Manalyze report for 704925ecfdb24ef81190b82de0e5453c

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2007-May-16 20:46:44
Detected languages	English - United States
Debug artifacts	Dashboard.pdb
CompanyName	Microsoft Corporation
FileDescription	Windows Live installer client executable
InternalName	Dashboard.exe
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	Dashboard.exe
ProductName	Windows Live installer
FileVersion	`12.0.1202.0516`
ProductVersion	`12.0.1202.0516`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ v6.0 DLL` `MSVC++ v.8 (procedure 1 recognized - h)`
Info	Interesting strings found in the binary:	`Contains domain names: go.microsoft.com home.microsoft.com http://go.microsoft.com http://go.microsoft.com/fwlink/?linkid http://home.microsoft.com http://home.microsoft.com/access/autosearch.asp?p http://ie.search.msn.com http://ie.search.msn.com/ http://runonce.msn.com http://runonce.msn.com/?v http://www.microsoft.com http://www.microsoft.com/isapi/redir.dll?prd ie.search.msn.com microsoft.com runonce.msn.com search.live.com search.msn.com www.microsoft.com`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryW LoadLibraryExW` `Can access the registry: RegCreateKeyExW RegOpenKeyExW RegQueryValueExW RegSetValueExW RegDeleteKeyW RegDeleteValueW RegQueryInfoKeyW RegEnumKeyExW RegCloseKey SHGetValueW` `Possibly launches other programs: ShellExecuteW` `Functions related to the privilege level: OpenProcessToken AdjustTokenPrivileges` `Can shut the system down or lock the screen: ExitWindowsEx`
Info	The PE is digitally signed.	`Signer: Microsoft Corporation` `Issuer: Microsoft Code Signing PCA`
Safe	VirusTotal score: 0/69 (Scanned on 2025-02-03 19:44:18)	`All the AVs think this file is safe.`

Hashes

MD5	`704925ecfdb24ef81190b82de0e5453c`
SHA1	`1128b3063180419893615ca73ad4f9dd51ebeac6`
SHA256	`8cc871ee8760a4658189528b4a5d8afe9824f6a13faaf1fe7eb56f2a3ad2d04e`
SHA3	`e99899283cf7a368e9d3ca0248bf5d24205e26367a15433b0d85575c515eb900`
SSDeep	`3072:fW6vjvEUEzozIGnKyvBhSVeoVdS5jO4yEWzJ1gKs4H+u1ERB:REJWC+SVeoVdSZOqWbgKs4HPQ`
Imports Hash	`0ca5cb26c304d9ba14511fa26b260aac`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xe8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2007-May-16 20:46:44
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`8.0`
SizeOfCode	`0x18600`
SizeOfInitializedData	`0x8c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000861F (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x1a000`
ImageBase	`0x1000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`6.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x24000`
SizeOfHeaders	`0x400`
Checksum	`0x3052a`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x40000`
SizeofStackCommit	`0x2000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a8cdc5ff9534e19468c3228384f1d33c`
SHA1	`cef8d37d8a69aab8d4144961c2b8d23cb5982ed6`
SHA256	`8ba2673a880d5a79b79a4307336c71d53f54bf81948e24e77b6b3cb14e10eb4a`
SHA3	`ad7f01c6de475081aee2a37523f13e504255eba6d05747118a5b003ca88dc187`
VirtualSize	`0x18490`
VirtualAddress	`0x1000`
SizeOfRawData	`0x18600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.3224`

.data

MD5	`513f2b80d2aa26835abf65be0dfba41c`
SHA1	`78add0896ed4aa4ec263dcda0ec9e790a1c2ee1a`
SHA256	`4906a11c4743f5cdeff23bd2b9d425d30b1286993191cd4a03f8f2d1a5022923`
SHA3	`0f05eb212f785fa71f654bc197ae41725b1f5c10da6204b6966488db50f31ed2`
VirtualSize	`0x9f4`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x600`
PointerToRawData	`0x18a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.56306`

.rsrc

MD5	`4983b48a271ce15610945bd5ea796dcb`
SHA1	`61f4c489dbb52c493b28e4c26cf1a82c77364f5b`
SHA256	`b95807ccac413aeae4589501a866a05bce06b635f7f23e1142354691e837672d`
SHA3	`2fde04f59031295f1ae475a8573436b84bcfa5a674d886ab97f19a92728939ec`
VirtualSize	`0x8028`
VirtualAddress	`0x1b000`
SizeOfRawData	`0x8200`
PointerToRawData	`0x19000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.4178`

Imports

ADVAPI32.dll	`TraceMessage` `GetTraceEnableFlags` `GetTraceEnableLevel` `GetTraceLoggerHandle` `RegisterTraceGuidsW` `UnregisterTraceGuids` `GetTokenInformation` `OpenProcessToken` `RegCreateKeyExW` `RegOpenKeyExW` `RegQueryValueExW` `RegSetValueExW` `AdjustTokenPrivileges` `LookupPrivilegeValueW` `RegDeleteKeyW` `RegDeleteValueW` `RegQueryInfoKeyW` `RegEnumKeyExW` `RegCloseKey`
KERNEL32.dll	`LocalFree` `GetCommandLineW` `CloseHandle` `MultiByteToWideChar` `lstrlenA` `GetCurrentProcess` `CreateMutexW` `GetVersionExW` `VerLanguageNameW` `GetModuleFileNameW` `GetModuleHandleW` `HeapSetInformation` `GetProcessHeap` `GetProcAddress` `GetSystemDefaultLCID` `LoadLibraryW` `CompareStringW` `LoadLibraryExW` `GetLastError` `lstrcmpiW` `TlsGetValue` `lstrlenW` `FindAtomW` `IsDebuggerPresent` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `TerminateProcess` `GetSystemTimeAsFileTime` `GetCurrentProcessId` `GetCurrentThreadId` `GetTickCount` `QueryPerformanceCounter` `GetStartupInfoW` `InterlockedCompareExchange` `Sleep` `GetThreadLocale` `GetLocaleInfoA` `GetACP` `InterlockedExchange` `HeapSize` `HeapReAlloc` `HeapFree` `HeapAlloc` `HeapDestroy` `GetVersionExA` `LeaveCriticalSection` `EnterCriticalSection` `InterlockedDecrement` `InterlockedIncrement` `FindResourceExW` `FindResourceW` `LoadResource` `LockResource` `SizeofResource` `DeleteCriticalSection` `InitializeCriticalSection` `RaiseException` `FreeLibrary`
USER32.dll	`GetSystemMetrics` `GetMessageW` `TranslateMessage` `DispatchMessageW` `UnregisterClassA` `SetRect` `PostThreadMessageW` `PostMessageW` `SetWindowTextW` `ExitWindowsEx` `AdjustWindowRectEx` `CharNextW` `SetWindowPlacement` `OffsetRect` `GetWindowPlacement` `EnableWindow` `SetForegroundWindow` `ShowWindow` `IsWindowVisible` `SendMessageW` `SetWindowPos` `RemoveMenu` `GetSystemMenu` `GetForegroundWindow` `GetMonitorInfoW` `MonitorFromRect` `SystemParametersInfoW` `IsRectEmpty`
MSVCR80.dll	`_controlfp_s` `?_type_info_dtor_internal_method@type_info@@QAEXXZ` `_crt_debugger_hook` `memcpy_s` `_CxxThrowException` `memmove_s` `wcsstr` `wcschr` `??_V@YAXPAX@Z` `__CxxFrameHandler3` `free` `calloc` `??2@YAPAXI@Z` `_recalloc` `_vscwprintf` `vswprintf_s` `malloc` `swprintf_s` `memset` `wcscat_s` `wcscpy_s` `wcsncpy_s` `_vsnwprintf` `_wcslwr_s` `_wcsicmp` `_purecall` `_amsg_exit` `_invoke_watson` `_decode_pointer` `_onexit` `_lock` `__dllonexit` `_unlock` `?terminate@@YAXXZ` `_except_handler4_common` `__set_app_type` `_encode_pointer` `__p__fmode` `__p__commode` `_adjust_fdiv` `__setusermatherr` `_configthreadlocale` `_initterm_e` `_initterm` `_wcmdln` `exit` `_XcptFilter` `_exit` `_cexit` `__wgetmainargs` `??3@YAXPAX@Z`
SHELL32.dll	`ShellExecuteW` `CommandLineToArgvW` `SHAppBarMessage`
ole32.dll	`CoInitializeEx` `CoTaskMemFree` `CoTaskMemRealloc` `CoTaskMemAlloc` `CoQueryProxyBlanket` `CoCopyProxy` `CoSetProxyBlanket` `CoCreateInstance` `CoUninitialize`
OLEAUT32.dll	`VariantChangeType` `SysFreeString` `SysAllocString` `VarUI4FromStr` `SysStringLen` `VarBstrCmp` `DispCallFunc` `VariantClear` `VariantInit`
VERSION.dll	`GetFileVersionInfoSizeW` `VerQueryValueW` `GetFileVersionInfoW`
UXCore.dll	`?SetDefaultFocus@NativeHWNDHost@DirectUI@@MAEXXZ` `?Destroy@NativeHWNDHost@DirectUI@@UAEXXZ` `?RMInitialize@@YGXXZ` `?RMUpdateResourceSet@@YG_NPB_WK00@Z` `UXCoreInitProcess` `UXCoreInitThread` `UXCoreUnInitThread` `UXCoreUnInitProcess` `?RMTerminate@@YGXXZ` `?LoadAndCreateElement@CRMDUIParser@@QAEJIPB_WPAPAVElement@DirectUI@@PAV23@K0@Z` `?Initialize@NativeHWNDHost@DirectUI@@QAEJPB_W0PAUHWND__@@PAUHICON__@@HHHHHHHPAUHINSTANCE__@@I@Z` `?RMLoadIcon@@YGPAUHICON__@@PB_WK0@Z` `?Create@HWNDElement@DirectUI@@SGJPAUHWND__@@_NI1PAPAVElement@2@@Z` `?Host@NativeHWNDHost@DirectUI@@QAEXPAVElement@2@@Z` `?AddListener@Element@DirectUI@@QAEJPAUIElementListener@2@@Z` `?Attach@CRMDUIParser@@QAEJPAVElement@DirectUI@@@Z` `BuildDropTarget` `??0NativeHWNDHost@DirectUI@@QAE@XZ` `?Create@FillLayout@DirectUI@@SGJPAPAVLayout@2@@Z` `?CreateUnknown@Value@DirectUI@@SGPAV12@PAUIUnknown@@@Z` `?CmdContextProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?AccNameProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?AccRoleProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?StrToID@DirectUI@@YGGPB_W@Z` `?RMLoadInt@@YGHIHKPB_W@Z` `?GetHWND@NativeHWNDHost@DirectUI@@QAEPAUHWND__@@XZ` `?RMLoadString@@YGIIPA_WIKPB_W@Z` `?Class@Element@DirectUI@@2PAUIClassInfo@2@A` `?FindDescendent@Element@DirectUI@@QAEPAV12@G@Z` `?Class@Checkbox@DirectUI@@2PAUIClassInfo@2@A` `?Class@Hyperlink@DirectUI@@2PAUIClassInfo@2@A` `?Class@Progress@DirectUI@@2PAUIClassInfo@2@A` `?_ZeroRelease@Value@DirectUI@@AAEXXZ` `?ParentProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?GetValue@Element@DirectUI@@QBEPAVValue@2@PBUPropertyInfo@2@H@Z` `?ChildrenProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?ClassProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?IDProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?SetValue@Element@DirectUI@@QAEJPBUPropertyInfo@2@HPAVValue@2@@Z` `?VisibleProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?CreateBool@Value@DirectUI@@SGPAV12@_N@Z` `?ContentProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?CreateString@Value@DirectUI@@SGPAV12@PB_WPAUHINSTANCE__@@I@Z` `?CreateAtom@Value@DirectUI@@SGPAV12@PB_W@Z` `?AccDescProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?g_dwElSlot@DirectUI@@3KA` `?StartDefer@Element@DirectUI@@SGXXZ` `?EndDefer@Element@DirectUI@@SGXXZ` `?CheckedProp@Checkbox@DirectUI@@2PAUPropertyInfo@2@A` `?UrlProp@Hyperlink@DirectUI@@2PAUPropertyInfo@2@A` `?PositionProp@Progress@DirectUI@@2PAUPropertyInfo@2@A` `?CreateInt@Value@DirectUI@@SGPAV12@H@Z` `?GetElement@NativeHWNDHost@DirectUI@@QAEPAVElement@2@XZ` `?RMLoadCompoundString@@YGIIPA_WIKPB_W@Z` `?FindDescendentByClass@Element@DirectUI@@QAEPAV12@PB_W@Z` `?Add@Element@DirectUI@@QAEJPAV12@@Z` `?DestroyAll@Element@DirectUI@@QAEJXZ` `?UpdateAndGetDesiredSize@Element@DirectUI@@QAE?AUtagSIZE@@HH@Z` `?Remove@Element@DirectUI@@QAEJPAV12@@Z` `?Navigate@Hyperlink@DirectUI@@2PAEA` `?Click@Button@DirectUI@@2PAEA` `??1NativeHWNDHost@DirectUI@@UAE@XZ` `?OnMessage@NativeHWNDHost@DirectUI@@UAEJIIJAAJ@Z` `?Destroy@Element@DirectUI@@QAEJ_N@Z` `?g_hHeap@DirectUI@@3PAXA` `?LayoutProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `?CreateLayout@Value@DirectUI@@SGPAV12@PAVLayout@2@@Z` `?AccessibleProp@Element@DirectUI@@2PAUPropertyInfo@2@A` `??0CRMDUIParser@@QAE@XZ`
SHLWAPI.dll	`SHGetValueW`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.48552`
MD5	`1adbe46d68462a2f322a4aa16ab763e7`
SHA1	`1d7af63eb62877ac74591caeddc4af8d2b709350`
SHA256	`7a7d20ee193037231a6f52eedacf31745c2c71ba17b4d622eb1a066bd270692c`
SHA3	`e851de0f63a76585d5a8e668c6cfacbc5456be81753e2ccee567d4f00616ed55`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.85761`
MD5	`a6cc28cb1053f6553572c7c290d199da`
SHA1	`c83d19df8cdcba405250570e8bb14786cc0ee08f`
SHA256	`9224815d59d11a7171c81fb500265b03cc532f717cf08e25ba448b4d80d58dd3`
SHA3	`2076097a114325a326cd370184941ef039a57a0db46f989e5918f2d576f96f32`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.81073`
MD5	`b2406bc20ade2302728911686dc7c5c8`
SHA1	`4cc10b70ddba8422b7aff31787e54a92c1b476a2`
SHA256	`6865d74f31442a6d2e8a2bc30a045f9fefc64ecb51a217b85c00c71e690dd28a`
SHA3	`718d40dbe820fe7699ce6bf06a2390719d402305bca683894e38315aafa7bda4`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3773`
MD5	`64b5af13918cb363f139919af9bd1a70`
SHA1	`e39973e41d503e765b386183d8b40f0f93a29c5c`
SHA256	`a387f58a334759e4c6fecf5d6663c9e89f973e8060e3aa7ade6ac61fd8c855ad`
SHA3	`439cda277c13c6df8a1464f37765ee00ad8609a1b7e2c06ec3f4c9442b2da33a`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.2941`
MD5	`c55f80518f61b0ae8dcd1ee20074df4f`
SHA1	`33826c20aa16c5b327a9d6cbe146663c14d4e1da`
SHA256	`9b938c2322304dd549786e8ac52ef81408490c173ef66fb606066d7229b5736d`
SHA3	`945a7f78930dee7fb47833c0b97a15cefaddf31e8a77163b3a37ac9ac9174741`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.83847`
MD5	`fdfba7c7010e619f3e663aea5e868e76`
SHA1	`6983faa6ffdba670f1cb018bd2860d8990903a0f`
SHA256	`f46ef0e77f431c593ee20eb91d147abdfba7d835a742efc248d55f51b948e1b2`
SHA3	`1c382aca9eb4b1048488a20fbcefb5e1d28f1ab2f7c7616bafcd5c1889a099c5`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.94689`
MD5	`a944130787d8204edd49b536cba22a2e`
SHA1	`902df346d2efb64e26251570c06faf4fd8933bbf`
SHA256	`716d867dbf77bb452ec574620e49a5d7bd1ea1514ed9437267813de70342d5c3`
SHA3	`71179c8ce0c680e5ccd09adae90fb261bd7021a6deef5ad8e82a56a933941e6d`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.21646`
MD5	`1d7f830ffb2a06eda7439917a2742f13`
SHA1	`2e64be8fa6a084be9e24bd7d3ce885671e7d0ff3`
SHA256	`e51479fc7ef910bb84e891366301e07171e868e95c15b7a6f33858bfc2c1d6a2`
SHA3	`82ca56ef4e45800c0a83665ec59465930e6298fce697b1bdca6fddebff51a6ba`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.2898`
MD5	`c8d65c80f41bbd2440711c428bada5df`
SHA1	`cedd5fa10b7d6619aee8143387ae1ccb99408f56`
SHA256	`be4881e77745150b65955852e46e47b1100b519f7aecaeb4b8941c0f103d9b7c`
SHA3	`aaeb7e3ffa9b5fdafa94dbb311c36c126d8cabe1848324984f79a5e0ca134995`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.5997`
MD5	`ab69f2fe16d803185bfe39f6c3feb978`
SHA1	`51a004bcd3f38583fae0ecbf7264db727a4bdc64`
SHA256	`8e63396486b1efd09056dcf53d0dc4da41b5edcd42ca2496ea5b92d6cec797f4`
SHA3	`954d8ab44ab94a41a627de099f5f46ebc459d330f1b86b43d2511aa019adcef7`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.71047`
MD5	`54723ef330e81df0c71695822a8b6908`
SHA1	`a873b841a8479c3a800abf3f3840b27f9a78eff7`
SHA256	`4c8421378249092f37b4f2bd12b28f253a3b04bf52d22d87c7de892bc9d07b17`
SHA3	`94e2232e91bcb69570b0e005fd404f9b86473a3fda43dd9a26841284be7b7364`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.66521`
MD5	`6dd8fc7213d61bf56b23f9d49b4eb59d`
SHA1	`d6565fdc4dd60951c45b3601eb470c4868cf80fc`
SHA256	`89eab3f2c0f93eddeac97c75f5f63df3b809e04f102fee9949dcac887093691f`
SHA3	`65ffe77d5379e48319998ca1515e147772e6c807f3fd954da556e6b3905a092c`

1 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06492`
Detected Filetype	Icon file
MD5	`9f09cf7bb38a28604b82294714b5aff8`
SHA1	`92235b3d49fd27218a58fbfad27ad6a619b54ffb`
SHA256	`d2d8ccd68849e94ea6b84f6835d0fe98ffa5c11e74a1138529e3c0b8d8edfe60`
SHA3	`31d634f42904a006333aee6a5258ab8c02eb1729897f4083ef50dad9565e0da3`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x378`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.46415`
MD5	`957884a5592ae4974ce614dbaf32ac80`
SHA1	`5eb31fc4ac60b9f1693be7bb2f55b164c9fa183d`
SHA256	`7e5884ff54c9b7b6df57712a39f93816c6b57a58557ff07cd7ff48473e131424`
SHA3	`2085757a69cb0477cca94711048338f00835d95fad5d6d5da6d8885d4d883063`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x49a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.44131`
MD5	`f00f539234ffe89c4159c13947b30849`
SHA1	`9a0a39472bf406a6fa8fd472007132acb3fbddce`
SHA256	`2927dcabb2f32e69f818ad801d37e152a7e93c6b92f731bf681eb3a3fac552a7`
SHA3	`a84005c1de4f9a3372927842c9ced308bf22b2244c5ec86b04b85c536799a2f8`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	12.0.1202.516
ProductVersion	12.0.1202.516
FileFlags	`VS_FF_PRERELEASE`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Microsoft Corporation
FileDescription	Windows Live installer client executable
InternalName	Dashboard.exe
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	Dashboard.exe
ProductName	Windows Live installer
FileVersion (#2)	12.0.1202.0516
ProductVersion (#2)	12.0.1202.0516

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2007-May-16 20:46:44
Version	`0.0`
SizeofData	`38`
AddressOfRawData	`0x44e0`
PointerToRawData	`0x38e0`
Referenced File	Dashboard.pdb

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x101a2b4`
SEHandlerTable	`0x1004590`
SEHandlerCount	`61`

RICH Header

XOR Key	`0xd72d2ad5`
Unmarked objects	`0`
126 (50327)	`1`
ASM objects (VS2012 build 50727 / VS2005 build 50727)	`4`
C objects (VS2012 build 50727 / VS2005 build 50727)	`25`
Imports (VS2012 build 50727 / VS2005 build 50727)	`21`
Total imports	`250`
C++ objects (VS2012 build 50727 / VS2005 build 50727)	`19`
Resource objects (VS2012 build 50727 / VS2005 build 50727)	`1`
Linker (VS2012 build 50727 / VS2005 build 50727)	`1`

704925ecfdb24ef81190b82de0e5453c

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.data

.rsrc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

10

11

12

1 (#2)

1 (#3)

1 (#4)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

TLS Callbacks

Load Configuration

RICH Header

Errors