4bb5cf9477d9e7a3883563b359c1b2b8

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2024-Oct-01 16:42:34
Detected languages English - United States
Debug artifacts G:\shaiya-sources\shaiya_eg_vc2010\_temp\client\Win32\EG_ReleaseGM_2010\GameGM.pdb
CompanyName UZC
FileDescription Shaiya
FileVersion 1.0.0.0
InternalName Shaiya
LegalCopyright All Rights Reserved
OriginalFilename Shaiya
ProductName Shaiya
ProductVersion 1.0.0.0

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ 6.0 - 8.0
Info Interesting strings found in the binary: Contains domain names:
  • eterniagames.com
  • http://shaiya.eterniagames.com
  • http://shaiya.eterniagames.com/shop
  • https://discord.gg
  • https://shaiya.eterniagames.com
  • shaiya.eterniagames.com
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Uses constants related to SHA256
Uses constants related to AES
Suspicious The PE contains functions most legitimate programs don't use. [!] The program may be hiding some of its imports:
  • LoadLibraryExW
  • GetProcAddress
  • LoadLibraryA
 Functions which can be used for anti-debugging purposes:
  • CheckRemoteDebuggerPresent
 Can access the registry:
  • RegOpenKeyA
  • RegCloseKey
  • RegOpenKeyExA
  • RegCreateKeyExW
  • RegQueryValueExA
  • RegSetValueExW
 Possibly launches other programs:
  • ShellExecuteA
 Can create temporary files:
  • CreateFileW
  • GetTempPathW
  • CreateFileA
 Memory manipulation functions often used by packers:
  • VirtualProtect
  • VirtualAlloc
 Leverages the raw socket API to access the Internet:
  • socket
  • recv
  • send
  • inet_ntoa
  • gethostbyname
  • WSAAsyncSelect
  • connect
  • setsockopt
  • inet_addr
  • closesocket
  • WSAStartup
  • WSAGetLastError
  • htons
 Enumerates local disk drives:
  • GetVolumeInformationA
  • GetDriveTypeW
 Can take screenshots:
  • GetDC
  • BitBlt
  • CreateCompatibleDC
 Reads the contents of the clipboard:
  • GetClipboardData
Malicious VirusTotal score: 11/71 (Scanned on 2024-10-01 16:43:00) ALYac: Gen:Variant.Zusy.562532
Arcabit: Trojan.Zusy.D89564
BitDefender: Gen:Variant.Zusy.562532
Bkav: W32.AIDetectMalware
CTX: exe.unknown.zusy
Emsisoft: Gen:Variant.Zusy.562532 (B)
FireEye: Gen:Variant.Zusy.562532
GData: Gen:Variant.Zusy.562532
Jiangmin: Trojan.Agent.exve
MicroWorld-eScan: Gen:Variant.Zusy.562532
VIPRE: Gen:Variant.Zusy.562532

Hashes

MD5 4bb5cf9477d9e7a3883563b359c1b2b8
SHA1 1261b4b0690d40f33738282982f010cca3a7e457
SHA256 ba91b599ccc9e79f8b2ce2dce3b8515fc5b3656a2ed9f0716eb575689ca832f3
SHA3 2103e73ee4a1d29cffe02a0e06ac04f9b9e854d76483a68315211e47954eb679
SSDeep 98304:4NL1b3CLaK6blnusT6WKkCtx3+QmpVZgr8vLljAl/:STK6blusTAkC6Qmpz8l/
Imports Hash 88a6fd13c05fb0016603835f5131795b

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x160

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2024-Oct-01 16:42:34
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x436600
SizeOfInitializedData 0x1caa400
SizeOfUninitializedData 0
AddressOfEntryPoint 0x003E1432 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x438000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x20e4000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 e136359dee16359b2ee63b31f897be77
SHA1 bd9393ddaa77254509dfb1c11dd85c16c5b1e996
SHA256 6ac70cf58f2302df7f2f16cee8992acc6c51eae3277b1dd4aef9100f55b802d0
SHA3 eaf435c2cf17d95ec7fb46eaf57cbd9802e589e114c64a639157feaf6d7d2e93
VirtualSize 0x4364f0
VirtualAddress 0x1000
SizeOfRawData 0x436600
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.61098

.rdata

MD5 204aebf20dc0dedc01994a32b55ba1e9
SHA1 5cf19c947f318fc72c14caed67c877b4b8a42137
SHA256 577709013e493daf94f8ab4fb2336dd995fc133c29c7004d7ef007fc0b82fb4d
SHA3 b2f6f5c7900a0c06b67f659054a9f3b219f45032c264b2c8a88d592319b9fee2
VirtualSize 0x77ebc
VirtualAddress 0x438000
SizeOfRawData 0x78000
PointerToRawData 0x436a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.53432

.data

MD5 6d1e19ef3e75454b45fab78fb054a420
SHA1 61935d4c3f745598ed2378e0be519a1009ab2b47
SHA256 45995c37334c519939ad1a92bdd73066465a7a24563a5c4d1cde662f51ced77f
SHA3 5998f28c92a2d70a5fe7b3d9c21e88f0438b757304c9f9eea35a80f126b610d2
VirtualSize 0x1b9c238
VirtualAddress 0x4b0000
SizeOfRawData 0x14200
PointerToRawData 0x4aea00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 3.92332

.rsrc

MD5 1146bb41af816c1f660254c7026f2c59
SHA1 2302ff0639b375c7db1b7c9b80b30181d614d31b
SHA256 866010b95c992bc5ad2fd28b86f774c4ac431da89ba41875edba81cd41d043cd
SHA3 2f95bd5f0414c676d99c01949f8d59995352e72f0e2ebc5fc2f514fa993c129b
VirtualSize 0x60a78
VirtualAddress 0x204d000
SizeOfRawData 0x60c00
PointerToRawData 0x4c2c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.18003

.reloc

MD5 4017aa5db4ac73c7b61bf4676fcdd5f2
SHA1 b4a88663b408b8505e4af7ef5213b628e589304b
SHA256 49899de1d6e22a7b4ec25c633cbfc27b0336fbb4805e2a3fc021e07e6f3fad2e
SHA3 16240a5eed991b3ed7fa35fecbe6a55102e162da6002ea7208ac59cd6a96673e
VirtualSize 0x353cc
VirtualAddress 0x20ae000
SizeOfRawData 0x35400
PointerToRawData 0x523800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 6.76935

Imports

VERSION.dll VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
WINMM.dll timeGetTime
WS2_32.dll socket
recv
send
inet_ntoa
gethostbyname
WSAAsyncSelect
connect
setsockopt
inet_addr
closesocket
WSAStartup
WSAGetLastError
htons
DDRAW.dll DirectDrawCreate
KERNEL32.dll InitializeCriticalSection
FindFirstFileA
FindClose
GetCurrentDirectoryA
SetCurrentDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
CreateDirectoryA
GlobalUnlock
GetFileSize
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
SetEvent
CreateEventA
GetLocaleInfoA
CompareStringA
GetSystemDirectoryA
WaitForSingleObjectEx
FindNextFileA
GetCurrentThreadId
FormatMessageA
LocalFree
FileTimeToLocalFileTime
GlobalMemoryStatusEx
IsDBCSLeadByte
GetSystemInfo
TerminateProcess
GetVolumeInformationA
CheckRemoteDebuggerPresent
IsDebuggerPresent
GetProcessHeap
ExitProcess
DeleteCriticalSection
GetThreadContext
DecodePointer
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
CreateDirectoryW
DeleteFileW
FlushFileBuffers
GetOEMCP
GetACP
Sleep
GetFileSizeEx
HeapAlloc
SetEndOfFile
SetStdHandle
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetSystemTime
GetStdHandle
FindNextFileW
FindFirstFileExW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
GetFullPathNameW
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileType
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
CreateThread
RaiseException
HeapReAlloc
GetCurrentThread
HeapSize
InitializeCriticalSectionEx
OutputDebugStringA
HeapFree
VirtualProtect
GetVersionExA
DeviceIoControl
CreateIoCompletionPort
CancelIo
GetModuleHandleA
GetLocalTime
FileTimeToSystemTime
QueryPerformanceCounter
MultiByteToWideChar
GetModuleFileNameW
lstrlenW
WaitNamedPipeW
GetCurrentProcessId
CloseHandle
GetLastError
CreateFileW
PeekNamedPipe
RtlUnwind
VirtualAlloc
VirtualFree
InterlockedCompareExchange
InterlockedExchange
GetTempPathW
GetModuleHandleW
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
OutputDebugStringW
WideCharToMultiByte
FreeLibrary
GetProcAddress
lstrcpyA
QueryPerformanceFrequency
LoadLibraryA
CreateFileA
lstrlenA
GetFullPathNameA
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetTickCount
GetCPInfo
CompareStringEx
LCMapStringEx
EncodePointer
WriteFile
ReadFile
IsValidCodePage
GetFileInformationByHandle
GetPrivateProfileIntA
GetCurrentProcess
lstrcmpiA
GetComputerNameA
GetCommandLineA
IsBadReadPtr
SetUnhandledExceptionFilter
CopyFileA
InitializeCriticalSectionAndSpinCount
ResetEvent
CreateEventW
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
GetExitCodeThread
GetStringTypeW
USER32.dll TranslateMessage
SetFocus
SetRect
MessageBoxA
GetWindowTextLengthA
UnregisterClassA
EnumWindows
GetWindowTextA
GetClassNameA
UpdateWindow
RegisterClassExA
PostQuitMessage
PeekMessageA
GetClientRect
SystemParametersInfoA
LoadIconA
SetCursor
LoadStringA
PostMessageA
CreateWindowExA
GetDC
SetWindowTextA
GetDesktopWindow
wvsprintfW
GetKeyboardLayout
ClientToScreen
ShowCursor
SetCursorPos
OffsetRect
CopyRect
GetWindowRect
SetWindowPos
ScreenToClient
SetWindowLongA
MoveWindow
GetCursorPos
PtInRect
GetAsyncKeyState
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
FlashWindowEx
ReleaseDC
wsprintfA
DefWindowProcA
DefWindowProcW
GetMessageA
DispatchMessageA
GetFocus
LoadCursorA
DestroyWindow
FillRect
GetSystemMetrics
ShowWindow
AdjustWindowRect
SendMessageA
GDI32.dll GetTextExtentPoint32W
MoveToEx
ExtTextOutA
SetTextAlign
CreateFontIndirectW
CreateFontIndirectA
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
GetCharacterPlacementW
GetCharacterPlacementA
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA
CreateSolidBrush
CreateDIBSection
SetTextColor
SetBkColor
SetMapMode
CreateFontA
SetDeviceGammaRamp
GetTextExtentPoint32A
GetDeviceGammaRamp
ExtTextOutW
CreateDCA
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteDC
DeleteObject
ADVAPI32.dll RegOpenKeyA
GetUserNameA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExW
RegQueryValueExA
RegSetValueExW
SHELL32.dll SHBrowseForFolderA
SHGetMalloc
ShellExecuteA
SHGetPathFromIDListA
ole32.dll CoCreateInstance
CoInitialize
CoUninitialize
OLEAUT32.dll SysStringLen
VariantInit
SystemTimeToVariantTime
VariantClear
IPHLPAPI.DLL GetAdaptersInfo
gdiplus.dll GdiplusShutdown
GdiplusStartup
GdipSaveImageToFile
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipFree
IMM32.dll ImmIsIME
ImmGetCandidateListW
ImmNotifyIME
ImmSetConversionStatus
ImmGetOpenStatus
ImmAssociateContext
ImmGetIMEFileNameA
ImmGetCompositionStringW
ImmGetProperty
ImmGetConversionStatus
ImmReleaseContext
ImmGetContext
d3d9.dll Direct3DCreate9
DINPUT8.dll DirectInput8Create
DSOUND.dll #11

Delayed Imports

1

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x10ac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.95233
MD5 79cef65446f5610ea8b95c35060e677d
SHA1 ee3199d4275e7cd413665eebb659702b825b4ba8
SHA256 f8d2f263ce2640aad446a2b2ea55b60d1555a9044827427ab4bc9bcaf2ea8d74
SHA3 6d04f5e728fb7864854b8e1958057c97305a637ecef930009a39d19c7864aad2

2

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x10ac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.90753
MD5 0c48fd2db0a1fc0783e7874b77c9f449
SHA1 c2585e439b05220503281c948dd95c526ce62e42
SHA256 47e3ef66c03927ce70832eb3176e556c364dfd94d0f3323013f1fe1e0d6bcf17
SHA3 ddf591a0c73a02bc339aded228636447951eda75b131485b4a78255313451fca

3

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xb2c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.14305
MD5 8665ecdbe7ad86b60abf833cb3c82564
SHA1 e3aca8e940367ea3db0ca953ecf9335a1906f4b6
SHA256 c353357cd509337228aae9a9bf2eda9c46304faa34f174a73a4a15dbb3981b47
SHA3 00f5389656c13e47118b726679443d82d854cd095b7fdd609d00c8168d006a12

4

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.00299
MD5 b4f8db820fcecf8b5526e1baf165457b
SHA1 66d2ff3dd0d265aebec9058ad3a3dda6e201729d
SHA256 bdbf503cc3af1197a7eab8a3f065526f4ceb9c8ec347880112d523b2bd681e83
SHA3 894f80037ce25f77f70fcae7e3ea236d3ee7a4d4e1290c0384b2c78bc37829ec

5

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x10ac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.54091
MD5 0c238f25ae717cac9f96c587741705ac
SHA1 ec873a6371680a407622f48dfbd47858482fe48a
SHA256 3f6a4e8a1da66dea5317903a474611ad86cbfe9903a15a5b14b59c811ccb52a4
SHA3 b3a54cded12e92e5befbb0268713e64777dcc0604d0dd0b98e87bf60288d3ed2

6

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.21938
MD5 ca3772e5f17cf1a4ede36ee7b6fac06f
SHA1 9401a88638996aca7c63cb4c7c8c2c57c51569aa
SHA256 1d78e6a3f7fe2db0543282e442f78dd634a0589af319639906936e1eb67ebc09
SHA3 a21c6a2d2c722e663cc3a31f3b11203f276f63c9907f6c85b393b3679a27ea8c

7

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.70484
MD5 5e15ec28f7d474ce9a0c8837486b49c8
SHA1 f4dec0d599e0057f4a7dd4ae0da7e7190aa062ea
SHA256 f4ff5cdc13df2d77e849f0be7ed89177fe8e1636a276c86f82eb342252ab63cd
SHA3 34427ec6a7b13ba4cb4d3df80ac1de2e6f3e153eb5d4d944f10a9426ec83681f

8

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.00447
MD5 df5dd9f0adf872d6629715cca7b11225
SHA1 d7db12267fe6a02b9ae78902cbca95ee84a86396
SHA256 89e7de1564d1e39c6750d009c3cc79d8d739806907061272fa625d759e232555
SHA3 d77f5e402b694b2db9d9dce65664cb07aa07f3df54c4bad23be0fe892c499836

9

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.00784
MD5 787814ae2c357a2af83f9a0491d4c60b
SHA1 7fc71b2d8bc4c95b20b7aca2502d40962b92c9b3
SHA256 544acf10a7dacb52bc4fa0e0c215fdbd9ce47f9bf896b7e4aa3f275e54d2ca04
SHA3 a71243add261a5e05baa829e8079b3a11f26a18ff127640726ba454b616e491e

10

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.55223
MD5 54c23b601c1d618a200e38c7a07cdc1d
SHA1 f26e6a39f2db51bfc59f81f4c33d156c925f9673
SHA256 c672438c0df6ed65dc51c95d805add157336e328abd1a8ce2c5ab7b760a4bb03
SHA3 a8df9fac0ee1e8581b3ba11a972d65d2e619e5ac0a1c0a8855dd96417b31bd6c

11

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.6727
MD5 e5e9105f16591a3acdf1b67a123e5a9a
SHA1 b03600cb412d15d90f340aeb9faeb55b4281869f
SHA256 71b65a134e443dee68df5ddb0ca17227996518d289d58c7771a27ac59e5b55be
SHA3 af2c4d0a6c145500e56b5d98366d1d30f566cb414ea7502ec498ca325fa481f5

12

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.846
MD5 6c6fc680905f5a574401588044862758
SHA1 f17e58def411fd7fd1774f87d0a7c3806521c8f5
SHA256 71a926f15121adda695ff06bd73701de15c06b759d5d95cc691bf4c82a35e908
SHA3 20028c338f86d6032d36e2a0a5ff9c4b46f730358ac6b2a37abd175e86cdaace

13

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0xcac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.389
MD5 d7b0b5702320f4f94743edeeb7ce3c21
SHA1 dbd35da2176e49ff622f52f1c02655fd380f08c6
SHA256 9f0f43d5b30b8ec6d0ca5f04d15489d58981c8f1b228254c0a5920bf9a9731c1
SHA3 f48604244ae0e10fb6583191bb2d7f35077614cc9b8c84208e228d6447b9d4f9

14

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x10ac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.32205
MD5 f0d8033461891c0191f0384fa3897b52
SHA1 4f8c4e809dc29211fb84a51ab7eb64add6c29fc8
SHA256 1c09ed1396fbff803533730876e898e64ebe186feb5038c46d5ea5ab814d20fa
SHA3 7eebbca4edcb24f29460b0b3ad0e45d87933a7c5fb9f19ff2a55774550689d36

15

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.59105
MD5 992db40db8d71afb362c10517a6de8ad
SHA1 f40d99a57eaa30928105f7f862f8de70acd8d1bd
SHA256 5161cf38015fee2bfb90af1436d7ceb77b3add9d3246470250f032113674c113
SHA3 b26b8e276c689f4698516799ceb9ad421e98133c70ce7efb4aba61f711e41aee

16

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.31952
MD5 48e5ceeb7550b4ccbe4eba4eaf2df3fa
SHA1 e6095ac465a68d85e1d2fdbab1d743e787244159
SHA256 add1957731a19dd7475329871d7085b015a284ce6158641b4b17cfe9a1ab2a94
SHA3 05046f1e309c2082a6c59a2899bab42f23e55657c2786a1e8873feb1bb9d378f

17

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.05873
MD5 b21c0c71673172fc8a322fc48a9df7a2
SHA1 ec185d4393a369d3d435b00ad0e90efd888f865e
SHA256 5283aba933e23fe9ae704457395e6816e4a68d5284516a9a9d6a9db87af74b20
SHA3 57e6635b7028c23300b37bcd9e25e492f3e39f802a8aa775073f13fd6960548a

18

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.66958
MD5 8ed684d0cf15d8ea673f373a72dc2523
SHA1 f7a1537a8a9a26df7b025a4d2a6f5c0de29c59f1
SHA256 d25095c7d38c2bafc9d8ceaae18f81cd06d4b3c5b512dc4e3767d772b402132e
SHA3 0cc594059aad5e228f0aaa6d74aaa5f8fc22d329eda10a01b5591c0e3e0c5d15

19

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.52325
MD5 196aac925e0b116363316b4a5af805ac
SHA1 ee94079146df4e25ef85bbb84f3650b207131848
SHA256 0e73083ef44d3edeccb9138866c8616d2143c0e43d53efffc2386e95cc5d0a55
SHA3 ebdccd2605969843267dd6e56a716316742fb235df4571937cb062c0225c46c7

20

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x94a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.40549
MD5 e94815c9961e707531ea6e5057a69332
SHA1 6eae5377d732a67b7f6f2b6f04cab882bcbe645c
SHA256 82b665d4e9edb4ad5535391d7000818d3e5e8adeafc3a1623776aaa8bc1460db
SHA3 9ff0c9f3999a57657717b82004d59b9fec5d8243fe81945bf3fc059d70778b53

21

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.44683
MD5 840988bdfa77690cf5aed0c98b1b2fdb
SHA1 208285217ea83645c18b68f90abb6046e19e2204
SHA256 a827832bb406ba144e865da922a183a317c418e63be832a8f0f087bce9b7b7ab
SHA3 13408aeb9a146ed2eed9a1dbafb2ae2e2d3c4ae435d7581a0ec8610bce3a69a6

22

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.38693
MD5 abfe4dbdc6e2710dd9302c781e418ffe
SHA1 b96bb79ff1944afb02fc1cbcd8f73caa11f8f9a6
SHA256 e719e0f3dd5cf5e10f3c4d172dde40abdba42669903a7363967704fe307ab910
SHA3 49411b00a02d70e89d560b0613196b8e9d47022f70ff5a2bb1387d45d56fb946

23

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xc6e9
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.99023
Detected Filetype PNG graphic file
MD5 1fdcae7b444b868de852d82f59137122
SHA1 a89248705199fb7cddf773d13a771beb60f5dc89
SHA256 778c1ecc20d5efb8b99f535d2b6bda7ed7b43c3e5e6153f54ee441d711742b6e
SHA3 903b205c0c5724107aec8e3ff003654a6aeeaa542a1f2acd8b1982e0a3920a99

174

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.0815
Detected Filetype Cursor file
MD5 ea85ef03bf202985c4fb9fe7780b51d4
SHA1 03bb2ce594521c0f8f39989508bda00533bdfd01
SHA256 f451c1dc0342b32a48d6026b049c186cc315d2665614449d6939c4b570eb1b38
SHA3 696c7d44d35f690effe72356f8c6770cd0dbd86b3568bb9f4c682f37705a087f
Preview

175

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.11924
Detected Filetype Cursor file
MD5 507e5ef6ed67fb2256c6e6805f189dfa
SHA1 f839486b04e0ee1378cdbb3536ddc1991ab1229f
SHA256 264fbfa9c393686bc0b9dbc3e7bc2d903a13cd5fb294fd6d26061b6520d8761c
SHA3 962b5d916aa17c44d0b9f815c8b0c97789ac573994a0830854e34d6f74b945a5
Preview

176

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 2aa3e191487c52ed2804b3ca834054be
SHA1 3ec8a934990b05f2931889b65e0c7705d1702307
SHA256 acf8ca6eb49ab6ef7f15ca05159938f5439baaceb4f62b28a59bbdb2d0035e25
SHA3 665698dc80ac4265bbef08da7dfa3823f95d2c35fe6fefb722b6c0cfe05242df
Preview

177

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 f0e586a433641a102bb9cc63b453fcb9
SHA1 05d62db24de9dee8c4b5a6c0bc5a5e19104348b4
SHA256 a7207b14e868ce5fe75588f78bd79767d437a0acec53d953acac57b5a6848a09
SHA3 2a835277360d309c074b859c4558a0d137b067858c0458d87c8ba893d1a43527
Preview

178

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.21924
Detected Filetype Cursor file
MD5 32ecc604e9d0904d52b1e3ba35c5426b
SHA1 af6128f206eb23587b1baaaee3de23e526ee7ce9
SHA256 66505eb44699246a25c6f8a10422041db62335a438679d80e55090733e11616f
SHA3 531aaa07d82ffe245e8171df171423510b265c89df881eddd7c3067f74c0bf62
Preview

179

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 d2b11b1eed9f121883841cf72ece2c41
SHA1 077cbd11dab5b3d49c61ced6f249c0401bdd5c37
SHA256 735c1308669c10f83cfe17939ac8b38990a18f93c4fe4c5e3d984b15ad349621
SHA3 0379b906bc2073327c67bb327823b80bb69f394e561fd7adfed7d2f078b9bfcc
Preview

180

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 817fe43522d50eb16beaabfa5831ba2a
SHA1 b8ceaa4c95ac5e62d1c3949403d8475853ab4375
SHA256 0e6aee6e6c9f0b8c5b7c9f6a0a1db5beed6bac2fcb0226fac7a5e1b1d2175189
SHA3 922af4db0527dc1749e60b2dae2fa41cb7600dccf1f38ea2193383cfe3a715cd
Preview

187

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 45161e1940dba2c27e73bc3be818cb70
SHA1 19b057dd6e3039b8311b19ac53617b62059aea80
SHA256 473ab89b3563d1532907083089fcd19a9f6a003bacdda5a1cbbbb3713e51b770
SHA3 e806841e749b0bf9ac43c729efe02db486b011987081b4ca40a26fdd0a116d0f
Preview

188

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 6e9b8fe541c216a17277cf7f33d8295f
SHA1 6d7d9908448089af33f3753df9c6d532ab610df3
SHA256 a43410f6e73877619746d9384f5a7c520c2f2571ac083216ceb46f64dec5afea
SHA3 d16ac25e350b75a6bde87e156cf4a10f59ec5ea9fa4ee5d640c45f3968199730
Preview

189

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 a719234938666c43a2c1fd836f3027d2
SHA1 bbefdcbde1037484c5ddf25cbf98e871042e8540
SHA256 3ef415759c938b35d09f50495e84426d8282f4f9fc174cfe9aafcd157e7580f6
SHA3 677938e8ddc614f447fa682cc1924aa6ec219100a3c51fad73304604329a6e52
Preview

190

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 176eef70905805e53fd8aec1683b9260
SHA1 bdca564e4311b88f8e78b78145c04d51ec8eee19
SHA256 6defc603e6f95d187c6d2b4e3768cce2dfebcba99b63df5bcaeca9071ef9f2da
SHA3 29d1b850bbb62154fb39ab4c7d333978c61e98c887947f6ce5000b08f7be847c
Preview

191

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.21924
Detected Filetype Cursor file
MD5 f00e802c6e0eb7c0c8dc07d78ad6a13f
SHA1 3d9dce5917d9f6aff65ddd73bc46ea4dd6e3cb1c
SHA256 edb1271bc926bb2bcffa1b4f69b19f6309bccf3bfb802415420d3a7cc7c005bd
SHA3 304b0490698328014fb88da6431bf18ae222eca5ee2339f02e4fac24c51a6d43
Preview

192

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.31924
Detected Filetype Cursor file
MD5 a9c02c6b32a6da0f1a359027b26f0e78
SHA1 f0f0b713f49e4d9025b8a0e77fc19960d8a1a063
SHA256 cc1ae55319611b7a2ddba3fedaf956620f28367b72bc736068a8a4c591e6fdb8
SHA3 41978f73c3e19f360380b8cfd9fe09b2a428ffddf826bd49926fd9aeef904f8e
Preview

194

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.21924
Detected Filetype Cursor file
MD5 63e88d11b8e4a0868f5c2dcb5c944b1e
SHA1 19e86d2e68c188e8f8101e3c053bfa02ca714b97
SHA256 5907a1ab79be2dae328a84248db9750607aeb7b802af582f974a5ae59fb3c37c
SHA3 fe8a1640613ab39314806298ace08aae1c0f1d9f89c9aa23e7a270562db0dd0e
Preview

109

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x84
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.26415
Detected Filetype Icon file
MD5 933d7b190ba09c9ad64a483814c3669d
SHA1 075f4786eb1843becde24c470dcc33c419698997
SHA256 6750e6cb74fc810706b455e3dcca1c87e736f08b0cb5a31838d3716e75f141f2
SHA3 361831e4d65957f454ea8bbcb7385c77f05aff75d3aee9f59c561e4e8fc45a6b

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x284
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.24728
MD5 97eedf1b3ef081ac58e9095e49ef5af6
SHA1 eaf2b94eb3cfab8e48189e21e7f47261ae679f56
SHA256 95fa1718a43f81d53ffb9baa94563c3fa4d330dd756e1bb08e97a52f6bc4cc6b
SHA3 924f207722434b7ee743192babb4d46ca2e77cc4f175373e5a34361b51fa01cc

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x188
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.89623
MD5 b8e76ddb52d0eb41e972599ff3ca431b
SHA1 fc12d7ad112ddabfcd8f82f290d84e637a4d62f8
SHA256 165c5c883fd4fd36758bcba6baf2faffb77d2f4872ffd5ee918a16f91de5a8a8
SHA3 37f83338b28cb102b1b14f27280ba1aa3fffb17f7bf165cb7b675b7e8eb7cddd

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.0.0
ProductVersion 1.0.0.0
FileFlags VS_FF_PRIVATEBUILD
FileOs VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
FileType VFT_STATIC_LIB
Language UNKNOWN
CompanyName UZC
FileDescription Shaiya
FileVersion (#2) 1.0.0.0
InternalName Shaiya
LegalCopyright All Rights Reserved
OriginalFilename Shaiya
ProductName Shaiya
ProductVersion (#2) 1.0.0.0
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2024-Oct-01 16:42:34
Version 0.0
SizeofData 107
AddressOfRawData 0x49d5dc
PointerToRawData 0x49bfdc
Referenced File G:\shaiya-sources\shaiya_eg_vc2010\_temp\client\Win32\EG_ReleaseGM_2010\GameGM.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2024-Oct-01 16:42:34
Version 0.0
SizeofData 20
AddressOfRawData 0x49d648
PointerToRawData 0x49c048

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2024-Oct-01 16:42:34
Version 0.0
SizeofData 956
AddressOfRawData 0x49d65c
PointerToRawData 0x49c05c

TLS Callbacks

StartAddressOfRawData 0x89da28
EndAddressOfRawData 0x89da30
AddressOfIndex 0x8c444c
AddressOfCallbacks 0x838d54
SizeOfZeroFill 0
Characteristics IMAGE_SCN_ALIGN_4BYTES
Callbacks (EMPTY)

Load Configuration

Size 0xbc
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x8b0348
SEHandlerTable 0
SEHandlerCount 0

RICH Header

XOR Key 0x6ddff1
Unmarked objects 0
ASM objects (27412) 46
C++ objects (27412) 228
Imports (VS2003 (.NET) build 4035) 2
C objects (VS2003 (.NET) build 4035) 1
C objects (2067) 12
18 (8444) 6
253 (28518) 3
C++ objects (30034) 94
C objects (30034) 22
ASM objects (30034) 29
C objects (30154) 10
C objects (27412) 35
Imports (9210) 6
C objects (9178) 2
C++ objects (VS2003 (.NET) build 4035) 127
Imports (27412) 29
Total imports 416
C objects (VC++ 6.0 SP5 build 8804) 78
C++ objects (LTCG) (30154) 472
Resource objects (30154) 1
151 1
Linker (30154) 1

Errors

<-- -->