Manalyze report for 4f386ac8ccf19ebb86ab36e3cf9957ad

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1992-Jun-19 22:22:17
Detected languages	English - Australia

Plugin Output

Info	Matching compiler(s):	`Borland Delphi 3 -> Portions Copyright (c) 1983,97 Borland (h)`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExA LoadLibraryA GetProcAddress` `Can access the registry: RegQueryValueExA RegOpenKeyExA RegCloseKey` `Uses functions commonly found in keyloggers: MapVirtualKeyA GetForegroundWindow CallNextHookEx` `Can take screenshots: CreateCompatibleDC BitBlt GetDCEx GetDC`
Suspicious	The PE header may have been manually modified.	`The resource timestamps differ from the PE header: 1998-Dec-15 09:18:50`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`4f386ac8ccf19ebb86ab36e3cf9957ad`
SHA1	`61bcd27568d21f9b527d7e74298a8b4386984322`
SHA256	`fa6100954dfb27145de5834b2896ec047944db734b8842316fc423cf6d7957bb`
SHA3	`e37431d84507e2b6a6f655047dd2d668bd2bad89fd3bd5987d7b4251672e58da`
SSDeep	`6144:QVdh3E/6TOnIw+V0mP5VuvEfUx3voH4io2F1LtbHTUZVAl:QVdh3xOIT158vbx/oYilF1LJHTU`
Imports Hash	`4996c212c747dbce9af615ffa77f8923`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`8`
TimeDateStamp	1992-Jun-19 22:22:17
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x32c00`
SizeOfInitializedData	`0xa200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00033AF0 (Section: CODE)`
BaseOfCode	`0x1000`
BaseOfData	`0x34000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`1.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x43000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x4e20`
SizeofStackCommit	`0x4e20`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

CODE

MD5	`ac9bc95c311eb2fa328dbf87eb2bd960`
SHA1	`4314498c26b5b7e4bf977a7b02ea7b3f9a3333c2`
SHA256	`3110a265974854a59e6b4060987bb7302fab60417cdd5aebab3ccfce2c986af5`
SHA3	`d8b32578ee6ce17e431213aadbe56b53ab97b892fd18b034058ab585ea3a270b`
VirtualSize	`0x32b2c`
VirtualAddress	`0x1000`
SizeOfRawData	`0x32c00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.50101`

DATA

MD5	`3b27aa1efd2ca7da3e51ea45d484e0d7`
SHA1	`e648c333043c1632529c98a1b2a9799d579d1920`
SHA256	`1b752e4d20f43b97f18070c9865c09587a29af13eb6b0a57cb53aae460abc9b5`
SHA3	`b78e947c223f0e9c73e4ce27a91af0044226334a05d55cc3c1460bb2ab93c939`
VirtualSize	`0xb78`
VirtualAddress	`0x34000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x33000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.00512`

BSS

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x1649`
VirtualAddress	`0x35000`
SizeOfRawData	`0`
PointerToRawData	`0x33c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`47eb8681fb6665891194bda41cb2f4ba`
SHA1	`7d83b8daf37eff1252a4d6d2a0e1606588a7671d`
SHA256	`da876ceaefda6d8f608a052612ce3aafacba3c21e6aeb8b8a25e16317bb8dcce`
SHA3	`c643ed7b762b3c6d33bf0126b1fc933482b6d27eb0c3f88f4fdeb15a90eda5f3`
VirtualSize	`0x1aa6`
VirtualAddress	`0x37000`
SizeOfRawData	`0x1c00`
PointerToRawData	`0x33c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.83593`

.tls

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x8`
VirtualAddress	`0x39000`
SizeOfRawData	`0`
PointerToRawData	`0x35800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rdata

MD5	`4f62fef0b33aa45e460ef39cf682b486`
SHA1	`1e2f7e8f2e3e5a678f222807e8970ebc9217907c`
SHA256	`b3412ec98e9199fd6e91ccb133d30cb3df446a2f6e77baa0f05b64d76215b5d2`
SHA3	`253c557358108f1c82ca45c54937d483d373145067d60a09806c958a0b4866cc`
VirtualSize	`0x18`
VirtualAddress	`0x3a000`
SizeOfRawData	`0x200`
PointerToRawData	`0x35800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`0.204488`

.reloc

MD5	`fc164216a0cdbf20836aee726612e62a`
SHA1	`e783dbd035ab6fef1be6a42712542723f6e9cb75`
SHA256	`882fbcfcfe5755400804b36a35f6827e6efed9b84a5fa283551b2dc7eae2b4a9`
SHA3	`6148eb9303d70d4d2675dc5b6616167438fb69eef02a52417108afc76d24ffb0`
VirtualSize	`0x3e9c`
VirtualAddress	`0x3b000`
SizeOfRawData	`0x4000`
PointerToRawData	`0x35a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`6.6567`

.rsrc

MD5	`2fe5256c3aee8272a153f68f8a434123`
SHA1	`da9c672fe3f71f7f24a435f0dafcb2b5f66169bc`
SHA256	`fe1f9c5822ae5f2039e181f479a9c98c666efff6e44854a8b4c2a6fba167d8b2`
SHA3	`7be53d0cfbb2092e99a65f67cc56a2200686ec0405992494208dbb041325198a`
VirtualSize	`0x3800`
VirtualAddress	`0x3f000`
SizeOfRawData	`0x3800`
PointerToRawData	`0x39a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`4.31797`

Imports

kernel32.dll	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `VirtualQuery` `WideCharToMultiByte` `MultiByteToWideChar` `lstrlenA` `lstrcpyA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `ExitProcess` `WriteFile` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
user32.dll	`GetKeyboardType` `LoadStringA` `MessageBoxA`
advapi32.dll	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
oleaut32.dll	`VariantChangeTypeEx` `VariantCopyInd` `VariantClear` `SysStringLen` `SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
kernel32.dll (#2)	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `VirtualQuery` `WideCharToMultiByte` `MultiByteToWideChar` `lstrlenA` `lstrcpyA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `ExitProcess` `WriteFile` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
advapi32.dll (#2)	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
kernel32.dll (#3)	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `VirtualQuery` `WideCharToMultiByte` `MultiByteToWideChar` `lstrlenA` `lstrcpyA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `ExitProcess` `WriteFile` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
gdi32.dll	`UnrealizeObject` `TextOutA` `StretchBlt` `StartPage` `StartDocA` `SetWindowOrgEx` `SetViewportOrgEx` `SetTextColor` `SetROP2` `SetBkMode` `SetBkColor` `SetAbortProc` `SelectPalette` `SelectObject` `SaveDC` `RestoreDC` `RectVisible` `RealizePalette` `MoveToEx` `IntersectClipRect` `GetWindowOrgEx` `GetTextMetricsA` `GetTextExtentPointA` `GetSystemPaletteEntries` `GetStockObject` `GetObjectA` `GetDeviceCaps` `GetDIBits` `GetCurrentPositionEx` `GetBitmapBits` `ExcludeClipRect` `EnumFontsA` `EnumFontFamiliesExA` `EndPage` `EndDoc` `DeleteObject` `DeleteDC` `CreateSolidBrush` `CreateRectRgn` `CreatePenIndirect` `CreatePalette` `CreateICA` `CreateFontIndirectA` `CreateDIBitmap` `CreateDCA` `CreateCompatibleDC` `CreateCompatibleBitmap` `CreateBrushIndirect` `CreateBitmap` `BitBlt`
user32.dll (#2)	`GetKeyboardType` `LoadStringA` `MessageBoxA`
comctl32.dll	`ImageList_GetDragImage` `ImageList_DragShowNolock` `ImageList_SetDragCursorImage` `ImageList_DragMove` `ImageList_DragLeave` `ImageList_DragEnter` `ImageList_EndDrag` `ImageList_BeginDrag` `ImageList_SetBkColor` `ImageList_ReplaceIcon` `ImageList_Destroy` `ImageList_Create`
winspool.drv	`OpenPrinterA` `EnumPrintersA` `DocumentPropertiesA` `ClosePrinter`
comdlg32.dll	`PrintDlgA`

Delayed Imports

1

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.6633`
MD5	`ff4e5862f26ea666373e5fab2bddfb11`
SHA1	`cfa13c0ab30f1bbd566900dee3631902f9b6451c`
SHA256	`b8e6fc93d423931acbddae3c27dd3c4eb2a394005d746951a971cb700e0ee510`
SHA3	`91dae12a9f43c5443e0661091a336f882fa1482f75fa9a57c9298d1d70c8ae69`

2

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.80231`
MD5	`2e87b3c111e3073a841775c1f8ec5a90`
SHA1	`20292304fa2ef1bfdc4a1000e90a1c16d4765a96`
SHA256	`ce19ace18e87b572e6912306776226af5b8e63959c61cde70a8ff05b3bbdcc41`
SHA3	`9527f09e739c2064835800a7e5c317cb422bdd7237f00fca079a1c62f58a2612`

3

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.00046`
MD5	`a04c3c368cb37c07bd5f63e7e6841ebd`
SHA1	`699300bceaa1256818c43fecfc8cad93a59156b2`
SHA256	`ee1c9c194199c320c893b367602ccc7ee7270bd4395d029f727e097634f47f8c`
SHA3	`58722e3138aad1382e284c1605ecd665ced536de4906749ac8d6e11252cc9558`

4

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.56318`
MD5	`9929115b21c2c59348058d4190392e75`
SHA1	`626fba1825d572ea441d36363307c9935de3c565`
SHA256	`9d9edf87ca203ecc60b246cc783d54218dd0ce77d3a025d0bafc580995a4abd8`
SHA3	`fea156e872544252c625076a6bf3baa733ee5b3d5399716e156734af7a841369`

5

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.6949`
MD5	`f321ad13d1c3f35a05d67773b4bc27d6`
SHA1	`30aded8525417e2531d5eb88bf2f868172945baa`
SHA256	`99676c52310db365580965ea646ece86c62951bfd97ec0aae9f738a202a90593`
SHA3	`04c839da98a8c50a36697076af5bc6d527560a69153b2f718f065908fd4fe3ad`

6

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.62527`
MD5	`5ca217e52bdc6f23b43c7b6a23171e6e`
SHA1	`d99dc22ec1b655a42c475431cc3259742d0957a4`
SHA256	`11726dcf1eebe23a1df5eb0ee2af39196b702eddd69083d646e4475335130b28`
SHA3	`b358d8a5b0f400dd2671956ec45486ae1035556837b5289df5f418fe69348b3f`

7

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.91604`
MD5	`6be7031995bb891cb8a787b9052f6069`
SHA1	`487eb59fd083cf4df02ce59d9b079755077ba1b5`
SHA256	`6f938aab0a03120de4ef8b27aff6ba5146226c92a056a6f04e5ec8d513ce5f9d`
SHA3	`0f1c6c0378a3646c9fbf3678bbeeccf929d32192f02d1ea9d6ba0be5c769e6ab`

1 (#2)

Type	`RT_ICON`
Language	English - Australia
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.84585`
MD5	`47e27ca8f6bd1dd296228198becf31d6`
SHA1	`d5707d05b28728aaadd3956d5623c2cbbe1bc00c`
SHA256	`4adf1ef59c01d286301513c62be208bec796f5cadf76d0f6e0ee4520f9fe2f81`
SHA3	`75062f401e09860fd9524a5cf31a0781de05303d2da4e239f57dc4d0663aaf32`

4086

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1cc`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.07842`
MD5	`1174fce9c65e18fc98e5de3ac244a32b`
SHA1	`192fe5ddd04160650de5777d744094420ed63e12`
SHA256	`420cddff3632c33461f6772e170e6245f6d4acf00f21e9ea70c80673dfcf3beb`
SHA3	`054b95692ea7ac726ec477c27b2be9931616ecd581e2e945d35c606d4085dd1c`

4087

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xbc`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.0117`
MD5	`e28cb84c09eb4150bef62f8d0ee7e400`
SHA1	`75281167a50c34d7bfef3a509c872e14dad2c500`
SHA256	`49af5aa2b95c25004d5f8aeacc2b502bca1caa6da00971408d259a1a01aa137a`
SHA3	`39b842241f622062d3325bca97d771f5b2a255a37ebfc98f8f3966b27edd1142`

4088

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x120`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.11748`
MD5	`690932d19fa665396dfd5c16d8fb39aa`
SHA1	`ec604eedb8426555dfe64bb973fc05e0ee439f9b`
SHA256	`aaea6a7b93bb3ad4bac640c0188fadd77f90a4e4dfe67e1e507fc8c1b1dbdbb6`
SHA3	`20be397cec633e05b45c259960a083a18f954c7628c5bdf2afd6da501ec39cbc`

4089

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x458`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.21364`
MD5	`56a049f10149257b861bd547b3955d29`
SHA1	`be0a50abc14d8a2a9673571ba692b7832b5dc803`
SHA256	`340be18ad0382d673bb70e6a0aafc7b8f103c0233c06dc073aa901a77be6c3d5`
SHA3	`83095ad9b094fa5a47020ba313eeb886a0be3432b7a2e14c560b5b3c9cdf313c`

4090

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x394`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.20744`
MD5	`46cb9cc8ec0eb99c5872f8d850656e9c`
SHA1	`26ce259164f8c095e7f767de3ea9d9f7c41c748b`
SHA256	`10c5ccf2ae5cc389c97b3dbe52cc2a0336a5652d5b13019765241bcd55712ae6`
SHA3	`1974d454b8e2fe7f2da216ba8aa46c62815d140ad5b63b1e756075caeb0101d2`

4091

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x354`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.16353`
MD5	`d8a954d760d326307a6caed641434d57`
SHA1	`e4033ac40088278132a8db8a37e04068f52d41a2`
SHA256	`a9f8541b062effd97d495db5e70264ad0668ddfbb1ebb556a868c71f8cfc5cff`
SHA3	`0a60fb34ed3842d8ef70c2b2319a5a0bd75e4a1b98026243ca9bcf16e669d5c8`

4092

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf4`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.94341`
MD5	`aead513017e6566240e7ac86b5480759`
SHA1	`648ee52447fd9b798760ba8dc84fda558d30f287`
SHA256	`0bab6e5a1259540a8def510ea55891a64d06c7c40dbbe8eab251f5d60993aabe`
SHA3	`9e2d3b1ee751fdb86e8834cea1ccd92a2af585a66b9319c1fb664369f5ef8180`

4093

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc4`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.8794`
MD5	`654a3b0e552431bce845d4873d01d0cf`
SHA1	`9b3d44f51cea9362bcf7c258974a4a767df915cf`
SHA256	`580d974dbf7953e0e47920170ddb9e8dba22e8f3561e059ce4f3774056c876a1`
SHA3	`40a1765801c78b03ba59f217f7767147f65598ecf74ebe7fb848546b5ce9ee6c`

4094

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2f0`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.27388`
MD5	`151f87beeb81c2477f6004c116980441`
SHA1	`c29fe5ff4fd67365c722f12cc8a49d08e66dc2e1`
SHA256	`7249ba2ce9156333117eabefd46c67db61075a98687b2a0d582d3c6e1c73ab32`
SHA3	`043e0d1c8d4aaae2962304473c9f6ce9ef61b9300b74a73faebb233b14a180f2`

4095

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x35c`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.24062`
MD5	`e3d4d35e9836f20ed9ca1b1a0763cc41`
SHA1	`fa5f723b3a087489a3b9ee2b07bf841a89955dbe`
SHA256	`f00071bb1b5f37d12500223b2e453a83710d906a00965283f873a3867fc02e32`
SHA3	`7d6bfbcca04170557f700febbc2e13c54d90dcd0a7d8b9c0ea6e2862e3af603f`

4096

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2c0`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`3.19087`
MD5	`2b12bd4081246a81ea2223d199ed99c3`
SHA1	`382e9e1f6dea830ee7e5e22f79514da8df1e4889`
SHA256	`22369ccb751ac2454c74db68b8fade85b0c1a7ec8ead1d796f38d6a1abc49f7f`
SHA3	`a24476565f2b899e1de23ae2789f65d241013f1ddc7a20b243d5c7672b80eee8`

DVCLAL

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`4`
MD5	`a40263c75fde7440b1086b7da9c51fc2`
SHA1	`139a84f87110fb5cb16a386adade21f30cae98b0`
SHA256	`e7dbe99baa5c1045cdf7004edb037018b2e0f639a5edcf800ec4514d5c8e35b5`
SHA3	`d3a734fa7d36868d301f9569de92e1bfc551e4b5cf6d7c59eace8d0a554093c0`

PACKAGEINFO

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x148`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`5.07925`
MD5	`21dab24cfe6993d209501b061aa18d0b`
SHA1	`9c2e8d5b458e0c064d4a3f977bfcf0a2265f1e23`
SHA256	`698fe39458d51bc76855b4b326ce3fc6bc7b5a2a5a3bf33dcb365bde05ece1d3`
SHA3	`25621a0697cdc93c5b3b1977c42e36ea07568d8df7be8bd5a6fb6522ef857cf7`

TFORM1

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8bb`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`5.57455`
MD5	`ae350555e39e0641f2b1da0485891362`
SHA1	`597b2c79e69ec7eb6fdcc68b5932cb1663430c93`
SHA256	`b123fb007c34a888826c733b0e5236f8c51ba2fcfd25a18e916897ca4d85edd0`
SHA3	`d942a7a1c11abc89c2a856b22bfc0bc8312be049ba0d1389d090bab1fc41d840`

32761

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`1.83876`
Detected Filetype	Cursor file
MD5	`a2baa01ccdea3190e4998a54dbc202a4`
SHA1	`e8217df98038141ab4e449cb979b1c3bbea12da3`
SHA256	`c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710`
SHA3	`8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc`
Preview

32762

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`1.91924`
Detected Filetype	Cursor file
MD5	`aff0f5e372bd49ceb9f615b9a04c97df`
SHA1	`e3205724d7ee695f027ab5ea8d8e1a453aaad0dd`
SHA256	`b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c`
SHA3	`9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712`
Preview

32763

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`48e064acaba0088aa097b52394887587`
SHA1	`310b283d52aa218e77c0c08db694c970378b481d`
SHA256	`43f40dd5140804309a4c901ec3c85b54481316e67a6fe18beb9d5c0ce3a42c3a`
SHA3	`38753084b0ada40269914e80dbacf7656dc94764048bd5dff649b08b700f3ed5`
Preview

32764

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`1ae28d964ba1a2b1b73cd813a32d4b40`
SHA1	`8883cd93b8ef7c15928177de37711f95f9e4cd22`
SHA256	`ff47a48c11c234903a7d625cb8b62101909f735ad84266c98dd4834549452c39`
SHA3	`a85dadd416ce2d22aa291c0794c45766a0613b853c6e3b884a2b05fc791427b8`
Preview

32765

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`0893f6ba80d82936ebe7a8216546cd9a`
SHA1	`0754cbdf56c53de9ed7fbd47859d20b788c6f056`
SHA256	`a0adcedb82b57089f64e2857f97cefd6cf25f4d27eefc6648bda83fd5fef66bb`
SHA3	`ce6148ade08ef9b829f83cb13b4c650d9d4a7012bfd1ab697a7870a05f4104f8`
Preview

32766

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`dcaa3c032fe97281b125d0d8f677c219`
SHA1	`58fe36409f932549e2f101515abee7a40cf47b2c`
SHA256	`6e1e7738a1b6373d8829f817915822ef415a1727bb5bb7cfe809e31b3c143ac5`
SHA3	`02ef292e1b4a70e439e362af6b4fa213e3816ade45222b78dabab712b6afba54`
Preview

32767

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`a95c7c78d0a0b30b87e3c4976e473508`
SHA1	`b19f3999f1b302a2d28977cb18a3416c918d486c`
SHA256	`326c048595bbc72e3f989cb3b95fbf09dc83739ced3cb13eb6f03336f95d74f1`
SHA3	`8157b4e6afa7ed2e2ffc174d655bec9fb81db609e4c5864faa5ead931ff60689`
Preview

MAINICON

Type	`RT_GROUP_ICON`
Language	English - Australia
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1998-Dec-15 09:18:50
Entropy	`2.39546`
Detected Filetype	Icon file
MD5	`36a8cdc2ed9a5d7b5ec00c02397adcdd`
SHA1	`e82d0fc3a5890d330ddf20c46852d700497ddc29`
SHA256	`5d981de38019cb97e39897dee697971aa2046cd402e67a02e424258ef492660e`
SHA3	`f973ada4f704a4f51e6a2c9313241264fbc0a847af436005cf9584e146b56eb5`

String Table contents

Ctrl+
Alt+
Unable to insert a line
Clipboard does not support Icons
Text exceeds memo capacity
There is no default printer currently selected
Bits index out of range
Menu '%s' is already being used by another form
BkSp
Tab
Esc
Enter
Space
PgUp
PgDn
End
Home
Left
Up
Right
Down
Ins
Del
Shift+
Cannot drag a form
Warning
Error
Information
Confirm
&Yes
&No
OK
Cancel
&Help
&Abort
&Retry
&Ignore
&All
N&o to All
Y&es to All
Error creating window device context
Error creating window class
Cannot focus a disabled or invisible window
Control '%s' has no parent window
Cannot hide an MDI Child Form
Cannot change Visible in OnShow or OnHide
Menu index out of range
Menu inserted twice
Sub-menu is not in menu
Printer is not currently printing
Printing in progress
Printer selected is not valid
%s on %s
GroupIndex cannot be less than a previous menu item's GroupIndex
Cannot create form. No MDI forms are currently active
A control cannot have itself as its parent
String list does not allow duplicates
A component named %s already exists
''%s'' is not a valid component name
A class named %s already exists
Invalid property value
Invalid property path
Property does not exist
Property is read-only
Error reading %s.%s: %s
Ancestor for '%s' not found
Bitmap image is not valid
Icon image is not valid
Cannot change the size of an icon
Out of system resources
Canvas does not allow drawing
Invalid ImageList
Friday
Saturday
Cannot assign a %s to a %s
Cannot create file %s
Cannot open file %s
Stream read error
Stream write error
Out of memory while expanding memory stream
Can't write to a read-only resource stream
Class %s not found
Invalid stream format
Resource %s not found
List index out of bounds (%d)
List capacity out of bounds (%d)
List count out of bounds (%d)
Operation not allowed on sorted string list
September
October
November
December
Sun
Mon
Tue
Wed
Thu
Fri
Sat
Sunday
Monday
Tuesday
Wednesday
Thursday
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
January
February
March
April
May
June
July
August
Format result longer than 4096 characters
Error creating variant array
Variant is not an array
Variant array index out of bounds
External exception %x
Assertion failed
Interface not supported
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
Win32 Error. Code: %d.
%s
A Win32 API function failed
Jan
Feb
Mar
Apr
Floating point underflow
Invalid pointer operation
Invalid class typecast
Access violation at address %p. %s of address %p
Stack overflow
Control-C hit
Privileged instruction
Exception %s in module %s at %p.
%s%s
Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
Invalid variant type conversion
Invalid variant operation
Variant method calls not supported
Read
Write
'%s' is not a valid floating point value
Out of memory
I/O error %d
File not found
Invalid filename
Too many open files
File access denied
Read beyond end of file
Disk full
Invalid numeric input
Division by zero
Range check error
Integer overflow
Invalid floating point operation
Floating point division by zero
Floating point overflow

Version Info

TLS Callbacks

StartAddressOfRawData	`0x439000`
EndAddressOfRawData	`0x439008`
AddressOfIndex	`0x4354ac`
AddressOfCallbacks	`0x43a010`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`(EMPTY)`

Load Configuration

RICH Header

Errors

[*] Warning: Section BSS has a size of 0!
[*] Warning: Section .tls has a size of 0!