Manalyze report for 6b7ae6095dad01eb05ab6f3e998f02bb18a20d34a2a0af48f8c083fb5809066a

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Mar-20 08:11:30
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.
Debug artifacts	app.pdb
CompanyName	ReideN Development
FileDescription	ReideN
FileVersion	`3.2.0`
LegalCopyright	Copyright Â© 2026 ReideN Development
ProductName	ReideN
ProductVersion	`3.2.0`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Looks for VMWare presence: vmmemctl vmmouse vmware` `Looks for VirtualBox presence: VBoxGuest VBoxMouse` `Looks for Qemu presence: qemu` `Miscellaneous malware strings: Exploit cmd.exe` Contains domain names: 0www.entrust.net 7www.entrust.net Entrust.net GoDaddy.com birthpopuptypesapplyImagebeinguppernoteseveryshowsmeansextramatchtrackknownearlybegansuperpapernorthlearngivennamedendedTermspartsGroupbrandusingwomanfalsereadyaudiotakeswhile.com console.info denuvo.reiden.com developer.microsoft.com entrust.net genretrucklooksValueFrame.net github.com http://dummy.testC http://no.url.provided.local http://www.C http://www.a http://www.css http://www.hortcut http://www.icon http://www.interpretation http://www.language http://www.style http://www.text-decoration http://www.w3.org http://www.w3.org/shortcut http://www.wencodeURIComponent http://www.years https://developer.microsoft.com https://developer.microsoft.com/en-us/microsoft-edge/webview2 https://docs.rs https://github.com https://reiden.com.tr https://www.World https://www.recent microsoft.com openssl.org reiden.com thing.org www.entrust.net www.w3.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to RC5 or RC6`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExA LoadLibraryA LoadLibraryW LoadLibraryExW GetProcAddress` `Functions which can be used for anti-debugging purposes: SwitchToThread CheckRemoteDebuggerPresent CreateToolhelp32Snapshot NtQueryInformationProcess` `Can access the registry: RegOpenKeyExW RegQueryValueExW RegOpenKeyTransactedW RegCloseKey RegGetValueW RegCreateKeyExW RegCreateKeyTransactedW` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Uses Windows's Native API: NtCreateNamedPipeFile NtReadFile NtOpenFile NtWriteFile NtCreateFile NtQueryInformationProcess NtDeviceIoControlFile NtCancelIoFileEx` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: MapVirtualKeyW GetAsyncKeyState GetForegroundWindow` `Leverages the raw socket API to access the Internet: getsockname getpeername send WSASend getsockopt setsockopt ioctlsocket connect WSAIoctl WSASocketW bind shutdown WSACleanup WSAStartup freeaddrinfo getaddrinfo recv WSAGetLastError closesocket` `Functions related to the privilege level: OpenProcessToken` `Manipulates other processes: ReadProcessMemory OpenProcess Process32NextW Process32FirstW` `Can take screenshots: GetDC CreateCompatibleDC BitBlt` `Interacts with the certificate store: CertAddCertificateContextToStore CertOpenStore`
Info	The PE is digitally signed.	`Signer: ReideN Development` `Issuer: ReideN Development`
Suspicious	VirusTotal score: 1/66 (Scanned on 2026-04-18 04:32:57)	`Trapmine: suspicious.low.ml.score`

Hashes

MD5	`5d8eeff5ff715a2f6fe78c6ec21307da`
SHA1	`a798076b4a3ba79798af88f16083a46fe6014ae5`
SHA256	`6b7ae6095dad01eb05ab6f3e998f02bb18a20d34a2a0af48f8c083fb5809066a`
SHA3	`c871b37ab5bc9cce3161b4df92ed84dbdb9205bbd2a31399e7d76f8f74fd5cae`
SSDeep	`196608:S3dQqH2GckA55llISYe/6/FVAJ+VGYG+h:S3dQ+VupIReX4VGY3h`
Imports Hash	`292ed73fa5e2c139811cd4b437d96a1e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-Mar-20 08:11:30
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xdb5a00`
SizeOfInitializedData	`0x746a00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000D7F978 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x14ff000`
SizeOfHeaders	`0x400`
Checksum	`0x1502b9c`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a9c74757d2739559985a08b30989f95b`
SHA1	`912c22b1ab2a32b49a13bd86d10a1d9b7bcb5c33`
SHA256	`426e02de28a391172f5d88f7c8e1a1ed6b6bdb0b1408062fa8462747e4c7925d`
SHA3	`a9a3b00e5952b1e20edf4e610c0a00ca4ff99938f8792749edea6b185f715546`
VirtualSize	`0xdb59e0`
VirtualAddress	`0x1000`
SizeOfRawData	`0xdb5a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.21217`

.rdata

MD5	`402b2e2f2be27a3e390dc2c801f2eb5d`
SHA1	`3ac4dc4c7fa5217df76889610834e61b3c5b1164`
SHA256	`14cad4b365b0b24966f747ed497b482d3058dabef3c598e8f840db81d9d24fa2`
SHA3	`a6f20e4020202e43645f9a5fe4f3464df633758d6f1f82ac12839db383c29264`
VirtualSize	`0x655c42`
VirtualAddress	`0xdb7000`
SizeOfRawData	`0x655e00`
PointerToRawData	`0xdb5e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.29605`

.data

MD5	`29964464ff0a988deb8c7afa124df6bb`
SHA1	`8a400aeeb0992e66cfd99c68f4f57be62c7f6d31`
SHA256	`1a88f7b0059949b3140638193f9ddfc13cb12cd27190b1f9bae5116f5f9aa0fb`
SHA3	`b4b0ef104cf91724d5276cbfa8a1a3e88529a405fcc7d9424667717b9ed3d5e6`
VirtualSize	`0x9358`
VirtualAddress	`0x140d000`
SizeOfRawData	`0x6a00`
PointerToRawData	`0x140bc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.8666`

.pdata

MD5	`31212536210c3f7d82b208cbd77a86d2`
SHA1	`a4f8a0a3dc0fbefef2563df57afd38a863c7c80a`
SHA256	`3c804258b918bb33b92639868702700e962b71c523ddd9fc91bc15120d93c6da`
SHA3	`0177c3c3ffa4dac22909bd7444f1ac9352b64e81a94138a724542c650790caf2`
VirtualSize	`0xb7e88`
VirtualAddress	`0x1417000`
SizeOfRawData	`0xb8000`
PointerToRawData	`0x1412600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.80387`

.rsrc

MD5	`cc4a791ebde7f92f9f158be72cbe1695`
SHA1	`a9dbcd0f37a78318d74167283c11f71c60e9d251`
SHA256	`184fb23b7ed284e603a3543ff173c68ce6b5f9c66a7e9637b1701aa6a1f43985`
SHA3	`f8dca42cd1c221219a439eb576f6409ccbaa0ebda3a31112f7d6b2fec0f96e80`
VirtualSize	`0x1d630`
VirtualAddress	`0x14cf000`
SizeOfRawData	`0x1d800`
PointerToRawData	`0x14ca600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.94689`

.reloc

MD5	`194b77d60f344752f5aa59f3ac272578`
SHA1	`6f0b89ce3d1402d4e0d8c04e52345b8343d22ac3`
SHA256	`2dfcbe5a8b463f107edf62cbbc774cf8e2e0e2ea11a7d01123c9e51c0cc78ae6`
SHA3	`5be6acc16dae3200d3ee93c26793069cf7452aa0505d5c7d631ea67936bb6693`
VirtualSize	`0x11f70`
VirtualAddress	`0x14ed000`
SizeOfRawData	`0x12000`
PointerToRawData	`0x14e7e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.48508`

Imports

kernel32.dll	`GetSystemTimePreciseAsFileTime` `LoadLibraryExA` `CreateProcessW` `GetWindowsDirectoryW` `GetSystemDirectoryW` `CompareStringOrdinal` `FreeEnvironmentStringsW` `CreateThread` `SetWaitableTimer` `GetProcessId` `CreateWaitableTimerExW` `lstrlenW` `LoadLibraryA` `LoadLibraryW` `GetConsoleOutputCP` `GetStdHandle` `TerminateProcess` `WriteConsoleW` `RtlCaptureContext` `MultiByteToWideChar` `CancelIo` `QueryPerformanceFrequency` `SleepEx` `ReadFileEx` `RtlLookupFunctionEntry` `FindNextFileW` `SetHandleInformation` `FormatMessageW` `WaitForMultipleObjects` `ExitProcess` `GetTempPathW` `GetFullPathNameW` `SetEnvironmentVariableW` `FindClose` `FindFirstFileExW` `GetFinalPathNameByHandleW` `DeleteFileW` `CreateEventW` `SwitchToThread` `GetFileInformationByHandleEx` `CreateDirectoryW` `MoveFileExW` `CopyFileExW` `RemoveDirectoryW` `GetCommandLineW` `GetEnvironmentStringsW` `GetCurrentDirectoryW` `SetLastError` `GetCurrentThread` `SetThreadStackGuarantee` `AddVectoredExceptionHandler` `SetFileInformationByHandle` `LocalFree` `IsWow64Process` `SetFilePointerEx` `ReleaseMutex` `CreateMutexA` `WaitForSingleObjectEx` `WideCharToMultiByte` `HeapReAlloc` `CreatePipe` `WaitForSingleObject` `GetEnvironmentVariableW` `TlsFree` `UnhandledExceptionFilter` `GetLastError` `SetUnhandledExceptionFilter` `DuplicateHandle` `InitializeSListHead` `RtlUnwindEx` `CreateIoCompletionPort` `SetFileCompletionNotificationModes` `RtlPcToFileHeader` `RaiseException` `GetOverlappedResult` `PostQueuedCompletionStatus` `ReadFile` `WriteFile` `CancelIoEx` `SetNamedPipeHandleState` `GetQueuedCompletionStatusEx` `CreateFileW` `GetCurrentThreadId` `GetFileAttributesW` `GetModuleFileNameW` `LoadLibraryExW` `LCIDToLocaleName` `FreeLibrary` `GetFileInformationByHandle` `GetConsoleMode` `GetComputerNameExW` `QueryPerformanceCounter` `GetUserDefaultUILanguage` `IsProcessorFeaturePresent` `ReleaseSRWLockExclusive` `AcquireSRWLockExclusive` `WakeAllConditionVariable` `SleepConditionVariableSRW` `GetModuleHandleW` `GetSystemTimeAsFileTime` `GetCurrentProcess` `DeviceIoControl` `IsDebuggerPresent` `CheckRemoteDebuggerPresent` `VirtualQueryEx` `InitializeCriticalSectionAndSpinCount` `ReadProcessMemory` `TlsAlloc` `RtlVirtualUnwind` `DeleteCriticalSection` `GetModuleHandleA` `HeapFree` `Sleep` `GetProcessIoCounters` `GetSystemTimes` `GetProcessTimes` `OpenProcess` `GetExitCodeProcess` `GetProcAddress` `TlsGetValue` `Process32NextW` `Process32FirstW` `CreateToolhelp32Snapshot` `EncodePointer` `HeapAlloc` `GetProcessHeap` `OutputDebugStringA` `OutputDebugStringW` `TlsSetValue` `WriteFileEx` `GetSystemInfo` `CloseHandle` `K32GetPerformanceInfo` `GlobalMemoryStatusEx` `GetCurrentProcessId`
advapi32.dll	`RegOpenKeyExW` `RegQueryValueExW` `IsValidSid` `RegOpenKeyTransactedW` `CopySid` `OpenProcessToken` `RegCloseKey` `GetTokenInformation` `RegGetValueW` `RegCreateKeyExW` `RegCreateKeyTransactedW` `GetLengthSid` `EventRegister` `EventSetInformation` `EventWriteTransfer` `EventUnregister` `SystemFunction036`
oleaut32.dll	`SysFreeString` `SysStringLen` `GetErrorInfo` `SetErrorInfo`
bcryptprimitives.dll	`ProcessPrng`
ntdll.dll	`NtCreateNamedPipeFile` `NtReadFile` `NtOpenFile` `NtWriteFile` `NtCreateFile` `RtlNtStatusToDosError` `NtQueryInformationProcess` `NtDeviceIoControlFile` `NtCancelIoFileEx` `RtlGetVersion`
user32.dll	`OffsetRect` `GetMenuBarInfo` `DrawMenuBar` `SetMenu` `GetMenuItemInfoW` `SetCapture` `CreateIcon` `SetWindowLongW` `EnableMenuItem` `GetSystemMenu` `SystemParametersInfoA` `SetPropW` `GetMenu` `ShowCursor` `ReleaseCapture` `RegisterRawInputDevices` `SendInput` `GetRawInputData` `ClipCursor` `GetClipCursor` `IsWindowVisible` `GetWindowDC` `EnumDisplayMonitors` `MonitorFromPoint` `SetWindowTextW` `GetWindowTextW` `GetWindowTextLengthW` `SetWindowDisplayAffinity` `SetForegroundWindow` `CreateAcceleratorTableW` `SetFocus` `PostQuitMessage` `TrackPopupMenu` `RegisterWindowMessageA` `GetKeyState` `SetParent` `MapWindowPoints` `GetWindow` `ShowWindow` `ReleaseDC` `GetWindowRect` `SetWindowLongPtrW` `GetParent` `InsertMenuW` `GetWindowLongPtrW` `AppendMenuW` `SetMenuItemInfoW` `FindWindowExW` `SetWindowRgn` `CreateMenu` `IsProcessDPIAware` `GetDC` `CreatePopupMenu` `ToUnicodeEx` `DestroyWindow` `TranslateAcceleratorW` `GetKeyboardLayout` `RegisterClassExW` `CreateWindowExW` `SetWindowPos` `GetMessageA` `TranslateMessage` `DispatchMessageA` `EnumChildWindows` `MsgWaitForMultipleObjectsEx` `PostMessageW` `AdjustWindowRect` `RedrawWindow` `SendMessageW` `IsIconic` `GetMessageW` `MapVirtualKeyExW` `DispatchMessageW` `PeekMessageW` `PostThreadMessageW` `DefWindowProcW` `ScreenToClient` `GetWindowLongW` `RemoveMenu` `CheckMenuItem` `DrawIconEx` `DestroyMenu` `GetKeyboardState` `EnableWindow` `IsWindowEnabled` `GetActiveWindow` `MapVirtualKeyW` `CloseTouchInputHandle` `GetTouchInputInfo` `GetAsyncKeyState` `TrackMouseEvent` `GetClientRect` `DestroyAcceleratorTable` `DestroyIcon` `GetForegroundWindow` `IsWindow` `AdjustWindowRectEx` `FlashWindowEx` `UpdateWindow` `InvalidateRect` `SetCursorPos` `DrawTextW` `LoadCursorW` `InvalidateRgn` `GetWindowPlacement` `SetWindowPlacement` `ChangeDisplaySettingsExW` `GetUpdateRect` `ValidateRect` `GetMonitorInfoW` `MonitorFromWindow` `GetCursorPos` `SetCursor` `GetSystemMetrics` `SystemParametersInfoW` `FillRect` `MonitorFromRect` `ClientToScreen` `RegisterTouchWindow`
api-ms-win-core-synch-l1-2-0.dll	`WakeByAddressAll` `WakeByAddressSingle` `WaitOnAddress`
ole32.dll	`CoCreateFreeThreadedMarshaler` `CoInitializeEx` `CoInitialize` `RegisterDragDrop` `OleInitialize` `RevokeDragDrop` `CoUninitialize` `CoCreateInstance`
comctl32.dll	`SetWindowSubclass` `DefSubclassProc` `RemoveWindowSubclass` `TaskDialogIndirect`
shlwapi.dll	`SHCreateMemStream`
gdi32.dll	`SetBkMode` `CreateCompatibleDC` `GetDeviceCaps` `CreateDIBSection` `SelectObject` `DeleteObject` `CreateSolidBrush` `CreateRectRgn` `DeleteDC` `BitBlt` `CombineRgn` `SetTextColor`
combase.dll	`CoTaskMemFree` `CoTaskMemAlloc`
shell32.dll	`ShellExecuteW` `ShellExecuteExW` `SHCreateItemFromParsingName` `SHGetKnownFolderPath` `CommandLineToArgvW` `DragQueryFileW` `DragFinish` `SHAppBarMessage`
ws2_32.dll	`getsockname` `getpeername` `send` `WSASend` `getsockopt` `setsockopt` `ioctlsocket` `connect` `WSAIoctl` `WSASocketW` `bind` `shutdown` `WSACleanup` `WSAStartup` `freeaddrinfo` `getaddrinfo` `recv` `WSAGetLastError` `closesocket`
secur32.dll	`DecryptMessage` `EncryptMessage` `AcquireCredentialsHandleA` `ApplyControlToken` `AcceptSecurityContext` `FreeContextBuffer` `InitializeSecurityContextW` `DeleteSecurityContext` `QueryContextAttributesW` `FreeCredentialsHandle`
crypt32.dll	`CertGetCertificateChain` `CertVerifyCertificateChainPolicy` `CertDuplicateCertificateChain` `CertFreeCertificateChain` `CertDuplicateCertificateContext` `CertCloseStore` `CertFreeCertificateContext` `CertDuplicateStore` `CertAddCertificateContextToStore` `CertEnumCertificatesInStore` `CertOpenStore`
dwmapi.dll	`DwmSetWindowAttribute` `DwmGetWindowAttribute` `DwmEnableBlurBehindWindow`
pdh.dll	`PdhGetFormattedCounterValue` `PdhOpenQueryA` `PdhAddEnglishCounterW` `PdhRemoveCounter` `PdhCloseQuery` `PdhEnumObjectsA` `PdhCollectQueryData`
powrprof.dll	`CallNtPowerInformation`
psapi.dll	`GetProcessMemoryInfo` `GetModuleFileNameExW`
SHELL32.dll	`SHOpenFolderAndSelectItems` `#190` `#155`
bcrypt.dll	`BCryptGenRandom`
api-ms-win-crt-math-l1-1-0.dll	`roundf` `trunc` `round` `pow` `floor` `__setusermatherr`
api-ms-win-crt-string-l1-1-0.dll	`strcmp` `wcsncmp` `wcslen` `wcscmp` `strlen` `strcpy_s` `_wcsicmp`
api-ms-win-crt-runtime-l1-1-0.dll	`_set_app_type` `_configure_narrow_argv` `_initialize_narrow_environment` `_get_initial_narrow_environment` `_initterm` `abort` `_initterm_e` `terminate` `exit` `_wassert` `_crt_atexit` `_register_onexit_function` `_initialize_onexit_table` `_exit` `_seh_filter_exe` `__p___argc` `_register_thread_local_exe_atexit_callback` `_c_exit` `_cexit` `__p___argv`
api-ms-win-crt-heap-l1-1-0.dll	`malloc` `_callnewh` `_set_new_mode` `free` `calloc`
api-ms-win-crt-convert-l1-1-0.dll	`_wtoi` `wcstol` `_ultow_s`
api-ms-win-crt-stdio-l1-1-0.dll	`__p__commode` `_set_fmode`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf0a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.60626`
Detected Filetype	PNG graphic file
MD5	`19320d519d373e6a36538f9ecc17e651`
SHA1	`be5a101b8f29d4062847cda2f340c1bd8b6e65c4`
SHA256	`9a2fc4d4e88ae09201d30d7743c1e5579c46a08523a63fcfde7ce56f5d1c0eb2`
SHA3	`20d37e07642266b2c47f91f4b2407e6db4fe2a6abfd892bec1e85525b145ae1e`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x454`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.59812`
Detected Filetype	PNG graphic file
MD5	`f866ab719745195ab9a697114c1bc2eb`
SHA1	`4888a46b4906744ad8f86b4245a451fd9477e889`
SHA256	`17350b2ca4defe0346462dfaeef9e7a15d7a05d9b9f8a04a0eac1c4b216385e2`
SHA3	`09b53457623da0b4deb1a91bd871ad9e63cec8c9380446a1bd822f4eb2257f0b`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x95c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.56926`
Detected Filetype	PNG graphic file
MD5	`8fc57e7bfea42b4982239840c7b17109`
SHA1	`4bff1fc4d3adda71f752fc84ad7eb156a6abfc0d`
SHA256	`8814c0d6146ae9a6b167d3a809b71e51d972c815d2256aa27fa0c93dcca9ce7d`
SHA3	`8ce826e2e1465c0db525889fc29a78ee6deeb624326902b568bee020ba6549d7`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1cd1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.69658`
Detected Filetype	PNG graphic file
MD5	`d2b5275ce809792c725aab7db880fd76`
SHA1	`c995458bcff3167cb17b2f1a6f796ff61539c69c`
SHA256	`ff2ea7faa64dd84b7953b1677391e120407c5130300b5b7d715793fbf9a9b437`
SHA3	`f738ce05d65adf97bbac4032ca456d0a200b51468afb5549bfa399a5d479db15`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2d20`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.74814`
Detected Filetype	PNG graphic file
MD5	`6b8327956dd463c4a8f5057481a3ef95`
SHA1	`312c96217f849a0c3d2e6dcfad560035bc2666d2`
SHA256	`bc65778bf08fc5294d9a820cac4f1aeb6ec42a7f6f172733a8ee69c81413f734`
SHA3	`669b67a52d3a92bb8bbd2e24b1f3b6c1081355f676b2e67a591e69569911f54b`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x16943`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99285`
Detected Filetype	PNG graphic file
MD5	`d0a2d38ff2174f0944e23ce51356ecb1`
SHA1	`7b86d0dec9e3993e2c5a3a83f0229f793b0e9152`
SHA256	`f4184a63a6e987e4a6a0d74cfba50edc5bef9a468c8ba34ccd6104eb999032c2`
SHA3	`8d49b335e6fe213f13e94b5f2e41106329edb500366b66da15a2351aafceed20`

32512

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82381`
Detected Filetype	Icon file
MD5	`d85124ef362abb116f1bc2dfb3316665`
SHA1	`5591a5079055128d9aa5903ec57262094e81a248`
SHA256	`65e35ab6d93332565a7b8dfc0958f90c49fe1d1dc346460580b742de4742bf46`
SHA3	`8e147c0ff48212d6277ab1a444130a2186a874a37ebb8b41998cfab570534920`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x254`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27184`
MD5	`32608922974212031a04c0f52fef21c9`
SHA1	`9ff69da96bbb389f224ba18f698d798014200555`
SHA256	`d96b514cd2d0b6eecbcd6a9836fbf5030496e82264f4bf8d57e2dd03200df1bc`
SHA3	`a0d957798a15f0eb34914053153c12c73d6e30239195cf2ea35c85d7b09cab07`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96056`
MD5	`01e4c8c046a47771f13cd120b53303e7`
SHA1	`2a4224d31c916a5cff4f2636a3cb47fdd84a5cc9`
SHA256	`b1cb832f790c153aa0e9a66f76e75460263cf1d41971d2dbcc9a4d87ec18b7d8`
SHA3	`680120ec819e7ba66519d9a8a3e446973c4cb28aa0146c91cceaa8c8fadc90ae`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	3.2.0.0
ProductVersion	3.2.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	ReideN Development
FileDescription	ReideN
FileVersion (#2)	3.2.0
LegalCopyright	Copyright Â© 2026 ReideN Development
ProductName	ReideN
ProductVersion (#2)	3.2.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Mar-20 08:11:30
Version	`0.0`
SizeofData	`32`
AddressOfRawData	`0x1133374`
PointerToRawData	`0x1132174`
Referenced File	app.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Mar-20 08:11:30
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x1133394`
PointerToRawData	`0x1132194`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Mar-20 08:11:30
Version	`0.0`
SizeofData	`1048`
AddressOfRawData	`0x11333a8`
PointerToRawData	`0x11321a8`

TLS Callbacks

StartAddressOfRawData	`0x141133808`
EndAddressOfRawData	`0x141133a1c`
AddressOfIndex	`0x141415c38`
AddressOfCallbacks	`0x140db7eb8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_8BYTES`
Callbacks	`0x0000000140CD7720`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1414136c0`

RICH Header

XOR Key	`0xe088faf6`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`14`
ASM objects (35207)	`9`
C objects (35207)	`13`
C++ objects (35207)	`47`
Imports (30151)	`4`
Imports (33145)	`3`
C objects (35217)	`96`
Total imports	`578`
Unmarked objects (#2)	`963`
Resource objects (35217)	`1`
Linker (35217)	`1`

Errors

Leave a comment

No comments yet.