7dcaadd156295ad4941987d9a3d95a32

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2022-Oct-02 22:03:44
Detected languages English - United States
Debug artifacts C:\projects\vim-win32-installer\vim\src\gvim.pdb
CompanyName Vim Developers
FileDescription Vi Improved - A Text Editor
FileVersion 9.0.0643
InternalName VIM
LegalCopyright Copyright © 1996
LegalTrademarks Vim
OriginalFilename gvim.exe
ProductName Vim
ProductVersion 9.0.0643

Plugin Output

Suspicious Strings found in the binary may indicate undesirable behavior: Contains references to security software:
  • rshell.exe
 Miscellaneous malware strings:
  • cmd.exe
Info Cryptographic algorithms detected in the binary: Uses constants related to SHA256
Uses constants related to Blowfish
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryA
  • LoadLibraryExW
 Functions which can be used for anti-debugging purposes:
  • CreateToolhelp32Snapshot
 Can access the registry:
  • RegOpenKeyExA
  • RegQueryValueA
  • RegCloseKey
  • RegDeleteKeyA
  • RegCreateKeyExA
  • RegSetValueExA
  • RegEnumKeyExA
 Possibly launches other programs:
  • CreateProcessW
  • CreateProcessA
  • ShellExecuteW
 Can create temporary files:
  • GetTempPathW
  • CreateFileA
  • CreateFileW
 Memory manipulation functions often used by packers:
  • VirtualProtect
  • VirtualAlloc
 Leverages the raw socket API to access the Internet:
  • getaddrinfo
  • inet_ntop
  • freeaddrinfo
 Functions related to the privilege level:
  • OpenProcessToken
  • AdjustTokenPrivileges
 Enumerates local disk drives:
  • GetDriveTypeW
 Manipulates other processes:
  • Process32Next
  • OpenProcess
  • Process32First
 Changes object ACLs:
  • SetNamedSecurityInfoW
 Can take screenshots:
  • BitBlt
  • CreateCompatibleDC
  • GetDC
 Reads the contents of the clipboard:
  • GetClipboardData
Safe VirusTotal score: 0/72 (Scanned on 2023-11-02 16:06:05) All the AVs think this file is safe.

Hashes

MD5 7dcaadd156295ad4941987d9a3d95a32
SHA1 f610cb1db9db9ba62939606a2d0f3fb226d12891
SHA256 3be136842b2b760a3131994e4672ada99e8632473d6253009b266c06b266c561
SHA3 5f4d55dcda7e0cd0d793aadf5f5424c70ea35fa096dc02260dac9d645e6bca4d
SSDeep 49152:X1eTLvDHi1K8KGvdD2aeUsQ3Ei1/lwWrGdoCTJmTk25ZT1oa5r8PVmwHilepB8k:X1e+DGWKCCTk5/Owef9qa
Imports Hash e01524536a58d8349f5ebf3ca8522b1b

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x120

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 8
TimeDateStamp 2022-Oct-02 22:03:44
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0x358400
SizeOfInitializedData 0xfcc00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000000000002194 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.2
ImageVersion 0.0
SubsystemVersion 5.2
Win32VersionValue 0
SizeOfImage 0x45a000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x800000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 555c902d10835aa7f23521cd76f9c9ed
SHA1 c7b938663dcd583f5a7374c5e208e76ea15c5a70
SHA256 034f8dfd4a812c8e78b185abced96a2aab411f2d950391b3b852b43c943dc639
SHA3 780a05535ed90bb8d75082d46fa51cb8cdb4e2e3e5fd85062a79d54ed46d7dbe
VirtualSize 0x3583aa
VirtualAddress 0x1000
SizeOfRawData 0x358400
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.53252

.rdata

MD5 7c24b704dde4a9f89b1990f5052fdd59
SHA1 f993f418d7dd1b8ef10c0f5448f37260b4bae94f
SHA256 5b1f0ecd49508214aad7eb2a53e32d10436ab7a98303e7d47216843a13425c0d
SHA3 c0af2ec7541ee7ee95e67828ce035ea1737a60a00f7560f41430ca372f2b8669
VirtualSize 0x78630
VirtualAddress 0x35a000
SizeOfRawData 0x78800
PointerToRawData 0x358800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.80838

.data

MD5 24ef116304dab4d362547a4094036707
SHA1 24cf29000e707ea6f2cfe713e6fae0e5bb2e370e
SHA256 7db5a9ca427fe5ddea682f36139b5b82ca263b15f47293d2b6786d2370cbc21c
SHA3 9f462da4ea1587984779f7532fd3a82a3e60a2145f9f9f3ad615bc8e9003470f
VirtualSize 0x49a50
VirtualAddress 0x3d3000
SizeOfRawData 0x38e00
PointerToRawData 0x3d1000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.44081

.pdata

MD5 8c2024119506b5a8de2ceb02dbf5cf47
SHA1 d2f28c626b584ae2a4ec9753c4f4a2015d8622b1
SHA256 59ef2738ff63cd0c0325d252b9ba8203ac71045e683029674ee7006199abe7ed
SHA3 9eead2b7e5c4f38934a755e7e49c286df0f7e3945dfb0346c6bb433a5642dee8
VirtualSize 0x296a0
VirtualAddress 0x41d000
SizeOfRawData 0x29800
PointerToRawData 0x409e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.41644

.gfids

MD5 cc0ad96339cd4856eba8ccd70a050a36
SHA1 8f9a72024be8e13b3d45bb09ec94551f2c9dbd53
SHA256 2609b36c16e0e70ba6e50ba6bcf1ee6ed335e65263615d9ca005475143ada2c9
SHA3 afaf540fb4a4bb4611662e4914e0f1a270b4eedec214c31b0141d3735b371924
VirtualSize 0x110
VirtualAddress 0x447000
SizeOfRawData 0x200
PointerToRawData 0x433600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 1.35572

.tls

MD5 bf619eac0cdf3f68d496ea9344137e8b
SHA1 5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5
SHA256 076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560
SHA3 622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59
VirtualSize 0x11
VirtualAddress 0x448000
SizeOfRawData 0x200
PointerToRawData 0x433800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0

.rsrc

MD5 a3a8cbbf3eee6511b5646911e8893ab3
SHA1 f1f9c185f9cbb2837ba984b54bfe93b6e5c155d7
SHA256 f718f5de272bfe00239867fe3596c14324dabe4a37cb33a86e27cde919f7bf3b
SHA3 00f96a6e86c743365c2f3e914b103d1788c13663532ea4407dc094bfe79fe078
VirtualSize 0xae80
VirtualAddress 0x449000
SizeOfRawData 0xb000
PointerToRawData 0x433a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.83554

.reloc

MD5 f78ae900f7cb42bc233e231c8bacdcea
SHA1 ebfe955ade62875a36b3d997d926d8f2313e5ea2
SHA256 444ec7572bb2a847930638cb8dd7b66e6784f69137fbb6cc6c872141d15c5d91
SHA3 c5e5ac6d2296c73cd71e2d5402947af841e5570512e764c6f7a26b2c5e1a12bd
VirtualSize 0x5a10
VirtualAddress 0x454000
SizeOfRawData 0x5c00
PointerToRawData 0x43ea00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.44282

Imports

KERNEL32.dll GlobalFree
FreeConsole
GetCurrentDirectoryW
SetCurrentDirectoryW
CreateJobObjectA
GetComputerNameW
GetCurrentProcessId
GlobalMemoryStatusEx
CreateProcessW
GetFileType
TerminateJobObject
DeleteTimerQueueTimer
BackupRead
BackupSeek
GetEnvironmentStringsW
FreeEnvironmentStringsA
SetConsoleTitleW
MoveFileW
GenerateConsoleCtrlEvent
GetExitCodeProcess
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalSize
GlobalAlloc
LocalHandle
lstrlenA
LocalAlloc
GetConsoleMode
GetNumberOfConsoleInputEvents
Process32Next
DisconnectNamedPipe
GetOverlappedResult
FlushFileBuffers
CreatePipe
TerminateProcess
GetShortPathNameW
GetLongPathNameW
GetTempFileNameW
DeleteFileW
FindClose
GetTempPathW
FindNextFileW
FindFirstFileW
GetTickCount
DebugBreakProcess
CloseHandle
OpenProcess
FreeLibrary
GetProcAddress
GetVersionExA
HeapSize
WriteConsoleW
GetModuleHandleA
GetProcessHeap
GetCommandLineA
FindFirstFileExW
GetTimeZoneInformation
LoadLibraryA
CreateFileA
AttachConsole
WaitForSingleObject
GetFileInformationByHandle
Sleep
CreateToolhelp32Snapshot
SetFileAttributesW
SetCurrentDirectoryA
ResumeThread
PeekNamedPipe
GetConsoleTitleW
SetErrorMode
GetProcessId
WaitForMultipleObjects
AssignProcessToJobObject
WriteFile
GetCurrentProcess
GetFullPathNameW
GetCommandLineW
CreateNamedPipeA
VirtualProtect
CreateTimerQueueTimer
SetHandleInformation
Process32First
GetModuleFileNameA
ReadFile
VirtualQuery
MulDiv
GlobalUnlock
IsBadReadPtr
FormatMessageA
LocalFree
GlobalLock
GetSystemInfo
GetFileAttributesW
CreateFileW
GetFinalPathNameByHandleW
DeviceIoControl
GetLocaleInfoA
GetLastError
IsValidCodePage
GetACP
GetCPInfo
IsDBCSLeadByteEx
CreateProcessA
GetStartupInfoA
ConnectNamedPipe
SetEndOfFile
FreeEnvironmentStringsW
GetOEMCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileSizeEx
HeapReAlloc
HeapAlloc
HeapFree
GetStdHandle
GetModuleFileNameW
GetConsoleCP
DuplicateHandle
ReadConsoleW
SetConsoleCtrlHandler
GetFileAttributesExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RemoveDirectoryW
CreateDirectoryW
SetEnvironmentVariableW
VirtualAlloc
SetStdHandle
SetFilePointerEx
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EncodePointer
EnterCriticalSection
SetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
ADVAPI32.dll RegOpenKeyExA
OpenProcessToken
GetNamedSecurityInfoW
RegQueryValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
GetUserNameW
RegEnumKeyExA
AdjustTokenPrivileges
GetAclInformation
GetAce
LookupPrivilegeValueA
SetNamedSecurityInfoW
SHELL32.dll DragFinish
DragAcceptFiles
DragQueryPoint
DragQueryFileW
CommandLineToArgvW
ShellExecuteW
Shell_NotifyIconA
DragQueryFileA
GDI32.dll GetBkMode
GetCurrentObject
BitBlt
ExtTextOutA
CreateFontA
CreateCompatibleDC
GetDCOrgEx
SetPixel
GetTextExtentPointW
GdiFlush
GetPixel
GetTextExtentPointA
LineTo
CreatePen
GetObjectW
MoveToEx
CreateSolidBrush
ExtTextOutW
GetNearestColor
SelectObject
StartPage
EndDoc
EnumFontFamiliesW
GetDeviceCaps
DeleteDC
TextOutW
GetTextExtentPoint32W
SetTextColor
SetBkMode
CreateFontIndirectA
SetBkColor
DeleteObject
CreateDCA
GetTextMetricsA
CreateFontIndirectW
SetAbortProc
StartDocW
EndPage
CreateBitmap
SetTextAlign
COMDLG32.dll GetOpenFileNameW
GetSaveFileNameW
ReplaceTextW
FindTextW
ChooseFontW
CommDlgExtendedError
PrintDlgW
ole32.dll CoInitialize
CoCreateInstance
StringFromCLSID
OleUninitialize
CoTaskMemFree
OleInitialize
CoRevokeClassObject
CoUninitialize
CoRegisterClassObject
NETAPI32.dll NetApiBufferFree
NetUserEnum
USER32.dll SetParent
mouse_event
ScrollWindowEx
IntersectRect
IsRectEmpty
DestroyMenu
GetMessageTime
SetMenu
MoveWindow
GetSysColor
GetMonitorInfoA
GetDlgItemTextW
LoadBitmapA
GetKeyboardLayout
FrameRect
MapWindowPoints
RegisterClassW
SetClassLongPtrA
CallWindowProcA
FindWindowExA
ClientToScreen
DestroyIcon
RedrawWindow
SetTimer
GetCapture
RegisterWindowMessageA
OffsetRect
DialogBoxIndirectParamA
GetClassInfoW
ShowWindow
TrackPopupMenu
DestroyCursor
GetWindowPlacement
GetScrollPos
WindowFromPoint
IsZoomed
MessageBeep
SetWindowTextW
GetSystemMetrics
DrawMenuBar
GetCursor
SendMessageW
ScreenToClient
CreateWindowExW
FillRect
GetMenuItemCount
SetActiveWindow
MonitorFromWindow
InvertRect
InsertMenuA
SetWindowPos
IsWindowVisible
GetDC
InsertMenuItemW
LoadCursorA
GetWindowRect
GetWindow
MonitorFromPoint
PostMessageW
ShowScrollBar
GetKeyState
GetMenuState
DefWindowProcW
GetMessageW
SetScrollInfo
MessageBoxA
GetCaretBlinkTime
ShowCursor
InvalidateRect
IsIconic
GetDlgItem
GetMenuItemRect
GetWindowLongPtrA
DrawIconEx
KillTimer
SystemParametersInfoW
ReleaseCapture
CreateMenu
SetWindowLongPtrA
SetCapture
InsertMenuW
ToUnicode
SetCursor
TrackPopupMenuEx
CreateDialogIndirectParamA
RemoveMenu
EndDialog
GetClientRect
PtInRect
UpdateWindow
CreatePopupMenu
SetForegroundWindow
LoadIconA
MapVirtualKeyA
IsWindow
DestroyWindow
EnableWindow
ReleaseDC
GetParent
EnableMenuItem
GetDesktopWindow
SetCursorPos
GetCursorPos
BeginPaint
EndPaint
SendInput
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
RegisterClipboardFormatA
GetFocus
MessageBoxW
CharLowerBuffA
GetSystemMenu
LoadImageA
SendMessageTimeoutA
EnumChildWindows
GetClassNameA
MsgWaitForMultipleObjects
wsprintfA
GetDlgItemTextA
DispatchMessageW
IsDialogMessageW
PeekMessageW
GetWindowTextA
CharUpperBuffA
SetDlgItemTextW
SetWindowTextA
RegisterClassA
EnumWindows
DefWindowProcA
CreateWindowExA
SetFocus
TranslateMessage
SendDlgItemMessageA
SendMessageA
GetWindowDC
CreateDialogParamA
SystemParametersInfoA
PostMessageA
COMCTL32.dll #17
CreateToolbarEx
OLEAUT32.dll UnRegisterTypeLib
RegisterActiveObject
LoadRegTypeLib
LoadTypeLib
RegisterTypeLib
SysAllocString
RevokeActiveObject
SetErrorInfo
WINMM.dll PlaySoundW
mciGetDeviceIDA
mciSendStringA
mciSendStringW
WSOCK32.dll connect
recv
htons
__WSAFDIsSet
closesocket
select
socket
send
WSAStartup
WSACleanup
WSAGetLastError
inet_ntoa
WS2_32.dll getaddrinfo
inet_ntop
freeaddrinfo

Delayed Imports

scheme_external_get_thread_local_variables

Ordinal 1
Address 0x2fad00

1

Type TYPELIB
Language English - United States
Codepage UNKNOWN
Size 0x700
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.02409
MD5 73d70309873e7a51f38c90d7824a9019
SHA1 d9a8e3d514e98e484d851acb7aee7d3105c90026
SHA256 4c3a5ab3e4448bff9ffde2f57935d5b253803d2d298db8e5344038a002de3075
SHA3 6e57a2d3b00997c54d5b85a38845a78457376036c7956125d8686195f955ebfb

IDB_TEAROFF

Type RT_BITMAP
Language English - United States
Codepage UNKNOWN
Size 0x68
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.48639
MD5 7bfd4016db3e5593c64ff80537f67b81
SHA1 39b5d42d4685d932ea52fe2eeaa1fcb8ef64125e
SHA256 45fa0d062fabe6e9995b2cbda7e296f1d1db29bc2e1d013a3dd1408a39f46355
SHA3 6af6f08cf0b0d7f01df78a5a68d7eb0b5c83ecf899b1e6d07c616cba9293e45c
Preview

101

Type RT_BITMAP
Language English - United States
Codepage UNKNOWN
Size 0x1226
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.18615
MD5 8b09c4c156aad17c8edb61c38fe43cbf
SHA1 b60e543cb81b626d3661f9234b67c469147d11e1
SHA256 d76ee79ba1f0cf6e62bfb901ac3938105b09a6c1c559462cf43cb9cae2326963
SHA3 252499faa9bd4a2e78fdeaadd90c8908f06548bf13179a9446804ec917d2cc27
Preview

1 (#2)

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x141
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.07991
Detected Filetype PNG graphic file
MD5 90fea59ecaf741a8669b3d8a77abf7f0
SHA1 15bb5e1794b9ebb2a68fd909c8e5523c0a165a99
SHA256 f4ac8f4942d5877f9833fe273b22b0eb6911cef126926a0a575f6f6d5a2bb7b7
SHA3 4456d2ad562d93e442fb1cd37707a2aeca3a119aaba4d37fd5b86ba82f12fe7e

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x9a0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.88103
Detected Filetype PNG graphic file
MD5 4beb52a978e5f3ce295c77e6adfffe2e
SHA1 d32d371984ce7d07fe86757eb0648cd89294956f
SHA256 9e0630a3e3ac365abef36ee6090be2d68d2ba50c54336281605b8ac9bcf79ef1
SHA3 737d74b4ecca4ca61b5b4f74051b06cfef3fdda771bac09d632e59d4e16a9224

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.9452
Detected Filetype PNG graphic file
MD5 d1e5e4dd426e5d99c8b4f27944da23de
SHA1 247df9986c77860930e31db93f95a5bd1593feb4
SHA256 d69c00bb2f0f968a9963c231e1c12561f9558fcd7367180fb4db1624b5419ff6
SHA3 3f33e34b6a010e2faa48375601b721c5ec0e99f5e64769141ea67908a0fd7dd6

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x405e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.96376
Detected Filetype PNG graphic file
MD5 d7a00dd7b8fc420e7d6bdf0238c092cb
SHA1 42ad3e137135939463f199fd86c05e8cd0f07a04
SHA256 a559ebdf461337d9ee94ec42ca47ed48d7abfdd9bc3685699b7afc97102c26dd
SHA3 c3bb60f5fd32a3215ad52296f509248f44dda9c02ca94a265a40b58f42c0c813

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 0.938388
MD5 f8e211b065842ae6f1133ed8e9aace60
SHA1 db63cf655cdbe5e498db8abf34921698afe68f0e
SHA256 23bff75c057f7365206f5e176a941affce1432b2f757ee7eebc37a6441842bce
SHA3 e3a1e9b8785479e5d8925632ebb9360d8f8208fc611a0d34bad9c3f8f0519735

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01347
MD5 74ee3e242bc2299e91bdd30e4953eff1
SHA1 dd2f9b57b0d112f34b660cfeee390dacb3e404cc
SHA256 d37ecd4157adaefd65190916c2b3d7fad181461f460f5f446ee7d8bc1fe52159
SHA3 3e4da1e9053be0564f59217f7c59987c6b0edf3e50b3aa34d030176fa1025ff4

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.32997
MD5 5be35fefb415818c20bd61a994af3c92
SHA1 2cdf4602bd12b8a3ae0f87a7f19208ce44d8b86c
SHA256 432dfe718233414e73778d197da523bff77f48a860ede5c8783bcd4a3d907890
SHA3 826f28f2c28c4915b9b1bdf7cd7341341d6558867e494a0cdced72f54ec23fa8

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.83234
MD5 a4d72f97c1dea00ddd8cf91ad065fb27
SHA1 33e9dc64bf606495e1748ada1b6f2ed891be9536
SHA256 ba8e1050de5a94c6a4dd379af4a5445afdd5514c77a38bfa95952ae2a97721fa
SHA3 bdd6579a557f3d7032f4ac8514f96b3b2c189aa9845f409183168f0472e3b8f0

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.5002
MD5 2b49be8998d8692682ee7b77dfcd4c15
SHA1 359ccbe5f84ff27531ad20c564955701f3c60c5d
SHA256 f652df2e19cbf9150b04ae089537c96f454fbbd5c84840e52fc88cd49639d35f
SHA3 911d8b76fb7b415b7c217b0c010546fe3669c80b52388b0a0619364d6b014a1b

10

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.27538
MD5 8f9942d06289f8eb7f35b174a51cfdc3
SHA1 0de8e994dfe7b04a8d55593a548728fcaf153862
SHA256 20cd2ca8a592d68d67a6ac7bcebf4cab714be5ace3b50287451ea6df57682c2b
SHA3 fdb6b4a476504e0b2bbba95f18d74e4cb8957f183ea12dcf8b4da29f25da8371

11

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.73979
MD5 f1deb452bbcac6c8afeefefaf0f4e53e
SHA1 a490c677a9f299a46f08b380f1f2e6158d2fa7f4
SHA256 a44fa4a4d5672a3f8439ad228b72254c183f51fc611077f5c66d9f1a5576d590
SHA3 2ce05c210568e4e6c66f3b03fd6889005f7091383872063f1fe608bb7ca661da

12

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.4841
MD5 a47f49474898ecf2c84beb54b55d3cfe
SHA1 2522f3ac3a16fd788edc710591276c0b450c6ad5
SHA256 0b3a1add90fab321b681efebb2d422d8531863a90f031022300dfbf89fb2eba6
SHA3 47fb319e130653d3a161e0b975e8b83b70d388715eab89a247383587f89e5e84

13

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.10045
MD5 2c0c2d0c19214c665df97dccaaaaf33c
SHA1 3727b3a3791b1ae5e58ef658a7f5de854d393311
SHA256 0d0c1d28ee4d0f2f44aaeb1122a15693db4e98151f5f35377d16e8a3d415e7d1
SHA3 3c704744a884a371c0676631b76ea6f24e48bed45c46a2a5e2569c66067714c3

14

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.33317
MD5 0257144c352362b75ba08816708b928e
SHA1 fae447db0b5cc04cc4aca3746a377e7a67b7ee65
SHA256 4745e2a52bc8bca2070f3c0ffce0d7c88f9ecf1e8c306eed045e19947db25297
SHA3 7875288a4e5af94e79db5f28f5e80d4f01da265ce8649eaa0448ad51612b9294

15

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.7635
MD5 f087fdac7cf2a2362ece763100d0fccb
SHA1 fdea65cd9edf65e6d48a728e947c7f794b40a862
SHA256 d49c48b96aef66dab968584a0e47b707fe54768f351969f980d1cece62e7a53e
SHA3 d64f6b790c67ad60bf5c115918431d5067ede47a1c5c23d36c699ba2d0cbb734

16

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.37357
MD5 ad2aff76257d3d10918c81c0915a39d3
SHA1 62eeeff6812d509e65c5d7290851890bced387e1
SHA256 2e3e429acf5c42f4bc96cd5b24ce47f87406f1b0be65aa8f3faa28102ea4032a
SHA3 840b6f8330da0af345ea9d1cb4d4c7a909b463c4700326a16f843eaf975b5b7f

PRINTDLGBOX

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.22815
MD5 ada9d832af68cf592d666ec669376713
SHA1 fa2fe3753fe0af98f35cbe03f9bd28d66f73d021
SHA256 8eabdfb3d81271709534198c58dc6f65dbca67fc2ab98043d55f79184f949b76
SHA3 62e516384417c9f22f9b5b3dba25af1a7ec921ae0497f50fa9d1a132b0041dd9

IDR_VIM

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x76
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.94734
Detected Filetype Icon file
MD5 255bbc6dbde9318cd96c005938c3837d
SHA1 f72a763505a6b2be3c9fe19aa1785cbc9b969897
SHA256 7faa0a92108bc54a38b81d7a96e66b4e39cfafc5870a1f02b3963e3170d4c3b3
SHA3 f3a2685dbab27500ff8d170ed66573e49b5b9c1ff26ac890d244643ee098f83d

IDR_VIM_ALERT

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x22
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.55805
Detected Filetype Icon file
MD5 a3a1c13c7bd8e36c97bcfb4e181919c3
SHA1 6b29c98a79bb1e354a7ff6f252fc9f851adbeee2
SHA256 f05dc2be54def47482c48d335a8dccf7eb6c52d0b07c45647e17dc570f242a41
SHA3 910fd349ebea0ae7c107a9dd1918135e41641ee4480b70aef997fc73a9c529ad

IDR_VIM_ERROR

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x22
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.55805
Detected Filetype Icon file
MD5 0725097e6e33bb531d3af98afe89269d
SHA1 2453b5de90b6cc9c6ee41c0d9c94a3b925d8bad5
SHA256 10b84d7efcb47e8252ac8d79ac2987affc916fac320d1afda9d3a14d92917033
SHA3 31ae0a6b7a079e320827543cafca8b8ddfaecfd8c7f9f7da192c22d946d54851

IDR_VIM_INFO

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x22
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.55805
Detected Filetype Icon file
MD5 f47b48e000d92524dc1b5c2994ae59d7
SHA1 c7202dae3a2f924fd5345b79a3d86791a9b6e313
SHA256 875a203e19144d17e559bbef121f69be4755de7c699e710efe9747d68bf48e66
SHA3 84e59e7b04bc33ff0ca79251f933703557d6d43150576a58941e200c4f31d3c6

IDR_VIM_QUESTION

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x22
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.45189
Detected Filetype Icon file
MD5 e415d095f9b9750e24fb63254c17aa0a
SHA1 62450fb9a043c8b2fa451768acf4a0ab15449c83
SHA256 245ef0871caff300bd39d399fdb9bab51993b120e891830f3e617e7d660661c0
SHA3 8a78edf4e1a6d8311625d7c98cb5dacd780373b8652c10bb7e37ced7774cfb96

1 (#3)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x2ec
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.33919
MD5 c6024cb4d5665a17e44a514a51ac4f88
SHA1 8810fa48e317152264150c6bbb843ed32e624683
SHA256 39309a6cf54fec13155a69ed962ed18d7f6079a57cdc155b4b970794197f898a
SHA3 83425fdb2167f643d50fe0aab8beb70e52e8ce94328dc9bcaed3b4a6098f9ae8

1 (#4)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x935
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.08998
MD5 e9090824f7fd771249f9d59c6c892e70
SHA1 843e5a22d15b3ecdb32f278dca70d3d5f4cebfde
SHA256 3d21503c495cb2181d400da8e55a8ea9cfa570af4cbd83f537ddb18ee9aef4eb
SHA3 8b523d690b6588acac628f93635a3011d0bc78215210e2d31bb5d70af0ca7936

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 9.0.0.0
ProductVersion 9.0.0.0
FileFlags VS_FF_PRERELEASE
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language English - United States
CompanyName Vim Developers
FileDescription Vi Improved - A Text Editor
FileVersion (#2) 9.0.0643
InternalName VIM
LegalCopyright Copyright © 1996
LegalTrademarks Vim
OriginalFilename gvim.exe
ProductName Vim
ProductVersion (#2) 9.0.0643
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2022-Oct-02 22:03:44
Version 0.0
SizeofData 73
AddressOfRawData 0x39363c
PointerToRawData 0x391e3c
Referenced File C:\projects\vim-win32-installer\vim\src\gvim.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2022-Oct-02 22:03:44
Version 0.0
SizeofData 20
AddressOfRawData 0x393688
PointerToRawData 0x391e88

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2022-Oct-02 22:03:44
Version 0.0
SizeofData 884
AddressOfRawData 0x39369c
PointerToRawData 0x391e9c

TLS Callbacks

StartAddressOfRawData 0x140448000
EndAddressOfRawData 0x140448010
AddressOfIndex 0x14040c254
AddressOfCallbacks 0x14035ae18
SizeOfZeroFill 0
Characteristics IMAGE_SCN_ALIGN_8BYTES
Callbacks (EMPTY)

Load Configuration

Size 0x94
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x1403d3008

RICH Header

XOR Key 0x7b280637
Unmarked objects 0
C objects (VS2017 v14.15 compiler 26715) 25
ASM objects (VS2017 v14.15 compiler 26715) 22
C++ objects (VS2017 v14.15 compiler 26715) 206
C objects (VS2015 UPD1 build 23506) 11
ASM objects (VS2015 UPD3 build 24123) 10
C++ objects (VS2015 UPD3 build 24123) 38
C objects (VS2015 UPD3 build 24123) 24
C objects (VS2008 SP1 build 30729) 5
135 (VS2008 SP1 build 30729) 1
Imports (VS2008 SP1 build 30729) 27
Total imports 427
199 (41118) 11
C objects (LTCG) (24241) 146
Exports (24241) 1
Resource objects (VS2015 UPD3 build 24210) 1
Linker (24241) 1

Errors

<-- -->