Manalyze report for 6758232f334572c80e7efc7c20b3edd9df5541af9ed25c6ab0de5f09bdecee82

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Jun-01 05:00:00
Detected languages	English - United States
TLS Callbacks	6 callback(s) detected.
Debug artifacts	nw.exe.pdb
CompanyName	The NW.js Community
FileDescription	nwjs
FileVersion	`0.100.1`
InternalName	nw_exe
LegalCopyright	Copyright @LASTCHANGE_YEAR@, The NW.js community and The Chromium Authors. All rights reserved.
OriginalFilename	nw.exe
ProductName	nwjs
ProductVersion	`0.100.1`
CompanyShortName	nwjs.io
ProductShortName	nwjs
LastChange	0000000000000000000000000000000000000000-0000000000000000000000000000000000000000

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: rundll32.exe` `Contains domain names: blink.net chromium.org crashpad.chromium.org https://crashpad.chromium.org https://crashpad.chromium.org/ https://crashpad.chromium.org/bug/new openssl.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512`
Suspicious	The PE is possibly packed.	`Unusual section name found: .fptable` `Unusual section name found: CPADinfo` `Unusual section name found: malloc_h` `Unusual section name found: prot`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA LoadLibraryExA LoadLibraryExW LoadLibraryW` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Code injection capabilities: CreateRemoteThread OpenProcess VirtualAlloc VirtualAllocEx WriteProcessMemory` `Code injection capabilities (mapping injection): CreateFileMappingW CreateRemoteThread MapViewOfFile` `Can access the registry: RegCloseKey RegOpenKeyExW RegQueryValueExA RegQueryValueExW` `Possibly launches other programs: CreateProcessW CreateProcessAsUserW` `Can create temporary files: CreateFileW GetTempPathW` `Memory manipulation functions often used by packers: VirtualAlloc VirtualAllocEx VirtualProtect VirtualProtectEx` `Functions related to the privilege level: AdjustTokenPrivileges CheckTokenMembership DuplicateTokenEx OpenProcessToken` `Enumerates local disk drives: GetDriveTypeW` `Manipulates other processes: OpenProcess ReadProcessMemory WriteProcessMemory` `Changes object ACLs: SetNamedSecurityInfoW SetSecurityInfo`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`e141ab83873bf7003292c5d8487a186d`
SHA1	`9ae970f5abb6b08fa62a113e968620484ccae2d1`
SHA256	`6758232f334572c80e7efc7c20b3edd9df5541af9ed25c6ab0de5f09bdecee82`
SHA3	`08ddec3ea3cc50af9d35695e83b150a790998c2a915fdd3329cd0bc26cacdaaf`
SSDeep	`49152:sXFKosxaRu8nyfr2evSvzI3osIQfe19hiof12hw:doI4FSh`
Imports Hash	`efabded3564040cae9eb37be59f90ebb`

DOS Header

e_magic	`MZ`
e_cblp	`0x78`
e_cp	`0x1`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0`
e_ss	`0`
e_sp	`0`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x78`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`12`
TimeDateStamp	2025-Jun-01 05:00:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x1ec400`
SizeOfInitializedData	`0x9be00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000001B7CF0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`A.0`
ImageVersion	`0.0`
SubsystemVersion	`A.0`
Win32VersionValue	`0`
SizeOfImage	`0x299000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x800000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`70b277dde7e61dbd36151e5712b81c86`
SHA1	`a51942851365a77fddb308a715275a09acc0221d`
SHA256	`5ed096e804fe859c38152c537e22ec7b558d7fc61ae78f8cd12b4418762dad49`
SHA3	`bd47a3b316fb4c141190e0edd325fcc1935488ef210eb1bcd36ac85cdd8f9665`
VirtualSize	`0x1ec27f`
VirtualAddress	`0x1000`
SizeOfRawData	`0x1ec400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.51661`

.rdata

MD5	`414eeaa15cda68e2f8862e2285e22fea`
SHA1	`2f02ebcf4ecf1a74057194597848bfa9edb6aa92`
SHA256	`19bb0c5b44c55e742149ecd0a8b16db147abddd3a25e688765c92b05e4afd1cf`
SHA3	`9f34f0141767e0024e8941b1458cbde1278fbc08aafdb75bc7b4f1028ebb5b27`
VirtualSize	`0x4fc7c`
VirtualAddress	`0x1ee000`
SizeOfRawData	`0x4fe00`
PointerToRawData	`0x1ec800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.69176`

.data

MD5	`48384c3505824d2bd84cb44c2cfd7fb9`
SHA1	`6dbffeffa0b3b95f8993a29c58a41d1563df9918`
SHA256	`d0c1a53e2f788bd3e2235ab92a98b6dcee96ed7f390e48f20649fac0dee1326b`
SHA3	`a7abc8f20be1cdf951629e3d9a59d41b873f0ff73afad74f42ab52ed2bd1f602`
VirtualSize	`0xbec0`
VirtualAddress	`0x23e000`
SizeOfRawData	`0x3e00`
PointerToRawData	`0x23c600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.3603`

.pdata

MD5	`a1e1ff18a84cc5293e53c80ffa8fa203`
SHA1	`83cbc66d6917636bd5e4bf0281f3de3dc28b1da6`
SHA256	`e253f6116fa5b928fb19d96c0580b594d52f993e2b520e42dba8501f1d8e1122`
SHA3	`8b48c59caebbeef16a2948dfcb6143f4bc5fa9e23876f041a813c42917b21785`
VirtualSize	`0xfbb8`
VirtualAddress	`0x24a000`
SizeOfRawData	`0xfc00`
PointerToRawData	`0x240400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.06092`

.fptable

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x100`
VirtualAddress	`0x25a000`
SizeOfRawData	`0x200`
PointerToRawData	`0x250000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.tls

MD5	`5369577c7f5e65a0107ea10883039e3e`
SHA1	`5bdef96f33e03d1b5279d305b7f9d8b9b818d04e`
SHA256	`61a9b367378754422221c82ad20509699941b84274a6111d8e7456c1f2a9fec1`
SHA3	`f993fc6fee5d34fb54fa0ac3860b10b49328467d06db77972fdc60c0953c35de`
VirtualSize	`0x2a1`
VirtualAddress	`0x25b000`
SizeOfRawData	`0x400`
PointerToRawData	`0x250200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.225615`

CPADinfo

MD5	`60d3ea61d541c9be2e845d2787fb9574`
SHA1	`a314e912df98dd680cdb9679390177a970ee9ac8`
SHA256	`911d1a12eca8935990172cfcd6768f9c6351ed94b700833b2cf0cf457a1d752d`
SHA3	`44f366ded1e40e29d2543686d5e4f2fc6daf379b056e4f94af32c16e9f6b2205`
VirtualSize	`0x38`
VirtualAddress	`0x25c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x250600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.122276`

_RDATA

MD5	`945c6244ee8843ea841fcd1c50418c48`
SHA1	`9a8e0f83d2a8eb786f66fa87014117b733dd1506`
SHA256	`2d308f8ee2376542e75ec1d13ad5721bd16e51ef5f3db66f168951ff726223e1`
SHA3	`3e990da5230edd36b4868753a082a827efe7eb419898eb77b77384768b57f20b`
VirtualSize	`0x1f4`
VirtualAddress	`0x25d000`
SizeOfRawData	`0x200`
PointerToRawData	`0x250800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.17556`

malloc_h

MD5	`2724a504179c0a69fe860864042a954e`
SHA1	`47acfd9a206668d445913ea26eebbebe312d14ed`
SHA256	`df0bc17996082d0b2c1e917be01bca21b94185f3345d25ec0ed9ed149ee50fb8`
SHA3	`643b0b888ec9c8fb2e26656eeba1d52ae1c7176c0cde8f50fdae52200cc6f4cf`
VirtualSize	`0x130`
VirtualAddress	`0x25e000`
SizeOfRawData	`0x200`
PointerToRawData	`0x250a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`4.4647`

prot

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x74`
VirtualAddress	`0x25f000`
SizeOfRawData	`0x200`
PointerToRawData	`0x250c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0`

.rsrc

MD5	`8cf553a5c4076165bc0b7fe4067e205b`
SHA1	`2dc19718c0beafa3c253312db408cf9ea39ec27a`
SHA256	`be8f3f428e39f5dcf0e8477edff721f78adca94967c0e0a9fb6631dc9a3f1345`
SHA3	`cd21a5954b32594a1c5aae5aae3a5bf6e24f7b44b3a3f19c9a9a9a254d63a2d8`
VirtualSize	`0x355e4`
VirtualAddress	`0x260000`
SizeOfRawData	`0x35600`
PointerToRawData	`0x250e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.58764`

.reloc

MD5	`3059734347a87e5bfdbb6e02cfac829d`
SHA1	`4b66c522df55f56ae0c9ac47e82b43839a6e5c72`
SHA256	`a8087326093b69eb089f9a4b9af076f7694ec48f1e9f5dd1d7e98de2873e85f8`
SHA3	`77f8828452fefa908b6c74ab79f61cff040cbf3d938a6149eee388640198e918`
VirtualSize	`0x23a0`
VirtualAddress	`0x296000`
SizeOfRawData	`0x2400`
PointerToRawData	`0x286400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.43211`

Imports

nw_elf.dll	`GetInstallDetailsPayload` `IsBrowserProcess` `IsExtensionPointDisableSet` `SignalChromeElf`
KERNEL32.dll	`AcquireSRWLockExclusive` `AddVectoredExceptionHandler` `CloseHandle` `CompareStringW` `ConnectNamedPipe` `CreateDirectoryW` `CreateEventW` `CreateFileMappingW` `CreateFileW` `CreateIoCompletionPort` `CreateJobObjectW` `CreateMutexA` `CreateMutexW` `CreateNamedPipeW` `CreateProcessW` `CreateRemoteThread` `CreateSemaphoreW` `CreateThread` `DebugBreak` `DeleteCriticalSection` `DeleteFileW` `DeleteProcThreadAttributeList` `DisconnectNamedPipe` `DuplicateHandle` `EncodePointer` `EnterCriticalSection` `EnumSystemLocalesEx` `EnumSystemLocalesW` `ExitProcess` `ExpandEnvironmentStringsW` `FileTimeToSystemTime` `FindClose` `FindFirstFileExW` `FindNextFileW` `FlsAlloc` `FlsFree` `FlsGetValue` `FlsSetValue` `FlushFileBuffers` `FlushViewOfFile` `FormatMessageA` `FormatMessageW` `FreeEnvironmentStringsW` `FreeLibrary` `GetACP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `GetConsoleMode` `GetConsoleOutputCP` `GetCurrentDirectoryW` `GetCurrentProcess` `GetCurrentProcessId` `GetCurrentProcessorNumber` `GetCurrentThread` `GetCurrentThreadId` `GetDateFormatW` `GetDriveTypeW` `GetEnvironmentStringsW` `GetEnvironmentVariableW` `GetExitCodeProcess` `GetFileAttributesW` `GetFileInformationByHandle` `GetFileInformationByHandleEx` `GetFileSizeEx` `GetFileTime` `GetFileType` `GetFullPathNameW` `GetLastError` `GetLocalTime` `GetLocaleInfoW` `GetLogicalProcessorInformation` `GetLongPathNameW` `GetModuleFileNameW` `GetModuleHandleA` `GetModuleHandleExW` `GetModuleHandleW` `GetNativeSystemInfo` `GetOEMCP` `GetProcAddress` `GetProcessHandleCount` `GetProcessHeap` `GetProcessHeaps` `GetProcessId` `GetProcessMitigationPolicy` `GetProcessTimes` `GetProductInfo` `GetQueuedCompletionStatus` `GetStartupInfoW` `GetStdHandle` `GetStringTypeW` `GetSystemDefaultLCID` `GetSystemDirectoryW` `GetSystemInfo` `GetSystemTimeAsFileTime` `GetTempPathW` `GetThreadContext` `GetThreadId` `GetThreadLocale` `GetThreadPriority` `GetTickCount` `GetTimeFormatW` `GetTimeZoneInformation` `GetUserDefaultLCID` `GetUserDefaultLangID` `GetUserDefaultLocaleName` `GetVersionExW` `GetWindowsDirectoryW` `GlobalMemoryStatusEx` `HeapAlloc` `HeapDestroy` `HeapFree` `HeapQueryInformation` `HeapReAlloc` `HeapSetInformation` `HeapSize` `InitOnceExecuteOnce` `InitializeConditionVariable` `InitializeCriticalSection` `InitializeCriticalSectionAndSpinCount` `InitializeCriticalSectionEx` `InitializeProcThreadAttributeList` `InitializeSListHead` `InitializeSRWLock` `IsDebuggerPresent` `IsProcessorFeaturePresent` `IsValidCodePage` `IsValidLocale` `IsWow64Process` `K32EnumProcessModules` `K32GetModuleFileNameExA` `K32GetModuleInformation` `K32GetPerformanceInfo` `K32GetProcessMemoryInfo` `LCMapStringW` `LeaveCriticalSection` `LoadLibraryA` `LoadLibraryExA` `LoadLibraryExW` `LoadLibraryW` `LocalAlloc` `LocalFree` `LockFileEx` `MapViewOfFile` `MoveFileW` `MultiByteToWideChar` `OpenProcess` `OutputDebugStringA` `PeekNamedPipe` `PostQueuedCompletionStatus` `PrefetchVirtualMemory` `QueryInformationJobObject` `QueryPerformanceCounter` `QueryPerformanceFrequency` `QueryThreadCycleTime` `RaiseException` `ReadConsoleW` `ReadFile` `ReadProcessMemory` `RegisterWaitForSingleObject` `ReleaseMutex` `ReleaseSRWLockExclusive` `ReleaseSemaphore` `RemoveDirectoryW` `RemoveVectoredExceptionHandler` `ReplaceFileW` `ResetEvent` `ResumeThread` `RtlCaptureContext` `RtlCaptureStackBackTrace` `RtlLookupFunctionEntry` `RtlPcToFileHeader` `RtlUnwind` `RtlUnwindEx` `RtlVirtualUnwind` `SetConsoleCtrlHandler` `SetCurrentDirectoryW` `SetDefaultDllDirectories` `SetEndOfFile` `SetEnvironmentVariableW` `SetEvent` `SetFileAttributesW` `SetFilePointerEx` `SetHandleInformation` `SetInformationJobObject` `SetLastError` `SetNamedPipeHandleState` `SetProcessMitigationPolicy` `SetProcessShutdownParameters` `SetStdHandle` `SetThreadAffinityMask` `SetThreadInformation` `SetThreadPriority` `SetUnhandledExceptionFilter` `Sleep` `SleepConditionVariableSRW` `SleepEx` `SuspendThread` `SwitchToThread` `SystemTimeToTzSpecificLocalTime` `TerminateJobObject` `TerminateProcess` `TlsAlloc` `TlsFree` `TlsGetValue` `TlsSetValue` `TransactNamedPipe` `TryAcquireSRWLockExclusive` `UnhandledExceptionFilter` `UnlockFileEx` `UnmapViewOfFile` `UnregisterWaitEx` `UpdateProcThreadAttribute` `VerSetConditionMask` `VerifyVersionInfoW` `VirtualAlloc` `VirtualAllocEx` `VirtualFree` `VirtualFreeEx` `VirtualProtect` `VirtualProtectEx` `VirtualQuery` `VirtualQueryEx` `WaitForMultipleObjects` `WaitForSingleObject` `WaitForSingleObjectEx` `WaitNamedPipeW` `WakeAllConditionVariable` `WakeConditionVariable` `WideCharToMultiByte` `Wow64GetThreadContext` `WriteConsoleW` `WriteFile` `WriteProcessMemory` `lstrlenA` `lstrlenW`
VERSION.dll	`GetFileVersionInfoSizeW` `GetFileVersionInfoW` `VerQueryValueW`
ntdll.dll	`NtWriteFile` `RtlInitUnicodeString` `RtlNtStatusToDosError`
ADVAPI32.dll (delay-loaded)	`AccessCheck` `AddMandatoryAce` `AdjustTokenPrivileges` `BuildExplicitAccessWithNameW` `BuildSecurityDescriptorW` `BuildTrusteeWithSidW` `CheckTokenMembership` `ConvertSidToStringSidW` `ConvertStringSecurityDescriptorToSecurityDescriptorW` `ConvertStringSidToSidW` `CreateProcessAsUserW` `CreateRestrictedToken` `DuplicateTokenEx` `EqualSid` `FreeSid` `GetAce` `GetLengthSid` `GetNamedSecurityInfoW` `GetSecurityDescriptorControl` `GetSecurityDescriptorDacl` `GetSecurityDescriptorGroup` `GetSecurityDescriptorOwner` `GetSecurityDescriptorSacl` `GetSecurityInfo` `GetTokenInformation` `ImpersonateNamedPipeClient` `InitializeAcl` `IsValidAcl` `IsValidSecurityDescriptor` `IsValidSid` `LookupPrivilegeValueW` `MapGenericMask` `OpenProcessToken` `OpenThreadToken` `RegCloseKey` `RegDisablePredefinedCache` `RegOpenKeyExW` `RegQueryValueExA` `RegQueryValueExW` `RevertToSelf` `SetEntriesInAclW` `SetNamedSecurityInfoW` `SetSecurityInfo` `SetThreadToken` `SetTokenInformation`

Delayed Imports

Attributes	`0x1`
Name	`ADVAPI32.dll`
ModuleHandle	`0x241960`
DelayImportAddressTable	`0x2419b8`
DelayImportNameTable	`0x22f4c0`
BoundDelayImportTable	`0`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

GetHandleVerifier

Ordinal	`1`
Address	`0x83ff0`

GetPakFileHashes

Ordinal	`2`
Address	`0x1000`

IsSandboxedProcess

Ordinal	`3`
Address	`0x833a0`

1

Type	`GOOGLEUPDATEAPPLICATIONCOMMANDS`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.811278`
MD5	`4352d88a78aa39750bf70cd6f27bcaa5`
SHA1	`3c585604e87f855973731fea83e21fab9392d2fc`
SHA256	`67abdd721024f0ff4e0b3f4c2fc13bc5bad42d0b7851d456d88d203d15aaa450`
SHA3	`295cd1698c6ac5bd804a09e50f19f8549475e52db1c6ebd441ed0c7b256e1ddf`

IDENTITY

Type	`LIMITEDACCESSFEATURE`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03074`
MD5	`fee507693b0546738a56eeeface1614f`
SHA1	`fc785e2170b66cd28cbc484e5554e233468a736b`
SHA256	`bf4b0b9a07445ea976f3040ec73942c7d5d9f60a4103a503970d8141e01a73a6`
SHA3	`2d3a36af10be905ca5577d3f60e94199443b24cda55a7f6e0fb1c3eaf3cdba27`

1 (#2)

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.72812`
MD5	`d4ff4e9e724f25f5265a3b0cd07d03d4`
SHA1	`9777e4e59ce089e4c8727910586b325f1cbfe12d`
SHA256	`8c5a126b0e59e2927158fe5008c375aeef5396adb797c682e07578d13c283a3f`
SHA3	`c75e4c8d4280cd1e4d3a7d59a7d7993be648ff029d47900a843807031484d03d`

2

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.05033`
MD5	`717434e636786d3d0fb3f571f6109660`
SHA1	`2ed8ddea1a94e39f624dd752c1843648e5ad2aa6`
SHA256	`06db3222f267c74b72573a349de6a24bcfbb4bba9656d3dd6b50f4f64326e156`
SHA3	`11bf1f65e167fb701bcd216f1c0dfafb324c6d5c883989c59fcfcd08d93072a3`

3

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.80214`
MD5	`97f6acbd9fba8933adafe9cef8193ff7`
SHA1	`3fcce71b59dd9806e573170748858cc02c00c260`
SHA256	`91baaad720c63aaff01b902deda14e2c8b355c31159b71c481dc6fb67bcbb4cf`
SHA3	`d5b9de20cb7ea1c27b6a8500de4b0e2b8b436804b1d70a4ddbd8d77ce60ef340`

4

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.63098`
MD5	`14a8d213994c484121f0f0d63746601d`
SHA1	`3ad42569021b69060eb157875531fa0310b48e86`
SHA256	`2d2aea139c8f41675322a459ce75295ac168eb0e925ed5a75c0981b3693069aa`
SHA3	`e684a3170b7471ffd03ac8607f9d5d56a3892db7d3d21bc5d4ab9383fbebcb92`

5

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.55212`
MD5	`04a6442470e12c4f6931ecd090862ef9`
SHA1	`11704afd9e26ca32f68ede4e0c043405722ffba3`
SHA256	`a4319fd1d9a81d7a6dc9ef1818d85dc68ded85342754d2f5768e01d0edf46780`
SHA3	`37952f4114576bfe8616ef61541c8f81eddef30236d455ce5f74a30d98a8539f`

6

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xcac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.29146`
MD5	`db2dc0ce6ad8b8cdc5be830bf79a761b`
SHA1	`c9345712f79eed69677a5f165d115624da3de4cf`
SHA256	`ff8ccb25e747ead631922be99ebc2004a97295b0b606f40e83f15c2dc2bbbc81`
SHA3	`c0f08c34bfb83c0aebe052470d5b51b2367a2bb61bb911259c200931f6b0d42b`

7

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.17845`
MD5	`35fffe5c3ef617079a0237e67ada2472`
SHA1	`70900b1268464c03c8c5f7192456b7e6efceb1da`
SHA256	`860a680c92db087b12dd6bf2ef581979c08ac13ed9657403dab974f387420555`
SHA3	`dd8b7568bca263f759c9dffa79fc19cf647abcbfdc473b14d2ac11a86fd45e70`

8

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xcac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.995644`
MD5	`1b905e5ca2a21da398c9c73124428505`
SHA1	`6f922d03bc5d6ec61789deb9731141893edf55a0`
SHA256	`5edad8d3d744070cb51e4dfdb02053a15101c8c954f952e4dfe57a4d7659e5b2`
SHA3	`f07b653197b1cf5483179f834c56415c8e7f11f3e59af3a35753df6cd0a94520`

9

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.666526`
MD5	`75bec5efc67babcf530d51321d95ed7e`
SHA1	`38eb531d42adfab051bc81ef0590d60a21d77498`
SHA256	`3bd84b82f6e6a2cb156d881bdc1f29567d5712ad81d2da33b0ff9cd8a5a9981f`
SHA3	`665bc39673c1b61060b16e7572c6520c7d50080a166343540e56f4dd9e233502`

10

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.84104`
MD5	`acd42b137b48d1f19ee65a10fc90814e`
SHA1	`d1f9068dee688563ae870c437900709795cc6dbe`
SHA256	`d87015c12fb89d2c54c2b1ea0b5f0feaf50bba50cddcf546668c62316597bf2f`
SHA3	`eafa118068102c848c31a6c914e40e8de8a682f2c36091294cb30b518fc5e6e5`

11

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.82478`
MD5	`3a50f5b7c71bbdc5512fbc3873192dcf`
SHA1	`bcedef446ec1d6f465f15aef66474e7adab95a48`
SHA256	`c7988ba08e9df9a1eee74d2ed9ecda968a384dd1ac105125b95dee98cc663c19`
SHA3	`6f3a01136cfd17eae5a4d0d5c60b8652742debf4ef5c0874d40fe007b4ed3432`

12

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.82478`
MD5	`68e0f3426f82d799afe0f96427beec21`
SHA1	`4ea992afa212b04e07fea303ecb328ff54e061cc`
SHA256	`744c1f78a1a9d3ec04ad6358c2bdbd89b8a1cfa9d850c1ee4ecfa4b3f256ff26`
SHA3	`745e989aef3ea85a98abbf63a7b4afe3fb525c099bc5dce78aa7f5af17b5f70e`

13

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.670417`
MD5	`6d9a8875e9bc6d3e9eae95b2b03257ce`
SHA1	`b7c15c9636773a47be134736c68bdd339922aeb9`
SHA256	`cbb310244272c36ea589f9257476e6c19b1eb6be0cd5193cd5901efd4d184c35`
SHA3	`744ffb0101cc0d94ee909ff8cdc163f79773c26af417370d25faffc4bc936155`

14

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.659108`
MD5	`fe9cc0eafbb8e74285bf641fb8e73244`
SHA1	`5ab52f22cb2de40638a657785c87df0ae3729fa7`
SHA256	`302d274cf49db7ebc8f97dd4320489781da8a44447cbb2a7346ccff84b1b944b`
SHA3	`2803d7cd35174ade40efc9c9f338db79b345777a589353be85b7c744e7a3a4fc`

15

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.65993`
MD5	`53fb50fe6ce1aa6722afa878db7289a8`
SHA1	`a31cf91b8df398a12b84c5fbd10494b2ff6b749d`
SHA256	`bc19a3937fe7fb79cf877d2bea8d1ab4ea30d1a05f4c60d42cf57142c81290e9`
SHA3	`6a4d76c847f3ef198074c93c4e25056a081fc8131151daa0473cd2a9394db239`

16

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.670417`
MD5	`12a2030014722c91cddfed04b83be533`
SHA1	`c462f3e4e6bc388726ba3d488506d366ea0c6999`
SHA256	`9534fac9229e10c53a85e5a6deb4224d12a7a3024b7ff9ccc1cb8717ffd7acaa`
SHA3	`11e87ce0be315125dcceaf8d8136b0ec09a3ed22b2fbc4724501aeaf38077e1c`

17

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.659108`
MD5	`94ea73b19eada640886c96389652ec8f`
SHA1	`aaaf2828cb9aed84f203efec44e302e5af20bafe`
SHA256	`faf155f58e17b8e1a98cc26aaa92597c62dc87ff98555cd708f6684eb8243d4c`
SHA3	`cb12ab171e7bf02f1c82573cf89cac99f83e304a66f3c4137bf54d4b742f4e7c`

18

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.65993`
MD5	`2dc824995511736d22408fb4dba702ba`
SHA1	`9aac0c12e6f517872128083df0f5b1105d6d8e7c`
SHA256	`f4bcc6750981e15e3fc8c751997156f4df9055cece8d16944e4dea2ce4bc911b`
SHA3	`56d609cc52f073b584c7138bb6349751b24e07fe66ba60fb56ea997b8bb1f078`

19

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.799151`
MD5	`6505e57c301902618e8f1d070667db1a`
SHA1	`c8a96d9801db8e9550741da0e8f4a55655253281`
SHA256	`787dc2d9d3f4034a91bd222034d01eafb01e1053ac3579a0fd033f141dcccb69`
SHA3	`92104dc773f9195f1795235be40b81774a87b52603a7e3089d48780829cf7bae`

20

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.65872`
MD5	`ea82e850caed8b7eda4b753fb9d8c03a`
SHA1	`699e1bb7f568456fcc41c9ed9ecc9089d640d6a1`
SHA256	`236462dd2d629d67ff18c41f41cfa739549aff2933f7df2bd51630790b4d424e`
SHA3	`7cc9d637e593f742566b68ce8dd23201f2097429a4f48d55993f87da0d726754`

21

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.46615`
MD5	`ff49a9a5c7e188634136611a03c441ed`
SHA1	`756344327134a9f9c1404185baaad435bf0a53fc`
SHA256	`3eba69eaec7cef56d2c964dee1f9c0226a365b3ae869a402690d548c82c16ba3`
SHA3	`a5bebb0afb2d86976c02d4f2befc5fa28d496be24ad98a8611055f9d67683c27`

22

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.08719`
MD5	`b490b06239b76334192a94969717671b`
SHA1	`3f19007fbd45bebdd6fe4235fb95517bf67911c1`
SHA256	`2a53b434f3ab8d37381a5461163027d2a256f0bda3ea8f65795ed6d2c66b4e30`
SHA3	`5217b671e39ef4e252e5fa4e6b4f1a05d89627e53702a0842d0c9504b7aa3ee6`

23

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.07143`
MD5	`aac863f48e2b416af0febc82cd648345`
SHA1	`f4bec546c4c140e4436ca28d82148997a56f1ac0`
SHA256	`5b4c85e7d881d8c74760c07f9e4fe3d7427a72bed0e379aed6a78f7cbeca3199`
SHA3	`3c0698cb59f54d170bb85287b6fc265cf78e0a7a8b2502718f0c7899fdc95685`

1 (#3)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xd8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.5822`
Detected Filetype	PNG graphic file
MD5	`ac36d205e221873e903561f80990430e`
SHA1	`96c39b8829837edb9142794f7e06f0f93e5a76a6`
SHA256	`5bd2f3073668e2590c682481c1181a7fda52975924dce5d9cb068dd68464480c`
SHA3	`fe43e280697aec23cd9c68ff10b83ef10e1602ab91041f245c6c3aa665c9bfa8`

2 (#2)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x129`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.88491`
Detected Filetype	PNG graphic file
MD5	`051c9bfab466a9a543279a708225a297`
SHA1	`290dead10669252b3086f8c3bde15e23d3e91d56`
SHA256	`ab17163e8e31b9d3c7a4ead71cbf452c600519edfeabb53e777dd5b07b3d5251`
SHA3	`c36be1b51add9d96889ca2ca157dc946325bab199f0dcbe48d2b261271e64430`

3 (#2)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x216`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.35781`
Detected Filetype	PNG graphic file
MD5	`d618c99025a2e9c88f158663e40e2690`
SHA1	`5f5c0556468fa1734646e7f45b81486e17dd372e`
SHA256	`c6ac8447b4fb76dc9ce87f9de28e92924d8efd3a793a190f55bfac4024adf548`
SHA3	`7c16b9be7058d9a8736fba51a3027b5fbecc22fad1ca5899e25ace21e7354c95`

4 (#2)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x496`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.43482`
Detected Filetype	PNG graphic file
MD5	`2aa88332bc814592f02dcfc29e1910d9`
SHA1	`d46dd4430f61a1a02a007264374d3dcb55f3f1dd`
SHA256	`1e69b4dc9e1a826d72e9edce7851a6b6144a2a22e1f7fd6b43415759d4e9f662`
SHA3	`82dac0a4e968116fd8a4ed50fdf5dd469c2eb0796c22b5a8379c35c7450ce596`

5 (#2)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xc1d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.18173`
Detected Filetype	PNG graphic file
MD5	`975d11881a9709db072b4b12feb53f7c`
SHA1	`70686b1219b3966687496c84eac437b4e45524ed`
SHA256	`d2e4bc4004595ae3623d95ffec3d4e1c731240dd9bce0688dfceb487e77f0bb4`
SHA3	`c461712d447be972a943d52c2f606021f763d0bab6b297a1d69329ae8201fef4`

6 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32779`
MD5	`d790cb9b9086f45ea53fec385891355d`
SHA1	`20e3548d16dbba68b8f322a1c4f7086e38110d10`
SHA256	`18621604c0b5f4229416994b569e2afda775a608e1759d5ba7082a31458e1169`
SHA3	`b14e2bb5e8953ae807c2ec3b726942eb2ead7890772fdf6a410a8c9a71e81915`

7 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.21995`
MD5	`7ab8c3240114b0f7ebc42c5c489060f6`
SHA1	`0de249b988a94d3374bbf9eb3585f00ace2e5499`
SHA256	`f5feb3ba96da36d90fb879e6f1af274a1c5f6fd4ba68332b1c25d97c6508d062`
SHA3	`def1c08500690c2ea7b272685c0a594f8ca5bf9865055bfb9c488d12a6955dfe`

8 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.65783`
MD5	`d720ab3b897affd8516a5c73e9020b19`
SHA1	`36e5ac25f4b4f4b869d109c0072da7f6f1fd03c2`
SHA256	`f269848277f345c8fc62634f14c012bc8ee1afa4887e8819228e99c6915bbdf3`
SHA3	`c946f83fcb2547d27caf0a1adff84c375349fd416f64281d3fb2653a224affa0`

9 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70621`
MD5	`7a8fd82c16489f1ed6e5cdc5dc38c815`
SHA1	`595b39dc0c92b6e3943ea918a213cec58503daf4`
SHA256	`9260d8b6f0fd7fc00e9a960db1b1283180efd59049be2c8867a4e660b1ff0123`
SHA3	`2eec2ac06df13fa72c5317fe2f7e049cddea95363b53620674c73c866a7f8d52`

10 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1234`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.90997`
MD5	`11921cfff61b5877c53bb37c86b6d09c`
SHA1	`3800127e39a03ea9b2a9f79538d40227ef4d0c89`
SHA256	`c714566bd8b7f0be360e68950a5615a2fb365d53b14ea7c2812f23c458497799`
SHA3	`0e2df531413bcc400f2f42179d34b093d3229754f3ee9d7c982faacd2f766e18`

11 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.72497`
MD5	`0e559d7f5897727c98dfdd1e6c3631e7`
SHA1	`fcd9803592250e14d186e9c8fd0f094e7debfdf0`
SHA256	`6e6dd7cc3df380721e4678fb1825b982df22a4dc058091634e733c33f3543b1f`
SHA3	`54cc4d475eb6e3066dda379e7ce197dad0d994522cc58d68673a5707d4aa46cf`

12 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x184b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.91162`
Detected Filetype	PNG graphic file
MD5	`e3e595605f7ba7a83a424e5698b342b4`
SHA1	`b7cf89a883818649ffeab77f323b07808b1b717e`
SHA256	`05de73b49e62f848770d877a92a4a920e2ef6812538b84ab3a3255ee89bf3666`
SHA3	`0a0834c7fc8c9270e4ef414eb9095219a154fefc631b38f811eb7639a46a3aec`

13 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16758`
MD5	`e3ef6c429eb5f9ad3b5b6157649357a9`
SHA1	`dea84f3bcf21fd240409b3c37b7c735187e37b8b`
SHA256	`40c246379eab917bd7db6383143113ae30ea291638b417c373563a3020932b21`
SHA3	`1f2bc790a682901115c14931548451154fdcc1ead3db65ee17c86ab846883e51`

14 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3439`
MD5	`1c75923afa52b8b821a91e1a93047fb3`
SHA1	`eea53acb157f13ed250552973b3b6df26ce08abf`
SHA256	`dcd1fd9f727b98ac32f898e1b7295511cff546626d4bf77d5f5d7eef18215777`
SHA3	`8a9f3bc5d1ceb2df837583dfc99e41d12fa6d5dbfdf868b664e15f3f3d924481`

15 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.67037`
MD5	`471e1322c6b73efdd4d2af85e113879e`
SHA1	`b62dba49d1fb23ac98fb4f79a595825ef989391f`
SHA256	`513a8bacfbbeed27c32198f8aaeabec8c2f5d01a246482ea5b21346a004c4653`
SHA3	`16c0b7d52da87a8349ac32ddbbd8daacd4efafa23d7e7dd89dc9cb384887429f`

16 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.57969`
MD5	`880e6bf1fa7d8c3cb0de94c0f297a674`
SHA1	`eb81c28cda97bba23b63efce39349589dbb6ecd6`
SHA256	`89f9844a73b620b46a9102569f1a2244ca5af6fe528ffb13e5658565f652b77a`
SHA3	`43728b80c98f7cdd527cb520781a3a54aabc2827b388244a26301983e23d5235`

17 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.95126`
MD5	`995f327e043ec7becf5b4b5b06a80af1`
SHA1	`06054dccdacc69417992fdf27732b5222521abba`
SHA256	`19db737d57a8977454e8b3f1322b9e446f9a1d7c926e7ea2d8f81963bff8bfe5`
SHA3	`6c49af59b14944edda8c6e00248723a298f459d0c6228d26afe13e7b12fbe148`

18 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.1991`
MD5	`3c090b7925b0b1ff85a5bb6d59d00302`
SHA1	`bc072e63b5a70b0c2e05034a22cdec755f16fd35`
SHA256	`c584db8605be07e8ad5687946cd59dfac7184f234e234a6f5ef880b928e69638`
SHA3	`980d26de113ffeaf3f755a5883dcaa24f4a89dbc2b77b43938dc3213657c5886`

19 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x87de`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97899`
Detected Filetype	PNG graphic file
MD5	`c383459e792d4344e0bd17837304b010`
SHA1	`b253c676ee4b7e929a114cedc43d1f9983dd0b2e`
SHA256	`525c4d2c627af547cd3f7715c36bd39d730dc5ef5c55197d9ff28aae68ed2dac`
SHA3	`a42a65fe9e6201028af0ab4f71589a6838a763ba97175efde928e4fcf543328f`

20 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16758`
MD5	`e3ef6c429eb5f9ad3b5b6157649357a9`
SHA1	`dea84f3bcf21fd240409b3c37b7c735187e37b8b`
SHA256	`40c246379eab917bd7db6383143113ae30ea291638b417c373563a3020932b21`
SHA3	`1f2bc790a682901115c14931548451154fdcc1ead3db65ee17c86ab846883e51`

21 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3439`
MD5	`1c75923afa52b8b821a91e1a93047fb3`
SHA1	`eea53acb157f13ed250552973b3b6df26ce08abf`
SHA256	`dcd1fd9f727b98ac32f898e1b7295511cff546626d4bf77d5f5d7eef18215777`
SHA3	`8a9f3bc5d1ceb2df837583dfc99e41d12fa6d5dbfdf868b664e15f3f3d924481`

22 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.67037`
MD5	`471e1322c6b73efdd4d2af85e113879e`
SHA1	`b62dba49d1fb23ac98fb4f79a595825ef989391f`
SHA256	`513a8bacfbbeed27c32198f8aaeabec8c2f5d01a246482ea5b21346a004c4653`
SHA3	`16c0b7d52da87a8349ac32ddbbd8daacd4efafa23d7e7dd89dc9cb384887429f`

23 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.57969`
MD5	`880e6bf1fa7d8c3cb0de94c0f297a674`
SHA1	`eb81c28cda97bba23b63efce39349589dbb6ecd6`
SHA256	`89f9844a73b620b46a9102569f1a2244ca5af6fe528ffb13e5658565f652b77a`
SHA3	`43728b80c98f7cdd527cb520781a3a54aabc2827b388244a26301983e23d5235`

24

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.95126`
MD5	`995f327e043ec7becf5b4b5b06a80af1`
SHA1	`06054dccdacc69417992fdf27732b5222521abba`
SHA256	`19db737d57a8977454e8b3f1322b9e446f9a1d7c926e7ea2d8f81963bff8bfe5`
SHA3	`6c49af59b14944edda8c6e00248723a298f459d0c6228d26afe13e7b12fbe148`

25

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.1991`
MD5	`3c090b7925b0b1ff85a5bb6d59d00302`
SHA1	`bc072e63b5a70b0c2e05034a22cdec755f16fd35`
SHA256	`c584db8605be07e8ad5687946cd59dfac7184f234e234a6f5ef880b928e69638`
SHA3	`980d26de113ffeaf3f755a5883dcaa24f4a89dbc2b77b43938dc3213657c5886`

26

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x835d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97814`
Detected Filetype	PNG graphic file
MD5	`3863cd7704ebb65bed5e9515c7240dd5`
SHA1	`3b8096bdf97a01ffa93557c4e10a7df80a45b682`
SHA256	`c9e199278660ddd007eb165f4f6aa23676af01abc68db14a28fb1fd91b414b93`
SHA3	`c0b926304f8bfd2a584c154ec29c4135afd390f07c55d6533dc7d39a3a2ce190`

54580

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.83876`
Detected Filetype	Cursor file
MD5	`a2baa01ccdea3190e4998a54dbc202a4`
SHA1	`e8217df98038141ab4e449cb979b1c3bbea12da3`
SHA256	`c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710`
SHA3	`8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc`
Preview

54581

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Cursor file
MD5	`aff0f5e372bd49ceb9f615b9a04c97df`
SHA1	`e3205724d7ee695f027ab5ea8d8e1a453aaad0dd`
SHA256	`b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c`
SHA3	`9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712`
Preview

54582

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`48e064acaba0088aa097b52394887587`
SHA1	`310b283d52aa218e77c0c08db694c970378b481d`
SHA256	`43f40dd5140804309a4c901ec3c85b54481316e67a6fe18beb9d5c0ce3a42c3a`
SHA3	`38753084b0ada40269914e80dbacf7656dc94764048bd5dff649b08b700f3ed5`
Preview

54583

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`1ae28d964ba1a2b1b73cd813a32d4b40`
SHA1	`8883cd93b8ef7c15928177de37711f95f9e4cd22`
SHA256	`ff47a48c11c234903a7d625cb8b62101909f735ad84266c98dd4834549452c39`
SHA3	`a85dadd416ce2d22aa291c0794c45766a0613b853c6e3b884a2b05fc791427b8`
Preview

54584

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.46809`
Detected Filetype	Cursor file
MD5	`d66ede131a0b66bc73b797f3ab01cae6`
SHA1	`049144cedcabc8443ba9b9d16c4a5f8fa6c2cbac`
SHA256	`f75e551324504a3c9caa453a4b0fd424884291acdb82f0549e7bb0b48ce01647`
SHA3	`bea99994e7901c76649ed73e68b2bf22bcf6c427b7665d2bbd09f70b80490229`
Preview

54585

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.46809`
Detected Filetype	Cursor file
MD5	`2933c67a462bd6238b86a9d44634158f`
SHA1	`7a818b5a1da0dbf5c9d3ec227eb5944a779f016a`
SHA256	`770a19a2be0c18daf7fb714c6f78e5fecde900b9fda29a6c4691c369253f6f0f`
SHA3	`3e59433bb9c9ef6b3f3dd6d6723238d79b0831e52aa016113d25b89e2085dac1`
Preview

54586

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`9edadd9eb5da2bb6aad56c666862c9c5`
SHA1	`3901ac1f5112ebee7a931141c73e76b60c984cf8`
SHA256	`7662c77c89bc776c64acfbc6ac7f22f56a631304205ac1a00d1d6c876ff1574d`
SHA3	`24753677cf5443d63f8406407477e81b9c98c7d2ee1ef92dca85d23fdd6e3e43`
Preview

54587

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`cc34525879592b62945fa5102955e7af`
SHA1	`1c1f341f0ff952d168ec070d95809224631c5f59`
SHA256	`c7f15e3e69f8bad21f5f9c9546b129828d66e90b38a8fe9cf33cf23846e62700`
SHA3	`1af1bcbf18cfdeb5e3d81c46ab15ef59bc0b1de5f5ff9dc32f491120f405f5c6`
Preview

54588

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`cb8d29dff5278e39030b2ad47022cf49`
SHA1	`a48b5853b494a9095f0899e23414db872433d366`
SHA256	`fd27224dee56e50f926e0c003d1bdb8c31db4d1f0a089280d0f55b79ff45c1e7`
SHA3	`3eca032eb883d63cd63778223e4ed5d3982bcbc58eed6534f0a70d84a7a624e5`
Preview

54589

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`874e41c97e9c38232490d3bea15ae8b3`
SHA1	`ae70b2c25c1566c2e13ac44e0057ef4f6daf8d91`
SHA256	`2c57fbd554735f2b8ff46f26b3d2d58a5a5e4152a02043e7fd6c552a43a3ceee`
SHA3	`b13a2c1efb8dad10ad85e8b4ce0067cbbea82053146cd5a81b0fecef2a15bf15`
Preview

54590

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`24d6779f223eda66e958315d638d0b62`
SHA1	`12525fd20006775a0366d61620ae851ae090dbfb`
SHA256	`1133ff27d25ac052e4a0570865c18ce0e07a3afbb89577bc52af61435a91b8cc`
SHA3	`feab5af24df559fd8b9b078058f0cd7af2d943e88736af167b57482cff6597bc`
Preview

54591

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`63e88d11b8e4a0868f5c2dcb5c944b1e`
SHA1	`19e86d2e68c188e8f8101e3c053bfa02ca714b97`
SHA256	`5907a1ab79be2dae328a84248db9750607aeb7b802af582f974a5ae59fb3c37c`
SHA3	`fe8a1640613ab39314806298ace08aae1c0f1d9f89c9aa23e7a270562db0dd0e`
Preview

54592

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`08ffff653a54f5518c6bbcbd1c4e82f4`
SHA1	`4a8832e7ebf39d3e0398d4332748b00d5964e6e0`
SHA256	`d19508d8742527d523aa3ef78e1091ce417bec079e9632181cdc8ff245c53ce9`
SHA3	`7650fb4c907b38dfe5785926961a8e754ad52af5bd6eef810c761e1cd02a1fb6`
Preview

54593

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.11924`
Detected Filetype	Cursor file
MD5	`384df7c4869187442684d2fb5292ac78`
SHA1	`ffa445392454d9a208a18fc2520b7ad60e5936df`
SHA256	`1dac0833fe30898ce2c1df2c70b09d62d51f8f765ae0ffd90b811067e875ae98`
SHA3	`1fbbe841170dac2994db17d7b74b60a56ffe6ab959f8e1bb6c5605c6bcf2c705`
Preview

54594

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`4e14da9e6db8978ffd0c5eb4b3e9e80a`
SHA1	`2a4d2df5f07e3a096a27db0f2297f46e7f8df507`
SHA256	`5fa51d73b8ea1316fb0c8f11c3740c6f755a8499a135e4e18ef6b823aad3ad70`
SHA3	`ea3bf238714cb012824de6f84f91faf385180340f7563976e327c4fef3750f5e`
Preview

54595

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`015d385990b99272d167c51c508f427e`
SHA1	`f4591544894c9e23e281d023fb2210a1274d1628`
SHA256	`7794cf070f4c99cd9ec27a43faa84daab8d19e765f0489c981a9ef28468a3899`
SHA3	`514c273141a62c18cd8fc7252db9af2dcfd0226ea3c3efe8ef3ed5ad3b16be99`
Preview

54596

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`9ee83aa87f2c8ba446b991fb305805f0`
SHA1	`c5b3271c02fd48848692cc701618ec1badc359e6`
SHA256	`4c9fe467bd0250366713a2a43f5162e5ec2e7cd566ea218f7a6545e0ad878184`
SHA3	`c5065128f9b38fcc3692787e5e4d29bcd359689a3fd3cda0bdc6e41ae32f4fd2`
Preview

54597

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`79bc23c45190436b2c51ff2941fa8720`
SHA1	`0a8234176fad8831709703a0a34337a08987a983`
SHA256	`b328fe22a904a2e7e1341a95dbf00e2fdffc9ab350bc64c5ee348d3007c2b479`
SHA3	`b897f30ec85dad865a74be84cd616e0066da486befd0983d87e2b6f5d66a6c6b`
Preview

54598

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`1e219dd609ce399df95ba7af59ef113f`
SHA1	`436a16dd20d5e3ec42342a4d005a664cd227f517`
SHA256	`8f51832638675f16ec5f251ab59251b3f85d84e5129025d44c45b3191b331c58`
SHA3	`9e44adcf523bb484f416a99197d947211027feae6b6665b457883e548218befd`
Preview

54599

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`690a20e696fc4e33ffb377a8ef54fb97`
SHA1	`972159605fa069921dbdee9b7a35879e6f1928a6`
SHA256	`6c2ef97bca5cdc6aa6de65b1f1ae8328bcb3494a16025eee870231d991e2cd56`
SHA3	`fd9d56519b5bf976a4ae748fe0c51dcd47ac27ce6a7c271fa2bbb3e00f473b22`
Preview

54600

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`459379b9418ad5b62b1bf409300acb32`
SHA1	`5363fc84172d6b624542a0b52edbbfe21e2443ae`
SHA256	`1085b7390dbd2b2006f85619521047c6ca58a8b274196eeed48e74ad8a1b746a`
SHA3	`2b8f3218d3da7e4ee463a712c6c3b8f5b58cc6799a84f5e582b6a40da38a2bfc`
Preview

MAINICON

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.10085`
Detected Filetype	Icon file
MD5	`111e0992c6000ed883dc04d7cba9e558`
SHA1	`3acbb227fed2c90468b4ec44d06f69f9e006ab1c`
SHA256	`604a9786079d7373f5ced51169c15d652ec04204b4006e9c137ff2b4abffea26`
SHA3	`1ad1b914212141edcf84afb2aa569b54b25e4e106be91b0dac3dfa89267f8431`

1 (#4)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x460`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.342`
MD5	`368a02ec42278f8cb36c220c6ea0caf5`
SHA1	`801773106013c849ac82ba59b506e35ace11ae09`
SHA256	`a65decbd9af1df1c4487752cbc220cd6eb71b4c87a47d60d11ae9598956238b7`
SHA3	`b6d2450d8516827e29af5945233d2b630df9fb08729ab0cb353331d9ab1e7aee`

1 (#5)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x3d2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.34927`
MD5	`c11d3315937534fcaa0d0942f10f306c`
SHA1	`02cec6f3942270158a7183db75f958d3a68e5ede`
SHA256	`b18903edcf69b3c6002596c4cff5e9d436233a77efd5849e560dffcd22bda2cb`
SHA3	`550c0b05ee117db28f9fdebb81cbeb6463a4855c75d7883e184791ef912acf35`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.100.1.0
ProductVersion	0.100.1.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	The NW.js Community
FileDescription	nwjs
FileVersion (#2)	0.100.1
InternalName	nw_exe
LegalCopyright	Copyright @LASTCHANGE_YEAR@, The NW.js community and The Chromium Authors. All rights reserved.
OriginalFilename	nw.exe
ProductName	nwjs
ProductVersion (#2)	0.100.1
CompanyShortName	nwjs.io
ProductShortName	nwjs
LastChange	0000000000000000000000000000000000000000-0000000000000000000000000000000000000000

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Jun-01 05:00:00
Version	`0.0`
SizeofData	`35`
AddressOfRawData	`0x22d8b4`
PointerToRawData	`0x22c0b4`
Referenced File	nw.exe.pdb

UNKNOWN

Characteristics	`0`
TimeDateStamp	2025-Jun-01 05:00:00
Version	`0.0`
SizeofData	`4`
AddressOfRawData	`0x22d8d8`
PointerToRawData	`0x22c0d8`

TLS Callbacks

StartAddressOfRawData	`0x14025b000`
EndAddressOfRawData	`0x14025b2a0`
AddressOfIndex	`0x140245a58`
AddressOfCallbacks	`0x14022f2d0`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_32BYTES`
Callbacks	`0x00000001401483C0` `0x000000014016DF90` `0x00000001401B6EB0` `0x0000000140137200` `0x00000001401B6F20` `0x000000014000CD50`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14023fc00`
GuardCFCheckFunctionPointer	`5370999304`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

Errors

Leave a comment

No comments yet.