Manalyze report for 4780ce19025a54bdecdb50019a21d712

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2006-Dec-04 16:56:05
Detected languages	English - United States German - Germany Japanese - Japan Korean - Korea
FileDescription	Config MFC 응용 프로그램
FileVersion	`1, 0, 0, 1`
InternalName	Config
LegalCopyright	Copyright (C) 2003
OriginalFilename	Config.EXE
ProductName	Config 응용 프로그램
ProductVersion	`1, 0, 0, 1`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0` `Microsoft Visual C++ v5.0/v6.0 (MFC)`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA` `Can access the registry: RegCreateKeyExA RegOpenKeyExA RegSetValueExA RegCloseKey` `Uses functions commonly found in keyloggers: GetForegroundWindow CallNextHookEx` `Enumerates local disk drives: GetVolumeInformationA` `Can take screenshots: GetDC BitBlt CreateCompatibleDC`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`4780ce19025a54bdecdb50019a21d712`
SHA1	`0e689f99808c09a75fb26ecdd58b65c947cc1770`
SHA256	`c790b6c9ba8044721c28549c6e7d0f14100e27a8daa1d40f68cf7cb92c313e69`
SHA3	`1e5ae09629eabb88bf97f06ed609f2130df8130482dc198dc2991e3ac29bad15`
SSDeep	`3072:Et+dR1llX2xDpFuacFujhGa3/rQLAD/wWmzIBn7d4foB7nu5ejTnX:TlSDpABxavrQLKLu5en`
Imports Hash	`544d3fabf1b159143d311c10922b2097`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2006-Dec-04 16:56:05
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x27000`
SizeOfInitializedData	`0x1b000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000D475 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x28000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x43000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a811b6be76b4a6749e75243e740a6961`
SHA1	`00a1cdecf1faa5299bbd1f3f1ccaace791b2b93c`
SHA256	`3a123f8cf1d880129cea85ebae9cd68a21731323c07fe5e89ea7ae8a87921756`
SHA3	`95feff458b36df5b0a8af45edded69dd1772bfc353d4cb2c5963b50133096169`
VirtualSize	`0x26fbe`
VirtualAddress	`0x1000`
SizeOfRawData	`0x27000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.63312`

.rdata

MD5	`f11e9fb8bd80bd724ad6484d60965b9a`
SHA1	`93da8f3e48dc532083d227ba28b63a851ca88665`
SHA256	`d5720b4924ce9fe9aa45fb566e31fd400d69f187b59f02f4cbc56a8e9838a9f1`
SHA3	`d4d71738c61d98d038a5b4082cd8fc12525de19cef4abf4a36fc2ec9bf7df9c4`
VirtualSize	`0x8c5c`
VirtualAddress	`0x28000`
SizeOfRawData	`0x9000`
PointerToRawData	`0x28000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.70108`

.data

MD5	`1851c03a00473aba577c768626219697`
SHA1	`ccbd2ea106c59078a39ad87154b3c635542fe6ca`
SHA256	`8abea55f4dc9feaec17f013b9886ec5080194f098ae49d8dfbdccf6285ffb5f4`
SHA3	`bdd289c699e36708b05736512f5530a1ef41467de8e745b1b045f53b1df60995`
VirtualSize	`0x88c8`
VirtualAddress	`0x31000`
SizeOfRawData	`0x5000`
PointerToRawData	`0x31000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.34075`

.rsrc

MD5	`0fc92fc46d7e5c802a1c2f2419452a49`
SHA1	`010de145351d8c44eaf79d580645e956a9708f17`
SHA256	`7ee7d82e4ed668e44e6bf4b97734cd1ff8b0579782299231b3eb38d1bd651b25`
SHA3	`dcf9b582a34540147d436f4362b70ca71a0c6328f20ea7b526112df7352a2f0e`
VirtualSize	`0x8820`
VirtualAddress	`0x3a000`
SizeOfRawData	`0x9000`
PointerToRawData	`0x36000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.23244`

Imports

d3d8.dll	`Direct3DCreate8`
KERNEL32.dll	`HeapSize` `GetACP` `GetTimeZoneInformation` `UnhandledExceptionFilter` `FreeEnvironmentStringsA` `FreeEnvironmentStringsW` `GetEnvironmentStrings` `GetEnvironmentStringsW` `SetHandleCount` `GetStdHandle` `GetFileType` `GetEnvironmentVariableA` `GetVersionExA` `HeapDestroy` `HeapCreate` `VirtualFree` `VirtualAlloc` `IsBadWritePtr` `SetUnhandledExceptionFilter` `LCMapStringA` `LCMapStringW` `GetStringTypeA` `GetStringTypeW` `IsBadReadPtr` `IsBadCodePtr` `SetStdHandle` `CompareStringA` `CompareStringW` `HeapReAlloc` `GetCurrentThreadId` `GetCurrentThread` `lstrcmpiA` `lstrcmpA` `GlobalDeleteAtom` `GlobalAlloc` `GlobalLock` `GetModuleFileNameA` `CloseHandle` `LoadResource` `FindResourceA` `LockResource` `GlobalFree` `GlobalUnlock` `InterlockedDecrement` `GetProcAddress` `GetModuleHandleA` `lstrcpyA` `GlobalFindAtomA` `GlobalAddAtomA` `GlobalGetAtomNameA` `lstrcatA` `GetVersion` `FreeLibrary` `LoadLibraryA` `lstrlenA` `SetLastError` `MulDiv` `LocalAlloc` `GetProfileStringA` `RaiseException` `HeapAlloc` `HeapFree` `TerminateProcess` `ExitProcess` `GetCommandLineA` `GetStartupInfoA` `RtlUnwind` `FormatMessageA` `GetFileTime` `GetFileSize` `GetFileAttributesA` `GetTickCount` `FileTimeToLocalFileTime` `FileTimeToSystemTime` `GetFullPathNameA` `GetVolumeInformationA` `FindFirstFileA` `FindClose` `SetEndOfFile` `UnlockFile` `LockFile` `FlushFileBuffers` `SetFilePointer` `WriteFile` `ReadFile` `CreateFileA` `GetCurrentProcess` `DuplicateHandle` `SetErrorMode` `GetOEMCP` `GetCPInfo` `GetThreadLocale` `SizeofResource` `GetProcessVersion` `GetLastError` `MultiByteToWideChar` `LocalFree` `WideCharToMultiByte` `InterlockedIncrement` `WritePrivateProfileStringA` `GlobalFlags` `lstrcpynA` `TlsGetValue` `LocalReAlloc` `TlsSetValue` `EnterCriticalSection` `GlobalReAlloc` `LeaveCriticalSection` `TlsFree` `GlobalHandle` `DeleteCriticalSection` `TlsAlloc` `InitializeCriticalSection` `SetEnvironmentVariableA`
USER32.dll	`InvalidateRect` `CharUpperA` `RegisterClipboardFormatA` `PostThreadMessageA` `GetNextDlgGroupItem` `SetRect` `CopyAcceleratorTableA` `CharNextA` `GetSysColorBrush` `PtInRect` `GetClassNameA` `GetDesktopWindow` `LoadCursorA` `GrayStringA` `DrawTextA` `TabbedTextOutA` `EndPaint` `BeginPaint` `GetWindowDC` `ClientToScreen` `GetDC` `ReleaseDC` `ShowWindow` `MoveWindow` `SetWindowTextA` `IsDialogMessageA` `IsDlgButtonChecked` `SetDlgItemTextA` `CheckRadioButton` `CheckDlgButton` `UpdateWindow` `SendDlgItemMessageA` `MapWindowPoints` `SetFocus` `AdjustWindowRectEx` `ScreenToClient` `CopyRect` `GetTopWindow` `IsChild` `GetCapture` `WinHelpA` `wsprintfA` `GetClassInfoA` `RegisterClassA` `DestroyMenu` `GetMenuItemCount` `GetSubMenu` `GetMenuItemID` `GetWindowTextLengthA` `GetWindowTextA` `GetDlgCtrlID` `CreateWindowExA` `GetClassLongA` `SetPropA` `GetPropA` `RemovePropA` `DefWindowProcA` `GetMessageTime` `UnregisterClassA` `HideCaret` `ShowCaret` `ExcludeUpdateRgn` `DrawFocusRect` `DefDlgProcA` `GetMessagePos` `GetForegroundWindow` `SetForegroundWindow` `RegisterWindowMessageA` `OffsetRect` `IntersectRect` `SystemParametersInfoA` `GetWindowPlacement` `GetWindowRect` `UnhookWindowsHookEx` `MapDialogRect` `SetWindowPos` `GetWindow` `GetSysColor` `InflateRect` `SetWindowContextHelpId` `EndDialog` `SetActiveWindow` `IsWindow` `CreateDialogIndirectParamA` `DestroyWindow` `GetDlgItem` `GetMenuCheckMarkDimensions` `LoadBitmapA` `GetMenuState` `IsWindowUnicode` `ModifyMenuA` `SetMenuItemBitmaps` `CheckMenuItem` `EnableMenuItem` `GetFocus` `GetNextDlgTabItem` `GetMessageA` `TranslateMessage` `DispatchMessageA` `GetActiveWindow` `GetKeyState` `CallNextHookEx` `ValidateRect` `IsWindowVisible` `PeekMessageA` `GetCursorPos` `SetWindowsHookExA` `GetParent` `GetLastActivePopup` `IsWindowEnabled` `GetWindowLongA` `MessageBoxA` `SetCursor` `PostQuitMessage` `PostMessageA` `EnableWindow` `IsIconic` `GetSystemMetrics` `GetClientRect` `DrawIcon` `SendMessageA` `SetWindowLongA` `LoadIconA` `GetMenu` `MessageBeep` `CallWindowProcA` `LoadStringA`
GDI32.dll	`SetViewportExtEx` `ScaleViewportExtEx` `SetWindowExtEx` `ScaleWindowExtEx` `IntersectClipRect` `DeleteObject` `OffsetViewportOrgEx` `GetDeviceCaps` `GetViewportExtEx` `GetWindowExtEx` `CreateSolidBrush` `PtVisible` `RectVisible` `TextOutA` `ExtTextOutA` `Escape` `GetTextColor` `GetBkColor` `DPtoLP` `LPtoDP` `GetMapMode` `BitBlt` `GetTextExtentPointA` `SetViewportOrgEx` `SetMapMode` `SetBkMode` `GetStockObject` `SelectObject` `RestoreDC` `SaveDC` `DeleteDC` `PatBlt` `GetObjectA` `SetBkColor` `SetTextColor` `GetClipBox` `CreateCompatibleDC` `CreateDIBitmap` `CreateBitmap`
comdlg32.dll	`GetFileTitleA`
WINSPOOL.DRV	`OpenPrinterA` `DocumentPropertiesA` `ClosePrinter`
ADVAPI32.dll	`RegCreateKeyExA` `RegOpenKeyExA` `RegSetValueExA` `RegCloseKey`
COMCTL32.dll	`#17`
oledlg.dll	`#8`
ole32.dll	`CoFreeUnusedLibraries` `OleUninitialize` `CoTaskMemAlloc` `CoTaskMemFree` `CreateILockBytesOnHGlobal` `StgCreateDocfileOnILockBytes` `StgOpenStorageOnILockBytes` `CoGetClassObject` `CLSIDFromString` `CLSIDFromProgID` `CoRegisterMessageFilter` `CoRevokeClassObject` `OleFlushClipboard` `OleIsCurrentClipboard` `OleInitialize`
OLEPRO32.DLL	`#253`
OLEAUT32.dll	`SysStringLen` `SysAllocStringByteLen` `SysAllocString` `VariantChangeType` `VariantCopy` `VariantTimeToSystemTime` `SysFreeString` `SysAllocStringLen` `VariantClear`

Delayed Imports

7

Type	`RT_CURSOR`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02695`
MD5	`cab67e9ca149fb79ab4473998412b951`
SHA1	`2e793d35537bfb5d3f042ed0626d3b119d50519a`
SHA256	`fbeb3be87e80cb8e1d2af3d8140796c1bb80c6c7056f60897088ff9e355c3867`
SHA3	`0e72f5537421764effb2ed98e536358bb7e86eed7b0936e606e8d45559685684`

8

Type	`RT_CURSOR`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0xb4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.74274`
MD5	`9fa8a914823ac7e5370652146901f4f1`
SHA1	`eb3224109abb341b6e464d2606fdbed1a7160bc6`
SHA256	`f64ccc0582bc7c66af8b40049e485e8e241335261ec95ace909293ba50b2e4a3`
SHA3	`bb348af06514e27cd1fa21ad524dfd037edcd3b36ef4cc6ab24c4a8ec38995ff`

26567

Type	`RT_BITMAP`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x5e4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.09838`
MD5	`055505a1940f27993d40e136bc915615`
SHA1	`f6223d2c97df05fa6b6ca54b47c92438777eae79`
SHA256	`a9bb58f43df34b3dc05b79015210b5a1ca84f8ff97555cf7344ef8bb662e1a6d`
SHA3	`cf77404babde2509159cac5542bdbc409a869e1633222f15e62ccb39bb8ad59b`
Preview

30994

Type	`RT_BITMAP`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0xb8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.23666`
MD5	`8cf65be17e506ff24c2177078f88b56e`
SHA1	`3e397dc7597caeb844df0ea760b64231c8ce3dbf`
SHA256	`e7c0005285d1ab59732d5f99f77a9bdd6342b01cf44437ebd7a07611a227e272`
SHA3	`7da4c7aab356574679f0f9107740f01647864c846c04f699deef67577fd6aded`
Preview

30995

Type	`RT_BITMAP`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x16c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.20022`
MD5	`a2153b6134d93fd17964b36be4821db4`
SHA1	`43d43980d7e6c1f080cc3eca82d84dc2ab8241b1`
SHA256	`4406c7739acdebe7be0510fb2cf7043ebec1f3dfd4fd876e1b6d0eb29fa79a14`
SHA3	`c6bfd5b740368d3cc00322a1d1ed6905cefec2b5a411b2100444a37e72f79fe6`
Preview

30996

Type	`RT_BITMAP`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87621`
MD5	`5a9c81cdbf480cf01daa71ba0e233c5f`
SHA1	`28e04c01584654e1974347d1baa462b2784e9c47`
SHA256	`abdf36bde89a26349f5741c17c235dacea88d441d8662ba16a598dc50c3c4864`
SHA3	`99dec83590ac444359a5a6f8924dae5615d93f4df527e10a8a61319ce3a5beaf`
Preview

1

Type	`RT_ICON`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.4767`
MD5	`2edfdae5a54c75d8fc914e2365a9d696`
SHA1	`b34e1a8b0d206ff791f8970b983ef2600b720144`
SHA256	`6db4336a673a993c597c5a68a9a82dda313973a8769b8e41cc53912f6d80609b`
SHA3	`0603d16c9049bc8f2102fb2329fc196d0a6732846713a27a34143938b5dd1434`

2

Type	`RT_ICON`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24871`
MD5	`696a24104efb670eb193794c45eadbff`
SHA1	`e9b96a36b7fc7560d64aaefab3fc94adb605cdad`
SHA256	`611428c87e307488e8b70111625aeddeb85faaa1b16b2398b931c78308bfad0f`
SHA3	`657a8283c3379083de9b8ce33af81a71785ba309b545ec9e06723415ef961d11`

3

Type	`RT_ICON`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3893`
MD5	`026c5547cbe7efef84b1a08a6c0f8290`
SHA1	`19dfc500bbba879eae846a3bc0ea86ef62a6f198`
SHA256	`b8c82aa7d6ebd0d6f66fe1881b2ae66c1105e56d6af4579662b640564301e915`
SHA3	`75a763cfe2b0388434ba4fd273e2563c1dae7eb6db1eee643fb4a02614e6d89c`

4

Type	`RT_ICON`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.95222`
MD5	`3c6068165eff2029792fcc9d6d4b5058`
SHA1	`cca2a8948d5e7c4a364750c48fada666d2ce64d7`
SHA256	`12860f33da71932e8bd67b3c38a74b886e16510d4dfa99c41a1e457de60a47b4`
SHA3	`f18c53b7bcb8327f835bbb9554b328bb52cf78d4ef2aec74792527d66622c533`

5

Type	`RT_ICON`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0xca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.64488`
MD5	`fdc4b850e0ae4481dcd6f21ba0ac87b3`
SHA1	`2919e76b16ab31ba4dfcb41a663cd04e04c8a75f`
SHA256	`8708285a8e17d9d96565113b96c44fba4805fdd9920ef26e2ba892c774215ec2`
SHA3	`4e53c1488c6fc7ca1f4c2a7c31b35aff5544ab70ad4bc9671379825473fb3665`

6

Type	`RT_ICON`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x1ca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.6003`
MD5	`7ab67b82b9994890cd96222850868f82`
SHA1	`ac663b84eab1a4bab5af10de1dae47772152d2d6`
SHA256	`abc15be96205fa9a536a615a7ac73435eb293432573e3407fc22bca14ce73a86`
SHA3	`f0a0e40a86cf81f9479113cd65534d28983b091b492746a13ab8b57c71ca6df7`

102

Type	`RT_DIALOG`
Language	German - Germany
Codepage	UNKNOWN
Size	`0x5ba`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34312`
MD5	`016f82ca4d51999d93a8590ed5f0e33b`
SHA1	`e596fce66ecd071cd41aad4d7f4f63f7b4c923c0`
SHA256	`4749e2c519f592f6fbb2a3b08f5c258041b198b85ab295a7767df1187be22285`
SHA3	`108ed09c4abeadd95b5149bf67c01872c2ceb50c6ef82aaee9edb585cabe0998`

102 (#2)

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.32989`
MD5	`62542ae4a2f514f3c2ef4ec3ef941404`
SHA1	`96a2dc5fbe1718ae2d3562d4ac6be4af4622e657`
SHA256	`8665087fbcc51fd33e0d03d790ebf08d3e4a015eb8b2cdd5f8aa30d77879db6a`
SHA3	`7514fc79f14c1cc9797017b72713c86ba96d10afe59c6769c2075dfbd3c70abc`

102 (#3)

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x4f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.56823`
MD5	`b44c6c5607ed7d4294f731e8673825f2`
SHA1	`9812a863696cd0d3cc6261d46a8b04a87473abf6`
SHA256	`32d9f5f7018942f83d1b50e18c2fd7ddcae4fbbb191ffcc2fbeabc5c7b8138c5`
SHA3	`6ee8c28ac56c91dd2188eabfed13cbcaeacb0af09eaf05275df73814915aef5f`

102 (#4)

Type	`RT_DIALOG`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x512`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74145`
MD5	`d22807eac5e71892216d39fb943516a2`
SHA1	`6850e590f7167f294962617c193a3e158e244cce`
SHA256	`1062a88d31d3c170038ed51c35d063c78dfb83e69e046246e2676d95542deacc`
SHA3	`801b0ff867c923a8f07203ca994ed068ea2f3bc0a4e7830f39dbde8d037eb0a1`

30721

Type	`RT_DIALOG`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0xe8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.51594`
MD5	`55d3f6e5e65dd4f05da2d47941d0597e`
SHA1	`53bee38c4dce426a6a0163cf2abcc55761879907`
SHA256	`8e8dd268534bf16b20c877d48ab7702d28e885092fc53d5403507311aa0b49d4`
SHA3	`97aab79e100a1a90d7857d11981ccddba25941be6abc76e5c29f069d403047fd`

1 (#2)

Type	`RT_STRING`
Language	German - Germany
Codepage	UNKNOWN
Size	`0x238`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36089`
MD5	`cf7baac70d8956b208aba6f36575923d`
SHA1	`213e921f1e073d56ce92afaf35afc6553a796ccc`
SHA256	`42a0485b8973b9bb2c3866811b04d5be82b44d6d4efc91f3972aed94d28cbf70`
SHA3	`32795390fdfb1841937db9e8ff20c807b8276575519a19ae836465f0a4b455f9`

1 (#3)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x238`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36089`
MD5	`cf7baac70d8956b208aba6f36575923d`
SHA1	`213e921f1e073d56ce92afaf35afc6553a796ccc`
SHA256	`42a0485b8973b9bb2c3866811b04d5be82b44d6d4efc91f3972aed94d28cbf70`
SHA3	`32795390fdfb1841937db9e8ff20c807b8276575519a19ae836465f0a4b455f9`

1 (#4)

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x46`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.22834`
MD5	`71af496d7da5fc32afb62e35bac962bd`
SHA1	`c286ad43d3bd40047ff8925f9be14f086345adbd`
SHA256	`e333fc5cdd4dc24b7736e501e6718dd19d76f35ae2aae931dcc29b2dd3f2a168`
SHA3	`218311047c0c44a1ed992b756633690caa5fd8356b1abff066914a401fff63a6`

1 (#5)

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x198`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.19439`
Detected Filetype	Cursor file
MD5	`ad6b5c5d74e6f07d6292400ec028a7af`
SHA1	`62eeab904eea21ebd9c74242a1d14183aa29335b`
SHA256	`a96d747d9f7d9d862a5818a7408747ae56d0dc655fbc14015fadcd7ada79089a`
SHA3	`f0579fa5512f7a55509523aed4d4d16fd0dade429d49af7ed418143e93b339cf`

3841

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x66`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.01751`
MD5	`181985f8fec4f882dddbb618c6cb48f9`
SHA1	`ac7845019511acd7b9f5a55aace019da21396cc1`
SHA256	`297e4cca91532581c47cc4ed8c1c83107c176db60f6853cdf5effa9e68698bbe`
SHA3	`fc61e21e2d48bc9c7a72fa86ef977c6eeeeaf0330aec197794e13d66027953c4`

3842

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x2c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.33387`
MD5	`d5e95582958efb7a461c6dc820db6862`
SHA1	`1b8bbc277196ad8a9f374c6b43775a604abbd697`
SHA256	`320c96637d50bcfc0af0f0e33d4761ac7bbd2c98df6f99a9b5e492c540725e4a`
SHA3	`c4407790eff7389ac0eaef7b3da793c6ab190421b7bea263cc9eb7c62b385a0e`

3843

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x9e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.55941`
MD5	`6c174671b1507557169b2091b79f4e68`
SHA1	`c7b2c209b67815bc98fa142df6d4001bddf246f6`
SHA256	`b3549edfd659f6b7547446ad84175ed0f52f95cb846b66986f333f3cb680e7d7`
SHA3	`bcf8cdad47f53f99a0aa22d7fa33009513544af132d1bbaf68f6390d7c33d315`

3857

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x2c4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.45025`
MD5	`7ae203ec2d2c8a434ebde283289eb9bc`
SHA1	`f64bfe0300c51313f049e6e051cfd6d545770545`
SHA256	`dcedbba2963921ebe547a6dec23ae3051bb61a66cbda7c00987cad385eea4d8c`
SHA3	`0b48f8801eb9192d3a8b2e174e4088ca3aba911e10228942ca78b82c0a93a7d8`

3858

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x172`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.80034`
MD5	`90e632f0bd3157f08c7094fe3c59d2bd`
SHA1	`8bc6c0536c7ffb2abafda34ea3f9e1a861727c86`
SHA256	`408fcf77dc6e6eb0a74844ccca1db90b9c43806d9690341f604111e71862293b`
SHA3	`e23ce149e5458c2055fef60f2f7cad5cecb21e5b3f26bac34f037782b70afb76`

3859

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x192`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.11615`
MD5	`f89d27b765a9f59567f0f14c0b29edd6`
SHA1	`42dc2f304e06b6d1707e3582404de27b5a37a88e`
SHA256	`be54566f7f684bb810d483e01055c99181a837a300b3f0a8fcb61e71bfac074c`
SHA3	`55e08d4aa010bd30bc0f77ebae8087030938ec3230151402653854e273a50dff`

3865

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x62`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.54039`
MD5	`3beb6e2cc010b3f5457e10f732e5dd60`
SHA1	`c3d0c80c149e673692ff24170dca94e69b906fa2`
SHA256	`daf1a214dadd2882c5999d9d7c1d6f7b9af899f4b0e5a2d6f68ccb73263dfaf8`
SHA3	`dc688a4c017dfb85e60442e203c7fbd183ff5ef0bcab8536eddc9882511bf301`

3866

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x98`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.28357`
MD5	`a776a429e08c083f3d2b6164bfd4f172`
SHA1	`59d449c30f8c91f3eb9034d1a2e2bba5c0a2b1cb`
SHA256	`1149c1186ac0050a4f42107574187ebd2856ead159b65673cee24da9f6e71fef`
SHA3	`24defda48f0aeaa0b3d8b7d72c639275ebad42a806e51c057d6389d6ef6e46e6`

3867

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x2b4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.17067`
MD5	`46e19f80f7c27c58df43d3e822b1cb3b`
SHA1	`adf522ee03b6b04c871b5f9b95eee642ed3fd922`
SHA256	`582062e0c329a77c8b96e49ab63c2438009a8c8935fa5f50631737165dcb36eb`
SHA3	`50404ea1bb321aa5ae60b15f1ae868d09d8d009514db6bd15404a23a1dd2796c`

3868

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x15e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.97789`
MD5	`a55629a18f401aab490fa96965cf79a5`
SHA1	`31d39e832fc4343cd113be9f475229ac4d318af5`
SHA256	`1954bda5973b264f472eda17c9d45cab373af07ebf4c7c810dddc58343d5bf62`
SHA3	`10951d01c35cdef5f3350a77f76fc4eb918a94a3b004e7c2e16bb43b4cc30701`

3869

Type	`RT_STRING`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x24`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.903812`
MD5	`e1c99dc871e9137fc8b43acbb1099df0`
SHA1	`04a757d454282d61633be2345b31be6e8e4fe205`
SHA256	`5baef1f597537259bdf637d8f645938bdf0ad52d4cd09fa576646e0b9269b206`
SHA3	`4490877d996783b2769162318cca6f1cf840ad9e1ace176e84c44c9318dd5874`

30977

Type	`RT_GROUP_CURSOR`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.25451`
Detected Filetype	Cursor file
MD5	`5654e2b14214927cc1442602e3a2da4a`
SHA1	`104e3f4a200d63e1a740afec01c2c86131ae81c6`
SHA256	`8da86e16c783fd7da06c1b57abcf523939f9df40dee03786cbb00e2bf63d1cd8`
SHA3	`2e2c44f70f92c06fe84b5f21d04a61cac6112ffc4703899fc14f510962bc6006`
Preview

128

Type	`RT_GROUP_ICON`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.54942`
Detected Filetype	Icon file
MD5	`eb666dfa885dbff6449b139592c23a19`
SHA1	`1f02273387b64cd874b3b8451b38ec05acdb78fc`
SHA256	`09a436ecc464a68b329bfbc8a8830b0ea9c41f73c1ec49e81f1022035261f5c7`
SHA3	`ec9f35007ec740ed190d4cc50e11835fa1452bf74cd28141bf9b88077583289a`

136

Type	`RT_GROUP_ICON`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.69223`
Detected Filetype	Icon file
MD5	`079fdae61795a8f1d4b1f29b20aa9455`
SHA1	`a846be1e2861543f4d1a327d590a392576a34242`
SHA256	`aec8e5fecaacee597a7742071659a93a041680d7dc2eeaca50ed89b8f84c6d6b`
SHA3	`ca3749a056452bdc1c9c3c083bc6e6ca277ae500a7b4627b8f7f51bdecaa4943`

1 (#6)

Type	`RT_VERSION`
Language	Korean - Korea
Codepage	UNKNOWN
Size	`0x2e4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50378`
MD5	`a78d1e13fcaed84bb7c114cd9d93f12c`
SHA1	`4242abcc65c43b58c216b977b7f833a24b80a56a`
SHA256	`e8451e5c8912eb924bfcd424eca527f35e854eb3099cbcb0cfbc6f69468e69df`
SHA3	`db4cc97864db68cce175ff5c7aae2b55eb61abd9de74545d1c5918d53a1b0d79`

String Table contents

Notify

This may slow the game
CPU tilling mode accelates by low system requirements.
Please set to GPU mode if error occurs.

GPU tilling mode slows down by low system requirements.
Please set to CPU if error occurs.
Near
Mid
Far
Auto
CPU
GPU
None
Background
Background+Player
All
Notify

This may slow the game
CPU tilling mode accelates by low system requirements.
Please set to GPU mode if error occurs.

GPU tilling mode slows down by low system requirements.
Please set to CPU if error occurs.
Near
Mid
Far
Auto
CPU
GPU
None
Background
Background+Player
All
notify
winmode
cpu
gpu
알림
속도 저하가 있을 수 있습니다.
CPU 타일링 모드는 저사양에서 빠른 속도를 낼 수 있습니다.
그래픽상 문제가 생길 경우 GPU 타일링 모드로 재설정하시기 바랍니다.
GPU 타일링 모드는 저사양에서 느릴 수 있습니다.
그래픽상 문제가 생길 경우 CPU 타일링 모드로 재설정하시기 바랍니다.
가까이
중간
멀리
자동
CPU
GPU
없음
배경
배경+주인공
모두
열기
다른 이름으로 저장
모든 파일 (.)
제목없음
이름 없는 파일
숨김(&H)
오류 메시지가 없음.
지원되지 않는 작동이 시도되었음.
필요한 자원이 없음.
메모리 부족.
미지의 오류가 발생하였습니다.
잘못된 파일 이름.
문서 열기 실패.
문서 저장 실패.
변경 내용을 %1에 저장할까요?
빈 문서 작성 실패.
파일이 너무 커서 열 수 없음.
인쇄 작업을 시작할 수 없음.
도움말 시작 실패.
내부 응용프로그램 오류.
명령 실패.
작동을 실행하기에 메모리가 부족함.
시스템 레지스트리 항목과 INI 파일(만약 있다면)이 삭제되었습니다.
모든 시스템 레지스트리 항목(또는 INI 파일)이 삭제되지는 않았습니다.
이 프로그램은 %s 파일이 필요합니다. 시스템에서 이 파일을 찾을 수 없습니다.
이 프로그램에 연결되어 있는 %s(% 파일의)을 찾을 수 없습니다. 이 시스템은 호환되지 않는 버전의 %s을(를) 포함하고 있는 것 같습니다.
정수를 입력하십시오.
숫자를 입력하십시오.
%1와(과) %2 사이의 정수를 입력하십시오.
%1와(과) %2 사이의 숫자를 입력하십시오.
%1 이하의 문자를 입력하십시오.
버튼을 선택하십시오.
0 에서 255 사이의 정수를 입력하십시오.
양의 정수를 입력하십시오.
날짜 및/또는 시간을 입력하십시오.
통화를 입력하십시오.
예기치 않은 파일 포맷.
%1
이 파일을 찾을 수 없음.
경로와 파일 이름이 정확한지 확인하십시오.
대상 디스크 드라이브가 꽉 찼음.
%1로(으로)부터 읽을 수 없음. 다른 사람이 열었음.
%1에 쓸 수 없음. 읽기전용이거나 다른 사람이 열었음.
%1을(를) 읽는 중에 예기치 못한 오류 발생.
%1을(를) 쓰는 중에 예기치 못한 오류 발생.
쓰기전용 특성을 읽을 수 없음.
읽기전용 특성을 쓸 수 없음.
우편 시스템 지원을 읽어들일 수 없음.
우편 시스템 DLL이 잘못되었음.
우편 보내기가 메시지 송신에 실패했음.
아무 오류도 발생하지 않았음.
%1 액세스 중에 미지의 오류 발생.
%1 을(를) 찾을 수 없음.
%1 에 잘못된 경로가 있음.
열린 파일이 너무 많으므로 %1을(를) 열 수 없음.
%1에 대한 액세스가 거부되었음.
잘못된 파일 핸들이 %1와(과) 관련되었음.
%1은(는) 현재 디렉토리이기 때문에 삭제할 수 없음.
디렉토리가 꽉 찼기 때문에 %1을(를) 작성할 수 없음.
%1에서 탐색 실패
%1 액세스 중에 하드웨어 입출력 오류가 보고되었음.
%1 액세스 중에 공유 위반이 발생하였음.
%1 액세스 중에 잠금 위반이 발생하였음.
%1 액세스 중에 디스크가 꽉 참.
%1의 끝을 지나서 액세스하려는 시도가 있었음.
아무 오류도 발생하지 않았음.
%1 액세스 중에 미지의 오류 발생.
%1 읽기에 쓰기를 하려는 시도가 있었음.
%1의 끝을 지나서 액세스하려는 시도가 있었음.
%1 쓰기로부터 읽으려는 시도가 있었음.
%1에는 불량 포맷이 있음.
%1에는 예기치 못한 개체가 있음.
%1에는 부정확한 스키마가 있음.
픽셀

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.1
ProductVersion	1.0.0.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Korean - Korea
FileDescription	Config MFC 응용 프로그램
FileVersion (#2)	1, 0, 0, 1
InternalName	Config
LegalCopyright	Copyright (C) 2003
OriginalFilename	Config.EXE
ProductName	Config 응용 프로그램
ProductVersion (#2)	1, 0, 0, 1

Resource LangID	Korean - Korea

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x9b45dba5`
Unmarked objects	`0`
12 (7291)	`1`
C++ objects (8047)	`1`
19 (8022)	`37`
Unmarked objects (#2)	`56`
19 (8034)	`18`
14 (7299)	`28`
C objects (VS98 SP6 build 8804)	`156`
Total imports	`457`
Imports (9210)	`3`
C++ objects (VS98 SP6 build 8804)	`95`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

4780ce19025a54bdecdb50019a21d712

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

Imports

Delayed Imports

7

8

26567

30994

30995

30996

1

2

3

4

5

6

102

102 (#2)

102 (#3)

102 (#4)

30721

1 (#2)

1 (#3)

1 (#4)

1 (#5)

3841

3842

3843

3857

3858

3859

3865

3866

3867

3868

3869

30977

128

136

1 (#6)

String Table contents

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors