Manalyze report for 81b9fb1f7b224d1dded8a588aada3dae

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2023-Nov-01 06:50:32
Detected languages	English - United States
Debug artifacts	C:\Users\HOPE\Desktop\JCB\SLIBIO\Hopmon\Win32\build\x64-Release\Hopmon.pdb
CompanyName	HopanaTech
FileDescription	Hopmon
FileVersion	`23.10.3`
InternalName	Hopmon.exe
LegalCopyright	Copyright (C) 2023
OriginalFilename	Hopmon.exe
ProductName	Hopmon
ProductVersion	`23.10.3`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to system / monitoring tools: schtask` `May have dropper capabilities: CurrentControlSet\Services CurrentVersion\Run` `Miscellaneous malware strings: cmd.exe` `Contains domain names: adobe.com example.com http://ns.adobe.com http://ns.adobe.com/exif/1.0/ http://ns.adobe.com/photoshop/1.0/ http://ns.adobe.com/tiff/1.0/ http://ns.adobe.com/xap/1.0/ http://ns.adobe.com/xap/1.0/mm/ http://ns.adobe.com/xap/1.0/sType/ResourceEvent# http://ns.adobe.com/xap/1.0/sType/ResourceRef# http://purl.org http://www.w3.org http://www.w3.org/1999/02/22-rdf-syntax-ns# inkscape.org ns.adobe.com www.inkscape.org www.w3.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES` `Microsoft's Cryptography API`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryW LoadLibraryExW LoadLibraryA` `Functions which can be used for anti-debugging purposes: SwitchToThread FindWindowW` `Code injection capabilities (PowerLoader): GetWindowLongW FindWindowW` `Can access the registry: RegCloseKey RegEnumValueW RegOpenKeyExW RegSetValueExW RegCreateKeyExW RegQueryInfoKeyW RegQueryValueExW RegDeleteValueW RegOpenKeyExA RegQueryValueExA` `Possibly launches other programs: CreateProcessW` `Uses Windows's Native API: ntohs ntohl` `Uses Microsoft's cryptographic API: CryptGenRandom CryptReleaseContext CryptAcquireContextW` `Can create temporary files: CreateFileA GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: GetForegroundWindow MapVirtualKeyW` `Leverages the raw socket API to access the Internet: freeaddrinfo htonl WSAStartup WSAGetLastError htons ntohs WSACleanup ntohl inet_addr inet_ntoa gethostbyaddr gethostbyname getservbyport getservbyname WSASetLastError getprotobyname` `Functions related to the privilege level: CheckTokenMembership` `Interacts with services: ChangeServiceConfigW ControlService CreateServiceW DeleteService OpenSCManagerW OpenServiceW QueryServiceConfigW QueryServiceStatusEx OpenServiceA QueryServiceStatus` `Manipulates other processes: OpenProcess` `Can take screenshots: GetDC FindWindowW BitBlt CreateCompatibleDC`
Safe	VirusTotal score: 0/69 (Scanned on 2024-11-07 00:45:12)	`All the AVs think this file is safe.`

Hashes

MD5	`81b9fb1f7b224d1dded8a588aada3dae`
SHA1	`e33a0b9d2602a7309350c24b3c2b1504fe64f904`
SHA256	`bf783a72d25431b74fbd0342b57adceb3a2658eccba43261661d4b15f37cd172`
SHA3	`b8e9e6da5a04685c9578147cc0a6418eca2f9f0b4837f61a44d70da08d228232`
SSDeep	`49152:95tyZFcMk54tL5vZJ6RdbdroVV+p5uTyWhU5AVcdh4jvlj0WS+aDYFhkT0D8xB1:9wD56jNAvlIPDYHwT+V8Gdmpxvh`
Imports Hash	`2e9ac8fc9142e80687d2883d89188158`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x130`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2023-Nov-01 06:50:32
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x2e1a00`
SizeOfInitializedData	`0x2e1c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000027D2BC (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x5c8000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`26fa21557b987aa4431bd13e85689931`
SHA1	`5a4b484e6792b0cfccd18b4baa7a9273f0cb0775`
SHA256	`c23d87a48553b9fb9b5a2247dca1ad1aec02525818945f2a401e2db662252d97`
SHA3	`a48adb82e16af805617eb68bd866835bf2dffd8cdd510a1f0a8f4a7d9b95d0ea`
VirtualSize	`0x2e1934`
VirtualAddress	`0x1000`
SizeOfRawData	`0x2e1a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.51511`

.rdata

MD5	`e321e40fd3354887419127a5dad88133`
SHA1	`db02034e5e4fec7fc4c8729a2b027701a7a0bc30`
SHA256	`018ca9843ab440de67dc1c5b1a35ed5bf7dbd467094d21f5f15d20afe7ce07d1`
SHA3	`9381643b5499c12a8c85fa3eb18d12379c1ffa290ee05c3250845b2b4da3423d`
VirtualSize	`0xf0228`
VirtualAddress	`0x2e3000`
SizeOfRawData	`0xf0400`
PointerToRawData	`0x2e1e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.00561`

.data

MD5	`cc24d6905ee979047fe28f950c4870fc`
SHA1	`6080f1b422293e4f0daccd223320c377f5c11641`
SHA256	`7272a15255b1b8fbe0b8b2b5247c75a985f748a3d995b9644f1227e99555cffe`
SHA3	`6a96ba0b17ee0314e9a0c0a8e4f52cbd7aaf0a384f155fd6ada817c17c456017`
VirtualSize	`0x1ad6a4`
VirtualAddress	`0x3d4000`
SizeOfRawData	`0xfa600`
PointerToRawData	`0x3d2200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.73147`

.pdata

MD5	`bee244a99dc9252e5754a68e1088c50b`
SHA1	`e59824389d115d7ae981c6393e4d9c378e84a485`
SHA256	`a2b1cee01357e655613a704197983bd230867e62fdfcfda5a9253dd54b61faaf`
SHA3	`29f598d72b4db9d3b0cfe746f40c09bc0a866955baa7f927fd0e062b24d3d74f`
VirtualSize	`0x1c914`
VirtualAddress	`0x582000`
SizeOfRawData	`0x1ca00`
PointerToRawData	`0x4cc800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.30776`

_RDATA

MD5	`f3e187ba4127a441ce9616e38347b244`
SHA1	`7ac9dc3bdb53d258c6eefc92a90018f4669239a3`
SHA256	`d3c9d67f60f70021ff0faa4db4f57a657166038de8289f3556e988f8acbe6960`
SHA3	`03f748bbdedbc3523f053487fea3540a8db3e4effc71c66d503820aefb99a34c`
VirtualSize	`0xfc`
VirtualAddress	`0x59f000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4e9200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.43936`

.rsrc

MD5	`c6fc10683193310cbe8bfc13b534b8dc`
SHA1	`205aa5b28ce8250d2e83d09016f32f6ef9fc6290`
SHA256	`37a5254dd937c31ac04e4180f2f01a7896079717b88c56fb84678a796ca9a24a`
SHA3	`31ce6c4e044e57ab995f6f731967333e3ef2df4c523533fc1d13edc763863014`
VirtualSize	`0x1f858`
VirtualAddress	`0x5a0000`
SizeOfRawData	`0x1fa00`
PointerToRawData	`0x4e9400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.43334`

.reloc

MD5	`348bcfda2fb7e4a110b8d625523e06fa`
SHA1	`0d11b0c62470912d40335ad8d527af7493cd07e5`
SHA256	`ae9c86ca4b08f095ab69023d08ef0de067597d3f6cea1a0ac507c879c029c7d5`
SHA3	`bf2bee88f0a9cf7a1f80a0aad61d26361e0a70257890a55b0c2e8d44634946ab`
VirtualSize	`0x79b8`
VirtualAddress	`0x5c0000`
SizeOfRawData	`0x7a00`
PointerToRawData	`0x508e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.45154`

Imports

KERNEL32.dll	`MoveFileExW` `SetEvent` `ResetEvent` `WaitForSingleObjectEx` `CreateEventW` `ConnectNamedPipe` `SetNamedPipeHandleState` `CreateNamedPipeW` `GetOverlappedResult` `GetLocaleInfoA` `GetUserDefaultLCID` `VerSetConditionMask` `FreeLibrary` `GetProcAddress` `LoadLibraryW` `GlobalAlloc` `VerifyVersionInfoW` `SystemTimeToTzSpecificLocalTime` `TzSpecificLocalTimeToSystemTime` `FileTimeToSystemTime` `SystemTimeToFileTime` `CreateMutexW` `OpenMutexW` `GetSystemTime` `CreateThread` `SetThreadPriority` `GetExitCodeThread` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `LocalAlloc` `PostQueuedCompletionStatus` `MultiByteToWideChar` `WideCharToMultiByte` `ExitProcess` `GetCurrentProcess` `OutputDebugStringW` `WriteFile` `GetStdHandle` `WriteConsoleW` `HeapSize` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `GetCommandLineA` `GetACP` `CopyFileW` `FindFirstFileExW` `EnumSystemLocalesW` `IsValidLocale` `GetLocaleInfoW` `LCMapStringW` `GetExitCodeProcess` `DeviceIoControl` `GetFileAttributesExW` `SetStdHandle` `GetConsoleOutputCP` `ReadConsoleW` `GetConsoleMode` `GetFileType` `GetModuleHandleExW` `SetConsoleCtrlHandler` `LoadLibraryExW` `RtlUnwind` `RtlPcToFileHeader` `RtlUnwindEx` `HeapReAlloc` `RaiseException` `GetVersion` `GetModuleFileNameA` `ReleaseMutex` `GetProcessHeap` `HeapFree` `HeapAlloc` `CreateFileA` `LoadLibraryA` `GetSystemDirectoryA` `InitializeSListHead` `GetSystemTimeAsFileTime` `GetStartupInfoW` `IsDebuggerPresent` `IsProcessorFeaturePresent` `UnhandledExceptionFilter` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `RtlCaptureContext` `InitializeCriticalSectionAndSpinCount` `GetStringTypeW` `LCMapStringEx` `GetCPInfo` `CompareStringEx` `DecodePointer` `EncodePointer` `InitializeCriticalSectionEx` `IsValidCodePage` `TerminateProcess` `GetCurrentProcessId` `WaitForSingleObject` `CreatePipe` `SetHandleInformation` `FormatMessageW` `GetCommandLineW` `LocalFree` `GetModuleFileNameW` `GetSystemDirectoryW` `GetTickCount` `SwitchToThread` `Sleep` `QueryPerformanceFrequency` `QueryPerformanceCounter` `SetLastError` `SetUnhandledExceptionFilter` `GetTempPathW` `SetEnvironmentVariableW` `DeleteCriticalSection` `TryEnterCriticalSection` `SetFilePointerEx` `SetFileAttributesW` `SetEndOfFile` `ReadFile` `GetFullPathNameW` `GetFileTime` `GetFileSizeEx` `FlushFileBuffers` `FindNextFileW` `FindFirstFileW` `FindClose` `DeleteFileW` `CreateFileW` `CreateDirectoryW` `CreateProcessW` `GetProcessAffinityMask` `CompareStringW` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `GlobalLock` `GlobalUnlock` `GlobalSize` `GetLastError` `GetFileAttributesW` `GetModuleHandleW` `OpenProcess` `GetCurrentThreadId` `CloseHandle` `GetOEMCP`
USER32.dll	`InsertMenuItemW` `SetMenuItemInfoW` `GetAncestor` `IsIconic` `CreateIconIndirect` `SetLayeredWindowAttributes` `IsZoomed` `GetMenu` `SetMenu` `SetWindowRgn` `RedrawWindow` `AdjustWindowRectEx` `SetWindowLongPtrW` `RegisterWindowMessageW` `GetMessageW` `TranslateMessage` `DispatchMessageW` `SendMessageW` `PostMessageW` `DefWindowProcW` `PostQuitMessage` `RegisterClassW` `SetMenuInfo` `TrackPopupMenuEx` `RemoveMenu` `DestroyMenu` `DestroyWindow` `SetWindowPos` `ReleaseCapture` `GetSystemMetrics` `GetForegroundWindow` `GetDC` `ReleaseDC` `SetWindowTextW` `GetWindowTextW` `GetDesktopWindow` `GetWindowLongW` `SetWindowLongW` `FindWindowW` `GetWindowThreadProcessId` `LoadCursorW` `LoadIconW` `DestroyIcon` `SetScrollInfo` `GetScrollInfo` `SetDlgItemTextW` `GetActiveWindow` `MessageBoxW` `TrackMouseEvent` `GetMessagePos` `GetMessageTime` `IsWindow` `UpdateLayeredWindow` `ShowWindowAsync` `IsWindowVisible` `BringWindowToTop` `SetFocus` `GetFocus` `MapVirtualKeyW` `GetCapture` `SetCapture` `EnableWindow` `IsWindowEnabled` `BeginPaint` `EndPaint` `InvalidateRect` `GetClientRect` `GetWindowRect` `GetCursorPos` `ClientToScreen` `ScreenToClient` `GetWindow` `MonitorFromWindow` `PeekMessageW` `UnregisterClassW` `GetWindowLongPtrW` `GetRawInputData` `RegisterRawInputDevices` `GetSysColor` `SetParent` `SetCursor` `DestroyCursor` `GetKeyState` `SetForegroundWindow` `EnumDisplaySettingsW` `GetMonitorInfoW` `EnumDisplayMonitors` `GetWindowTextLengthW` `CreateWindowExW` `CreateMenu` `CreatePopupMenu` `RegisterClassExW`
GDI32.dll	`SetTextColor` `SetBkMode` `SetBkColor` `CreateSolidBrush` `CreateRoundRectRgn` `CreateEllipticRgn` `CreateDIBSection` `CreateBitmap` `GetDeviceCaps` `CreateDCW` `BitBlt` `EnumFontFamiliesExW` `CreateFontW` `StretchDIBits` `SelectObject` `DeleteObject` `DeleteDC` `CreateCompatibleDC` `CreateCompatibleBitmap`
COMDLG32.dll	`GetOpenFileNameW` `GetSaveFileNameW`
ADVAPI32.dll	`SetServiceStatus` `RegCloseKey` `FreeSid` `CheckTokenMembership` `AllocateAndInitializeSid` `CryptGenRandom` `CryptReleaseContext` `CryptAcquireContextW` `GetUserNameW` `RegEnumValueW` `RegOpenKeyExW` `RegSetValueExW` `ChangeServiceConfigW` `CloseServiceHandle` `ControlService` `CreateServiceW` `DeleteService` `OpenSCManagerW` `OpenServiceW` `QueryServiceConfigW` `QueryServiceStatusEx` `StartServiceW` `ImpersonateNamedPipeClient` `InitializeSecurityDescriptor` `SetSecurityDescriptorDacl` `RegCreateKeyExW` `RegQueryInfoKeyW` `RegQueryValueExW` `RegisterServiceCtrlHandlerW` `StartServiceCtrlDispatcherW` `RegDeleteValueW` `RegOpenKeyExA` `RegQueryValueExA` `OpenServiceA` `QueryServiceStatus`
SHELL32.dll	`ShellExecuteExA` `SHGetPathFromIDListW` `SHGetMalloc` `SHBrowseForFolderW` `ShellExecuteExW` `Shell_NotifyIconW` `SHGetFolderPathW` `DragQueryFileW`
ole32.dll	`CoTaskMemFree` `OleDuplicateData` `CoInitializeEx` `ReleaseStgMedium` `DoDragDrop` `RevokeDragDrop` `RegisterDragDrop` `OleInitialize` `CoCreateInstance` `CoUninitialize` `CoInitialize`
COMCTL32.dll	`#413` `InitCommonControlsEx` `#410`
VERSION.dll	`GetFileVersionInfoSizeW` `VerQueryValueW` `GetFileVersionInfoW`
WS2_32.dll	`freeaddrinfo` `htonl` `WSAStartup` `WSAGetLastError` `htons` `ntohs` `WSACleanup` `ntohl` `inet_addr` `inet_ntoa` `gethostbyaddr` `gethostbyname` `getservbyport` `getservbyname` `WSASetLastError` `getprotobyname`
SETUPAPI.dll	`SetupCopyOEMInfW`
gdiplus.dll	`GdipSetPenColor` `GdipGetPenColor` `GdipGetPenFillType` `GdipCreateImageAttributes` `GdipDisposeImageAttributes` `GdipSetImageAttributesColorMatrix` `GdipSetSmoothingMode` `GdipSetInterpolationMode` `GdipSetWorldTransform` `GdipTranslateWorldTransform` `GdipGetWorldTransform` `GdipDrawLine` `GdipDrawLines` `GdipDrawArc` `GdipDrawRectangle` `GdipDrawEllipse` `GdipDrawPie` `GdipDrawPolygon` `GdipDrawPath` `GdipFillRectangle` `GdipFillPolygon` `GdipFillEllipse` `GdipFillPie` `GdipFillPath` `GdipDrawImageRectRect` `GdipSetClipRect` `GdipSetClipPath` `GdipGetClipBounds` `GdipSaveGraphics` `GdipRestoreGraphics` `GdipDrawString` `GdipAddPathEllipse` `GdipCreateTexture` `GdipCreateLineBrush` `GdipSetPenLineCap197819` `GdipSetLineWrapMode` `GdipCreatePathGradientFromPath` `GdipSetPathGradientCenterColor` `GdipSetPathGradientSurroundColorsWithCount` `GdipSetPathGradientCenterPoint` `GdipGetPathGradientPointCount` `GdipSetPathGradientPresetBlend` `GdipSetPenMiterLimit` `GdipSetPenDashStyle` `GdipSetPathFillMode` `GdipStartPathFigure` `GdipClosePathFigure` `GdipAddPathLine` `GdipAddPathBezier` `GdipGetCellAscent` `GdipGetEmHeight` `GdipGetGenericFontFamilySansSerif` `GdipDeleteFontFamily` `GdipCreateFontFamilyFromName` `GdipGraphicsClear` `GdipBitmapUnlockBits` `GdipBitmapLockBits` `GdipCreateBitmapFromScan0` `GdipGetImageGraphicsContext` `GdipDisposeImage` `GdipCloneImage` `GdipDeleteGraphics` `GdipCreateFromHDC` `GdipFree` `GdipAlloc` `GdipSetPenLineJoin` `GdipDeletePen` `GdipClonePen` `GdipCreatePen1` `GdipGetSolidFillColor` `GdipSetSolidFillColor` `GdipCreateSolidFill` `GdipGetBrushType` `GdipDeleteBrush` `GdipCloneBrush` `GdipGetMatrixElements` `GdipDeleteMatrix` `GdipCreateMatrix2` `GdipCreateMatrix` `GdipWidenPath` `GdipAddPathString` `GdipDeletePath` `GdipClonePath` `GdipCreatePath` `GdiplusStartup` `GdipCreateBitmapFromHBITMAP` `GdipGetCellDescent` `GdipGetImageWidth` `GdipGetStringFormatFlags` `GdipSetStringFormatFlags` `GdipCloneStringFormat` `GdipDeleteStringFormat` `GdipStringFormatGetGenericTypographic` `GdipMeasureString` `GdipGetFontSize` `GdipGetFontStyle` `GdipDeleteFont` `GdipGetFamily` `GdipCreateFont` `GdipSetLinePresetBlend` `GdipGetLineSpacing` `GdipGetImageHeight`
IPHLPAPI.DLL	`GetAdaptersAddresses`
SHLWAPI.dll	`PathFileExistsA`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.76931`
MD5	`2efb146cbf1fd6e3d2b9660b867aa353`
SHA1	`db7cab56496427fadde454c03c65b0a4a1b003e8`
SHA256	`eb30779699c708944bea3bf73adf2131b3c5d35657fc2d5720ccbb54439a586e`
SHA3	`2354ff9e7f64d4838ad298cc78d178463630b1ca9e1fde38760dbab1f3f62ad1`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.04498`
MD5	`13430ca9c147653434c69d538bbdc11c`
SHA1	`2e58eacae9a22978a444eea6b1b14ccb32700f86`
SHA256	`7116fc53e111371eca170a878fedf15c2261ab5731bd7be45633556c38b7e7a8`
SHA3	`be5299ce964c54b7bd2dbfd6948e3c09f8cc6d2204ae258c49fc9c81fb757558`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.58977`
MD5	`64f0ecc31fa8110da3cbfae055c2ecc7`
SHA1	`046def201319face20d832f9e70e7a293364163c`
SHA256	`782b1ac1a05e6c8b3fa1a2a5737f68144a214f3d6341d2f23cc5b2984cb38a0d`
SHA3	`bb316e2bf83c3048a996622d093f62a780fdfaae6eebba49b6a20bb9fa205593`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.42423`
MD5	`4e5790af0a954b936209a686f39ac5f5`
SHA1	`a883e1fbeb54d1026f1a7ba8d37fd1caf5de4914`
SHA256	`fefac7f17cdf628472456b4dbf7a0fc9c8704e13698c34371fed5af4a6398255`
SHA3	`5339a253dd5835f5befa0337570bc1beb9d8b08d97bb45898edd0fd6af677e3d`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.96612`
MD5	`f4f5d2bedb3335ca1e5e249ba16b2a3d`
SHA1	`9bbbebaf9f4daf7c87c72a17f58c6b26a7bfaaeb`
SHA256	`dd07eefa79e6cc1ad9ccafc5ac678253dfaefee747f7a3bd1355a73c1dcd57e7`
SHA3	`100a0c3285a15ccca16f96e406095946eb9abcd880e2cb009d4e67fea280f34a`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6afe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9698`
Detected Filetype	PNG graphic file
MD5	`0a22452371fabb809d33be0161f856ca`
SHA1	`68072a9a8a9b8804d8bcae1bcdc52454beddd77c`
SHA256	`6a1416a6bc4a5310d18b543104dac8bcce2f6d3fc6e4d36944e2d04977a5b924`
SHA3	`70a274298cf48e4b34cf8786fe1035375834329f076cb8167f185d0a655c95c0`

32512

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79908`
Detected Filetype	Icon file
MD5	`d72f2171d147a8fa2df220c64d165058`
SHA1	`b0e8db506e6328f812fa4fc9d551bba21adaaa4f`
SHA256	`f69afd2ef35844da3141705b9675bf36ba47a1f36ba799fb9b67e9dca19449dc`
SHA3	`7c462efc95d7bca078c4fc03c934b1396dfbce41fb5320f3a7fddd3bd4493e78`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2a4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34995`
MD5	`3eb3f67ed4c1fde7c5e1127852b34f4b`
SHA1	`06daf7510ea1670ce41d02755cc8e4461a2f86f5`
SHA256	`bf3567addfbca13cb2d3e7c4b507d90e609e3b123c0c34b1d36c61b2645670d8`
SHA3	`e6888669bfe4e9377f21d9adf4ae81fbab76aee97dcf6a23d4e96b12cfc0f9b6`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x321`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.13034`
MD5	`cd3ff49c95471d842fdda39809432961`
SHA1	`c385011902782b706aad60d708e1a398edeb65b3`
SHA256	`1bfd4b64c157d1ef6712c1778400f941b46da2d87ffff6124154da8d0c61199c`
SHA3	`7bc024097d1d18329bec477fd70a9af2169497eb1ad0980ac1899f9f88281a9f`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	23.10.3.0
ProductVersion	23.10.3.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	HopanaTech
FileDescription	Hopmon
FileVersion (#2)	23.10.3
InternalName	Hopmon.exe
LegalCopyright	Copyright (C) 2023
OriginalFilename	Hopmon.exe
ProductName	Hopmon
ProductVersion (#2)	23.10.3

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-Nov-01 06:50:32
Version	`0.0`
SizeofData	`99`
AddressOfRawData	`0x3a1d04`
PointerToRawData	`0x3a0b04`
Referenced File	C:\Users\HOPE\Desktop\JCB\SLIBIO\Hopmon\Win32\build\x64-Release\Hopmon.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2023-Nov-01 06:50:32
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x3a1d68`
PointerToRawData	`0x3a0b68`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2023-Nov-01 06:50:32
Version	`0.0`
SizeofData	`1008`
AddressOfRawData	`0x3a1d7c`
PointerToRawData	`0x3a0b7c`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2023-Nov-01 06:50:32
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x1403a2190`
EndAddressOfRawData	`0x1403a2198`
AddressOfIndex	`0x1404d8810`
AddressOfCallbacks	`0x1402e4808`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1403e9f60`

RICH Header

XOR Key	`0x1b9a90ce`
Unmarked objects	`0`
ASM objects (27412)	`33`
C++ objects (27412)	`204`
253 (28518)	`5`
C objects (30034)	`19`
ASM objects (30034)	`12`
C++ objects (30034)	`78`
C objects (27412)	`46`
C objects (CVTCIL) (27412)	`1`
Imports (27412)	`29`
Total imports	`537`
C++ objects (30151)	`220`
C objects (30151)	`21`
C++ objects (LTCG) (30151)	`36`
Resource objects (30151)	`1`
151	`1`
Linker (30151)	`1`

81b9fb1f7b224d1dded8a588aada3dae

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

_RDATA

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

IMAGE_DEBUG_TYPE_ILTCG

TLS Callbacks

Load Configuration

RICH Header

Errors