62028945d0ab974e183756ebbb1ca07f

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2017-Apr-30 23:30:45
Detected languages English - United States
Debug artifacts C:\Builds\13810\Tools\procexp_master\bin\Win32\Release\procexp.pdb
CompanyName Sysinternals - www.sysinternals.com
FileDescription Sysinternals Process Explorer
FileVersion 16.21
InternalName Process Explorer
LegalCopyright Copyright © 1998-2017 Mark Russinovich
LegalTrademarks Copyright (C) 1998-2017 Mark Russinovich
OriginalFilename Procexp.exe
ProductName Process Explorer
ProductVersion 16.21

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ 6.0 - 8.0
MASM/TASM - sig1(h)
Suspicious Strings found in the binary may indicate undesirable behavior: Contains references to system / monitoring tools:
  • Procexp.exe
  • regedit.exe
  • rundll32.exe
  • taskmgr.exe
 Contains references to internet browsers:
  • iexplore.exe
 May have dropper capabilities:
  • %TEMP%
  • CurrentControlSet\Services
  • CurrentVersion\Run
 Accesses the WMI:
  • ROOT\subscription
  • root\wmi
 Miscellaneous malware strings:
  • Virus
Info Cryptographic algorithms detected in the binary: Uses constants related to SHA1
Uses constants related to SHA256
Microsoft's Cryptography API
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryA
  • LoadLibraryExW
  • LoadLibraryW
  • GetProcAddress
 Functions which can be used for anti-debugging purposes:
  • CreateToolhelp32Snapshot
  • FindWindowW
 Code injection capabilities (PowerLoader):
  • GetWindowLongW
  • FindWindowW
 Can access the registry:
  • RegOpenKeyExW
  • RegOpenKeyExA
  • RegQueryValueExA
  • RegCloseKey
  • RegCreateKeyW
  • RegCreateKeyExW
  • RegDeleteKeyW
  • RegEnumKeyW
  • RegEnumValueW
  • RegLoadKeyW
  • RegOpenKeyW
  • RegQueryInfoKeyW
  • RegQueryValueExW
  • RegSetValueExW
  • RegUnLoadKeyW
  • RegQueryValueW
  • RegDeleteValueW
 Possibly launches other programs:
  • CreateProcessW
  • CreateProcessAsUserW
  • ShellExecuteW
 Uses Microsoft's cryptographic API:
  • CryptAcquireContextW
  • CryptReleaseContext
  • CryptGetHashParam
  • CryptCreateHash
  • CryptHashData
  • CryptDestroyHash
 Has Internet access capabilities:
  • WinHttpOpenRequest
  • WinHttpSetOption
  • WinHttpQueryDataAvailable
  • WinHttpSendRequest
  • WinHttpReadData
  • WinHttpConnect
  • WinHttpCloseHandle
  • WinHttpOpen
  • WinHttpReceiveResponse
  • WinHttpQueryHeaders
  • WinHttpGetProxyForUrl
  • WinHttpWriteData
 Leverages the raw socket API to access the Internet:
  • #14
  • #8
  • #9
  • #51
  • #56
  • #115
  • #15
 Functions related to the privilege level:
  • OpenProcessToken
  • AdjustTokenPrivileges
  • DuplicateTokenEx
 Interacts with services:
  • QueryServiceConfigW
  • QueryServiceObjectSecurity
  • QueryServiceStatus
  • OpenSCManagerW
  • OpenServiceW
  • ControlService
 Enumerates local disk drives:
  • GetDriveTypeW
 Manipulates other processes:
  • ReadProcessMemory
  • Process32NextW
  • Process32FirstW
  • OpenProcess
 Changes object ACLs:
  • SetKernelObjectSecurity
  • SetSecurityInfo
 Can take screenshots:
  • FindWindowW
  • GetDC
  • BitBlt
  • CreateCompatibleDC
 Can shut the system down or lock the screen:
  • ExitWindowsEx
Malicious The PE is possibly a dropper. Resource 150 detected as a PE Executable.
Resource 152 detected as a PE Executable.
Info The PE is digitally signed. Signer: Microsoft Corporation
Issuer: Microsoft Code Signing PCA
Suspicious VirusTotal score: 1/73 (Scanned on 2020-02-08 13:53:35) Jiangmin: Backdoor.Generic.ayol

Hashes

MD5 62028945d0ab974e183756ebbb1ca07f
SHA1 d04eff8417d6d78567032bb7eb7ffacc9b10d03c
SHA256 a718176110bc41bd357af92ae69bd0b6a9f223f8f13e91ed8dc8ec19d46c0d0c
SHA3 c0274eb4fc5d13c579b8334a772ccf17b04d0202ac18ccaa5b723e42114281ec
SSDeep 24576:xISc2BFYRtiY+u7VPqmEQkQUsjm7RZSeZlGQbrht/TSWqJNG4WLsRDespTWzgrB:xISc2oiZuZ1w7KeZkGLOWYRDpcYOm3
Imports Hash 1fba17afb4b158cd86db0f513f5c8ae2

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x118

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2017-Apr-30 23:30:45
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 12.0
SizeOfCode 0xba800
SizeOfInitializedData 0x1da800
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0009BA18 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0xbc000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.1
ImageVersion 0.0
SubsystemVersion 5.1
Win32VersionValue 0
SizeOfImage 0x2bd000
SizeOfHeaders 0x400
Checksum 0x29c250
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 f27b8784f4b96bb21ea94b5d5530238e
SHA1 5b14ff55499700416841dc1efe6aad18f612eb3c
SHA256 14678322578428d5871dd80fc7fe0415a415cc859fe0a07865688f7c959add5b
SHA3 fb63599c83dda1b5446bd01db3655d31920e7c3f6a3526afd68acc9e5433f749
VirtualSize 0xba6d8
VirtualAddress 0x1000
SizeOfRawData 0xba800
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.47752

.rdata

MD5 b68afeb42c46d2f3fdd35e1c54054c17
SHA1 9afd0a78142cb6599020378bc0ab6e3ec562e96e
SHA256 e96583f36205df6e46752958221849f0e16d818635060a6a2354736a7bb9b51d
SHA3 918de834834b5d96fa609c7d8a64b68398eca5d3a44dfa6da1bdd2125bce197b
VirtualSize 0x2d482
VirtualAddress 0xbc000
SizeOfRawData 0x2d600
PointerToRawData 0xbac00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.48173

.data

MD5 d872ad4003751e8c9134e15c1afac16c
SHA1 2d1c3b5df8e7bfb1ae49079e411a162870ce8f0b
SHA256 96e6137ef62bea13b05091effbfb55fa41202bd16c49246f7c39e1870cee3ac1
SHA3 16c04a1da1759225dc89390282e16ea5caec1274442d1cd4295b0451c7c30fe6
VirtualSize 0x2da68
VirtualAddress 0xea000
SizeOfRawData 0x9200
PointerToRawData 0xe8200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.6874

.rsrc

MD5 8787a83a3832ad78ddff57c9faf1fc74
SHA1 2910922ade0471e38ea215f8ac250af5534c75dd
SHA256 d4fda7473b3af519be0f0dd474039c3d3ec3bbe8c41b43d6c26e16b1a7c5405d
SHA3 ef7c0c57194073a3a1ed05687f88528b700dc29de77750fa543d4024b9e03014
VirtualSize 0x197840
VirtualAddress 0x118000
SizeOfRawData 0x197a00
PointerToRawData 0xf1400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.01658

.reloc

MD5 fb54af943e76b308cd64169ed680c929
SHA1 426d28cca95dd3f6d5bf1e7f17aa9dbf95f8b45d
SHA256 420aeee9e19fb393827f9a9f082374fec4602afc74fa4262360fe949a587a083
SHA3 9ca50dd9f54619ef1e8f1d2b7c0e4f097a6b004e25860c2c2c4db6d1713a0632
VirtualSize 0xc530
VirtualAddress 0x2b0000
SizeOfRawData 0xc600
PointerToRawData 0x288e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 6.76732

Imports

SHLWAPI.dll ColorHLSToRGB
ColorRGBToHLS
#176
UrlUnescapeW
WS2_32.dll #14
#8
#9
#51
#56
#115
#15
MPR.dll WNetGetConnectionW
COMCTL32.dll ImageList_Create
CreateStatusWindowW
CreatePropertySheetPageW
#410
#8
#413
ImageList_ReplaceIcon
ImageList_Add
InitCommonControlsEx
ImageList_Destroy
ImageList_DrawEx
#17
PropertySheetW
VERSION.dll VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
credui.dll CredUIPromptForCredentialsW
SETUPAPI.dll SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
CRYPT32.dll CertDuplicateCertificateContext
CertGetNameStringW
KERNEL32.dll VirtualQueryEx
GetProcessAffinityMask
GetCurrentProcessId
SetThreadAffinityMask
SetFilePointer
GetSystemDirectoryW
DeleteFileW
SearchPathW
OpenThread
GetThreadContext
SuspendThread
ResumeThread
Thread32First
Thread32Next
ResetEvent
QueryPerformanceCounter
QueryPerformanceFrequency
IsBadReadPtr
GetEnvironmentVariableW
GlobalMemoryStatus
SetProcessWorkingSetSize
TerminateProcess
GetProcessId
PulseEvent
SetPriorityClass
GetComputerNameW
VirtualAlloc
VirtualFree
GetProcessWorkingSetSize
DeviceIoControl
DuplicateHandle
OutputDebugStringW
GetDriveTypeW
GetCurrentDirectoryW
WideCharToMultiByte
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
GetSystemInfo
ExpandEnvironmentStringsA
LoadLibraryA
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
CompareStringW
GetStartupInfoW
TlsFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
GetModuleHandleExW
ExitProcess
GetCurrentThreadId
IsProcessorFeaturePresent
RtlUnwind
IsDebuggerPresent
EncodePointer
GetStringTypeW
lstrlenA
lstrcmpiW
lstrcmpW
ReadProcessMemory
OpenEventW
SetLastError
IsBadStringPtrW
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
DeleteCriticalSection
Module32NextW
Module32FirstW
TerminateThread
GlobalUnlock
GlobalLock
GlobalReAlloc
GlobalAlloc
FindResourceExW
FindResourceW
SizeofResource
LoadResource
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
LockResource
GetCommandLineW
GetFileType
LocalAlloc
FormatMessageW
GlobalAddAtomW
GetTickCount
MulDiv
GetFileSizeEx
GetExitCodeThread
CreateThread
CreateEventW
WaitForMultipleObjects
WaitForSingleObject
SetEvent
EnterCriticalSection
GetCurrentThread
LeaveCriticalSection
FindNextFileW
FindClose
MultiByteToWideChar
GetModuleHandleW
ReadFile
LoadLibraryExW
FreeLibrary
GetPrivateProfileStringW
FindFirstFileW
GetFileAttributesW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetNumberFormatW
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
CreateFileW
GetFullPathNameW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
SetEnvironmentVariableW
CreateProcessW
GetModuleFileNameW
LoadLibraryW
CreateFileMappingW
TlsSetValue
TlsAlloc
lstrlenW
UnmapViewOfFile
MapViewOfFile
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
CloseHandle
GetFileTime
WriteFile
GetStdHandle
GetFileSize
Sleep
InitializeCriticalSection
SetErrorMode
GetLastError
ExitThread
GetCurrentProcess
OpenProcess
LocalFree
GetVersion
GetProcAddress
InterlockedDecrement
InterlockedIncrement
TlsGetValue
FlushFileBuffers
GetConsoleCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
SetFilePointerEx
SetStdHandle
WriteConsoleW
ReadConsoleW
SetEndOfFile
SetEnvironmentVariableA
USER32.dll CopyImage
GetWindow
GetDesktopWindow
KillTimer
MsgWaitForMultipleObjects
GetDlgCtrlID
CheckRadioButton
SendMessageTimeoutW
PeekMessageW
GetUserObjectSecurity
SetUserObjectSecurity
IsDialogMessageW
DrawIconEx
CheckMenuRadioItem
WindowFromPoint
RedrawWindow
TrackPopupMenu
RemoveMenu
CreateMenu
DrawMenuBar
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
IsWindowEnabled
GetDlgItemTextW
CreateDialogParamW
IsWindow
PostQuitMessage
ExitWindowsEx
DispatchMessageW
TranslateMessage
GetMessageW
DrawEdge
RegisterWindowMessageW
GetWindowDC
SetMenuItemInfoW
IsIconic
ShowWindowAsync
SystemParametersInfoW
EnumWindows
SetClassLongW
GetWindowTextW
InvalidateRgn
TrackPopupMenuEx
ModifyMenuW
AppendMenuW
GetMenuItemCount
GetMenuItemID
EnableMenuItem
CreatePopupMenu
EnableWindow
IsDlgButtonChecked
CheckDlgButton
GetWindowPlacement
LoadIconW
SetWindowPlacement
DefMDIChildProcW
DefFrameProcW
DefDlgProcW
CreateIconIndirect
FrameRect
ClientToScreen
IsWindowVisible
DestroyWindow
GetClassNameW
EnumChildWindows
PtInRect
UnionRect
CopyRect
ScreenToClient
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
IsZoomed
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DrawFrameControl
ChildWindowFromPoint
SetDlgItemTextW
DialogBoxParamW
MoveWindow
SetWindowTextW
GetDlgItem
EndDialog
DialogBoxIndirectParamW
GetScrollInfo
SetScrollInfo
GetParent
GetClassLongW
SetWindowLongW
GetWindowLongW
OffsetRect
IntersectRect
InflateRect
FillRect
GetSysColorBrush
GetSysColor
MapWindowPoints
GetCursorPos
SendMessageW
WaitForInputIdle
ShowWindow
SetFocus
GetSystemMetrics
GetMenu
CheckMenuItem
GetSubMenu
InsertMenuW
GetWindowRect
GetClientRect
GetPropW
SetPropW
ScrollWindowEx
ValidateRect
InvalidateRect
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
UpdateWindow
DrawTextW
SetTimer
ReleaseCapture
SetCapture
DeleteMenu
SetForegroundWindow
MessageBoxW
SetCursor
FindWindowW
FindWindowExW
GetWindowThreadProcessId
LoadCursorW
DestroyIcon
LoadImageW
EnumDisplaySettingsW
GetDC
ReleaseDC
GetCapture
GetKeyState
GetFocus
SetWindowPos
CreateWindowExW
RegisterClassExW
CallWindowProcW
DefWindowProcW
PostMessageW
LoadStringW
RegisterClassW
GDI32.dll SetMapMode
Polyline
SelectObject
SetBkColor
SetBkMode
SetTextColor
StartDocW
EndDoc
StartPage
EndPage
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
MoveToEx
SetROP2
SaveDC
RestoreDC
Rectangle
LineTo
ExtTextOutW
CreateDIBSection
GetObjectW
DeleteObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
GetBkColor
GetBkMode
GetDeviceCaps
GetStockObject
RectInRegion
SelectClipRgn
SetTextAlign
COMDLG32.dll FindTextW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
PrintDlgW
ChooseFontW
ADVAPI32.dll RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeNameW
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetKernelObjectSecurity
CreateProcessAsUserW
RegConnectRegistryW
FlushTraceW
ConvertSidToStringSidW
LsaEnumerateAccountRights
RegCloseKey
LsaOpenPolicy
LsaClose
LsaFreeMemory
SetSecurityInfo
GetSecurityInfo
AddAccessAllowedAce
GetAce
AddAce
InitializeAcl
GetSidSubAuthorityCount
GetSidSubAuthority
GetSidIdentifierAuthority
IsValidSid
SetTokenInformation
QueryServiceConfigW
CopySid
RevertToSelf
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
EqualSid
AllocateAndInitializeSid
GetLengthSid
CloseTrace
ProcessTrace
OpenTraceW
ControlTraceW
StartTraceW
SetServiceObjectSecurity
QueryServiceObjectSecurity
MapGenericMask
RegCreateKeyW
StartServiceW
QueryServiceStatus
FreeSid
LookupAccountSidW
LookupAccountNameW
LookupPrivilegeValueW
ImpersonateLoggedOnUser
DuplicateTokenEx
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegEnumValueW
RegLoadKeyW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegUnLoadKeyW
RegQueryValueW
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
RegDeleteValueW
CloseServiceHandle
OpenSCManagerW
OpenServiceW
ControlService
SHELL32.dll SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetMalloc
Shell_NotifyIconW
ShellExecuteExW
SHGetFileInfoW
ShellExecuteW
ole32.dll CoGetInterfaceAndReleaseStream
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CoSetProxyBlanket
CoMarshalInterThreadInterfaceInStream
CoTaskMemFree
OLEAUT32.dll #20
#4
#25
#24
#23
#2
#6
#7
#150
#8
#9
#12
#16
#19
WINHTTP.dll WinHttpOpenRequest
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpSendRequest
WinHttpReadData
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpWriteData
PSAPI.DLL GetModuleFileNameExW

Delayed Imports

150

Type BINRES
Language English - United States
Codepage Latin 1 / Western European
Size 0x8f48
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.81739
Detected Filetype PE Executable
MD5 0cab82b67c59e4f1debb033100769e67
SHA1 4d3d94d1521f7b9726437b3d5ee4b1b3d1c69ddb
SHA256 1e40054b16d5ff3d41ff583edaf001775c6ce4a9f8f62885312f86ac9308bd5b
SHA3 4eef2fed830ee84c400cd2036c83de5aa58709b726dd8d0942addadb728c501a

152

Type BINRES
Language English - United States
Codepage Latin 1 / Western European
Size 0x1642a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.07709
Detected Filetype PE Executable
MD5 9040ba73eca86d61f88e1935d4134114
SHA1 ab6515ed4b161e14f6aac65fa7d11a60a81d2e4d
SHA256 795fe82fba35ee15eeb70cfe999ce8881e8ba1cc7b1734413b38259847ece8bf
SHA3 1d9505afff8064fef248e7f2f3747f8e51c67f031300c5c9a5d67eedcaa602e0

1

Type RT_CURSOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.73768
MD5 e656a13345ed2bd9970aa817fa987203
SHA1 0949d36c6351750cbbc64dd855179173a2cb6a10
SHA256 b9502efe5dc8f0dfcadd5c28806a2b1c7265935c6f266c2480038c5d325f4ec0
SHA3 f9aa7a95b8cc2c75bf594185728dab66abf4e8f90317b1060fee50c7910edb7e

2

Type RT_CURSOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.50239
MD5 c1a71508ea5dfa8bf41118f0c8617d28
SHA1 abae5839ca58e292d153375a11eb3da5505dda0d
SHA256 64971246532dee4afcae138bdc239c42c20d9eeebcf26512a76b2bd14d323bae
SHA3 bbb05c79a8070bca607a7d21cb2affefa49319c24ca9a809260f579725e949c3

3

Type RT_CURSOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.37949
MD5 9ace272b939fc4d314332baffa3f2e69
SHA1 99bc223d3c01e2bd8e57318df0a4d2b57c762b64
SHA256 0c609ee60044104f38c4ee5ce795b36a2654f1fd93b57b0733494dce6f5a90ed
SHA3 64ac06f2b95e6b1af574daa7a32e645fa57eee1738c52b788e30aaa7d5490314

4

Type RT_CURSOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.62344
MD5 61f0c9e781c2d61cb18343b265cbf2dd
SHA1 2f05818896e1bfd79a2a86dad2cd32ca77a506e8
SHA256 4c65155182ea488f493ab650a918c3f0a637fe6d35cb682500bd1d400c7039a2
SHA3 0827c0d7de6fca3e1d61e0eba203e35e22f80d40b3c3ec7b4aa8f87716559f11

108

Type RT_BITMAP
Language English - United States
Codepage Latin 1 / Western European
Size 0x1148
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.36344
MD5 1302a93218c2fe99954d585ad4109699
SHA1 e1a71c0d76bd570327abd35358de78ffd27e3638
SHA256 7fae7e1f815c13771e1694f3d432fb9bfd9b5f5f4dd029f388b5f607eb0a1770
SHA3 48d9aa8f8b06f127f05e32512cb3e9c532be944add810bb921e6dcb3669af24c
Preview

5

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.33181
MD5 d15f3ab6307b00b16a901cd1cddb79e1
SHA1 b48d356d14009d69e21261cc5fd9df19991c2a4c
SHA256 9e4372979b69241ac2fbb56857b18b1e23b4b14b30b11142d955e0ed839dfeb1
SHA3 4ab995636650e80db56bd7d3c30cd50b65295411668859136b7fb30f993a16e3

6

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.37984
MD5 73e41278c4bbba3b306c7eb63cdec358
SHA1 c2fe0b25186d6cd19d000c4d08cfc1f1e5897e7e
SHA256 c4810ca3c47864ee1afe2945c1ceb8d8bfa089076c1482af684dee2f4fa9e262
SHA3 a5f3db78d93522b4a6fb70efe1bcff767842020601eb3bd4db02502ab633c7b2

7

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.94402
MD5 1e94ba78a024e8899c819b99b0d4cc2c
SHA1 2bc749e6f46fd79a6bac01cd71fa06d802439f51
SHA256 f0094827dd717591eefeeb08722538ca2a9e86191293a8e448775d65c48bbf50
SHA3 53f1a090857bfaafd1fd6f70906cfcd59bb73831d347a9ad4b8f0e5e440238e2

8

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.59771
MD5 65f2b0a5d69167e2e8eb76cdcfcc9bc9
SHA1 2b0799d6db9b5378f44d05b7cfa9367d16ab022e
SHA256 e989801b583b43457ba9460c4eeef23937627a90d9069b93792d93c9bce9fdca
SHA3 92c4c1e308f979818c405f8212360045d0849990f216a094434d17c64a1e9470

9

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.4153
MD5 b65944552f5ca6302ab035db1b24a771
SHA1 1ba47bf246a06838e380a055f06b002761d15217
SHA256 e9b8d2a7f9f8fc64d9d63e524fdfaf97daec3de967a9174cb28c9863b5e286b7
SHA3 ff7d4ac5e48b6686fe052a02aaff9aacaabbf355a8b10c289fc04693e6d20a2f

10

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.39993
MD5 adacc3dc9471484536aa1b262f72efa0
SHA1 e300f31042e144d49e85b46f737cd33b5da12152
SHA256 a31a9c1f63e16faaf2de4bd8e018ee8bb8fd310540500f993fff1ff9ddcead07
SHA3 b5f26fd536b260285bc2ac41a789f6afb393caef9432a192151f8d6a7f71f2c1
Preview

11

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.57156
MD5 133639df20249b071dea029d848d96df
SHA1 102a3866fd3e4f199fa8fe04657abf08116a923d
SHA256 22ce584d044ac7c47ba83cb1477b63b57deda58d8e14fc88f8c901fee083bb6f
SHA3 eb4056d22070218fcbbd15ca168f8c150d7059ea13d4a7dec3886484bc0864ad

12

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.66049
MD5 115036422924e56bb48717c0809d36c1
SHA1 f53eef8f74c49e47ca283ba02df5146204302e77
SHA256 d14d199451a598bb54344ae96a5c4c9e7fd5df9933867ac92fdfef2d69d8617a
SHA3 ad08768bba690b948babe2e3658094c8e1b521b297bbf55bce52ad575dd4e828

13

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.67323
MD5 9f33207dc6a6efa2bfc193c03c1623f3
SHA1 86884d5f584080619cd19adefd657bda331d47fa
SHA256 cb66a58494780e2d1b37a824fbf213e055d1ba71fbed9dec6310237f5381c432
SHA3 d9f7808a60aeff043af8c2fa7292dfaef85262aff32b7b64face86e86566f199

14

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.84445
MD5 e4d85675ac1d6d5e718e5fd0ef8171f9
SHA1 ff7ced73bf265b1bc5afc81f983f189b2549fd3c
SHA256 edbcf39278577e7cb35f13044e4a4d0b8eb620dc3a951ce5b7f5aa0edb03005c
SHA3 0d4b91253a59b7fe21f9a0355fb1e209c0bb1ffdd06993d4e15407283c7aaaf5

15

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.19896
MD5 e2a2febd2a6653f3909e5a2060bd069f
SHA1 df82b8070744403059010d424239a07f3ff28952
SHA256 cbccc5dd9328c517a489976ace7df7081fa0a692c39f855032ef3754d2baa624
SHA3 440f4e59e9f90351ebfdfbaca779616c9085c907b0c710f480ed48de513785d4

16

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.17617
MD5 18fc88ba4a766f24d5b44ad56a22954c
SHA1 e9bd68a1868d6a7d55d7f55c06135ac3c113d0a6
SHA256 62b294420b0d1e13e3a86be63c86af973e8e1bee061c15d2ce18464b0190f8ba
SHA3 b92182b45e8600ee06447d16c0ec982d068012ccb3a4295ea1778e4cbab0a110

17

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.12781
MD5 10d1f1de08938ad327b96466ab418209
SHA1 127d040f844b43a596ee172fc029f8ed181fb8ce
SHA256 f740f49f6475729309b9ba9049c7e47e7bfad2f43c38a683447795df69fa709b
SHA3 5f4f4cdac5180b3dbdc49d91a38e056afe4e5e8feb877484e16aaf11da4ba876

18

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.99772
MD5 4cf71272fd36072fd4ae130e2e61ef20
SHA1 f865881a46f0282d2bd36b65383d740a84816c95
SHA256 05fbc6c8fb354811ff8e7eab4fae8ce6391ae9c2f83355186a63319177682653
SHA3 f53af91f08506e70255b43c0c96b4844ebefffa3ada86f96a63313d4705e5018

19

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x6c8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.64706
MD5 9ad7b95ed6004210b3079afae1435757
SHA1 b831c56bf1329f284bbd73cd97f5f212fe0a9af3
SHA256 5ca4a75a3bdf70ccca96fae02fcfc1ebf5d87af359bfdf0c60bb2bc16dc7ec61
SHA3 ff4dbfe3f28d6fc1a61ba19aa3c77285bcf4b245783e81abeaec8f47b2ffa57f

20

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.47918
MD5 0fa49dfb132efc77a85f71abe4f4b6a1
SHA1 c943628d2bc672404fc28f079b87eceb1969a560
SHA256 cf1de875dbe83b4f8ce52b8434b7cd36bd94b41ad0825b4bddb7ec5db08be182
SHA3 1900d1398c8d16a2f03270dc7cced78eeecc33558dae9cb5c3cd2779a20a410d

21

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.65183
MD5 d0e7b1b33e2be98c287bea29b286619f
SHA1 4dfa630e5a96241518bf4566e0899ecaf33f5234
SHA256 e42618215d9207d9e4f57a5c20aba3145cf2a1429da37b0bf5294cf5b619b579
SHA3 c2227db41227d5b6f786350d2d85b86cc92c12219f14ec14a9a6cdcdabdd0c3f

22

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.13496
MD5 78804d93f31508c7c17bb8a65ed6daeb
SHA1 7e645100b2e56d50d95dbc87881cd085b15c91ee
SHA256 8f8ef838ffe256cb446077895c499aa903c3475a0f0646bce5834f43dd00aefe
SHA3 d23f1e1074c36f4ee714328ce0ce403ea91f33ce39a7b5918864fca00e5c29cf

23

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.55486
MD5 bcc1db27f44c3680ef26c887e7e3b71e
SHA1 7a038c888d8054b77bbe4fc3456bc80f989840a7
SHA256 34fffdf2f7c87ed47474f224473297c7fc51dccdf88f921ab670876fa9a88673
SHA3 30ab6d64e264194ac45cdee0f5538f840272d1756ed360cc7c6fb8fed849bb85

24

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.90529
MD5 2d9ff5cc87accc2c358723c7754261a6
SHA1 e44bb4d037cd64663e14382f887c7907f715fa88
SHA256 95b3491969f7e0b417beb85c4ab9928aa3bfdc080fdad7928804f967c242dd30
SHA3 34b7bd1713894f5c85911c15e032be9af661551085c40d5579028d923ad862dc

25

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.04126
MD5 eceb76c7089de4108f0bce2e37b661f9
SHA1 866cbae8ec4037ef9915946236fa903601903b03
SHA256 9bc3b7eb9c114777cbffa3989630353bd13ba895187f68d29c883817c719bc8f
SHA3 68b3987ef4eaca1d60c08ec4b65a7fe221b5fe4135865af3dabb2150e579fc13

26

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.77095
MD5 31572ae3b003d5540ce665b36009e037
SHA1 aeb6318ffefd4ecc3f88155acb2bd5548eddc765
SHA256 200487ad8f155d1b966c297d691bb21941a0383405c922f66ac1ea84a9f5543a
SHA3 f2066f3e3599026e9ae528c123156cd371faf02290d822c7cd9555eb229221d2

27

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.28238
MD5 e1b601160d1f519743584d94338282b9
SHA1 f4ebc40a00c388fee1f3f9fe40d3352ce8d5e587
SHA256 f23d452fc2e257bde612ec6c6cb1c5100c8c033883aaf666d12a902b7d499211
SHA3 c4ed917ac1c187424c0c86c75e18c0056e3284106f83d7127158c2b76b0f66ae

28

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.61781
MD5 d8bc328b61964bf27abfc1de468a63d2
SHA1 52a7f45e10c53c6883da4b292b47496641245a0d
SHA256 2c1b37ecb2cc37d79c92d0b05fa0d40b5adb2f1f14390b27a420e98d3c31b383
SHA3 6ee987db85daf821465222553b5e3306f66aa9bace5ce68fe63c9c690702ff3e

29

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.98004
MD5 960ffe88236799ef1be0d84a21572742
SHA1 6f05ca41aace2b256c48caf01be42010aa5ca3ce
SHA256 2550041cd9c6db51dc0146a4f304e239adbe6007ff4201a93bf0eec1215bbdb6
SHA3 e9d5f195dca06ba222da6215cfc00865b659efdc8a4a7a2b34de2a4df9eea58c

30

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.38012
MD5 0d136bc871dea06e849142f3103479e9
SHA1 77bffe33eb06f0470c45e88aa9dafb8ef6ac3001
SHA256 8718a6962adbfbda22cc9b7104211f0850a9cdb1a133775e8432900121ffa321
SHA3 4746463759dade5a3a92817d167f9e07d0ff00ca68986af9f24aa7e1049f7a76

31

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.47884
MD5 b72cfaaea84ff041c8bfe5f041106868
SHA1 aeeb3a14728ccc5cdf7f4f9cf59edd4e8954d83f
SHA256 0b125eaf7d3059729133620de4fa99e3423f351cf23f38d1ed3547c3028d21b3
SHA3 0175f2a25791589ddbef84cb373d505a8f69cd005ca171961a3c91d08d0a87bf

32

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.65048
MD5 28e28ca80718a519b1261df5e490a7da
SHA1 7972446021ee547de5fb078810d97bfd3dae3ed8
SHA256 2312bf5182261c22fce5fc18e98e840c038071f3f863631a7dbbbfaa92c0af20
SHA3 5709ebc0afe0f289b76ec5e9a49a4bf7d3835cbd8a80c925db41eecab33d3053

33

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.05506
MD5 7714f740fdf47234d8ec4f11ee617e7e
SHA1 542502be45fc0015dea33d64f313ee353dd1a1fa
SHA256 13f1f53bd2d43a8a5ee5fd9e17734db5628cc232d1b471f5819e86f7a3c201e8
SHA3 ca00664b4a15815891787561cc6d91cb384c278597ac8fd85cce000303d23891

34

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.44185
MD5 6e1b4167ca9c0cb64e63f765ec953913
SHA1 79380b7cbb9eb2523c9fa42e3c4aefd5d63d4b2f
SHA256 fa960f7a1c941c443b14b949171b7d637ac1bf0a11bbfba0047ac9aa226af95c
SHA3 9810de2dcc42add239a7ccb3c14cb56919bdcf9c586af140fdf02ff53a3058d6

35

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.05247
MD5 13ccae106e736e918a60a2415a7c3e57
SHA1 6df7b8e340105f6378e5001c7ad1c5cda9315662
SHA256 cee0895ff13170acec8a23cc32ab9448b7757b1b70e203520f3e782b7f9d0c78
SHA3 926e2340485eefff24e59afc913fac0493a1084b0b2258671c9c374846989edb

36

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.26674
MD5 bdc1534a6f5ee02a48ea4ec07073c4e2
SHA1 292300408710d8e67a1f12b73c04e058e805e00c
SHA256 d8f9718bf04ff3cb5712929a465b08e49664d1a190e2c511be237bf147f23bea
SHA3 1f0129513463a3c8458a79252e28f28ffdca0ad5afe5e73e9c23dd6a7103c4aa

37

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.50639
MD5 5f2676baf4eb2ca5b0cf1b5c67f8d8a5
SHA1 c2fdb76f6697ff390ff29fcaaf4c29c013ff2588
SHA256 8e7743b5d2c0ac3e7049f915124c8fb4e437d7e3fb23fecaccc6220dd6a04419
SHA3 608c222c205c6c246cb61730ffb88a255ea41ef2c5b81aaee77bbdab56ea51a2

DLLMENU

Type RT_MENU
Language English - United States
Codepage Latin 1 / Western European
Size 0x8c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.23714
MD5 58543d17cdefc8a335dc888c949eb1a2
SHA1 1cddb40abea6f936c54eaea9afd656c087e021e9
SHA256 ae08329c9e755a1af99aa945fbb02886bc25ab35dc4dafd432f4c401d73e62d4
SHA3 07f8f71626d4a33e24891991fffa56639402efd0884b43a070b671fd10867d61

HANDLEMENU

Type RT_MENU
Language English - United States
Codepage Latin 1 / Western European
Size 0x46
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.8752
MD5 70a30f346b7a4e550d5070a0eab391e9
SHA1 1e5a1e9e4726dbdfa4956461d0aa32580c0d77ce
SHA256 ab34596f8893f352dafa71240c1bc9b2380fb7dc12baf3ae8676ce5b30760d34
SHA3 5bba098cae34e36b3b1d1c151a4a1852069d88113f3d6b9b9ad88c207909770f

OPACITY

Type RT_MENU
Language English - United States
Codepage Latin 1 / Western European
Size 0x96
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.72111
MD5 fc821d73cf822279ad22626f3b2c0d8b
SHA1 7dcf24fac95f31279349aacb28746a11555f3c81
SHA256 2d96ae63448182f31f99728a824482221161e6127c5c8524a905ab0552a69544
SHA3 3e022e796a1b576121fe4cb3cd7d9b9f99a538ec2e6a6dc69450bcbaab3fda22

PRIORITY

Type RT_MENU
Language English - United States
Codepage Latin 1 / Western European
Size 0x6c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.0828
MD5 0a16ee87c5b4f59bd7aa1eeb9e723e13
SHA1 753e8a96f3283028409f4fda4caf6c59f9153beb
SHA256 d373d633df8d7d67ff35c480b71ec3dd7a8bc41a2b9cfb1b1d1da50064c321b8
SHA3 4c6347df43a34c949ae68d47b1374aef7924674b43046781729494590591ca4e

PROCESSOR

Type RT_MENU
Language English - United States
Codepage Latin 1 / Western European
Size 0x5c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.97035
MD5 26cc5f6563868e188ef9fa8229acae39
SHA1 bfa34876537d0a1d9b5c453e2ceeb798f0947993
SHA256 a5f461e3bb14cbd6d3287110211bc47efaf073a8842201a50964af50100c9c0e
SHA3 d540acbd89aa2cb12a73f85bd8dbbc43779b8440653d3cfc2387caa477fadd4d

PROCEXPLORER

Type RT_MENU
Language English - United States
Codepage Latin 1 / Western European
Size 0xaf4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.483
MD5 68f671ec4ac5d621f0529e798b8c0068
SHA1 6e305b93f44dc6a0fea78ebb9fa9581029d5c36f
SHA256 1f82eec7a866eb2a1be747a1890d09ad2f8c59ed15ff500f8834e8167683af7f
SHA3 5bbff1298d15f4963944c6e935382a8fb0a354f931a59a6eca24094b9de5f0d3

TRAYMENU

Type RT_MENU
Language English - United States
Codepage Latin 1 / Western European
Size 0xae
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.13566
MD5 635e1a8fab60e3f641abb90580b52117
SHA1 9e24ffef6f1d2f375833b2b6fe910023c2e87ad4
SHA256 9a52afaaa992ad15e676282551942074c3850d4c78f4d4f53dcca1e80e2706ca
SHA3 4d5542e674bbca6fceacb7536979c2c31c8262970a7d85d2a9f35f123e924273

USERS

Type RT_MENU
Language English - United States
Codepage Latin 1 / Western European
Size 0xe6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.10198
MD5 e059d158dc1a662371bc462658750efb
SHA1 7a6d94ea50d2cbc2a75d7612d5fba335a74a19a9
SHA256 31dfcaa21410724bf3ccad366ed737529d2d8a55d6b14441d41a311b70417984
SHA3 89b91fd5cf28b19c6fdcad07a2327e84a6b0c9ebac5347af80fe24f016416a31

ABOUTBOX

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x1be
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.21566
MD5 7cf4214ea6973383d723564687a5a839
SHA1 4487b355bae8f91f7a274e78d602baffecacd25e
SHA256 d3d8be1b548b628b457dd5cf9a6d44afe25b83135265bb6131e765de06014521
SHA3 35da9ae75bdab08d0b255f1d9345956bb78599e09c569db4da5efd43146ec25c

CHOOSECOLORS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x8da
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16943
MD5 1bd9b87a9c5d20a663db95e6a210c832
SHA1 36e9e89b1aee3fc2529f283850f152e845319a35
SHA256 2737ac0585f77dcb6c8b2120a1bcfcdbc02503a8a8ab660af03db072f581a868
SHA3 7f2ca6f23b7b04fbde021ae300d1944e660b45cbe2b3e368fb4935801f63d063

COLUMNSETS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x1b4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.17574
MD5 4a376809ab4ede59132c8e2deed4523e
SHA1 32fecd41229939ecbc016344af4c6cac8c44b321
SHA256 cbb09f8359e6e4554a3042154a36e598fcdffde8878ff3a267d451dc88eee795
SHA3 54e3acad562536874ba85c22b96a40fbe752f14009d527bb7daf3e44b803133c

COLUMNSETSAVE

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x130
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.12855
MD5 e3683faf793246443bc5ef588edaa3c2
SHA1 27ccf70d3d39d3ef18e52c0179a1058aeaf0aac1
SHA256 004876973ff207a09220558e5e9236921ed9d4c3d9ee8efa24e3d218609d173c
SHA3 f293a1af9667dfb65d681aef90ee8d8e8ed6e92d836a8e13e61d2b305119c6d6

CPUAFFINITY

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x70e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.17579
MD5 b3e481356e7858f784b46478b46b5d19
SHA1 77c41675c04281c768ef3d7ed8b295a5f571a30d
SHA256 226d6ecdc06182bf72eebb9ae6bbd714ad4091f3f0640863fcd9a378024a6296
SHA3 2db22b7c8f308a7978b35a581d8eba5d8fcf1c19ee9035b8abc9ae203553ecfd

CPUAFFINITY64

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xc90
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.15957
MD5 2cf28c55b75b4de2c77aa0f0cda6103e
SHA1 c38c58139bdbcd27590517506ac49801ca6317f3
SHA256 ca596a11a7eee9bdd924a9f217ec3fbcaa6fdf9199f41cf9d6f56c34d1a7411e
SHA3 1e5a9d3863976345c4037f8c4e46a9f3e7acd6cda2552e52ad5685de0e651cc5

DIFFDURATION

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x1c8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.28549
MD5 4edf66628a0a4123a2559f660848b189
SHA1 8b036c3a109352ddfcb94fb8e17d2b5bc9fabc47
SHA256 0dfed009efc794166d05f75f45fcbee8d77dfe2e18be687fc95a19055cd24374
SHA3 29f832482f36b0bed08d381491c227508ab7807cbb010937544cbb40b11ad374

DLLCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x598
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.39372
MD5 d38d1648cf65a69746d0a81a2113765d
SHA1 69db4aacdd548514c99ea8628187a9ec83bd5b87
SHA256 0b699da1eab49f41635633d4adac0e1471ea33e47adcb6aac9863e4ce3e515c7
SHA3 3e5148de7c7dd9253b065a246f79ab70549bb3d8a21bc4721a3bf1e301d8f690

DLLCOLUMNS95

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x310
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.29261
MD5 d09180776c2af656fee15808a1520e08
SHA1 59044b3e96427c68d53a76707991b44986933487
SHA256 0e3f576d6aac3225a44b8d88a2082a2d640949a9aa92899e45aa6ff81effa94e
SHA3 164508f7441b5eb56042690e8466c5df2be56868d67715ced909f9a10e1015ac

DLLINFO

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x4f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.2369
MD5 3fe031e4e6f9c468fb8c0975a2bb3b66
SHA1 5a7e65ca17eb4692c181f8819e12bef7e6f9f47d
SHA256 4932d1ef64fcfbc8d02d0c50850d2eff2d6c170d7151f9a65aa318f0fffa89cb
SHA3 28e074ea16769a1011f040a9bcf0a5ecb86dc18b5484dece741e71d8c7424843

DLLSTRINGS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x1da
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.29337
MD5 457bbfb772c9531d6bf63db78b0d175b
SHA1 79f0384b9c059810753491123ee1a96e22e0854d
SHA256 d6bb1c0d3e063f5b4f5a68819bf937aae6b02be7bdc12762a7d68acf8eea6db3
SHA3 98df13f337bffe425810aab0884f3602fd8546080fe6fc021be94479bac5a786

FINDDIALOG

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x188
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.29115
MD5 19ae4a40766510822fa7f8284b441dbb
SHA1 9fcb6a445a8fe953b8eaeb356b24371514f6df53
SHA256 64bc80a889f1eeb7d9da63e41658b751788b766bbaa6ed88c957926e0fd4d67c
SHA3 370de027cde7ba1d3bee6d895defc2e7ac0d12285ceb327efa3181c462161bec

HANDLECOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x286
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.29015
MD5 70fa7743fd7da2c4380f0ba887efdee9
SHA1 07dc85a2163ce9d7af62706f486c0a32841467dd
SHA256 958a6472623821f731ae6277df1bfb004b3c9e69bbf9cf1024ec499615a54801
SHA3 c4b20c9dd8f3174ba035bdb8eb194492e2c6efa5e4c0a4ba44c92096bd37dc36

HANDLEINFO

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x47c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.21705
MD5 cd077cbb299e0c9eac1451ff22ecdc23
SHA1 710ea6dec033c09aec6df24183a89b67113ecb91
SHA256 b0bb35bd849a6403ce9d3301737c7ad6902e19787fb0a4ec826168f2321a7054
SHA3 e6ef6d38c053e01a4f23ce7fe6d9bca2f861847b8126d61b6336b42b3d6d439a

HANDLEINFO95

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x280
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.12772
MD5 c3dbb450946327e5eeb29d419356c54f
SHA1 c264743490bd705ae0a6cfd2913683be764868af
SHA256 82acf1bfa2ee10f56862ef8bd5d1eebf460c12b6a4eb342bb5fead35ea7cdb97
SHA3 c25ef3db0012e2fa4293d6c9c990f23fbebad6f5f92951707c7d4328230c0044

MEMSCANPROGRESS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x120
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.1749
MD5 8b2e0b6cccf865894e5fe140a65aa214
SHA1 827a33001b900e7c3f0dc4fd28548293819cf720
SHA256 f66cfafc5d38a89a744982add53eb1e4873c825b60112040bc27c4fabf08c11c
SHA3 de6f2cd7237b6d2ca2b4b46945ff84b0790475773581e474ec26fda98cd82716

NETCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x68a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.32705
MD5 35741dbb7de9216517d78da820fcda37
SHA1 a2887ee8e0d3a64d70b194875c279b67ec9804da
SHA256 b85a69f922a068568f917417bd202af2549ba8e13ee03014540b05d537a163e6
SHA3 c7c3289d324412948cfceda6cbdd84472a3fafba4d0293273672fe21e2cddc28

PREFERENCES

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xd4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.98382
MD5 d69039d865ed59754e414ff55676303d
SHA1 81bf52a2d6131f393b582679afb96cce7981a07f
SHA256 fcbef93b62f2d628e9f5b3b7ad5a1f367a7fef2a61020324dbf8b36a0bd37bd2
SHA3 391c126834435d2e8c9514712c7772a959cb40b81a9ea945b592552a193da8f8

PROCCLR

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xf2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.27782
MD5 a9e479e5dc41fbf810bdd669ade0a674
SHA1 db6813c38de71297e6f8ef0ad2817344f1cd7168
SHA256 40d0600b5e2a97e0ec5ff03d8ddc691bd3770d629a87fe4c31414f0b246bb20b
SHA3 ca5165f6e2d9506b0525023c452f133676258c98b0cf8b9174fcec7f71e80055

PROCCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x6f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.37191
MD5 fdbed89e7dfac7d360bb49047ec0950a
SHA1 aceef45cf10e1d47b9ab4d1cebc3e0e9e7d2b16e
SHA256 b1ba12b932327df8494d6f23df49a7f9e8718e03bc1297277f41abc95e00f896
SHA3 21d04375a6b356e0bbd440545401520d8f6c74924fb594a73df8aa0a7be2f733

PROCCOLUMNS95

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x3da
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.28554
MD5 e7bfed863000c92f44d50a84a9ac8df1
SHA1 05eb08ecc37d2c95a3ca717b3e79de1bcfbcdc19
SHA256 57d776359f384dffc0e776265c8e9c3ce15b7181509424e6d243e3566183466a
SHA3 24a684fa3f10895a1a5f171c9ebb72012ada91f092e32703273b0321d48370a8

PROCCPU

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x122
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.93015
MD5 c097216f801c44b785dba683a48ed465
SHA1 90e0dee218a13c39efca2112586d631d9bc37e06
SHA256 732c442ddc576694f45e7bc092e77f2d132e3e6221da6393380bb0c8a3345ac1
SHA3 1fbfd85109bcbe67fac210b1da90a4925cc3f3b4c82036603b5320a49b171d9b

PROCCPUIO

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x196
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.94701
MD5 f92bb85ad14c67da9769fe0e531c6083
SHA1 a4e3ee34839684f6fee29fa7685124192023680a
SHA256 e6a3433fa46a740cf504aa4831b6f8d878642c01b054b24d86df48f0495305fb
SHA3 89f10d3734df4bced9707e488ece639016ce7234b8bac1d2363b3f80f6c3b8e7

PROCDISKCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x3e0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.19899
MD5 5a1e62c3d371d385e674d9ed62cf7092
SHA1 75dac414b573289c057a813f1ec4acab4fb7b3d4
SHA256 007a811e3cde87a1e8de4323f3c8a5bde03f920a995a73103c09afe4c81a5f1c
SHA3 61474a287903b406a477c65a850b008a6edc4e9021998f0c22a5a522ca3ed409

PROCENV

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x82
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.01105
MD5 bc792db11216a9aec7689eddecdfe16c
SHA1 3aae4a8fe882070423346c958f5f59612365e13e
SHA256 9533f59a0eea7589fb37a105b2588565c8a5dc18fdcd722894d7ccf412f10a75
SHA3 ac6f73097f5ed844267048b3c6e8608399d6e6e61373d601a415414a765cf01d

PROCGPU

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x248
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.05417
MD5 8dd2ceb42785f34ab7170a55deabb74f
SHA1 a1c390272662929c6af28a55ada671242dfb6b95
SHA256 b70252856b8d8c5368c8647239371d20229fa713cc69dae2016bf205d37e26e7
SHA3 c6f37ec520079c1f6fed503df9af6c719686364c140705c6acfb155e7bd8b842

PROCGPUCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x208
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.25714
MD5 482a6aae3cf1298eef555bb1bb8de422
SHA1 6e2eebc6bccf0103497db9bc39bfe5465bef0a2e
SHA256 3afc756afa2c405913458a537b650241db0bb9a79d164607006a8f9a4173772d
SHA3 f19d7c14d3d5a5f838999bcabdd7c2b4fe8192746ec77b122f7c770a6d07a9af

PROCINFO

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x78c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.3243
MD5 d827901106c9875ccdd9e15d6d0f27ca
SHA1 a17f27d84880d2450cda00210e7e9029320a5afc
SHA256 77b50c45a27e358bffd8bfac306f009dda87a8760f5eca706f10f746e574aa67
SHA3 9c279f45184c7e5b4c5c9f29be3301c1ff297db1b038d9583d729ff3383aa2c6

PROCIOCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x440
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.2078
MD5 dd4740289bddd937b2953e6f6502f37c
SHA1 fbe51a6527e74f842be66e16703d198ce966cbd2
SHA256 92391cc02532a364314f65c180713d7f9b8a38a9ff0c894788c619fd1e5756df
SHA3 8483a9e8747011a0e1a3e18071dba1b59ab63713ebf2c797db9f9fbaca360bfc

PROCJOB

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x196
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.18824
MD5 5e9cedabd0a90cf553fce0a1f5549ba9
SHA1 adc4b1142410341ea882644ea4781b9832e5fc99
SHA256 cafa3168f6df0c1ce7b007c7d2527d8c26a6f0b1f2228e13cd8a727e5f4a16ed
SHA3 c04804a6c4b773b44da762509f0242ec33b1811dce50ff96a1133feda6158245

PROCMEMCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x626
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.3539
MD5 eecd2d441918a35783fdade41a437e79
SHA1 0c8f3a9d852cf7248b86fe2839ab59eb38db2011
SHA256 7672262a1544ee9491c0b9ee37f6e8b491e3311bedf66b294b79f81692100932
SHA3 237fa0389dc2a539cf415f651498b7f0e37d50cc5b0b5986f86ec5efb476a71b

PROCNET

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x158
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.21306
MD5 c92630df79b329d67c108781f5f7f8f0
SHA1 ffd5ceca1fdf7d4948e903c374ea8e3e4b41b213
SHA256 ade32801b5d8b41c8bae44aaf5015cd2cb4aadcdc91ddefdcfb235c640f7c342
SHA3 8e7cae487df43f855ea0e4bb30e34fab5c24725869fed49da79a3172d49d2fe2

PROCNETWORKCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x3f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.19385
MD5 df74b2ba943785ce6e6c00c0cad522c0
SHA1 993298fba5f49db317f80b2e67f3a5f1c9a7a010
SHA256 2313c328ee6801b074fec8091ef6b9f9a887c3a239f5bfbda365868605ffc74e
SHA3 720b5ea654238db630dd712a95593287027ff3eb3b7ecd64e05403756c3ae455

PROCPERF

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xc6e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16568
MD5 65af745bdf554d43138fd07604b8599c
SHA1 23822d74b4927a5568b2b768ab40566f68412c32
SHA256 07620c0f294ced1b721dc51dfe6082633e03b433334e84192acd8ab83baf834d
SHA3 52ba6db7e6fb07024f6a77f8e69fc3fc7913932a8501ad096e8e1bb52eb8bf4e

PROCPERFCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x3f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.27292
MD5 b1e6ab2630485ce9fdd84aef26b69f7a
SHA1 fda2c3b243d885abd80834969f911e2a7fb64bf0
SHA256 15dad56ba784ad3755f22af89f08d6acfb010ac6606c620ad82dd0f78c1d1bb6
SHA3 c4045dd0e105f2c7d4f8ea8406a18d3a11d8587c8126abc5319426b3c3f76424

PROCPERFETW

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xa1e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03253
MD5 69b724fe52f444360fffda5f8ebd7b89
SHA1 4b7a4a7a85811759145360c64ad25ed940647452
SHA256 c63a5a96695479c76f08873fae0671f468601c002021bf8b0e754303fa8bc207
SHA3 5d924185dae3d23837a987ec99ff74772b6da87b73ad20ee714fb49eb63e0c01

PROCPROPSHEET

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xe6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.17611
MD5 e9d63b14d26f18feeb95138dd6254007
SHA1 387217d323b2bde1ae21fe5f3d0ef48ac6e96911
SHA256 be17768f8b02974269083e9c2418b4b7125927be4346fff5f63e7e694dd688d6
SHA3 96b20b486da6f37c86a7f0f680a5682c20983474471567f250de91a176e9aaaa

PROCSECURITY

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x388
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.23385
MD5 8093e688dc1a53c348d559ea6ff2338a
SHA1 5d38474f963282630fdc0b386c45086026995bce
SHA256 a0673b4336936923e7d4d2d8218f2864a7de93aedf4b78c830f48a91d2f012cd
SHA3 e20bc8171cfb29fa8e051ef9dcecd62134a191b1c7cb727da5adb57759ff098e

PROCSERVICES

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x220
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.21041
MD5 16580f40aa47bc7ce95c82f7bc4542e4
SHA1 8e5d314347b9ecf831c164f2fc8a16a435197225
SHA256 290dacc36933d52b8d94f6514daa28ef2db585880d3c653c20d77ff4df079390
SHA3 d924c44e50dd367d83f7a27e7d3685ea16ad9379e501e62db97d3b0f93e2220a

PROCSTRINGS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x19a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.25744
MD5 62fc7dde05da9c2e4946e45a87143ed6
SHA1 0603af32669f9637404e332d1e2db245cc469bf8
SHA256 8b40a3c75f30dd2edcc81e27a9d18a4ceefe3f687bdfe5752d3e1255a5e00a7a
SHA3 ccbb9b42ef16592f2336839eb5af56c1c07e62e8f3f20c8856a60a6d335b4dce

PROCTCPUDP

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xc8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16727
MD5 4f8b1d2151133dd1cdc6ed0dc045e226
SHA1 abd45d6c8ef03c039ed6d94b2b98e331d831cd74
SHA256 ec20f2bb34a6ee955d4e99d1ce43fc0dbfa00fc29061c186ecd3787f4cd5868c
SHA3 ae6072f7e138439c7779814c9c3a24bc6cf00167f5066ff960043fe9d4d110cd

PROCTCPUDPSTACK

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x15c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.27832
MD5 408bf8b66872372667dac657dbc7d4ee
SHA1 075582fac88e7e2cc8f27d3318660cdbb7b5c50f
SHA256 455b51929d34968ff68bd3636db0cc607294823d26f53ced09f2600cad300d8d
SHA3 e93f038e111911fddb8cf91d3f317cd0af528b0a1ae1528e9dd3ab61a59ec7e1

PROCTHREADS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x6aa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.19944
MD5 d52a73058246584ab76bddf73b232243
SHA1 e27cc540374463e1d815b182a5974689c9989746
SHA256 0b822e5c17783280f8914181c0ae5c6b1ea81d9f084015d592238da9ea705b2a
SHA3 bb97c4fb97cb5907e7033f022579f5b373cfda867cb5561914dddd3cea8b7d42

PROCWMIPROVIDERS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x82
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.02643
MD5 f8a7fe50498582a91784ef010a5e6e64
SHA1 74342e69ad012fcb002b2c048226fcad9206cc62
SHA256 5f0be3421caf57f3e3e0793d91a5095efd5d71174dc84d1f0b3f7bb4b79fd993
SHA3 36ce4e6a59aa8fdee1d3ece132ad52f05404706dac1ad05613807e639038c1ad

RUNDLG

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x1bc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.23817
MD5 04072f8bbc56d19225743a11f7d283f8
SHA1 772b4477273481ab270b426b04c097cffed81c2d
SHA256 5f61040c387b76a32a4b00314aa7dc3b1e1e387be4be86701349d5f2f4c94d69
SHA3 516b7e767c1ee95006cb226207dd0d96fcb8a3270180a629c87133042c4c7471

SECURITY

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x39c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.2069
MD5 0d003978ff4975b0ee07a563aa32273e
SHA1 5203e2e4290350d6c081179625909a3d6e150fee
SHA256 e9d6aa1dd0985247d6906ac2d280877acbf26ddf822db978d14c0a4cc001da36
SHA3 7973ebbb387e651db5222f1a402cb4a6cc7fc4ecb776ba6193de7e2f2eb03369

SENDMESSAGE

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x154
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.0276
MD5 b113c2f88bdcf37cf2db86257ab92007
SHA1 d9a6f48cd32b8de799b2067b952c762e1ab37165
SHA256 1aa38eb868103555f5dd55f655df9627c8f13181f33bf0261cc8c845119be9b0
SHA3 a249890231ddb93e9142be601e6ca10fb961e010339dc86ce0ab98924e3b6f2f

SERVICECONTROL

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x180
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.20161
MD5 d8f456d1b28f6817e559ae4ef887bd8a
SHA1 a28983447bb70d5bc982282d6c16bce7358ff507
SHA256 576ff668d488f2099991f514dea5bcd13a76b81844077575d69ac23106098b1f
SHA3 e7bb6bb1de33ed977c7814aef2d0db88fc2305620c2a85e047b01b4eb5cd0a6e

STATUSBARCOLUMNS

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x516
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.34368
MD5 fed3c9a663fff4b1c3b78ecd764427a9
SHA1 c1ee2bbc1419ec0a4da0a57f98606c1f0210924e
SHA256 6b08b36c4843159e8d146eb0d690d10a6fcfd0133db723a6c6a7adde6791546e
SHA3 dbb3e6ce15d53f160e821b8dd4cb9bcabc01b6a78047430daf128e8fc3c8f3a8

STATUSBARCOLUMNS95

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x250
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.30892
MD5 6d7336e0769c2a7b8b80a5774d82811d
SHA1 88ae7f13f9a237679a19e95676d8ba07114a223b
SHA256 1a5ba0c3c1d3c7eab4b7161d5c5d63583c82a493eed92d6a7fd371f55b4e680e
SHA3 510184b0b7e24530aea516dacc015a703837ecf548f23f6486f00e2e3f9b883b

SYMBOLCONFIG

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x3f8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.37634
MD5 683b371d68c18fb70b21b87e8bdb50df
SHA1 ff9b434d7696deb27657169c91c513d19f046fff
SHA256 b5ef6554821c52d6085bf39b24de865af2dd6ec8075792b8f905202d89a6e9d0
SHA3 6dd0caa6821898c3ac23544040590eb13ef33292c0f924d29bd359a4e9efe7b0

SYMBOLCONFIGWARNING

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x2c0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.35145
MD5 d158cb5971c2b3cd3c54625437bff306
SHA1 63c4d354424d5e346029e04d103a166d4e873592
SHA256 930b8b7108d0176aa72036cd1365e90cf92ecbf2969080d509e0d0ed910fdb94
SHA3 2e5186b0ec423977105b71a718a0774c425e6db279b002165d9b6488a21ff52c

SYMBOLDBGHELPGWARNING

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x3ac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.37708
MD5 a7e7fe752491d98d10dd79760b01d58e
SHA1 09a089c2dd027e371a6063328c3f5bc9a3678a79
SHA256 b301bbaacd6b4330bb74878987a0f798723373d06eca4d50572cea501a51c5cd
SHA3 7b5d05a948a71b9992dbe50b0e411354131cffc90091343e18efc4a9062bf450

SYSINFOPROPSHEET

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xce
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.36249
MD5 d97a46037fced13e1c84ddaba3bc96a4
SHA1 1779402d5be37546c6ff01865133f7822882c02e
SHA256 d231c928399a8ccb22efdb7fdbe88b5967b552561985ef4593a94d277192f49f
SHA3 0da0eef103c323cd0dc80535ba22b3d162d4d4ebc52be939aa1191c033d908aa

SYSTEMINFOCPU

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x488
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16987
MD5 f36131c9184d93463f4760d14b0e6730
SHA1 0a841bdad7f2715c13ccc7fee34d9335032114ed
SHA256 dbbca3b14d2120bfd59caedb15b6c555fcafc6c92537e84a9e3334fabdac4e3c
SHA3 0bff36c4ade9394783a73b0068c6c750fb11100634a7be8ca515e58b7dc6318e

SYSTEMINFOGPU

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x4be
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.33868
MD5 f374aa5d93456ca7e9788e2ef8122d36
SHA1 b858775364d3e6511204b7bb7513e205e0f19cdb
SHA256 527354f4556deae8238c6417bf01d20a6caf16a93771ec957d177d58741c2ff8
SHA3 b3da0f84bf61862f022f10132f47957bf53e1aa2dada2732167e85f3532823bf

SYSTEMINFOGPUNODES

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x12a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.31594
MD5 2f522f20fc6495545e204e69d8b95dc8
SHA1 78cd4ca491094b42edef68c0b16c36c3b4514fa7
SHA256 9c5611036afb4d48ce9d92d175285e6bbcbdaad3a3cc229522951fbd2104b9c7
SHA3 01de2836989671f6790bdf8e437407905f072e9106621a7a20809234f57dc00c

SYSTEMINFOIO

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x382
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.14723
MD5 5cc57a501788eb28dd43087b4b8251d2
SHA1 b0972826685a5c47b30ae50f0ad1d36e94a27fef
SHA256 4e0cd72c6a6178c7b1354ebdf30884fd6cc70c233ca98d77fa6f9d3007261294
SHA3 8cf7b83260b4d2e326642059229463fdfa9b0c6f1b467599055fa71af8b609d9

SYSTEMINFOIOETW

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xa24
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.18862
MD5 104925e2089c5738c02183a96c33d805
SHA1 6f5c569cf74d075155ea3b44bcc942ecc5e6cde5
SHA256 73dc7d7196628079156f4ac16f58d088ee3f02fe0f2701e6e4588118fe33b624
SHA3 0b0ffc2ce639e633b3e73dddcc35638bec245f49bb607f04bd697f119a2dbeb1

SYSTEMINFOMEM

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0xf64
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.24853
MD5 42378bf274171635586559454cceb119
SHA1 504d74952d29d013c8542375431084a0995c1026
SHA256 704a6de397106138a7ae7e4346eccba98ab986e66da431bce4c71aeb712e96cd
SHA3 8dbe41c41406f3d4dd7f5024d91a2ca229d74b3b0fb23ab1d0bd09f7fcfecf97

SYSTEMINFOMEMXP

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x92e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.23864
MD5 5d937c1026dc8ef7cc5db9dd8a4ee742
SHA1 396d53ef3878cba27fcd4fed5079c6fedc25f466
SHA256 4d99ae769d612f0c81542dda98a3d29ea58bd00262777a02c254391bedc9c5d7
SHA3 176b2f5d92cca3e9c4c70308fd35faa813728cf333491690a9a8b124ecce2348

SYSTEMINFOSUM

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x20a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.02122
MD5 cac1ec262ba8c0dba489b06d55505c9b
SHA1 fb3a7a8f3b0fb9639b7a894a2971919e92349014
SHA256 156b8a9d19e222c6f1eb492dddee15b0feaf9dfcdabe901488ec260b24d64dd0
SHA3 fb8f6fe9477399e74228065cd4ec05797e721a426c5c07b2c3316cd22662f4f0

SYSTEMINFOSUMETW

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x2f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.06331
MD5 90771deb7437aadda139709bd99fddc6
SHA1 9a34aafab864482e72e2cf95c29f79e5e9fe577f
SHA256 2dd5787c1ecbc9e96fa129f4da9a0d6e93521faf09dba42949e0557eb077ad87
SHA3 cea4385bc3ba5cf6082e37ad90945c63e5d289846f2ecb567b9213925bdd685b

THREADSTACK

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x180
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.19981
MD5 ecf248e165d270d851358ba213434666
SHA1 069e941e9d1752ad4af56bd776aaea056750096c
SHA256 ea6bf496764e5ec797cf15eb86778ff4c702b94cd7cde02ecd5d281ca3acfced
SHA3 9a23849be1df11848e5df489eda2219e835108640f3dafbadbe1ba66b35e92fc

TSINFO

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x2de
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.95297
MD5 bc88105ea067038b6796c34fd68412bb
SHA1 f5718d9b8d9fd37eb36a23224f9da5e91428754b
SHA256 4feba0798e2f4e4d6a5b01d49a0e523520aeb4f49fe1de53d26650c8c784f884
SHA3 f997154f3c0a38da7863307aa4b02156cfbaa0676cc563b31c5baeaecac79c88

1543

Type RT_DIALOG
Language English - United States
Codepage Latin 1 / Western European
Size 0x208
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.30429
MD5 f80812b3d7c15baf44968747b58e6ddf
SHA1 46418d6525b5692c97fce6c89df7747a23f08458
SHA256 ce2d4fd6a5e3e3d8e9c6840c3f51f9ba0d4c39b04947147c1ff870789db6eaa0
SHA3 465619b628d74906966298d90fdd74de971e50ba45cdf7edf91e3d555a057870

1 (#2)

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x30a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44019
MD5 ed9136bb2839b901549eb0e7e221b8e5
SHA1 d86316f04966c3b765a2881659c3b0dc268afe8e
SHA256 a19504558bdd9dd58d2451e3b11f8c6d732232e799bf211562d77f34ec2f128c
SHA3 9bc2da3a2262fa970ed7020d5320c4a869ebc0bac057881f55b7a97787180689

2 (#2)

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x14c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.46162
MD5 dc8a9af26da30a317687023f3fe087ac
SHA1 aea39422f2d27d25646a02190815e3e6f36ca4e4
SHA256 cf6886a8c62dfad38664889c2e1e7db02f8afd8a22475ea9c313fb5384dca908
SHA3 eb028cd89eb213b46ae514c3e0e2fa1a084f73b57cab047e464741715b6bfcd4

3 (#2)

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x140
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.40776
MD5 7d5be1d8326733bf7625fb673c9a318a
SHA1 a390f0ae4dd556dd958e99c5bfafba1e3bab4b1c
SHA256 21f68e5ab2468ececa93be69f79c8d64281ce8a42e018c727e778e398ee39129
SHA3 a2506ba0164978271c4a1a688b3c5d7b83a41d447a999ac2958d2f4eefcf6d93

65

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x68
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.56232
MD5 fe9f54ac14d37c36270747a4244c4d44
SHA1 b8a9140ef547dae061c2eb22c6d42c11f3916e0c
SHA256 b292f51f5e9083a917f6628bb9ad83da5dbff2c8bef723960eee6ea385922d6d
SHA3 cd0ba966c0bef3c3f1b6b3f70dbe8d1daea2d2fb0d37befec01e1140f3822bf1

66

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0xcc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.29275
MD5 03a40688c8d29712a5ee8a67b037120b
SHA1 c49be7495513531947707ab0e8ed5e07c5421989
SHA256 5193116b1257096963f39a7cf475f26a705fbca2df3f72bb95aa6faf3d8f6e7f
SHA3 9fbb8094366ddf6477a5e2dce171fbdd6b94323ad4441be505eed1d02fb3de53

67

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x176
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.47415
MD5 aeaee30f3971f98a788b23867fc2048e
SHA1 cf4d97e0095fcf46fd7bd7e291601dbc03a114a9
SHA256 9d555867732921e81eabd2f68a2e2f24c9e168b4db3528f88a8973e6fbf26f21
SHA3 916e78c22fc81afef7e44f561e61b8920ebfd6b7932d905865abacf9f4dc3479

68

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0xea
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.27421
MD5 458c35b7f214c3a12401a2633f50456c
SHA1 777355b5b20ff3e6bc06ba95f9c3d3714f7240f6
SHA256 f05edc1e2d014d9eb9a792adedfb67904fa7deb72d5fb92501fe7f92d20b399e
SHA3 739ee118fdeb9ef8f9c9494f3d77947a99ae855b2ad89cec59112236647a7f6b

69

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x226
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.42955
MD5 822281dd325807cbcc4f0e9c83595269
SHA1 f7a3aa3e5817da579adf44ffbe8c665f02fcc93c
SHA256 070a199e1aa16c6cae294cfe34b4e382e4bc514c1d6be71f4bcef2702dfd2817
SHA3 cebec4d3b8f92bdc4df09d8bef87ef3e1864737bbec2ba4c7506bf6dc575190b

70

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x1a6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.4346
MD5 649b03e4a2e7f29da81d3ca094e0b9e3
SHA1 d9ba1e353ae1ef8e7c260d71ced058f8b2bee894
SHA256 08e00de964f56d3ae69759ad9657ca4a199b38a5e5877dbcf76e6c2438953946
SHA3 a99323eaa27e555411fd5d074b483c62de98d5eb8b3cda5ec9e1f4cbe05fbb60

74

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0xa4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03578
MD5 62c2a339354ec7afae6114002fceb1f8
SHA1 056ac59d8f8f6e4d6003ac3443cd2ce97482aba3
SHA256 fbf230d0e91c0ddce1dc55568ebec8c65f71950eaaa3986bb36f5a1837abcb06
SHA3 1d6bf7c1205d3f9799d2eda1209899321c82df579cea855b457c0a6fed513c21

75

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x1f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.51292
MD5 cd11f91182522b2b52e7ddf8e8c021ea
SHA1 d7a7d49ec18ebe463b58e2dfb75ea19e45beb4a1
SHA256 119060851f96ffdcb785255858ebd622d6c1dad43ab4350f06a9981c682f4153
SHA3 3f93db7eb67ca1d0b1b273422770392d67d389175a0aad3a2ebd47c85352a0a6

76

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x38
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.56933
MD5 91d3b36f7de9aa055dc053c0eda36d78
SHA1 f69817c9e148cd7f714c10c1f1c228d3dbac9ee9
SHA256 65f15a49d21ca7fca3c7c3cc8e0f9739936bcc0b789c73d758200a55e064ea4a
SHA3 3d0c9233b0009336eb2cd02bf8a2f0409acc812a4e00e1113922fbbf4e9f760e

82

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x3c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.56284
MD5 c086273f8908d189efa69d9841d3d2fc
SHA1 56d1c6dccbc4f72dd7e26e5fdecfc1b8a2430d41
SHA256 7f455fe6b3ee76661f758f6aad09bf09f127ab336371fe06d44e03fa0911f251
SHA3 50f14de06170e1d5e9107ca82465aae2f6903f87d632c2fba63acba61adf9eda

83

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x7e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.60408
MD5 6a35a26ec55d36a142413887dbe504a5
SHA1 95fc59217b2622479f1925290c76dad67aa2af83
SHA256 026e7ed0a1a629a41668f8e0091f21addcfa91867a6df2ac5ec14e665f28e43b
SHA3 bdec3f871661328188eeb47e64b2ecf0424d0c1682fb83e40528275ea5efe140

84

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x1a2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.34332
MD5 8234b1ee22cb2ced3ee74a9d72f4bfd5
SHA1 7bc97af5559591597217a0b07e22cbbb39071493
SHA256 fe855601527076a0fae614a64de094c9780a49a53b5633ec3f725a5db7699ddd
SHA3 7b4600968bad27710908cdaf90b9365ba4d1aac3f551022e9420d368b7ea3d7c

101

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x10c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.99024
MD5 e2944da0f2a0726a00d91ff35de0c481
SHA1 9bdb530bedceb5e6c66d029d75daa96b378b5269
SHA256 c335c8e612fe0b2f87f34be35470cf85f2eab4f2289016b1beca7099ecd46e6b
SHA3 e6129d7c0c65d2d21cbf24c7677a57bc0547a7168dbfbcd6f0beff1ba350d309

102

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x260
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.19253
MD5 8df2f7b1622b40f115e3d39491212a90
SHA1 f81be800ac999b20b7d210503ab43e995806b977
SHA256 fb793d1a2d6e2ca6265094554d2dcf7c3d0571dc76ed6e649ad60864f7c6c877
SHA3 138b3de81bfb0c001a3c351aa4d33042dbfb9c650b1d136aa1e32494c179f38c

103

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x112
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.95285
MD5 0602fab9d204418d59983e8ea856c8e3
SHA1 bdd9a1cec1a37704798490721a33d23e08e58976
SHA256 ee17987783f94ecdc0ac2de7ef0ac9e4d746a00b78f5a03dc5522032eb494c7a
SHA3 4aac015a373685652c5e787f98db0a805df209c721d414146b4572ca4e8f740f

104

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0xee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.10233
MD5 6c1aa6d4132dd1c26dbdf31b5acab2b4
SHA1 5e047035ae55d0e205fbc16485148d7404d5236d
SHA256 4c21dceacb4317737f16ed6eb7cfacd16710e69cc9ae6e68110aa150f73779b2
SHA3 2657e36187352b9550cac770699d126069632e3a9c1f28d259ba68681b06d732

105

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x74
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.68833
MD5 9841c3a8949b40f85d72e60f6524f90a
SHA1 7d183221fc37c4cc11f513379f313c9247bc2c19
SHA256 88b06e691690208c881dfabf121951b43ddb110a4bd0c9d8209122d132e0a6d7
SHA3 c7ee43d9d2d3ae10fe93573183eff193079ce38983db5770942bcf7190ce1d19
Preview

2548

Type RT_STRING
Language English - United States
Codepage Latin 1 / Western European
Size 0x80
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.84022
MD5 919c80c42081ef05c1364f9997107037
SHA1 a6477e4994f7807cbf820cc06865e0e5b34b311d
SHA256 c6ee7213a56c7cb66fa4a2a16d34551a5b8ccb0983c24bc0d24504b1b393831a
SHA3 266a9714c7714bb407ae10c781dc08ff0e1c1d59c803e179dac31d2076e2208b

DLLPROPERTIES

Type RT_ACCELERATOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x40
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.98407
MD5 dfc5f58c267eaebeedf1350074f84b8c
SHA1 a68174e18e7e4c52c62682e75293f0fbd801f394
SHA256 f5314c863c679a22af0d34982419709a57016cf80b5b2dd9b957816ea9bb542d
SHA3 886a15bbb69d7561ff8c69954a2a5afd40c4f79d6d7323918eae69eca74cf1a6

PROCEXPLORER (#2)

Type RT_ACCELERATOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x120
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.48622
MD5 f3df0a33af60ce7e8932dda0ca560372
SHA1 51ac0d853535ffdeadddc2806520ccb5cd73c881
SHA256 47ec7cdce358309360272fdde22e1325a4a59430c74093afa9065f0425d026c0
SHA3 c38baac9aabb853a7d41deacf1c0310a5f12d27a198fc8e044c97f8328a788ab

PROCPROPERTIES

Type RT_ACCELERATOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x70
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16243
MD5 c40207097aab50200e36ee3f65c7ae7b
SHA1 f42efe11bd07f952ecc5e65d3c57ea5fb61f5d5a
SHA256 85951eeb99de72cb500d3a68a4ba2ed668df8c25a175f7660a5e66c7eb23acb0
SHA3 91edfd7d0190f05507af845aabe70aa1d26fb64201d7dfde7350861df4a5195c

HAND

Type RT_GROUP_CURSOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 1ae28d964ba1a2b1b73cd813a32d4b40
SHA1 8883cd93b8ef7c15928177de37711f95f9e4cd22
SHA256 ff47a48c11c234903a7d625cb8b62101909f735ad84266c98dd4834549452c39
SHA3 a85dadd416ce2d22aa291c0794c45766a0613b853c6e3b884a2b05fc791427b8
Preview

10 (#2)

Type RT_GROUP_CURSOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 48e064acaba0088aa097b52394887587
SHA1 310b283d52aa218e77c0c08db694c970378b481d
SHA256 43f40dd5140804309a4c901ec3c85b54481316e67a6fe18beb9d5c0ce3a42c3a
SHA3 38753084b0ada40269914e80dbacf7656dc94764048bd5dff649b08b700f3ed5

105 (#2)

Type RT_GROUP_CURSOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.91924
Detected Filetype Cursor file
MD5 aff0f5e372bd49ceb9f615b9a04c97df
SHA1 e3205724d7ee695f027ab5ea8d8e1a453aaad0dd
SHA256 b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c
SHA3 9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712

106

Type RT_GROUP_CURSOR
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.83876
Detected Filetype Cursor file
MD5 a2baa01ccdea3190e4998a54dbc202a4
SHA1 e8217df98038141ab4e449cb979b1c3bbea12da3
SHA256 c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710
SHA3 8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc
Preview

101 (#2)

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.72956
Detected Filetype Icon file
MD5 3837a9bb359de64e9d91b868200e4284
SHA1 58e39005137a40c56ecc736ec6ada8781efdb9f6
SHA256 780ad462072338895296d91ecae6c6db1980b2631d38cfc512fedcd62cbb2faf
SHA3 dbd9cdf75bea132fa938773ed248cee3c530d94480f704a56c433ec38bf5e029

110

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.32322
Detected Filetype Icon file
MD5 a738f04a158489eb08f7076b171d83e3
SHA1 3a895635a92fb625d952cc581088984ca21d3bc3
SHA256 09c57da0ef77215a397e30ad586ae557bede7fe62e64d185dbeec541ea1e2f2c
SHA3 2089f21b09bd51fdbac7304cfc19b9940f4d47693dee6c1705126831e4b7cc35

111

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.32322
Detected Filetype Icon file
MD5 ae3c746814eab4a62d540a3352d76ef5
SHA1 47866acc7952d96aed994ab3da69c383c2317134
SHA256 e1296c55f8620d1404258cd580c00e81723563b843bc5e267d69c391c068f1fc
SHA3 452fd9dcc19a8a2a51a021de7e2755976097ffa2c0e84b34e88f50342f826f70

112

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.32322
Detected Filetype Icon file
MD5 a4f2ba5167725dbfd10a34a13704ce9b
SHA1 3b05f49ec337ab32c96235933ab8c2b7bf9be3d0
SHA256 9899149622d121457b71542d1a71e2405272bd152806a9b078d1219a05821646
SHA3 d1d0d7c32989ada6f9e79633a1c84c51886714a102fe8beb250b9db1708349cf

113

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.02322
Detected Filetype Icon file
MD5 cb6224423116bd21b2417c0c419f2a7b
SHA1 93f63a175f19235b1fdf8cdf724028b3099db026
SHA256 2ef8f3005787231e5b1b5baaa4e31980f4f0eb0eb40d74513cd03b5f684f2e8f
SHA3 3a502b5c5b58d819aecb6d5623cdf726f9dd0ddcb729ac03b2425a636b027f8a

147

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0xa0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.1149
Detected Filetype Icon file
MD5 263f6b82d09470a981a3c8758e73b9d4
SHA1 bac36d349b649399bc3e865d615c42ec16e079b7
SHA256 91723a6f5e45c67dfb72f99a75265d424fa271c8fd996456c5e110be67c04549
SHA3 851401896e5d53131dcb02d52a6d5c3c00a7326c6ace572e586b20e701e9a12d

154

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x84
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.9932
Detected Filetype Icon file
MD5 88cfcebb86131271a45d5b9b0d0f1bf1
SHA1 22055aabc9ff2c67501f6e8af03eef3ad3d7d37b
SHA256 6521f14453c9c120803310cbad8ac31f5028db244832026c10b293c529b29056
SHA3 0aacb6f092e19e7206a5ba0deef496833fe7c2ccc90ae21128eeb0cf48850683

203

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.02322
Detected Filetype Icon file
MD5 1fed1b6ced8874203c46a096f0fd4548
SHA1 b1522fbb981631125616b9a83c08f98aa356aa24
SHA256 73cbd54612e4344597312043bf742c722dd1cee9fc78d2076b686769d7baa132
SHA3 2fe717cd74af96b9a28a2e7ebbc49f029c7e6f3dfd1e632233eeaf18af1ba55c

235

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x22
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.55805
Detected Filetype Icon file
MD5 96e43a37ca98573115d67dbee6d0730b
SHA1 4a2deb6d53419b8e89876532ca90fcfb330f19a4
SHA256 35edd32ffd75863630948ed7f603f005840c49e3c4dbfbafbbc569533fdbd520
SHA3 5cec263d5d3e4f05baa65b0f63f39dc1c071e388dde6325bbd5797640feb44e2

1 (#3)

Type RT_VERSION
Language English - United States
Codepage Latin 1 / Western European
Size 0x3bc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.48327
MD5 00e929ed366bfee04cc0ae6b71c1e347
SHA1 763b7afdd1ab88f7f13ec7f63070e4f2ab47b68e
SHA256 7865c8470ad88bfb6024840b5df8c95e6d6bb1a639c65ffe51d51f79593df8a0
SHA3 303e0fd26d7fb7ffd838a9c87e58bbb6cee23fb6636b17bed783762ff888624d

1 (#4)

Type RT_MANIFEST
Language English - United States
Codepage Latin 1 / Western European
Size 0x81d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.13857
MD5 c739c7060f9cfdedd4c7ea9780ca6de5
SHA1 7275cc35f13af498e82530fefba3f3672eec2c70
SHA256 e1316a10202df09d0cab9f35434ba62039932dd885523f4b97598bb33392f277
SHA3 f356c37f36102019512864e428af78d4bd4e5b1c611089ab28c08468073f8ddc

String Table contents

Process
PID
Priority
Threads
Cycle CPU Usage
GPU
Paged Pool
Nonpaged Pool
Programs (*.exe, *.com, *.bat, *.pif)|*.exe;*.com;*.bat|Executables (*.exe)|*.exe|Command Files (*.com)|*.com|Batch Files (*.bat)|*.bat|Pif Files (*.pif)|*.pif|
There is insufficent memory to run the program
The file is not a valid executable format
Cannot find the specified file
Cannot find the specified path
Refresh process list
Handles
User Name
Handle
Type
Name
Base
Size
Version
Name
Show Unnamed Objects (Ctrl+U)
Find (Ctrl+F)
View Handles (Ctrl+H)
Time
Save (Ctrl+S)
View DLLs (Ctrl+D)
References
Parent
Window Title
Kill Process/Close Handle
Properties
Description
Access
Mapping
Refresh Now (F5)
Description
Frame
Address
Command Line
Company Name
Share
Service
Description
Display Name
Group
Privilege
Flags
Flags
Handle
Handle or DLL
Show Process Tree
CPU
Session
Variable
Value
Page Faults
Private Bytes
Path
Peak Private Bytes
Working Set
Peak Working Set
Threads
GDI Objects
USER Objects
I/O Reads
I/O Read Bytes
I/O Writes
I/O Write Bytes
I/O Other
I/O Other Bytes
Image Base
Limit
TID
Start Address
Function
User Time
Kernel Time
Start Time
CPU Time
Show Lower Pane (Ctrl+L)
Hide Lower Pane (Ctrl+L)
Show Processes From &All Users
Context Switches
CSwitch Delta
Counter
Methods Jitted
% Time in JIT
AppDomains
Assemblies
Classes Loaded
Total AppDomains
Total Assemblies
Total Classes Loaded
Total Lock Contentions
Heap Bytes
Gen 0 Collections
Gen 1 Collections
Gen 2 Collections
% Time in GC
Allocated Bytes/s
Runtime Checks
Contentions
Path
Find Handle (Ctrl+F)
Find Handle or DLL (Ctrl+F)
Virtual Size
WS Total
WS Private
WS Shared
PF Delta
Desktop Integrity Level
Comment
PROCEXPLORER
Process Explorer
Local Address
Object Address
Remote Address
Verified Signer
State
Protocol
Image Type
CPU History
Private Delta Bytes
Private Bytes History
Share Flags
Cycles
Window Status
Find &Window's Process (drag over window)
System Information (Ctrl+I)
DEP
Cycles Delta
Decoded Access
WS Shareable
I/O Delta Reads
I/O Delta Read Bytes
I/O Delta Writes
I/O Delta Write Bytes
I/O History
I/O Delta Other Bytes
I/O Delta Total Bytes
I/O Delta Other
Integrity
Virtualized
ASLR
Memory Priority
I/O Priority
Min Working Set
Max Working Set
Service
Network Receives
Network Delta Receives
Network Sends
Network Delta Sends
Network Other
Network Delta Others
Network History
Network Delta Receive Bytes
Network Receive Bytes
Network Send Bytes
Network Delta Send Bytes
Network Other Bytes
Network Delta Other Bytes
Network Delta Total Bytes
Disk Reads
Disk Delta Reads
Disk Writes
Disk Delta Writes
Disk Other
Disk Delta Others
Disk History
Disk Read Bytes
Disk Delta Read Bytes
Disk Write Bytes
Disk Delta Write Bytes
Disk Other Bytes
Disk Delta Other Bytes
Disk Delta Total Bytes
Tree CPU Usage
Processor
GPU
GPU System Bytes
GPU Dedicated Bytes
GPU Committed Bytes
Package Name
Process Timeline
Autostart Location
DPI Awareness
VirusTotal
Protection
UI Access
Provider Name
Namespace
DLL Path
Control Flow Guard

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 16.21.0.0
ProductVersion 16.21.0.0
FileFlags VS_FF_PRIVATEBUILD
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language English - United States
CompanyName Sysinternals - www.sysinternals.com
FileDescription Sysinternals Process Explorer
FileVersion (#2) 16.21
InternalName Process Explorer
LegalCopyright Copyright © 1998-2017 Mark Russinovich
LegalTrademarks Copyright (C) 1998-2017 Mark Russinovich
OriginalFilename Procexp.exe
ProductName Process Explorer
ProductVersion (#2) 16.21
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2017-Apr-30 23:30:45
Version 0.0
SizeofData 91
AddressOfRawData 0xde4d8
PointerToRawData 0xdd0d8
Referenced File C:\Builds\13810\Tools\procexp_master\bin\Win32\Release\procexp.pdb

TLS Callbacks

Load Configuration

Size 0x48
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x4f1560
SEHandlerTable 0x4df670
SEHandlerCount 206

RICH Header

XOR Key 0x392161d7
Unmarked objects 0
199 (41118) 1
ASM objects (VS2013 build 21005) 30
C++ objects (VS2013 build 21005) 78
C objects (VS2013 build 21005) 223
C++ objects (20806) 7
C objects (VS2008 SP1 build 30729) 10
C++ objects (VS2008 SP1 build 30729) 1
Imports (VS2008 SP1 build 30729) 37
Total imports 550
C objects (VS2013 UPD4 build 31101) 2
C++ objects (VS2013 UPD4 build 31101) 64
Resource objects (VS2013 build 21005) 1
Linker (VS2013 UPD4 build 31101) 1

Errors

<-- -->