85cfd7faaa37d5fd5ba48d939779c5b2

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 1998-Apr-29 02:33:09
Detected languages English - United States
Debug artifacts Embedded COFF debugging symbols
CompanyName Microsoft Corporation
FileDescription Windows Notepad application file
FileVersion 4.10.1998
InternalName Notepad
LegalCopyright Copyright (C) Microsoft Corp. 1991-1998
OriginalFilename NOTEPAD.EXE
ProductName Microsoft(R) Windows(R) Operating System
ProductVersion 4.10.1998

Plugin Output

Suspicious PEiD Signature: ASPack v2.12
Suspicious The PE is packed with Aspack or Armadillo Unusual section name found: .aspack
Unusual section name found: .adata
The PE only has 8 import(s).
Info The PE contains common functions which appear in legitimate applications. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryA
 Can access the registry:
  • RegSetValueExA
 Possibly launches other programs:
  • ShellExecuteA
Malicious VirusTotal score: 18/72 (Scanned on 2022-09-22 11:40:18) Lionic: Riskware.Win32.Generic.1!c
ClamAV: Win.Trojan.OnlineGames-4771
McAfee: Artemis!85CFD7FAAA37
Cyren: W32/OnlineGames.FT.gen!Eldorado
Symantec: ML.Attribute.HighConfidence
APEX: Malicious
Cynet: Malicious (score: 100)
Avast: Win32:Malware-gen
McAfee-GW-Edition: BehavesLike.Win32.Fake.nh
Trapmine: malicious.moderate.ml.score
SentinelOne: Static AI - Malicious PE
Microsoft: PUA:Win32/Presenoker
Google: Detected
Malwarebytes: Malware.Heuristic.1004
Rising: PUA.Presenoker!8.F608 (CLOUD)
MaxSecure: Trojan.Malware.300983.susgen
AVG: Win32:Malware-gen
CrowdStrike: win/malicious_confidence_70% (W)

Hashes

MD5 85cfd7faaa37d5fd5ba48d939779c5b2
SHA1 8a4fd937c40071b4699e5b5ecb3c844eceb5d012
SHA256 eabfb9aaa4d1adec7c124bd0bda7a81c53249f2bac5743bedf67adf705d0d1f4
SHA3 183e42dc949cf193225049dddf0c3d7a8403ad00c617d6c59c208a79a6f335c0
SSDeep 384:9aWD9bAcyvzg6nSK3SURxcp85y30j5uv+QvAB6bpSuqoAAx/r6+e9Pfqbn1hFWy:9hJyM6nr3SUREBxvGUkYxuha5hP1O8A
Imports Hash ec036000c018b7ab88d06a8d00d047c2

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 7
TimeDateStamp 1998-Apr-29 02:33:09
PointerToSymbolTable 0x726f4c5b
NumberOfSymbols 1564823652
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 3.0
SizeOfCode 0x4000
SizeOfInitializedData 0x7400
SizeOfUninitializedData 0
AddressOfEntryPoint 0x0000D001 (Section: .aspack)
BaseOfCode 0x1000
BaseOfData 0x5000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x13000
SizeOfHeaders 0x600
Checksum 0xdd05
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 35f9012682cd4acdb4c32b59851e943b
SHA1 f6af15dfa28dbcc3345a7727499fa6a507f96c6f
SHA256 80131ab33eaf9d7b5467ed41535a4489e024f989cbed2b5833c60eecb1e93275
SHA3 b87eea6656d87ef97947faf47cf5631956da4845d7cba7064af72e6b58794dc2
VirtualSize 0x4000
VirtualAddress 0x1000
SizeOfRawData 0x2200
PointerToRawData 0x600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 7.81806

.data

MD5 457bc7dd25f9432098e38790069bfcd9
SHA1 b7de2db8d99cf6602461fc76799f9dd84d61243d
SHA256 cd54a8fb03d8d5e98c04659bd0874958e31fc857fa060ef7a39177ac4803fb8a
SHA3 fa6bef2b951c555cbf36d4a50576158423f153a703c3e3fdbdbc255ad5b7e9dc
VirtualSize 0x1000
VirtualAddress 0x5000
SizeOfRawData 0x200
PointerToRawData 0x2800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 6.32866

.idata

MD5 8285519aecb198c25039edbcc14a5566
SHA1 b1e9785c6b4fef313cf10f4617676d4a7b1a6bdf
SHA256 fdf3f47896f1f875bb7e08bd2ca6eccb2bd51861e0a61595c4a9c534ff813e56
SHA3 ecfd5591bfb29e1f6a45068332387ef30a5360b3cc82e7862540b717e645e8f4
VirtualSize 0x1000
VirtualAddress 0x6000
SizeOfRawData 0xa00
PointerToRawData 0x2a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 7.15012

.rsrc

MD5 c5d366ab2b5fab0563a304eaac8744c7
SHA1 9a839c1f0207fd9944df28b8b5e48f186d36e2f8
SHA256 52f491f2af56e7026593fa13e26e5f90fc49bb6e84bc4d18111184ca2312e7b6
SHA3 5ec3be8c4b6acb103ee72432492dd4cdfa729409741e2ab92c80e07faaa61a78
VirtualSize 0x5000
VirtualAddress 0x7000
SizeOfRawData 0xe00
PointerToRawData 0x3400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 6.3348

.reloc

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x1000
VirtualAddress 0xc000
SizeOfRawData 0
PointerToRawData 0x4200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack

MD5 3f55230711e9fab2d7a3e05d5db01698
SHA1 0299da9c9448ceba82e3daefb57c01d3f7bc736d
SHA256 dd805922d7459371ca5d80f449951c984faba35b7bed2d3ced8e8799173bd944
SHA3 c05eafbeef482650268515f6c4cb5fc46e205a59a6473c49faa0263d7ea7a32c
VirtualSize 0x5000
VirtualAddress 0xd000
SizeOfRawData 0x4200
PointerToRawData 0x4200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.96469

.adata

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x1000
VirtualAddress 0x12000
SizeOfRawData 0
PointerToRawData 0x8400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Imports

kernel32.dll GetProcAddress
GetModuleHandleA
LoadLibraryA
shell32.dll ShellExecuteA
user32.dll wsprintfA
gdi32.dll GetStockObject
comdlg32.dll GetOpenFileNameA
advapi32.dll RegSetValueExA

Delayed Imports

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 2.8515
MD5 ffe237a2112f7f9821842d0ffbcaecfe
SHA1 aac3f70f075b3dc862784f33fdf2ed4fab8103d2
SHA256 9b61471b68a49c787807264a4f0a618797df522e023730bc7d84223d9586fed4
SHA3 abb791954bc8464761c97f405e598aeed8ecd76e5e823a77458122155958a2fc

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.26849
MD5 5b19fff9153b8844aa6745c0b0b5f00a
SHA1 0d07382e3e6b222317f6efff3f16fb18b648447a
SHA256 e4fe83d848b3afb9b8d47dd5dbdef6a453151e101776c92ca427f2097c5fc064
SHA3 a6049d4b86955d32dc332f79c435be02d5ff1f2ca302a2efdc8ac1073b6b1531

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.38309
MD5 6f8349ad7b01c06bf1e399a30c28cec9
SHA1 9b0fffcd62e65d75cc3a31c4667fd27cb82307da
SHA256 567c21ae7ed7825d00f59e6c51629c6a73c3e8b507dacc6e8e878aa1ed6048d7
SHA3 8c5d62c81db8951400227d461c2aaf2f55ea0921ef227e443d5b77e9d26a02ef

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.08177
MD5 64569a87fec4e2d55a4d89818ac2fb52
SHA1 92dab0e0eb80eb4b46dcea4cdb0f3228d4bc8013
SHA256 de061305941cda9332ed63e27eef931f9e66538fc459b03d38725a593625987b
SHA3 5612d06c43f79294658db069504f17ab1d4ecf2463e3f9cd74ad8dd3e875440c

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x668
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.12169
MD5 2a568bb55d7bbb8611651ce6758e186a
SHA1 dad9d449297e247909dc7007f2060716bc8056f2
SHA256 3500ff74ac7ad1ae67687b183c6ed340239f2a4125ec4d6ca2b2f97b3d78fcf9
SHA3 ad22c2a07b10ddc1eff18062575ef1ca410cebcdce02f4bf78b7df5f6355e65f

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.98357
MD5 1cfa92faba1eaa81787b129e2b20f068
SHA1 45884e1fcac73b217f175c98a96dd3b7240537c1
SHA256 bfbf789cfe05b81e430e91276b9ac3993bbb8acf0dc91da3abdcbf5e12bf73c8
SHA3 e38c23069d73edcfc0af11880d5c959200208f9cfea88e8c19f8b3bd84d12344

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.97432
MD5 e50f9b22b4be198d19d73d6d8bcc4476
SHA1 e1edf86a0777556a19ac8626bb4626ccfd4d166e
SHA256 28a3bbdc5fe3301c146d698d166708a5b5a0e503e07406689b08d78fdb98ddef
SHA3 e41dacc54f9d13b23eee1a456cdc7ad2af5054118f2f4a18bd796ebb22fc1d73

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.7535
MD5 397691c38acdfccc64c781b51c6e782a
SHA1 ffb5729082d7634f62be4a39f39cb26aa5184fd8
SHA256 1bff6655bc2ae4c2f965997207bbd34baa60e4da532a812fed65493d3b6397e5
SHA3 16dff39e2cd748273dadc44b6c0485a89309d0c30e615a9174cb292159594837

1 (#2)

Type RT_MENU
Language English - United States
Codepage UNKNOWN
Size 0x276
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.55495
MD5 d89cfcd3daeba609667dddbf6197b77b
SHA1 2c5fc6170c0d4b93aa4027007de75c905adad220
SHA256 7f21d3bd908823f4e42a1fa6892e763f9c27c3964ba23771882c09e7befa8296
SHA3 5de94deee8ba96564c689de7515ca902de898ff49bfff4c19d2b45659bc8d546

12

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xba
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.09349
MD5 fb981e2fef539726f94d1fb085e2d74e
SHA1 9570fa03dfbfea1ae499ceeb97e47aa2142e5b10
SHA256 38d1d39fa3ffe11f126fd67f03f57722ea6a086f39f412eb21f8dad5a36dbd1c
SHA3 3fad6d7d08cd1a29aa01a047045bbe12e1b6d5725b0030815dbacb3b973b16f2

14

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x442
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 2.83843
MD5 60675e689659ac56479daf3408a02e04
SHA1 a07ba81a6dc866a64cdd027562190b7a7038b086
SHA256 9c1049bb2efbc0b72357aecbf6d5d1582f324dac8e0717590677dd9b10ce29d8
SHA3 cc27b43284e15f8f81e127c5de7686c9054bf33427e1692e59fe3f1b47e03587

1 (#3)

Type RT_STRING
Language English - United States
Codepage UNKNOWN
Size 0x24a
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 2.31863
MD5 aff8d9ae752b88398975cfe5515e9c38
SHA1 c8032e64b35b0c6ffa160ff14c410358d73ed3c6
SHA256 05c1432f543adb10a0d1c2d8c04ac6bddd8e9bd992958d2bdb94e6e3c95ff7e5
SHA3 6ed90a30a24419f8f7d8789369e67ed51c9562b548bdc959a8e03dcacf15a34a

2 (#2)

Type RT_STRING
Language English - United States
Codepage UNKNOWN
Size 0x9f0
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.0047
MD5 cf9deaee04c3bc675c634eca2bc59818
SHA1 1accb5265c4ee11ad81de5f351284a57c899ac72
SHA256 46a872b0cd1c06f6694854a82125f6ea9be39ab5d8636dc01483f54ab6fbd35c
SHA3 fb0bad1c04c184f86b1c54b6b11b152fb9fe831698ff4feda3ba0bc5fa9f55c6

3 (#2)

Type RT_STRING
Language English - United States
Codepage UNKNOWN
Size 0x288
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.20174
MD5 faaf4ac0c293c735ba954aa21debe685
SHA1 8080896403e90cb0ada4bd2597271b3dd8118d75
SHA256 30ef2e4e630722be473ebdf740cae191846a4b5e802143b4dbd06bf4e0156473
SHA3 335ee47074374e6a09231c266a82f239a04e9e111d3f1e3b9b36b53c197d6dbe

4 (#2)

Type RT_STRING
Language English - United States
Codepage UNKNOWN
Size 0x532
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.83882
MD5 bca8b7dadd887221b62921a89929a3cc
SHA1 9ddfa26d0e2919108753475cf49eba51001f72e1
SHA256 cd9491419cce4dfa1aac5a305c03c0b6cdacd73f305422b29ca3db72731a78ef
SHA3 168bd3a4c9a2d020e8897e3afd1be8881fa4a9684502b57f1f7f09b4a9806da6

1 (#4)

Type RT_ACCELERATOR
Language English - United States
Codepage UNKNOWN
Size 0x48
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 2.95615
MD5 42ae5e8e9beee5633e539fb042a1090d
SHA1 01524f1db5928113b8b5c01ca0635a8d101e0fe0
SHA256 e78e8347d839c51f93e0f6afb3e07325f012f1db552e0e9b379dbda920f6a371
SHA3 ac4cdf6c49089b805ad53b8e596b639e17be32619cbb41b1030d1cd515c33de8

2 (#3)

Type RT_ACCELERATOR
Language English - United States
Codepage UNKNOWN
Size 0x68
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.02885
MD5 6cf8324f32b735939645bc046028e2ef
SHA1 df3d35a81dd7d3652f8322acad6449d96dc9997f
SHA256 6948d556da0aeac503715267af2eb55396a2780d190b39e93d551b9a09b66e5a
SHA3 259fb5d0d941c39044dd67431cc4af7bee25f6971e549c6b590311efad8f6e0a

1 (#5)

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x22
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 2.37086
Detected Filetype Icon file
MD5 c1c122f0803bda39a0a478b7f6f75954
SHA1 69dc2bcb5214afae0d924867d59ece9c0c0f1f64
SHA256 62b460dcfdda934b386205e7f4a16da00a73c2ca7f4ea9a396fb25537fb33b76
SHA3 ffeff2838ef20f5e9b000b10f6538617dbf201bb6d23fa2831e24c8652fc93c5

2 (#4)

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 2.89913
Detected Filetype Icon file
MD5 7a0bea99ff9d7f8ef6634ef344892cc4
SHA1 78d94b9e3496e005ac15df2d25fa6f47334e348d
SHA256 38ce83bae4c2a95845dc59a49437de6902fcf671a1653bff7a954b63c9a0a556
SHA3 d3390c50a4bd2ddcb7177ad285ca14b766c9bb9aeb95540dba850308c5455595

1 (#6)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x358
TimeDateStamp 1998-Apr-29 02:33:05
Entropy 3.48143
MD5 12df42ec3a4253b692ee1d161a44b453
SHA1 46ef90424d0ca3ec05b9636a84af18dc139bffe1
SHA256 49dc34453827a886d27b79eebcbac1902d3b986403e29481e123573a6c3826a6
SHA3 28b5c798845224eb4c7ccfc843f4dd49dbf18a5f28da2fef847394424e9f9507

String Table contents

繾繾繾繾繾睾睠胿睠聿繾繾繾繾繾繾ݶ聿ݶ聿渀繾繾繾繾繾繾恷x渀滦曮惦p؀替ヲ潦曶替衯肈袈蠈袀࢈肈肈￿￿￿￿€̀￿ĀÀ€€€ÀÀààððøøüüþþÿÿ胿胿샿샿ﳿĀﳿ̀܀￿萐ἡ￿￿￿￿￿￿( €€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ眈睷灷(￿烿眀烮昆晦ݦ烿繮繾ݾ灾惧灿繾灾灾瀏渀繾睾瀇渀灠؀à縀灰؀v繮繾惧蝮螇悇昆晦fǼøøÀ€€€ÀÀààðǰϸ( @Ȁ€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ袈袈袈袈ˆࠀ￿￿￿￿胷蜀睷睷キ￿胿蜀睷睷罷￿胿蠀躈繾聾昆晦晦晦ݦ睷￿胿睮睷睷睷恷睷￿胿惧袈胧繮繾繾繾百眇ソ胿盧眇ソ胿繾繾繾睾衠纎聾渀睠キ胿渀繾繾繾繾ݶキ胿؀ࡶ胧؀绮繾繾繾恷罷胿惧罷胿繮繾繾繾百踈聾盧眇胿繾繾繾睾睠胿渀ç衠胧渀繾繾繾繾ݶ聿؀ݶ聿؀绮繾繾繾恷職惧職繮繾繾繾百耇盧耇滮柮`漀景濶ˆࠀ袀耈࢈袀￿￿̀Ā샿샿À€€€ÀÀààððøøüüþþÿÿ胿胿Ā샿̀侒￿￿( @Ȁ€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿࠀ袈袈袈袈眀睷睷睷硷€/￿￿￿矿€眇睷睷￿€蠈袈袈袈螈€眇睷睷キ€眇睷睷キ€蠈袈袈袈螈€眇睷睷罷€܀罷€昆晦晦晦恦袈螈€縎繾繾繾恾睷€眇€縀繾繾繾百蠈螈€睠€฀繾繾繾繾睠€܀ࣦ螈€繾繾繾繾ݶ€惧€縎繾繾繾恾螈€à܀眇€縀繾繾繾百眇€ç睠€฀繾繾繾繾睠€܀ߦ€繾繾繾繾ݶ€ߧ怇࿰ð￿￿ༀ샿܀胿̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀€̀̀̀̀€̀€̀À̀À̀à̀à̀ð̀ð̀ø̀ø̀ǜǜþ̀þ܀ÿༀ鋿㽉￿￿( €€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ眇睷職眇睷灷眇睷烿眇睷灷眀灷ߦ灿߮灷惮灷灷渀瀇฀曦瀇؀曦湦灠烠昈梆`Ǹðððð€€ÀÀààǰϸ
܀￿萐ἡ￿￿￿￿￿￿( €€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ眈睷灷(￿烿眀烮昆晦ݦ烿繮繾ݾ灾惧灿繾灾灾瀏渀繾睾瀇渀灠؀à縀灰؀v繮繾惧蝮螇悇昆晦fǼøøÀ€€€ÀÀààðǰϸ( @Ȁ€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ袈袈袈袈ˆࠀ￿￿￿￿胷蜀睷睷キ￿胿蜀睷睷罷￿胿蠀躈繾聾昆晦晦晦ݦ睷￿胿睮睷睷睷恷睷￿胿惧袈胧繮繾繾繾百眇ソ胿盧眇ソ胿繾繾繾睾衠纎聾渀睠キ胿渀繾繾繾繾ݶキ胿؀ࡶ胧؀绮繾繾繾恷罷胿惧罷胿繮繾繾繾百踈聾盧眇胿繾繾繾睾睠胿渀ç衠胧渀繾繾繾繾ݶ聿؀ݶ聿؀绮繾繾繾恷職惧職繮繾繾繾百耇盧耇滮柮`漀景濶ˆࠀ袀耈࢈袀￿￿̀Ā샿샿À€€€ÀÀààððøøüüþþÿÿ胿胿Ā샿̀侒￿￿( @Ȁ€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿࠀ袈袈袈袈眀睷睷睷硷€/￿￿￿矿€眇睷睷￿€蠈袈袈袈螈€眇睷睷キ€眇睷睷キ€蠈袈袈袈螈€眇睷睷罷€܀罷€昆晦晦晦恦袈螈€縎繾繾繾恾睷€眇€縀繾繾繾百蠈螈€睠€฀繾繾繾繾睠€܀ࣦ螈€繾繾繾繾ݶ€惧€縎繾繾繾恾螈€à܀眇€縀繾繾繾百眇€ç睠€฀繾繾繾繾睠€܀ߦ€繾繾繾繾ݶ€ߧ怇࿰ð￿￿ༀ샿܀胿̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀€̀̀̀̀€̀€̀À̀À̀à̀à̀ð̀ð̀ø̀ø̀ǜǜþ̀þ܀ÿༀ鋿㽉￿￿( €€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ眇睷職眇睷灷眇睷烿眇睷灷眀灷ߦ灿߮灷惮灷灷渀瀇฀曦瀇؀曦湦灠烠昈梆`Ǹðððð€€ÀÀààǰϸ
睷睷睷恷睷睷￿￿胿繮繾繾繾繾繾百眇睷ソ￿胿盧眇睷ソ￿胿繮繾繾繾繾繾睾衠袈纎繾聾睠睷ソ￿胿繾繾繾繾繾繾ݶ睷キ￿胿ݶ睷キ￿胿渀繾繾繾繾繾繾恷袈纈繾聾渀惧睷キ￿胿؀绮繾繾繾繾繾百眇罷￿胿؀盧眇罷￿胿繮繾繾繾繾繾睾衠躈繾聾睠罷￿胿繾繾繾繾繾繾ݶ睷￿胿ݶ睷￿胿渀繾繾繾繾繾繾恷袈繾聾渀惧睷￿胿؀绮繾繾繾繾繾百眇ソ胿؀盧眇ソ胿繮繾繾繾繾繾睾衠纎聾睠キ胿百晦晦晦繦繾ݶキ胿ݶキ胿渀繾繾繾繾繾繾恷躈聾渀晦晦晦晦惧罷胿؀绮繾百眇胿؀盧眇胿繮繾繾繾繾繾睾睠胿睠聿繾繾繾繾繾繾ݶ聿ݶ聿渀繾繾繾繾繾繾恷x渀滦曮惦p؀替ヲ潦曶替衯肈袈蠈袀࢈肈肈￿￿￿￿€̀￿ĀÀ€€€ÀÀààððøøüüþþÿÿ胿胿샿샿ﳿĀﳿ̀܀￿萐ἡ￿￿￿￿￿￿( €€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ眈睷灷(￿烿眀烮昆晦ݦ烿繮繾ݾ灾惧灿繾灾灾瀏渀繾睾瀇渀灠؀à縀灰؀v繮繾惧蝮螇悇昆晦fǼøøÀ€€€ÀÀààðǰϸ( @Ȁ€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ袈袈袈袈ˆࠀ￿￿￿￿胷蜀睷睷キ￿胿蜀睷睷罷￿胿蠀躈繾聾昆晦晦晦ݦ睷￿胿睮睷睷睷恷睷￿胿惧袈胧繮繾繾繾百眇ソ胿盧眇ソ胿繾繾繾睾衠纎聾渀睠キ胿渀繾繾繾繾ݶキ胿؀ࡶ胧؀绮繾繾繾恷罷胿惧罷胿繮繾繾繾百踈聾盧眇胿繾繾繾睾睠胿渀ç衠胧渀繾繾繾繾ݶ聿؀ݶ聿؀绮繾繾繾恷職惧職繮繾繾繾百耇盧耇滮柮`漀景濶ˆࠀ袀耈࢈袀￿￿̀Ā샿샿À€€€ÀÀààððøøüüþþÿÿ胿胿Ā샿̀侒￿￿( @Ȁ€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿࠀ袈袈袈袈眀睷睷睷硷€/￿￿￿矿€眇睷睷￿€蠈袈袈袈螈€眇睷睷キ€眇睷睷キ€蠈袈袈袈螈€眇睷睷罷€܀罷€昆晦晦晦恦袈螈€縎繾繾繾恾睷€眇€縀繾繾繾百蠈螈€睠€฀繾繾繾繾睠€܀ࣦ螈€繾繾繾繾ݶ€惧€縎繾繾繾恾螈€à܀眇€縀繾繾繾百眇€ç睠€฀繾繾繾繾睠€܀ߦ€繾繾繾繾ݶ€ߧ怇࿰ð￿￿ༀ샿܀胿̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀ÿ̀€̀̀̀̀€̀€̀À̀À̀à̀à̀ð̀ð̀ø̀ø̀ǜǜþ̀þ܀ÿༀ鋿㽉￿￿( €€耀耀€€€€肀샀À肀€ÿ＀＀ÿÿÿÿ￿￿ÿ眇睷職眇睷灷眇睷烿眇睷灷眀灷ߦ灿߮灷惮灷灷渀瀇฀曦瀇؀曦湦灠烠昈梆`Ǹðððð€€ÀÀààǰϸ

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 4.10.0.1998
ProductVersion 4.10.0.1998
FileFlags (EMPTY)
FileOs VOS_DOS
VOS_DOS_WINDOWS16
VOS_DOS_WINDOWS32
VOS_OS232
VOS_OS232_PM32
VOS_WINCE
VOS__PM32
VOS__WINDOWS16
FileType VFT_APP
Language English - United States
CompanyName Microsoft Corporation
FileDescription Windows Notepad application file
FileVersion (#2) 4.10.1998
InternalName Notepad
LegalCopyright Copyright (C) Microsoft Corp. 1991-1998
OriginalFilename NOTEPAD.EXE
ProductName Microsoft(R) Windows(R) Operating System
ProductVersion (#2) 4.10.1998
Resource LangID English - United States

TLS Callbacks

Load Configuration

RICH Header

Errors

[!] Error: Could not read a COFF symbol. [*] Warning: Section .reloc has a size of 0! [*] Warning: Section .adata has a size of 0! [*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
<-- -->