Manalyze report for 586c328af60cdca1a7fb20afe46a29a9

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2019-Dec-01 08:36:04
Detected languages	Chinese - PRC

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0`
Suspicious	PEiD Signature:	`ASPack v2.12`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to internet browsers: iexplore.exe` `May have dropper capabilities: CurrentControlSet\Services CurrentVersion\Run` `Contains another PE executable: This program cannot be run in DOS mode.`
Suspicious	The PE is possibly packed.	`Unusual section name found: T\xe5}{\xa3ua` `Section T\xe5}{\xa3ua is both writable and executable.`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Can access the registry: RegCloseKey RegQueryValueExA RegOpenKeyExA RegSetValueExA RegCreateKeyA RegCreateKeyExA RegQueryValueA` `Possibly launches other programs: WinExec ShellExecuteA` `Uses functions commonly found in keyloggers: GetForegroundWindow CallNextHookEx` `Leverages the raw socket API to access the Internet: inet_ntoa WSACleanup closesocket WSAAsyncSelect recvfrom ioctlsocket recv getpeername accept ntohl` `Enumerates local disk drives: GetVolumeInformationA` `Can take screenshots: GetDC BitBlt CreateCompatibleDC` `Reads the contents of the clipboard: GetClipboardData`
Malicious	VirusTotal score: 66/72 (Scanned on 2024-04-03 13:53:14)	`ALYac: Dropped:Trojan.Downloader.JQJR` `APEX: Malicious` `AVG: Other:Malware-gen [Trj]` `Acronis: suspicious` `AhnLab-V3: Win32/VJadtre.Gen` `Alibaba: Trojan:Win32/Mikcer.35a` `Antiy-AVL: Virus/Win32.Nimnul.f` `Arcabit: Trojan.Downloader.JQJR` `Avast: Other:Malware-gen [Trj]` `Avira: W32/Jadtre.B` `BitDefender: Dropped:Trojan.Downloader.JQJR` `BitDefenderTheta: Gen:NN.ZexaF.36802.9uWbaSeASImb` `Bkav: W32.FamVT.DumpModuleInfectiousNME.PE` `ClamAV: Win.Malware.Wapomi-10020301-0` `CrowdStrike: win/malicious_confidence_100% (W)` `Cybereason: malicious.af60cd` `Cylance: unsafe` `Cynet: Malicious (score: 100)` `DeepInstinct: MALICIOUS` `DrWeb: Trojan.Siggen8.64210` `ESET-NOD32: Win32/Wapomi.BA` `Elastic: malicious (high confidence)` `Emsisoft: Dropped:Trojan.Downloader.JQJR (B)` `F-Secure: Malware.W32/Jadtre.B` `FireEye: Generic.mg.586c328af60cdca1` `Fortinet: W32/CoinMiner.EC2B!tr` `GData: Win32.Virus.Wapomi.A` `Google: Detected` `Gridinsoft: Trojan.Heur!.03002201` `Ikarus: Trojan.Win32` `Jiangmin: Win32/Nimnul.f` `K7AntiVirus: Virus ( 0040f7441 )` `K7GW: Virus ( 0040f7441 )` `Kaspersky: Virus.Win32.Nimnul.f` `Kingsoft: Win32.Infected.AutoInfector.a` `Lionic: Virus.Win32.Nimnul.m1R5` `MAX: malware (ai score=85)` `Malwarebytes: Generic.Malware.AI.DDS` `MaxSecure: Virus.Nimnul.F` `McAfee: W32/Kudj` `MicroWorld-eScan: Dropped:Trojan.Downloader.JQJR` `Microsoft: Virus:Win32/Mikcer.B` `NANO-Antivirus: Trojan.Win32.Banload.cstqaj` `Panda: W32/Pcarrier.A` `Rising: Virus.Roue!1.9E10 (CLASSIC)` `Sangfor: Suspicious.Win32.Save.ins` `SentinelOne: Static AI - Malicious PE` `Skyhigh: BehavesLike.Win32.Generic.dz` `Sophos: W32/Nimnul-A` `Symantec: W32.Wapomi.C!inf` `TACHYON: Virus/W32.Ramnit.C` `Tencent: Virus.Win32.Loader.aab` `Trapmine: malicious.high.ml.score` `TrendMicro: PE_WAPOMI.BM` `TrendMicro-HouseCall: PE_WAPOMI.BM` `VBA32: Virus.Nimnul.19209` `VIPRE: Dropped:Trojan.Downloader.JQJR` `Varist: W32/PatchLoad.E` `ViRobot: Win32.Ramnit.F` `VirIT: Win32.Nimnul.F` `Xcitium: Virus.Win32.Wali.KA@558nxg` `Zillya: Virus.Nimnul.Win32.5` `ZoneAlarm: Virus.Win32.Nimnul.f` `Zoner: Probably Heur.ExeHeaderL` `alibabacloud: Virus:Win/Jadtre.A(dyn)` `tehtris: Generic.Malware`

Hashes

MD5	`586c328af60cdca1a7fb20afe46a29a9`
SHA1	`84d0694cf4d0052b3a6fab99dcfe6a08918ca907`
SHA256	`55713e783586a37496c0f6bb7891dfcf22c3eda867889affc83ae258592bfa60`
SHA3	`e37af9fceb42946c813b2d1b2038e011f26e0878b7e4aea151bc3226eba3b98e`
SSDeep	`6144:xc0tleVSFX6weodv4pEoAhzmUgEJuLZ2nYZ2w8:xc0tleVSFqcuEKbEI`
Imports Hash	`a11349eb1afc16d45e7c03eef9d5c06e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2019-Dec-01 08:36:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0xbf000`
SizeOfInitializedData	`0x5b000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00116000 (Section: T\xe5}{\xa3ua)`
BaseOfCode	`0x1000`
BaseOfData	`0xbb000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x11b000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`813d5644d83ee04d5461255398e1981a`
SHA1	`a46122da1116ce901e5ae01e493c917a9e33cb43`
SHA256	`e2200eed85b1d70b8b9271466ba8ff120688ab333489b676fcdb5ba9cddb04a7`
SHA3	`9f6dc16fb5cb847d9393d5b03b996aa80f7d409fcf3767ddd94af1ddad6199a0`
VirtualSize	`0xb9fe6`
VirtualAddress	`0x1000`
SizeOfRawData	`0xba000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`2.56244`

.rdata

MD5	`cb3fb96a54f19aca100bf428c81ebfed`
SHA1	`64c91116996225a4f195a0689fde3074523bd191`
SHA256	`a7167ba902b6ed6bbbc51ea31a1a54e6a2196877ee0ff90073178a2a8e84d886`
SHA3	`aab3a9760527d9a9ae7a771b427369b1c46630ea9cd6bee3aad029bad7cfeb19`
VirtualSize	`0x16fc0`
VirtualAddress	`0xbb000`
SizeOfRawData	`0x17000`
PointerToRawData	`0xbb000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.39655`

.data

MD5	`ee11317665fe0d679deb2811eccd7e56`
SHA1	`61480c6dbf7caa29325c8632c547f6a49b8b6bab`
SHA256	`d2100c90aa639800c678c57550c032c39d93e742f8b84a7f1d27d7e628dfb5d8`
SHA3	`fcb9319cd1c9a2010a7af7de0b1110345e56cda143ff9f3f1cb52a5e058f3223`
VirtualSize	`0x3de68`
VirtualAddress	`0xd2000`
SizeOfRawData	`0x18000`
PointerToRawData	`0xd2000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.78739`

.rsrc

MD5	`4205e4e753dd89412ab67e2e57c77aa4`
SHA1	`5218ce6c8e3c8d13faf9669c9da1c542651d2ba6`
SHA256	`752d8e36da5b5a0613e8f26bfb358e58cde8ff8f002a960e15d4b8dd1b1fbd50`
SHA3	`0926978d623df7612b2d17617133e3ec4e118a2a15261a157cf567cd93407433`
VirtualSize	`0x5d10`
VirtualAddress	`0x110000`
SizeOfRawData	`0x6000`
PointerToRawData	`0xea000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.75693`

T\xe5}{\xa3ua

MD5	`a657e6e362fee7b34a4108dccc1bdc27`
SHA1	`ac243e3e0d2ac4f628e4d065bee9a6f8ed821893`
SHA256	`673dc6b10b1ba55cf0f521d08c23cd7de977b5eb5fd8231b00c3fbaa7f292036`
SHA3	`48ec7ed15987cae7307492fc2e24d5735906fcc471b59444f815fad0669d40fc`
VirtualSize	`0x5000`
VirtualAddress	`0x116000`
SizeOfRawData	`0x5000`
PointerToRawData	`0xf0000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.03779`

Imports

KERNEL32.dll	`GetEnvironmentStringsW` `GetEnvironmentStrings` `FreeEnvironmentStringsW` `FreeEnvironmentStringsA` `UnhandledExceptionFilter` `GetACP` `HeapSize` `TerminateProcess` `RaiseException` `GetLocalTime` `GetSystemTime` `GetTimeZoneInformation` `RtlUnwind` `GetStartupInfoA` `GetOEMCP` `GetCPInfo` `GetProcessVersion` `SetErrorMode` `GlobalFlags` `GetCurrentThread` `SetHandleCount` `GetFileTime` `GetFileSize` `TlsGetValue` `LocalReAlloc` `TlsSetValue` `TlsFree` `GlobalHandle` `TlsAlloc` `LocalAlloc` `lstrcmpA` `GetVersion` `GlobalGetAtomNameA` `GlobalAddAtomA` `GlobalFindAtomA` `GlobalDeleteAtom` `lstrcmpiA` `SetEndOfFile` `UnlockFile` `LockFile` `FlushFileBuffers` `SetFilePointer` `GetCurrentProcess` `DuplicateHandle` `lstrcpynA` `SetLastError` `FileTimeToLocalFileTime` `FileTimeToSystemTime` `LocalFree` `InterlockedDecrement` `InterlockedIncrement` `GetStdHandle` `GetFileType` `GetEnvironmentVariableA` `HeapDestroy` `HeapCreate` `VirtualFree` `SetEnvironmentVariableA` `LCMapStringA` `LCMapStringW` `VirtualAlloc` `IsBadWritePtr` `GetStringTypeA` `GetStringTypeW` `SetUnhandledExceptionFilter` `CompareStringA` `CompareStringW` `IsBadReadPtr` `IsBadCodePtr` `SetStdHandle` `SuspendThread` `TerminateThread` `ReleaseMutex` `CreateMutexA` `CreateSemaphoreA` `ResumeThread` `ReleaseSemaphore` `EnterCriticalSection` `LeaveCriticalSection` `GetProfileStringA` `WriteFile` `WaitForMultipleObjects` `CreateFileA` `SetEvent` `FindResourceA` `LoadResource` `LockResource` `ReadFile` `lstrlenW` `GetModuleFileNameA` `WideCharToMultiByte` `MultiByteToWideChar` `GetCurrentThreadId` `ExitProcess` `GlobalSize` `GlobalFree` `DeleteCriticalSection` `InitializeCriticalSection` `lstrcatA` `lstrlenA` `WinExec` `lstrcpyA` `FindNextFileA` `GlobalReAlloc` `HeapFree` `HeapReAlloc` `GetProcessHeap` `HeapAlloc` `GetUserDefaultLCID` `GetFullPathNameA` `FreeLibrary` `LoadLibraryA` `GetLastError` `GetVersionExA` `WritePrivateProfileStringA` `CreateThread` `CreateEventA` `Sleep` `ExpandEnvironmentStringsA` `GlobalAlloc` `GlobalLock` `GlobalUnlock` `FindFirstFileA` `FindClose` `GetFileAttributesA` `MoveFileA` `DeleteFileA` `CreateDirectoryA` `SetCurrentDirectoryA` `GetVolumeInformationA` `GetModuleHandleA` `GetProcAddress` `MulDiv` `GetCommandLineA` `GetTickCount` `WaitForSingleObject` `CloseHandle`
USER32.dll	`LoadIconA` `TranslateMessage` `DrawFrameControl` `DrawEdge` `DrawFocusRect` `WindowFromPoint` `GetMessageA` `DispatchMessageA` `SetRectEmpty` `RegisterClipboardFormatA` `CreateIconFromResourceEx` `CreateIconFromResource` `DrawIconEx` `CreatePopupMenu` `AppendMenuA` `ModifyMenuA` `CreateMenu` `CreateAcceleratorTableA` `GetDlgCtrlID` `GetSubMenu` `EnableMenuItem` `ClientToScreen` `EnumDisplaySettingsA` `LoadImageA` `SystemParametersInfoA` `ShowWindow` `IsWindowEnabled` `TranslateAcceleratorA` `GetKeyState` `CopyAcceleratorTableA` `PostQuitMessage` `IsZoomed` `GetClassInfoA` `DefWindowProcA` `GetMenu` `SetMenu` `PeekMessageA` `IsIconic` `SetFocus` `GetActiveWindow` `GetWindow` `DestroyAcceleratorTable` `SetWindowRgn` `GetMessagePos` `ScreenToClient` `ChildWindowFromPointEx` `CopyRect` `LoadBitmapA` `WinHelpA` `KillTimer` `SetTimer` `ReleaseCapture` `GetCapture` `SetCapture` `GetScrollRange` `SetScrollRange` `SetScrollPos` `SetRect` `InflateRect` `IntersectRect` `DestroyIcon` `PtInRect` `OffsetRect` `IsWindowVisible` `EnableWindow` `UnregisterClassA` `GetWindowLongA` `SetWindowLongA` `GetSysColor` `SetActiveWindow` `SetCursorPos` `LoadCursorA` `SetCursor` `GetDC` `FillRect` `IsRectEmpty` `ReleaseDC` `IsChild` `DestroyMenu` `SetForegroundWindow` `GetWindowRect` `EqualRect` `UpdateWindow` `ValidateRect` `InvalidateRect` `GetClientRect` `GetFocus` `GetParent` `GetTopWindow` `PostMessageA` `GetWindowTextA` `GetWindowTextLengthA` `CharUpperA` `GetWindowDC` `BeginPaint` `EndPaint` `TabbedTextOutA` `DrawTextA` `GrayStringA` `GetDlgItem` `DestroyWindow` `CreateDialogIndirectParamA` `EndDialog` `GetNextDlgTabItem` `GetWindowPlacement` `RegisterWindowMessageA` `GetForegroundWindow` `GetLastActivePopup` `GetMessageTime` `RemovePropA` `CallWindowProcA` `GetPropA` `UnhookWindowsHookEx` `SetPropA` `GetClassLongA` `CallNextHookEx` `SetWindowsHookExA` `CreateWindowExA` `GetMenuItemID` `GetMenuItemCount` `RegisterClassA` `GetScrollPos` `AdjustWindowRectEx` `MapWindowPoints` `SendDlgItemMessageA` `ScrollWindowEx` `IsDialogMessageA` `SetWindowTextA` `MoveWindow` `CheckMenuItem` `SetMenuItemBitmaps` `GetMenuState` `GetMenuCheckMarkDimensions` `GetClassNameA` `GetDesktopWindow` `LoadStringA` `GetSysColorBrush` `IsWindow` `SetParent` `DestroyCursor` `SendMessageA` `SetWindowPos` `MessageBoxA` `GetCursorPos` `GetSystemMetrics` `EmptyClipboard` `SetClipboardData` `OpenClipboard` `GetClipboardData` `CloseClipboard` `wsprintfA` `RedrawWindow`
GDI32.dll	`GetTextMetricsA` `Escape` `ExtTextOutA` `TextOutA` `RectVisible` `PtVisible` `GetViewportExtEx` `ExtSelectClipRgn` `SetBkColor` `CreateRectRgnIndirect` `SetStretchBltMode` `GetClipRgn` `CreatePolygonRgn` `SelectClipRgn` `DeleteObject` `CreateDIBitmap` `GetSystemPaletteEntries` `CreatePalette` `StretchBlt` `SelectPalette` `RealizePalette` `GetDIBits` `GetWindowExtEx` `GetViewportOrgEx` `GetWindowOrgEx` `BeginPath` `EndPath` `PathToRegion` `CreateEllipticRgn` `CreateRoundRectRgn` `GetTextColor` `GetBkMode` `GetBkColor` `GetROP2` `GetStretchBltMode` `GetPolyFillMode` `CreateCompatibleBitmap` `CreateDCA` `CreateBitmap` `SelectObject` `CreatePen` `PatBlt` `CombineRgn` `CreateRectRgn` `FillRgn` `CreateSolidBrush` `CreateFontIndirectA` `GetStockObject` `GetObjectA` `EndPage` `EndDoc` `DeleteDC` `StartDocA` `ExcludeClipRect` `GetClipBox` `ScaleWindowExtEx` `SetWindowExtEx` `SetWindowOrgEx` `ScaleViewportExtEx` `SetViewportExtEx` `OffsetViewportOrgEx` `SetViewportOrgEx` `SetMapMode` `SetTextColor` `SetROP2` `SetPolyFillMode` `SetBkMode` `RestoreDC` `SaveDC` `StartPage` `BitBlt` `CreateCompatibleDC` `Ellipse` `Rectangle` `LPtoDP` `DPtoLP` `GetCurrentObject` `RoundRect` `GetTextExtentPoint32A` `GetDeviceCaps` `LineTo` `MoveToEx`
WINMM.dll	`midiStreamStop` `midiOutReset` `midiStreamClose` `waveOutRestart` `waveOutUnprepareHeader` `waveOutPrepareHeader` `waveOutWrite` `waveOutPause` `midiStreamRestart` `midiStreamOut` `midiOutPrepareHeader` `waveOutReset` `waveOutClose` `waveOutGetNumDevs` `waveOutOpen` `midiOutUnprepareHeader` `midiStreamOpen` `midiStreamProperty`
WINSPOOL.DRV	`ClosePrinter` `DocumentPropertiesA` `OpenPrinterA`
ADVAPI32.dll	`RegCloseKey` `RegQueryValueExA` `RegOpenKeyExA` `RegSetValueExA` `RegCreateKeyA` `RegCreateKeyExA` `RegQueryValueA`
SHELL32.dll	`ShellExecuteA` `Shell_NotifyIconA`
ole32.dll	`CLSIDFromProgID` `OleRun` `CoCreateInstance` `OleUninitialize` `OleInitialize` `CLSIDFromString`
OLEAUT32.dll	`SafeArrayGetUBound` `SafeArrayGetLBound` `SafeArrayGetDim` `SafeArrayUnaccessData` `SafeArrayAccessData` `SafeArrayGetElement` `VariantCopyInd` `VariantInit` `SysAllocString` `RegisterTypeLib` `LHashValOfNameSys` `LoadTypeLib` `UnRegisterTypeLib` `VariantClear` `VariantChangeType`
COMCTL32.dll	`ImageList_Destroy` `#17`
WS2_32.dll	`inet_ntoa` `WSACleanup` `closesocket` `WSAAsyncSelect` `recvfrom` `ioctlsocket` `recv` `getpeername` `accept` `ntohl`
comdlg32.dll	`GetSaveFileNameA` `GetOpenFileNameA` `ChooseColorA` `GetFileTitleA`

Delayed Imports

1

Type	`TEXTINCLUDE`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xb`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`74da4121dc1c0ed2a8e5b0741f824034`
SHA1	`e89931b7aa0422594a6876f9bd77450cdb6353ec`
SHA256	`71b6c1d53832f789a7f2435a7c629245fa3761ad8487775ebf4957330213a706`
SHA3	`8aca52847e66b1ed300b1465a9a253f9f74f2cf6df3c88c9caee389fea2d5ace`

2

Type	`TEXTINCLUDE`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x16`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`db46e81649d6863b16bd99ab139c865b`
SHA1	`60ab0dd2ef31cfb96d52fa0a429c3803417db5c2`
SHA256	`6a4875ddaceaa91fb3369f0f6d962f77442daf1b1d97733457d12bcabdf79441`
SHA3	`261ba2959b6abbc6d419b9837a17b463c571b02982a9c7a5f265858ea4f7f54c`

3

Type	`TEXTINCLUDE`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x151`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`402ffe63deabe286f6c3895b574fa973`
SHA1	`d359bf1d4aeb276b19543710b69fc9b4a71968a9`
SHA256	`3ad337042948f15072caf3da89730e6cc6d42657af2b2291806c4fd45ee1aae6`
SHA3	`304541a548f43e85a51f4296a90c0aa1385138205a4c5fe1c87eea4403bcad61`

1 (#2)

Type	`RT_CURSOR`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`a2a5bb0f1f0a8eb31a3c60a6ad28543f`
SHA1	`80ae948ca52e33a2dcd21779fa392266aa4cd8e1`
SHA256	`9575b2125169377b2ade7b401ea36c81228331d971f49664d9648d4f255d4868`
SHA3	`013abf10282fa58151b0e6c5359f78e6ffbc5426ff76f3229c8eacbaf1973e38`

2 (#2)

Type	`RT_CURSOR`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`a2a5bb0f1f0a8eb31a3c60a6ad28543f`
SHA1	`80ae948ca52e33a2dcd21779fa392266aa4cd8e1`
SHA256	`9575b2125169377b2ade7b401ea36c81228331d971f49664d9648d4f255d4868`
SHA3	`013abf10282fa58151b0e6c5359f78e6ffbc5426ff76f3229c8eacbaf1973e38`

3 (#2)

Type	`RT_CURSOR`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`a2a5bb0f1f0a8eb31a3c60a6ad28543f`
SHA1	`80ae948ca52e33a2dcd21779fa392266aa4cd8e1`
SHA256	`9575b2125169377b2ade7b401ea36c81228331d971f49664d9648d4f255d4868`
SHA3	`013abf10282fa58151b0e6c5359f78e6ffbc5426ff76f3229c8eacbaf1973e38`

4

Type	`RT_CURSOR`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xb4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`c402ea01f458a9dfb9e0fafa0c5eb21e`
SHA1	`3c606ec5158614d4171a0806646ab861b142e766`
SHA256	`10b2a66888c58a54b277fe2e68fb6e87150c3cd2c537b7f6a2d84559017438c7`
SHA3	`91b260ef685eaef11d601c34debbcd44f1c3980b2571482920e884092f82e666`

1031

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x248`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.67246`
MD5	`4e68d48e0b5c427c7ab78cf473741530`
SHA1	`f1594c91aaddbea1e6f65d387f9bae32a1bc564c`
SHA256	`040a6280de380f6dfcf9335e7789c109fe6dca63b7875dfdf53b94e58444bc35`
SHA3	`1529b7b296eeadc4916f4556fe8f26a7af91b48effab377d02847269405bc4cc`
Preview

1038

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23563`
MD5	`4f5d3abeaf37aa12daf334577d763cf8`
SHA1	`e9eab315798bb74fc12b0950011265e0e994876e`
SHA256	`5df58f862fdad1191048c43102b19d2f0a2a072dca2d4a15e0ff410cff74d1e3`
SHA3	`2ad2879352c2e7e50fc772d46bc3a50999e43ed35d478082527c0b5a0b3b6a36`
Preview

1138

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.04585`
MD5	`dd0af6c5fd56a99ce9ca0537163c9e03`
SHA1	`24962d723be667e24827b4da32b03e7cf66dedb6`
SHA256	`2e9312421129878352f70c143eab65f2936d781ce02c35997412e4e8a8bf8a91`
SHA3	`beb348bb9b9d9f4183327090b412ea0ae82ee0da0413914d9d285d972dbf6405`
Preview

1139

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`15120767b40b12ccc180202acd5b968a`
SHA1	`78f77558d7b485ccfe1d413a06d0a067fd8d629d`
SHA256	`7c7f15ed27de2f3a51d1da31356b27ea1be15370faa3caab96606e5390ebbd0e`
SHA3	`3e5a8cf51cab27ed39e93fca04b33c8cd29876749e41b72dea1846f24830c315`
Preview

1140

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`15120767b40b12ccc180202acd5b968a`
SHA1	`78f77558d7b485ccfe1d413a06d0a067fd8d629d`
SHA256	`7c7f15ed27de2f3a51d1da31356b27ea1be15370faa3caab96606e5390ebbd0e`
SHA3	`3e5a8cf51cab27ed39e93fca04b33c8cd29876749e41b72dea1846f24830c315`
Preview

1141

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`15120767b40b12ccc180202acd5b968a`
SHA1	`78f77558d7b485ccfe1d413a06d0a067fd8d629d`
SHA256	`7c7f15ed27de2f3a51d1da31356b27ea1be15370faa3caab96606e5390ebbd0e`
SHA3	`3e5a8cf51cab27ed39e93fca04b33c8cd29876749e41b72dea1846f24830c315`
Preview

1142

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`15120767b40b12ccc180202acd5b968a`
SHA1	`78f77558d7b485ccfe1d413a06d0a067fd8d629d`
SHA256	`7c7f15ed27de2f3a51d1da31356b27ea1be15370faa3caab96606e5390ebbd0e`
SHA3	`3e5a8cf51cab27ed39e93fca04b33c8cd29876749e41b72dea1846f24830c315`
Preview

1143

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`15120767b40b12ccc180202acd5b968a`
SHA1	`78f77558d7b485ccfe1d413a06d0a067fd8d629d`
SHA256	`7c7f15ed27de2f3a51d1da31356b27ea1be15370faa3caab96606e5390ebbd0e`
SHA3	`3e5a8cf51cab27ed39e93fca04b33c8cd29876749e41b72dea1846f24830c315`
Preview

1144

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`15120767b40b12ccc180202acd5b968a`
SHA1	`78f77558d7b485ccfe1d413a06d0a067fd8d629d`
SHA256	`7c7f15ed27de2f3a51d1da31356b27ea1be15370faa3caab96606e5390ebbd0e`
SHA3	`3e5a8cf51cab27ed39e93fca04b33c8cd29876749e41b72dea1846f24830c315`
Preview

1145

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`15120767b40b12ccc180202acd5b968a`
SHA1	`78f77558d7b485ccfe1d413a06d0a067fd8d629d`
SHA256	`7c7f15ed27de2f3a51d1da31356b27ea1be15370faa3caab96606e5390ebbd0e`
SHA3	`3e5a8cf51cab27ed39e93fca04b33c8cd29876749e41b72dea1846f24830c315`
Preview

26567

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x5e4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`e494a640aa993f92c3db2d4c5f9bc8e0`
SHA1	`9cf0d8dc01d2c184f34371275f9715468406198a`
SHA256	`1e65b5486df03b8177b5693aa828d8ea901b56c74e62c26e1bcf465c19ea9544`
SHA3	`c66980dc2dadefaeb7de22cf70a1dfdb57b9c68e422c984b404a28ef96988e1b`
Preview

30994

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xb8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`0e2e640b11f60ae0769bca010bdc6ecc`
SHA1	`420f079c4fa62bd56442cbd687964bfa1b423a20`
SHA256	`d81bfb50e59a9abbe66f6ae0c6b45c7b9c0bc6eead2cf982118ac4d62b6ffeda`
SHA3	`845cbd3db6727d0f00f11759a3fd45b054c34b907de9ede31a7bfcd5fe9aa76e`
Preview

30995

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x16c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`9d1101f2c45ce53f2ead40247bc2629f`
SHA1	`c7c2770645e7611ae33bd7a0b3ed948d39f17c06`
SHA256	`47f0149b43961165c5fa224dbd2d1e956cf0a26b86d15ee3e12652c2a6e013ca`
SHA3	`bdb8fc3f49a3a2e2e86492318284685402af4855237199d2dec3020a24441ac0`
Preview

30996

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`53e079183ddf7a114aed02f9f4d3efbd`
SHA1	`df6b573dde3185f29911af037f70a9319d40fb77`
SHA256	`7119f314d3837dac54bf984118de657f6f1e6dfd2a2b2a20510454f762dddf11`
SHA3	`71f6a6adba30bf6537cd7df2ef26312fb14317f64db2363aa229ada218776be7`
Preview

1 (#3)

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`809457c05fe696f5d34ac5ac8768cdd4`
SHA1	`a2c3e4966415100c7d24f7f3dc7e27d2a60d20c9`
SHA256	`1b66520d471367f736d50c070a2e2bba8ad88ac58743394a764b888e9cb6f6be`
SHA3	`002d1b10f28d74c7572fc7c5b403eb32f2a0540c4958d7878ef67edfd17c8109`

2 (#3)

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`982079681d7ad12766abc44f06946f3e`
SHA1	`50f73ed0787bf5911bb907e487efbc84a9714e48`
SHA256	`250f52cb2d6f1966a29f6ac771fa1cd185b8f8531396c8a4026c0fe635617e0c`
SHA3	`b8805d45012d79cfa8bb45e23c9b4a4421cd91538d569e58437efa0f545cf4d4`

3 (#3)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.83109`
MD5	`e8b7750feacdf3cd2b1c309c143fd42d`
SHA1	`2f866d82db70da452ed92ae5b30f8b433766c6e4`
SHA256	`0c18a3a6f1085627fd4af9c327aba27342e3937450548cf92cc91482d792d564`
SHA3	`12f9cc8ed3a44eb20930464666efef0e5b25f39b7ae159bc6e4c8c4e4402d82e`

127

Type	`RT_MENU`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`8dd6bb7329a71449b0a1b292b5999164`
SHA1	`2c513f149e737ec4063fc1d37aee9beabc4b4bbf`
SHA256	`15ec7bf0b50732b49f8228e07d24365338f9e3ab994b00af08e5a3bffe55fd8b`
SHA3	`c209c3693abab61dede95d1258a7110636139b3b1825f9f1781d1aeab75f282c`

1039

Type	`RT_MENU`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x284`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`5bccd8ff10735da26d5761d10b294a6a`
SHA1	`adeeb1f862cc5e00a8c346f1d6a35faa492fc317`
SHA256	`7ffb21772afdf16b75c7e774fcef924f07dc104279aa2cc4f3b55ffda3d3a7bb`
SHA3	`63ac95b5240ab7499900f50bae960500eb7b79be6df56858ed50a85fe8a8711e`

150

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x98`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`d4897692e4e8fd9d6057240671619925`
SHA1	`32fb2e046f09e6dc814a6040b03706174eae7229`
SHA256	`85ada57e1f601e962d705f389285adb4e74f450bc00672240dfef7399d82457f`
SHA3	`4fe73e6dcd2baf43cc9adee1666e46ef0412911413fdd2501def51105a2b623d`

286

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x17a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`b259e6ea164c6e479eec45c80772e515`
SHA1	`65a16387e88061b97b059a1db415a7a07b81052d`
SHA256	`8d8c294831ae2b1dd67f6a4903ae6eb38cdaede56707bf6508e70b1e4acbb43e`
SHA3	`ed4f064a56ffb2ecc7a7d3797e9a406c6080f8b8b2fbb5618cf2578e16406278`

554

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xfa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`22e0412c502e998a7a89d0813bc8ba5e`
SHA1	`8ea928334deffd265ae2de6aef27887223097c03`
SHA256	`1a5ce2eb33e4dcd8bf09a57d740649e2aec359dc2c0fd952ac0d19d4a63d0c42`
SHA3	`7da1a569fdb1685941d9b94179b4b8db8278c4c49fc75d964d196dfac49ddfee`

1037

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`f00cce6ef25de2d633f344b62423863c`
SHA1	`7808ef49467fbf35004b15bf3d701e8a0100eb41`
SHA256	`0479688f99e8cbc70291ce272876ff8e0db71a0889daf2752884b0996056b4a0`
SHA3	`3a44056a823ffb62c8d2b0b560fa599ea300c32b7d86edfffe7818b50020d2d1`

1084

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x8ae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`d450ff4604f32cb5d2f566f10b1fc222`
SHA1	`51e30f18f2b90316f51899f09714cfc1b9676948`
SHA256	`1fe51b05c44f6c78bd31e501df8a4d12d290cab134663219cf3c713a604fca35`
SHA3	`2389640505c073bc877a0e68cf25e5c6ac397a1e56f145a5b246e053bdf23261`

1124

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xb2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`5a2f0a76a121bc07e0e2ec806a1d7536`
SHA1	`6b08b43754ce487c2a13ddd95a52653f49dacc03`
SHA256	`68f31d7e2146e41ad6d99cb95f4a52a411e10043305e9680496f0be00c29dccf`
SHA3	`172a7a49cbe9715732ac1507d836cafcb91f8d42b5e5e8d6d2ccbd7b387ec789`

1134

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xcc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`0f920b318099067931645536f9dd233c`
SHA1	`11655dfea50716df9ade19d874471152b6bc496a`
SHA256	`c0c74543cc9dcc7f0ddc24eaced85c278aa3e357d3cb319977a8140d26268d06`
SHA3	`26a435dbd2fd903e43d37abf7de6fb65888d67d2001e239f7484d4482c66d7b0`

1150

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xb2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`5a2f0a76a121bc07e0e2ec806a1d7536`
SHA1	`6b08b43754ce487c2a13ddd95a52653f49dacc03`
SHA256	`68f31d7e2146e41ad6d99cb95f4a52a411e10043305e9680496f0be00c29dccf`
SHA3	`172a7a49cbe9715732ac1507d836cafcb91f8d42b5e5e8d6d2ccbd7b387ec789`

30721

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xe2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`7ed130225627817eb7daf423135459b4`
SHA1	`b054fb05c7a4b8359e4f4ddaf67d535b80ab4a5b`
SHA256	`ac41e9584bf0e3f1620d625398a2df66c5fdb744069d8bc957b8690d5af879b3`
SHA3	`0fb25bd12a85c88db4036d63dba0c97a4eed9e0d809940af0cbe179bb25fe333`

30722

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x18c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`0a15f50911fbd69c7f0d921f313ce4db`
SHA1	`67f5593011f96a0173962d0c1092afda19069067`
SHA256	`58553b15fb3888e443e29fff5663675b8f70e37f0ea6c54076489d6ff04c1032`
SHA3	`c592c8c38289b81cda7c4dc4a791a97bc8e521debc92325da5accace5d81acd1`

3841

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x50`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`bbf7c6077962a7c28114dbd10be947cd`
SHA1	`8fc36a50d0ba5aabfa3cb92d81fe9fdc4686e6a3`
SHA256	`5b6fb58e61fa475939767d68a446f97f1bff02c0e5935a3ea8bb51e6515783d8`
SHA3	`c5fa98aca9ec66e1373a5a65d6d9d143b9b77465402fc4cf1bad038d0ca3f5fe`

3842

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x2c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`3e5ceb07f51a70d9d431714f04c0272f`
SHA1	`045c85ba38952325e126c70962cc0f9d9077bc67`
SHA256	`85759b3811ff7dc47b03792ac85317be51431a3f9e01dcafce317ed736a391b0`
SHA3	`06f473f00da7697c044c5aa385e710964c2e9c13c1df53a720258ce186ceecd7`

3843

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x78`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`222f7d881ded1871724a1b9a1cb94247`
SHA1	`b110a88a11436b215220486c1081dec2fb0f389a`
SHA256	`6edd9f6f9cc92cded36e6c4a580933f9c9f1b90562b46903b806f21902a1a54f`
SHA3	`b6e1f1e0adea98b5f46846196df329d0c617a06adc04d4382554dcc1a8fd7a98`

3857

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x1c4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`3ce9d74193d28338494362767873ba7b`
SHA1	`af9d0faa532f99a1a7e5b8f6bbf5ceaef55e38b6`
SHA256	`89f3bda768dd22407bc38aa71eb80b084fa6ea9376c75c67cca0099ccdb3f792`
SHA3	`49c856280fc870cbb56a7d25a850fbd942c0756f62b082d6935794de2e83131a`

3858

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x12a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`f8604af8f8b94ba9236cadbbcf392cf8`
SHA1	`7720bd804ab353ae41f553f998fffea14764a79a`
SHA256	`314f47cf9b9e4e05c5e965e82dd2751a934c094b481a00291e9e11f21d0ec4ee`
SHA3	`3914effc17ac93fe52e07a2d56b17b57a4461dd288ce6a4d5da7a548aa08e6cd`

3859

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x146`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`f66bbd2e5ab92eb20b68e23e0e7e2865`
SHA1	`52e6fe8181f5154cb78ea7586afa7f53d1652403`
SHA256	`abc51024312e319b92a2072de099539bca24e378e04e96f2a142fba8864161b0`
SHA3	`0ebaf4998f262a9e7c02b5eff2626bcaa3c3119a595c01ca6decc5857ccd77c5`

3865

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x40`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`3b5d3c7d207e37dceeedd301e35e2e58`
SHA1	`c8d7d0ef0eedfa82d2ea1aa592845b9a6d4b02b7`
SHA256	`f5a5fd42d16a20302798ef6ed309979b43003d2320d9f0e8ea9831a92759fb4b`
SHA3	`070fa1ab6fcc557ed14d42941f1967693048551eb9042a8d0a057afbd75e81e0`

3866

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x64`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`6d0bb00954ceb7fbee436bb55a8397a9`
SHA1	`ed4a77d1b56a118938788fc53037759b6c501e3d`
SHA256	`cd00e292c5970d3c5e2f0ffa5171e555bc46bfc4faddfb4a418b6840b86e79a3`
SHA3	`496da9d6a23cfdb01ac5c98b5714194b07af41751a10358efbfd56e3d15b69b8`

3867

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x1d8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`8c10cf7fb63a271a356a191b948f5ec2`
SHA1	`00eeb01656a2d7c6ef07265a54df940c610918e3`
SHA256	`22fec3bc784546d70e79696b405d950aff355b6f429f266ceacffe0cc2e5ba02`
SHA3	`61b594638ffe83f7fc90d31bec373c9dc7e229b86106f30f301fa3f54e858abf`

3868

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x114`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`eaed3e93aeb3c33f31c3b1e573974fdd`
SHA1	`6b01519b9a995c5bb1ecb39f80980be2a335f10d`
SHA256	`d489001ff88ed206b56f44bd0789a8332510f33bf40a312a7b2e5d60c3fe3e03`
SHA3	`50b7f79e183b137b6e64ce343805c5e6189887ff510d0fb2b8236f0981abab13`

3869

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x24`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`81684c2e68ade2cd4bf9f2e8a67dd4fe`
SHA1	`8696cf0f4655636cc93c566c1be2dad311da646c`
SHA256	`6db65fd59fd356f6729140571b5bcd6bb3b83492a16e1bf0a3884442fc3c8a0e`
SHA3	`372d46c3ada9f897c74d349bbfe0e450c798167c9f580f8daf85def57e96c3ea`

1032

Type	`RT_GROUP_CURSOR`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`441018525208457705bf09a8ee3c1093`
SHA1	`6768033e216468247bd031a0a2d9876d79818f8f`
SHA256	`de47c9b27eb8d300dbb5f2c353e632c393262cf06340c4fa7f1b40c4cbd36f90`
SHA3	`f3683c9e3da9a7f90397767215345efe3be07565f14ab80d102f50644b98fbfa`
Preview

1033

Type	`RT_GROUP_CURSOR`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`441018525208457705bf09a8ee3c1093`
SHA1	`6768033e216468247bd031a0a2d9876d79818f8f`
SHA256	`de47c9b27eb8d300dbb5f2c353e632c393262cf06340c4fa7f1b40c4cbd36f90`
SHA3	`f3683c9e3da9a7f90397767215345efe3be07565f14ab80d102f50644b98fbfa`
Preview

30977

Type	`RT_GROUP_CURSOR`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`0b91f1d54f932dc6382dc69f197900cf`
SHA1	`3173532552077d0d796c3628ac35c76343dc3a04`
SHA256	`eb142b0cae0baa72a767ebc0823d1be94e14c5bfc52d8e417fc4302fceb6240c`
SHA3	`7b8f2bd58baea4bd5b7a3da6b659b65aa1eaf5e6308428e9dcf989cdcc97bed5`
Preview

DEFAULT_ICON

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.94375`
Detected Filetype	Icon file
MD5	`84c3cc2a9e3bd387754b60b052e63efe`
SHA1	`23bc2baff4dc0afe221240187fa7c6cc478591aa`
SHA256	`e30dc85dc21227ef94c3452d2c60b9cc6407e146e398ca1ee54b10cdc902f003`
SHA3	`4a99c48084141ff7c92f1731894df05e896b627a2af841c1474f93036cc2deaa`

1151

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`441018525208457705bf09a8ee3c1093`
SHA1	`6768033e216468247bd031a0a2d9876d79818f8f`
SHA256	`de47c9b27eb8d300dbb5f2c353e632c393262cf06340c4fa7f1b40c4cbd36f90`
SHA3	`f3683c9e3da9a7f90397767215345efe3be07565f14ab80d102f50644b98fbfa`

1152

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`441018525208457705bf09a8ee3c1093`
SHA1	`6768033e216468247bd031a0a2d9876d79818f8f`
SHA256	`de47c9b27eb8d300dbb5f2c353e632c393262cf06340c4fa7f1b40c4cbd36f90`
SHA3	`f3683c9e3da9a7f90397767215345efe3be07565f14ab80d102f50644b98fbfa`

1 (#4)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1cd`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.07695`
MD5	`1f8e637078d78cd17668b33b7949967f`
SHA1	`e15e16c2983f3b7cde3cbd8eb43d77f34941ede6`
SHA256	`7579d42f72e8634505b7b2e4aa385721e691566ed73011a9f22eb0f79fc7f362`
SHA3	`f08a75f6436bc54ab25e27e308ed14a7158cfd45c148d75e7a70f3c20bbcdba1`

Version Info

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xd9d4be84`
Unmarked objects	`0`
12 (7291)	`3`
14 (7299)	`43`
19 (8022)	`44`
19 (8034)	`21`
Total imports	`596`
C++ objects (VS98 SP6 build 8804)	`102`
C objects (VS98 SP6 build 8804)	`208`
C++ objects (VS98 build 8168)	`75`
C objects (VS98 build 8168)	`27`
Unmarked objects (#2)	`31`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

586c328af60cdca1a7fb20afe46a29a9

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

T\xe5}{\xa3ua

Imports

Delayed Imports

1

2

3

1 (#2)

2 (#2)

3 (#2)

4

1031

1038

1138

1139

1140

1141

1142

1143

1144

1145

26567

30994

30995

30996

1 (#3)

2 (#3)

3 (#3)

127

1039

150

286

554

1037

1084

1124

1134

1150

30721

30722

3841

3842

3843

3857

3858

3859

3865

3866

3867

3868

3869

1032

1033

30977

DEFAULT_ICON

1151

1152

1 (#4)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors