Manalyze report for 795137104d97da1bf4282fd6979bb38d

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2001-Mar-16 00:48:44
Detected languages	English - United States

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++` `Microsoft Visual C++ v6.0` `Microsoft Visual C++ v5.0/v6.0 (MFC)`
Info	The PE contains common functions which appear in legitimate applications.	`Can access the registry: RegOpenKeyExW RegOpenKeyExA RegQueryValueExA RegQueryValueExW RegCloseKey` `Possibly launches other programs: ShellExecuteW ShellExecuteA`
Safe	VirusTotal score: 0/65 (Scanned on 2018-04-25 21:54:21)	`All the AVs think this file is safe.`

Hashes

MD5	`795137104d97da1bf4282fd6979bb38d`
SHA1	`2a933e26aa9cfb33b37f78afe21434caa031f14a`
SHA256	`3e6fdb89b880a60ee984b885a48f262070019572f1531ed70d96108781bae00e`
SHA3	`67d11c862f5eff23adad2c9ac1859ad8af2e56bd66bc8cbc7b14d3e78a090bbb`
SSDeep	`3072:GaHijgNdsmPC5qOp4XMzV2nZ77GIjKhxyxxKqU2r93zuzJ8g3QJxASF7FzdogxW:GaHij/mPC8aIjKvZ8DuN9MWk6w`
Imports Hash	`bc15d4a7ebb80657a8ad0967b169a4cc`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xe8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`6`
TimeDateStamp	2001-Mar-16 00:48:44
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x25000`
SizeOfInitializedData	`0x40000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000214B6 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x26000`
ImageBase	`0x10900000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x66000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`4cba3aa739285d57429a22fd2a02ffe1`
SHA1	`1a3ff74bc5ea2fdac4b7bb5272cd24512f593077`
SHA256	`559c8c877b87748b2581ef0c365c2e9d4a9cb27ac3ab0268350300b53dc472b5`
SHA3	`1c7c14a2e2e82612a62c94852e4508a0aa355c23eda53a3d1b0f4121a018ed1e`
VirtualSize	`0x246dc`
VirtualAddress	`0x1000`
SizeOfRawData	`0x25000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.34536`

.rdata

MD5	`d8b10390f75a85ab59814f5ac2ec9195`
SHA1	`209fc4b198edf0184959aa1eb1b317c0a4bc442a`
SHA256	`ce63e5437557e1cdf159feea6323dcee42c94b2d2602b9d3ec13fbc0ad2f865f`
SHA3	`e9cd06b1b5d0df77357b893270387f6bcc27e16578c6560f1e68c3b78e6caaaa`
VirtualSize	`0x5db4`
VirtualAddress	`0x26000`
SizeOfRawData	`0x6000`
PointerToRawData	`0x26000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.34298`

.data

MD5	`01a25a33e46464fd330efcd649821b0a`
SHA1	`ba59edc5a4a5a48ec8c4d116518535bd082d8199`
SHA256	`b728c791e52c4467a64ca4ff88c670743e037b91782cb0ca5cc9d043a861a283`
SHA3	`2c0e3b5f7bdcd6499b0630a133dd5d6cbf17739827de3a783b783ddae8d78860`
VirtualSize	`0x2a770`
VirtualAddress	`0x2c000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x2c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.54221`

.idata

MD5	`803d3cdc10dcb87acf77972596be367a`
SHA1	`b6824c92e6e361338f7f5ab297b0dbc7ec013918`
SHA256	`1c736d20c1f868ebff02269e19476adf74556bc0ab0db0b238df10ab90adf91e`
SHA3	`e744c1d39cdde0c0553f7a82e16677b166639e0ca160c55f7cb082e3c51e86db`
VirtualSize	`0x4916`
VirtualAddress	`0x57000`
SizeOfRawData	`0x5000`
PointerToRawData	`0x2f000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.10746`

.rsrc

MD5	`a059bd897d0c11f01fffb1c3ab9b3a49`
SHA1	`3a49b1f6d06d2a1e5675087dc24a7bc154dff0d9`
SHA256	`cf0d6d8b5b69a7c0242c83e6a42198cc7be1b703e3f27668f66a9e3055487d0e`
SHA3	`2627d8d72d72dd23b1920f9ae01be6cd02b75864744b747f57287686516f0d22`
VirtualSize	`0x58d9`
VirtualAddress	`0x5c000`
SizeOfRawData	`0x6000`
PointerToRawData	`0x34000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.30113`

.reloc

MD5	`9610168303a9f0b3cd898a00ae1c226f`
SHA1	`d08c29023f6cb9e36ce5edd3ce2589d921b1b1a7`
SHA256	`4f815588e26847ce6fb10c6429b579102c03739315dffe2961135ab6ed0d1939`
SHA3	`fa35235118bb5e9ca09a0ac20bdf27f774ea6641a1289c95080d55b5259bd317`
VirtualSize	`0x3863`
VirtualAddress	`0x62000`
SizeOfRawData	`0x4000`
PointerToRawData	`0x3a000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.61455`

Imports

Window.dll	`?OnCurrent@WWizardPage@@UAEXXZ` `?InitWindowing@@YAXXZ` `??0WLog@@QAE@PBGAAPAVFArchive@@VFName@@PAVWWindow@@@Z` `?GLogWindow@@3PAVWLog@@A` `?OpenWindow@WLog@@QAEXHH@Z` `?Unused@FCommandTarget@@UAEXXZ` `?Serialize@WWindow@@UAEXAAVFArchive@@@Z` `?GetPackageName@WLog@@UAEPBGXZ` `?GetNext@WWizardPage@@UAEPAV1@XZ` `?WindowMessageOpen@@3IA` `?WndProc@WLog@@UAEJIIJ@Z` `?CallDefaultProc@WWindow@@UAEHIIJ@Z` `?InterceptControlCommand@WWindow@@UAEHIIJ@Z` `?GetText@WWindow@@UAE?AVFString@@XZ` `?SetText@WLog@@UAEXPBG@Z` `?GetLength@WWindow@@UAEHXZ` `?OnCopyData@WLog@@UAEXPAUHWND__@@PAUtagCOPYDATASTRUCT@@@Z` `?OnSetFocus@WTerminal@@UAEXPAUHWND__@@@Z` `?OnInitDialog@WDialog@@UAEXXZ` `?GetWindowClassName@WLog@@UAEXPAG@Z` `?DoDestroy@WWindow@@UAEXXZ` `?GetCancelText@WWizardPage@@UAEPBGXZ` `?OnChar@WWindow@@UAEXG@Z` `??1WWizardDialog@@UAE@XZ` `??1WConfigProperties@@UAE@XZ` `?OnCopy@WWindow@@UAEXXZ` `?OnPaste@WWindow@@UAEXXZ` `?OnShowWindow@WLog@@UAEXH@Z` `?OnUndo@WWindow@@UAEXXZ` `?OnPaint@WWindow@@UAEXXZ` `?OnCreate@WTerminal@@UAEXXZ` `?OnDrawItem@WWindow@@UAEXPAUtagDRAWITEMSTRUCT@@@Z` `?OnMeasureItem@WWindow@@UAEXPAUtagMEASUREITEMSTRUCT@@@Z` `?OnInitDialog@WWindow@@UAEXXZ` `?OnEnterIdle@WWindow@@UAEXXZ` `?OnMouseEnter@WWindow@@UAEXXZ` `?OnMouseLeave@WWindow@@UAEXXZ` `?OnMouseHover@WWindow@@UAEXXZ` `?OnTimer@WWindow@@UAEXXZ` `?OnReleaseCapture@WWindow@@UAEXXZ` `?OnMdiActivate@WWindow@@UAEXH@Z` `?OnCancel@WWizardPage@@UAEXXZ` `?GetShow@WWizardPage@@UAEHXZ` `?GetBackText@WWizardPage@@UAEPBGXZ` `?GetFinishText@WWizardPage@@UAEPBGXZ` `?GetNextText@WWizardPage@@UAEPBGXZ` `?OnKillFocus@WWindow@@UAEXPAUHWND__@@@Z` `?OnCancel@WWizardDialog@@UAEXXZ` `?SetCurrent@WListBox@@QAEXHH@Z` `?OnDestroy@WWindow@@UAEXXZ` `?OnClose@WWindow@@UAEXXZ` `?OnBack@WWizardDialog@@UAEXXZ` `?OnFinish@WWizardDialog@@UAEXXZ` `?OnNext@WWizardDialog@@UAEXXZ` `?LocalizeText@WDialog@@UAEXPBG0@Z` `?RefreshPage@WWizardDialog@@UAEXXZ` `?Advance@WWizardDialog@@UAEXPAVWWizardPage@@@Z` `?OnSize@WTerminal@@UAEXKHH@Z` `?OnClose@WWizardDialog@@UAEXXZ` `?DoModal@WDialog@@UAEHPAUHINSTANCE__@@@Z` `??1WWizardPage@@UAE@XZ` `?OnDestroy@WWizardDialog@@UAEXXZ` `?OnCommand@WWindow@@UAEXH@Z` `?OnCreate@WWindow@@UAEXXZ` `?OnShowWindow@WWindow@@UAEXH@Z` `?OnCopyData@WWindow@@UAEXPAUHWND__@@PAUtagCOPYDATASTRUCT@@@Z` `?OnSize@WWindow@@UAEXKHH@Z` `?OnSetFocus@WWindow@@UAEXPAUHWND__@@@Z` `?WndProc@WWindow@@UAEJIIJ@Z` `?SetText@WWindow@@UAEXPBG@Z` `?CallDefaultProc@WDialog@@UAEHIIJ@Z` `??1WCoolButton@@UAE@XZ` `??1WButton@@UAE@XZ` `??1WListBox@@UAE@XZ` `?OnCommand@WLog@@UAEXH@Z` `?OnActivate@WWindow@@UAEXH@Z` `??1WLabel@@UAE@XZ` `?AddString@WListBox@@QAEHPBG@Z` `?Empty@WListBox@@QAEXXZ` `??_7FDelegate@@6B@` `?GetString@WListBox@@QAE?AVFString@@H@Z` `?GetCurrent@WListBox@@QAEHXZ` `??_7WEdit@@6B@` `??0WWindow@@QAE@VFName@@PAV0@@Z` `?SuperProc@WEdit@@2P6GJPAUHWND__@@IIJ@ZA` `??_7WWizardPage@@6B@` `??0WDialog@@QAE@VFName@@HPAVWWindow@@@Z` `??1WEdit@@UAE@XZ` `??1WUrlButton@@UAE@XZ` `?SuperProc@WLabel@@2P6GJPAUHWND__@@IIJ@ZA` `??_7WUrlButton@@6B@` `?OnClick@WUrlButton@@QAEXXZ` `??_7WButton@@6B@` `??_7WListBox@@6B@` `??0WControl@@QAE@PAVWWindow@@HP6GJPAUHWND__@@IIJ@Z@Z` `?SuperProc@WListBox@@2P6GJPAUHWND__@@IIJ@ZA` `?GetRoot@WConfigProperties@@UAEPAVFTreeItem@@XZ` `?GetWindowClassName@WConfigProperties@@UAEXPAG@Z` `?GetPackageName@WConfigProperties@@UAEPBGXZ` `?SetValue@WProperties@@UAEXPBG@Z` `?GetListItem@WPropertiesBase@@UAEPAVFTreeItem@@H@Z` `?BeginSplitterDrag@WProperties@@UAEXXZ` `?ForceRefresh@WProperties@@UAEXXZ` `?SetItemFocus@WProperties@@UAEXH@Z` `?ResizeList@WProperties@@UAEXXZ` `?GetDividerWidth@WProperties@@UAEHXZ` `?GetRoot@WObjectProperties@@UAEPAVFTreeItem@@XZ` `?OnDestroy@WProperties@@UAEXXZ` `?OnSetCursor@WProperties@@UAEHXZ` `?OnFinishSplitterDrag@WProperties@@UAEXPAVWDragInterceptor@@H@Z` `?OnPaint@WProperties@@UAEXXZ` `?OnActivate@WProperties@@UAEXH@Z` `?OnSize@WProperties@@UAEXKHH@Z` `?GetWindowClassName@WObjectProperties@@UAEXPAG@Z` `?DoDestroy@WProperties@@UAEXXZ` `?GetPackageName@WObjectProperties@@UAEPBGXZ` `?Serialize@WProperties@@UAEXAAVFArchive@@@Z` `?SetNotifyHook@WWindow@@QAEXPAVFNotifyHook@@@Z` `??0WConfigProperties@@QAE@VFName@@PBG@Z` `?OpenWindow@WProperties@@QAEXPAUHWND__@@@Z` `??0WObjectProperties@@QAE@VFName@@KPBGPAVWWindow@@H@Z` `?ScrollCaret@WEdit@@QAEXXZ` `?Show@WWindow@@QAEXH@Z` `??1WLog@@UAE@XZ` `??1WObjectProperties@@UAE@XZ` `?OnMouseMove@WWindow@@UAEXKUFPoint@@@Z` `?OnLeftButtonDown@WWindow@@UAEXXZ` `?OnFinishSplitterDrag@WWindow@@UAEXPAVWDragInterceptor@@H@Z` `?OnSetCursor@WWindow@@UAEHXZ` `?OnClose@WLog@@UAEXXZ` `?OnDestroy@WLog@@UAEXXZ` `?TypeChar@WTerminal@@UAEXG@Z` `?Paste@WTerminal@@UAEXXZ` `?hInstanceWindow@@3PAUHINSTANCE__@@A` `??0WButton@@QAE@PAVWWindow@@HUFDelegate@@P6GJPAUHWND__@@IIJ@Z@Z` `??0WListBox@@QAE@PAVWWindow@@HP6GJPAUHWND__@@IIJ@Z@Z` `??0WCoolButton@@QAE@PAVWWindow@@HUFDelegate@@K@Z` `??0FDelegate@@QAE@ABU0@@Z` `??0FDelegate@@QAE@PAVFCommandTarget@@P81@AEXXZ@Z` `??0WWizardPage@@QAE@PBGHPAVWWizardDialog@@@Z` `??0WLabel@@QAE@PAVWWindow@@HP6GJPAUHWND__@@IIJ@Z@Z` `??0WWizardDialog@@QAE@XZ` `??1WDialog@@UAE@XZ` `??_7WCoolButton@@6B@` `??1WControl@@UAE@XZ` `??_7WWizardDialog@@6B@` `?OnRightButtonDown@WWindow@@UAEXXZ` `?FindStringChecked@WListBox@@QAEHPBG@Z` `??1WWindow@@UAE@XZ` `??_7WControl@@6B@` `?LoadFileToBitmap@@YAPAUHBITMAP__@@PBGAAH1@Z` `??_7WLabel@@6B@` `?MaybeDestroy@WWindow@@QAEXXZ` `?OnInitDialog@WWizardDialog@@UAEXXZ` `?OnKeyDown@WWindow@@UAEXG@Z` `?OnCut@WWindow@@UAEXXZ` `?OnLeftButtonUp@WWindow@@UAEXXZ` `?OnRightButtonUp@WWindow@@UAEXXZ`
Core.dll	`??0FString@@QAE@ABV0@@Z` `?appStrchr@@YAPAGPBGH@Z` `??DFString@@QBE?AV0@PBG@Z` `?Realloc@FArray@@IAEXH@Z` `??0FArray@@IAE@HH@Z` `?GUnicodeOS@@3HA` `?appFailAssert@@YAXPBD0H@Z` `?appStricmp@@YAHPBG0@Z` `?appStrlen@@YAHPBG@Z` `?appStrcpy@@YAPAGPAGPBG@Z` `?winToUNICODE@@YAPAGPAGPBDH@Z` `?GetTransientPackage@UObject@@SAPAVUPackage@@XZ` `?StaticConstructObject@UObject@@SAPAV1@PAVUClass@@PAV1@VFName@@K1PAVFOutputDevice@@@Z` `??1FRegistryObjectInfo@@QAE@XZ` `?appAtof@@YAMPBG@Z` `?appStaticString1024@@YAPAGXZ` `?Log@FOutputDevice@@QAEXPBG@Z` `??8FString@@QBEHABV0@@Z` `?appStrcmp@@YAHPBG0@Z` `?appLoadFileToString@@YAHAAVFString@@PBGPAVFFileManager@@@Z` `?GCRCTable@@3PAKA` `??YFString@@QAEAAV0@PBG@Z` `?appSaveStringToFile@@YAHABVFString@@PBGPAVFFileManager@@@Z` `?GWindowManager@@3PAVUSubsystem@@A` `?appSleep@@YAXM@Z` `?ParseCommand@@YAHPAPBGPBG@Z` `?GObjObjects@UObject@@0V?$TArray@PAVUObject@@@@A` `?ParseObject@@YAHPBG0PAVUClass@@AAPAVUObject@@PAV2@@Z` `?appSqrt@@YANN@Z` `?appLaunchURL@@YAXPBG0PAVFString@@@Z` `?Add@FArray@@QAEHHH@Z` `GIsMMX` `??0FString@@QAE@PBG@Z` `?PrivateStaticClass@UClass@@0V1@A` `?GetRegistryObjects@UObject@@SAXAAV?$TArray@VFRegistryObjectInfo@@@@PAVUClass@@1H@Z` `?InStr@FString@@QBEHPBGH@Z` `?Left@FString@@QBE?AV1@H@Z` `?Len@FString@@QBEHXZ` `?Mid@FString@@QBE?AV1@HH@Z` `?Localize@@YAPBGPBG000H@Z` `GTimestamp` `?GSecondsPerCycle@@3NA` `?appSecondsSlow@@YANXZ` `??_7FExec@@6B@` `??_7FNotifyHook@@6B@` `?GExec@@3PAVFExec@@A` `?appAtoi@@YAHPBG@Z` `?Printf@FString@@SA?AV1@PBGZZ` `??0FArray@@QAE@XZ` `?StaticLoadClass@UObject@@SAPAVUClass@@PAV2@PAV1@PBG2KPAVUPackageMap@@@Z` `??0FName@@QAE@W4EName@@@Z` `??0FString@@QAE@XZ` `?LocalizeGeneral@@YAPBGPBG00@Z` `??4FString@@QAEAAV0@PBG@Z` `?NotifyPreChange@FNotifyHook@@UAEXPAX@Z` `?NotifyPostChange@FNotifyHook@@UAEXPAX@Z` `?NotifyExec@FNotifyHook@@UAEXPAXPBG@Z` `?appStrfind@@YAPBGPBG0@Z` `?appInit@@YAXPBG0PAVFMalloc@@PAVFOutputDevice@@PAVFOutputDeviceError@@PAVFFeedbackContext@@PAVFFileManager@@P6APAVFConfigCache@@XZH@Z` `?GIsServer@@3HA` `?GIsScriptable@@3HA` `?GLazyLoad@@3HA` `?GPhysicalMemory@@3KA` `??HFString@@QAE?AV0@PBG@Z` `?Empty@FArray@@QAEXHH@Z` `??0FName@@QAE@PBGW4EFindName@@@Z` `?LocalizeGeneral@@YAPBGPBDPBG1@Z` `?Log@FOutputDevice@@QAEXW4EName@@PBG@Z` `?Parse@@YAHPBG0AAVFString@@@Z` `??HFString@@QAE?AV0@ABV0@@Z` `?GIsRequestingExit@@3HA` `?appPreExit@@YAXXZ` `?Remove@FArray@@QAEXHHH@Z` `?appExit@@YAXXZ` `?appFromAnsi@@YAPBGPBD@Z` `?winGetSizeUNICODE@@YAHPBD@Z` `?GConfig@@3PAVFConfigCache@@A` `??4FString@@QAEAAV0@ABV0@@Z` `?TotalSize@FArchive@@UAEHXZ` `?Precache@FArchive@@UAEXH@Z` `??_7FArchive@@6B@` `??1FArchive@@UAE@XZ` `?SerializeBits@FArchive@@UAEXPAXH@Z` `?SerializeInt@FArchive@@UAEXAAKK@Z` `?Preload@FArchive@@UAEXPAVUObject@@@Z` `?CountBytes@FArchive@@UAEXKK@Z` `??6FArchive@@UAEAAV0@AAPAVUObject@@@Z` `??6FArchive@@UAEAAV0@AAVFName@@@Z` `?MapName@FArchive@@UAEHPAVFName@@@Z` `?MapObject@FArchive@@UAEHPAVUObject@@@Z` `?AtEnd@FArchive@@UAEHXZ` `?AttachLazyLoader@FArchive@@UAEXPAVFLazyLoader@@@Z` `?DetachLazyLoader@FArchive@@UAEXPAVFLazyLoader@@@Z` `?Flush@FArchive@@UAEXXZ` `?GetError@FArchive@@UAEHXZ` `??DFString@@QBE?AV0@ABV0@@Z` `??1FArray@@QAE@XZ` `??DFString@@QBEPBGXZ` `??1FString@@QAE@XZ` `??_7FFileManager@@6B@` `?winGetSizeANSI@@YAHPBG@Z` `?winToANSI@@YAPADPADPBGH@Z` `?GIsSlowTask@@3HA` `?appGetVarArgs@@YAHPAGHAAPBG@Z` `??_7FFeedbackContext@@6B@` `?GIsRunning@@3HA` `?GIsClient@@3HA` `?GIsEditor@@3HA` `?GIsStarted@@3HA` `?GNull@@3PAVFOutputDevice@@A` `?LocalizeError@@YAPBGPBG00@Z` `?appGetSystemErrorMessage@@YAPBGH@Z` `?StaticShutdownAfterError@UObject@@SAXXZ` `?GErrorHist@@3PAGA` `?appStrncpy@@YAPAGPAGPBGH@Z` `?appStrncat@@YAPAGPAGPBGH@Z` `?GIsGuarded@@3HA` `?appRequestExit@@YAXH@Z` `??_7FOutputDeviceError@@6B@` `?GIsCriticalError@@3HA` `?Initialized@FName@@0HA` `?Names@FName@@0V?$TArray@PAUFNameEntry@@@@A` `?appBaseDir@@YAPBGXZ` `?Parse@@YAHPBG0PAGH@Z` `?appPackage@@YAPBGXZ` `?appStrcat@@YAPAGPAGPBG@Z` `?appCmdLine@@YAPBGXZ` `?GFileManager@@3PAVFFileManager@@A` `?appTimestamp@@YAPBGXZ` `?Logf@FOutputDevice@@QAAXW4EName@@PBGZZ` `?appSprintf@@YAHPAGPBGZZ` `?GLogHook@@3PAVFOutputDevice@@A` `??_7FOutputDevice@@6B@` `?GLog@@3PAVFOutputDevice@@A` `?Logf@FOutputDevice@@QAAXPBGZZ` `?ParseParam@@YAHPBG0@Z` `?LocalizeError@@YAPBGPBDPBG1@Z` `?GError@@3PAVFOutputDeviceError@@A` `?GPageSize@@3KA` `?appUnwindf@@YAXPBGZZ` `??_7FMalloc@@6B@` `?GMalloc@@3PAVFMalloc@@A`
Engine.dll	`?PrivateStaticClass@UEngine@@0VUClass@@A` `?PrivateStaticClass@UGameEngine@@0VUClass@@A` `?PrivateStaticClass@URenderDevice@@0VUClass@@A` `?PrivateStaticClass@AActor@@0VUClass@@A`
USER32.dll	`SendMessageW` `SetPropW` `PeekMessageW` `PeekMessageA` `GetForegroundWindow` `GetWindowThreadProcessId` `TranslateMessage` `EndDialog` `LoadIconW` `SetFocus` `SetForegroundWindow` `FindWindowExW` `LoadIconA` `GetPropW` `GetPropA` `FindWindowExA` `RemovePropW` `RemovePropA` `SetPropA` `PostThreadMessageW` `PostThreadMessageA` `MessageBoxW` `CreateDialogParamA` `GetDlgItem` `CreateDialogParamW` `SendMessageA` `UpdateWindow` `SetWindowPos` `GetMessageA` `DispatchMessageW` `GetMessageW` `SendMessageTimeoutW` `GetSystemMetrics` `DispatchMessageA` `PostQuitMessage`
KERNEL32.dll	`GetStartupInfoA` `MoveFileA` `GetCurrentThreadId` `GetCurrentThread` `SetThreadPriority` `MultiByteToWideChar` `Sleep` `CreateMutexW` `CreateMutexA` `ExitProcess` `GetCommandLineW` `GetCurrentDirectoryW` `GetCurrentDirectoryA` `SetCurrentDirectoryW` `SetCurrentDirectoryA` `FindFirstFileW` `FindNextFileW` `FindFirstFileA` `FindNextFileA` `FindClose` `RemoveDirectoryW` `RemoveDirectoryA` `CreateDirectoryW` `CreateDirectoryA` `MoveFileW` `GetModuleHandleA` `DeleteFileW` `DeleteFileA` `CopyFileW` `CopyFileA` `WriteFile` `SetFileAttributesW` `SetFileAttributesA` `CloseHandle` `SetFilePointer` `ReadFile` `CreateFileW` `CreateFileA` `GetFileSize` `GetLastError` `GetSystemInfo` `VirtualFree` `VirtualAlloc` `GetSystemDirectoryA` `GetWindowsDirectoryA` `GetModuleFileNameA` `GetSystemDirectoryW` `GetWindowsDirectoryW` `GetModuleFileNameW` `CreateThread`
GDI32.dll	`DeleteObject`
ADVAPI32.dll	`RegOpenKeyExW` `RegOpenKeyExA` `RegQueryValueExA` `RegQueryValueExW` `RegCloseKey`
SHELL32.dll	`ShellExecuteW` `ShellExecuteA`
MSVCRT.dll	`_controlfp` `_XcptFilter` `_except_handler3` `__set_app_type` `__p__fmode` `__p__commode` `_adjust_fdiv` `__setusermatherr` `_initterm` `__getmainargs` `_acmdln` `exit` `_exit` `_onexit` `__dllonexit` `??1type_info@@UAE@XZ` `_purecall` `_CxxThrowException` `__CxxFrameHandler`

Delayed Imports

GPackage

Ordinal	`1`
Address	`0x2c534`

101

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x397e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.58147`
MD5	`64e77b8ade042eb84c85d3e9eb22b72f`
SHA1	`214f87a2693b17f0e10e184ad155abdb3a5b26c9`
SHA256	`10f60970f715b4bcc04a325fc2baba84ca2c42d203513451d3ddeecc6ee479cc`
SHA3	`532e773f2998dfea0c46fb4ce17f7091d5d3fc7be344de9576393c49bdb939df`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.66574`
MD5	`301e225a0ec6cbde1d8c01754f545d29`
SHA1	`6a27135fd63af7fc45d3d9b1dac84e894fd20b32`
SHA256	`7b82288f8e2fcd79a274608854b3f9371dc9becfb36530b561d1b847472ac47c`
SHA3	`ad24ba661db6f52f4a3960a59fcde8708f27a928ef6df7067e2a48322dda0bad`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.93789`
MD5	`52eba7ce17622777332657e31472f845`
SHA1	`6b19da2e43ab10aad76ec0977d13162ed6596a13`
SHA256	`abadff422d2c14f74b9067921ef2b1f0b912b6e593a018ac987286eeed374170`
SHA3	`c82dbe5ee08a759a8d14b065bbfc4a97621c033ca3a5b2e3dabb1e09dcfa23aa`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.69319`
MD5	`bda598cfa5330b7d53a59d2e280fd03c`
SHA1	`26707e04974ea63ae7eb4920830717816f424d06`
SHA256	`0c66f4221d89b8293355007f8dd37b1f097739df7fd23e910e912d2984049959`
SHA3	`b4c44cf4febb2d9a7a31058a30e3b518e9b594ccd4cb575f111d1e8168bc36f0`

119

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x66`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.53053`
MD5	`6a3c352bdb25b3b847558bf20cd9c9fd`
SHA1	`02fd2ec2a6d9c19ca346dc3fa7745c823c3ad3bd`
SHA256	`d8d78bf83492a242866ecff57cb23ea4b2de7f474b9bc5b3bcf315ff72659b0a`
SHA3	`fc74c4be1535536eb7b9ecc98b2099ffd201564411f0539c1572e1cc3c29bb0e`

128

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.5943`
Detected Filetype	Icon file
MD5	`1f0dc0e6555da2469e58784de0168cd6`
SHA1	`e3eb5a95799bb29458317d61f4caa2a39cadde2b`
SHA256	`2153c8cc029bbc21b8067a627191e09a5777f3bb93d6cf958b83262593a111b3`
SHA3	`58ae59aa88457bffb4ea66ff4a07a1c5a6e9509b510cf146bcddf30ff64a337d`

Version Info

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x2a8330b9`
Unmarked objects	`0`
14 (7299)	`2`
C++ objects (8797)	`1`
C objects (8797)	`11`
Linker (8797)	`2`
19 (8034)	`10`
Total imports	`416`
C++ objects (VS98 build 8168)	`1`
Resource objects (VS98 SP6 cvtres build 1736)	`1`
Linker (VC++ 6.0 SP5 imp/exp build 8447)	`8`

795137104d97da1bf4282fd6979bb38d

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.idata

.rsrc

.reloc

Imports

Delayed Imports

GPackage

101

1

2

3

119

128

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors