78c29797f12fc3289bd1b1765f711b6922e0552ec28f04ce2d41d5bc83b5040b

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2026-May-11 20:33:37
Detected languages English - United States
TLS Callbacks 1 callback(s) detected.

Plugin Output

Info Cryptographic algorithms detected in the binary: Uses constants related to MD5
Uses constants related to SHA256
Uses constants related to SHA512
Uses known Mersenne Twister constants
Microsoft's Cryptography API
Suspicious The PE is packed with UPX Unusual section name found: UPX0
Section UPX0 is both writable and executable.
Unusual section name found: UPX1
Section UPX1 is both writable and executable.
Suspicious The PE contains functions most legitimate programs don't use. [!] The program may be hiding some of its imports:
  • LoadLibraryA
  • GetProcAddress
Can access the registry:
  • RegCloseKey
Possibly launches other programs:
  • ShellExecuteW
Uses Microsoft's cryptographic API:
  • CryptBinaryToStringA
Memory manipulation functions often used by packers:
  • VirtualProtect
  • VirtualAlloc
Has Internet access capabilities:
  • WinHttpOpen
  • InternetSetOptionW
Leverages the raw socket API to access the Internet:
  • WSACleanup
Can take screenshots:
  • BitBlt
  • GetDCEx
Info The PE's resources present abnormal characteristics. Resource 11 is possibly compressed or encrypted.
Resource 12 is possibly compressed or encrypted.
Resource 13 is possibly compressed or encrypted.
Resource 14 is possibly compressed or encrypted.
Resource 15 is possibly compressed or encrypted.
Resource 16 is possibly compressed or encrypted.
Resource 17 is possibly compressed or encrypted.
Resource 18 is possibly compressed or encrypted.
Resource 19 is possibly compressed or encrypted.
Resource 20 is possibly compressed or encrypted.
Resource 21 is possibly compressed or encrypted.
Resource 22 is possibly compressed or encrypted.
Resource 23 is possibly compressed or encrypted.
Resource 24 is possibly compressed or encrypted.
Resource 25 is possibly compressed or encrypted.
Resource 26 is possibly compressed or encrypted.
Resource 27 is possibly compressed or encrypted.
Resource 28 is possibly compressed or encrypted.
Resource 29 is possibly compressed or encrypted.
Resource 30 is possibly compressed or encrypted.
Resource COUNTRY_DIALING_CODES.JSON is possibly compressed or encrypted.
Resource 132 is possibly compressed or encrypted.
Resource BANNER.PNG is possibly compressed or encrypted.
Resource FLAGS32.PNG is possibly compressed or encrypted.
Resource FLAG_UNKNOWN_32.PNG is possibly compressed or encrypted.
Resource FLAG_UNKNOWN_64.PNG is possibly compressed or encrypted.
Resource ICOMOON.EOT is possibly compressed or encrypted.
Resource LOGO-BW.PNG is possibly compressed or encrypted.
Resource LOGO.PNG is possibly compressed or encrypted.
Resource MAIN.HTML is possibly compressed or encrypted.
Resource PSICASH_COIN.PNG is possibly compressed or encrypted.
Resource PSICASH_COIN_GREY.PNG is possibly compressed or encrypted.
Resource ROCKET.PNG is possibly compressed or encrypted.
Resource SPEED-BOOST-BUTTON-1-DAY.PNG is possibly compressed or encrypted.
Resource SPEED-BOOST-BUTTON-1-HOUR.PNG is possibly compressed or encrypted.
Resource SPEED-BOOST-BUTTON-1-MONTH.PNG is possibly compressed or encrypted.
Resource SPEED-BOOST-BUTTON-1-WEEK.PNG is possibly compressed or encrypted.
Resource TURTLE.PNG is possibly compressed or encrypted.
Info The PE is digitally signed. Signer: Psiphon Inc.
Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
Safe VirusTotal score: 0/69 (Scanned on 2026-07-03 13:20:24) All the AVs think this file is safe.

Hashes

MD5 a15aafde4b821e2171a6a5cf1bda4f8b
SHA1 df36ed086a4ed95e2fe1645d43d941bafc16746d
SHA256 78c29797f12fc3289bd1b1765f711b6922e0552ec28f04ce2d41d5bc83b5040b
SHA3 13678409b0a9eb7c46e679de814693712d2499f170bfabf1cf04c6fa5c9d8e5c
SSDeep 196608:8R2wuPte7R6J73Fo+LOaJOTpfB2fj6S5gkD0:txw+jFo+Lc72fj6S5tY
Imports Hash 097a53de9532d3605d91ff5bc1276e25

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x118

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2026-May-11 20:33:37
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x959000
SizeOfInitializedData 0x16000
SizeOfUninitializedData 0x12a5000
AddressOfEntryPoint 0x01BFBFE0 (Section: UPX1)
BaseOfCode 0x12a6000
BaseOfData 0x1bff000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x1c15000
SizeOfHeaders 0x1000
Checksum 0x980c6e
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

UPX0

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x12a5000
VirtualAddress 0x1000
SizeOfRawData 0
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1

MD5 f43c8e59f6529d486feea555c493cf1a
SHA1 d8b27512cd1e26c18af8b2ffa477a01e99f9c08c
SHA256 69f26388da429572a39acf652718de51ee44aa0672e86896b4b56f7c0fe1dd1b
SHA3 3d56d10ac877c2385896ca406679d4487078a8c5ca84d9649244e9df9d71386e
VirtualSize 0x959000
VirtualAddress 0x12a6000
SizeOfRawData 0x958a00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 7.93357

.rsrc

MD5 5e7639c82f1bca75f0b32f8021e5a77e
SHA1 f2480267ad67469e546769cb5b2b2ed33f2f58e6
SHA256 7faf7f44c20f66782b5fe139de0dc499adc0518f55454b1e68d7645fff72ee70
SHA3 7378c93cc2092a1f0c5c64626aac7a44a0033fb91ec5cf617ccccaa9e654b054
VirtualSize 0x16000
VirtualAddress 0x1bff000
SizeOfRawData 0x16000
PointerToRawData 0x958e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 7.48184

Imports

KERNEL32.DLL LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
ADVAPI32.dll RegCloseKey
COMCTL32.dll #17
CRYPT32.dll CryptBinaryToStringA
GDI32.dll BitBlt
IPHLPAPI.DLL GetAdaptersAddresses
ole32.dll OleInitialize
OLEAUT32.dll VariantChangeType
RASAPI32.dll RasDialW
SHELL32.dll ShellExecuteW
SHLWAPI.dll AssocQueryStringW
USER32.dll GetDCEx
VERSION.dll VerQueryValueW
WINHTTP.dll WinHttpOpen
WININET.dll InternetSetOptionW
WS2_32.dll WSACleanup

Delayed Imports

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.68879
MD5 18233d0be3f1b682130d31696ef7028a
SHA1 74263c0d8566d38754dcb39f6f28f26c219929e5
SHA256 931a1c48f52e193a0df5f65f1b6220a28245e898c05e3c59d97caa16dfc9c3ff
SHA3 2d6008be2b8951b35f26cbec691278bbf7284cbcd612a2c72622b36e6f65601d

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.0192
MD5 7f240d7fbef48c2c1ad7f6130320e4dc
SHA1 95aa53ef7434fa147fccaa4dc497347b365556cb
SHA256 d57bb351e7a91bacf840ad93690bccd19ff4e7c142f2112387a59b38fc4d9d07
SHA3 36e3a159f85614060b75b907b7ed493d7cfde5c9d2c4c158d29403ff966aea78

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.62289
MD5 0497599ab053b9f097dd149e3d520253
SHA1 a0948a230928baf29bc64db0e10b8797ad8ee4b5
SHA256 1596acf7eac8986836e35979516581639d22b22dbd89311dbda70c75a81d16be
SHA3 4f81e3c01e5c107af0d97a493c99c450d7d72a1fffb88d1c1cce5db4fddba969

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.86281
MD5 cd63f56b5836c65088c5ce61cff2c971
SHA1 80e4099311efe0f29adabb846a8a74528455b9b2
SHA256 3dedf8909cb36d4e3c7312ab591e0ddbb60c858e4685c46b1cddea6de98b92d7
SHA3 465c038e3b59ac5f784e2ea0f288c67fa86d64dd6b9830b13acac30e55e4d5a1

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.32737
MD5 3f38b0896420d34de7d27a9ffd69796f
SHA1 71e8b4dba7a1b927060f1924aafd3d05c356c787
SHA256 7d5083c6974f800f77285c5b7b240205556e2f161a25dcf3e34ebaad3d69892d
SHA3 ede68be4b682e0b2b8e11c6021bdf1d5a9b07f13c7ec8d587ca677978323be16

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.87817
MD5 70b901a24ef9b3b5135bc32fea5f9c41
SHA1 5ffd46e778645ed0849ed11a0d1118e904d2cb3b
SHA256 6f0bcc31342da6a0d9b2d056d859b12ab49596cef811c326e91215aa025c1488
SHA3 6b7c45cc6d586e6a460e0474573b6f0c2fb662364295e899d309565b45117013

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.18342
MD5 03b98c1254c359aa5b7d693e795e5dfc
SHA1 323f55eb68ee9bedd93eb40796666e50b242082b
SHA256 b93d225708d527d8a6fd951fbdab5d137cd7889a0a8c00cf022474caa591655e
SHA3 b89415c65bb14a8aa12c3e68a4b8963d56a2eff3d47c22995758fd401798e960

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.79539
MD5 cd65d54ea5e1629a4bc4438196f5ebf6
SHA1 b91eb9cba17f12585b619d5f0b3a4c8bc322a45d
SHA256 13ceb7b89aa9f5d26e1887cf2e578d0ce4bc080edcead11241b6daf4fce6fac9
SHA3 b0269e734dfab37942de1934ff20c2ccb17dc36c994de4bc36eb20fd7473baf6

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4c57
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.96592
Detected Filetype PNG graphic file
MD5 5caed698c1089585886e0aa5d8c72c59
SHA1 5c083ebbc0b22efd62a232c969361f80b163615b
SHA256 bfa113baadcd9bfc492259b0f3d289ab13651281cbe4144cb6253558d3f8d954
SHA3 3e1cbc7fdc85f89585e82c041e9517b8eee16dd3796c6affc54de5c3fe0cc9ae

10

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xa311
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.94804
Detected Filetype PNG graphic file
MD5 22abd09adce5b3a73552e9e81a3899f7
SHA1 8df8caaa4553b0ae73be81983f3f03b0bcc14fbf
SHA256 2017d25c3d2d41590e75e255369758412b71331f0d620e4071c199a27e778635
SHA3 53b9f3559c84cbd736b6b229c258b7a8315e332a84692bfdeb1da822f0165998

11

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.17586
MD5 cc7f63574dc018a98dc8113bc4c80a65
SHA1 c0115ab1df586123a5c2679f55a86627829de190
SHA256 313f16809cabaf253c7d83cc77c778398458560b3424230b7e0f429fd4d870de
SHA3 6b8b85711d49e799812b3126a58f0ba79b58919275539953f4e966634fd73e7c

12

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.56351
MD5 c761c3d19ec75e54d38b8c78f6dc5d19
SHA1 612d6fa8a4277e5f14c99fc740db3b94b95dc3d6
SHA256 eec3df8088a10fbae2b5d52c61ba17cb114c35053ce82c5c3fb8751a7479c9b6
SHA3 7ebfb7af41ede3af1f905f658d092380abdaa01387a7c597ebef92b9e15cf6e6

13

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.74998
MD5 b706bb6f2ca9112308354a20d72ead8a
SHA1 27280890464434d711ff4ca8706feba104be21f3
SHA256 1f07c3d74a34d9106e98b3590c17f9e445e94bc62be3e0b53646a5a0863a951d
SHA3 e3fe914de078e31f6a1fc561120626d867563e512be0ba720f55f0b7429794ce

14

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.81543
MD5 b3b45f81cd5e6e724560d02f46143628
SHA1 b372baec448f45f7fe2b922e0e7345b305cc89e6
SHA256 b2891526239694ccd82321e09b4cef0af7aa4798499b800703dcb24477ef6dc0
SHA3 d9ffdd977d22307e9c08f10c22923d7af0ddd363d433811ab1096e57acce8e1a

15

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.86602
MD5 c58b4c8552124a6622e072de65722898
SHA1 fcc395e1b8c16ce1ac1a42f0be55fb09809ae4a3
SHA256 788c5768cb5873d69446d49f8aef77ddcbedad1ed0c68b9f76829f638e710679
SHA3 1ec7f00effbcfa2529e4b1462f25b38aecae9e737e169ccea516e105276e1ac1

16

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.73179
MD5 4c4b7a7ff0eca0c21ca96f03fb0458db
SHA1 97d92da28e20446be49fb7aa460439c51327dd75
SHA256 6843cb5f5f34ea5a518582dda68be921c7e1328a7a4c4a6b17d99a96d1c4c2d9
SHA3 820565c8512598b6fe0668ef56490a89711dcc61804495fdb6bbbab95a73ba8f

17

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.8356
MD5 d14f46fc0d1ebc478cdb4a06c5bbaa15
SHA1 5802e007a4b786889b38b0ccc434a412057552dd
SHA256 66eaefbcf3537bb295ec2a1ad723141abdad5f11da1bc72c62500674456cd367
SHA3 0c092f8682ae9df24c7ebc7223e1be5fe011f5c1d24ec3acca6bac595f396cec

18

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.89363
MD5 f7ed46f01c228e6c8c99012a256ab6b9
SHA1 21f3af99739397149400f32f3663dfa24e054e65
SHA256 cb41e0a11647f3ea97b2340c26a7c07dd066bf7ae1f4e1b1901bb97eef76a288
SHA3 480431753b3313ff021db9d68651b9189664e4a795fb2485a1615660de3c353a

19

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4899
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.89326
MD5 458d8bb4c21ccbc844aa94126d58e84a
SHA1 ca25f10c9dc2e47e1d645a1c75fb776965c6fb5a
SHA256 b3d4cb5f5a021e9735b206b5a4fe563f2bb247f592486f72878ab95ec7bb43fa
SHA3 ff4108b823f689b66ad1eee853361e5d9e45348521e02cb8d8bce5ec01974b98

20

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x9d72
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.91544
MD5 23b9b1e6b59dd7ab432421b8104dd5f4
SHA1 ce354f570f415c392c629f51111c1363b199e5aa
SHA256 ca9ad85bef20526c2dbd48a7c16bda3162ef07ab300ac5357e6432a9ab589790
SHA3 dbcdb89408b946957113c2b2b10061eebee343fdaea9b6fba096ee3cb39fe7dc

21

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.13936
MD5 b496103181c1d22581d86eca05d90579
SHA1 8bf24b80f909226567850420b21e78e3080be832
SHA256 58a6437e8e9d466642bff89ae75080025c0199b31ab409daf3d78c8a0a4613d6
SHA3 24e2a59342af986db0652b8293920ff1ce2c844da848c042c4ede07d21cddfc7

22

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.64377
MD5 6037e3ef043630373d99ab9a1797dbdf
SHA1 b534fa74d96bb5c5f88ecaa4ec519c72598d5002
SHA256 cf3d357409a54eba0110f5ba1f1de77c3ee405504033c8e7b14cf826c1981eb7
SHA3 73950f410962bf6a4fd0aa25efcb3d8e2214000e8be737046735c947daf38481

23

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.79942
MD5 9a20cd91003484943d2ea41e58ff902c
SHA1 d5a30e8883f3c0fd3a332d9e37ed2f985d00877c
SHA256 15b4229f8ed21c437f11c116c557cead625991c7bfc108ce00a080358f1454d5
SHA3 c8bec0f1fd1f6f05a0b1243e8ee78634f5c1d71d164037204dba6e22048f6af5

24

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.82172
MD5 c9e065434445248664bc11f27dccc918
SHA1 a8dcfa421cc77bc7b2b80eeeaca6509d31705809
SHA256 af7e4566c26de7ef93e8453c599a019062c65079d3e2bc0c7a31e6469903f23b
SHA3 e837e346160fa0c2d81afc73d02315749364de6b72e9e2d9720322850f082a4c

25

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.84843
MD5 89c5d18c9eb658c1e4bfa1d9a56deb35
SHA1 adec350b40e932cb4536e8fef8073504899e474c
SHA256 04ccab285552dee0671c62c3a7526491f084f8c30f061b9dd990900c353a212f
SHA3 52a20e6c68642b630a658a325f434c03670a34e61ae1480456f72b5a2e128bb1

26

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.69261
MD5 62c383b3cb9fba1528b8dfbc9e285616
SHA1 660435a23c7b654e11bc797b9c4081b7d6479d7a
SHA256 905f60424bdb8d9dfdb9538020c130efcaf4fe8c045759ac5c010eb1c4828973
SHA3 4bcfce602fde7ea2925a71b09dc122b5eeb21b4192272d84c964ab875b0a19ae

27

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.86349
MD5 95b9854c0a114f1074fd1ac96deeaadf
SHA1 e1f96f999f0483743628a2d50960e9f2051d2d9f
SHA256 86ff2769c349809237826d4532081a1e69f9289a3e19ffc08ee798a194b1df35
SHA3 480491d12e9d0283e2f70a0a124592756d749ed83adf768bcd7fadf5b7de7368

28

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.90538
MD5 1c09d08e14b35f8cdc0c827d1958a846
SHA1 6442135df73b7a633b7384f33fd895283ff73661
SHA256 a377fdb064373aad0a57742c1dc331516070ba08c5844b4c27f0021a10817388
SHA3 b61583afa05982f0e80a129574c3b9e6a349fcc1da16d93f9ea4ef7902136ea4

29

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4c57
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.91233
MD5 e38f91a9326c454708cfbcc667d7c247
SHA1 14b355ada8a1280204b23af390d573e4dcc5cb07
SHA256 1b5c47ad76f6246896d39378a2415d8f9834b4d670afbab7e0d49e68565c5a97
SHA3 cfdf059f874183a24e205440890d2d9a6ac9e0c3bb8f818c89a002e26cdef5a8

30

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xa311
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.91239
MD5 bf03b50111ee7daa52e896b7db664249
SHA1 e193624996ccb48528bd72be04fd2c917742d055
SHA256 07d3998b529ae6680331948128d4cc0951b569a47283f66681f8249e22ebf88b
SHA3 6be66f6bb7a788069604c91951fcbe649658c34995e1d0d9a91894d7cbc5e1f4

7 (#2)

Type RT_STRING
Language English - United States
Codepage UNKNOWN
Size 0x42
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.68819
MD5 f932d3c29dd88b31425ba481b32b854c
SHA1 bd762e8624ce44e3185925374bc897c29e7fb507
SHA256 a017bbb20dd70953b4eec1ad17db664a909d179d135036ca81ff8c7dd4f03599
SHA3 ad271009d4b9d8bd8211bd4a0e3848299aa97a25fc67e2a6ee414069398ebc88

COUNTRY_DIALING_CODES.JSON

Type RT_RCDATA
Language English - United States
Codepage UNKNOWN
Size 0x711c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.73815
MD5 ba788cc5190cf9817de52f7e8b667c32
SHA1 00a15800a60440cd23097eb1cecc7888c71fe744
SHA256 8f47bb705960913e6b10511407edcef9e562a56ccf104abd2a3007f2ea2d13d7
SHA3 4481aa12d82ae78518d34a0cb98c2466fc6e7c30b9f44f83f439dc47e9e0e030

132

Type RT_RCDATA
Language English - United States
Codepage UNKNOWN
Size 0x46710
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.91959
MD5 1b383c7b4ef21fb0fa863d226e2b8273
SHA1 185f69f64637c9708abf90f86000240a7472febe
SHA256 0f8879c865249aadfeb11fa9de741e1f121b24f623213755869397c95c1c193b
SHA3 5e90caac54417c07bc16a0f12d4c98c5d3267755ea3a454b17160800f6fef893

133

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x92
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.85324
Detected Filetype Icon file
MD5 b88cbc2005b07c62d51cb073fe0a3436
SHA1 c961b5ad03f9e7735f1f81d80251088f929b958b
SHA256 70f48d1dbed89598f436f309ea1b35c6047a8b836200926c24ad429f10422bea
SHA3 ca9da856de99015f87ac8690711f575234fc2983fe6c6b699649eaf08cf375e1

146

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x92
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.70856
MD5 a505e149b6ce6681a475a559ff8a16ad
SHA1 7aa075d176362aa8a384917125e52d7db663ee83
SHA256 ebde1b5939e3eee40c54c0aeb04a84eadedb6e553c601767ad347c6c3673ee45
SHA3 d792105a1169708531ff5e650a4f4f1a47815a3961825aa073c479a668c720bf

147

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x92
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.6212
MD5 5fa31a0577c2147e9aba2a3054f01b3e
SHA1 eddaa227ca4dfc3afc7a22a1d59e1bf2893c1623
SHA256 e42c685528ed72ebb6387d755673a862fcff74815fdf04ed257200ed66121185
SHA3 933aac0875627e67fbf4a96b8e0aefb4c36eb8129c798625bd3ae276db4601ac

BANNER.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x4064
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.83455
MD5 e7a92c3edf4692c7d5c76441dee14b74
SHA1 98232a6c87888ddbb6f171673dbc445d02413cc0
SHA256 defeb191bbf1b3d571c3756c4cd96172599a62eb6b4c8b6f71a3317cf8ca3c3c
SHA3 4dabdb45dc1af848d7a4d3ac338bde8c9dc68983dbf41c503a5bde2ea9079816

FLAGS32.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0xcbef
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.86402
MD5 ed03b6e20f8088aeb103ec051b68194e
SHA1 691640d1024a93b4330bcc54faad651ee687255f
SHA256 c791ad29c8ed0593684355a10ebaf8aed24465b955c47e73753a53c5bb187c23
SHA3 1afc7f1bd464adfae88a5bb2c7e1dc941466413fd73526c72ad71f4acca679da

FLAG_UNKNOWN_32.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x3ab
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.57318
MD5 ddab3e8ed45cb64488866a658215b14d
SHA1 e9b5284f57bb54b9251e87fc80233aff4a20697a
SHA256 60f72e68e5d3fc70139c549087ce0440df9e187f71c891401d3aea2d5e9d4be9
SHA3 815f7584fd829e94f32d9cb5e1cd8314acd61d0299d37d6e9576db276c3c7487

FLAG_UNKNOWN_64.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x946
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.7988
MD5 7566199d078526b8955fd4aeacb99e28
SHA1 b6953028edac0c100a3b46a00aed077117fe23fa
SHA256 d1844184530f57ce6631ff1b42d6fa4c9529ba727146881edcbb5b1ddeeee903
SHA3 57a47c4d84a099bd7cf3ca885c449ed2b0dc92d7e5d047e6613b45767ed583e9

ICOMOON.EOT

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x63c8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.85091
MD5 1544087004fba8710d6a4dafa9c8bdf3
SHA1 766976774762341aef71d17c649dfc0eaeab9124
SHA256 990a2073d4b6b210bf1698881a855ebd8f15bd404d9ed6dca92b6b99f9750f3a
SHA3 7efca60d87ae2dc3ac02ed3ae37095810f5dd6270ff06e9c09ca43886b175d76

LOGO-BW.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x10b0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.82506
MD5 c65ec9d200e7b79a6a75c3a6db25f82d
SHA1 138607daf637a955168319696bb58de0e97c8705
SHA256 f14222894d5438f801d05a000bd1855557338a2f842abed77cecfc12b3994222
SHA3 06213ede62a068750d2360cac8955be0bee4ce955165effe108b44521ab79b5f

LOGO.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x10bb
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.77785
MD5 2ecbb25b24c353784191e274880cc7d0
SHA1 9cf4381ca77b733ca7fdca65335ceeffd9494cf8
SHA256 48cf3ffd1603ab3afb876fde9b7893c02be1374dd6b0dd6910c5cf1bb824773b
SHA3 d31946b5fc731f0fecd11b52c8b5dd34ba3de5a7aa23106aac5264c1ef139814

MAIN.HTML

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x2f710c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.92613
MD5 e47ea7b437e4e93d09301b5ab4d76360
SHA1 78dc02d762fb61f9e9f53dec2c2eca24fec8d45c
SHA256 4dcddff5229220e64fcace042fa6e87ef40681565e7027a7a9180f469b205e49
SHA3 05f46ac922cd91051bb5efc9d39eff2028b36ed481b5c8178a9d02ab5bbb5064

PSICASH_COIN.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0xa65
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.78693
MD5 c0638b8583a0060866da38d525784d01
SHA1 bedb36870d5df1d251f93b767bf3020d4412cb04
SHA256 afc22886432b022dcb00200820f35652ec80ef48d6d9dea30a0a4935bc83ec35
SHA3 57fdd13a410bc221d47a208dbd7b52e0a8d8f70ee13307790f9b47223b6710ae

PSICASH_COIN_GREY.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x5f8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.67418
MD5 5582730bd5980ed9a912ade73cc103da
SHA1 8ba5ffa675b9861af54140cb2f06f6108ce6a037
SHA256 b970d0cf17bd407be1047e26c43e00e750e51489899a954b56cfcf38c7d75610
SHA3 d5b542a9e1f816332684f805916c010d1d2e4fcc1edcac80dfa88ea09a02cc39

ROCKET.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x1759
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.85973
MD5 e6c3e8e99bcda14fe288303932cb0ba7
SHA1 93c18c56dee575239679178476260e2dee5c406d
SHA256 3a9998dcbeea3f52dfbcc7733cbfd3d89d31e540cfc628b319a144ec8dfec6f0
SHA3 dcd74e3c61bbc66c3926f1b53e383a9bc2e8d32dce5cee2ea48602a2e4960ab8

SPEED-BOOST-BUTTON-1-DAY.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x230e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.80875
MD5 6e3f511db7768d7000d2eb85504c32cb
SHA1 9d799190361d8365fc03913c0987560d83935ca6
SHA256 94b512a49a6bca1d24664afb02decdcef5b9043c30a7a255434d533d26386e3f
SHA3 abc0f97270bca3399ee49df9797114bdccbaa6ca9b359aacbf1587e8e2dca577

SPEED-BOOST-BUTTON-1-HOUR.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x2316
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.83131
MD5 4e79f9d1957102cdb688dcc12b06ab76
SHA1 998640c0e8593ec215d4f0ae92faab253af002a3
SHA256 6dc90addb6dfba38f02045695c2951bbb4b049344b4e4b5dd9dfd7788235fe9a
SHA3 c27cffc60913ff39031129e9aa67425e612988e45964e0f7a2971b5a948b67f2

SPEED-BOOST-BUTTON-1-MONTH.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x23da
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.82266
MD5 06caf4c0e32db2e1616646d6f00a4f67
SHA1 98b69ae581fab58228b59b8eebd3c053d1a6b5a9
SHA256 e55c0248c849095f762a2fe1a62a4444b5fe535ee62ad271bd128d6f9e0b6a36
SHA3 bf2df81d7ea8778a96217e11119c07fd84542324e1b3a131422ee9e9fd3a4013

SPEED-BOOST-BUTTON-1-WEEK.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x26b6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.81587
MD5 7534b0e34094de5fe377a09ce61e7281
SHA1 473eb21f232b5fd8485ea51978adf113f7aa5815
SHA256 2808179265affb4d8e97876d7b10b6dfb585f738c79a9fd7f26932638e893385
SHA3 674503639db402238a152fb0cdd0ee9f0eca910b1d45ac51d90d14b2db09aa1b

TURTLE.PNG

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x1e18
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.85403
MD5 62939789d791777a1a320e8e0482dfb2
SHA1 828546f02cefdd7ba4976cb2bd6c216ffa5e012b
SHA256 7af09ce570685a99fb3f8f88c64479f6a33e93ad587319cbae8db9e1c4e90b4e
SHA3 02ef992fe77d3543cda657a1b60f1a678de74d965c9c0c6505cfe82aa240a20c

1 (#2)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x30e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.18815
MD5 9cb08c39cf7471dbc6a1def890817311
SHA1 a427014792927fcf951afda0a933e88cc945adb2
SHA256 6869f7f08f1b7d9a40b6b900cb225530b10cfce04a91b5b457174775b46e316b
SHA3 78b43bd3e74710dc6b977499963c0b3fbc652bee4017675719e0ff9a2dec995c

Version Info

TLS Callbacks

StartAddressOfRawData 0x1ffc214
EndAddressOfRawData 0x1ffe93c
AddressOfIndex 0x5d8a38
AddressOfCallbacks 0x1ffe93c
SizeOfZeroFill 0
Characteristics IMAGE_SCN_ALIGN_8BYTES
Callbacks 0x01FFC1DA

Load Configuration

Size 0x5c
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x5d1390
SEHandlerTable 0x5b5380
SEHandlerCount 1072

RICH Header

XOR Key 0x3a171e8f
Unmarked objects 0
ASM objects (27412) 27
C++ objects (27412) 198
C objects (CVTCIL) (27412) 1
ASM objects (VS2015 UPD3 build 24123) 25
C++ objects (VS2015 UPD3 build 24123) 126
C objects (VS2015 UPD3 build 24123) 38
C objects (27412) 44
Imports (27412) 33
Total imports 416
C objects (24245) 22
C++ objects (24245) 8
C++ objects (LTCG) (VS2015 UPD3.1 build 24215) 78
Resource objects (VS2015 UPD3 build 24210) 1
Linker (VS2015 UPD3.1 build 24215) 1

Errors

[*] Warning: Ignored an invalid IMAGE_RESOURCE_DATA_ENTRY [*] Warning: Section UPX0 has a size of 0! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8! [!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file. [*] Warning: Resource 146 is empty! [!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file. [*] Warning: Resource 147 is empty!
Leave a comment

No comments yet.