Manalyze report for 432ecdb4570ddcf8d84eb8db15256d73

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2023-Jun-28 09:20:41
Detected languages	Chinese - PRC
Debug artifacts	C:\ReleaseAI\win\Release\stubs\x86\ExternalUi.pdb
CompanyName	MonKeyDu
FileDescription	VMware Workstation Pro 补丁 Installer
FileVersion	`17.0.2`
InternalName	VMware Workstation Pro 补丁
LegalCopyright	Copyright (C) 2023 MonKeyDu
OriginalFileName	VMware Workstation Pro 补丁.exe
ProductName	VMware Workstation Pro 补丁
ProductVersion	`17.0.2`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to security software: rShell.exe rshell.exe` `Looks for VMWare presence: VMware` `May have dropper capabilities: CurrentVersion\Run` Contains domain names: example.com google.com http://schemas.microsoft.com http://schemas.microsoft.com/expression/blend/2008 http://schemas.microsoft.com/winfx/2006/xaml http://schemas.microsoft.com/winfx/2006/xaml/presentation http://schemas.openxmlformats.org http://schemas.openxmlformats.org/markup-compatibility/2006 http://www.example.com http://www.google.com http://www.yahoo.com microsoft.com openxmlformats.org schemas.microsoft.com schemas.openxmlformats.org www.example.com www.google.com www.yahoo.com yahoo.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to MD5` `Uses constants related to SHA256` `Uses constants related to AES`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExW LoadLibraryW LoadLibraryExA LoadLibraryA` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot` `Possibly launches other programs: CreateProcessW` `Can create temporary files: CreateFileW GetTempPathW` `Memory manipulation functions often used by packers: VirtualProtect VirtualAlloc` `Enumerates local disk drives: GetDriveTypeW GetLogicalDriveStringsW` `Manipulates other processes: Process32FirstW Process32NextW`
Suspicious	The file contains overlay data.	`6557780 bytes of data starting at offset 0x35a600.` `The overlay data has an entropy of 7.99997 and is possibly compressed or encrypted.`
Malicious	VirusTotal score: 7/71 (Scanned on 2023-09-09 11:10:36)	`BitDefenderTheta: Gen:NN.ZexaF.36662.@x3@au72Cceb` `Bkav: W32.AIDetectMalware` `Cynet: Malicious (score: 100)` `Kaspersky: HEUR:Trojan-Banker.Win32.ChePro.gen` `Rising: Trojan.Generic@AI.100 (RDML:LtXOY4P5HIr8dkwXw2TREQ)` `Symantec: ML.Attribute.HighConfidence` `ZoneAlarm: HEUR:Trojan-Banker.Win32.ChePro.gen`

Hashes

MD5	`432ecdb4570ddcf8d84eb8db15256d73`
SHA1	`da610aa1bf67c644479830bfeb7e9d7ff8e51851`
SHA256	`7ad8eeffb422aaf443713d528afed36ae6dedffc029ef17601c3667506f82d22`
SHA3	`726ee0bbcc5ae7e15381240276f28c7b3252a52c1c6c69e3b09ef88f9508f611`
SSDeep	`196608:xomHVY0A56zqFZYMCzDzLtdxG3AJmKSliS0Z/uVwg:X1YToqFZ3C3zf43AJm1+Zjg`
Imports Hash	`9ba7635100a9543a4f472797566c43e3`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x120`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2023-Jun-28 09:20:41
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x267200`
SizeOfInitializedData	`0xf3000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x001DD680 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x269000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x367000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`6cac8d1588a080830b52f21bb525e452`
SHA1	`fe3bad79754cdcf54fbda59eac17d5435c1b0bfa`
SHA256	`45a693af55b9a835a066f72b5dd2c37f2653b06e9b9f80947dfbee33547e10dd`
SHA3	`a49a61447c3648009344d0602b8253f14aa2f2b9d74d276a9e0d1e2bb74d48aa`
VirtualSize	`0x267146`
VirtualAddress	`0x1000`
SizeOfRawData	`0x267200`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.45818`

.rdata

MD5	`45fa3832446dcd9690871301a1cbc035`
SHA1	`0e5d22e7e7dbe0205031e3cee3486ea4ddd742d1`
SHA256	`aee97b50991acc736cb58eb067d33187123ed7ab7ca89eb41c12eb193ec066e7`
SHA3	`9f622de0e233fb5ec3e131e1c2c67bbea58ac100c3739579dc793eb05f158aab`
VirtualSize	`0x8ebfa`
VirtualAddress	`0x269000`
SizeOfRawData	`0x8ec00`
PointerToRawData	`0x267600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.6008`

.data

MD5	`becc499adcd980ba70741cca33175edd`
SHA1	`793b98f88249fe714e035c0429337a2875749246`
SHA256	`cc0234bd740056eb26bebcbbfb55d351f0efcf5f0375d3bca4f514179042eb0f`
SHA3	`18bba67e70b9ecddb9b8ef8a2de67fd552b47d55396d98673a28c47050129e0e`
VirtualSize	`0xd220`
VirtualAddress	`0x2f8000`
SizeOfRawData	`0x3c00`
PointerToRawData	`0x2f6200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.79118`

.rsrc

MD5	`80196ff44fc577ae1eaa715e4ad65081`
SHA1	`a162000dd50e851008f6c1a8dac07a0d87e39466`
SHA256	`e3aa05f16ebf493da8bee8a60c1eb088cbafdfac624ce2a69b0f77d915f60169`
SHA3	`1e9f9715ebbf29c628e4254e7476b62e25cd4b94ec07e5d33d2622751eddc21b`
VirtualSize	`0x37c4c`
VirtualAddress	`0x306000`
SizeOfRawData	`0x37e00`
PointerToRawData	`0x2f9e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.05221`

.reloc

MD5	`ed23f6d2dd1b38ddaab7384a2b0a9ca6`
SHA1	`5c7349275d79e225f21213ef53056ff59872729e`
SHA256	`5da7c21d0c794a83044a0024ec5d3da2d01d86a084d60ce19b99b768c6d505ac`
SHA3	`4850a2c2f1addb20e082245ff1b8d2b4fd9d7530473ad116f9bbe6c2bbf2cfc0`
VirtualSize	`0x289b4`
VirtualAddress	`0x33e000`
SizeOfRawData	`0x28a00`
PointerToRawData	`0x331c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.51344`

Imports

KERNEL32.dll	`CreateFileW` `CloseHandle` `WriteFile` `DeleteFileW` `HeapDestroy` `HeapSize` `HeapReAlloc` `HeapFree` `HeapAlloc` `GetProcessHeap` `SizeofResource` `LockResource` `LoadResource` `FindResourceW` `FindResourceExW` `CreateEventExW` `WaitForSingleObject` `CreateProcessW` `GetLastError` `GetExitCodeProcess` `SetEvent` `RemoveDirectoryW` `GetProcAddress` `GetModuleHandleW` `GetWindowsDirectoryW` `CreateDirectoryW` `GetTempPathW` `GetTempFileNameW` `MoveFileW` `EnterCriticalSection` `LeaveCriticalSection` `GetModuleFileNameW` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `GetCurrentThreadId` `RaiseException` `SetLastError` `GlobalUnlock` `GlobalLock` `GlobalAlloc` `MulDiv` `lstrcmpW` `CreateEventW` `FindClose` `FindFirstFileW` `GetFullPathNameW` `InitializeCriticalSection` `lstrcpynW` `CreateThread` `LoadLibraryExW` `GetCurrentProcess` `Sleep` `WideCharToMultiByte` `GetDiskFreeSpaceExW` `DecodePointer` `GetExitCodeThread` `GetCurrentProcessId` `FreeLibrary` `GetSystemDirectoryW` `lstrlenW` `VerifyVersionInfoW` `VerSetConditionMask` `lstrcmpiW` `LoadLibraryW` `GetDriveTypeW` `CompareStringW` `FindNextFileW` `GetLogicalDriveStringsW` `GetFileSize` `GetFileAttributesW` `GetShortPathNameW` `GetFinalPathNameByHandleW` `SetFileAttributesW` `GetFileTime` `CopyFileW` `ReadFile` `SetFilePointer` `SetFileTime` `SystemTimeToFileTime` `MultiByteToWideChar` `GetSystemInfo` `WaitForMultipleObjects` `GetVersionExW` `VirtualProtect` `VirtualQuery` `LoadLibraryExA` `GetStringTypeW` `LocalFree` `LocalAlloc` `SetUnhandledExceptionFilter` `FileTimeToSystemTime` `GetEnvironmentVariableW` `GetSystemTime` `GetDateFormatW` `GetTimeFormatW` `GetLocaleInfoW` `CreateToolhelp32Snapshot` `Process32FirstW` `Process32NextW` `FormatMessageW` `GetEnvironmentStringsW` `InitializeCriticalSectionEx` `LoadLibraryA` `GetModuleFileNameA` `GetCurrentThread` `GetConsoleOutputCP` `FlushFileBuffers` `Wow64DisableWow64FsRedirection` `Wow64RevertWow64FsRedirection` `IsWow64Process` `SetConsoleTextAttribute` `GetStdHandle` `GetConsoleScreenBufferInfo` `OutputDebugStringW` `GetTickCount` `GetCommandLineW` `SetCurrentDirectoryW` `SetEndOfFile` `EnumResourceLanguagesW` `GetSystemDefaultLangID` `GetUserDefaultLangID` `GetLocalTime` `ResetEvent` `GlobalFree` `GetPrivateProfileStringW` `GetPrivateProfileSectionNamesW` `WritePrivateProfileStringW` `CreateNamedPipeW` `ConnectNamedPipe` `TerminateThread` `CompareFileTime` `CopyFileExW` `OpenEventW` `PeekNamedPipe` `WaitForSingleObjectEx` `QueryPerformanceCounter` `QueryPerformanceFrequency` `EncodePointer` `LCMapStringEx` `CompareStringEx` `GetCPInfo` `GetSystemTimeAsFileTime` `IsDebuggerPresent` `InitializeSListHead` `InterlockedPopEntrySList` `InterlockedPushEntrySList` `FlushInstructionCache` `IsProcessorFeaturePresent` `VirtualAlloc` `VirtualFree` `UnhandledExceptionFilter` `TerminateProcess` `GetStartupInfoW` `RtlUnwind` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `ExitThread` `FreeLibraryAndExitThread` `GetModuleHandleExW` `ExitProcess` `GetFileType` `LCMapStringW` `IsValidLocale` `GetUserDefaultLCID` `EnumSystemLocalesW` `GetTimeZoneInformation` `GetConsoleMode` `GetFileSizeEx` `SetFilePointerEx` `FindFirstFileExW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCommandLineA` `FreeEnvironmentStringsW` `SetEnvironmentVariableW` `SetStdHandle` `ReadConsoleW` `WriteConsoleW` `GetProcessAffinityMask` `GetModuleHandleA` `GlobalMemoryStatus` `ReleaseSemaphore` `CreateSemaphoreW`
msi.dll (delay-loaded)	`#6` `#62` `#139` `#54` `#58` `#147` `#140` `#221` `#94` `#51` `#169` `#80` `#224` `#19` `#96` `#281` `#137` `#166` `#52` `#150` `#78` `#141` `#90` `#204` `#113` `#16` `#116` `#67` `#114` `#120` `#47` `#26` `#34` `#145` `#103` `#74` `#118` `#20` `#160` `#159` `#32` `#186` `#171` `#195` `#48` `#121` `#24` `#70` `#205` `#92` `#8` `#158` `#49` `#125` `#17` `#115`

Delayed Imports

Attributes	`0x1`
Name	`msi.dll`
ModuleHandle	`0x2fba20`
DelayImportAddressTable	`0x2fb8e4`
DelayImportNameTable	`0x2f46ec`
BoundDelayImportTable	`0x2f63bc`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

249

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x13e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.68257`
MD5	`b89c53234608d5520e4d31473d295903`
SHA1	`eb0793d7eb2f6e963a670facdbc9eb0005882350`
SHA256	`32673976ffb81636486cd895a3e78e45d812109fdc5c773bcd551316d0b35182`
SHA3	`babff1eae44a15d43d7d370045bcc0ad9ffe1db664c6acb086248acd1c31cdb0`
Preview

255

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.675615`
MD5	`2487cd4b69093c5f2b5daae9a97b6b0d`
SHA1	`bd685319d12d18941e76c6c65e6a9eeb8b56ba40`
SHA256	`43175f041004354a75b7cc148dc6192777411006df824d83587098ae0e87959c`
SHA3	`5f6abbd150f4ae75ceea15f8b7e0271b64ae7a55866213bcfc7f86641b37793c`
Preview

10106

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x48a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91386`
MD5	`feb4796a8797e048f5309d841b9e680d`
SHA1	`2bd88e01b58b033fc830623f6d3f3bea30c16b10`
SHA256	`6e1084a05b9b8a00d2f8572cb70133f10d9ccbb1c6d6dcbbd9c4ae8a655add8a`
SHA3	`9b52aa7127a27d71df724bf20d4619005546e24be0d4faa1db0229424501c480`
Preview

10107

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xa6a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.79553`
MD5	`e907975955dd2be6b62fd46628cfedce`
SHA1	`b4694d36c14d72ba6eec14f70d02197019499ca8`
SHA256	`1bd86eecad0a5db654c729a450c8feeb821c41a06d4bca338d2121b7a010c603`
SHA3	`e788a5bc64147359c6343cec773fc54ea0bf9174bc37850d4708e3e5ba276527`
Preview

10124

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x152`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.49051`
MD5	`ff7110580b8339ae5c3177248cd86f28`
SHA1	`c86171d538549724740ed7d5bdd784edfbe282e7`
SHA256	`faf9686e3bcbf27686fa92a97fee9c72db32240fef4295aad14403935c9bab8f`
SHA3	`8cd6ba7864898ce057585c51629c03dc57c71ef1c8511faf0bcc8224a8e8c476`
Preview

10125

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.67246`
MD5	`9eb7f2c8f73508a28a7c701e35a9072f`
SHA1	`b01786342e84083bda8c94534c2ef2441f3ecb6d`
SHA256	`6ea607ae2e99a0d4d663d8f7d778228be0fcfc96f2f61b5e37641dc1512915bd`
SHA3	`10e1ccf1b01c53355dd05e1b1230116fda59dfcccb7e296383563cbb2fd69e9c`
Preview

1

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x142d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.80445`
Detected Filetype	PNG graphic file
MD5	`3a69859c031d164882491eac82c5ae14`
SHA1	`b334558f7ff903a3eb46907dd51ea53ef72a0200`
SHA256	`2c995266d246ea31a187141c30c4525c0765fe678ced49c014e8fe4d48ee9288`
SHA3	`340fa07f2b8baff393de826ed23f78510c433639810d9c88e40d3b95c5c702e5`

2

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.42868`
MD5	`fa713ab37038306b69cf83c472c0f800`
SHA1	`b99c534a566db7b947cd8132aa7eb2d85eb43ddf`
SHA256	`740f51c5f02dc331f7048ccafd3940d95432d32d0837f991564987370393ee43`
SHA3	`3b52bc99527ddb4589e7e9ce789636dd751241b46a937f181e4a73c29a0d15c7`

3

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.59035`
MD5	`6352b7735d431ffa46d5001e122ac57b`
SHA1	`6550eb06fc29b3e6ec39bbe7553fda290b1c1e40`
SHA256	`7053d8b530d308a48d8d451623b049f1d7f98b94fbaedc129fe80cce54bdeeee`
SHA3	`d50672ea254dffef92431e9bca69aed07a034695a6a6f5f7b52a5de58fd99cba`

4

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.73194`
MD5	`72dd88fa97fcc0724bee0d4126ff5286`
SHA1	`1b12d01d55142c15b030cba074668c370daa63e1`
SHA256	`31b582bbca0599e305b6629cfeb6d95bcafbf82ddee3f60b4cd5e574e3c07bd1`
SHA3	`d3b395b7c429d418b7b8df71077163faaceb52a74f93a232a4d7ad5e5f4c2f2a`

5

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9354`
MD5	`f8d71503c7ec25e6367d83970b5fe6c6`
SHA1	`781f480c669fad8cc84e043cef4a878b373c08ba`
SHA256	`f9a9bf827bb6b78bdf26aceaa613abf0671ebefdbe1e3b68de612d09bb9503dc`
SHA3	`1f7d3e14c7add3af9c4917b8ba1eb78a2393a7648002359830969f72e9f9d645`

6

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.39843`
MD5	`bf3c04a85f86313694fdf778d5ae2274`
SHA1	`f64d57c35d9bf8b555a92e0851c297c13d0050a5`
SHA256	`36b024180f79aedd2158c251d70f44b307f2e31c114255da6c25b964f1970fb0`
SHA3	`3cd6a064d8c39817377c0eafec9152b1ca4d99b93940c6d0f76b0ec7badb3c8b`

201

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.21656`
MD5	`75596da26dadcd386cb2cd356e70d1f9`
SHA1	`403f7e202dbe35eda2ed9da12ba2811b4cfc0f29`
SHA256	`bd70946d2e05a4bea79ff3174eac62c045a91a5701ab19a4955aadfc0ae924e3`
SHA3	`934994f8011f86daa5c83ea2f1854e272c91efd1c017b3fbf2e7402ca5b7b0b2`

216

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xb0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.95146`
MD5	`f12818d92302648793404dd81d2cae25`
SHA1	`49da5d81043945fa1eb2220de6ba9613e08ce11f`
SHA256	`11c2cf1c0af6c875a870edb5686e6e2c72883d548d409fec832f153fe9bb0741`
SHA3	`c6126d4ea4336b26177e755bb4621f8409294dd7a130f2346eb8edbbc5ddf3f5`

225

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x15c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26015`
MD5	`aabf17ea0a31ed0248beab1fdc980d39`
SHA1	`5d11cb531907a517481996e8d7ce58f1acc9ef95`
SHA256	`e492880958dc6edaaac577d4047d77b1b052f90ae3727d5f47fecae5a4ee111b`
SHA3	`a99662b0b16326924072dbf4cfb57e6ddf1f19e34f519ab631439b95aee6b5ef`

2000

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xf0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.18731`
MD5	`66b2cdf8b1bde4c320563d53e86c55d0`
SHA1	`32d52ffea181fa0ba25549eb7374e696bcf08325`
SHA256	`6f703a3060184f1875f6a26d87fb0bebc4d623a31d5c5177b46c6639bfbf1c76`
SHA3	`cc06cb4860ee43432473cece434bc858ed899665218544ccd088e988e6b9470d`

10123

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x46`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.88806`
MD5	`90e6411b08639e27a7d37349301d6465`
SHA1	`ce0fe1ba7384f0c94a1977bde8e2dd6a5c289e65`
SHA256	`09a10a821c8870f144efb81ba728ff09e47cc65c11f5f2bd4aa80b783bd064eb`
SHA3	`1a864513f6bf22e85b9d240fdc02e2e35592c059a36059bd9a2e1b6e35fda9a8`

9

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xde`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.37351`
MD5	`b96a56b866788e7d713ab7dd045fb988`
SHA1	`f818feb71f238c7fea358af1f8a1ae97faf9dfdd`
SHA256	`4c91815544b66dfe970cd93a3e6c6896dd7ddbf338d1344b5dce0e5e947f161a`
SHA3	`2da43868f0cd27ff54c6ab02142fa532957c1db02da6d88518ec410a4f881ec5`

10

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xe0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.38965`
MD5	`f0712a8e186a3f7346f9cdf159d5f794`
SHA1	`5efca13be44e488428e217b04af6d8cdad1c7577`
SHA256	`3fd601a596f7ebe757c3179e8f0c89ae7b5e16d06ce9a7101c384d18368d5a7c`
SHA3	`6c840e627696e1bab1921ef99a3eea07c7d2a18bf566b44adcf4fb51f49b32c8`

11

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x3a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.41825`
MD5	`40152ae83a43ba79d7d6cb3d094f83d0`
SHA1	`76b9b98d3b176f90c75d0b8a9fcc4be09c918e7f`
SHA256	`15f2ae6187596162375d5c5822789e8e5b758751515d281fa31bb36e6feb106f`
SHA3	`d8a513d863b28fdd58b908b00ffb6fb0b5ffb73668923408cf876ca98dc82d89`

12

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x6e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.77065`
MD5	`5791a1da2c4631a413dd3f9d58bfcb52`
SHA1	`55d01bd60c012e5ddea064eb3f156ae7ff5daa80`
SHA256	`08722efb17d0aea3cbea355f8b2ea24bab9f725486db9f99f3d4d57682e165ba`
SHA3	`a0882e277d415ecbf62c35b83c683422e5e8f1b316a34dc50b5c50bdcfd85126`

13

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x182`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.22517`
MD5	`927bc09f5767602fa4876c3993113e50`
SHA1	`2a4103b5ed12580be558a83d3cd92779b472534d`
SHA256	`d80c4b9fb35f2545a3af0f102dc365d60fe3b92331ecada55cfb4cfa4501a573`
SHA3	`4e0313dde874a4a7a5520c9db05c3908de8b87c8915c033a24ee3a8ae0499a0e`

14

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x25a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.88941`
MD5	`9b71c5a554ed32b10afd30fac90623ac`
SHA1	`e4de626dddda1cb6fab59da762a0a639dc6fccb2`
SHA256	`80ba376506231bb953437b6c692ada947e625cc7d5b746f79890af39df879f8c`
SHA3	`4c80f37c2f4aa244012de51264b3923de55cd4f85233c011b0485d13e17935c4`

15

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x240`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.75726`
MD5	`273be92ede77b894b18d32c9187d4150`
SHA1	`c36bb28efd5f58fdfe1e0c5928f753f2516f6098`
SHA256	`f542cac2d1d5dd5b432717bf9c8a2c68f8fe46307ab329d036b76cd0cc0e2389`
SHA3	`03e6de3efdb1b4aa435711bb807781513b68fb74f920f44e8f4ce60872a4113e`

16

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x7c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.28619`
MD5	`ed308b41250d5fbb6aaaface04b898c0`
SHA1	`169fc75babfc594b9ad17de2a503752c172965a4`
SHA256	`2ad757c7a8767e58fbc70e03b80d6412f88ba5fdf2f50bd0cabc7286c0f96421`
SHA3	`7f73815fbd52e56a734b618b109c533888adf58896356f6792b8b3449a9bf3b6`

17

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x1c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.81353`
MD5	`cd960cd921bd4597b8684669369a7a7c`
SHA1	`46b589a25f2ac2865205348c4d82dcfa6b7eaef6`
SHA256	`6646b8748d7e71fdb69d408cc95846049caf663abc43403fed1a47a708efa5d3`
SHA3	`dcdb164a04fc79e31dbf176e82224ca565a94abda4213672df7e2cc400eedbdc`

18

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xd8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.99107`
MD5	`ddeb01246d43767a0048fe7da856e8e9`
SHA1	`911dc0c2e408d926a991846c0aab7d52942bc8d4`
SHA256	`9befa983a80e181fdc38066c80606554552d73a9d9694c5621aade04f0b8affa`
SHA3	`428dc930c921f50b17501fa2296123d06ef405eed9ba107e37f0244197e0c9b7`

634

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x86`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.47157`
MD5	`0f81aee6dece4c564ed75584325ba836`
SHA1	`b7fea63c1b65185afa6de6be91c9c5d581ddc7d8`
SHA256	`f00915bb42cb583910bb09710faa3594ff5bedceef7e147552b1255129e066f9`
SHA3	`8f8e0f8623d6c46ff7df9758b88c86b1d61426ad15bc9943f237685f7d57c70e`

4063

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x146`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.2996`
MD5	`cd980507fd34c587e355c16a1aa3a164`
SHA1	`540b7d6109372e2183d8ece03414b9e0827c177f`
SHA256	`9462c29cdee43cca8bdaf79e550ba96acffd3ec5f8f2c4f8493ec1278dd1c6f0`
SHA3	`fcca38c93d8ff102235db13443e631b6204f50f55eee8a24f30ce2aac236975d`

4064

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x30c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.219`
MD5	`a39ffba0d462d45bcf1fd4ae25562619`
SHA1	`d732e5180d5aa42de1be5d029a2be58f2983610a`
SHA256	`5f2f7605afdfdc33f74ea1317e67de22116dae2b7b3d873a4c22951a5fa13c53`
SHA3	`47df3af0ef885467a0f61ce74c9459229ab0d7597db3da6ca57b2b9cf5a87fbc`

4065

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x2ec`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.74573`
MD5	`06b3cd2a0e46669069fad94b2afc4b09`
SHA1	`31780fa0fd4f48ea5e13633c87ef3a293e6809b5`
SHA256	`5b4baef51070531e2e85695dd789ce8b5520d43b2d302f4b98d4f82946db7d08`
SHA3	`15d501bbc0fa72b0f65bceb041b1bd5d1de31f16e04e2808e313c50d8539c770`

4066

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x11e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.26724`
MD5	`e41953504fb5dc069142858e27858c7e`
SHA1	`e5ca89c1de47694120d922da47f438508a0ee8c0`
SHA256	`38e1140f1d6c2db95ed0918ba18f617510c8d10dd1b151e3d0a40dad96a81d8e`
SHA3	`e34c5dac6d177c1b6ee85bb45711870a2243affda2765b0d79ecd98d7e40fa77`

128

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.74155`
Detected Filetype	Icon file
MD5	`7e8a8d5a71e70f89578a97634ae2d309`
SHA1	`69cd59f6c895bbf241e5e2d48f65595e3b9d86c8`
SHA256	`4d1f4d8340440282f4f27677efcc514a9ca206841fac86ebd7dc5d61a27edebd`
SHA3	`07d0f3f58e93360d611ffefb16cddfa0151c019e2030304143a01a1c943d59b1`

1 (#2)

Type	`RT_VERSION`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x34c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.46446`
MD5	`df58ebe4156076c36e1941ed73be2672`
SHA1	`24f072243f74ddfe6018c15c5e2d46a42f51e462`
SHA256	`056417c6eb1efca849442bc799d9ab8c5b6be60f68145bd75bd4016f208c9559`
SHA3	`5ac2edfd625d5c97fc154da34082e25f718fbdae8f142967510caee876047542`

10108

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x3835`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.87833`
MD5	`d428bbb6d4fdbe11e8dc40f51ff6f485`
SHA1	`33d810d871633ebe4c774c24a81a9deb229b512a`
SHA256	`920c7c72d21cab3bcc563ec19337e98252981f56c4e20c7fff2eecbb46bff8c3`
SHA3	`cddacdb5941e994cd619773e0cbf7ffd098f2449a959bae64160ae745c316168`

10109

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x12ea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.88835`
MD5	`9f05c3f48b0c2c5a15bf332776fc873e`
SHA1	`66da3a0a75a16cf9c0f438684d0ddee28343ff1f`
SHA256	`54cbc170d253af8a1a4020d930cac4b1fcd1d12ee93b4eaa69a3fff22c415f76`
SHA3	`d50492d9fbed89b41bb68b194fcd6824079f26cd5cc342c399d06e4ded561d40`

10110

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x50cb`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.13158`
MD5	`1e1c428a19b2e39b30321cbba7fd16a3`
SHA1	`76ce56ce85b572c312a328511360e54ebbe425d0`
SHA256	`b505c72e23b8a608cc51ad66c3d851a7fb5f196027d129e523f6dbf20f28ebf9`
SHA3	`d86bc56c8a7c6218a2c69c1ecd0abe48493b2faace1f2580d854ecc6051551fb`

10111

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x4c2e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10599`
MD5	`b2443afdd5dfe789305ee15c084ea284`
SHA1	`b16b4546d2db4edc3f515516850d3ba76718384f`
SHA256	`9accf6fd704df0a51897604ad6e65f6c01c907aa1c6066f61915fd16754a184d`
SHA3	`e9beebc4f783b565fc135d4be09638c04a47ac3f8496c9b013d6841192ee2331`

10112

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x534`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.97857`
MD5	`a05a10c2b36d17a39f0635f182664708`
SHA1	`91f4818bbdfc00867b7a733d89e7f79e8bcb1f6c`
SHA256	`2fc424c91003d0aa0e8bdb0aba4fe0b79d58cec9bd8d92beb43a44d5e85cf1a9`
SHA3	`5ea0dd592bd6a3806ddd38aac489ce08c257ff19bb331233ac95d43fa5a72910`

10113

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xdc3`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.98457`
MD5	`df068787c0ff5dda1a98180caab9c2ea`
SHA1	`140bb4c234b19ab7c43d1879580881ddd71ad933`
SHA256	`f601f718d07b0f0025e34d0bb14bff3c594108f67c528fa724cc6cdf782a3839`
SHA3	`fbd0cbd20c86211bf321c96af51da30ccd4675c4f0f5fb41da7fe6756694edb8`

10114

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x1104`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.03104`
MD5	`3237684ab5389093301a19c27a01d590`
SHA1	`1d7e5c4a79b04a64e3f597124fba2f1b9e9790ac`
SHA256	`61a17c41585cfe0c8e25cb82204c1b0322cd5f5cf6ccbd659fdeecf81fc26c4c`
SHA3	`8735758c1634f1d10e7749be8936aedc8e89b1003968bb66c427c1a8ee53e642`

10115

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x2050`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.84305`
MD5	`d17979c8f4fd174f0cd8d9b67ad9591a`
SHA1	`6caeca0f30cdb47f244f20f0015479c39c5269fe`
SHA256	`dffb9d8eaaf49984dd1c9956446ca1266118871f9c20c1118e6222a9c93b079b`
SHA3	`cb785a2c35583f80a2e3143ba5e7c3bf272d1c6b2d06b74dbd7fb4def5c481bd`

10116

Type	`RT_HTML`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x238d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.05123`
MD5	`252dc8fa3de4f63ab6eb551aac787db9`
SHA1	`5cbf8c1e0e94741990b67ca23256bd6e684cc178`
SHA256	`28dcd9acc4b69282e57bf207f0595402b94b535470a920caadc20a1596a23823`
SHA3	`dbb45d10cd4d56ba3fe52166b974a9e3201789be06dbd35340f0381e2f48619e`

1 (#3)

Type	`RT_MANIFEST`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x80f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.18931`
MD5	`9380a96ee7121569f2b6309ee3e91453`
SHA1	`bae5f1e24b12ea8f81e5771e6ef204f5d59723ce`
SHA256	`f81aa0d8ea4da18e11fd1238f9494dd12704fb9c3b90aa613feb918c51628797`
SHA3	`f16a297950f91c9ca0a1d36e659062c5084da0566ca8b2290150a7119e623679`

String Table contents

设置
此压缩文件已损坏.
此压缩文件包含不受支持的版本.
无法启动 Windows 安装程序.
读取文件时出错.
提取时出错.
正在检查完整性 (MD5)...
%s 选项
正在提取主应用程序文件...
网址
命令行:
%s [选项]
选项:
%s
<msiOptions> - msiexec.exe 运行 MSI 程序包的选项</msiOptions>
名称
正在安装 %s
点击完成按钮安装主应用程序.
%s 设置
查找: 没有.
%d 小时 %d 分种 %s/秒
%d 分钟 %d 秒 %s/秒
%d 秒 %s秒
正在打开网站 %s
正在下载 %s
从压缩文件中提取文件...
文件正在提取到 %s
%s 文件无法解包. 错误信息: %s
必须安装 Java Runtime Environment 1.5 或更高版本才能解包 JAR 文件.
另一个安装实例已在运行.
找到可接受的版本.
- 显示此对话框
<path> - 将所有文件提取到 <path></path></path>
- 在没有用户界面的情况下启动 EXE 设置
-使用基本 UI 启动 EXE 安装程序
- 设置支持的列表语言
<lang_id> - 使用指定语言启动 EXE 安装程序
<username> - 代理使用的用户名
<password> - 代理使用的密码
<path_to_log_file> - 在指定路径上创建日志文件
错误: %s
您必须重新启动计算机才能继续安装. 按是立即重新启动或按否取消安装并稍后手动重启.
确认
正在解开文件: %s
文件夹中没有足够的空间: %s
请释放一些空间并点击重试或点击取消中止安装.
准备就绪...
- 不检查新版本
%s 语言
正在搜索运行环境...
<instance_id> - 安装新实例
<instance_product_code> - 升级已安装的实例
<instance_product_code> - 维护已安装的实例
<new_instance_name> - 安装实例产品名称时更改实例产品名称
- 设置安装 AES 加密程序包所需的密码
疑问
将执行所选实例的升级,您想继续吗?
<prereq_id_list> - 指定要安装的 wich 运行环境
- 跳过运行环境安装程序
<instance_product_name> - uninstall an installed instance
连接到 %s
位于 %s 上的服务器 %s 需要用户名和密码, 请在下面输入.
无法访问: %s
还有一个更新的版本 %s (%s).
您想下载并安装它吗?
检查更新版本...
无法下载更新版本 (错误: %s). 您是否要重试或继续并安装当前版本?
无法从文件中读取 "%s". 错误: %s
无法写入文件 "%s". 错误: %s
版本
安装程序软件包使用 AES 256 算法加密. 要继续设置过程, 您应提供解密程序包所需的密码.
正在删除已提取的文件...
EXE 引导程序和 MSI 数据库之间的数字签名不匹配
返回
下一步
完成
取消
下载的文件没有预期的大小
%s 强制运行环境未正确安装.
正在搜索已安装的 Appx 程序包...
安装 Appx 程序包...
正在移除 Appx 程序包...
正在下载资源文件存档...
无效的命令行
无法初始化窗口应用程序
内部错误
此处理器类型不支持此安装包。请与产品供应商联系。
高级安装程序
意外异常。
应用程序遇到了无法处理的问题。
很抱歉给您带来不便。
异常 (在 %2!ls!:%3!ld!) - %1!ls!
STD 异常 (在 %2!ls!:%3!ld!) - %1!hs!
A COM API 返回错误: [0x%1!lX!].
%1!ls! %3!ls!:%4!ld! %2!ls!
无法分配内存。
文件中的分析错误: "%1!ls!" 在第几行: [%2!ld!] 列: [%3!ld!] (代码: %4!ls!).
不支持的文件编码。
无法读取文件 "%1!ls!" .
找不到文件: "%1!ls!".
打开文件时出错: "%1!ls!".
无法写入文件 "%1!ls!"
不支持的命令文件格式。支持的文件格式有：ANSI、UTF-8、Unicode Little Endian 和 Unicode Big Endian。当文件以 UTF-8 和 Unicode 编码时，需要字节顺序标记（BOM）。文件的第一行必须以 "%1!ls!".开头。
参数 %s 缺少值。

无效的 "%s" 参数值: "%s".
未知参数:
也许你应该改用:
缺少必需的参数: %s.

需要以下参数之一:

空指针异常。
解析 XML 文件时出错: "%1!ls!".
无效的 XPath 表达式: "%1!ls!".
命令 "%s" 未知。也许你应该改用 "%s"
无效的 XSL 转换。
筛选的输入无效。
您的输入已被过滤，因为它包含此字段的无效字符。
您的输入已被过滤。
端口号需要在 0-65564 范围内。
调用 MSI API 时出错: %1!ld! 方法: %2!ls! Table: %3!ls!.
调用 MSI API 时出错: %1!ld! 方法: %2!ls! 表e: %3!ls!. 扩展错误: %4!ls!.
提供有效的脱机注册表句柄。
注册表值 "%s" 中的十六进制字符串 "%s".无效。
版本无效！
每个数字后都可以使用下划线，最后一个数字除外。
无效的版本格式，预期：主要、主要.次要、主要.次要.构建或主要.次要.构建.修订。
无效的版本格式，预期：主要或主要。
无效的点序列。
版本不允许以点字符开头。
版本不允许以点字符结尾。
版本号的每个部分必须是介于 0 和 0 之间的整数
Azure 密钥保管库 DGSS 库令牌无效。DGSS 令牌: '%1!ls!'
访问 Azure 密钥保管库时出错。错误描述: %s
参数 %s 不能为空。

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	17.0.2.0
ProductVersion	17.0.2.0
FileFlags	`VS_FF_DEBUG`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	Chinese - PRC
CompanyName	MonKeyDu
FileDescription	VMware Workstation Pro 补丁 Installer
FileVersion (#2)	17.0.2
InternalName	VMware Workstation Pro 补丁
LegalCopyright	Copyright (C) 2023 MonKeyDu
OriginalFileName	VMware Workstation Pro 补丁.exe
ProductName	VMware Workstation Pro 补丁
ProductVersion (#2)	17.0.2

Resource LangID	Chinese - PRC

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-Jun-28 09:20:41
Version	`0.0`
SizeofData	`74`
AddressOfRawData	`0x29d5e4`
PointerToRawData	`0x29bbe4`
Referenced File	C:\ReleaseAI\win\Release\stubs\x86\ExternalUi.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2023-Jun-28 09:20:41
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x29d630`
PointerToRawData	`0x29bc30`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2023-Jun-28 09:20:41
Version	`0.0`
SizeofData	`1116`
AddressOfRawData	`0x29d644`
PointerToRawData	`0x29bc44`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2023-Jun-28 09:20:41
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x69dab0`
EndAddressOfRawData	`0x69dab8`
AddressOfIndex	`0x6fc298`
AddressOfCallbacks	`0x6694cc`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0xc0`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x6f8024`
SEHandlerTable	`0x69a9ac`
SEHandlerCount	`2764`

RICH Header

XOR Key	`0xc14cfedc`
Unmarked objects	`0`
ASM objects (29395)	`13`
C++ objects (29395)	`187`
C objects (CVTCIL) (29395)	`1`
C objects (32420)	`19`
ASM objects (32420)	`25`
C++ objects (32420)	`106`
C objects (29395)	`26`
Imports (29395)	`3`
C++ objects (CVTCIL) (29395)	`1`
Total imports	`745`
C++ objects (LTCG) (VS 2015-2022 runtime 32532)	`381`
Resource objects (VS 2015-2022 runtime 32532)	`1`
151	`1`
Linker (VS 2015-2022 runtime 32532)	`1`

Errors

[*] Warning: Raw bytes from section .text could not be obtained.