Architecture |
IMAGE_FILE_MACHINE_I386
|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date |
2017-May-19 20:44:05
|
Detected languages |
English - United States
|
Suspicious |
PEiD Signature: |
UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser
UPX -> www.upx.sourceforge.net
UPX Protector v1.0x (2)
UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser
|
Info |
Cryptographic algorithms detected in the binary: |
Uses constants related to MD5
Uses constants related to SHA256
|
Suspicious |
The PE is possibly packed. |
Unusual section name found: text
Section text is both writable and executable.
Unusual section name found: data
Section data is both writable and executable.
|
Suspicious |
The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
- LoadLibraryA
- GetProcAddress
Can access the registry:
Possibly launches other programs:
Memory manipulation functions often used by packers:
- VirtualProtect
- VirtualAlloc
Leverages the raw socket API to access the Internet:
|
Info |
The PE's resources present abnormal characteristics. |
Resource 9 is possibly compressed or encrypted.
Resource 103 is possibly compressed or encrypted.
Resource 114 is possibly compressed or encrypted.
Resource 116 is possibly compressed or encrypted.
Resource 117 is possibly compressed or encrypted.
Resource 118 is possibly compressed or encrypted.
Resource 119 is possibly compressed or encrypted.
Resource 121 is possibly compressed or encrypted.
Resource 124 is possibly compressed or encrypted.
Resource 125 is possibly compressed or encrypted.
Resource 131 is possibly compressed or encrypted.
|
Suspicious |
VirusTotal score: 2/59 (Scanned on 2017-05-23 22:15:16) |
TrendMicro-HouseCall:
Suspicious_GEN.F47V0520
Invincea:
generic.a
|
MD5 |
4b752ff4f4699fb07e9d65a330f2caa7
|
SHA1 |
842f21fecc4a766ee0e128e9a3ba01b57b07b00b
|
SHA256 |
496c671d0eb065f47f057d24401fe9bc3603c360ed20ff5b92fc1db803d103dd
|
SHA3 |
c4f932609313affb0f0d6667ac07902ee8f152fc5b1705e9c802d0529bfe7bd0
|
SSDeep |
24576:ofsvvcr5XPnVKDxzPoaXA7KVUBf5xN+KEwS6o:Ws25PVKDxbB+HR5o
|
Imports Hash |
29ef59c832439de0f0084fe76600b721
|
e_magic |
MZ
|
e_cblp |
0x90
|
e_cp |
0x3
|
e_crlc |
0
|
e_cparhdr |
0x4
|
e_minalloc |
0
|
e_maxalloc |
0xffff
|
e_ss |
0
|
e_sp |
0xb8
|
e_csum |
0
|
e_ip |
0
|
e_cs |
0
|
e_ovno |
0
|
e_oemid |
0
|
e_oeminfo |
0
|
e_lfanew |
0x120
|
Signature |
PE
|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections |
3
|
TimeDateStamp |
2017-May-19 20:44:05
|
PointerToSymbolTable |
0
|
NumberOfSymbols |
0
|
SizeOfOptionalHeader |
0xe0
|
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
|
Magic |
PE32
|
LinkerVersion |
14.0
|
SizeOfCode |
0xc7000
|
SizeOfInitializedData |
0x1a000
|
SizeOfUninitializedData |
0x1d4000
|
AddressOfEntryPoint |
0x0029A740 (Section: data)
|
BaseOfCode |
0x1d5000
|
BaseOfData |
0x29c000
|
ImageBase |
0x400000
|
SectionAlignment |
0x1000
|
FileAlignment |
0x200
|
OperatingSystemVersion |
5.1
|
ImageVersion |
0.0
|
SubsystemVersion |
5.1
|
Win32VersionValue |
0
|
SizeOfImage |
0x2b6000
|
SizeOfHeaders |
0x1000
|
Checksum |
0
|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve |
0x100000
|
SizeofStackCommit |
0x1000
|
SizeofHeapReserve |
0x100000
|
SizeofHeapCommit |
0x1000
|
LoaderFlags |
0
|
NumberOfRvaAndSizes |
16
|
MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
VirtualSize |
0x1d4000
|
VirtualAddress |
0x1000
|
SizeOfRawData |
0
|
PointerToRawData |
0x400
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
MD5 |
fb4f69c4fbfb519423431b89131f6c8a
|
SHA1 |
13b4623eef5b892b5275d1f9edee4da967fad808
|
SHA256 |
8b508acf490cbcbdf29ea0d427733901240349c260fc7b8f6c3b9fe758749f82
|
SHA3 |
356debc8e1f208415d024b17787c4b1891ca0f78b91837035b4c246ae00db074
|
VirtualSize |
0xc7000
|
VirtualAddress |
0x1d5000
|
SizeOfRawData |
0xc6e00
|
PointerToRawData |
0x400
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
Entropy |
7.9177
|
MD5 |
3c075de8b06b917d754b874a772d6b91
|
SHA1 |
6b2f364d6d475184221bf20e75e8f3f05bdb8b92
|
SHA256 |
69b167a71641b624c598545b896eb069c4e848070bec3c77efc8c92e3485d8cd
|
SHA3 |
9a09a14d07e0d45a6926cd1b8d2060f2cdd51906b0d97bece8be820b4f5c7895
|
VirtualSize |
0x1a000
|
VirtualAddress |
0x29c000
|
SizeOfRawData |
0x19400
|
PointerToRawData |
0xc7200
|
PointerToRelocations |
0
|
PointerToLineNumbers |
0
|
NumberOfLineNumbers |
0
|
NumberOfRelocations |
0
|
Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
Entropy |
4.04461
|
KERNEL32.DLL |
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
|
ADVAPI32.dll |
RegOpenKeyExA
|
COMCTL32.dll |
#17
|
COMDLG32.dll |
GetOpenFileNameA
|
GDI32.dll |
CreateFontA
|
IMM32.dll |
ImmGetContext
|
IPHLPAPI.DLL |
GetAdaptersInfo
|
ole32.dll |
OleInitialize
|
OLEAUT32.dll |
#2
|
PSAPI.DLL |
GetModuleFileNameExA
|
SHELL32.dll |
ShellExecuteA
|
USER32.dll |
GetFocus
|
VERSION.dll |
VerQueryValueA
|
WS2_32.dll |
#2
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
f97c9d3fa1a0d1a610a2c4d9da73fb68
|
SHA1 |
a21037d635af50509d178543c5f20d07fde32928
|
SHA256 |
1d88e9361d2516fcec3294ae32251b800ceaf6194dd36e03cc1a0cd6f3e75120
|
SHA3 |
aebeeef23a25ef944fae79953f28de887750f168976defde66ebd7c9bf99b63f
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
49d9b4527dc09be1b8f3a6b88385502b
|
SHA1 |
c4d585b48b8392f06aedae53a7bdd3e67683cb55
|
SHA256 |
75748b124fffaeb5c462b797dd0fc487355fafe6b201b108c38878549f048bb8
|
SHA3 |
1a35b7a87e5a8f794966df5d95428bd6e783b08c8027bddedcfc3a2fe567c044
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
8760c797773750b4d08f4600aace0fa7
|
SHA1 |
1f669cab99e6f6b2243f1d51d00e4fcc1c2e9b50
|
SHA256 |
37aca53df4d383c6520c75683d30e4288d2333404d1a273927479f35852b7745
|
SHA3 |
a5022b8a6c82ace33921acfec69544899e2e650dd463259dee6c068360cadbf9
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
43a2a656bef200621f75d7594f69ce44
|
SHA1 |
c52df659d662dc002d6646576ed82dd8b5b242f1
|
SHA256 |
1a4d4324b502bd2d23682c90f124cbba5f51bf128d1d5a0cde5756ed3cc4ca26
|
SHA3 |
0170606565aae8016c602c243e13d852a42196d6a3cc19fddfec0c4b427cc3b9
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
ef1525632925d1602673e1357d372140
|
SHA1 |
60894222a1037fe8cca929b76208d95eaffcc0d5
|
SHA256 |
ba09d949bc50b9686d69dc00f70856fb5d9a7e0e6e7f4fcea2e71ba53f318c5e
|
SHA3 |
1bb0f3e0d1334b94171e291ec4c6187c16edb7e0513c7d6b2767cb40f3bc4ad4
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
d479436bd32066b25886f9920c7b7ccf
|
SHA1 |
b62f98976c11d79674b019ea78a7ce4d6d78b479
|
SHA256 |
707bf0b938f307b5c222e670598b865d5e1f8a8003df82c7abbf7c9f8fa4d720
|
SHA3 |
17c7466814b0fbbd856f06691fabf75d960d78f671256f0d16dc3c2ed187a60c
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
3b22a70501970eae201fb3b7534a7fec
|
SHA1 |
702bb8868d59acc3358135e3b225cf8f98968dae
|
SHA256 |
9b7b2c86b2def9fa1b0d0b92d9a5c933121779931c81240a07916c2c377e20ea
|
SHA3 |
1df969fff5a331d8ae8d4355687310b3b11b22be62410cb67845d34a68b267f0
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
97fb2ef20b5bff7d65b50786468f49f3
|
SHA1 |
b23f496b89ea60bfc1f988920859ce322c61f483
|
SHA256 |
5f4401ab986e066ceaa340c2ead3a4b5948c120ba8a87db292b8ac3be447e723
|
SHA3 |
f89e34f1a6226486e07ac2ff4e3173eaedc533d7096279256bb155e7827d2c34
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
54a9d146132c56af7a2d95aba29684c7
|
SHA1 |
81699e8206a2124775b158c1d4dc19b7af2ab8b2
|
SHA256 |
399a8038ab60c59b5ed40f348f9c70d9d9551d896056ed5b16272d040ac0f976
|
SHA3 |
2d12315ea0945125cc545e1bae8f54104b536e8b2a3e3f14e01f49f10c8d6253
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
5b8cd86dbf4c47fd44fd6eb6db01a200
|
SHA1 |
6860f67425a1119bf775fbb40fea3a8415c30390
|
SHA256 |
8f0d364658e90792aaf0f166a30c47ae8337aa32753981bad4aa3590c3f6d2f0
|
SHA3 |
9bf11a9885fa3de9dddc2f7e64a93e2d55399e4230c799389bd75ca0a30c8b0e
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
1cee9511adce783022060061db09ab6a
|
SHA1 |
d2f059a6c84d4a4c7162baa1cda0100a2c2835f6
|
SHA256 |
60eef3a1e1998162cfed2918554368858608a63618621d4f5bd875c84843e961
|
SHA3 |
2e47a5aaf88cbfbda0033feddf056d09ec84b6fe7912b127f868fa8974696e55
|
Type |
AFX_DIALOG_LAYOUT
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
1
|
MD5 |
fbaf4d5a9ac7d8f2346f9866b66e7f0c
|
SHA1 |
c6dae5d6f50189df8b795e0380c81ffdd486103f
|
SHA256 |
63bbd6c6427d4b8be85feb1545461a169d65602efa61a610922d5d7ca0e49037
|
SHA3 |
68c8091cdccb4cabbbfdff61aa00fa4002c46f8fd76ab9a76da2f70fafe3d1c0
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x468
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
4.52181
|
MD5 |
3c801abd18786c97788563867bcfcb7e
|
SHA1 |
ce945f768b40ed82168608edd0b67adaebf15f9c
|
SHA256 |
ae3f5b1a80d0595f1b3297f5b0cf0682ee1cc98d504badbfd06ed688bddf9236
|
SHA3 |
1fd91983a8e50169c7fd09738e9f05fc398ad7e2bdc154aad0fd51dd0e3993f9
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x10a8
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
4.3351
|
MD5 |
341feb3cb75556ee65f5df3807171029
|
SHA1 |
8190d25599b5b6c53fdbaa085ec5427997d5f1cf
|
SHA256 |
905c927ae98b7f34d02307eef3c0262bcf4d08e0f245aa10c66a019ddad11bb6
|
SHA3 |
edc70779e5c005b2a8e914bbfc4f81ff6a18b6a0fab047f4f85be6253e2a6502
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x25a8
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
4.49793
|
MD5 |
5f50cb2b71ba3ce984209ecdf0e9fc10
|
SHA1 |
ac4a0cbd0e84cfadbf415fe1786931775cdf5783
|
SHA256 |
b525a553045527884829e6a5806755ab0db6472666ebb581090999536339b19a
|
SHA3 |
c0fbb5b4f167b5ab503e76bd5ce656f560bb33ef2d972d82dec37e16aa7fb878
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x4228
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
4.0215
|
MD5 |
5f0e3aef743f372f1284c77f37db58bd
|
SHA1 |
093f797df4af3efc3e18a7de96fa712471bc8c75
|
SHA256 |
eefc266e4248103650b178632f48800083c7f38317dc8bad34aa73472aa23510
|
SHA3 |
1305632c99a3b7ecbd720fca389ce9b71dca133f5524a861a11b8d0e869d0fbe
|
Type |
RT_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x10828
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
3.70966
|
MD5 |
8c5fdd3a0c3d1e9ec440859f94698578
|
SHA1 |
05f395d4cc37f614c06a86ae56b93e09bda78cf3
|
SHA256 |
0c378e665597758249e6296f99d9b10179906cbd4e886f0f215fcdd6ecf13896
|
SHA3 |
2feefe73d92987290078236ae9ff0a9d38d55ee966917607b970623b60e59ce6
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x74
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
6.39018
|
MD5 |
317a812434fdb8dd839ce23c57859da4
|
SHA1 |
f92160a08b7e9b86b8b64b1bc3ed411344dd9da2
|
SHA256 |
0937dfc107594a1fca6a6db79abf5d6c3c87e8d3326ee8dc6e8675f53fd0fbdb
|
SHA3 |
afd6c83e9e357961c7b1e3c3e772a1dc993663780ea19faa38e7a0847a176ed1
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x370
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.65968
|
MD5 |
bf0d525d8f67be003908a794e360d98b
|
SHA1 |
13d6a459210c008eb116fc202a22442f219f4a7b
|
SHA256 |
94d022d12994fdaa3cce1405e25ee6cb267c599782f0e87b467b6c1f4d8a8e10
|
SHA3 |
7fe69bacb762caa5dfa2dac26894ce7e1f16d121c0750a2c08d3c5e6ad22cf63
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x8f2
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.73907
|
MD5 |
8a6d7b5845d067540519e510236f5ed3
|
SHA1 |
7a2da026bd23eafeba1a98cbfb00b5e88c7c3cb2
|
SHA256 |
b0b491f48608e08f786beef45c1d2bfd48ccea1f14486ee45419afff60909bfd
|
SHA3 |
b99989258109e40509e4ecbe28d1d2e6f215bf1c3328d3f50b8f28b73b7731de
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x6c
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
6.18989
|
MD5 |
20362850b9e2f7b9a50c68bb17aa66c9
|
SHA1 |
3e9ecb4a489967ef9e56304e05671be1cd52ec2f
|
SHA256 |
abdef70f247d2a0aa5b210016d81e868312a16c127401ecfe6fa09cc945a0fde
|
SHA3 |
34d0e681a2f83ceaba852409ea27530a3ecdf5b776e8eb0169d514a164999db2
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x11c6
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.85384
|
MD5 |
690b76612ccd50035841b9c04a5615f1
|
SHA1 |
be8a58f8da19e02e230743b3ee71c714d81ba6f2
|
SHA256 |
bd8cb3ec102357cf70fdeb54e00e3965434cf1ebda3b250e9d45e39f8097cc6d
|
SHA3 |
87ee5d2b5984a8fa0fe142dffa89ffee72689f0760274700e3d32082b648e3b4
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x70c
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.647
|
MD5 |
eb776be07c565c1da6a2ea85b238bd48
|
SHA1 |
f34e8c220312c828d8728a3fec0a8efc08cf0def
|
SHA256 |
f78760fb41392adc2313e46ea5e401605e4f8c0b3c0027ffc92784120dec1ad4
|
SHA3 |
1dc760525d4022be2a0cc5b2fe8aaf5579c00f9513f1dd196d56680e476c19d3
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0xbac
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.71578
|
MD5 |
9e2ce6c3c9f02ea34259b77b2930a66e
|
SHA1 |
f36213045722c362d7630fd47526962bed382daf
|
SHA256 |
b83a394db229f0db319273ba7470ce6689c06b952eda35824c202a2453fff53e
|
SHA3 |
ec737b21ccd69f24a1004338dc3ae037f42f401c35d61ad62bf8296705f8e91d
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x51a
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.7422
|
MD5 |
b3219f7f2686e3ebc6f33d0f2d875566
|
SHA1 |
a044d821a406ef3f93aa1505a8ff7f9b4ed75c17
|
SHA256 |
2e3f9b67c0caf5a61529fe33f8dc925ed6a2ea165906229f24dcadbd3c555fc0
|
SHA3 |
6de4bf79103597320724b167ce8c7df8befe1e95f22984db93130d55b4d2c5fb
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0xb5a
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.85485
|
MD5 |
4b464ef4e7f316b73abb7fab33f8defc
|
SHA1 |
644a439382b3db10839ee58d1a2deae370888cfa
|
SHA256 |
f937cae40d2b692548a8c473ae920d8425c52341e87d6d2acc8581884c2b5278
|
SHA3 |
47a077e289eb8ee3473003b2e320d6cf12e0e0dfb4dde3a4ddbc1e9302d75404
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x802
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.84283
|
MD5 |
85eb000214b3bd5a7bb086c5984ca7f5
|
SHA1 |
f8e106e89f11b38a17dc71f06cfebf7ede705ea0
|
SHA256 |
4662034e794e141229dd8b8c3e8d2125117c136446713c2b3e93f565da4cfe6e
|
SHA3 |
70440bbda7a58637e128e02252f14ccf1a9cc1091ea8e9215db314bbe2337ed5
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x36e
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.63425
|
MD5 |
887b020f1884ecfbe2dd6a224ecb495c
|
SHA1 |
801f795e5258a6e54208e86e16e12dfaee32753a
|
SHA256 |
c0304707f383280d4646d6bf071c31f8b008c295f189f74184568570da78ce86
|
SHA3 |
db38928812b5e4d65b0246f76f17c7e5f6895d749a234e351f83ea516411933f
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x2d8
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.66029
|
MD5 |
a9188002a74c681e5631e58d5e594816
|
SHA1 |
de06cedcf98724ff8f2d986969c6423e9c73ba1e
|
SHA256 |
709ffcf8e7d169a7c7a4423b866caffaa303075dc0a467aa3d95e767c3a2d717
|
SHA3 |
3e9db288fab84122fadefe3844b4a8b0f9e44fce83be92672904fcda1bcf9386
|
Type |
RT_DIALOG
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x398
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
7.64276
|
MD5 |
724050f645cc0f1c47ac87080cd55900
|
SHA1 |
067ee3583b4d54f4e6429d458142934a90f9c9ee
|
SHA256 |
1518da23d6e6ee81aa58eddddd05f4cdaa91378d74ea003ec9f6fcfcfa107c1c
|
SHA3 |
1453acd23d78671d5d7a9c6b3773c2ecd7bbdf39b5714bcabfce520d945c80d6
|
Type |
RT_GROUP_ICON
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x4c
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
2.80283
|
Detected Filetype |
Icon file
|
MD5 |
da9b70665374e3394540c51191a2dfd6
|
SHA1 |
c91b3f6407149e322850f6a257923abb260adeb5
|
SHA256 |
9595be7d246f12c7356d15b8facc45ea482de63d316af484c99156170b9d7362
|
SHA3 |
d75e51b150e9bb574412de784a1ecf652c36717a52f920f529a2c01e2dfce6af
|
Type |
RT_MANIFEST
|
Language |
English - United States
|
Codepage |
UNKNOWN
|
Size |
0x289
|
TimeDateStamp |
1980-Jan-01 00:00:00
|
Entropy |
5.05508
|
MD5 |
3c68661546578ea698d36587a218aa4c
|
SHA1 |
e90e89bedeefb439b697bf7fed736e31fbdc68fe
|
SHA256 |
71923b87e74057fc8cd4e2ce9c20f36e49575f3548f61bc2743176bce28ffbab
|
SHA3 |
5bc488e66cdfd4f1dd6c76a8b210266e05c5515850d08208e161c5b99352be11
|
[*] Warning: Could not read the name of the DLL to be delay-loaded!
[!] Error: Could not reach the TLS callback table.
[*] Warning: Section text has a size of 0!