642b3ad7bb628090da4f0abce9d03cec041c0e1691afcb9807814`
SHA3	`a8d0dfb22dd72af876dd35045ebfe9a38d472a2b30c5054a974e2e143109198f`

13

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.43385`
MD5	`a1fe17d347b1156212cdc11e9007b60c`
SHA1	`5ef7c69e0ebc9090f10dbda1ace3c73037c904e2`
SHA256	`e87b5658172d9d9b83901d2e3458c46772bed7c045b1afece4167601efb94574`
SHA3	`69004c47746268dccca31aa638aab6af5d3e705c1673b6845e6ee42be7399173`

14

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.85034`
MD5	`87296f8f8be3838bd1578cc933115352`
SHA1	`efe1ee76a8aa02bf99c8145f8d5c39997cd6ba4f`
SHA256	`247cf96a4d720f978358fe1359bcd6f90c5e6348365de308918e2d403af02314`
SHA3	`0309f5410f914b09f03275119be54eb9b14d3b3d3615b71e8933e1615586a80a`

15

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x87ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9762`
Detected Filetype	PNG graphic file
MD5	`fcc3b023cb0ef6694b74bcdc456d52b4`
SHA1	`4b61b4077ebef65dd36d368438f15a78f8702fa9`
SHA256	`87662d4a7289b2ca20e8e1b6971154500d732a216b84c0d1326a7a9e10cc41cb`
SHA3	`bbd815e516610a2e37b1055b5cdbaa9d82c934e76649ae0acae3a42853a25f5e`

16

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.1788`
MD5	`1899bcc2d01cf773f8de7d36d4cf71be`
SHA1	`52db98e886dca8272b54b3894a33ecb00d66820b`
SHA256	`6aef33acfe647097aa9c8c9f613ab6422ac591d8be165ee82a88ff772498c1ab`
SHA3	`eeebfa0439f62518cbff8d21fff0ae1eb8cc11fdf03014f83d33308027c08c61`

17

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.36891`
MD5	`30834ec3cf0fa7f523dcbacfcb29f96b`
SHA1	`3d44973c7913844c2c6e51fc4bc11bd1667d5802`
SHA256	`8e68823acbe856a845531df9f9e2b677384e344e3faeef1d62c6bf07da8f74e1`
SHA3	`79409dcc9a08134a0ff27e0b78bcf6c0a6e47647e57ad431485fd147313cae13`

18

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.31405`
MD5	`e4d0a554ccb5bc70ae04708bae42290b`
SHA1	`47e6bf0c5f7d98d59ccd271facf066f1ba36fafb`
SHA256	`35fd270ef0305058326f0fd3dcc9e4352c76c42521b092052a462fd7283095d7`
SHA3	`3924d6d09de871adbb17d4b187d07dc2853e69864150c56e3a99fdfce35bd3e3`

19

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.21565`
MD5	`0eb92d7392ee79adeae9fb6dd79369bd`
SHA1	`0cdd2d354b8711d9a6d2c9d2e051c14156e21af1`
SHA256	`ed129f40a266bf0bd576ee580bc52e14ae1100927f513daf4f9a2f0e0c3f0e13`
SHA3	`c5567b8c18a66729e9b9973d065bc2e35fb44ea7acb404e412ed2d04ad7e0f7c`

20

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9912`
MD5	`11e050fa9184385d5d3eaead0028c659`
SHA1	`ec8b0bfb0bbd1634dbd8889d5c229fff802c8c17`
SHA256	`08752e5d6facba1ece6c27ac8a02684f490c29557853d81b9c9384fce8568a30`
SHA3	`bf24e51cb8d916e80fa410e9d02d7202e1e2b0b809e93ce561e4e2479fd83c37`

21

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.54558`
MD5	`bef052a836721603944223065df03278`
SHA1	`2af7dd6a2fff79263530c92153b64b8b4ade721a`
SHA256	`39c4bde1e38581176b31a0a1f3f510aa0ee8408dc9f9c739f890e6f4cfa81c07`
SHA3	`5258cf77c70399e49ddcd6b4b266b83d54d45577a61da39b7d06e4cb01aaf98a`

22

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.99083`
MD5	`de6ad028f9014f7d62c3939eba34c995`
SHA1	`a595b9b3559dc1e962faabfc877ff5774ac34da3`
SHA256	`a39f79798d7aa0ab77fb646d8656c51c03752a19d28d08d8405dbf631b82327e`
SHA3	`be8965f6cac8d1c478d8b4158812738c9e31d9f38c8e36641a02dab42f5214e4`

23

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.84629`
MD5	`5ee01927605e4703cee0f2e5d5812b90`
SHA1	`79432fb15338827d49cdce8ee2ec83242933c1d1`
SHA256	`0583c2dbfe9ba62cadc00a940f0e5185d5a74c87426f39dc7ec02f0a464414ad`
SHA3	`27676fb080986378949c5b2579531787b0a3067025c92df8c573d63beb14c6a2`

24

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x9da6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98381`
Detected Filetype	PNG graphic file
MD5	`86b067a58c669bf96610a854c15d2832`
SHA1	`004cc54b008c65d37fd3f59c4ce209da1d1b6c37`
SHA256	`21512ec98869d096753999528f90c5fdd09e0ed22371d65c84f68b392256ad1b`
SHA3	`bc15d59c498eb687dbcdb128b2c4e237380e5db17e0e59be674ee20871e046c7`

25

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.97664`
MD5	`de40ecff2f08541e4a5a0d94470ffe86`
SHA1	`fbccaa4d285923256756da7b918d22a59109aae8`
SHA256	`4d22cc9d6a2eeb4905d7c9191967f0a87dec17b0ca6afea2ce6ac4103ad9a924`
SHA3	`250ded9634c774805ff819d412cafcba6846c99c62d91a8432fd9fc54dbd42fc`

26

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.30018`
MD5	`c71d2b63fbe3f38bba270a74853c64b4`
SHA1	`3b94f7775a822814510b86a88212e56f610e3ada`
SHA256	`55825ddcf978d7b48f5bf16f59cfec4bd0e9f44f96a727ea71c4fdf82c7263b7`
SHA3	`080ca125f35cc45cd587b7e3d5770e07680c18975203d00fa19aca1d9d53d2c8`

27

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.47365`
MD5	`7bd38937d4711b70b0b985f4f07fe8fd`
SHA1	`13d5a34eeef3b401bfee579bff669b81320b888d`
SHA256	`6ae4e975c1ca094a08824a7fc3e3823ec6057e8615c115ae58a1d0f1ad7ee192`
SHA3	`cce4d6039d28c85e240ca75cd0c1c19353fa50129db274edaf68229467fa8508`

28

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.93746`
MD5	`85c77f3bf33a083be1574f16025f311f`
SHA1	`674c27202acab13f9f7ba368a5c4749d77f82aa7`
SHA256	`3f505a45d58e72bc30be39cad992c4e819df9d21749ab7aa675666f2f071565b`
SHA3	`d6498de8472fe89fd398fbe0924f3977deb00553b0ab03d668d91cbae0fdfeff`

29

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00556`
MD5	`441ed48614c47f8e84425d6eb7bc0443`
SHA1	`13dc70daa6185d658cd93e5d1bbfed3d291aa809`
SHA256	`5eadef6a8c5422dfd1b17366e8b95e091f95e8929fb5633f5f9378c7bd8f582c`
SHA3	`ff7714ef701656632f027588f3f3c9ca5e3d3f133b1357e517cc37dc83c7c017`

30

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37855`
MD5	`b10c0f2ba9becfb38e81ddb6db98dc5a`
SHA1	`659803971ae534770a5f56207fa255745ff76de1`
SHA256	`244367138d61f567ca81afe96cd4e09c0aa342a18e6325b4d4694e9ff210c501`
SHA3	`45ddcb96fcc3e03feb6a096b4717bfe72f6cbe3074f6389090b2c5da71c329d4`

31

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.73385`
MD5	`cd44986dcb0c9e828d84ff7886c97a76`
SHA1	`3e7cc38f74e56d70956308fd67f84079fe7917d0`
SHA256	`f22c1ec91d6f751b01cf6a5fdfa5b75d474eaec55db10540a09f718bade07941`
SHA3	`1e36394a176a403c1e3205c11955070de80b85c7663d839b9e5de1eb5ecac69f`

32

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.83727`
MD5	`1b2c01b50b525cb3bd29fa4977d2f94f`
SHA1	`89e4702a0340437fdb82e7862bdb1b4caa62a301`
SHA256	`c00eda31f40f0eaf656a0fe31d1cbea609a21b074c06a7c43f092588f8fc67f6`
SHA3	`e838c7b54c651e32bc3b01f5d8ace8f9b00ce767a17cfa1e221553067224ff46`

33

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.13451`
MD5	`0faab9105319c78cbcbf513c44264717`
SHA1	`646346f5c7bd96ead16fd8c13d993baa115d96e9`
SHA256	`b7bb5cd1526f1ba59efe03acfb806aa5a235b1cf6d1ebd02dc785371100dc1ad`
SHA3	`f71aa252b48de69c40b06bc10b8adb592bba4e409a977ddc2ffeac9e8b715d86`

34

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.85916`
MD5	`36e26f21f8b78411ad8a882a8e355fbc`
SHA1	`20bfb39c1d27144210d625babf9f6da84854c056`
SHA256	`7a4c8f34949b8386055012d09899be79498d27f1bc05da0b37556c604e21b12b`
SHA3	`a7c552d3fcee4047e37907bf49cc4c2864b5bafe27d4bdc86bb5cb7a19799a3b`

35

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.06995`
MD5	`4ceeaab17956c1a76b436e09bb601129`
SHA1	`692ef05a49dde1da2a72d05c35535eb2d0632d46`
SHA256	`78b3c21a3cae9034ce7886343b331209171e692af58b2aeaf48b5056f3b9f8c3`
SHA3	`e4bd1e156178fc569eb7919c5028fba5fe679cac98f1d4dbfde024aefe21d18f`

36

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.32606`
MD5	`4a7e819311988977b2eafb89e22db78e`
SHA1	`f14f36c3cf6f2c56d85486637c7d57b349ba3a5c`
SHA256	`c2d34528072c5a66c49cfef1c41474e79d66d8cb347164d62bfb52b29d023528`
SHA3	`fbd9356c2b571e1d705bd4366ba7b0797afc0d8e3b7b6d5fe76ba6886c61e8cd`

37

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37136`
MD5	`1daffb0d65ab793fafce375e6f8c93c4`
SHA1	`0d43976ebe0a13a07a1540a7fc68ae6469feb28c`
SHA256	`bdea11556bef00bc2d11dd094826ea828d569e773c213023889e0930cee90c1c`
SHA3	`60b557f813a1c25f4f64e5ba89c01acdec992adc8bc463cdc68fa6267f53da47`

38

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.85578`
MD5	`157e93f142da0938bdfbec079b473809`
SHA1	`4d7f9be071b163e8c501650d5196f61b963ca1e7`
SHA256	`4bac41e67af34b19515bac32e48e5c625b7ffa82bb6641cc9009fa99c682794f`
SHA3	`0e90049bbea86d6e5af3a57eafa7b64e490df4272636c8708f41dd212d972080`

39

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42535`
MD5	`b0681b3b4f35d66f842ec45712278844`
SHA1	`4368b9e21ec3d2b62be80460890eb4a0a5f560ce`
SHA256	`1260a953ca2dc5ec825df90b56cdca6aed5f8968f01ef6ba63c2d32b6d84823d`
SHA3	`ba5a7b7369d3304fe476609941b0755966c96fe4b22b22fd43df6b3d4573a0d6`

40

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x42028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.39829`
MD5	`ba94ca63109ce80f7ff07f8b32f48bad`
SHA1	`29642f27850b0dc9e40504626ce2037b01b40d59`
SHA256	`00e6e7f090c2886b27a39c1111dd740609d5b6bf71c7eceac1d54906229fcf49`
SHA3	`78c7456c75a76e1b2b3ff983b6b4fb8a51f4f8393145165cfaf142475c724f0f`

41

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.77095`
MD5	`baca0bd675b44b8db1263e690e15acbe`
SHA1	`168b780d74ea3ec5130467d40d88592909988cd7`
SHA256	`c70fcedc89f3565062c3f26a024688eb9be5f800d7a6cb16618ae4c926a9c6a2`
SHA3	`2f3a35e655aa29f8f1fb5d31ffc4f42e0c83cf48fcbd077247cc6fabd3a2cc39`

42

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.4841`
MD5	`bca790b2bd380d03c12f6db36844201b`
SHA1	`5b5ad8154c2011130f89642f34d353999dc99055`
SHA256	`8e596cb7116d788ccc35f2c162b9c3bd1f3e0b6d1b3214b354129af4f6b36e48`
SHA3	`3b05a730f9abb30beef4e87c3e53ec77407e219f4e2162f2094becedd521bbd4`

43

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.41435`
MD5	`07719e9a1bfe3bdb00653c03c9646064`
SHA1	`c68468137b42abd4c077861d3f32f47c96a81861`
SHA256	`340087ce128c71e0ce1891b0797f3c950327a1b264a53880a86703f5b8a40ea0`
SHA3	`a50e6357ac80e4dccaeb5b9dbcd3a906b168aebf49076a8f64febe998d8a8394`

44

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.62685`
MD5	`d85c17363911066f2d87f9f03c9e48c8`
SHA1	`d48cc9f380d430a254d7024209613af093d1c4c0`
SHA256	`902274e09ee744522b0c60af033fa5bee20c7536172f6af39fc5c8c556138f56`
SHA3	`771e16079fcf32eef184386ebe71a20b2367670984a99c3c073bc3563db4a88b`

45

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.76742`
MD5	`6990f68d7ee9fb044f41f4ecb2413131`
SHA1	`7b3a4c2f262eeb15025dbbe30ef2fa119d3ccae0`
SHA256	`9a3528f0e7f245ef5023477021bd5cd8cf88777324fedf49c8de12df11a79fee`
SHA3	`b249d1151a8233ce633e740c92cccf2d1117bae4b04dfd9263afa0713ddf15fa`

46

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.05919`
MD5	`fc35278a699e4c230eb14ffe9201a352`
SHA1	`053092c5a1856cc17c022d68e57f3d276c2b0e76`
SHA256	`49203cb82e5c5f3fb46e350bdeddd3bb02d149f159c44319bfe399c1f979e615`
SHA3	`356bb3f14081521cd37670c08fa9ffdbf963a5b998774043f0f2f39402157c6f`

47

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.6234`
MD5	`4e94dde8baf3ac3ff3af7046d68b69b3`
SHA1	`b07f539e43548bca3257341a0121d39a23df11a6`
SHA256	`a0fcdf89e92c6511e5510250b3e0782b564590757f0e809363acf7c289183dac`
SHA3	`a9c93599cea44052a704cd21ee6ab4b1a2a68a57fd6a2a44b308079f5519ed3a`

48

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.90005`
MD5	`6dea081e38e2571115be31374c4d5883`
SHA1	`7ef4228b3173053d4b8189970003f5ca0b9c0dea`
SHA256	`68bfa6ca8a07d44305e914b9309f9e02cd9516372cb03e999d45e27ce1bfa7e5`
SHA3	`89db54e68f4f98c4dac3adb7b60882f6416e9750def0534c8d895b77023d1ff5`

49

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.80536`
MD5	`b85b19a01eb1ef763273a8d33359f6ee`
SHA1	`d3fb846e0165d48adab8ca4b4ab7e0a5cabbcbbd`
SHA256	`7f74fb40b1971962061161d7fd87cc98b68bfa6c4cdb8dffdb0507e8d32a6d56`
SHA3	`5e391e3707837d02fd49a4a5ba72baa352641da96b93fe83fb2cd7cde8ccf108`

50

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0xe3da`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98842`
Detected Filetype	PNG graphic file
MD5	`5c57a699f94cc59b2489e4e0ecf3dc51`
SHA1	`df9a5185b91a49ef6356b41cb17d3fc6b7c747d3`
SHA256	`d34181ab8b1fa420309460ca24fe65de393ad248ca5e7db3c75187efef350f14`
SHA3	`4322d3528077db656b60af47d9d812f84a72e0870a2d9401fa00597bc0eae44f`

51

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.95918`
MD5	`9b20547023addd8a2ecfe1ba9280489c`
SHA1	`384b06f9eec283220b4737e25dcea31eaf1a258b`
SHA256	`33cdda081861c1d8983d7d6b5fb0dc6fb14884e9c552ed8e3573c6285bdd3dda`
SHA3	`28c7d47ebdf0adb3cf22dd89b2e0c969897b740c1614d2793c453c86f2ee671f`

52

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.5742`
MD5	`8eb269973c0982767c4724faa7e0d35e`
SHA1	`3bcc8a41d1370503651946b180090d593651ba8f`
SHA256	`48efde449b7b3ecf7a781e1dfded2d8d408773ab0be4d60aa9a806d787a566e1`
SHA3	`97e2a251696ddc576bb5c5d24070d4aecd3b827c4a5473fdb73ce88f06612b2b`

53

Type	`RT_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.58655`
MD5	`8eade5eced6d5416f5be7d6a8f227d67`
SHA1	`0f376922a2af43c17a82e8242dc449a88ec22c3a`
SHA256	`bf829f36bc1aec345f2d79a2bd50d5e59bbb48e0ffdd4780ecd8458f8b2bfc7d`
SHA3	`73568f931f2e3f33d62aad86aacfd9a0955a5393961ad13748c0ee9bf74f2d5f`

0

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92564`
Detected Filetype	Icon file
MD5	`d826e1b86671e4cbea8386f4e1282fac`
SHA1	`01a2cde09d65f6408183813d4722d947d320fee2`
SHA256	`1dd47348da9ea9f817766e4d1734bf24489d2261c6a585f974e016967341942c`
SHA3	`e7ac8a74fbc89f07453aeb1c872d47edae391ad205439b43011c7af857296b81`

112

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.89097`
Detected Filetype	Icon file
MD5	`a6469ac97a109b7c2bc1bf3020168af3`
SHA1	`53f3b4b4b61af9cde9de74a33fbc492c71f7660c`
SHA256	`ca82878ac6f8f5d26249f03257b496eebf06e2d20e02349a0b871bf92766535c`
SHA3	`15f2850e54173ca36462fa901e1019404484e4da82f3668cb938a5e593f2ed53`

113

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92564`
Detected Filetype	Icon file
MD5	`d826e1b86671e4cbea8386f4e1282fac`
SHA1	`01a2cde09d65f6408183813d4722d947d320fee2`
SHA256	`1dd47348da9ea9f817766e4d1734bf24489d2261c6a585f974e016967341942c`
SHA3	`e7ac8a74fbc89f07453aeb1c872d47edae391ad205439b43011c7af857296b81`

114

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97632`
Detected Filetype	Icon file
MD5	`c81b1e305ab46cd4ec8d9a93766fdd6a`
SHA1	`8f93ae0a79675e57b0346e03bb304900ea3d3cf5`
SHA256	`880e48703b3b2a552411cb3f4a7e8851a1831da6e93c838f008279d4ffc195cf`
SHA3	`df93a496523feec9da2b47a3bb6003b3ef29bf4bd56bb8f4bb22d73bcb86ce89`

115

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.91915`
Detected Filetype	Icon file
MD5	`f3b4458ca0cfad4b42964ccc041c248a`
SHA1	`a65dc7657e249cb345f0f9e8faeedebd0edd5315`
SHA256	`697fc285a7817a50da3328a4ad6c38e5699446efa8da2f7ea501c6a63f0c3f35`
SHA3	`b5e2acc353384f0045baf1684b494624af553ba14bf5151bfc33cdcfe3da220d`

116

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.78791`
Detected Filetype	Icon file
MD5	`c91a100e9c8855a303df73e4a9c40719`
SHA1	`7933889ce4ba81b7c757810f3d1262ed36a63a1f`
SHA256	`afc91facc648f0ac4e416bc731314b5721374bcc2bb7765aeabc5777f93bab00`
SHA3	`6845dd571a548883af9f4cdf18a5d3090629d46755eced1ccc7cb863cb996a9c`

117

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	Latin 1 / Western European
Size	`0x92`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01365`
Detected Filetype	Icon file
MD5	`f3360866472aeb7b3c068cc7ead5b6b0`
SHA1	`4d6a1d9b1dccbeea4005fc1a7f6aae87fd191acf`
SHA256	`cef1950a01950c8eadc8ee1865f6291342df2c042b21c1919a74fa285dfbd83d`
SHA3	`6b7555305844fc657ea896b953ab0a63c9bde95198509c06550f323f945738b7`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2015-Feb-12 18:50:20
Version	`0.0`
SizeofData	`67`
AddressOfRawData	`0xa4ce8`
PointerToRawData	`0xa40e8`
Referenced File	P:\MultiLauncher\Release\MultiLauncher.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2015-Feb-12 18:50:20
Version	`0.0`
SizeofData	`16`
AddressOfRawData	`0xa4d2c`
PointerToRawData	`0xa412c`

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x4aeea0`
SEHandlerTable	`0x4a8160`
SEHandlerCount	`219`

RICH Header

XOR Key	`0x8b1b002b`
Unmarked objects	`0`
199 (41118)	`7`
ASM objects (50929)	`38`
C++ objects (50929)	`133`
C objects (50929)	`240`
C objects (VS2012 UPD4 build 61030)	`76`
Imports (VS2008 SP1 build 30729)	`11`
Total imports	`226`
211 (VS2012 UPD4 build 61030)	`14`
Resource objects (VS2012 UPD4 build 61030)	`1`
151	`1`
Linker (VS2012 UPD4 build 61030)	`1`