7a6fd4ba72301800f1eeb6316908d8db

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2020-Sep-16 08:44:19
Detected languages English - United States
Debug artifacts Set-up.pdb
CompanyName Adobe Inc.
FileDescription Adobe Installer
FileVersion 6.2.0.554
InternalName Adobe Installer
LegalCopyright © 2013-2024 Adobe. All rights reserved.
OriginalFilename Adobe Installer
ProductName Adobe Installer
ProductVersion 6.2.0.554

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ 6.0 - 8.0
Suspicious Strings found in the binary may indicate undesirable behavior: Looks for Qemu presence:
  • QEmU
  • QemU
 Miscellaneous malware strings:
  • virus
 Contains domain names:
  • JQ525L2MZD.com
  • accelerate.amazonaws.com
  • accounts.adobe.com
  • adminconsole.adobe.com
  • adobe.com
  • amazonaws.com
  • ccm.oobesaas.adobe.com
  • ccmdl.adobe.com
  • cdn-ffc.oobesaas.adobe.com
  • cdn-qe-ffc.oobesaas.adobe.com
  • cdn-stg-ffc.oobesaas.adobe.com
  • corp.adobe.com
  • customized-user-packages.s3-accelerate.amazonaws.com
  • customized-user-packages.s3.amazonaws.com
  • dev.corp.adobe.com
  • ffc-ccm.oobesaas.adobe.com
  • ffc-files.corp.adobe.com
  • ffc.oobesaas.adobe.com
  • files.corp.adobe.com
  • helpx.adobe.com
  • http://typekit.com
  • http://www.adobe.com
  • http://www.adobe.com/go/apps_install_hdesd_error
  • http://www.adobe.com/go/apps_install_hdesd_error_br
  • http://www.adobe.com/go/apps_install_hdesd_error_cn
  • http://www.adobe.com/go/apps_install_hdesd_error_cz
  • http://www.adobe.com/go/apps_install_hdesd_error_de
  • http://www.adobe.com/go/apps_install_hdesd_error_dk
  • http://www.adobe.com/go/apps_install_hdesd_error_es
  • http://www.adobe.com/go/apps_install_hdesd_error_fi
  • http://www.adobe.com/go/apps_install_hdesd_error_fr
  • http://www.adobe.com/go/apps_install_hdesd_error_it
  • http://www.adobe.com/go/apps_install_hdesd_error_jp
  • http://www.adobe.com/go/apps_install_hdesd_error_kr
  • http://www.adobe.com/go/apps_install_hdesd_error_nl
  • http://www.adobe.com/go/apps_install_hdesd_error_no
  • http://www.adobe.com/go/apps_install_hdesd_error_pl
  • http://www.adobe.com/go/apps_install_hdesd_error_ru
  • http://www.adobe.com/go/apps_install_hdesd_error_se
  • http://www.adobe.com/go/apps_install_hdesd_error_tr
  • http://www.adobe.com/go/apps_install_hdesd_error_tw
  • http://www.adobe.com/go/conflicting_process_hdesd
  • http://www.adobe.com/go/conflicting_process_hdesd_br
  • http://www.adobe.com/go/conflicting_process_hdesd_cn
  • http://www.adobe.com/go/conflicting_process_hdesd_cz
  • http://www.adobe.com/go/conflicting_process_hdesd_de
  • http://www.adobe.com/go/conflicting_process_hdesd_dk
  • http://www.adobe.com/go/conflicting_process_hdesd_es
  • http://www.adobe.com/go/conflicting_process_hdesd_fi
  • http://www.adobe.com/go/conflicting_process_hdesd_fr
  • http://www.adobe.com/go/conflicting_process_hdesd_it
  • http://www.adobe.com/go/conflicting_process_hdesd_jp
  • http://www.adobe.com/go/conflicting_process_hdesd_kr
  • http://www.adobe.com/go/conflicting_process_hdesd_nl
  • http://www.adobe.com/go/conflicting_process_hdesd_no
  • http://www.adobe.com/go/conflicting_process_hdesd_pl
  • http://www.adobe.com/go/conflicting_process_hdesd_ru
  • http://www.adobe.com/go/conflicting_process_hdesd_se
  • http://www.adobe.com/go/conflicting_process_hdesd_tr
  • http://www.adobe.com/go/conflicting_process_hdesd_tw
  • http://www.adobe.com/go/cust_support
  • http://www.adobe.com/go/cust_support_br
  • http://www.adobe.com/go/cust_support_cn
  • http://www.adobe.com/go/cust_support_cz
  • http://www.adobe.com/go/cust_support_de
  • http://www.adobe.com/go/cust_support_dk
  • http://www.adobe.com/go/cust_support_es
  • http://www.adobe.com/go/cust_support_fi
  • http://www.adobe.com/go/cust_support_fr
  • http://www.adobe.com/go/cust_support_it
  • http://www.adobe.com/go/cust_support_jp
  • http://www.adobe.com/go/cust_support_kr
  • http://www.adobe.com/go/cust_support_nl
  • http://www.adobe.com/go/cust_support_no
  • http://www.adobe.com/go/cust_support_pl
  • http://www.adobe.com/go/cust_support_ru
  • http://www.adobe.com/go/cust_support_se
  • http://www.adobe.com/go/cust_support_tr
  • http://www.adobe.com/go/cust_support_tw
  • http://www.adobe.com/go/system_requirements_hdesd
  • http://www.adobe.com/go/system_requirements_hdesd_br
  • http://www.adobe.com/go/system_requirements_hdesd_cn
  • http://www.adobe.com/go/system_requirements_hdesd_cz
  • http://www.adobe.com/go/system_requirements_hdesd_de
  • http://www.adobe.com/go/system_requirements_hdesd_dk
  • http://www.adobe.com/go/system_requirements_hdesd_es
  • http://www.adobe.com/go/system_requirements_hdesd_fi
  • http://www.adobe.com/go/system_requirements_hdesd_fr
  • http://www.adobe.com/go/system_requirements_hdesd_it
  • http://www.adobe.com/go/system_requirements_hdesd_jp
  • http://www.adobe.com/go/system_requirements_hdesd_kr
  • http://www.adobe.com/go/system_requirements_hdesd_nl
  • http://www.adobe.com/go/system_requirements_hdesd_no
  • http://www.adobe.com/go/system_requirements_hdesd_pl
  • http://www.adobe.com/go/system_requirements_hdesd_ru
  • http://www.adobe.com/go/system_requirements_hdesd_se
  • http://www.adobe.com/go/system_requirements_hdesd_tr
  • http://www.adobe.com/go/system_requirements_hdesd_tw
  • http://www.adobe.com/products/eulas/tou_typekit.
  • http://www.w3.org
  • http://www.w3.org/1999/xlink
  • http://www.w3.org/2000/svg
  • http://www.winimage.com
  • http://www.winimage.com/zLibDll
  • https://127.0.0.1
  • https://accounts.adobe.com
  • https://accounts.adobe.com/security/privacy
  • https://adminconsole.adobe.com
  • https://cdn-ffc.oobesaas.adobe.com
  • https://cdn-ffc.oobesaas.adobe.com/core/v1/update/description
  • https://cdn-ffc.oobesaas.adobe.com/core/v1/validation
  • https://cdn-ffc.oobesaas.adobe.com/core/v2/applications
  • https://cdn-ffc.oobesaas.adobe.com/core/v3/applications
  • https://cdn-ffc.oobesaas.adobe.com/core/v4/products/all?
  • https://cdn-qe-ffc.oobesaas.adobe.com
  • https://cdn-stg-ffc.oobesaas.adobe.com
  • https://helpx.adobe.com
  • https://helpx.adobe.com/br/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/cn/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/cz/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/de/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/dk/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/es/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/fi/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/fr/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/it/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/jp/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/kr/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/nl/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/no/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/pl/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/ru/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/se/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/tr/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/tw/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/x-productkb/global/desktop-app-usage-information-faq.html
  • https://oobe.adobe.com
  • https://oobe.adobe.com/
  • https://oobe.adobe.com/type3
  • https://prod-rel-ffc-ccm.oobesaas.adobe.com
  • https://prod-rel-ffc-ccm.oobesaas.adobe.com/adobe-ffc-external
  • https://qa.adminconsole.adobe.com
  • https://qe-prstg-ffc.oobesaas.adobe.com
  • https://qe-prstg-ffc.oobesaas.adobe.com/adobe-ffc-external
  • https://sqe-prstg-ffc.oobesaas.adobe.com
  • https://sqe-prstg-ffc.oobesaas.adobe.com/adobe-ffc-external
  • https://stage.adminconsole.adobe.com
  • https://tron-onesie-dev.corp.adobe.com
  • https://tron-onesie.corp.adobe.com
  • https://tron-prod-customized-user-packages.s3-accelerate.amazonaws.com
  • https://tron-prod-customized-user-packages.s3.amazonaws.com
  • https://tron-qe-user-packages.s3-accelerate.amazonaws.com
  • https://tron-qe-user-packages.s3.amazonaws.com
  • https://trondevuserpackages.s3-accelerate.amazonaws.com
  • https://trondevuserpackages.s3.amazonaws.com
  • https://tronstageuserpackages.s3-accelerate.amazonaws.com
  • https://tronstageuserpackages.s3.amazonaws.com
  • https://www.adobe.com
  • https://www.adobe.com/
  • https://www.adobe.com/br/creativecloud/desktop-app.html
  • https://www.adobe.com/creativecloud/desktop-app.html
  • https://www.adobe.com/cz/creativecloud/desktop-app.html
  • https://www.adobe.com/de/creativecloud/desktop-app.html
  • https://www.adobe.com/dk/creativecloud/desktop-app.html
  • https://www.adobe.com/es/creativecloud/desktop-app.html
  • https://www.adobe.com/fi/creativecloud/desktop-app.html
  • https://www.adobe.com/fr/creativecloud/desktop-app.html
  • https://www.adobe.com/go/creative
  • https://www.adobe.com/go/creative_br
  • https://www.adobe.com/go/creative_cn
  • https://www.adobe.com/go/creative_cz
  • https://www.adobe.com/go/creative_de
  • https://www.adobe.com/go/creative_dk
  • https://www.adobe.com/go/creative_es
  • https://www.adobe.com/go/creative_fi
  • https://www.adobe.com/go/creative_fr
  • https://www.adobe.com/go/creative_it
  • https://www.adobe.com/go/creative_jp
  • https://www.adobe.com/go/creative_kr
  • https://www.adobe.com/go/creative_nl
  • https://www.adobe.com/go/creative_no
  • https://www.adobe.com/go/creative_pl
  • https://www.adobe.com/go/creative_ru
  • https://www.adobe.com/go/creative_se
  • https://www.adobe.com/go/creative_tr
  • https://www.adobe.com/go/creative_tw
  • https://www.adobe.com/go/download-packager-utility
  • https://www.adobe.com/go/download-packager-utility_br
  • https://www.adobe.com/go/download-packager-utility_cn
  • https://www.adobe.com/go/download-packager-utility_cz
  • https://www.adobe.com/go/download-packager-utility_de
  • https://www.adobe.com/go/download-packager-utility_dk
  • https://www.adobe.com/go/download-packager-utility_es
  • https://www.adobe.com/go/download-packager-utility_fi
  • https://www.adobe.com/go/download-packager-utility_fr
  • https://www.adobe.com/go/download-packager-utility_it
  • https://www.adobe.com/go/download-packager-utility_jp
  • https://www.adobe.com/go/download-packager-utility_kr
  • https://www.adobe.com/go/download-packager-utility_nl
  • https://www.adobe.com/go/download-packager-utility_no
  • https://www.adobe.com/go/download-packager-utility_pl
  • https://www.adobe.com/go/download-packager-utility_ru
  • https://www.adobe.com/go/download-packager-utility_se
  • https://www.adobe.com/go/download-packager-utility_tr
  • https://www.adobe.com/go/download-packager-utility_tw
  • https://www.adobe.com/it/creativecloud/desktop-app.html
  • https://www.adobe.com/jp/creativecloud/desktop-app.html
  • https://www.adobe.com/kr/creativecloud/desktop-app.html
  • https://www.adobe.com/nl/creativecloud/desktop-app.html
  • https://www.adobe.com/no/creativecloud/desktop-app.html
  • https://www.adobe.com/pl/creativecloud/desktop-app.html
  • https://www.adobe.com/ru/creativecloud/desktop-app.html
  • https://www.adobe.com/se/creativecloud/desktop-app.html
  • https://www.adobe.com/tr/creativecloud/desktop-app.html
  • https://www.adobe.com/tw/creativecloud/desktop-app.html
  • jquery.com
  • jquery.org
  • n.top-r.top
  • onesie-dev.corp.adobe.com
  • onesie.corp.adobe.com
  • oobe.adobe.com
  • oobesaas.adobe.com
  • packages.s3-accelerate.amazonaws.com
  • packages.s3.amazonaws.com
  • prod-customized-user-packages.s3-accelerate.amazonaws.com
  • prod-customized-user-packages.s3.amazonaws.com
  • prod-rel-ffc-ccm.oobesaas.adobe.com
  • prstg-ffc.oobesaas.adobe.com
  • qa.adminconsole.adobe.com
  • qe-ffc.oobesaas.adobe.com
  • qe-prstg-ffc.oobesaas.adobe.com
  • qe-user-packages.s3-accelerate.amazonaws.com
  • qe-user-packages.s3.amazonaws.com
  • rel-ffc-ccm.oobesaas.adobe.com
  • s3-accelerate.amazonaws.com
  • s3.amazonaws.com
  • sqe-prstg-ffc.oobesaas.adobe.com
  • stage-ffc-files.corp.adobe.com
  • stage.adminconsole.adobe.com
  • stg-ffc.oobesaas.adobe.com
  • t.top-s.top
  • top-r.top
  • top-s.top
  • tron-onesie-dev.corp.adobe.com
  • tron-onesie.corp.adobe.com
  • tron-prod-customized-user-packages.s3-accelerate.amazonaws.com
  • tron-prod-customized-user-packages.s3.amazonaws.com
  • tron-qe-user-packages.s3-accelerate.amazonaws.com
  • tron-qe-user-packages.s3.amazonaws.com
  • trondevuserpackages.s3-accelerate.amazonaws.com
  • trondevuserpackages.s3.amazonaws.com
  • tronstageuserpackages.s3-accelerate.amazonaws.com
  • tronstageuserpackages.s3.amazonaws.com
  • typekit.com
  • user-packages.s3-accelerate.amazonaws.com
  • user-packages.s3.amazonaws.com
  • winimage.com
  • www.adobe.com
  • www.w3.org
  • www.winimage.com
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Uses constants related to MD5
Uses constants related to SHA1
Uses constants related to SHA256
Uses constants related to SHA512
Uses known Mersenne Twister constants
Microsoft's Cryptography API
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryW
  • GetProcAddress
  • LoadLibraryA
  • LoadLibraryExA
  • LoadLibraryExW
 Functions which can be used for anti-debugging purposes:
  • CreateToolhelp32Snapshot
  • SwitchToThread
 Can access the registry:
  • SHGetValueW
  • RegFlushKey
  • RegCloseKey
  • RegDeleteKeyExW
  • RegCreateKeyExW
  • RegSetValueExW
  • RegOpenKeyExW
  • RegEnumValueW
  • RegQueryValueExW
 Possibly launches other programs:
  • ShellExecuteW
  • CreateProcessW
 Uses Microsoft's cryptographic API:
  • CryptReleaseContext
  • CryptGetHashParam
  • CryptDestroyHash
  • CryptHashData
  • CryptCreateHash
  • CryptAcquireContextW
  • CryptProtectData
  • CryptUnprotectData
  • CryptStringToBinaryW
  • CryptHashCertificate2
  • CryptImportPublicKeyInfoEx2
 Can create temporary files:
  • CreateFileW
  • GetTempPathW
  • GetTempPathA
  • CreateFileA
 Uses functions commonly found in keyloggers:
  • GetForegroundWindow
  • AttachThreadInput
  • GetAsyncKeyState
 Memory manipulation functions often used by packers:
  • VirtualAlloc
  • VirtualProtect
 Has Internet access capabilities:
  • InternetCanonicalizeUrlW
 Functions related to the privilege level:
  • OpenProcessToken
  • DuplicateTokenEx
  • AdjustTokenPrivileges
 Enumerates local disk drives:
  • GetDriveTypeW
 Manipulates other processes:
  • OpenProcess
  • Process32NextW
  • Process32FirstW
 Changes object ACLs:
  • SetNamedSecurityInfoW
 Can take screenshots:
  • GetDC
  • BitBlt
  • CreateCompatibleDC
 Interacts with the certificate store:
  • CertOpenStore
  • CertAddCertificateContextToStore
Malicious The PE's digital signature is invalid. Signer: Adobe Inc.
Issuer: DigiCert EV Code Signing CA (SHA2)
The file was modified after it was signed.
Malicious VirusTotal score: 26/75 (Scanned on 2024-09-04 04:31:46) AVG: FileRepMalware [Misc]
Avast: FileRepMalware [Misc]
Avira: SPR/Agent.fpgny
CAT-QuickHeal: Trojan.Crack
Cylance: Unsafe
DeepInstinct: MALICIOUS
ESET-NOD32: Win32/HackTool.Crack.OH potentially unsafe
F-Secure: PrivacyRisk.SPR/Agent.fpgny
Fortinet: Riskware/Crack
GData: Win32.Application.Agent.IWC6XT
Google: Detected
Gridinsoft: Hack.Win32.Patcher.cl
Ikarus: PUA.HackTool.Crack
K7AntiVirus: Unwanted-Program ( 005b1e471 )
K7GW: Unwanted-Program ( 005b1e471 )
Kingsoft: Win32.Riskware.Crack.f
Lionic: Hacktool.Win32.Crack.3!c
Malwarebytes: RiskWare.Crack
MaxSecure: Trojan.Malware.3411146.susgen
McAfeeD: ti!9E32F603B904
Sangfor: Trojan.Win32.Crack.V597
Sophos: Generic Reputation PUA (PUA)
Varist: W32/ABRisk.QICQ-7034
Webroot: W32.Riskware.Repack
Xcitium: ApplicUnwnt@#22xcbgw0wiew5
alibabacloud: HackTool:Win/Crack.OJ

Hashes

MD5 7a6fd4ba72301800f1eeb6316908d8db
SHA1 9d8305cb33f7c9d2e1cf21fa384e045467879752
SHA256 9e32f603b9046c9f2a23d6a8c64792f3fb6119f0ac374f04c8830e1e0b374f2f
SHA3 6f9c8a597a1cb919508f1932c13ae3bc6032062ed074256c54b814dab00c7bb3
SSDeep 98304:RDNC89EF0yd7wyYnVz02/ZZmbZFu78XfrLTI4O6xW:RDNCQMrdxB2/XmbZ888fh
Imports Hash 7cab4e0f5c800ca0f9f0244f2ca3e725

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x130

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2020-Sep-16 08:44:19
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x372400
SizeOfInitializedData 0x3dac00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x002D147A (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x374000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.1
ImageVersion 0.0
SubsystemVersion 5.1
Win32VersionValue 0
SizeOfImage 0x751000
SizeOfHeaders 0x400
Checksum 0x7586ea
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 0a836d19bd8dab940582e064a34e1c03
SHA1 8320a74de8aad6e235abb70829789799b0a85783
SHA256 1cf154722d123578d762c5a38db75e9c01f89292ee1e55f080e0f25df8dca491
SHA3 9c7454ee39dd7b6366bfbf6fbe3a40bcca54274167e170659c2b1ac2648a187d
VirtualSize 0x372380
VirtualAddress 0x1000
SizeOfRawData 0x372400
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.55694

.rdata

MD5 bc188332286cc4e986c1f301d24e39d2
SHA1 d2dc9850ce0307ee7bb20f9473148b356a21390f
SHA256 8f27c774ea27ba4498b1e7e232a715b88db617f3221f03c0c25c8d4bf3897306
SHA3 a1117136331aaf50e0b0547a35a6c4eff5416b965668a5f967566b63c581cc81
VirtualSize 0xe2b88
VirtualAddress 0x374000
SizeOfRawData 0xe2c00
PointerToRawData 0x372800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.28184

.data

MD5 a4655420de09f96153c77cb4b4556f40
SHA1 7fd4dbe0bd55496ad858a0e8110e17b4276549fc
SHA256 325f4ad30d8831c00b3d6c4e2237ba1d9f5309de7f10f63e67c9eb5868862d88
SHA3 4194aed67727857139f6f04028e17b4d3abf14e6d43635ca01d2481f788a8097
VirtualSize 0x280f4
VirtualAddress 0x457000
SizeOfRawData 0x21c00
PointerToRawData 0x455400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.6319

.rsrc

MD5 f6a6383e12624c2be9b7753ebf6134a5
SHA1 f83b139f82ae43c05381c4feaafa0237b243ad84
SHA256 e204d527a3af2f701b97fe31eb430b1f23e8f307a2c444ad9531697d53829534
SHA3 818c057af99b7494622220257d7f589a56ff259d3bf55b31f432aaac0afb2c74
VirtualSize 0x29e453
VirtualAddress 0x480000
SizeOfRawData 0x29e600
PointerToRawData 0x477000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.46993

.reloc

MD5 5b1923c78768674aa063d7ef11edc3d8
SHA1 04e2cb4937985f4a507473a00d8a978b9e1d10ae
SHA256 24857317bfc65f1778eb2621705b323b474463b0d8c12144a506d360b590ec58
SHA3 f97bd126129e9eb441c305f05d051d42516c24e2f203d6bb82e1efb2d5787882
VirtualSize 0x31648
VirtualAddress 0x71f000
SizeOfRawData 0x31800
PointerToRawData 0x715600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 6.66356

Imports

COMCTL32.dll InitCommonControlsEx
SHLWAPI.dll PathIsUNCW
PathIsRelativeW
PathRemoveBackslashW
PathIsNetworkPathW
PathStripPathW
UrlIsW
SHGetValueW
UrlEscapeW
PathFindFileNameW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW
PathAppendW
PathIsDirectoryW
PathRenameExtensionW
PathIsSystemFolderW
PathFileExistsA
PathAddBackslashW
PathIsRootW
PathStripToRootW
SHELL32.dll SHCreateDirectoryExW
#51
SHGetKnownFolderPath
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderLocation
SHBrowseForFolderW
#680
SHGetMalloc
SHGetFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW
SHGetSpecialFolderPathW
CommandLineToArgvW
KERNEL32.dll FindNextFileW
WaitForMultipleObjects
CreateFileW
CreateEventW
SetEvent
ResetEvent
GetOverlappedResult
ReadDirectoryChangesW
MultiByteToWideChar
WideCharToMultiByte
GetFileSizeEx
FindClose
GetFileAttributesW
SetFileAttributesW
DeleteFileW
GetLocalTime
GetTimeFormatW
GetDateFormatW
GetCurrentProcess
DeviceIoControl
GetTempPathW
GetVersionExW
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
RaiseException
LoadLibraryW
GetProcAddress
CreateProcessW
GetModuleHandleW
FreeLibrary
InitializeCriticalSectionEx
DecodePointer
MulDiv
GetModuleFileNameW
TerminateProcess
RemoveDirectoryW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CopyFileW
GetExitCodeProcess
ReadFile
SetLastError
lstrlenW
LocalAlloc
GetDiskFreeSpaceExW
GetCurrentDirectoryW
SetCurrentDirectoryW
MoveFileExW
GetFileSize
lstrcpyW
lstrcmpiW
lstrcmpW
GetDriveTypeW
GetFullPathNameW
HeapSize
HeapReAlloc
HeapDestroy
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemDirectoryW
SetDllDirectoryW
GetStdHandle
AttachConsole
FreeConsole
GetConsoleWindow
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
LeaveCriticalSection
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
CreateFileMappingA
LockFileEx
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalFree
VerSetConditionMask
FindFirstFileW
GetUserDefaultLCID
LCMapStringW
DuplicateHandle
ProcessIdToSessionId
TerminateThread
CreateThread
FindResourceExW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultUILanguage
SetNamedPipeHandleState
CreateNamedPipeW
ConnectNamedPipe
CreateDirectoryW
ReleaseSemaphore
OpenSemaphoreW
CreateSemaphoreW
GetTimeZoneInformation
VirtualFree
VirtualAlloc
QueryPerformanceFrequency
GetCurrentThread
SetFilePointerEx
ResumeThread
SetThreadPriority
EnterCriticalSection
CompareStringW
GetCPInfo
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetExitCodeThread
SwitchToThread
GetModuleHandleExW
QueueUserWorkItem
IsProcessorFeaturePresent
LoadLibraryExA
VirtualQuery
VirtualProtect
GetCurrentProcessId
GetCurrentThreadId
OpenMutexW
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetProcessHeap
HeapAlloc
HeapFree
LocalFree
GetLastError
FormatMessageW
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
CreateTimerQueue
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
DeleteCriticalSection
RegisterWaitForSingleObject
UnregisterWait
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
SetStdHandle
WriteConsoleW
ExitProcess
GetConsoleCP
GetConsoleMode
IsValidLocale
EnumSystemLocalesW
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetACP
VerifyVersionInfoW
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSection
SetEnvironmentVariableW
GetFullPathNameA
USER32.dll CharNextW
BringWindowToTop
TranslateAcceleratorW
GetClassNameW
SetCapture
GetDlgItem
GetParent
RegisterWindowMessageW
ReleaseCapture
SetForegroundWindow
InvalidateRect
GetForegroundWindow
GetSysColor
AttachThreadInput
IsChild
DestroyAcceleratorTable
ClientToScreen
RedrawWindow
InvalidateRgn
IsWindow
SetFocus
ScreenToClient
FillRect
GetFocus
GetWindow
IsIconic
BeginPaint
EndPaint
GetWindowTextW
GetSystemMetrics
GetMessageW
DefWindowProcW
GetWindowLongW
DestroyWindow
SetWindowPos
CreateWindowExW
SendMessageW
RegisterClassExW
GetActiveWindow
DispatchMessageW
CreateAcceleratorTableW
SetWindowTextW
CallWindowProcW
GetWindowTextLengthW
GetWindowThreadProcessId
wsprintfW
PostThreadMessageW
TranslateMessage
LoadCursorW
SetWindowLongW
PostQuitMessage
GetDesktopWindow
GetClassInfoExW
GetDC
MessageBoxW
ShowWindow
GetAsyncKeyState
ReleaseDC
PostMessageW
UnregisterClassW
GetClientRect
EnumWindows
MoveWindow
GetShellWindow
LoadImageW
SystemParametersInfoW
EnableMenuItem
LoadIconW
GetSystemMenu
GetClassLongW
AppendMenuW
SetClassLongW
GetWindowRect
GDI32.dll DeleteDC
GetObjectW
DeleteObject
CreateSolidBrush
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
GetStockObject
BitBlt
CreateCompatibleDC
ADVAPI32.dll SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetTokenInformation
CreateWellKnownSid
LookupPrivilegeValueW
OpenProcessToken
RegFlushKey
RegCloseKey
RegDeleteKeyExW
RegCreateKeyExW
RegSetValueExW
LookupAccountSidW
RegOpenKeyExW
RegEnumValueW
EqualSid
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
DuplicateTokenEx
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegQueryValueExW
GetUserNameW
CredWriteW
CredReadW
CredDeleteW
CredFree
CredEnumerateW
AdjustTokenPrivileges
ole32.dll CoCreateGuid
CoAddRefServerProcess
OleRun
CoUninitialize
CoInitialize
CLSIDFromString
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
StringFromGUID2
OleInitialize
OleUninitialize
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
CoReleaseServerProcess
OLEAUT32.dll VariantChangeType
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
SysAllocString
OleCreateFontIndirect
LoadTypeLib
LoadRegTypeLib
SysAllocStringByteLen
VariantCopy
SysStringByteLen
DispCallFunc
GetErrorInfo
VariantClear
bcrypt.dll BCryptCloseAlgorithmProvider
BCryptVerifySignature
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptDecrypt
BCryptDestroyKey
BCryptEncrypt
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptCreateHash
BCryptHashData
BCryptFinishHash
BCryptGetProperty
CRYPT32.dll CertGetIssuerCertificateFromStore
CertGetNameStringW
CryptProtectData
CryptUnprotectData
CryptStringToBinaryW
CertOpenStore
CertFindCertificateInStore
CertFreeCertificateContext
CertCreateCertificateContext
CryptHashCertificate2
CryptImportPublicKeyInfoEx2
CertVerifySubjectCertificateContext
CertAddCertificateContextToStore
CertCloseStore
Secur32.dll GetUserNameExW
WINTRUST.dll WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperGetProvSignerFromChain
WININET.dll (delay-loaded) InternetCanonicalizeUrlW

Delayed Imports

Attributes 0x1
Name WININET.dll
ModuleHandle 0x478b60
DelayImportAddressTable 0x478b34
DelayImportNameTable 0x453f20
BoundDelayImportTable 0x4541cc
UnloadDelayImportTable 0
TimeStamp 1970-Jan-01 00:00:00

104

Type CSS
Language English - United States
Codepage UNKNOWN
Size 0x4126
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.07844
MD5 ee23e36c90c9fccd530504285d371ac3
SHA1 7a4e24d18ec723d38cd922e3845ff290f0299e15
SHA256 32616e0764c80efb4607a0dccfec7cf7862886c4ae80e6405dc3cc5c62cd0f82
SHA3 1ecb0ffcc01ce284f032a28c139d6705ad7f1668191756364a90e7751688f91d

106

Type CSS
Language English - United States
Codepage UNKNOWN
Size 0xaf895
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.00713
MD5 4f3364af3e396f92a8826532bfb1a7e5
SHA1 7f7b613435ece78a358f2066287c2f2c3c6aa168
SHA256 45b9b77499356527e9047256db96a542a720bf075d67e9f6ba55d51fd562339e
SHA3 9b3b08caccd4a53ed1199b2255e0cf52124c837f6ea22bd76bbcecdc3013db2c

153

Type CSS
Language English - United States
Codepage UNKNOWN
Size 0x43d5
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.93938
MD5 edacde36ff06bd26f1907ae092eac998
SHA1 c25e9052ee5b28ec28e2eceee40217302bf2caae
SHA256 257634b6fa84dce998b31d6497330f0a0661efbd270f58289fbe026ed95b6f2c
SHA3 c10f06708b8dd6772b2026aca86729f4d350c32e26b312349b057c1cd4ceab3a

161

Type CSS
Language English - United States
Codepage UNKNOWN
Size 0xa12
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.93153
MD5 1265d497504870d225452b3309b0e06b
SHA1 29a3b783e6f2f2cd3f6d08833b83c7848f8e3450
SHA256 4273a5d4ef990dead6cabe760c27b25f7fcf8a51177f1b31813ad8866a565330
SHA3 890b6622f9d83f9dd0bee5e9312cc6788c759803057d24ab70aee67fde7ff4d0

130

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12240
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.41667
MD5 c693e1bd4feda683ae5c71f2bd6b9de8
SHA1 2f3c32dbb95623c52ebf3b608074afdfbcbf050a
SHA256 5dffe13d4c72f59dbc6f8efb439350518acd4e8e07efa124973cfd1a625f60d4
SHA3 0ed0a9b0ff80ad9e6263b2fb772856b3b16dad36a9c7ec278891c072f20219c7

131

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x149dc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44277
MD5 de6ad36da9ce74f5acd9a8d9f100ae03
SHA1 35b6a82e664e3cf1155e04cfbe41af9b8ea954e3
SHA256 57203d2280f961cfc9286118ad2e869caba425b4a301687c2c4564fdb2ce7a97
SHA3 d9ff84d5552166cecd3fe2a1d7245feece4b9eac3ed0533846cbaa63581078d8

132

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x13e56
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44646
MD5 4a623550bcc7ce7fda3a49865a940c1f
SHA1 f15200c4728a6f73d4200c32b65ccd34c5a7c58b
SHA256 acdf380fc08961243e9427d963cfa81f95c25ecd140ead9cd262d531b082ff89
SHA3 f84c9ca436323c3b844affe82dfd8a03dfccdbb06f31a1e7b68f84f9ce7dfef7

133

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0xf0c8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.4524
MD5 a224d7059605d2fc80f500e8bc811353
SHA1 c168ba82f08eb29afe8b9679d3ffe05132068516
SHA256 1abda5ce05629bf052af2713fc749e5f4895ed315f577bcabb840159ab99c9f7
SHA3 b26aa308bb51c355bd7ca22cb10146c16e1cefa24e465a0e5e8793cb9f532642

134

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x13976
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.40641
MD5 1fa222d4e2c4f1c5004a04642607bd3f
SHA1 50427eba86cd90fa236a40806c76c4f4b4652c72
SHA256 256f87de5c08f8ae71927aed204a91e43da5b306758642c3ef57d8c7bc9aefd2
SHA3 433b3a5ea4ed81e19b410043e681f66f4143f3f4217dffd21cb209970a158569

135

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12c94
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.43668
MD5 226be0d23b22ca7d5fe7e9fd46ba725e
SHA1 5749bb0b4e6c7ecc53d859953a3a79b88c86c288
SHA256 5e6900b57e649d7d3018d7e7333076e1ea81b1d52cb178b0b00acf640c153531
SHA3 919b7ff803df870830a8a76f675380e215371f647ef8ec730b5f29d97ab679bf

136

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0xee7c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.42
MD5 fc4958aee8f92955054e0a6d5420a1ea
SHA1 8fe12f4298997e5302d8175171ea54394f223151
SHA256 15c3f1eba21ff69bc63a891cadf79d3c222b16a3c664cf8d993096b4dca0ccda
SHA3 6864d0d44fd57213cdf5b5c1b93e2f6601c566b71e294111fa927718180673ba

137

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x1347e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.41334
MD5 41a7b92ea3beb3343459daba3c986afc
SHA1 8bee4e0745762c08fb6a1d2431ad88494eb5e41e
SHA256 5d4d0d4a3998ccf8d5d001e8a1d3507a1844005ab60a5e3e14052c9c599d4eb8
SHA3 63ff9b3ab542419828e7bd9584a4c62629736ce18f04ea53e8aeab69ecf9087b

138

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0xd488
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.31819
MD5 7b16aa9d22d4bde82fb6738ca0f2101b
SHA1 d8c27a0dbae7613ccc1fa4156216ae7b3308a6d3
SHA256 8dce8a5c2ec2b9fe85c92c94e6f2f5e2cbe4b81303fef7a9960aa48c70923ef5
SHA3 bd8d4d9528cde4d85f1099049403ddf74a7969de5cd23cb268f2d89fe6c277bd

139

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0xd5ea
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.34886
MD5 a2cd388831739d4cf196e55ab7a47ba6
SHA1 9a9b8e2ff59bc9daa8eb5e442f9751cc0ace754a
SHA256 ad4a9dd753f4f7f94d09fd6bbd7baf73c5cf42d1e884a9f376a5442cff25b4d1
SHA3 906d04557cea37c71d38fd54c14398b12d85eec8c9dcb13330886e2dbb545c32

140

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x132ae
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.4161
MD5 87beca7210b95feb35a13faa0b718247
SHA1 903d1954fcb131bb7d440070c0f8ed52c5d32bdc
SHA256 5ec4a2f57b898659916497a4bba99321b60b342f3cf949326b33542527260998
SHA3 56cf876f9377f729311a16567ded459b4ad1716935610347ebbbedf40f14aaca

141

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12650
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44679
MD5 89eb53210f3a660e70e46272958d3101
SHA1 507fa9e541ab7063a684d7cfc316f810a95259ad
SHA256 c48b92d64dca15554d54ecc8d3103090a501a95b820510fbf230c709ce04eee2
SHA3 980f22e9c9d5913ea5fb44848fc341866f67934065979ce79ad44e9ed737e54c

142

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12b1e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.59838
MD5 12c074c451f31b9ed925b2252d182d21
SHA1 f41a1e064f10e5cb963fd0ce21d225b274be1549
SHA256 6cd291164b97ed87eb9716b0d9c1addc0b922b8cce6394ceac449e1a1d72e299
SHA3 887dce098008beb7cfc370a15ce1bc2630a54b2fdce0034f4814bac531ed00e5

143

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x130d8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.58377
MD5 280904291cdd806c249d03ddc31e8b89
SHA1 6ae28972a443faa2db43006cf9f240557096cb8f
SHA256 cbc14e8afc6aec9a35be38a9f0a28de13baf7d592bcbb01e2e93926703d26ff0
SHA3 574b0129a8fdc4edd1007b8adb23709d70885ac1e2492dbd00edf92e19ecf56b

144

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12df8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.16919
MD5 79b183809676e4be19bbbd4c7ef744a7
SHA1 5ccaa7995522774df1de85b50bde4f4d4ed69989
SHA256 0a51cc669d7cb6e01b01d2523bd4f55b5cc65e5075a87ce37e0f15be4aa2fa2b
SHA3 369e6b939954714abbe98615a788195f39627374cc7ac41a77e223ba78386798

145

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x128e6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.58286
MD5 32e9b912cf2aa362c4817dda529f0095
SHA1 fb9fcb503b0a7328fa47cf74fbfb50af00aa30ce
SHA256 d91877d3610a1d36f953c47daa179c269f397f6dde1cc950ab1c7a3380a39858
SHA3 b6959219b6ae8d14ed48af3c3700aeec6109e80e2443b756f86852306798e813

146

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12994
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.43696
MD5 04f7e8a19ad5214283a2e66d4df8b53e
SHA1 fb0a3bf8186d9d6bd8acd86f1af9fa7fba558e10
SHA256 214d028deb319a5f97b0db1588170f3acc5ce5517aa7ed9cab34bd783e67dc5b
SHA3 16a2f1f41e56f707b3a5f5ce8fe60a244b58dc6b29caa0312dbe31fba8267ed3

147

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x128d4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.43422
MD5 24b7da18e16b19e086ea302fdd4fb22c
SHA1 f5610fe7857c946d63d19dcb9e68fcc516dcc66c
SHA256 d090326a593e4ba17b9d98457040a31e563013d7bb26b9c763dca409fdf8a0ec
SHA3 358a1ac0b52893781e8efa11c0dd69298c117612f7492a94e06d538f4cbeae1e

148

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12b20
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.4346
MD5 31f81ede740b1a363a735bf823e8dcbc
SHA1 edd383dd380f9adc269308d9e356b1b45d6e35e0
SHA256 d2fa7289639491a5143dd2f7c35e6e8ba99d18ee6ce4175987c4fced07e54ed9
SHA3 6a3dbe8bb0457bd01075b25d0cec9fb5e4efbadeb6062311df8501a35f7ac728

149

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x13976
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.40641
MD5 1fa222d4e2c4f1c5004a04642607bd3f
SHA1 50427eba86cd90fa236a40806c76c4f4b4652c72
SHA256 256f87de5c08f8ae71927aed204a91e43da5b306758642c3ef57d8c7bc9aefd2
SHA3 433b3a5ea4ed81e19b410043e681f66f4143f3f4217dffd21cb209970a158569

150

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x13e56
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44646
MD5 4a623550bcc7ce7fda3a49865a940c1f
SHA1 f15200c4728a6f73d4200c32b65ccd34c5a7c58b
SHA256 acdf380fc08961243e9427d963cfa81f95c25ecd140ead9cd262d531b082ff89
SHA3 f84c9ca436323c3b844affe82dfd8a03dfccdbb06f31a1e7b68f84f9ce7dfef7

110

Type GIF
Language English - United States
Codepage UNKNOWN
Size 0x2b
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03149
Detected Filetype GIF graphic file
MD5 325472601571f31e1bf00674c368d335
SHA1 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
SHA256 b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
SHA3 afacd2b83f042f49e137cdd6d628d4da182929428180855ed51136a8479f5ea3

127

Type GIF
Language English - United States
Codepage UNKNOWN
Size 0x4b1a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.80744
Detected Filetype GIF graphic file
MD5 7699a4c54b1f5515a64e93fe3f801321
SHA1 2e51f7e1a331d921eaf15bd7dc9721a742984d47
SHA256 9146e2390273ac868609dac1be7f1a0458b7d4f7ecdfe1eaec107b3211f33aa2
SHA3 a80cbe5dba69ca119a4eba793244fa4761114cddf68950c5d8997d4cfcdf714c

128

Type GIF
Language English - United States
Codepage UNKNOWN
Size 0xe622
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.90998
Detected Filetype GIF graphic file
MD5 f5dad4bc08409591d0420aaa18a044ea
SHA1 f497cd492156d0c8c056d9d0dee1f47ee7f012c6
SHA256 2b3ae69a0e9301661be037690ac9682f898e288b70ca40acbfbd0e3c3cb43bc0
SHA3 d376a236b12953459893fe6eef1847b45de0d081edc3901e26aefdbcfcbe6972

103

Type JS
Language English - United States
Codepage UNKNOWN
Size 0xea25
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.02855
MD5 a8f9eb478c7512c98ca1ad46dbcc298a
SHA1 454226dc42b911caafc9a1e56d8ad0000bbb7643
SHA256 1df6cbdc80c1df47d93d6e7516a2d7017362413a6b9d93634e143856695c3645
SHA3 a1e7f4cfbb12be517e571f35dd8df6c3fc397360e710744d1205ee0d63cb3fe3

107

Type JS
Language English - United States
Codepage UNKNOWN
Size 0x16dc5
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.293
MD5 e1288116312e4728f98923c79b034b67
SHA1 8b6babff47b8a9793f37036fd1b1a3ad41d38423
SHA256 ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
SHA3 e1b6e1b3ae5e3a3ac93bb9c9da498fee7d29f426ef3f03792bd906092d74bb4e

108

Type JS
Language English - United States
Codepage UNKNOWN
Size 0x3984
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.01521
MD5 ab3adf4aff09a1c562a29db05795c8ab
SHA1 f6c3f470aea0678945cb889f518a0e9a5ce44342
SHA256 d05e193674c6fc31de0503cbc0b152600f22689ad7ad72adb35fcc7c25d4b01b
SHA3 8227f7310b58a15213072a11b8d3ae3369397ffc69e8d886e61e2d67bbdc6cc5

109

Type JS
Language English - United States
Codepage UNKNOWN
Size 0xe7a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.00095
MD5 e13f16e89fff39422bbb2cb08a015d30
SHA1 e7cacaf84f53997dd096afd1c5f350fd3e7c6ce9
SHA256 24320add10244d1834052c7e75b853aa2d164601c9d09220a9f9ac1f0ae44afe
SHA3 f8f8cb9fe62508d7100c5a2370223b5910e57a8f5da179f216ef0e3d522ca9d2

152

Type JS
Language English - United States
Codepage UNKNOWN
Size 0x938a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.99644
MD5 d5e6dacf9aa3069e9241780cbc82d50d
SHA1 1b510f2e06b363b4b138afc409a811254f976dca
SHA256 4c3f64961a872731185c0db4d155c9db73f7885ec4596f15098857c5e1fe91f4
SHA3 a83bd288ca81db0233dbbb50123d20c55fa7aa3f8d3482c5d546437932ec0ba7

163

Type JS
Language English - United States
Codepage UNKNOWN
Size 0xa48
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.12624
MD5 d98f70ffd105672292755a37f173c2ec
SHA1 c0154add295ac052f234a0282a62b704cdd01998
SHA256 257a42f797f140667c81930001e73943bfc243d50bcc775f75d0334a2d2cf2c3
SHA3 5668cb9f75228a4931af663a5136a7e62e3c109a2495ea630288e93627b60b27

111

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x9f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.90522
Detected Filetype PNG graphic file
MD5 c798f5f4b98fd335a77e600ce21e32dc
SHA1 3db71eb6d87c8a4fcc6fded25d420cf7ea79231d
SHA256 9b249680adc23b858b08a62ea83fd8373e3480ff6f9120195314897c6e5f2cea
SHA3 80a7403eebbf2998d93bc7f883d8af5ff7115226427056c2780b08357986d71a

112

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x1ac2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.94668
Detected Filetype PNG graphic file
MD5 2ef18565aa93c7a0cb24a4852aba0911
SHA1 0cf3ae591cdd4ebf985454bcd99872d86791eccf
SHA256 6db5d7eb5148243202715c337ec751b8816c0e689fff4a97e57cd47fb283d92c
SHA3 8ecdfc154c5890d29a6982933c3289be5e52cacdcdbf3fa8a39f79709cba5532

113

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x226
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.4944
Detected Filetype PNG graphic file
MD5 8d2c84506f3f48a810eb7232dc000d6f
SHA1 f4a238c1f7c02c7c907368b939efba7512c6be5a
SHA256 c4620bc8b293dd89db628d2002ef9fe02055e2d1cff1f07e18a3e2e4942ab7f1
SHA3 cb22a78f6154f6ab8eb76dfa2d49e6fbed30d0e230c6dfcbd24c0c27e980751d

114

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x42c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.7621
Detected Filetype PNG graphic file
MD5 8f59e78c9d29fe27d2461e3694ca19da
SHA1 4215e6467068ebda3a7657f45933c8e3a6b8848d
SHA256 9e7705ea53ca1437f73e64b58d434ebd653dfbdf39898eb551bd637701cb357d
SHA3 d7e2b3911f929165b74c9f86f61e1c4a3fbfc6f59ab88ec902411055142bfcf4

115

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x127
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.0091
Detected Filetype PNG graphic file
MD5 7ae9fb845b9137ef10002fe9d0f5c643
SHA1 9f3fa2b29b1b40e1b6794e5d624524de297a8b59
SHA256 e9e5fc264337bf6845b2cf2720ddcde8936cb120328087917bf94c5911edd74a
SHA3 bdf59cbc940280f6de26d3cb8333a76ebb05d9fe8b6db6a1363e2c126680f65c

116

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x213
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.42559
Detected Filetype PNG graphic file
MD5 1b46e3cd914d5e0a8647eb648e3969cf
SHA1 37a8f941f9d5717cb7108f976f9e16438afe24f4
SHA256 4d9aea82fa1e55f787fcacb17c893a7ea730ef44bf1e6696f284629b92b210f0
SHA3 769375bd16c06dfebe6f4011b59ad9c657d249c119f39ba77fddc92e6e935b07

119

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x1d2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.3262
Detected Filetype PNG graphic file
MD5 7978536150734ceffaf0720837e8b302
SHA1 7c11361af6e41d00beffaf4ef9e677506b32164d
SHA256 5d10637927b7a623428560eaf18fb8eaf439cd8731199c3b4d251b9846841183
SHA3 cb1d36d9fe251b457f6ce1095d09a0b2d8ad927adce3e4ddeed8cbb1768b6f9a

120

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x3fd
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.70355
Detected Filetype PNG graphic file
MD5 343b161e7996221bfbe4321a62628a29
SHA1 f072095a70ae958572d662958feb1200baea174f
SHA256 6385151b79e3ba406fb11027be016d42a8a0ce9d65012dbfc5d00a4fd5a1fc28
SHA3 78092f0e79709169693b63524e90ebc72fbe40a1f291dc429e99f36ffd03869d

121

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0xa7
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.10146
Detected Filetype PNG graphic file
MD5 d13cecc413374c4ddc22a9edacde8a11
SHA1 981295dd1f713584591716a6e753346b8a89215a
SHA256 b9c9ae215daf1bb5b6692f527375207aedc138891947e5f6c1c6b549c2ebf39a
SHA3 6600e2ff303330f12f991b77c7895f73f8b6792f68e793355924cc544260f72e

122

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0xfc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.68965
Detected Filetype PNG graphic file
MD5 42fb1ea073a33e5da9653529f46f66b0
SHA1 bf1837615c2e9d12c9dcc2869d05d3f0106a9de9
SHA256 d708b7b1c4a46677c4a9b82f81ad79067b9bbb133da43e797bba9679b21ed929
SHA3 963423f4a76e8d551cd796ccaa77222bf7798ad9dccb949d7254788341414d92

123

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x13d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.90778
Detected Filetype PNG graphic file
MD5 9f7974bbcc96f12769c1856045eb7bc7
SHA1 fa0b9b9d709718839ea525ab838260a4e124fb1d
SHA256 e7fcff2549114496e8141f46a7606f740bbadf22c9ad818c40d9ff9b9ea12198
SHA3 00be844f5803151347c86ba7139619cb2be43d7ed575e082a7513ba4aa7cdd0c

124

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x22a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.4941
Detected Filetype PNG graphic file
MD5 5e46e67c30c83f2e9278cc8f658bc74d
SHA1 621a956fd3ebb761469220c2eff56ba8d1149b28
SHA256 5985fe4917d51a2271d6019805313a1c2d48fa6eeb29228c7a19664255920621
SHA3 27d8d3a0f5ca3b38de0de51721cb9d0c5135e562429a9f3988a41dfb6b83ce80

125

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0xe0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.63735
Detected Filetype PNG graphic file
MD5 ee8599707751befddb2b94bc79525c15
SHA1 e118b48e25fe42d933377b03fb5a9a710e1c5caa
SHA256 c1f6844923f7c311d996d81eed6d8e769d52df6d95c898187d92997abbb2770b
SHA3 68b6bcf7d5da39b1e1a9f13c26c7629d7c196ba476b7504e848670c95bdeb95d

126

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x187
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.26639
Detected Filetype PNG graphic file
MD5 4071c682a19e2f47bb65e9aa485b8494
SHA1 222c3ee704f04256c07c341bbad49ecceb4acbd1
SHA256 5352b611b89eec98f0bd9017e420580f58fbe31cfed730d758c63dfbfeff8117
SHA3 9dfb3c7c7b470c99ae689571413a9362a0585862b0e599f5d27fd3faef38d931

154

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0xab5
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.85493
Detected Filetype PNG graphic file
MD5 26e9b0fe7397d9c072da92fcf6951b11
SHA1 4ee24ef82e7ee4fcc980e3caeca90b6e0d99b59f
SHA256 e4c2314a50cf372465c97d955645455ccad1911eed45ff2c2de5a310316ab15e
SHA3 abbaacfff7b25332262067240cae41c8b51f794208d5dfb16838816cad22b930

155

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x28e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.55792
Detected Filetype PNG graphic file
MD5 13b5f5e052334e0ad6d31845fc859e3d
SHA1 b71022382904d194a5d8f5cb3b1d0dd92e254b16
SHA256 87fd64c46642058fb6d7ae4ab2c71ba5df7ce12ffb8b9383edc7bb7a673f0306
SHA3 7c18ab7fa137ee7cebe82b3d14a18cfdc4985621167b70b98ceac49f4d2a6095

156

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x4f1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.71488
Detected Filetype PNG graphic file
MD5 34b670a842dff811281e3e619a0434a5
SHA1 9f239be72c7aece20ae08623260dd660ecb6503c
SHA256 8794d5ae6dbc5264a3592195e6b1e081f74734a950b02a4325b8899b35f78d07
SHA3 50a6f68fc3eb5679ee2610eabf99cd3f2541f85b7a7c09eae96b444e8c85e802

157

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x16c3
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.92856
Detected Filetype PNG graphic file
MD5 14d2959a1591466fee33784d9cd5ef1e
SHA1 4b69e3889ec3852123c9d47b927c97bf4a3b260f
SHA256 99da78dbe5bd8d904dd16208405b90c3103b4586796cae32539c3baf6fa3c216
SHA3 ab162831ff06decc3158c9a5e5bd815f2685a9bc32bf36a5a7df1e0b35e591b7

158

Type SVG
Language English - United States
Codepage UNKNOWN
Size 0x121
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.11754
MD5 4585f70294e7b625dcd1ea8c585067a5
SHA1 11c92ae523b0c588c5469814b0c3c7778cb3f133
SHA256 7e58a1cce147df03605a92ffda1b88ca26005c09d1eb9ae56f37accdebbfe348
SHA3 fb5634bf33386f084acc059d5657bb4fe50e5edbb842e7e23ece9015cd0b95b0

159

Type SVG
Language English - United States
Codepage UNKNOWN
Size 0x25a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.17012
MD5 3530c5040ac9af92cd0a7d347f764593
SHA1 b815ef3654ec2c677e8f8f68d8527b6d8142b4e9
SHA256 daf26ad61aee6152cf7c0e8f2d3936d0c220de2a3c329e6ce0fcc007cb64ca51
SHA3 ea43e9bf38779c4976d737f0d441a2c92e715f3f29f6c65ae27bb17fb536abe1

160

Type SVG
Language English - United States
Codepage UNKNOWN
Size 0x2ed
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.47618
MD5 e7b1717b9eba236b9c12be7a980b5b40
SHA1 f1baa3f41ffa5dfff320b7e289964cec54f19a99
SHA256 2a48e8db0f3991de1088936f56c583fe615fae4b9e14f4ebe2b33d29138088f3
SHA3 73909a1b2562d86784d58c9051f0a40223a537eb6e5b65898b2fdc261fbd5ef9

162

Type SVG
Language English - United States
Codepage UNKNOWN
Size 0x3be
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.38116
MD5 332816d7725fc31725b678cff1cb6dcc
SHA1 876f938efb86c1bb1733b47ec279335de97576da
SHA256 8b5469642507c00b9130bf7ed17a1e4d221e2a93dfd4d2972163650c4e94d714
SHA3 5156a317aaef915a8c1cd77c79516274bcc157f6ae7638bb143904d90420ca4b

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xa8c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.63008
Detected Filetype PNG graphic file
MD5 51d4520d0056dd78ab6030f864ec38dd
SHA1 3abad058263f068ef1138e7b7f4f1e4f19c3e2bc
SHA256 e7696d6f343d7fce61790194f4cdbae5352802f91dc77abe11df52ff9667b694
SHA3 7ada1217fa1603e2c53a1104d7f0f6f505eb01db6ed4adbbc210549c0de2c076

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.0532
MD5 c86c7954917a522e19993100c1f58b4e
SHA1 d65521b4fcbb0cd5ddf76c935faaae20c8ee36e2
SHA256 9e149fad424d365c899572aa296bf7f0508541cb5a4ad5794fc18e31ac9da756
SHA3 b4a748be55d5e5a9a469985dc7f67bffff924728dd64f6e140d2e7bd71d05d74

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.30056
MD5 e659557bc290ea500fb81a0e201e9aeb
SHA1 9703a758c26e6d9db6ac9211bbcb896e36671614
SHA256 5d788c89a6bb483a45d6419797eb379ac6a19ede3e72757faa260b0c03894523
SHA3 3df8af9e9746238ba20f3ee531243a968694268aea90f8ef464b74c11bd44eb5

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.41941
MD5 c4eb869be735c32ef365cbb40d78b7b2
SHA1 2accdbbcb10eeae85374ce61eefbfb9fcde4d2cb
SHA256 d27e623bf3e84226ae260a8afe0aa2beaffb1eb82fa76611a31c5b8945f41fbd
SHA3 4b0a7e48fc282a6b8167f2b5043ba14551c34fc2d032b5b5fe26dadcd6c33856

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.63697
MD5 e29d96cbe83ff4d632d10de953f7f016
SHA1 5d4bbb1a0127fb0725b4d5e3b5fa064ec4906581
SHA256 fd3e7c56697c473a437e44106bcb3ce6270f37ae480f8fac3e4d1a69ff2dbf04
SHA3 49920c39781ff17440cbdd1903d6c8dc8068c84a1d12f90704c0a7627571bd59

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.9739
MD5 0ff3165a66f0dde7b91977034c7584c2
SHA1 6fe7e5482ec702f275f13617ddbadce6377485ac
SHA256 4093f18b49c4b6b1fe693c6f815860f55e3a124cc2b9897b760d056ee42c4b57
SHA3 86db17ab2d6f00a29b69b08aa7297469393b264fbbc57d3c993ee6ef95a010fa

101

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.8213
Detected Filetype Icon file
MD5 4b784dc80c9a63e0229152169ca0cd19
SHA1 090d4dc9c6f9e84b6ae2593fb83bdd6e9f1df435
SHA256 8b3697e98e4a8ff04c68c3a54f2aedc687ac088b164eec09280675a13f63334b
SHA3 a9e1ce93528e2245f6969a8a3280aa22799afffd7eda755be68493ba3361f9f3

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x304
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.39903
MD5 197c1bc9b18ca44a14544cb9ef4d769c
SHA1 18b04d1f98cf538bb5992af18faaf6ab7f634e8c
SHA256 20a498d22d774aa531e9a339d90d21f38b75d032df2ff5652c97f285b33d5fa2
SHA3 13518a107e02287f4e86cd425cf416d641c7af5f30f074b25809c2fe08b53502

102

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x22b9
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.39077
MD5 f4b7942d6563727bd614f10da0f38445
SHA1 84f22240f7a5ed1c23b09e8677ac2ac3cd4e26f9
SHA256 e4bedde22ed405d291c746440a824d5f8527fb232e7a6be2ed9a76465d82f8dc
SHA3 b950c56923dd2edba931d47ac21e1ba6e83b66474fbc88d927dc487f7986915e

151

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x1bc7
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.18569
MD5 60e80c05a9d6aa602626fec33cd99e3c
SHA1 7aeaac92d57fbabe5da2c923eb0ad1bb22e647ab
SHA256 5bd6a4bc514b2e697a0f0e8b7b8c0be0af34a9e1c25a628b286a5cdf8e1837d3
SHA3 ea3afdab437025f274fdd8a6518da5d37eb2490d9921a70c9f676faf9c604987

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x813
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.1674
MD5 02dc00ac1a8debbcbd7922efa6508447
SHA1 cbe08af121822dc0e826f92059e62bd60ece375c
SHA256 f916797f99304665dd1312489b5e6e53b8180dab9b779e8eed6f7fcb9c8fb250
SHA3 0e9307e39489d1c3deabace748864140d23269e5d6fe0f4d718257a8f418053c

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 6.2.0.554
ProductVersion 6.2.0.554
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
FileType VFT_DLL
Language English - United States
CompanyName Adobe Inc.
FileDescription Adobe Installer
FileVersion (#2) 6.2.0.554
InternalName Adobe Installer
LegalCopyright © 2013-2024 Adobe. All rights reserved.
OriginalFilename Adobe Installer
ProductName Adobe Installer
ProductVersion (#2) 6.2.0.554
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2020-Sep-16 08:44:19
Version 0.0
SizeofData 35
AddressOfRawData 0x4223e4
PointerToRawData 0x420be4
Referenced File Set-up.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2020-Sep-16 08:44:19
Version 0.0
SizeofData 20
AddressOfRawData 0x422408
PointerToRawData 0x420c08

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2020-Sep-16 08:44:19
Version 0.0
SizeofData 1092
AddressOfRawData 0x42241c
PointerToRawData 0x420c1c

IMAGE_DEBUG_TYPE_ILTCG

Characteristics 0
TimeDateStamp 2020-Sep-16 08:44:19
Version 0.0
SizeofData 0
AddressOfRawData 0
PointerToRawData 0

TLS Callbacks

StartAddressOfRawData 0x822870
EndAddressOfRawData 0x822878
AddressOfIndex 0x87c5ac
AddressOfCallbacks 0x7781e0
SizeOfZeroFill 0
Characteristics IMAGE_SCN_ALIGN_4BYTES
Callbacks (EMPTY)

Load Configuration

Size 0xa4
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x857060
SEHandlerTable 0x820990
SEHandlerCount 1685

RICH Header

XOR Key 0xb9906ccb
Unmarked objects 0
ASM objects (VS2017 v14.15 compiler 26715) 21
C++ objects (VS2017 v14.15 compiler 26715) 221
199 (41118) 1
C objects (VS2019 Update 2 (16.2) compiler 27905) 19
ASM objects (VS2019 Update 2 (16.2) compiler 27905) 25
C++ objects (VS2019 Update 2 (16.2) compiler 27905) 167
C objects (VS2017 v14.15 compiler 26715) 39
C++ objects (28106) 24
C objects (VS2015 UPD1 build 23506) 1
C++ objects (VS2015 UPD1 build 23506) 8
C objects (CVTCIL) (VS2017 v14.15 compiler 26715) 2
Imports (VS2017 v14.15 compiler 26715) 35
Total imports 565
C++ objects (LTCG) (28106) 342
Resource objects (28106) 1
151 1
Linker (28106) 1

Errors

<-- -->