Manalyze report for 513e2748df6126fb249bf0f15fea6489

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2025-Apr-02 08:59:56
Detected languages	English - United States
CompanyName	Developer Tools
FileDescription	Adobe Integration Management Utility - System configuration tool
FileVersion	`1.0.0.0`
InternalName	DirtyAdobePatch.exe
LegalCopyright	Copyright (C) 2023
OriginalFilename	DirtyAdobePatch.exe
ProductName	Adobe Integration Manager
ProductVersion	`1.0.0.0`
Comments	This utility configures system settings for Adobe products.
LegalTrademarks	This program follows Windows application development best practices.

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryW` `Can access the registry: RegOpenKeyExW RegEnumKeyExW RegCloseKey RegQueryValueExW` `Possibly launches other programs: CreateProcessW`
Malicious	The program tries to mislead users about its origins.	`The PE pretends to be from Adobe but is not signed!`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`513e2748df6126fb249bf0f15fea6489`
SHA1	`55be2be2f825fbf8365241c0af9addc9a8712eda`
SHA256	`1bbd7ff2f040e91a3290c10337bc0999dbc62b0ac65ba62282d0b70511521701`
SHA3	`f79d49e71a10896587564fb76df6c5c3f3cc3aa86c9682fa3ea52dfb09e74121`
SSDeep	`6144:4ytaqsVk/mRJXnOHnc8zqLxhBdWwQma1XHj:4xFO8xFWwi`
Imports Hash	`04435e2b18075b4bdae3233f2fd9e0e7`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2025-Apr-02 08:59:56
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x2cc00`
SizeOfInitializedData	`0x34600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000002B21C (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x64000`
SizeOfHeaders	`0x400`
Checksum	`0x62dd5`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`65a85ee7c2020d95a72cd5b1f877496f`
SHA1	`8d80640f1305c2db567e9abff50a17eaef23b17c`
SHA256	`fde0a4613fce10f8842b3bfaa66115c6642243e02c3f3d486ea411f5363facff`
SHA3	`3c2a3e1cafeaa2a857870f4a4d48b4d666aba67864e98f56008c68bce2d6dc62`
VirtualSize	`0x2caef`
VirtualAddress	`0x1000`
SizeOfRawData	`0x2cc00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.53621`

.rdata

MD5	`b54602281ae40dcf741ac57263b777cd`
SHA1	`6f3eaae7910de731a062b406a1476b6f0677d957`
SHA256	`35b422be09c246424594ff456d945fd543d7305cd8dabeda5b7124310d3102a4`
SHA3	`805fffc7aedcdec038658c2a56553b1c996073dee8c91e4c91a79ab2a982e067`
VirtualSize	`0xcf52`
VirtualAddress	`0x2e000`
SizeOfRawData	`0xd000`
PointerToRawData	`0x2d000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.76193`

.data

MD5	`b63b92e436bae3bdff95e6e5b2226317`
SHA1	`24fca5a93f51985c11cb2bbac81f922611685d67`
SHA256	`0097c789d594884e170b41b81429e7d876892b5cdf61356420be478aadd3d99f`
SHA3	`ded1aaac76483be63912f614777d116712fee93607c9356554c30566d0caebe1`
VirtualSize	`0xdd0`
VirtualAddress	`0x3b000`
SizeOfRawData	`0x800`
PointerToRawData	`0x3a000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.52268`

.pdata

MD5	`5d227cec9b0e71e3eedb9281c54348be`
SHA1	`abad662f9c3e5a477a751cd4f00b7814eab038d1`
SHA256	`79e4d76e09f4ab24d3d6eec9039689bd9a05bbdf0ce7999d8ee08b6083137cc6`
SHA3	`deeee292506e8ba668517391a8eedfaaa1c898face129ce11ef7cf559cb264a4`
VirtualSize	`0x4bb4`
VirtualAddress	`0x3c000`
SizeOfRawData	`0x4c00`
PointerToRawData	`0x3a800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.23934`

.rsrc

MD5	`a0252329787b1de761f444085c4ee750`
SHA1	`42148d0afd4bf97a9aef3f61784c59abef5c03b2`
SHA256	`7440bec2b34e2e24c1a113cd48315414a21dfd61a025dadb9c1342d0c9020feb`
SHA3	`5bd81388551dc68b770a73378fd4c7c20ab686ae2d93764ee094bf9b563eb3ea`
VirtualSize	`0x21e2c`
VirtualAddress	`0x41000`
SizeOfRawData	`0x22000`
PointerToRawData	`0x3f400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.94254`

.reloc

MD5	`4bbe6e933e4343c43b28c14002a26aae`
SHA1	`6035fe0a82ed5958ca07f370a6abd317d4378111`
SHA256	`78fbb4bf496438d8d1ec710752e6237bebe3aaa2ceb43c95c6387989cfe22901`
SHA3	`522d7c7ba33e5f9b7cd82ecae74464ebc97fc77a9ac2275b18fe0d5813a5bf2f`
VirtualSize	`0x148`
VirtualAddress	`0x63000`
SizeOfRawData	`0x200`
PointerToRawData	`0x61400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`3.89267`

Imports

KERNEL32.dll	`GetExitCodeProcess` `CreateProcessW` `GetModuleHandleW` `GetProcAddress` `LoadLibraryW` `MultiByteToWideChar` `GetCurrentProcess` `GetConsoleMode` `SetConsoleMode` `SetConsoleCP` `SetConsoleOutputCP` `GetConsoleScreenBufferInfo` `SetConsoleTextAttribute` `GetSystemTimeAsFileTime` `WaitForSingleObject` `GetLastError` `CloseHandle` `WideCharToMultiByte` `GetStdHandle` `GetCurrentThreadId` `GetCurrentProcessId` `QueryPerformanceCounter` `TerminateProcess` `IsProcessorFeaturePresent` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `IsDebuggerPresent` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `RtlCaptureContext` `GetFileInformationByHandleEx` `CopyFileW` `AreFileApisANSI` `GetFileInformationByHandle` `GetFileAttributesExW` `FindNextFileW` `FindFirstFileExW` `FindFirstFileW` `FindClose` `CreateFileW` `GetLocaleInfoEx` `FormatMessageA` `LocalFree` `InitializeSListHead`
ADVAPI32.dll	`RegOpenKeyExW` `RegEnumKeyExW` `RegCloseKey` `RegQueryValueExW`
MSVCP140.dll	`?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z` `?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z` `?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ` `?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z` `?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z` `?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z` `?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ` `?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ` `?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z` `?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z` `?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ` `?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBAPEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ` `?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z` `?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WXZ` `?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z` `?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ` `??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z` `??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z` `??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_K@Z` `?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z` `?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ` `??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z` `?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?id@?$ctype@_W@std@@2V0locale@2@A` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?wcout@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A` `?wcerr@std@@3V?$basic_ostream@_WU?$char_traits@_W@std@@@1@A` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `??0_Lockit@std@@QEAA@H@Z` `??1_Lockit@std@@QEAA@XZ` `?_Xbad_alloc@std@@YAXXZ` `?_Xlength_error@std@@YAXPEBD@Z` `?_Xout_of_range@std@@YAXPEBD@Z` `?_Xruntime_error@std@@YAXPEBD@Z` `?uncaught_exceptions@std@@YAHXZ` `?_Syserror_map@std@@YAPEBDH@Z` `?_Winerror_map@std@@YAHH@Z` `??0_Locinfo@std@@QEAA@HPEBD@Z` `??1_Locinfo@std@@QEAA@XZ` `?_Getname@_Locinfo@std@@QEBAPEBDXZ` `??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z` `??Bid@locale@std@@QEAA_KXZ` `?_New_Locimp@_Locimp@locale@std@@CAPEAV123@_N@Z` `?_Makeloc@_Locimp@locale@std@@CAPEAV123@AEBV_Locinfo@3@HPEAV123@PEBV23@@Z` `?global@locale@std@@SA?AV12@AEBV12@@Z` `?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z` `?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ` `?always_noconv@codecvt_base@std@@QEBA_NXZ` `?widen@?$ctype@_W@std@@QEBA_WD@Z` `?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `??Bios_base@std@@QEBA_NXZ` `?good@ios_base@std@@QEBA_NXZ` `?flags@ios_base@std@@QEBAHXZ` `?width@ios_base@std@@QEBA_JXZ` `?width@ios_base@std@@QEAA_J_J@Z` `?getloc@ios_base@std@@QEBA?AVlocale@2@XZ` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ` `?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ`
VCRUNTIME140.dll	`memcmp` `memchr` `__current_exception` `__current_exception_context` `__C_specific_handler` `memcpy` `memmove` `__std_exception_destroy` `__std_exception_copy` `memset` `_CxxThrowException`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
api-ms-win-crt-runtime-l1-1-0.dll	`abort` `_get_initial_narrow_environment` `_c_exit` `_initterm` `_initterm_e` `__p___argv` `terminate` `__p___argc` `_configure_narrow_argv` `_initialize_narrow_environment` `_invalid_parameter_noinfo_noreturn` `_initialize_onexit_table` `exit` `_register_onexit_function` `_crt_atexit` `_register_thread_local_exe_atexit_callback` `_seh_filter_exe` `_cexit` `_exit` `_set_app_type`
api-ms-win-crt-string-l1-1-0.dll	`strcmp` `strlen` `wcslen` `towlower` `iswalnum`
api-ms-win-crt-stdio-l1-1-0.dll	`_isatty` `fclose` `fflush` `fgetc` `fgetpos` `fputc` `fread` `fsetpos` `_fseeki64` `fwrite` `setvbuf` `ungetc` `_get_stream_buffer_pointers` `__p__commode` `_set_fmode` `_fileno` `__acrt_iob_func`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr` `ceilf`
api-ms-win-crt-heap-l1-1-0.dll	`free` `malloc` `_callnewh` `_set_new_mode`
api-ms-win-crt-environment-l1-1-0.dll	`_wdupenv_s` `_wputenv_s`
api-ms-win-crt-filesystem-l1-1-0.dll	`_lock_file` `_unlock_file`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale` `___lc_codepage_func`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2d9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.68094`
Detected Filetype	PNG graphic file
MD5	`2c5f00aa75e68c1c965ab1a0da5c72a7`
SHA1	`f0cc65f6b265a6c0ffe24c73f853252d95e7623a`
SHA256	`9de92aca7ea8dede90ed844443bec090d39b5331b169cbc667819cc9282f310e`
SHA3	`e11f0d5ca0414268ca2d68251c5624be785080627a652c5554d2f28d8fe119b0`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x497`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.82684`
Detected Filetype	PNG graphic file
MD5	`93d6bda74083599fcc98ce49c07491ab`
SHA1	`4c3f6cb7cb4e31cdd6ece1108cd2d05ca0994cb0`
SHA256	`2f05695b6325a68ed474f670ffbef14bb354995ea2e8c15e43676bdce9c5df6d`
SHA3	`e1ae3a0d3083bc1afdfd589089856596cc0f1a051f3744902371951712d9730d`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x65d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.83351`
Detected Filetype	PNG graphic file
MD5	`10c51ecaccee16e7b135d2047401f2e0`
SHA1	`87ffff7a4310b014eade5d23cb2b8985784ed12c`
SHA256	`0691f0a99446e92a926ef4f0da192556a6da38150515ab12608b379b322be577`
SHA3	`60f26e5b2f23a1feafe5d81fd4ca4c7aadac6ce231b606a7f2370e83da8c56da`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xa55`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91675`
Detected Filetype	PNG graphic file
MD5	`646d5a79b19daad3426c68b4a18d381d`
SHA1	`1b25ab4c65062a6322d3d16caceb0304f9f4b523`
SHA256	`975bbb64768c3446e3cbe31e3c8c023b924bc228fa6a5693879b59c5a6c33581`
SHA3	`58bb2d2fe7ea6a45274bbfc046681c30d267c1f4e70745df5cc9499d4bf5d690`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xed9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91354`
Detected Filetype	PNG graphic file
MD5	`39dfa917b3ece605b2ba90f2a1b2b324`
SHA1	`0800168b0cc8aec378c9c8047f003b22dded0a4d`
SHA256	`0797e67b6fede8a480352d210f73a0aec0ebb8d4127693217343f5ae24968891`
SHA3	`8508d09ffd71bc5ad16d637f421c70e168bc87047f62532787a80aa75520b4c4`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x19dc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.954`
Detected Filetype	PNG graphic file
MD5	`f83271e6cf173ba857137298eb87abf2`
SHA1	`a104d78bc4e2949ed2bc4ea85f8b18087026183c`
SHA256	`7e26a5145c2c51d669637f57c400b2b7aa809f51c9331d6713fc280c00af5278`
SHA3	`d2220f32d35142b592396cac091f378cdac283897ae6835012f12a09030d77bc`

7

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x265b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9509`
Detected Filetype	PNG graphic file
MD5	`b6b101d18551b081715e009afeccf194`
SHA1	`cad5742716bcebea8af31d068cc8c03f1818fd06`
SHA256	`462814b6148d2065fc162670b72b17ba0c7ee08fef317fd48baf12314bb5e449`
SHA3	`160b58a295f28ffd12122d886a3b79655016c71a2f22740489cee658a6014242`

8

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x6509`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94365`
Detected Filetype	PNG graphic file
MD5	`baa7368d9b8ef8e18212e766c4e27b0a`
SHA1	`ef2357b8f54cebf1f4832f0d1d88f4be8d5fd050`
SHA256	`089af4acf51391d5f503d8c7b6aa6f4f395a90a2c1722fd0653c238d8c3519a5`
SHA3	`bbf714782d6f3d29408168a223447bf33a625a5fceed821e97ad6996400c114e`

9

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x146d2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96103`
Detected Filetype	PNG graphic file
MD5	`ae08bbf52a49541bc5e1f7cc2b698c51`
SHA1	`82425bb082bd8e8e46eb8f612c80f5dca1f65649`
SHA256	`af2922afb59148ff1676ad7eebb0710e8081787de999894c713e62c446deeb7f`
SHA3	`04049eb4264423f829e99320ec14edd0fbd2557ab17558e809ed6d97a1feb0f9`

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99229`
Detected Filetype	Icon file
MD5	`e64635cfbd537cbf4b6a31e6afadd59e`
SHA1	`2042af0f89ce73755d8d91f3287a2cf413172746`
SHA256	`9400130456e6c05fceb377a6f7a2489baf423dfa18c31b83785ad81a8778351b`
SHA3	`22f90c6b31114f9a395bad16cdc26ccd1c3fab106c2bdadd802ac2b879075543`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41133`
MD5	`8ccafa5887a8991b1a3895edc6928595`
SHA1	`289d4a82799538684ae0d0d2b6aea8f7c8d0fa0e`
SHA256	`3f0393683c4976723c81e618ec5697b7152be0164bf666931a5fcdfc8b1c3158`
SHA3	`4a78cd2b67dbaf02af1d930a8dfbfc08bc9fe2a44fa55b41e441d289822465fb`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x32f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.06358`
MD5	`724c0b124abf8ad7a1cab2d346727ee7`
SHA1	`353dfb4dfaca67dacea0f7b476b6c7a99960bf6a`
SHA256	`8bdc00b8f18966cc736f2aba2f1c7025d780b73961d1d9417277c998a6f75421`
SHA3	`907d4b0046b8b2e80c7bdcb812a73c51d3cdd52aa7f46394239a3fb99b835c69`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Developer Tools
FileDescription	Adobe Integration Management Utility - System configuration tool
FileVersion (#2)	1.0.0.0
InternalName	DirtyAdobePatch.exe
LegalCopyright	Copyright (C) 2023
OriginalFilename	DirtyAdobePatch.exe
ProductName	Adobe Integration Manager
ProductVersion (#2)	1.0.0.0
Comments	This utility configures system settings for Adobe products.
LegalTrademarks	This program follows Windows application development best practices.

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Apr-02 08:59:56
Version	`0.0`
SizeofData	`800`
AddressOfRawData	`0x3633c`
PointerToRawData	`0x3533c`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14003b040`

RICH Header

XOR Key	`0x8b539f66`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`16`
ASM objects (34321)	`4`
C objects (34321)	`10`
C++ objects (34321)	`33`
Imports (34321)	`6`
Imports (30795)	`5`
Total imports	`247`
C++ objects (34618)	`1`
Resource objects (34618)	`1`
Linker (34618)	`1`

513e2748df6126fb249bf0f15fea6489

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

101

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_POGO

TLS Callbacks

Load Configuration

RICH Header

Errors