| Architecture |
IMAGE_FILE_MACHINE_I386
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date |
2026-Mar-05 05:33:45
|
| Detected languages |
Korean - Korea
|
| Info |
Cryptographic algorithms detected in the binary: |
Uses constants related to MD5
Uses constants related to TEA
|
| Suspicious |
The PE is possibly packed. |
Unusual section name found: \x00
Section \x00 is both writable and executable.
Unusual section name found: .idata
Unusual section name found:
Section is both writable and executable.
Unusual section name found: upgezscd
Section upgezscd is both writable and executable.
Unusual section name found: sejbetud
Section sejbetud is both writable and executable.
|
| Info |
The PE's resources present abnormal characteristics. |
Resource 210 is possibly compressed or encrypted.
Resource 211 is possibly compressed or encrypted.
Resource 127 is possibly compressed or encrypted.
Resource 128 is possibly compressed or encrypted.
Resource 202 is possibly compressed or encrypted.
Resource 203 is possibly compressed or encrypted.
Resource 204 is possibly compressed or encrypted.
Resource 205 is possibly compressed or encrypted.
Resource 4 is possibly compressed or encrypted.
Resource 6 is possibly compressed or encrypted.
Resource 7 is possibly compressed or encrypted.
Resource 8 is possibly compressed or encrypted.
Resource 10 is possibly compressed or encrypted.
Resource 11 is possibly compressed or encrypted.
Resource 12 is possibly compressed or encrypted.
|
| Info |
The PE is digitally signed. |
Signer: Game Cafe Services Inc
Issuer: SSL.com Code Signing Intermediate CA ECC R2
|
| Safe |
VirusTotal score: 0/70 (Scanned on 2026-03-16 08:30:26) |
All the AVs think this file is safe.
|
| MD5 |
e52565486d88fdff53fae83ab3f5e762
|
| SHA1 |
516d236b3c7b88a9274fd146893d07e9b5016e27
|
| SHA256 |
475e391f4e87667092ab1bb3ab5216cbf7f80f50e392f7f5877221f1a8001e68
|
| SHA3 |
e98476e3019458ff9a7f535b15a2e5287870b0a12214b85460e5075f54bcc6ee
|
| SSDeep |
98304:I2T5hUbd3P0BHWqbVOchkIuD1Th/Q+7JSHdx6saHAtznw0mKfsU:x5+bd3wHWqMchtuJxQ+VOaMiKfd
|
| Imports Hash |
b1e9998745df82818b92e921a2a75e35
|
| e_magic |
MZ
|
| e_cblp |
0x90
|
| e_cp |
0x3
|
| e_crlc |
0
|
| e_cparhdr |
0x4
|
| e_minalloc |
0
|
| e_maxalloc |
0xffff
|
| e_ss |
0
|
| e_sp |
0xb8
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x170
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_I386
|
| NumberofSections |
6
|
| TimeDateStamp |
2026-Mar-05 05:33:45
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xe0
|
| Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED
|
| Magic |
PE32
|
| LinkerVersion |
14.1
|
| SizeOfCode |
0xb63000
|
| SizeOfInitializedData |
0x34ea00
|
| SizeOfUninitializedData |
0
|
| AddressOfEntryPoint |
0x00480200 (Section: \x00 )
|
| BaseOfCode |
0x1000
|
| BaseOfData |
0xb64000
|
| ImageBase |
0x400000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
6.0
|
| ImageVersion |
0.1
|
| SubsystemVersion |
6.0
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x12cd000
|
| SizeOfHeaders |
0x400
|
| Checksum |
0x6d97f1
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve |
0x500000
|
| SizeofStackCommit |
0
|
| SizeofHeapReserve |
0
|
| SizeofHeapCommit |
0
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
4c906eda18df4f36dfc1f60deb5cd222
|
| SHA1 |
7d372a8ad03ec5ce4ec99bb574fcf4b23095ac61
|
| SHA256 |
b0805716fa07854ec7285720f14e54620a1b4a10583785863fce3c6fd429935f
|
| SHA3 |
9882cef66492a0edf2a15d7f87a75c0a658e75165e3fd69e11c9bb245eb2fa29
|
| VirtualSize |
0xe00000
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0x480000
|
| PointerToRawData |
0x1000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
7.92404
|
| MD5 |
f529c1c3f6c869346e41926c4f149035
|
| SHA1 |
552711910251b4952c114ce766f7ea6c03c6d14e
|
| SHA256 |
620633447c98a4546a09baad821daebc1f95c4cfc0a61839dbed5287da5d69cd
|
| SHA3 |
103bb78ab783b833bc585d2dd3c5168ad285ed03e4c03c19df91333f60517478
|
| VirtualSize |
0xb3338
|
| VirtualAddress |
0xe01000
|
| SizeOfRawData |
0xb3400
|
| PointerToRawData |
0x481000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
7.99684
|
| MD5 |
03e16055f32fb21834c330bdaa259884
|
| SHA1 |
5a49259c64dd9923c10a27bed737c21e8f316429
|
| SHA256 |
bfabcfd9447cd95ad960e027ecff155198e14decac2af5facb1664835d48fdea
|
| SHA3 |
26cc2da0ebdf55195fcbb8eb7f11b6049d72136f8834ec5c71d047aa3e0d1a40
|
| VirtualSize |
0x1000
|
| VirtualAddress |
0xeb5000
|
| SizeOfRawData |
0x400
|
| PointerToRawData |
0x534400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
2.73461
|
| MD5 |
54198a2305355244e154689956faca06
|
| SHA1 |
5376b2dba40b9232819f324f50243dbb80ae0397
|
| SHA256 |
53e18090f3015c49ff1e638a7cc3e6b65a91a503c108ea2ddfb6a284ef0b9b9f
|
| SHA3 |
7c26f2f8542c8554e6aadc1e380b9c464b6721464f1a5fcc48c6689ea0c348ad
|
| VirtualSize |
0x281000
|
| VirtualAddress |
0xeb6000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x534800
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0.252959
|
| MD5 |
3825b97bf477dbe200a73d67ebebebbc
|
| SHA1 |
41b45503c41b9a47ec67247f8065ace1a266cfc6
|
| SHA256 |
c16a055bc304d5965bf524b480139d6c17d2f43e216a03209a2c05cfd514231b
|
| SHA3 |
0eded0dc421f185a6d40ab5c293ec1890020e37b06b94d5d696a739e20c212bb
|
| VirtualSize |
0x195000
|
| VirtualAddress |
0x1137000
|
| SizeOfRawData |
0x194200
|
| PointerToRawData |
0x534a00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
7.94949
|
| MD5 |
79c14224baa3ecbdffa772fb54e575cb
|
| SHA1 |
0d840cb85f514bced613f4c567723a2c9f8c25cc
|
| SHA256 |
082e64e577abc8ac80772dba0fcf3621d1d7e2cdb5bdbdada220e33d81922c8f
|
| SHA3 |
f96ac884285a80eff2d5a6839881b2ed450c0c4d6c03c72e03075ea553f2fb27
|
| VirtualSize |
0x1000
|
| VirtualAddress |
0x12cc000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x6c8c00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
4.48421
|
| KERNEL32.dll |
GetProcessHeap
GetVersionExA
HeapAlloc
GetModuleHandleA
LoadLibraryA
VirtualAlloc
VirtualFree
GetCurrentThreadId
GetCommandLineA
HeapFree
FreeLibrary
|
| USER32.dll |
MessageBoxA
|
| IMM32.dll |
ImmSetCompositionWindow
|
| COMCTL32.dll |
ImageList_EndDrag
|
| Type |
NP
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x599f8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.99791
|
| MD5 |
a696e3a7a73c50bf0e84a242df3d5d4b
|
| SHA1 |
d7476a6fbda9db7cdfa8d3d2bfe62760be2faeab
|
| SHA256 |
3338b9792a649764ed6ce5e6f76de601681edf38be719b503006fe1b6c985599
|
| SHA3 |
4d0e3d33efd1814dd2721a4eb681de44f139e7f8328344c85cbbe8efe0e365fd
|
| Type |
NP
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x13d
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.35369
|
| MD5 |
ed5213dcc17a149ca483c87df5533af9
|
| SHA1 |
bab3e69747afdaae4d9053a94561398cdeaca30f
|
| SHA256 |
a0b123b0a8ba52b45ca8dec353eb17286a77008e7095f970932ddadfeaa60244
|
| SHA3 |
212f84ba1bbd15de2819f9fe0a44e8c0786459c4aef3666bfffb94fcc3611f1a
|
| Type |
TABLE
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0xf4d4
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.99689
|
| MD5 |
ce208c68bbac31cb05adea594d1cfba7
|
| SHA1 |
02cffe411c12e72d57746f6754e204ea62060026
|
| SHA256 |
7037916a81c33e9e8dc11a101ddba1599075aebfb571b754c60ec9fff7eeae39
|
| SHA3 |
77fa987e93821e252ee7a135b2cddda4cb061ccd72281658d52f04aa79ede0a5
|
| Type |
TABLE
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x105fc
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.99717
|
| MD5 |
03a3a467bea9eadd587b28af1afbda93
|
| SHA1 |
cef9d7f5c30a46a8eb2ed546e5c20891acbf8137
|
| SHA256 |
84a92ef49624360a89fb621a6fd5ff8003204fbef754453032c101ce5e712e9d
|
| SHA3 |
0d060ffd1722c795f6bc1ca7fc1bc3c5e0cd5629b95d64f8bb2b985d9b74eb11
|
| Type |
TABLE
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x10a8c
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.99713
|
| MD5 |
511f6fa054606ba620aa175dd7de98ce
|
| SHA1 |
b516b786f671a848e12c0b7098d7aa7cd181855a
|
| SHA256 |
18ea4d1e1f41eacd8dacefeab5efeb8b7ee9d57b3dbae338b6458f4fbdadc77a
|
| SHA3 |
c442d32997b0a4514a698473fabb7fe14a8d4f3304ed9cea0445d84f8318951c
|
| Type |
TABLE
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x124
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.32529
|
| MD5 |
38f2a77018c151a6af49de0e0d6559c1
|
| SHA1 |
1fb089d166e42ff52de24debcd5c4233fea8c851
|
| SHA256 |
7351080729b8ade3cb7999a26a3dc2824db6bac8be19a4541752b2bebadbc071
|
| SHA3 |
4648eecda2bd31606ab8b4586cc00ba5ddd22ee1a78efa3a0fced5904474f0ac
|
| Type |
TABLE
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x15574
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.99799
|
| MD5 |
51bdad8977c82f1de32429f40d28ef14
|
| SHA1 |
1c8c40c84acb1a676b047e7ee2ec4c47793cf867
|
| SHA256 |
d73951b7c124e4d4fbe0d14b196f8fca9520c9d777be7568840418640945f983
|
| SHA3 |
f8517cb322ea63a5d28025810f3447fdc11dbde4dcba25264fc03019075176b1
|
| Type |
TABLE
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0xc8fc
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.99627
|
| MD5 |
57c0e7fea0a83264c3c9ab38a88dd38d
|
| SHA1 |
6dfcf4aed002e583b1e2f4d9ea0ade03f854f60e
|
| SHA256 |
5b5f3caaf92a1f6247c990a2e663e17554a306ecdee2c31577c4b918a50d223f
|
| SHA3 |
7cd9c6f3e73890e718a2a824120c8441bf1f7096e261824ad96322828129733d
|
| Type |
RT_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.99713
|
| MD5 |
079e80736248072a6f17cee344968305
|
| SHA1 |
27ef332c245f728a1021f5513ad75af9758d653b
|
| SHA256 |
8fcd9386d26f94c7cd43e5635145d43d84c4b3f4c51f264a9fbf00f2a7370988
|
| SHA3 |
84f919ac0535f2a5518d582acab56568aeb5db464fdb23b12ed84a30d9d6d0b3
|
| Type |
RT_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.02884
|
| MD5 |
8e17cefc514b2ea59a91ee517557ce4a
|
| SHA1 |
655091b7ab37eb60835a9d89123d0827f15ecd14
|
| SHA256 |
6d6e8f422fbcb0af0628934f4a22efad34f617effb2babe743873cab5e54e129
|
| SHA3 |
87b2e0bd99b79f9dfb9d0d0bd35723ad31d776b6c68302b38d03ba8952317fe0
|
| Type |
RT_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.96698
|
| MD5 |
6f4a304bda9618a1d815b8458149b550
|
| SHA1 |
25e6000a5511c42c6c609d2f2827f0b3ee106f65
|
| SHA256 |
bade008eaa4d9ba47e23b3dec818f723706c24d58b5f2131332fd32620523b8e
|
| SHA3 |
4f7d1961d97d31af04f04b502fd5afe1fd8b72c829a210c1cd4b22f0a928af6f
|
| Type |
RT_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.30266
|
| MD5 |
2482a02b270758853023ad3f17f86d8f
|
| SHA1 |
2796c088745a690989bb18011b64f8a2e8957ff3
|
| SHA256 |
318331bbbdcdabcba37b9901d9e324b6ae96d242c55a041b058fbd0ef079b394
|
| SHA3 |
4198ee4242275706213583fa605aad678a9cc76676ab07b3a56f357097c5db06
|
| Type |
RT_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.39425
|
| MD5 |
c0c4edd61de7c77ca7a393cb20b2907d
|
| SHA1 |
52e414ca16f0bbbcd37267fdf15af8db72235072
|
| SHA256 |
67c7c8f7ee3260cc5b5e4ec2e7b286ac8caf51d9267a7aa55b812c1706cf9add
|
| SHA3 |
562e377ec99984c1360bab48217ec5744d50e5b29f17f6eeb107ee2f513164e6
|
| Type |
RT_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.02373
|
| MD5 |
c3c4ff38de9468492ae8f13291aa7dd1
|
| SHA1 |
fa8fdad2f8a5c6879cec4ab527bdd6f9cf746007
|
| SHA256 |
a468b2140f040e0f96d3dc6f2a0390afbcddf07bd54beea0dda94d81f3aed2ae
|
| SHA3 |
9c1c174acadbb5e45671fb865dc8ac2caaec0e757f3aaa251e797c798c881b07
|
| Type |
RT_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.96427
|
| MD5 |
1ef873e9075c7a5135dd7fd6ccf76f4b
|
| SHA1 |
c92eb25deb5733b97a4df811d8a0e598a7041fb4
|
| SHA256 |
eb9d8d74c4ea6f4b875051cc88ad6340640a2e6206642c81a593487f4a09dc02
|
| SHA3 |
b5a2909819eff33915e5e6ee7ee8568e15d00c2acef126faf3edf7f98857d6c6
|
| Type |
RT_CURSOR
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.51913
|
| MD5 |
98b690c4a96f08e9bced4b146213be33
|
| SHA1 |
eb1e9c6d5e27caa9480300aac53f66fa6fdcd23e
|
| SHA256 |
24abdef369e3c8233143775d28cff5505c2758f85e90ef7f9803e75831dfc337
|
| SHA3 |
ee2899909cb4b7d182644c30257de51ab3fe3ce9f9e34053992b6709391751df
|
| Type |
RT_CURSOR
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.50037
|
| MD5 |
3e30b2f9f29a44590a3ae08dda7d38ae
|
| SHA1 |
d40509ebf95d34a7a6b388284786c0021e23186c
|
| SHA256 |
88de506c4fbfe12458c7aca72933bb939fde7cbe94ba6b970f9a5e8e1787472b
|
| SHA3 |
eaba8db6927561429b7d1ccfcf76b9ab7146a6285d9da2f9454e86958d8dc789
|
| Type |
RT_CURSOR
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x8ac
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.5403
|
| MD5 |
65b1b832c711c17f235ac1c6cf243902
|
| SHA1 |
526abc84b8e5b4330cf07a3e76ffdd03cee58d05
|
| SHA256 |
3aafacae15d77e499120ecc6e23757f04adcc87f6a1ada61513b55723cd5f276
|
| SHA3 |
57da2ad6e6d9f3be57d3770737aa4bddecc228bbb41485627198fde2cddb8ee2
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x568
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.9327
|
| MD5 |
7cadb5b3fda4b4abc9680794d7dbbd8e
|
| SHA1 |
84b9ee169754eb5ae1b247e540a516f110a1a87b
|
| SHA256 |
4551e434638d2f8fd9a81c823f0e0d10821d722dc305ff651546b48be836f23b
|
| SHA3 |
e3dc5534485d0d1d654482caf551131cc0986cad299d7cec3369b8a266305d88
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8a8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
6.60895
|
| MD5 |
c1901f3f05ee9681186b6c8c596cc00a
|
| SHA1 |
f97e02708c4d66295f6f00339a9015994ea28d52
|
| SHA256 |
cad3d9a042e34d13f10c891af8723754b48385a6cfad67e0e1a57aaad3f285dc
|
| SHA3 |
f2c40e9f05f917519d4ed8f58f0aa91f200d1fc4b63432d58fad3736a8c83e51
|
| Type |
RT_ACCELERATOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.5
|
| MD5 |
486ca8a4df78715d93c892c5ff71137b
|
| SHA1 |
803f50b967919122dac98edb87026544d3bc730a
|
| SHA256 |
5f83e930b285952a6e2d4f31b6eb03e3cf2de5c8c0388aa9faa29e6ff93fcac1
|
| SHA3 |
0ef1b7ae20890c9f983d7e8ef8b062da346e24d5bf1827fa1a2ce37d798a4563
|
| Type |
RT_GROUP_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.32193
|
| MD5 |
3eee830f7ebbbc77959af4b28d09e817
|
| SHA1 |
1f0d8aabfa4ffd8a7f49816c6098d3f870f7fe51
|
| SHA256 |
a2f53e9ed8acbd7b56f2684cd71ef13adf13a627db1a403410e2996d3aa85705
|
| SHA3 |
78cba188d7c9a5fab8c4703a882a6ec3bd87744c69bdb0a98274d82d9b89bf54
|
| Type |
RT_GROUP_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.32193
|
| MD5 |
e2ac889ffabca9e32b85f005a0f6d71f
|
| SHA1 |
3002459d2609598835d4fe0467086b6b92737535
|
| SHA256 |
359acca1fbc10aa9de1e297d4d47d0c88edfdafcacc42e7ed6f434ca56eba990
|
| SHA3 |
8d8888752fb73e4485e52b07381ba7a307d4843163caae07624fa3a55e3bd64d
|
| Type |
RT_GROUP_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.32193
|
| MD5 |
2fdbe9a8df9153f3bf6c0fd2e345438c
|
| SHA1 |
3b709e7dbf5e4f8fed692377c5512b0fcb6ce1e4
|
| SHA256 |
a1bc733987aa60f126b05949bdf0430fe4ac4ba69471c00d2a3a3aa2fc0d23f9
|
| SHA3 |
b5c4252a0ba9d1002f35721ec2ca581b70ab7a267e38169d42bc142d1ded7b00
|
| Type |
RT_GROUP_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.12193
|
| MD5 |
a9e09ccb0d3935c73851ad96c868cf37
|
| SHA1 |
119b0a243db244b3a41c14074ee2a0b18fffeb53
|
| SHA256 |
3c9d5ec9fe29423a034fd85a0e307af6f954ac50a21327a4a4db7263d340480b
|
| SHA3 |
b27910e6dc0c4dedd3fbdb7b85b5fb24241f40f37cf0b4f71e22482a64e101aa
|
| Type |
RT_GROUP_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.12193
|
| MD5 |
ccf785a99961a5120c94ee2b12fa31ec
|
| SHA1 |
9ed4f680e58621642fa14266a25e9bb9c565d974
|
| SHA256 |
c7dce2c359b08f92be28374e3f2fd8428b3afb89a30d97e3faa643fabdb9a72a
|
| SHA3 |
0ba05b47455b34ec74fe8c65462e8fb4fe814a1861690bdb6066a8a8c8ecfee5
|
| Type |
RT_GROUP_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.22193
|
| MD5 |
7bd9758840b43601e3034d26a734d832
|
| SHA1 |
8a42affddb09fd95ceea8266137e3c2ff04b675e
|
| SHA256 |
e7b2d6b3e9c3fdea884bbb90c665b840f1c216fdc2027ad22fa3f0fef590d6bb
|
| SHA3 |
fb960aa46482c253128c7d8963e05f482db6b8eb3a30ddd2002024305b0c68c4
|
| Type |
RT_GROUP_CURSOR
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.32193
|
| MD5 |
3aa852202a0f2e5a4d0c4155296e6b06
|
| SHA1 |
1e2cd4485b363e33efee4e889415e0fa6e16c0bb
|
| SHA256 |
006e84b3afd2f1fd525aa2eeeefd101d716a13665075a59fa4def7de8ddcad2a
|
| SHA3 |
29106371e424920d01e8c8a363dff3d5bbc286e7d2c9f6a048addefc2fc41896
|
| Type |
RT_GROUP_CURSOR
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.32193
|
| MD5 |
daf788193970927e26eb3c60bc3a531d
|
| SHA1 |
f4c31b0897bcc94bbf7f8c34933503f2eb9802e1
|
| SHA256 |
864182d58a8ba12b5aa8a2db377ea46847fdcd679387c58bd8b7996c54369714
|
| SHA3 |
6eae65364be42ee3c266948c4260ca064d894ca7e8745fc85fed9d595b2f04df
|
| Type |
RT_GROUP_CURSOR
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.32193
|
| MD5 |
2b232bf04f4dc987851b759bb24c066f
|
| SHA1 |
744ed1093cbd384d135528b721b5b8790f130ea0
|
| SHA256 |
68222454701c4de1eecc2be57d5d9a17d19d4884e5cea806169a55ee963d041b
|
| SHA3 |
a6ad94b9bbefc3dff5cef35a68cde9e87ccb9f3426b0ae2ba6f7cbf15ae43ca8
|
| Type |
RT_GROUP_CURSOR
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x14
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.32193
|
| MD5 |
43c4e7d6fcd882ba7957872aad3f0437
|
| SHA1 |
946a2b84bf29179aff804b0f8148e3bb9d8cda16
|
| SHA256 |
8d715596e3bcb01a10b420ddf28d1df927ba2fbc1fb32b1ee968625746a52b39
|
| SHA3 |
5ba70d6ad7bed7497dd495edab9db9529b5b2260dac34fcbfbbbaa52363febcc
|
| Type |
RT_GROUP_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x22
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.32824
|
| Detected Filetype |
Icon file
|
| MD5 |
98abddcf0c1dc29c999864264b78c981
|
| SHA1 |
848c0e5121dad30e7b7381e85ddfeea5672366e7
|
| SHA256 |
d58a6a1ee3d9ae7bb5bb4b019a84495af9b55381f295dc7beeaf222d58bd4c36
|
| SHA3 |
791bcb018a1e72465a6006dbcdf1423c8740cdc634f355903df3c7738ba27552
|
| Type |
RT_VERSION
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x318
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.4243
|
| MD5 |
e6310f5cdddeba74f7469700042115db
|
| SHA1 |
156cb70c68ad4d39b1be11af7ea5b25b5526dea4
|
| SHA256 |
1f4b9ebab4dba83f867ae0817f168c7a1bc10de619d36909f8625fc662afe4d5
|
| SHA3 |
f8564caf6136ba641541a68edd6abf20c00aa76511e922119fd04b58325061c0
|
| Type |
RT_MANIFEST
|
| Language |
Korean - Korea
|
| Codepage |
UNKNOWN
|
| Size |
0x23c
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
4.91577
|
| MD5 |
4d3971723b5899df9b85c39f8301691d
|
| SHA1 |
34ea87c319b3d5b900a0d6903260542b9187026a
|
| SHA256 |
b18c614b6e39a6fd7708702659f23cdc9e03051c7a3bfcfa3de9b5d7e8b1b6f6
|
| SHA3 |
746b532b277f6c6c115946235f9964601bf1b5bc6f51d7e21a3e3a6747bf67cf
|
| StartAddressOfRawData |
0x10243b0
|
| EndAddressOfRawData |
0x10243b8
|
| AddressOfIndex |
0x16c9e2c
|
| AddressOfCallbacks |
0x16c9e34
|
| SizeOfZeroFill |
0
|
| Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
| Callbacks |
(EMPTY)
|
| XOR Key |
0xda9a504
|
| Unmarked objects |
0
|
| ASM objects (33140) |
58
|
| 253 (34321) |
4
|
| ASM objects (34321) |
30
|
| C objects (34321) |
21
|
| 49 (9044) |
2
|
| C objects (2179) |
6
|
| C objects (VS2022 Update 1 (17.1.0-1) compiler 31104) |
133
|
| C objects (VS2022 (17.0.2-4) compiler 30706) |
6
|
| C++ objects (34321) |
106
|
| Imports (VS2012 build 50727 / VS2005 build 50727) |
2
|
| Linker (VC++ 6.0 SP5 imp/exp build 8447) |
2
|
| C objects (VC++ 6.0 SP5 build 8804) |
44
|
| C objects (CVTCIL) (33140) |
1
|
| C++ objects (33140) |
220
|
| C objects (VS2003 (.NET) build 4035) |
15
|
| ASM objects (VS2003 (.NET) build 4035) |
6
|
| C++ objects (VS2003 (.NET) build 4035) |
153
|
| Imports (33140) |
42
|
| C objects (33140) |
36
|
| Unmarked objects (#2) |
6
|
| Total imports |
546
|
| C++ objects (34810) |
726
|
| ASM objects (34810) |
1
|
| Resource objects (34810) |
1
|
| Linker (34810) |
1
|
[!] Error: Could not read a VS_FIXED_FILE_INFO!
[!] Error: Could not read a VS_FIXED_FILE_INFO!
[*] Warning: Could not parse a VERSION_INFO resource!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 1 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 2 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 3 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 4 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 5 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 6 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 7 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 122 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 123 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 124 is empty!
475e391f4e87667092ab1bb3ab5216cbf7f80f50e392f7f5877221f1a8001e68