Manalyze report for 8844367384939dfdc815b0c1129cb268968409dda9da17f3ae0947f4a27817f7

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2016-May-20 21:18:13
Detected languages	English - United States
Debug artifacts	c:\buildbot\slave\2015_07_Minecraft_PC\TELLTALE_PC\bin\Shipping\GameApp.pdb
CompanyName	Telltale Games
FileVersion	`016,5,20,1291`
InternalName	Telltale Games
LegalCopyright	Copyright (C) 2004 - 2012
ProductVersion	`1, 0, 0, 1`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Tries to detect virtualized environments: HARDWARE\DESCRIPTION\System` `Accesses the WMI: ROOT\CIMV2` `Miscellaneous malware strings: cmd.exe` `Contains domain names: curl.haxx.se example.com google.com http://curl.haxx.se http://curl.haxx.se/docs/http-cookies.html http://www.openssl.org http://www.openssl.org/support/faq.html https://services.telltalegames.com https://services.telltalegames.com/1/syncfs/ openssl.org services.telltalegames.com telltalegames.com www.google.com www.openssl.org www.telltalegames.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES` `Uses constants related to Blowfish`
Suspicious	The PE is possibly packed.	`Unusual section name found: .bind`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryA LoadLibraryExW LoadLibraryW GetProcAddress` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Can access the registry: RegDeleteValueW RegCloseKey RegSetValueExW RegQueryInfoKeyW RegOpenKeyExW RegCreateKeyExW RegQueryValueExW RegFlushKey RegEnumKeyExW RegDeleteKeyW` `Possibly launches other programs: CreateProcessA ShellExecuteW` `Can create temporary files: CreateFileA GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: CallNextHookEx GetAsyncKeyState` `Has Internet access capabilities: InternetSetOptionW InternetOpenW InternetCrackUrlW InternetQueryDataAvailable InternetConnectW InternetCloseHandle InternetReadFile` `Leverages the raw socket API to access the Internet: __WSAFDIsSet send WSACleanup WSAGetLastError select WSAStartup WSASetLastError recv shutdown setsockopt getsockname ntohs bind htons getsockopt getpeername closesocket socket connect sendto recvfrom accept listen gethostbyname ioctlsocket` `Enumerates local disk drives: GetDriveTypeW GetDriveTypeA GetVolumeInformationW` `Can take screenshots: GetDC BitBlt CreateCompatibleDC`
Safe	VirusTotal score: 0/69 (Scanned on 2026-04-28 07:05:58)	`All the AVs think this file is safe.`

Hashes

MD5	`171ff4fe90b4a5146d76907984839a47`
SHA1	`2539c1e6983e98888d2baba9bf77279852473e3d`
SHA256	`8844367384939dfdc815b0c1129cb268968409dda9da17f3ae0947f4a27817f7`
SHA3	`ecc207d57398d79d0b43a2b84001baf016f6f60ddb8801adff9f5fb26eeba5de`
SSDeep	`196608:shxck3gath1hQVUR80MvFK6TkI6H6pwvUGUr1j29:Y3tbmUK3vFLII6H6pwvUGk1y9`
Imports Hash	`53ecc28ca0be133ca63071afa78c0fca`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`6`
TimeDateStamp	2016-May-20 21:18:13
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`10.0`
SizeOfCode	`0x827400`
SizeOfInitializedData	`0x333c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00BB3310 (Section: .bind)`
BaseOfCode	`0x1000`
BaseOfData	`0x829000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0xbf6000`
SizeOfHeaders	`0x400`
Checksum	`0xb625ad`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`dde086fba771b4d389ced94df4b41609`
SHA1	`41733785f34cce49d822ca3cd486c06175d1b4e9`
SHA256	`25e0302446e1d9b439bfa0938b45d2aee7f0255a46b8b610d49f1dcce074f506`
SHA3	`006e44364fe7d3ad25daab971486a5751004b37ef75ee4e7fe7722f94bb4fbeb`
VirtualSize	`0x8272cc`
VirtualAddress	`0x1000`
SizeOfRawData	`0x827400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.99998`

.rdata

MD5	`b1d073f8e49a93e2a6a7b2ac56dd2876`
SHA1	`68ae327f0cf171a787d0c72110149aa5d34e35ed`
SHA256	`3514302140b2cccc7864a84e55668c336264e029e3779ab80a29e792950dcabc`
SHA3	`11a5da3c23e27a6afede9313269713e6471b9b2752a6965c9ed2f4e98c6fb51d`
VirtualSize	`0x15e160`
VirtualAddress	`0x829000`
SizeOfRawData	`0x15e200`
PointerToRawData	`0x827800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.32989`

.data

MD5	`b237f9578fadbc1f61e6c57c524957e7`
SHA1	`32e6205c1fbb732c36765798b1acfeae1e405960`
SHA256	`b7f32480cd755de5acb0572a5e94419d6f5d6085294ac912b1699bc6eb2285ea`
SHA3	`c45af267fbc071e6caf9066a3f7e1dd5ff3b9cd19a56e2096d676041b7f4e792`
VirtualSize	`0x9ce80`
VirtualAddress	`0x988000`
SizeOfRawData	`0x49200`
PointerToRawData	`0x985a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.6012`

.rsrc

MD5	`0a1b07ca645cb695a7f744be56c9bcdf`
SHA1	`7317d9346b10293aece012cebb6cb85060007b27`
SHA256	`212311421a8e75dea75a3e515ef598e5fe065fc336a2cabb68c4bb934498aaa7`
SHA3	`974e47ac9eee3036e217d848d6ba9bb2597dd2a20e3f9432afa1cff6dc893d74`
VirtualSize	`0xd2044`
VirtualAddress	`0xa25000`
SizeOfRawData	`0xd2200`
PointerToRawData	`0x9cec00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.43025`

.reloc

MD5	`d9d1dcafcb4475168bbc6d7ed82a04ba`
SHA1	`ce2454e97ce51c7b41a7adb41ffa44a441787663`
SHA256	`d8f663a64a767172376911d06fdbc09c44b310931e98b0090dbb802b41698165`
SHA3	`7b1c95f1d96f18e894921c46c66fe6e0ab99492fb5a7a5f39e2b69b2d5b86e7b`
VirtualSize	`0xba44e`
VirtualAddress	`0xaf8000`
SizeOfRawData	`0xba600`
PointerToRawData	`0xaa0e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.79`

.bind

MD5	`a8444398732fac9e351a5ae825f1ae99`
SHA1	`66b38ed3763c9f3265037ec8e6b6cdab008906ff`
SHA256	`86aebdd6afe69fd7c7af713bfa597e794eceea22e0dd99990e65c8a0d64b6372`
SHA3	`77ef656d2d756b40be6f414d1ec0ee620cd7e941d93540b846e0af1f17f7c47a`
VirtualSize	`0x425c0`
VirtualAddress	`0xbb3000`
SizeOfRawData	`0x425c0`
PointerToRawData	`0xb5b400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.99805`

Imports

KERNEL32.dll	`GetModuleFileNameW` `VirtualAlloc` `VirtualFree` `InterlockedPushEntrySList` `SetEnvironmentVariableA` `WriteConsoleW` `GetProcessHeap` `SetStdHandle` `GetExitCodeProcess` `CreatePipe` `CompareStringW` `FlushFileBuffers` `GetConsoleCP` `GetFullPathNameA` `GetDriveTypeW` `GetCurrentDirectoryW` `GetStringTypeW` `InterlockedPopEntrySList` `IsValidLocale` `EnumSystemLocalesA` `GetLocaleInfoA` `GetUserDefaultLCID` `GetLocaleInfoW` `SetHandleCount` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `GetModuleFileNameA` `IsValidCodePage` `GetOEMCP` `GetACP` `IsProcessorFeaturePresent` `GetCPInfo` `LCMapStringW` `TerminateProcess` `UnhandledExceptionFilter` `GetConsoleMode` `SetConsoleMode` `ReadConsoleInputA` `CreateFileA` `GetFileAttributesA` `SetFileAttributesA` `SetConsoleCtrlHandler` `GetTimeZoneInformation` `FindFirstFileExA` `GetDriveTypeA` `PeekNamedPipe` `FileTimeToLocalFileTime` `FileTimeToSystemTime` `CreateProcessA` `MoveFileA` `GetDateFormatA` `GetTimeFormatA` `ExitThread` `GetSystemTimeAsFileTime` `GetFullPathNameW` `ExitProcess` `CreateSemaphoreW` `HeapSetInformation` `GetCommandLineA` `RtlUnwind` `InterlockedCompareExchange` `DecodePointer` `EncodePointer` `LoadLibraryA` `InterlockedExchange` `LocalAlloc` `SetNamedPipeHandleState` `TransactNamedPipe` `DuplicateHandle` `WaitForMultipleObjects` `WaitNamedPipeW` `GetSystemTime` `OpenThread` `SuspendThread` `GetThreadContext` `RtlCaptureContext` `TerminateThread` `VirtualQueryEx` `GetProcessId` `SetUnhandledExceptionFilter` `GlobalMemoryStatus` `GetCurrentProcessId` `FlushConsoleInputBuffer` `GetStdHandle` `GetFileType` `GetVersion` `FormatMessageA` `ExpandEnvironmentStringsA` `VerSetConditionMask` `VerifyVersionInfoW` `SleepEx` `GetTickCount` `GetTempPathW` `CreateFileW` `GetFileInformationByHandle` `WriteFile` `ReadFile` `SetFilePointer` `SetEndOfFile` `lstrlenA` `CreateDirectoryW` `MoveFileExW` `DeleteFileW` `FindNextFileW` `GetFileAttributesExW` `SetFileAttributesW` `GetFileAttributesW` `GetVersionExW` `FormatMessageW` `LocalFree` `FindFirstFileW` `CreateEventW` `ResetEvent` `SetEvent` `ReleaseSemaphore` `ResumeThread` `CloseHandle` `TlsAlloc` `TlsGetValue` `TlsFree` `TlsSetValue` `GetSystemInfo` `GetComputerNameA` `GetVolumeInformationW` `GetUserGeoID` `IsDebuggerPresent` `GetSystemDefaultLangID` `GetCurrentThread` `SetThreadAffinityMask` `SwitchToThread` `QueryPerformanceFrequency` `InitializeCriticalSection` `GetEnvironmentVariableA` `FindFirstFileA` `FindNextFileA` `FindClose` `DeleteFileA` `CompareFileTime` `LoadLibraryExW` `FindResourceW` `LoadResource` `SizeofResource` `MultiByteToWideChar` `GlobalAlloc` `GlobalLock` `GlobalUnlock` `SetLastError` `MulDiv` `lstrcmpW` `GetCurrentProcess` `FlushInstructionCache` `GetLastError` `LoadLibraryW` `WideCharToMultiByte` `GetStartupInfoW` `QueryPerformanceCounter` `GetModuleHandleW` `WaitForSingleObject` `CreateThread` `DeleteCriticalSection` `HeapLock` `HeapUnlock` `HeapAlloc` `HeapReAlloc` `HeapFree` `HeapSize` `HeapCreate` `GlobalMemoryStatusEx` `InitializeCriticalSectionAndSpinCount` `EnterCriticalSection` `LeaveCriticalSection` `RaiseException` `GetCurrentThreadId` `lstrlenW` `GetProcAddress` `InterlockedIncrement` `InterlockedDecrement` `lstrcmpiW` `Sleep` `FreeLibrary`
USER32.dll	`DefWindowProcW` `PeekMessageW` `TranslateMessage` `DispatchMessageW` `CharNextW` `GetWindowLongW` `SetWindowLongW` `MessageBoxW` `WaitMessage` `DestroyWindow` `ShowCursor` `GetSysColor` `MoveWindow` `SetWindowPos` `GetClientRect` `ClientToScreen` `ScreenToClient` `GetDC` `ReleaseDC` `InvalidateRect` `InvalidateRgn` `RedrawWindow` `SetCapture` `IsChild` `GetParent` `GetDlgItem` `GetClassNameW` `ReleaseCapture` `FillRect` `UnregisterClassA` `GetProcessWindowStation` `GetUserObjectInformationW` `SetWindowsHookExW` `MessageBeep` `LoadBitmapW` `IsDialogMessageW` `CallNextHookEx` `UnhookWindowsHookEx` `MonitorFromWindow` `GetMonitorInfoW` `MapWindowPoints` `SetDlgItemTextW` `mouse_event` `GetKeyState` `CreateDialogParamW` `IsWindowVisible` `GetAsyncKeyState` `GetRawInputData` `GetCursorPos` `GetCapture` `SetCursorPos` `GetSystemMetrics` `RegisterRawInputDevices` `CopyRect` `GetActiveWindow` `ShowWindow` `LoadIconW` `wsprintfW` `LoadImageW` `PostQuitMessage` `SetCursor` `ClipCursor` `AdjustWindowRectEx` `GetWindowRect` `GetMenu` `SetForegroundWindow` `GetWindowTextLengthW` `GetWindowTextW` `SetWindowTextW` `RegisterWindowMessageW` `CreateAcceleratorTableW` `CreateWindowExW` `RegisterClassExW` `LoadCursorW` `GetClassInfoExW` `IsWindow` `SendMessageW` `SetFocus` `GetFocus` `GetWindow` `DestroyAcceleratorTable` `GetDesktopWindow` `BeginPaint` `EndPaint` `CallWindowProcW`
WINMM.dll	`timeEndPeriod` `timeGetTime` `timeBeginPeriod`
WS2_32.dll	`__WSAFDIsSet` `send` `WSACleanup` `WSAGetLastError` `select` `WSAStartup` `WSASetLastError` `recv` `shutdown` `setsockopt` `getsockname` `ntohs` `bind` `htons` `getsockopt` `getpeername` `closesocket` `socket` `connect` `sendto` `recvfrom` `accept` `listen` `gethostbyname` `ioctlsocket`
WININET.dll	`InternetSetOptionW` `HttpAddRequestHeadersW` `HttpOpenRequestW` `HttpSendRequestW` `InternetOpenW` `InternetCrackUrlW` `HttpQueryInfoW` `InternetQueryDataAvailable` `InternetConnectW` `InternetCloseHandle` `InternetReadFile`
VERSION.dll	`GetFileVersionInfoW` `VerQueryValueW` `GetFileVersionInfoSizeW`
DINPUT8.dll	`DirectInput8Create`
d3dx9_43.dll	`D3DXLoadSurfaceFromMemory` `D3DXLoadSurfaceFromSurface`
d3d9.dll	`D3DPERF_BeginEvent` `D3DPERF_EndEvent` `Direct3DCreate9` `D3DPERF_GetStatus`
fmod.dll	`?getSoftwareFormat@System@FMOD@@QAG?AW4FMOD_RESULT@@PAHPAW4FMOD_SPEAKERMODE@@0@Z` `FMOD_Memory_GetStats` `?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?setUserData@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAX@Z` `?getOpenState@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_OPENSTATE@@PAIPA_N2@Z` `?getSubSound@Sound@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAV12@@Z` `?getNumSubSounds@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z` `?getUserData@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAPAX@Z` `?stop@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?getCurrentSound@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVSound@2@@Z` `?getChannel@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAVChannel@2@@Z` `?getNumChannels@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z` `?getGroup@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAV12@@Z` `?getNumGroups@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z` `?getMasterChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVChannelGroup@2@@Z` `?getSystemObject@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVSystem@2@@Z` `?getChannel@System@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAVChannel@2@@Z` `?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z` `?getLength@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z` `?setDriver@System@FMOD@@QAG?AW4FMOD_RESULT@@H@Z` `?getNumDrivers@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z` `?setSoftwareFormat@System@FMOD@@QAG?AW4FMOD_RESULT@@HW4FMOD_SPEAKERMODE@@H@Z` `?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z` `?setCallback@System@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PAUFMOD_SYSTEM@@IPAX11@ZI@Z` `?setReverbProperties@System@FMOD@@QAG?AW4FMOD_RESULT@@HPBUFMOD_REVERB_PROPERTIES@@@Z` `?getAudibility@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAM@Z` `?setPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@II@Z` `?getPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z` `?setFileSystem@System@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PBDPAIPAPAXPAX@ZP6G?AW43@33@ZP6G?AW43@33I13@ZP6G?AW43@3I3@ZP6G?AW43@PAUFMOD_ASYNCREADINFO@@3@Z9H@Z` `FMOD_Memory_Initialize` `?set3DAttributes@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@00@Z` `?setVolume@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?setPan@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?setPitch@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?set3DMinMaxDistance@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@MM@Z` `?get3DMinMaxDistance@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAM0@Z` `?setParameterFloat@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HM@Z` `?setPaused@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z` `?setMode@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@I@Z` `?setLoopCount@Channel@FMOD@@QAG?AW4FMOD_RESULT@@H@Z` `?setCallback@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PAUFMOD_CHANNELCONTROL@@W4FMOD_CHANNELCONTROL_TYPE@@W4FMOD_CHANNELCONTROL_CALLBACK_TYPE@@PAX3@Z@Z` `?getUserData@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAPAX@Z` `?setUserData@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAX@Z` `?isPlaying@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z` `?getChannelGroup@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVChannelGroup@2@@Z` `?getSystemObject@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVSystem@2@@Z` `?release@DSP@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?addDSP@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@HPAVDSP@2@@Z` `?setParameterInt@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HH@Z` `?createDSPByType@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_DSP_TYPE@@PAPAVDSP@2@@Z` `?setReverbProperties@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@HM@Z` `?setChannelGroup@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAVChannelGroup@2@@Z` `?getNumSyncPoints@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z` `?getLoopPoints@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAII0I@Z` `?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PAVSound@2@PAVChannelGroup@2@_NPAPAVChannel@2@@Z` `?setChannelFormat@DSP@FMOD@@QAG?AW4FMOD_RESULT@@IHW4FMOD_SPEAKERMODE@@@Z` `?getDSP@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAVDSP@2@@Z` `?setMute@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z` `?getVolume@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAM@Z` `?release@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?addGroup@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAV12@_NPAPAVDSPConnection@2@@Z` `?createChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVChannelGroup@2@@Z` `?mixerResume@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?mixerSuspend@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ`
fmodstudio.dll	`?unload@Bank@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?getLoadingState@Bank@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAW4FMOD_STUDIO_LOADING_STATE@@@Z` `?isValid@Bank@Studio@FMOD@@QBG_NXZ` `?update@System@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?loadBankFile@System@Studio@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAPAVBank@23@@Z` `?getSampleLoadingState@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAW4FMOD_STUDIO_LOADING_STATE@@@Z` `?unloadSampleData@EventDescription@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?getEventByID@System@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PBUFMOD_GUID@@PAPAVEventDescription@23@@Z` `?loadSampleData@EventDescription@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?initialize@System@Studio@FMOD@@QAG?AW4FMOD_RESULT@@HIIPAX@Z` `?getLowLevelSystem@System@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAPAV13@@Z` `?create@System@Studio@FMOD@@SG?AW4FMOD_RESULT@@PAPAV123@I@Z` `?release@System@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?lookupPath@System@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PBUFMOD_GUID@@PADHPAH@Z` `?getID@Bus@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAUFMOD_GUID@@@Z` `?getBusList@Bank@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAPAVBus@23@HPAH@Z` `?getBusCount@Bank@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAH@Z` `?getID@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAUFMOD_GUID@@@Z` `?getEventList@Bank@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAPAVEventDescription@23@HPAH@Z` `?getEventCount@Bank@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAH@Z` `?getBankList@System@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAPAVBank@23@HPAH@Z` `?getBankCount@System@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAH@Z` `?flushCommands@System@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?set3DAttributes@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_3D_ATTRIBUTES@@@Z` `?is3D@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PA_N@Z` `?isValid@EventInstance@Studio@FMOD@@QBG_NXZ` `?setVolume@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?setPaused@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z` `?stop@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_STUDIO_STOP_MODE@@@Z` `?trigger@CueInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?setValue@ParameterInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?getParameter@EventInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PBDPAPAVParameterInstance@23@@Z` `?getCueByIndex@EventInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@HPAPAVCueInstance@23@@Z` `?setTimelinePosition@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@H@Z` `?setListenerAttributes@System@Studio@FMOD@@QAG?AW4FMOD_RESULT@@HPBUFMOD_3D_ATTRIBUTES@@@Z` `?getParameterCount@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAH@Z` `?getParameterByIndex@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@HPAUFMOD_STUDIO_PARAMETER_DESCRIPTION@@@Z` `?lockChannelGroup@Bus@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?unlockChannelGroup@Bus@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?isValid@Bus@Studio@FMOD@@QBG_NXZ` `?getChannelGroup@Bus@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAPAVChannelGroup@3@@Z` `?setPaused@Bus@Studio@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z` `?setMute@Bus@Studio@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z` `?setFaderLevel@Bus@Studio@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?getBusByID@System@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PBUFMOD_GUID@@PAPAVBus@23@@Z` `?setCallback@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW44@IPAUFMOD_STUDIO_EVENTINSTANCE@@PAX@ZI@Z` `?setUserData@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@PAX@Z` `?getSoundInfo@System@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PBDPAUFMOD_STUDIO_SOUND_INFO@@@Z` `?createInstance@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAPAVEventInstance@23@@Z` `?start@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?isValid@ParameterInstance@Studio@FMOD@@QBG_NXZ` `?getTimelinePosition@EventInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAH@Z` `?getLength@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAH@Z` `?getChannelGroup@EventInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAPAVChannelGroup@3@@Z` `?getPlaybackState@EventInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAW4FMOD_STUDIO_PLAYBACK_STATE@@@Z` `?isOneshot@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PA_N@Z` `?isValid@EventDescription@Studio@FMOD@@QBG_NXZ` `?release@EventInstance@Studio@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?getUserData@EventInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAPAX@Z` `?getDescription@ParameterInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAUFMOD_STUDIO_PARAMETER_DESCRIPTION@@@Z` `?getParameterByIndex@EventInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@HPAPAVParameterInstance@23@@Z` `?getParameterCount@EventInstance@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PAH@Z` `?getUserProperty@EventDescription@Studio@FMOD@@QBG?AW4FMOD_RESULT@@PBDPAUFMOD_STUDIO_USER_PROPERTY@@@Z`
COMCTL32.dll	`#17` `_TrackMouseEvent` `InitCommonControlsEx`
GDI32.dll	`CreateDCW` `GetBitmapBits` `SetStretchBltMode` `SetTextColor` `SetBkMode` `StretchBlt` `GetStockObject` `GetObjectW` `CreateSolidBrush` `GetDeviceCaps` `BitBlt` `CreateCompatibleDC` `CreateCompatibleBitmap` `DeleteDC` `SelectObject` `DeleteObject`
SHELL32.dll	`ShellExecuteExW` `ShellExecuteW` `SHGetFolderPathW`
ole32.dll	`CoCreateGuid` `CoSetProxyBlanket` `CoInitializeEx` `OleUninitialize` `OleInitialize` `CreateStreamOnHGlobal` `CLSIDFromString` `CLSIDFromProgID` `CoGetClassObject` `OleLockRunning` `StringFromGUID2` `CoUninitialize` `CoTaskMemFree` `CoCreateInstance` `CoTaskMemRealloc` `CoTaskMemAlloc`
OLEAUT32.dll	`SysFreeString` `SysStringLen` `SysAllocStringLen` `SysAllocString` `VarUI4FromStr` `VariantInit` `VariantClear` `OleCreateFontIndirect` `LoadRegTypeLib` `LoadTypeLib` `SysStringByteLen`
ADVAPI32.dll	`RegDeleteValueW` `RegCloseKey` `RegSetValueExW` `RegQueryInfoKeyW` `RegOpenKeyExW` `RegCreateKeyExW` `RegisterEventSourceW` `ReportEventW` `DeregisterEventSource` `RegQueryValueExW` `RegFlushKey` `RegEnumKeyExW` `RegDeleteKeyW`
steam_api.dll (delay-loaded)	`SteamAPI_Init` `SteamUser` `SteamUserStats` `SteamAPI_SetMiniDumpComment` `SteamUtils` `SteamAPI_UnregisterCallback` `SteamAPI_RegisterCallback` `SteamAPI_RunCallbacks` `SteamApps` `SteamFriends` `SteamAPI_WriteMiniDump`

Delayed Imports

Attributes	`0x1`
Name	`steam_api.dll`
ModuleHandle	`0xa22c28`
DelayImportAddressTable	`0x9d108c`
DelayImportNameTable	`0x9829b4`
BoundDelayImportTable	`0x982bbc`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

1016

Type	`RT_BITMAP`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a31a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.69364`
MD5	`bed12c457195794233e8c652c35275fb`
SHA1	`8daa41114cb7c8885a605601ddc8225a020e10fa`
SHA256	`8cfb2e463866d644e5b21930f0ea6c5e02b57262c298baf0369808a815cbb474`
SHA3	`4078ff1706a0300f71d5ab70199495e7df03317ea0d36d67c4c165dbd1de67fa`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.32321`
MD5	`ef948ea976f3b1df94fde85b0c3b8154`
SHA1	`ce6e4261c1a75e62ac8f0949f61a2f3d7d740ddc`
SHA256	`197a0e6282f84c3a8b1052986a11467ad0e49a95048c8cf69592574227f240b6`
SHA3	`252e562c03a5efac1b7e814f4410c59fc35c5ff583509985050f85b467f401c1`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.6963`
MD5	`2018da3d8665c91173ced88ed35d93bb`
SHA1	`d1d547517f88a39fddfc8da9e2a8c4c1de8640c6`
SHA256	`d54d7c640a5d8c50c1560774f5cc3f9422a741883f08290365fea1226797387e`
SHA3	`fcc6102d17f9a8dd4bcf93839a8cd6130185be92b9ff73d764ee619cd0dd160b`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.60403`
MD5	`ea4865d9ac74244e9f950ebc65b43384`
SHA1	`caa26978d921fb11b0f38f486491cc1d2ac99c60`
SHA256	`7cee5edb8c1ceab29ec1a0b38298223f1c763aa01eb088f27f3d181a83a22f87`
SHA3	`1eafe7ff2c37a916cc4077aca7f431defc53d4067e1e13e38084f78e6a0f30e3`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.41204`
MD5	`b87c7395e8f9890f7f02bad2038e100f`
SHA1	`d4fcdc113af531c1fa58a2a1693cf4349ce111cf`
SHA256	`c7aa466da90e3e8809397f12e34737f348da1959ada123762081acd30218f83d`
SHA3	`17f833f7c1402d12336b68f5e5990e1ecfa2f05dea0bca5d131431801b316f98`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xcf08`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99074`
Detected Filetype	PNG graphic file
MD5	`67f548de3f696da8d531edcb98317b95`
SHA1	`98fda5c32b0faccee5dcee28b659bc2252e2c6e1`
SHA256	`5dc6f9ecaa35c540ec560e1d09753cfac1863fca7b5d6b5753b24e19a3022bc9`
SHA3	`8b59b79f240549c4f47fe9bcaea4c1e248317a1c46f9e974830c3458404e60d0`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x23d8a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99119`
Detected Filetype	PNG graphic file
MD5	`c9cafdc7936441b2780f250076f164d8`
SHA1	`11425b3d7fd875461ed70f00a32e22d49e79fea5`
SHA256	`aee58bd956e7ad6ac22fa5ba57e28b0fad5488659e003160818beca483c66a94`
SHA3	`25c8900a72178da0d1e4eb147d9e7ecd1dd27e8a576bffd95f7828dda8deb25b`

104

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x526`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4346`
MD5	`d1932bde7244452f6010f4d35df308a9`
SHA1	`2279fc2db9c3e07572bcb09cffcf53671873f387`
SHA256	`55ca4cc3bddfc1c0d2bc5e3050ba0694b027c4925c98da49a554ea33e02a15db`
SHA3	`a2169663210b604df6a9ebd65cc57a71d25805c6a2d23af95d5e86af3d9fd894`

107

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x40`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.46257`
MD5	`9b51aae5ea672ca0d51915772430448d`
SHA1	`27393aebe4002d32c4a51095f113831eada85a16`
SHA256	`5ca59e0dbb068fc042024d0c5a75779221613dbb49afd5bbfdd6829b6707e902`
SHA3	`f5aaf379f5030196483e781c888c712a9411028db2f38aa5973d769ddcf25df8`

108

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.55268`
MD5	`4ce48381c07aae4660c616233949a0a8`
SHA1	`e89f1e5dc14f8086895f7a32a1eb82aa45296554`
SHA256	`5a991348a3cad5475e19f7f92cdb3420ea8c758684517771cdae7a669a8601bf`
SHA3	`9704764b3d6fe118b98d87c52536574d44d101714be0f0653aef723cebd16f11`

110

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.579`
MD5	`b8cc34acd56eba27528e5635a6de3046`
SHA1	`4440f1a12d61c5237d9b8e70aed02045bb3285c0`
SHA256	`6bd3caefa017f39dc224f28e4c4f880ddac87fbfc0b20ae4c98e2e8484c3a7d5`
SHA3	`3b98fc3cb9578e260ee9df2031cfbd4b3fd408e4be8e91fbe0cce18dfe26bd17`

130

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2b4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33336`
MD5	`96340ae2a88f2b1773dab931b7be38d3`
SHA1	`f120810d9d0da5591b43f4107f8838f13562a4f2`
SHA256	`04cfd805b3fb94c436b427cfc078f03ef9f70f57e2b82434f84d4acd0115598b`
SHA3	`176ba75a9e15c1295a83b512dd44d95b2b36eaedbf37ad75eb2839286b6ee6cf`

368

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xfc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.94506`
MD5	`0fefb46973a4bdfbde0fc3bf34ac4829`
SHA1	`ff6638ec24536802251a02f1bdc5cbd5903aa2e7`
SHA256	`a58cf470a4c0d00f097df3f1d9ee2e562a24e854d75e0745e66a0824d05c6170`
SHA3	`3ca780dc0100dbf8755ad64a71f28c6ac7c27d20e67d276fa49d896fefefc060`

7

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.72116`
Detected Filetype	Icon file
MD5	`049af8bc5a1cac6c30f5bb2693937376`
SHA1	`1c23a73cf0b001a884727fff1e6dedf2f0853b7e`
SHA256	`5d5fe11c7e66a6fc1e9ccb7df92f13bc8e0843df97a9633cd490b9ee358f0336`
SHA3	`ccbd47e2d6e1716c16b871a8c564385ccf7c6794fa26294a67dd9e672025e3f2`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.43507`
MD5	`c696ae14b327dd5df7563bc83c6ede01`
SHA1	`5090f8ad07360af61c131b597895129280788578`
SHA256	`2deeae089f2bae3de0e6fcc93b04dae7549a259552ff74c401fd953eeb7c29a1`
SHA3	`7cb7767ed6e3d6016f878197b8f596763f514fae861a216ccf8a04d55a633287`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x15a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.79597`
MD5	`24d3b502e1846356b0263f945ddd5529`
SHA1	`bac45b86a9c48fc3756a46809c101570d349737d`
SHA256	`49a60be4b95b6d30da355a0c124af82b35000bce8f24f957d1c09ead47544a1e`
SHA3	`1244ed60820da52dc4b53880ec48e3b587dbdbd9545f01fa2b1c0fcfea1d5e9e`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2016.5.20.1291
ProductVersion	1.0.0.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_STATIC_LIB`
Language	English - United States
CompanyName	Telltale Games
FileVersion (#2)	016,5,20,1291
InternalName	Telltale Games
LegalCopyright	Copyright (C) 2004 - 2012
ProductVersion (#2)	1, 0, 0, 1

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2016-May-20 21:18:13
Version	`0.0`
SizeofData	`100`
AddressOfRawData	`0x8cdd40`
PointerToRawData	`0x8cc540`
Referenced File	c:\buildbot\slave\2015_07_Minecraft_PC\TELLTALE_PC\bin\Shipping\GameApp.pdb

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0xdcfa60`
SEHandlerTable	`0xd01040`
SEHandlerCount	`6615`

RICH Header

Errors

Leave a comment

No comments yet.