Manalyze report for 735439cf5e6fd89bf9c6209d0786884c

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2014-Aug-23 09:24:50
Detected languages	English - United States

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentVersion\Run`
Info	Libraries used to perform cryptographic operations:	`Microsoft's Cryptography API`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryW LoadLibraryExW GetProcAddress LoadLibraryExA` `Functions which can be used for anti-debugging purposes: FindWindowW` `Code injection capabilities (PowerLoader): FindWindowW GetWindowLongW` `Can access the registry: RegQueryValueExW RegSetValueExW RegOpenKeyExW RegDeleteValueW RegCloseKey RegCreateKeyExW` `Possibly launches other programs: ShellExecuteW` `Uses Microsoft's cryptographic API: CryptAcquireContextW CryptReleaseContext CryptDestroyKey CryptCreateHash CryptHashData CryptDestroyHash CryptVerifySignatureW CryptImportPublicKeyInfo` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: CallNextHookEx GetForegroundWindow MapVirtualKeyA` `Has Internet access capabilities: InternetCloseHandle InternetOpenUrlW InternetReadFileExW InternetSetStatusCallbackW InternetOpenW` `Can take screenshots: FindWindowW GetDC BitBlt CreateCompatibleDC` `Reads the contents of the clipboard: GetClipboardData`
Malicious	VirusTotal score: 3/65 (Scanned on 2018-05-23 15:15:29)	`K7GW: Riskware ( 0040eff71 )` `K7AntiVirus: Riskware ( 0040eff71 )` `ClamAV: Win.Trojan.Agent-6326965-0`

Hashes

MD5	`735439cf5e6fd89bf9c6209d0786884c`
SHA1	`a9cfb4248587353f10adfc4a36cb8c08cfc5c2da`
SHA256	`3971821104aa2d5f947373a1d2fb7d7d5afb2789a2a1cc6a4ff69302efcdcd49`
SHA3	`f97901df3f9bde286991d4f8c6bb6b36974c848155c28d67823cabd966c5fddf`
SSDeep	`6144:MVNomLv04MRjJWcd9R61SDuTTJVf7rbmteHnQHY+bLF0B1X/1xO3SaA:MVNnHyrR6kYjCcxSLKNx`
Imports Hash	`d34e3fd4371717f0707bbf1ea7f462a8`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`5`
TimeDateStamp	2014-Aug-23 09:24:50
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`12.0`
SizeOfCode	`0x45400`
SizeOfInitializedData	`0x6ec00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000023944 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xb6000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x4e20`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`48c8e59d4c4870a73673c0cde13a2906`
SHA1	`f35739d49fe1bbaca833a57466fe3b1a1ecc59d2`
SHA256	`c69e701e9bf85b3ff9743ad018107b7ef0798644f0429f151dbc782708c5637a`
SHA3	`b90254736471c3522a9ef75fd4427a897091dbd68ac0ee86477bb4b12e843331`
VirtualSize	`0x452f0`
VirtualAddress	`0x1000`
SizeOfRawData	`0x45400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.39037`

.rdata

MD5	`f0f65cc8d0c05f6028a5af09f6a35fd1`
SHA1	`81f3122ebbeecd086a89282d60b034c7fb1361b0`
SHA256	`b546c93fd2d5c7d53505d8200892ccbb2f187ea1a376bf7ff4055430c0b4c2c9`
SHA3	`ba0d5d34d01bc0d305aff1cc6f84eff9fa1fe41f22b2d037c4e2c64767a5b55a`
VirtualSize	`0x19ad0`
VirtualAddress	`0x47000`
SizeOfRawData	`0x19c00`
PointerToRawData	`0x45800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.4509`

.data

MD5	`ff055260a6152330e875d49f1e44fa05`
SHA1	`588bf9104ced8da13106f256fdaa4c1e6ccb8546`
SHA256	`0fe6ce4556298c33eaee9f7b0499a90bd37eab373f95f22f6928bee37e1efd1b`
SHA3	`fec70760af00ac413158f7edce49391660f83790b6b20b98d0009c9ff71e524b`
VirtualSize	`0x40f88`
VirtualAddress	`0x61000`
SizeOfRawData	`0xc000`
PointerToRawData	`0x5f400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.83051`

.pdata

MD5	`4f1196766d65f873136a41f0c59a9ba5`
SHA1	`2455d191f81f8e9546f2cf3fb4df7ad4fe0b0fbc`
SHA256	`c50264b10b2d7326ee761a65af31e7c3d29833cc7cfa06691c9fcc3a0bccc077`
SHA3	`5345d283b9efb35dbdae424d29b23c49b6a1d63c9d9828ba0a58ba07007273f3`
VirtualSize	`0x3fa8`
VirtualAddress	`0xa2000`
SizeOfRawData	`0x4000`
PointerToRawData	`0x6b400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.6612`

.rsrc

MD5	`6148c6073279adba298aa44be08c72fd`
SHA1	`e3ee1892eacdc42abd4274461a2031e31109fc8e`
SHA256	`263af0231e6df1413494e64f9c6c11950c94ba2de03d2afdf19ffafce7d420d9`
SHA3	`19d789a16715cd4fafb712bcc6361e2b65c75d2d46852ec80e0b2786ac1c79c4`
VirtualSize	`0xff08`
VirtualAddress	`0xa6000`
SizeOfRawData	`0x10000`
PointerToRawData	`0x6f400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.46164`

Imports

SHLWAPI.dll	`SHStrDupW`
COMDLG32.dll	`GetOpenFileNameW` `GetSaveFileNameW`
ADVAPI32.dll	`RegQueryValueExW` `RegSetValueExW` `RegOpenKeyExW` `RegDeleteValueW` `CryptAcquireContextW` `CryptReleaseContext` `CryptDestroyKey` `CryptCreateHash` `CryptHashData` `CryptDestroyHash` `CryptVerifySignatureW` `RegCloseKey` `RegCreateKeyExW`
COMCTL32.dll	`InitCommonControlsEx`
WININET.dll	`InternetCloseHandle` `InternetOpenUrlW` `InternetReadFileExW` `InternetSetStatusCallbackW` `HttpQueryInfoW` `InternetOpenW`
CRYPT32.dll	`CryptImportPublicKeyInfo` `CertFreeCertificateContext` `CertCreateCertificateContext`
KERNEL32.dll	`GlobalSize` `GlobalLock` `GlobalUnlock` `GlobalFree` `GetTempFileNameW` `GetTempPathW` `Sleep` `LoadResource` `LockResource` `SizeofResource` `FindResourceW` `FreeLibrary` `LoadLibraryW` `LoadLibraryExW` `LCMapStringW` `CompareStringW` `EnumSystemLocalesW` `GetUserDefaultLCID` `IsValidLocale` `GetLocaleInfoW` `FlushFileBuffers` `SetStdHandle` `MoveFileExW` `GetConsoleCP` `SetFilePointerEx` `GetProcAddress` `TlsFree` `TlsSetValue` `TlsGetValue` `TlsAlloc` `TerminateProcess` `GetCurrentProcess` `InitializeCriticalSectionAndSpinCount` `SetUnhandledExceptionFilter` `GlobalReAlloc` `RtlVirtualUnwind` `RtlCaptureContext` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `GetSystemTimeAsFileTime` `GetCurrentProcessId` `QueryPerformanceCounter` `GetModuleFileNameA` `GetStartupInfoW` `DeleteCriticalSection` `GetFileType` `ReadConsoleW` `GetConsoleMode` `ReadFile` `GetStdHandle` `GetProcessHeap` `HeapSize` `GetModuleHandleExW` `ExitProcess` `GetStringTypeW` `GetCPInfo` `GetOEMCP` `GetACP` `IsValidCodePage` `GetCurrentThreadId` `SetLastError` `AreFileApisANSI` `IsProcessorFeaturePresent` `IsDebuggerPresent` `LeaveCriticalSection` `EnterCriticalSection` `GetCommandLineA` `HeapAlloc` `HeapFree` `DecodePointer` `EncodePointer` `RtlPcToFileHeader` `RtlUnwindEx` `RtlLookupFunctionEntry` `MultiByteToWideChar` `GlobalAlloc` `RaiseException` `GetFileAttributesW` `GetEnvironmentVariableW` `MulDiv` `UnhandledExceptionFilter` `WideCharToMultiByte` `GetModuleHandleW` `GetModuleFileNameW` `GetVersionExW` `GetLastError` `CloseHandle` `WriteFile` `DeleteFileW` `CreateFileW` `HeapReAlloc` `OutputDebugStringW` `WriteConsoleW` `GetFileAttributesExW` `SetEndOfFile` `SetEnvironmentVariableA` `LoadLibraryExA`
USER32.dll	`EndDialog` `DialogBoxParamW` `CreateDialogParamW` `CreateWindowExW` `KillTimer` `SetTimer` `SetMenuDefaultItem` `CheckMenuItem` `IsClipboardFormatAvailable` `EmptyClipboard` `RegisterClipboardFormatW` `SetClipboardData` `GetGUIThreadInfo` `CallNextHookEx` `GetWindowThreadProcessId` `GetClassNameA` `GetClipboardOwner` `CloseClipboard` `OpenClipboard` `LoadBitmapW` `GetMenuItemInfoW` `TrackPopupMenu` `ModifyMenuW` `GetMenuItemCount` `GetMenuItemID` `GetSubMenu` `DestroyMenu` `GetMenuState` `GetMenuStringW` `LoadMenuW` `GetSystemMetrics` `IsDialogMessageW` `LoadIconW` `UnhookWindowsHookEx` `SetWindowsHookExW` `FindWindowW` `GetCursorPos` `MessageBeep` `MessageBoxA` `SetForegroundWindow` `UpdateWindow` `GetMenuDefaultItem` `BringWindowToTop` `IsWindow` `RegisterClassExW` `PostQuitMessage` `PostMessageW` `DispatchMessageW` `TranslateMessage` `GetMessageW` `RegisterWindowMessageW` `GetSysColor` `SetCursor` `SetFocus` `AppendMenuW` `GetSystemMenu` `EnableWindow` `GetFocus` `GetDlgCtrlID` `DestroyWindow` `LoadStringW` `GetDesktopWindow` `IntersectRect` `ScreenToClient` `GetWindowRect` `SetWindowTextW` `IsWindowVisible` `SetWindowPos` `ShowWindow` `MessageBoxW` `DestroyIcon` `SetWindowLongPtrW` `GetWindowLongPtrW` `GetWindowLongW` `InflateRect` `DrawFocusRect` `GetClientRect` `GetWindowTextW` `InvalidateRect` `DrawStateW` `CallWindowProcW` `DefWindowProcW` `DrawFrameControl` `LoadImageW` `DestroyCursor` `GetWindow` `GetTopWindow` `ReleaseDC` `GetDC` `SendDlgItemMessageW` `GetDlgItem` `SendMessageW` `GetForegroundWindow` `IsWindowUnicode` `MapVirtualKeyA` `SendInput` `keybd_event` `ToAsciiEx` `GetKeyboardState` `LoadKeyboardLayoutA` `ActivateKeyboardLayout` `GetKeyboardLayout` `GetMessageExtraInfo` `PostMessageA` `GetKeyState` `GetClipboardData`
GDI32.dll	`GetObjectW` `BitBlt` `CreateCompatibleDC` `DeleteDC` `GetDeviceCaps` `SetBkMode` `DeleteObject` `CreateFontIndirectW` `CreateSolidBrush` `SetBkColor` `ExtTextOutW` `GetTextExtentPoint32W` `Rectangle` `SelectObject` `SetTextColor` `EnumFontFamiliesExW` `GetStockObject`
SHELL32.dll	`Shell_NotifyIconW` `SetCurrentProcessExplicitAppUserModelID` `ShellExecuteW`
ole32.dll	`PropVariantClear` `CoCreateInstance` `CoInitialize`
IMM32.dll	`ImmCreateContext` `ImmReleaseContext` `ImmAssociateContext` `ImmSetCompositionStringW` `ImmSetOpenStatus` `ImmGetContext`
api-ms-win-core-winrt-l1-1-0.dll (delay-loaded)	`RoGetActivationFactory`

Delayed Imports

Attributes	`0x1`
Name	`api-ms-win-core-winrt-l1-1-0.dll`
ModuleHandle	`0x9a0c0`
DelayImportAddressTable	`0x6cf28`
DelayImportNameTable	`0x5edf0`
BoundDelayImportTable	`0x5ee68`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

199

Type	`CERTIFICATE`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.89185`
MD5	`2650900294a9dce7d82710d5e266763a`
SHA1	`e199f9108e080a7bbb1a56c3bdd37a20723f2932`
SHA256	`26026ee0e957d84113051ccbdae23a7d23e1db7f328ae2019544847a662185a9`
SHA3	`af24bd58e30d775642d478ea142f3b2a23b37108bd4419ffbff468ca15c24752`

37

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2ec`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.70483`
MD5	`464d0d5321f7bba5515c16c693e9f38f`
SHA1	`18da17a7b9ac4ca9d0a477943f8d01bec1025064`
SHA256	`e88df1b5b6768548f54cdd5caaded14ac9a00b78e92cfec67b971550d9d65f5e`
SHA3	`91bbad2363c8ffbc1270ad149520772be607fe206478082ff3135eccfdf24d0b`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70446`
MD5	`b2307ffcc692e4dff9e9ff84059d506e`
SHA1	`685230658f35335bf5383198e940be6dedfeb421`
SHA256	`74d1c31ea0344731b987168a9356f4055d85be747365e6945faf4e2281d60859`
SHA3	`2b9ac1fd50377af1c7c1350e9b8f0c542ee8b3cabaea95b77948fbc20a30691f`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10697`
MD5	`369a8ead9dcac5fdde8a822056985e0a`
SHA1	`1f21ee2505b9b37b08d99e189ae3c7c559709782`
SHA256	`69019ee1c09eca89d03126f18ddbdd1dd3e81a50aa4c3f462f049ff5e402e9c0`
SHA3	`7065630217dc5ab2eee88297070d6ae61cd48b8dfa74c704df2137af7766eafa`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74404`
MD5	`ae8ba322009439825228914d57ca77e2`
SHA1	`8a7f2814b0f0ae38ebff37170519cf322364cb4d`
SHA256	`e1c134dfcce445abe70040b2ff2f092cee4efeda84e737a398e6e436518c83e1`
SHA3	`3cc60b2d38a3cac0abc1ad9dfa1b573bc826e426cac642758bd0d6b1c86fced7`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.67587`
MD5	`adbd85bf0c261ca7db9bb5bdd4afe0d4`
SHA1	`f11778654348744d2aff7d874ec985ac9ace18b2`
SHA256	`c327424b9bed85deee9c9b4793bdbfeb7f4fe3106576f2815c89721ed7e902a5`
SHA3	`80d53a75b171d14a55da933ec434b6c719a95c49bc86dcdfef56279c6de7c03b`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.20496`
MD5	`68a277ae2d70b0557b4ed5122c0aedb0`
SHA1	`8e24a0145d58f46b85ed26f250fda4c0e6ef3840`
SHA256	`774dc9afeb1c00dbc74d3f0ab57639c720773929f984d96a03bd0332a819be87`
SHA3	`d7407e097562793f6d483d705f6d81d9aeaa470ce2a495d95c71d8211aab3800`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.78361`
MD5	`a9fe334486570ab727823fe3931f49f6`
SHA1	`0f3e156fd8f4f71ab47d7c5ffeadf278730c8b57`
SHA256	`16fa6e8b0b8e2d26180220f015b71ad4b135e95a7c92d9bfe6545874a4ae197d`
SHA3	`4d5b44cff241db061596f39423e9263a0978da46822aa5a387d70709a8b0e990`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.76981`
MD5	`e816d0e92891d8e219a85f8bdc7d6cec`
SHA1	`b2f86382d8d91044e5fac01e50d6c774216252f7`
SHA256	`1eca6d85ba6e769c2b29b5cbb47b31bd2aa61adf8ffda8ed3566462c72b1b0ee`
SHA3	`bf743276f9bf55fd51485e306aebb82f6d52991510b76de2dd49354501217e21`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.02595`
MD5	`338d6dc65fa2f03597b010fb98d7086b`
SHA1	`7edc90725ba48235d1b8c6adfbbbddf62dc21e72`
SHA256	`d872d1f38263b5b78b2935639ff15b323aec4ba06d42f856577145abc24dad5c`
SHA3	`76bc3d3847f0bb5c128c915e886fa16a7659ed4a061095479302cf76dda91649`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.93692`
MD5	`a20b5febeaca27334b69179a1c101cb7`
SHA1	`440acf67a34b283a8b637287e57c991c914b53cc`
SHA256	`d21202f01fc0200b82ed3ccc5c5bdad2e3e367d060d20b910e978090d7da3a5b`
SHA3	`4fb8e3950c67754df94c256c3444b98f8a2c378f701d731d9a84d42bef738a6c`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.77166`
MD5	`891077e0fe07a8242ce09f48cb1472f6`
SHA1	`22498361731209a138601e4887f415f7c4a6b364`
SHA256	`feb0b49dab5c9d8226b7d13dd808d31d20667bb5ec609941aaa7d6bb574ae42d`
SHA3	`fed2a6d2183896bb5390dec8de269e0676e2eec13cc8b5cf4a788b329ea0ba16`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.98468`
MD5	`437dc8347d736a0a0af9a9ad2cfb1697`
SHA1	`0630c7cc7707ac2b2acf4d31a2622eef197b2bd5`
SHA256	`cdd422c216b061c71c80626cfd02b43a8389153b8a28d352c75eb55ec71a5e78`
SHA3	`47d13011ede0e045dc2cbc2c1579d3a6ed75dc4289f35efb694fd8687e1b9c54`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.31569`
MD5	`e860f12e2f44bcae25388a926966d7b3`
SHA1	`acc47bc2527ed66aa565f7eba7e8459a2c03bb97`
SHA256	`6b1de80abb44fae57151b8044e6cf9a66557c48b32c195dfe9cc07e95c68e29f`
SHA3	`bd6eb4d20e07d9f621c6842e88d4019805b6db9d7b75f7a4a1d602f113baa3af`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.62105`
MD5	`3b20bdb9222b272694f6e5bfb7d45f30`
SHA1	`e2cffc03a684112e7b6b03ac9e88dd0ea7ea4363`
SHA256	`f170ae387586e101916f63776649f4af22d2b00cce5a9d8dfb98aa416c26869d`
SHA3	`621e7f63ae87f551a14015c20bbb1c0daf3f78ad9787b9a210ab0711e7615765`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27362`
MD5	`5e6f9cc877caa64e6f892c829a3226bd`
SHA1	`d051489e5c5ce06a66840fb3c28f3434138a24b1`
SHA256	`466ac0f65e52f634fef7f77e63ba594ca765b6b625b586a4385853b7eb274405`
SHA3	`3e691310449912ce9c248285f4181cb7f3a0c2685d2daccf814e4010958f40d2`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.81328`
MD5	`1c55e3aa7e0b8ab1975b191e39d4d024`
SHA1	`bcac87cbd6c037994bb0d6dc7dbfce27ea9a39a8`
SHA256	`7bbc2b5726e3ad514b0e49e0e2a31b7565a5e8b6f0ffda621151bc0c7dd1d699`
SHA3	`b95aceb74b50249add41eeafa04e30a24bffd2214e73fd2ff5517cc7fe7da3dc`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.23786`
MD5	`05afb3da3ec186347a34e719f29050f6`
SHA1	`6b17ff100173cbcdd803ecbe297f5f338c5688d4`
SHA256	`740f3b94a9f4631bebdcedc7f96c847cea983a3b88e9179fd513d02ce11b59e9`
SHA3	`e2d56817b940a414feacd880fbc9876d7366f1be238d9a0472a1799d377656c0`

17

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.57326`
MD5	`31a32f2424d2e6134d878ee45d1f8ba5`
SHA1	`a79d6a1f725336399aeee2df3397f235efeab6c7`
SHA256	`8cff3655fde30deb2540884118d289baf3fc2d50457de01dba766c5d3b4a7e06`
SHA3	`530bf5862b990be093d77ed9e94fc42d9403c768b0a16b65672c7516e0a104e9`

18

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.52465`
MD5	`fc10244ca66266b295ebd3a9e9f48ce2`
SHA1	`a1412ab9434ee5fe455f9ce503cf4cd0307b9e07`
SHA256	`f8bc131d94deab82ef539ea3cc15f74982b518e04127bfa2b018f5d37e6667dc`
SHA3	`77c84f4ca3dc7af1133385c864ecea115330a5e64336298b764213670659d89b`

19

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.79209`
MD5	`471244400ef241426f3cf57149ff326d`
SHA1	`9fefd787da73a5f72352569eca64d505c22866c2`
SHA256	`855cf53ef858889b37f39f2c32a70c1868568dd21d499b525c7043c427d335be`
SHA3	`8100673f70c1d61cc7fee77848a614609149cf423a10e407c212d457bbd3e452`

20

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.43709`
MD5	`fe33bb0891fbbbcb7c6bc9af4f93190a`
SHA1	`5f7c94e0534d39b492143efd61814b7815a75afa`
SHA256	`a9f502435efd7ca9a5c9592a7919cf9c887ebf95c9b171c4e18bf99aa78206fe`
SHA3	`45bd29f5ae22d259e4599c526123cc454aa0ad50eb13a699da18a776c4a42751`

21

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.01683`
MD5	`271e86de9c66040b57bbe4c8eaacbed5`
SHA1	`f2522c6d7ab9e388dd96d6bde697394076482825`
SHA256	`2d58fd7ed2303f7daa43ccec52db7585bff3cdd97c9f8f6c8c4684a89dbcad0e`
SHA3	`1d46fd7cca7f470dfdd3dfefe8964643fd0352f98fa4cd6f0e8f5e7f69dce9eb`

22

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.867904`
MD5	`29822f8b3ae04900acd31c172f0c8cd2`
SHA1	`34162d83bd529c49ee4ef1b88b5add25c0566f7e`
SHA256	`fa7ef8bb10c532b04fcaf2db2c1c16d33b4232eef98a1fccb3a13e6aac5b09de`
SHA3	`956c6ba15aabfcd6a5348e7e0b432fd4c56e685f79182a48d11ba58797fdaa93`

23

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.73117`
MD5	`ef6208e8e7ceb2ebcfbeab267ad6ec30`
SHA1	`de9e7292593a2bac7a985b45221d20ee1fe888aa`
SHA256	`cb7782c4a12a561cf671af2d05e9441b14e42cfb288809457424631a6eb50b28`
SHA3	`2aac21b3deb5d92ba5c485ce5976d66f270d6d21a8a084a02ad6e443aee4f43b`

24

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.58961`
MD5	`54b1c6916ea8f9841ab24e88241ca219`
SHA1	`96677bf757b764a0ba2a4af6caac1c316c2b5e30`
SHA256	`68c27dde54ea123ac7c88bd283ef32f167df2be6b169fd7ec47d22ead19ef27e`
SHA3	`c10acf2edbd7a1abce9fd80f136cc1597163fef3a2b28205aaf9275bb23663eb`

25

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.79506`
MD5	`857a3ac3951b770077d0c7ef8d80a509`
SHA1	`faf6bef3d2f2f1abb3a54037acab8cfa26c8dd15`
SHA256	`8fd6fde5fba3ed88116b8bd2dbdaf09e6ffc7bff8b91cb9918b0da71034ed164`
SHA3	`3947b0b98c40d3778c9571ed653cc5134383263ed6f1cfdd758a9f3878ba5ca6`

26

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.62294`
MD5	`b1b1476f97557e9500754c9a5ba3b08b`
SHA1	`5e018f4f358bfb7f9609b1e560c73e28fd0246ed`
SHA256	`51d68f3d174ea889bb005b917007ca27cf47e6723d73caccb1521e1bdc5ccc78`
SHA3	`933fa02b016a52d022d235ff79a9d53b105c499fd6c21b3e1a2285cbc5986dcd`

27

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.82428`
MD5	`b801bb19f285bd23328d7fbde3d477b6`
SHA1	`6b9d67f1945ff9cf471590fad5efb83ba4836fc0`
SHA256	`4215eb572c2cec2ca1c76b0c62ba61ea80af50c76b1ed87193614e00572875a2`
SHA3	`d1fcc10bec05fa5526d6ff6814e664fe24414ba26cb83c12ff9915537c84c3e4`

28

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.07998`
MD5	`8e3dc9d116c9a4d5618b967a44de150d`
SHA1	`875d0ed97596807ffcf161c7dd6c464acc160b4f`
SHA256	`b6c95e8dc3f8d6c681afe664cdcc75ad5ae1f580483f39c22736ffd925e2cd5b`
SHA3	`f39ae6bbecf648254478228a25ffc5c1dec7b1fc6c6715eeea91ed55ad066a50`

29

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02665`
MD5	`1a3ef5aba4b2287acb85df47e8a5b212`
SHA1	`bf48343e6f25c66559972a3e7d18c3d019cbbab0`
SHA256	`79f0e63aa9b893e1bd9d7ca48efd8df70844269f1995e2fb56c77626ea358bcd`
SHA3	`b47931b4dda2370a03168d659e4c5b81c8e5d0a33aa66141f30e8a4f9e9c74fd`

30

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4791`
MD5	`649181c817370cc8f16d6d9d07c0fa9f`
SHA1	`b4f29642af5cbfb409d065a7089818efb536a52b`
SHA256	`5c325361e3ad4d4c1975ce01ea39b49aeadf63b91ecc52d742f9a97830e88f14`
SHA3	`33f1641032b7dfcd02125bc892b1ec9dfe6555eb0d212454d4b0404e4f352a0a`

31

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31755`
MD5	`4034c828339b98a1ceb28b33f9c1f73b`
SHA1	`8f5f21d1137a4987c62160de0d17e4e9940be149`
SHA256	`365961270046a999b5342b8844f00b38ca8865aff7c7c6d18065c258ae1f2b7a`
SHA3	`73f99a2526b3fa9709f1cf8ad007bfe550c8bbc94e745d24ab172913280cd3a5`

32

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.39874`
MD5	`34ba594765a89f26844e313369e40733`
SHA1	`670a5e363a010abf4e8213354954d60107b3636a`
SHA256	`17c2a85be144c7c01002e22f60a7c0282d32ee321c590577a43d10f19bf5769b`
SHA3	`12dda6beaae173aa230d5083629e235037328fefc4d2733bc9ab7fe4db092734`

33

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.88316`
MD5	`76a3c185ed2327e39e0be5d8b0af2838`
SHA1	`2e274c9066fffe14578e04a3191aa1c5332621ac`
SHA256	`a5233ca00fbc8ea0314f6f773e946021b69b099706726698457cab54a984bc81`
SHA3	`387321cd193a0e941a200ad29618457777b4fa0f5b57495fca108947efb435e9`

34

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09874`
MD5	`076a90fdcb6889d35e34bcec21b97d9e`
SHA1	`99e1569d08985bcff1e79e4864a369e981772469`
SHA256	`61af02ae30c466da72db671c508570484ce75e41db4cae011a75636ad93d85b9`
SHA3	`e71cec3907f38b63c1a7a9e3a0a071933960c6e6d9c553ec06c35dc98114cd6c`

35

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.56808`
MD5	`8dd3a889aa6b229a81484db1ef1c4122`
SHA1	`6598821966c9e6ce7cd4044344ac05beed53667e`
SHA256	`2969034b1cd0f0ae8c66a762bf3253ffef5bbcaa9f6a43ec6e417300f40bd063`
SHA3	`e978b9d059166fec21c88a58f9058e9cc858edd94aa12e50491b60d24176ca20`

36

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04612`
MD5	`7aa90644a0e0c4c2c5bd60e23f051129`
SHA1	`9a28d6ad0d6d1e01c4501b823abafcbb02683ee2`
SHA256	`d33a2074c11e0eabd75f9c30e45400af9a4e196f202d0269cf094299c7936a38`
SHA3	`c56f5e49e4e7e49c5fc676e6c61e615cef93fac60a652880e7cb248ae969f810`

104

Type	`RT_MENU`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3fe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50819`
MD5	`c448126646298953f761f45fac91ece1`
SHA1	`c74d591fdd008c3e0f73e705bf389d8d32857b22`
SHA256	`fef84d77e1dce575a9262529f648a1310a6c992a587c89863d6178fa78d101cd`
SHA3	`766dd8330fcb50159e5ea4f4eb7ed2a55ca58260353b957add0b848cbd6754fa`

105

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x24c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35764`
MD5	`549fbe6232815f47cbd661f7de2fec0e`
SHA1	`cd41bec2dc816b47327049750f3a143f15f9d8a6`
SHA256	`dd302a7424316aeb8c5b522dac3350f038ab02b54229b08071e3f7e1065401d8`
SHA3	`51ffd0315802c305e8dc02c81be1766a703c9637348a03c3f5f8bffea0406c18`

129

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x82e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.55354`
MD5	`618daf86e3954e4f1dd3def89e992d94`
SHA1	`97d01e0719f4be0ad63e469a829bdbbe96bba2d5`
SHA256	`e7c974b402795fcfe3d71f4d8dac6c1695f66fe480e36ba44d349747d32a435e`
SHA3	`575f47429dfff5ec2bc96e83d8e1fea6bc9ac26a74546245cf22c42b1dba6411`

135

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x520`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.31825`
MD5	`8ce9103ee5274876d8567d8068c335e6`
SHA1	`0eb98d96544e471ea27c38e386dca4a1f015e499`
SHA256	`eaf9c5c9fc48956ed54486a9acccd9a1f6151ff779efe41087a18af7e1614e67`
SHA3	`48a5c494a96a0405698cedb82254f414bed02b2ab8bd7bf94ddef53b80500568`

136

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x322`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26456`
MD5	`309f43ec0e8f5d27b4a729302555c871`
SHA1	`b64f18360feee25a3f6c8da859170341d38961b6`
SHA256	`bbcd8afcbe686c5fa20052813766305e18426b9bcbdeb8b6186049283e190be2`
SHA3	`ce84d45678f269a760af840072a762612211cdb4ffee5e06378cef26298a9b2c`

145

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x410`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25832`
MD5	`6ae9ae57cdb85333211c60a94a49af87`
SHA1	`b0bfcfffe1e61707b221d999d644ee36e27e3e22`
SHA256	`04e2b4c64a1c176c6dc6a50265e271990814d0a37d42d93c30b45668b4f50006`
SHA3	`465ec457b808a4d21db4989e91f897ac57f5819023cfaf660a1cab1036510632`

187

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3aa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25516`
MD5	`10e9c7f4dccedcae3b32b62ef4604d44`
SHA1	`04e49f053347aadd92dd3f06e512160691fdbc29`
SHA256	`9aa11eeea2f51d2d98f4e4155c6f36b806d9508de1f602417c07627c6f494109`
SHA3	`0baf9e374747f6d06f85b8a8b9ff03cc5ad87e14e2026928d96524f08bb5936f`

7 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x54`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.25884`
MD5	`9ceb3d62861fb2f169b688cbb34f5cb4`
SHA1	`58b13883af65451b2a0bc19dc574ca8a4b4abcdb`
SHA256	`4c1fd0c5fc8f73eaeea493fee629c7d787cb054aed612441416ea9fe874be8ca`
SHA3	`7611db3720787bff9ab7e3034db14e0d83c6180ed4870c82bde4cb193794d0b7`

119

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21924`
Detected Filetype	Cursor file
MD5	`0760a8b46f45d7cc36dfa6dd647236ae`
SHA1	`5f48d9b201891c039945e4437a8453bcc51a50a5`
SHA256	`839d20e20073fdf26d57174375fa778f12b6f43e3cd981501ec0e74beaf6ba3c`
SHA3	`9c5c79449695b4fb4405540388de272dcc108b51c12199e508ffb55ef6866fe4`
Preview

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70113`
Detected Filetype	Icon file
MD5	`6dab0b01bb7a5421332748270816c6ce`
SHA1	`38ce2efcc736a15ad4120085ea351572766edc26`
SHA256	`befa053e85cb304f5419d380a19e61196374179ab9895062460bb3b8bdad5c56`
SHA3	`8a9e45a50a9800eac98b7f10e2f380a5d0362091c2ed69fa5b0c843bc91c2e43`

129 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`3cb4826fd7d6a1507532a98bb326c8b9`
SHA1	`988c8bac7e03fe580a9ce5807ebc6a6be961dfd0`
SHA256	`c8dc63ab1412d74c279ef957bc93a56a67a17740dc6bc870197bba9c9ec092c3`
SHA3	`6dea4e87df0afc58d487c1771a8dc35afd8ee08a36d615f83792e46c84b57cd3`

130

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`c2a61e07833e714a09d96580f5f1746f`
SHA1	`ed061f53d9a2651306f4929c6f450ac527d322bc`
SHA256	`99355b494daf56258dd68e49834bd583a2276a9cda7461e74690a1c5abba3bb0`
SHA3	`4ba58963135c8dba6b8a6ad6660157f5d41c87b246f0eddb4b88b6bd36dda507`

151

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.38706`
Detected Filetype	Icon file
MD5	`6c5debaf60f3130dcbfa4dceea63d08d`
SHA1	`78bbc107c81dd440e205f797ea15035e0b4479bb`
SHA256	`ace10f349f594a3ce7ffe7d4fc4f689883ce1c332621c798c9a5e81229d5e590`
SHA3	`06736c764ec7f3fd7c9fd67bc32b8bb4ec6e10cfa4c55ba232cf0dbde0232314`

152

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44589`
Detected Filetype	Icon file
MD5	`47cecee139bb464a8d5a97b7eea6ceae`
SHA1	`d3585294abc44a526289d1976579901ec142c7b0`
SHA256	`0f2e5f2da5e37623ef338b6e0f51133ca72f7b1518bdc3c58185ee70f34b9c6f`
SHA3	`bf5292553af328ad7cfa21337dad17708c8846cee495e731e223633f0aae6b6b`

153

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44589`
Detected Filetype	Icon file
MD5	`42a3369cd23a7a3ff844323a8d81f3c4`
SHA1	`5b002bdd705efcb11470432f38aa2b6840e0eaeb`
SHA256	`ef677fd1b45521b03b311130e12851e5f308b38259cd2201f3bdbfd36496c0f9`
SHA3	`4c4a96b1204cc9bf5d6b7a5ce106b15b98b55a22c80580317acc13009217d25a`

156

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44589`
Detected Filetype	Icon file
MD5	`460b020acf98433ffb7d3e22e6511cbe`
SHA1	`1bdacbe6f1eca24ad6a06b5435cff64a7c4106dd`
SHA256	`a1f2a8bd7a2b81ed259b31c48a5db38125a8ce9a9014f08e14aa1297518c0695`
SHA3	`40fb63f315b9295a72ad97b08cbe3ad969dfc7353fb311ea30697b0e089ebea6`

161

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.33972`
Detected Filetype	Icon file
MD5	`462f811067c4a9ae624bbde6f172c234`
SHA1	`f99f942a5c32c788913aa70f42ff33036d843052`
SHA256	`f79ab9ba4b7d775b1399a32ee03c4e2a49a6ff6e3732f1af6768bc485130cf5d`
SHA3	`4bd3ba823ceb98d0afc1cba48b7a55e2b266a98034b534c29dedb47a3f7ff1db`

162

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44589`
Detected Filetype	Icon file
MD5	`fb75a1623f80701bd5f906ecd1816e45`
SHA1	`39834aaafb8667bb20245802447bf4f94498eb6c`
SHA256	`a599da9ff0ba1b4151c8d94644cb775999ce300dbb923d2c5f31abecd502d0c3`
SHA3	`b11f8aaa848d36f5b093ad11a5064cd1104c557aaa3bf172972578a3ff2381d4`

165

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44589`
Detected Filetype	Icon file
MD5	`a704658b29e3930468e5b6b3a5b66c8a`
SHA1	`81086369391a7b2380b6b5f9908cdbe1bf78fb82`
SHA256	`81c2309e55bfe0182ca36e42af00dd4f9a1792b2ebe15542d1bc2c845f9c8850`
SHA3	`510f99aaae8d92b4a7b8d87ddb84bc29777ec903bde5f87d38c67803d8fa9ae6`

166

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44589`
Detected Filetype	Icon file
MD5	`01e87c4ecc36832cc8f77edc20cdd6b0`
SHA1	`044a582df15c31396de2ec92578dec30bca33827`
SHA256	`91e30ba83de1d6612e4a11d80a7cf7990ec2cc8aa037aa5e6a27580fec102cef`
SHA3	`00e85e762aba2dcf80f5b767fa0c6a41cc9f93002c0ba30a97f4bc78129ceebb`

167

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.38706`
Detected Filetype	Icon file
MD5	`0b79c491f9d2990e1a09d0ff14ae2ea2`
SHA1	`3f8d9a96f208ea55464b9e4d98f07ccb8806ca45`
SHA256	`10c519dea6b87c33fc052e9cb5dfbb135dd9db33ed6903538816a25f0628d140`
SHA3	`a369a2566da7e7694bf41d023bb6f67452c1e03c537f250800117cb6c7a0a929`

168

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.44589`
Detected Filetype	Icon file
MD5	`661e4f25aecfafc21a3dcbccb1361d0e`
SHA1	`b4de02d8b631f997eb57288a62c421b1a50a5a8e`
SHA256	`12ed1886dd7cddc129699b0d8466b6b466aa81b6883435972435858eabb27aa7`
SHA3	`89178699dfca45a0ad2e26bb4854b01596a5ecff1bc949ab30292a579d6ee23f`

169

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`69d1a7552457acd76e7fcea09fc7e374`
SHA1	`df9245973612b06e15df00934a9f8beb573f1bc7`
SHA256	`7ae349816356bc1857b7ead541f813d386aceb3ebd16d0be42c3e9f58c8a6c42`
SHA3	`92fecbe5bdaa927567d13bd434eb02cc999865020cd6770e534f4179938ae245`

170

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`510b348777069272c65fc019e7989677`
SHA1	`fd170388d8354b2481937768dda548c43547abfa`
SHA256	`45f81869e2b9cee348c59ffe05255e04d71daeda7b0dd0089f2814acd6d89292`
SHA3	`bd0ae22d0ea4b3b054e8094b352f087837407118107d2a657119ac8c2926e878`

172

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`7b14b5427e9600d65805d008ac166049`
SHA1	`2f80ccf5b82ff1633aeddb70fd3a4dfcc1b7d371`
SHA256	`215752d656a05ee54983a8fbe609e93d26e03dcebbeb03d345eefc8d9e476d39`
SHA3	`2e15c2b4acaeab14983e5556a5127c8e0c3fa4bf641583bef459fdcbd4fe6cee`

173

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`b45f291a0e9ab3f7d6552645bc96bc5a`
SHA1	`8cf975782f8a646083a8598730029ce23aaa6f56`
SHA256	`96b648ea96f866b5ff2f5dbd91ce74f0511af87fdf69d56358e574adc0a66b88`
SHA3	`d93976c21ac5f0b79a707570a75b4415f9d000c2d6f3e51c2eddef3277752479`

174

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`ef3177e02b83a737390fd59b37630fcd`
SHA1	`558001164840a846da8ac18e15c6f15beeb648b1`
SHA256	`993b7cbb0300ea20bfb9a88e5d4e89cf9e1a8506167091e91c10bc63bf3b041a`
SHA3	`c3eafa55218c8f97aad8b405710f3c22133c3c746e1f8a717880249bf5e9269d`

177

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.51621`
Detected Filetype	Icon file
MD5	`052588976dcf7a571cc3e501952fd4f0`
SHA1	`bf10b3960ce65d21c1b8ee8ca94be9deb73547f0`
SHA256	`054d7b75a65be7b563586d5031d28e34f9f14cc8e8d44846ac507434051bf8c8`
SHA3	`2bb311a8e11f40872069c0c56c197bbc489ad72fd9ba37d18c354076d6085da7`

181

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`bef3a539fa524d3344e97a6bf160f76c`
SHA1	`546f0ea4933d0aa9a7739a16eaba23ca01cd9e29`
SHA256	`b63882bc7e1f1555764bf2a3ab526a37c9c1edc84bbdf4083c7f4652c36f07f2`
SHA3	`1d1daa43d6d056a767cdc5c95ce0b682c282aefa24bbe82182322224a4a8cf1e`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x301`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.06141`
MD5	`dcb19c12a59a704d4ad606345192d21a`
SHA1	`e0c75c0ad846e8e03f0630401298844a63222b6b`
SHA256	`3f0d47e30a434da7f9c052a476b33ba7f27435d50a5bff78ab3876c42ec6ac29`
SHA3	`113f856466f57a496d3e0b449fe6d33969a7cafaa4d7fe25009f607fe3c71c2a`

108

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2a7`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.75947`
MD5	`e0eb2f2e70c5c2b91e6c22b61418ae64`
SHA1	`fec6813331a26180c7cae7c8436508f2c966f9d2`
SHA256	`5fead36a66d8e67af2c084803b12e06cff288dc59181513085ec00ea1fc5c1dc`
SHA3	`877ca7c9f12ae38d1ca2e199ee80bb37f4f7642ec6f66e59072b99ba2d555745`

String Table contents

UniKey 4.1
&About UniKey...

Version Info

TLS Callbacks

Load Configuration

Size	`0x70`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1400681e0`

RICH Header

XOR Key	`0x839b0680`
Unmarked objects	`0`
199 (41118)	`1`
C objects (20806)	`235`
ASM objects (20806)	`13`
229 (VS2013 build 21005)	`1`
209 (65501)	`1`
C objects (65501)	`2`
Imports (65501)	`25`
Total imports	`270`
C++ objects (20806)	`82`
C++ objects (VS2013 build 21005)	`41`
Resource objects (VS2013 build 21005)	`1`
151	`1`
Linker (VS2013 build 21005)	`1`