Manalyze report for 835204f34b4e71801b358ca040a4a7f0

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Apr-10 16:03:20
Detected languages	English - United States
CompanyName	VIP Technologies
FileVersion	`1.8.3.0`
FileDescription	VIP72 Tunneling Client
LegalCopyright	Copyright © 2001-2017, VTECH
OriginalFilename	vip72socks.exe
ProductName	VIP72 Tunneling Client
SpecialBuild	Engine Version 16f

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ v6.0 DLL` `MASM/TASM - sig2(h)`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to MD5`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Can access the registry: RegSetValueExA RegQueryValueExA RegCreateKeyExA RegCloseKey` `Possibly launches other programs: ShellExecuteA` `Leverages the raw socket API to access the Internet: #111 #115 #1 #2 #3 #4 #52 #11 #12 #10 #13 #16 #17 #18 #19 #20 #21 #22 #23` `Functions related to the privilege level: OpenProcessToken AdjustTokenPrivileges` `Can take screenshots: CreateCompatibleDC BitBlt GetDC`
Suspicious	The PE is possibly a dropper.	`Resources amount for 91.6797% of the executable.`
Info	The PE is digitally signed.	`Signer: Soft-Pro` `Issuer: COMODO RSA Code Signing CA`
Malicious	VirusTotal score: 3/71 (Scanned on 2019-01-29 03:58:22)	`ClamAV: Win.Virus.Sality-6823067-0` `DrWeb: BackDoor.Anunak.117` `Webroot: W32.Trojan.Gen`

Hashes

MD5	`835204f34b4e71801b358ca040a4a7f0`
SHA1	`dec6d6e47bcccc9bb938826f07202343daeabac8`
SHA256	`3536d70d1482db2f13ec53aac1662358e6211b806c1a3893b4a3101c9a9030d4`
SHA3	`84b61e409008c74393990401c2df8afcc3c72b300184a2c466984dde6af8a194`
SSDeep	`6144:8dLr6LI9X5/ydux5EwStkopPVOYBycDHNLgktUhP1B7VATaDHM7YqRPbxsvoGIsk:8dLSiJ/ydud4kopPVOYBycDHNLgegiT`
Imports Hash	`0888135c3156a967183c9c3c0e48c60b`

DOS Header

e_magic	`MZ`
e_cblp	`0`
e_cp	`0x1`
e_crlc	`0`
e_cparhdr	`0x2`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0x40`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x40`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2017-Apr-10 16:03:20
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`5.0`
SizeOfCode	`0x16000`
SizeOfInitializedData	`0x15f600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00001000 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x17000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x178000`
SizeOfHeaders	`0x200`
Checksum	`0x1592c1`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`e04f526ccc9def887cae0b8c878b6d9b`
SHA1	`46ccb10e74af01a0ab8832e52a62fc0511dfeb11`
SHA256	`d991e3eb69839a57568587daea828986e7f004633bef6d87fe9b5224de132d07`
SHA3	`7d684854b5c0580479a5e19015a3391cb6210c6ee600e360991bb2d015303a8d`
VirtualSize	`0x15f98`
VirtualAddress	`0x1000`
SizeOfRawData	`0x16000`
PointerToRawData	`0x200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.15364`

.rdata

MD5	`9ca0516de432a91985d472a6979fa993`
SHA1	`093163bbb4851c33232ff89841d7fb0a829bd4d2`
SHA256	`544c83a7d87342731c07a7b53089652b1c703ac04559615a999177381a330937`
SHA3	`c05f33a737f600552814251b57f9a4e416722e28ea5a1fa9d085f0e462af01ec`
VirtualSize	`0x13e6`
VirtualAddress	`0x17000`
SizeOfRawData	`0x1400`
PointerToRawData	`0x16200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.39013`

.data

MD5	`5e146cb30de95c76e939c9919d2e2e95`
SHA1	`3c3673726ee6a429a1c0f2971955eeea4240dbfc`
SHA256	`58ca20232ed4740e5ea8cf3032095a3d8ed0428812bc1014bd7189799d770878`
SHA3	`d826e5e57f012cba89988c450208a59061a96e4ef45e77173afe38ae32ba80ac`
VirtualSize	`0x2d76f`
VirtualAddress	`0x19000`
SizeOfRawData	`0x2000`
PointerToRawData	`0x17600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.26325`

.rsrc

MD5	`fad65f8cb2996c6ee172f2034c446b8e`
SHA1	`2dcb79b80457cab52b76e312004c96998fb43960`
SHA256	`c11c558067c908924d33a0a4cf247ac4990b4e3c2889a345690ab29cab79c28b`
SHA3	`eb14ed4d121885026190f76ca640146ce5849a914587c933b2fdca76cd4b8d7a`
VirtualSize	`0x130898`
VirtualAddress	`0x47000`
SizeOfRawData	`0x130a00`
PointerToRawData	`0x19600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.46915`

Imports

USER32.dll	`DeleteMenu` `DestroyMenu` `DialogBoxParamA` `DispatchMessageA` `wsprintfA` `EmptyClipboard` `EnableWindow` `EndDialog` `FillRect` `GetClientRect` `GetCursorPos` `GetDlgCtrlID` `GetDlgItem` `GetDlgItemInt` `GetDlgItemTextA` `GetMessageA` `GetParent` `GetSysColor` `GetWindowDC` `GetWindowLongA` `GetWindowRect` `InsertMenuA` `IsDlgButtonChecked` `LoadBitmapA` `LoadCursorA` `LoadIconA` `LoadImageA` `MessageBeep` `MessageBoxA` `ModifyMenuA` `MoveWindow` `OpenClipboard` `RedrawWindow` `RegisterClassExA` `ReleaseCapture` `ReleaseDC` `SendMessageA` `SetActiveWindow` `SetCapture` `SetClipboardData` `SetDlgItemInt` `SetDlgItemTextA` `SetFocus` `SetForegroundWindow` `SetWindowLongA` `SetWindowPos` `SetWindowRgn` `SetWindowTextA` `ShowWindow` `TrackPopupMenu` `TrackPopupMenuEx` `TranslateMessage` `DefWindowProcA` `CreateWindowExA` `CreatePopupMenu` `CloseClipboard` `CheckDlgButton` `CharUpperBuffA` `CallWindowProcA`
KERNEL32.dll	`lstrlenA` `lstrcpynA` `lstrcpyA` `lstrcmpiA` `lstrcmpA` `lstrcatA` `_lwrite` `_lread` `_llseek` `WaitForSingleObject` `TerminateThread` `Sleep` `SetTimeZoneInformation` `SetEvent` `RtlZeroMemory` `ResetEvent` `OpenMutexA` `OpenEventA` `LoadLibraryA` `IsBadWritePtr` `IsBadReadPtr` `HeapFree` `HeapAlloc` `GlobalUnlock` `GlobalLock` `GlobalAlloc` `GetVersionExA` `GetTimeZoneInformation` `CloseHandle` `CreateEventA` `CreateFileA` `CreateMutexA` `CreateThread` `ExitProcess` `ExitThread` `GetCommandLineA` `GetCurrentProcess` `GetCurrentThreadId` `GetFileSize` `GetModuleHandleA` `GetProcAddress` `GetProcessHeap` `GetSystemTime` `GetTimeFormatA`
COMCTL32.dll	`ImageList_Create` `ImageList_AddIcon`
GDI32.dll	`SetBkColor` `SelectObject` `GetStockObject` `SetBkMode` `DeleteObject` `DeleteDC` `CreateSolidBrush` `CreateRectRgn` `CreatePatternBrush` `CreateCompatibleDC` `CreateCompatibleBitmap` `CreateBrushIndirect` `CombineRgn` `BitBlt` `SetTextColor` `GetPixel`
SHELL32.dll	`Shell_NotifyIconA` `ShellExecuteA`
ADVAPI32.dll	`RegSetValueExA` `RegQueryValueExA` `RegCreateKeyExA` `RegCloseKey` `OpenProcessToken` `LookupPrivilegeValueA` `AdjustTokenPrivileges`
WS2_32.dll	`#111` `#115` `#1` `#2` `#3` `#4` `#52` `#11` `#12` `#10` `#13` `#16` `#17` `#18` `#19` `#20` `#21` `#22` `#23`
shell32.dll	`SHGetFolderPathA`
gdi32.dll	`CreateDIBSection` `CreateDIBitmap` `CreateFontIndirectA` `CreatePen` `GetClipBox` `GetDeviceCaps` `GetObjectA` `GetTextColor` `LineTo` `MoveToEx` `PatBlt` `Rectangle` `RestoreDC` `SaveDC` `SetPixel`
user32.dll	`GetMenu` `GetMenuInfo` `GetMenuItemCount` `GetMenuItemInfoA` `GetMenuStringA` `GetPropA` `GetSubMenu` `GetSysColorBrush` `GetWindowTextA` `GetWindowTextLengthA` `InflateRect` `InsertMenuItemA` `InvalidateRect` `IsMenu` `GetIconInfo` `RemoveMenu` `RemovePropA` `SetClassLongA` `SetMenuInfo` `SetMenuItemInfoA` `SetPropA` `SystemParametersInfoA` `TrackMouseEvent` `FrameRect` `DrawTextA` `DrawMenuBar` `DrawIconEx` `CopyRect` `IsWindow` `GetDC` `DrawEdge`
kernel32.dll	`GlobalFree` `MulDiv` `GetVersion`
comctl32.dll	`ImageList_GetIcon`
msimg32.dll	`GradientFill`
winmm.dll	`PlaySoundA`

Delayed Imports

2611

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7498`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.63132`
MD5	`b009326b67f02239f77d0b4aadadda74`
SHA1	`4f40d350bc0d244fc39749a10e33219fe1ef17f2`
SHA256	`7aa057cd83d65ab72219e5ef587f2d5b6056d3ae1894af9f0987ad5c5f5ebc8e`
SHA3	`472203104d576a25e91d4c522632b0c8e3e6c465740518f2b6fa8bd1cdd98794`
Preview

37791

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11f69a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.18111`
MD5	`c659471a89ba4e64d756336f1ea49852`
SHA1	`55a266c3c63540d438accdeeaa5ef70038fd32e8`
SHA256	`930a44d10cff0f0bf4ca3e041b60b609d46dd335743d6b4a1074cd1d97e6f662`
SHA3	`b9b2d2db4b04cf3e0fd0377d7875ca2bdfbfa5566c315e3fbdddf5a2ee182c81`
Preview

53110

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.17124`
MD5	`43e520a6700460626130bb89d1220010`
SHA1	`b97b4826e5ac442e84bbf89c52df6de221bb337d`
SHA256	`d45c46cf092189725353c2240da3aea77bfd8ee5f19311f40337aade080c1d03`
SHA3	`012873a5e76a0a7bfd8279880a87d559190329cf57c9a3345fc3a1555db924c7`
Preview

53111

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.87952`
MD5	`356c6efe37d6699867776adb825dc463`
SHA1	`33a2451b809de1bdabe5a00a39ca5ce181eb41c4`
SHA256	`743b70c1e10b017624563953f4a0d163176889b2bbe0883feb6079898220b8c2`
SHA3	`4fd6faf1565614e262ae1669fbf126cad85d891e0cf0e6b4b55cb542f2a0a875`
Preview

53112

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.0467`
MD5	`8a455fa91f5c1a1efde620ffa4a8e585`
SHA1	`a4ae846f53649f6a3fe523b4fe024eb10e9fc113`
SHA256	`809d57e52d00da3a71add651a1417c1e9adbf3292868a9406eb21414044b1444`
SHA3	`ca0bf12ac662c37fbee4668108433cb68f631f7bec4e30ec18e460cc96d9ec69`
Preview

56110

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.49187`
MD5	`1f25448902d719fd6438c0c82b02e293`
SHA1	`6e3b77538b58b138a5d07ff5a95646738475c642`
SHA256	`01162096ad7e653bff0353a134603eab0b0d6d84fb57709ae107b554d411c7f9`
SHA3	`506a54996dcd0241b7dd8ad93273c9509a84c61a7388fffd338c2a60a0ba110a`
Preview

56111

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.85464`
MD5	`0e7efaed8ed758a75e4cbb1069c3bafa`
SHA1	`0c38fda6ceba54d114ea67f04f66ddcd060772ff`
SHA256	`4600888cc13e4a345d2418ea7c6f687fe0250bb53443f281f37ee8b4ba1f051d`
SHA3	`9f0cafe4ad1adaee2014bd37f1fb562355201d55294d0d18ed686e137e0c710b`
Preview

56112

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.48431`
MD5	`ddfa56d63384c2e2cd93bcefcb873a6b`
SHA1	`4bc5132b75c251eb750b6797d85c4daf9c148a99`
SHA256	`a68b712584b4e860f587e12f11ff36b2ee9321ab4c3da8b8b9cf2e723a051729`
SHA3	`655e168b439e96f420d9e341425886712b94d318b5a2daed5fb5f0d467a55398`
Preview

57110

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.1382`
MD5	`477c8c04930a84019dd9fd691d52ddf5`
SHA1	`0a81a7fde68609267cc77e7f5164af3f8caf0ebd`
SHA256	`266b236043053761e30085e753940775e308dc4b14b2276c05b5c73d43618ac6`
SHA3	`e562c792262716429d67ed38b15d00293ede96843e42276bc03bd0bd5b169dba`
Preview

57111

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.46074`
MD5	`066305cf863ed8d27d289706a93a481c`
SHA1	`c108b24fd6d4eddb8f9ae0e71e8642f61bb41ea5`
SHA256	`6a9ee2d1b70270499c26b6b0c4f6d8d7fdb890301e7725dd2db2343af9cd3b84`
SHA3	`3e9e7352a8ff2fa221110f91765536fbc66788247cb51217f3c95ba8fa50c5cf`
Preview

57112

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.54786`
MD5	`e80a3db12abb89460a484fe2fa49bded`
SHA1	`4833c3179abbd1c01c1eb7234170f7cc9889dad2`
SHA256	`17268502532fd77d3f48f52527ab6448c28cf1dedd266d898d018242e4fc2293`
SHA3	`42fdd32cc4ef0950b3f80f088928bfb2c9507db84074505b75d35bbcde5a99d2`
Preview

58110

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.94528`
MD5	`0682380ea491e8abd609e13d6e583385`
SHA1	`3ef5c3b5e9dab5acb5080f051522dccce53cf648`
SHA256	`8ee8a03f7b36257704facc3fab425b92b236b42db8fbee65f0c7c2cac925cec3`
SHA3	`99c8d7682ca571496855a094ffac14c44bea404fe7691fd4336be5ab849876e8`
Preview

58111

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.93715`
MD5	`952f7397f888c3bb00298daa611b2be5`
SHA1	`54ba75fe6bb8d6bc9abba3d3221421804746c645`
SHA256	`51bc6db0985696ca0a230a26dd272963ce1e2299cb15e9d58ca38989836054b0`
SHA3	`3361d7fd31c70f29e3c212a3e936058c049eca5730e8767f1ca518a35f909376`
Preview

58112

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.05809`
MD5	`51a5766d10da1600c4fbbb8eb64fead8`
SHA1	`45e99438a21a2144aa9752efbc66955e89874fb8`
SHA256	`948e953980aec74a8e7ec44d95c13642faac7b0fb59fa694a6243868ba6fabc2`
SHA3	`620347d8a34eeb066653013dbfa5f7ec9c45959fb1d32de7e931d609de79c115`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.22582`
MD5	`0ea01ebffe1664b4b237227db936fffb`
SHA1	`f5bc35d7b62bf7cbfd15b19693c60686ffa7a33b`
SHA256	`fd161bc1c2e73afcec538167ea65aa1ebb325855298264fcc149d46f339478fe`
SHA3	`a6979f462ca490f882df1568fafac5020858e9f6950ddffb5695f460ded00718`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.58595`
MD5	`78db31736056699d7f2365bae4d4655a`
SHA1	`75cbdb1498996a46157a119b80a6d600ce2c15ad`
SHA256	`b1acf7b1c07f60d612c9a52bd7b7ad9f50fdf7c40c01cfb3c1f6d315bf5063e8`
SHA3	`07d25d60b78571beb8712ecfec36e4c07d1c3ba7e7c2f810910d28a5e6bd4809`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.42243`
MD5	`ea43c6e30b47196a999e58dc722cf4e7`
SHA1	`f1c1ebf95603f1bfa66aafe20a0c2f9f663f72a0`
SHA256	`c1649bc8f65bb0b5e896a34cc73a6ac9f94e87c30dfe12f123e59fd5b3884381`
SHA3	`b77aab2d3e5a17ce15a525d4d73a5a6f659886b5cf3cbbb714d26de74b78b396`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.37497`
MD5	`73e7ea4f5e215d10ecd83509daeb1821`
SHA1	`a678022274dff9f5a4120d483eeddfcc78806fcd`
SHA256	`316770d169c02e4b0441c438759d0f9950d63577435a93ef4c3027c2a6fd9975`
SHA3	`432e3425fdd81f826996896d8204224c1eb6bf81e5ff093a5e45b863b63f43c5`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.958919`
MD5	`023ebb7baf2fd4ca506f809b70c42452`
SHA1	`0209979b47b228374646f9ed4fcc4a2473aae354`
SHA256	`a4d6134372a3dcf75581c1fb47e0780deb06706a003003403862da7c646e5d85`
SHA3	`9ea84fa77cda6caebee843318796d360b9742dc487e79e1b88796606febbff99`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.32588`
MD5	`13a5c75a7f539addde0d6ffeb6409fc8`
SHA1	`6bcaaeefc0471e5a5c2c450f014561cbff90f34d`
SHA256	`5ec7348347647ef0e636766ee1c73d5e5b340d8bf6da7048f560f8e7dcf5935a`
SHA3	`bbcb1a37a18544d25353e9a46a78305a43b22e309461d291db4a60d1adaa2701`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.14402`
MD5	`527eaece36de9d9e18bce4b352c8d7e5`
SHA1	`f08b62f963e9919c93797d15eb3b16e038feda83`
SHA256	`773b76a5bd2c798de053778d08ee595596e4ce5555b672a163c62dc0ae3ef1e2`
SHA3	`dbd80d097f0cf1752c5ca6713da71239edcd42ab29c156715453e50d4ceb0d74`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.931936`
MD5	`e4f5a3f4d611dee1c2fc898ee7fb9fe2`
SHA1	`02633b16b2d4e1c519aab2ac4b69eb280a8a75af`
SHA256	`7732eb29df6985fe513dc1fe86b550be68539110546fb7a27d049a6b5505c760`
SHA3	`4531a00d31629e5a126db2d6f8fd7213774b5fffb1af8edb3aa1cb947b5ddd60`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.01564`
MD5	`17be62160c6284c2ed34f13e134eb24f`
SHA1	`8e26db1c4b105249dddd41aa3d2954752d895b57`
SHA256	`d484945af04d6317baa9650c09e2707846f0a85303a729242e49a84435669208`
SHA3	`473c41afc48bc1a1bb6eb7a06cac8591e393069aefcf5029d9a7653b33e0f617`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.69262`
MD5	`3d6cd9af67dfb438a04928863d60a9be`
SHA1	`bd95f2eaf84a78e9365c51ef9c022c5894868a8d`
SHA256	`37664fa5a495147d4ba7f412acdfb027f1bb8930d1af52610c0964275b62eee9`
SHA3	`5a32a684f35cfc20ce00c6b8238c95116bf141ae0adb1b061a36d73af7cfec8d`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.871579`
MD5	`3d2d067c548b7e76d739be29ba49ec76`
SHA1	`adb9f776f9bc0c31c3e95c43802e4839b7aee93d`
SHA256	`b01fb41fdcdccb6d10a3dfe7d1c1014da3572bd73ba287d0d0b7f127468d927e`
SHA3	`5546e8ea7f499cd6fe4e2249a254395e69e2931a3dd13b6867ad946eedf5d5b2`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.3992`
MD5	`eaee33bba00279971addcbd5f4960be3`
SHA1	`1a483838ebc17d8240b958152cf9bcb11e13427b`
SHA256	`dd82c0623ef28f87b7d61b94f2b56a3a811798d07c899fca42152de7dccc4907`
SHA3	`ead85246efc07f615883dc4464e1b240bebb82a86d0c47e1071b8859e8fe7b2e`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.07499`
MD5	`b5a87f80c3b44bb22d7d319f4b7a1e52`
SHA1	`2b5319253f7874022cc5e078aff48182bbd46c89`
SHA256	`f7688aa3ea09669f4bff50f8e30dba01d1a541d5e0048b454b8bd67ee0fe783f`
SHA3	`65a8b6fb1e10ad8f15b350c0104dbbf3a02b4d6b472bcfd82bc84d2c51b6b27f`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.07499`
MD5	`789acf3906747e399936a730ccd1f205`
SHA1	`cac6922c4e39dd60391afcaf43e89cd4a25d4d87`
SHA256	`f4a830ac76b87b1a13ea2bbbc61b9346fdb980680dc2d4b2a34a7866f01bdc18`
SHA3	`cf947873bdd6dcb5da88637c5cf08596991fd16a5daad67556a431b6cb6fc6d4`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.05387`
MD5	`da97c1b669ae88917176cd914157214d`
SHA1	`83eb6f61e81049256ab7348035877bbba6d9255e`
SHA256	`fda9a5a98cef1ea9e24cddeffe9cca60018c0b04f35e9bb30efd5ee5445398b9`
SHA3	`0156392f2c55544609dba047dc7fe25577d2a8fa43bdef98d33409c63634e22c`

BLDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xb6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99059`
MD5	`c5ca8dc13615865ca5856141c55c38eb`
SHA1	`4a274862716ec6c9bc499138afdeb68e97c86d40`
SHA256	`2c653afff078b8aee132616f3a8a79413aa0e509eb3133cba037c0a8298c27b2`
SHA3	`224aeda3b51e3ed41c3e408521ffecbc039ca03687e0661f205a09b5bd51b9f9`

CHKDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1f4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.08572`
MD5	`0602b64f5b712a2bc2da2e9d6fec07fd`
SHA1	`256e171f83d05a91f0696fba73522e523236ffeb`
SHA256	`ebfaa43694113c01f6cf18b09610c2da81d45a0af06dde5969fb7f68bcbc7e11`
SHA3	`19cec540401ad22868a111eba8a08db3d362380361c476e77abf5b5243940214`

CHKDLG3

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xda`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82825`
MD5	`df0df8ffc3e7155e777abce82d04936a`
SHA1	`89fa0b3561d6576de4da1d9864ff3335091cd766`
SHA256	`67872786d6b8a5bb2d9255f41df154dc635be1d2fb6ba78c67fd98d41c756b7c`
SHA3	`814f9dcdad5a4efe332fc507c0ce6b5daf0e2c01402371498aaefd2bebb6aabe`

CHKDLG3ID

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.84415`
MD5	`80c59c4ca97f4f28dff7ad5c6777cb4d`
SHA1	`ae7cd72f7e7d4442169bdc9069d5796356c28dfd`
SHA256	`c9680e6e013514970580d583bc5a065234de379f811f8da1553c27d17e289ef8`
SHA3	`a5687615fca406e9ceddcba151887cb62b43261922b54d079366326dac45584a`

CHKDLG5ID

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33948`
MD5	`4849365235a0929c63ff9162e1fafe05`
SHA1	`e8f852cdaba60630da4f2bd8c3e14e1bd23b27de`
SHA256	`12a17e0324a18dfb6bf73c734d3ac9f976d3039a4d33748e791537841dfd5f25`
SHA3	`c151d0a3d59638407439ec80e7d1e25986e187bcd7046b93f2e12e437ab39f96`

FSTDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x34`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.96741`
MD5	`2c6e580371c04faa63d711854f867daa`
SHA1	`183154d8d2897a705dc4aed8447e89d1b3ed8b09`
SHA256	`9b5383def1c988b27fc437e5e85fba94812d8b5ae770020eacb99d63daceef91`
SHA3	`831a4c398ef8f28909b5dbf619d8d98ac6bcb4aed2517cdbabc9ad26f42797de`

HELPDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3855`
MD5	`640401916da88f2b7793b394a51276ad`
SHA1	`0d56906f15955a3626b85c9637c84046d963d279`
SHA256	`7269502872e3d6b3bb17df0c4632cffc4ea521d7e30e65e700b044423e27249b`
SHA3	`b08d31c08ca02cdecedff423bcedaed333fcb10134ebf03c5a9cfaf29b51b44f`

MASTERDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x77a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41146`
MD5	`c201e15091a4b5b49f177f478c461121`
SHA1	`f5fead3e16143383701f44d16c4c4f57bd7c720e`
SHA256	`611b87e8b47343930ef66dcdbf017dcb32365c5c873d7ca92ef4758246a7aa6c`
SHA3	`2356dcaee0e4206165c8d5f636fa7f25adf9e1a69db72550e825e099cd772079`

MASTERDLG3

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x896`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44061`
MD5	`81e91a09ffc82988dba2d6a39a9c7fd2`
SHA1	`84cab02c6a24c6a0ecce237cdfe82302cc6f9ff0`
SHA256	`bbdc0dc7038a01d5131d61bca54cfbc36bffe765c03d6c257a5ea2e433bebf08`
SHA3	`65716a6153080d20473eceb176ae9f1b8178860476134505a31e9058dd74c27c`

PORTDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.88956`
MD5	`48867779423e9619a60ef3e3038a7273`
SHA1	`053610e54ce933dc57f6406543edee4dd96cf955`
SHA256	`8dd96957614ebc2df1cb1df22e1149c9de71cbb47fd88bbe24baed97de02b2e7`
SHA3	`0f3442c87b47a4ea295d47426c616d1c6c3795d017a930b497ce5e420530f7df`

REDDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.13186`
MD5	`02459e368960815dc0b9ab7058b5fec2`
SHA1	`f4cb82cf64ea84b90c921948c25d7c6b39041138`
SHA256	`26a3d98f8d67d58dc9469b0ead1d94663450a0a275aded4215a403cd51d9e1b4`
SHA3	`d80bdac6254e3feb672b1c28e3b3a99f8dd49f97e37c513ec1c42b8f199d8e2a`

SLOTDLG

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6b4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.15191`
MD5	`8726c484faa95806d78d8407023ef966`
SHA1	`ce268dc8f226ebe2d2f41487dd90613416d2ef8e`
SHA256	`7e2fe8d99a39af25a322128233d5c831c5cc4f1dd44c6306c5249552b8905ecb`
SHA3	`eceed59ae7fd5f0a2c73aa2166dd3e5f817bc95df9430608d948dee3237393a1`

203

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`6da8e7d5ae1d5d15e0230a67a7c16c6d`
SHA1	`678db52cbe5d617c33c6269bfd4b6d8d1a17f956`
SHA256	`6eb54801f91b6d8effccbfaefe6b2d7705a274a75940e6226e24e0d4ec58c396`
SHA3	`994fc217c7b8bc8008ac262ff58044403206de6eceafd424d4640ecad395eb2f`

205

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`d93c14aae3beae9519e60734047e7806`
SHA1	`7b71ac19f453f5ee206104b92718fda8b2cc9e61`
SHA256	`45c96ccabe65e61ddf8410a940e32e549e905c3fc222de3d82947fe187112127`
SHA3	`0c7312957df6912225fee01d7db74fa35d523e9a4724b3010553104a763ba832`

207

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`5865d6d36380fb1de05282b4ff53e125`
SHA1	`fa48270c7f0b447c981cbf0215665bf093237f14`
SHA256	`58ff9b1fa905c34a3ed9c2c9413c2f5e4b438a4f79a9ac76d6e54ea1dc759d18`
SHA3	`fb11ab1cfe3de20efc397d6385be5ffe61122eaca17c2e19888e1984c3c3f6f0`

255

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`956adea386a576aae2472c47e15b8d76`
SHA1	`247c1483a7747bd7d0c158bc54f08379e9ac90c3`
SHA256	`e2b29fcb42b6c2b17c427f34e1ad6e1f8a73d576b4b81e3b6d8bc0ff7ea40bea`
SHA3	`5fc48e3da02ea10495e00c420d8688b440f4c02f972b1a97afccffe7fe3eb1bc`

10311

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`b8178affb1769b5ba81a2aff60905b6d`
SHA1	`4881a5f5633a743161b293b9c5ca91e335850f2e`
SHA256	`dbeb303c4f23f2d6799d622de7a801ac811bc29586d9b68181a5e015442473b7`
SHA3	`f1ac7ad315477643b5891cb28999632cf9c9d3c39e46451c9ad554d399caba75`

10313

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`ed917dbcb22976fe989e4c043af28e18`
SHA1	`20cd3f42e97ce0005823b97b281de83254e05161`
SHA256	`612655a0c9d8f5381879cb4399299a8c4655a2dad4ad95512ce0b9fbd73ab0a9`
SHA3	`e54c45dabbf3ede613f4892e89ec0d4890f1025a9d0e5cdf5598d569e772ac01`

10315

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`bdd2cee2c3f929165319d527602e1212`
SHA1	`cf6a1c324efd2ff0ff0499b50dbdb6af64fdb728`
SHA256	`559cc1b617535fae444f03ea326a60ef84e07e596a4115a7030c11c4316344a7`
SHA3	`668a164f47d6e0cd1857067ec446ed5913d3cffbcd17c795914589a44cb1d86d`

10317

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`79980f0dba4238e70e1a7b2829eccc29`
SHA1	`4e17faf131b74734f46932d6c300b9acae1e822b`
SHA256	`0348595d7914ba75b18a08072ec7495f1c188d4d097bfa1aed15ed603d09de4c`
SHA3	`03056a3360b195e4b2d6c54e2ea360715778e9f9236d44238c9c173ba6546ba5`

13311

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`76443f6ccfe3b6c20ded61b816545962`
SHA1	`d7523a271ca78fd8973ee8e8885783046e0b6248`
SHA256	`cbef19d4ba7d6e5e3998f0f10a20e8e549d1d280cb05c029e95d93cc0097bc1d`
SHA3	`fda0d5ea90efe5b0bf554de4e8d6192f151d6661823ff609132adf72ffdd8a73`

13313

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`a5ca249ce84c0919b1fa58d7dff20b9b`
SHA1	`0d7f0d2192152c361738ea2a59e56f484a369c61`
SHA256	`3cf8056f377ac6502f3bbd8c93788034c0e3f73221be3f6e1d542b8f139b3485`
SHA3	`67372891a76dd27bf106ae3329755d717ac6fb362a8c51168658ad1fdf0e27d3`

13315

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`6012fc4b18808c92ef3d3a0b1911ac53`
SHA1	`246a97cc149465d906d35f310a31d05219add4ac`
SHA256	`16b1e7d2e225461a14d54b15bfd8232f7ccedfb7a45cedf6ac2009a53c05d84b`
SHA3	`b61c5061923224c1d83782fb1bd5ff606d5fcac4deaad5669b56330b61f8645b`

13317

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`8b7f64153a04351376461071738f6249`
SHA1	`0986b577d0966536ada3db25a36e6ccb700ef483`
SHA256	`c5532d847898a3760b0d97fbd865219b10d0cd22b7765dc6029bfa0980bbb2cc`
SHA3	`cc0991a086714c76a6e4b64f8a57cab8c9031defb461d7e2b6d4b63b5bc68767`

13319

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`f7d455a6299515993c4dedfbacd2141b`
SHA1	`d4ef0b9172a0677bceb8c91b2da5a32a331fe508`
SHA256	`464ca94649e3b7bb651e6809ac0fbe6a13955f68010ace0bcd950e500349f9ab`
SHA3	`9b7f2accf8687535b6b3b158165cc005222b05cd4dd7f7717ab5f2e4a84146b1`

13321

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.7815`
Detected Filetype	Icon file
MD5	`d419ae27f043056da70bd197aa82d9c0`
SHA1	`a6de219e12e8fb65f0e5ab4ca00fc3b5b7a0de32`
SHA256	`a83129aa836482b82b85e524dba287154e0b2bdd5d161621157e0e904a6746f5`
SHA3	`39965521b84b1e025b20986c5304a7b177579924704ac7f783d5f3505cab7efb`

13330

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`44108d974eb35f43ee76c33039d9430e`
SHA1	`20050678cf7459d169999d53a8abd5e4928ab0ae`
SHA256	`c6f372813baf67f6f68bc08d167f624f9b7f9c128ff3c45834bb51c707789e8d`
SHA3	`ba9d91b4f1becf35eabd099f910e7b5a4bc2e1fe43fceae3be6d6c760337acf9`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3986`
MD5	`36ea015d3a5e1fd66b4a92bb9cfde22b`
SHA1	`c6a875da11268500931fb74c4f0b1c7e27b73746`
SHA256	`69dfe56cb513d70ecfb417830d748b907f82b9e24e417ff200fac7166bdbe80d`
SHA3	`1a8fd747eefb6162cbd45dc267f180e2e649cea78be1c4029f66ede0ff56062f`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x237`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.07253`
MD5	`d57123c9470e31ebab36383eca286130`
SHA1	`b95df7f79fa9606ec521d448e83c7ab5e5fec548`
SHA256	`4049793f568d931bfdca943d765d82aa4fe56c951acdb7375c90de057765256d`
SHA3	`695b5a0446c359b04bcec2d7945d4db68c8e7cc39949e77a2ea75e23a90ef97c`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.8.3.0
ProductVersion	1.8.3.0
FileFlags	`VS_FF_PRERELEASE`
FileOs	`(EMPTY)`
FileType	`VFT_UNKNOWN`
Language	English - United States
CompanyName	VIP Technologies
FileVersion (#2)	1.8.3.0
FileDescription	VIP72 Tunneling Client
LegalCopyright	Copyright © 2001-2017, VTECH
OriginalFilename	vip72socks.exe
ProductName	VIP72 Tunneling Client
SpecialBuild	Engine Version 16f

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

835204f34b4e71801b358ca040a4a7f0

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

Imports

Delayed Imports

2611

37791

53110

53111

53112

56110

56111

56112

57110

57111

57112

58110

58111

58112

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

BLDLG

CHKDLG

CHKDLG3

CHKDLG3ID

CHKDLG5ID

FSTDLG

HELPDLG

MASTERDLG

MASTERDLG3

PORTDLG

REDDLG

SLOTDLG

203

205

207

255

10311

10313

10315

10317

13311

13313

13315

13317

13319

13321

13330

1 (#2)

1 (#3)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors