8c1c09f6a6008f448d6d7f8ce84777b0

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 1970-Jan-01 00:00:00
TLS Callbacks 1 callback(s) detected.

Plugin Output

Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryA
  • GetProcAddress
 Uses functions commonly found in keyloggers:
  • GetForegroundWindow
  • CallNextHookEx
 Manipulates other processes:
  • ReadProcessMemory
 Can take screenshots:
  • GetDC
  • GetDCEx
  • BitBlt
  • CreateCompatibleDC
 Reads the contents of the clipboard:
  • GetClipboardData
Safe VirusTotal score: 0/70 (Scanned on 2019-11-18 20:09:59) All the AVs think this file is safe.

Hashes

MD5 8c1c09f6a6008f448d6d7f8ce84777b0
SHA1 381d3366bf837146a923267d747f3225fd43a2d6
SHA256 e97699c053e4670790d8c598ed2caa68640542df5e789b4e125b44690bdd68c2
SHA3 640544372ec5c797900d3b5edf03f7f7e67391c5c474daed75f5e847b76b0ec1
SSDeep 196608:CkSo9dzANUJHDOg5LAfQ6ZBuU/3YtbtJpsj7c5Z4vv6K0FiwuQ/y:Rh9dz+a68hi7guQ/y
Imports Hash 08fc74f55b946c03b29cafb34856acb7

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 8
TimeDateStamp 1970-Jan-01 00:00:00
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32+
LinkerVersion 3.0
SizeOfCode 0x1affa0
SizeOfInitializedData 0x1b3f4
SizeOfUninitializedData 0x6c44
AddressOfEntryPoint 0x0000000000015E20 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x100000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 1.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0xfe8000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
SizeofStackReserve 0x1000000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 a3bd30b03a7f8c4bf6002b8a5ef0eca6
SHA1 7ce054531e4a237df1f4dfbef79f9ff73237a0f1
SHA256 0b78e72569d340263f424b587c5c264edf2801c14ef71cc7dd5f0cc5b5a6d968
SHA3 6febb32b5463f3b76e527e58a91337a9396b6964d566f9b020d5b3cb1af41972
VirtualSize 0x1affa0
VirtualAddress 0x1000
SizeOfRawData 0x1b0000
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.78884

.data

MD5 eaf5286ea3dece09f635f1ffb96d71bd
SHA1 08de8f5db835a84907d651313c7e4aa037687483
SHA256 9f4fdb6929a4516d945ef44a153d4337b0229f4cbdf65df09c34839bc1af6bf0
SHA3 9bbc6c76d419d57a19e914e0484e8ddc9c583b48be393d6c5b31c0739fa9aa14
VirtualSize 0x1b3f4
VirtualAddress 0x1b1000
SizeOfRawData 0x1b400
PointerToRawData 0x1b0400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.14918

.rdata

MD5 d1389eed68d2ae6a7dc37f540ba250d2
SHA1 44b3331f5af78fcb0cf8cbf647ab0f2d78c1a96f
SHA256 8d37f740e407f637ad927a530ab88f04a05fb1dc79c6bab59a96da6ef048e9fa
SHA3 6d93ae625b300e9a83119597c1caeb7b04b05c2406c47bb0300e1ef9df425ec4
VirtualSize 0xbb0d74
VirtualAddress 0x1cd000
SizeOfRawData 0xbb0e00
PointerToRawData 0x1cb800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.87569

.pdata

MD5 f8db29579fae11208617a5d3ae7417e0
SHA1 8b725903a6d72a76eed6b08e8cadc5efad731661
SHA256 fa4df8a556d69ce703e4913dc9df448d9c6e65b9f7e2252ffd314b4152431a6b
SHA3 7a55dc19a2d409ce2493dd742ddeb9e48aa86ea01201f10b16bb7871879b0460
VirtualSize 0x1b6e4
VirtualAddress 0xd7e000
SizeOfRawData 0x1b800
PointerToRawData 0xd7c600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.17162

.bss

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x6c44
VirtualAddress 0xd9a000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT

MD5 8a5c847d1d5070fde6b69cc1e290ac44
SHA1 ec5c169d6f0967c4e032334d86d1b3de44b2d95b
SHA256 7429d5260e0d12cf4a13cfe9113145abd220cac4e1f42c807d9d290387e1061d
SHA3 26c200d6083170c1a02cd58e82382f7fe33b6f5de0cbfe45471d64ae28992126
VirtualSize 0x28
VirtualAddress 0xda1000
SizeOfRawData 0x200
PointerToRawData 0xd97e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 0.0776332

.idata

MD5 6b922ad71853811e7bb12c34531568ac
SHA1 e21822fe5572a19a24f8e2b7435f202824405b5a
SHA256 5d751175baaf570ee78d3c569af6958cc941d7c2e38282b24db44e476c1e91a4
SHA3 49be2f4a477b48a4fa6c794a1f6f10a32feeb3ad34f1f4b271ec7ae02875154a
VirtualSize 0x3852
VirtualAddress 0xda2000
SizeOfRawData 0x3a00
PointerToRawData 0xd98000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.19584

.rsrc

MD5 4cca9d1278ec19cd9c3b5c53f4586eef
SHA1 f0f202b9527bf814e2735f2e394fc828a9f6b6b3
SHA256 2202e2a1190b39478bb15c6b6a5947afaac46269791678784418eb34e42ac7b9
SHA3 fc506db746137e90cd653ab57f4238d1ba131fc56056ad0a8022bf3697b3d693
VirtualSize 0x241b04
VirtualAddress 0xda6000
SizeOfRawData 0x241c00
PointerToRawData 0xd9ba00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 6.94875

Imports

kernel32.dll GetLastError
SetLastError
GetTickCount
ExitProcess
GetStartupInfoA
GetStdHandle
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
ReadProcessMemory
GetModuleFileNameA
GetModuleHandleA
WriteFile
ReadFile
CloseHandle
SetFilePointer
SetEndOfFile
FreeLibrary
GetSystemInfo
LoadLibraryA
GetProcAddress
CreateFileW
GetFileAttributesW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetConsoleMode
GetConsoleOutputCP
GetOEMCP
GetProcessHeap
HeapAlloc
HeapFree
TlsAlloc
TlsGetValue
TlsSetValue
CreateThread
ExitThread
LocalAlloc
LocalFree
Sleep
SuspendThread
ResumeThread
TerminateThread
WaitForSingleObject
SetThreadPriority
GetThreadPriority
CreateEventA
ResetEvent
SetEvent
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
RaiseException
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetConsoleCP
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlUnwindEx
EnumResourceTypesA
EnumResourceNamesA
EnumResourceLanguagesA
FindResourceA
FindResourceExA
LoadResource
SizeofResource
LockResource
FreeResource
FormatMessageA
GlobalAddAtomA
GetWindowsDirectoryA
GetVersionExA
CompareStringA
GetLocaleInfoA
GetDateFormatA
EnumCalendarInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
FormatMessageW
GetModuleFileNameW
GetCommandLineW
CompareStringW
GetLocaleInfoW
GlobalAlloc
GlobalReAlloc
GlobalSize
GlobalLock
GlobalUnlock
GetExitCodeProcess
GlobalDeleteAtom
MulDiv
GetLocalTime
PeekNamedPipe
GetThreadLocale
SetThreadLocale
GetUserDefaultLCID
oleaut32.dll SysAllocStringLen
SysFreeString
SysReAllocStringLen
SafeArrayCreate
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayPtrOfIndex
VariantChangeTypeEx
VariantClear
VariantCopy
VariantInit
user32.dll MessageBoxA
CharUpperBuffW
CharLowerBuffW
SendMessageA
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
UnregisterClassA
GetClassInfoA
CreateWindowExA
RegisterClipboardFormatA
GetClipboardFormatNameA
CharToOemA
CharUpperA
CharUpperBuffA
CharLowerA
CharLowerBuffA
GetMenuItemInfoA
SetPropA
GetPropA
RemovePropA
EnumPropsA
GetWindowLongA
SetWindowLongA
SetClassLongPtrA
GetClassNameA
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
SystemParametersInfoA
DispatchMessageW
PeekMessageW
SendMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
UnregisterClassW
GetClassInfoW
CreateWindowExW
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
DrawTextW
DrawStateW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MessageBoxW
GetWindowLongPtrW
SetWindowLongPtrW
TranslateMessage
PostQuitMessage
GetDoubleClickTime
IsWindow
IsMenu
DestroyWindow
ShowWindow
ShowWindowAsync
ShowOwnedPopups
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
BringWindowToTop
IsZoomed
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
CountClipboardFormats
EnumClipboardFormats
EmptyClipboard
IsClipboardFormatAvailable
SetFocus
GetActiveWindow
GetFocus
GetKeyState
GetCapture
SetCapture
ReleaseCapture
MsgWaitForMultipleObjects
SetTimer
KillTimer
EnableWindow
IsWindowEnabled
GetSystemMetrics
GetMenu
SetMenu
DrawMenuBar
GetSystemMenu
CreateMenu
CreatePopupMenu
DestroyMenu
EnableMenuItem
GetSubMenu
GetMenuItemCount
RemoveMenu
DeleteMenu
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
WindowFromDC
GetDC
GetDCEx
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
InvalidateRgn
RedrawWindow
ScrollWindowEx
ShowScrollBar
EnableScrollBar
GetClientRect
GetWindowRect
AdjustWindowRectEx
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
DestroyCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
ScreenToClient
MapWindowPoints
WindowFromPoint
GetSysColor
GetSysColorBrush
SetSysColors
DrawFocusRect
FillRect
FrameRect
SetRect
InflateRect
IntersectRect
OffsetRect
GetDesktopWindow
GetParent
SetParent
EnumThreadWindows
GetTopWindow
GetWindowThreadProcessId
GetLastActivePopup
GetWindow
CallNextHookEx
DestroyCursor
DestroyIcon
CopyImage
CreateIconIndirect
GetIconInfo
SetScrollInfo
GetScrollInfo
DrawEdge
DrawFrameControl
TrackPopupMenuEx
ChildWindowFromPointEx
FlashWindowEx
gdi32.dll CreateFontIndirectA
EnumFontFamiliesA
GetCharABCWidthsA
GetTextExtentPointA
GetTextMetricsA
GetObjectA
ExtTextOutA
CreateFontIndirectW
EnumFontFamiliesExW
GetCharABCWidthsW
GetTextExtentPoint32W
GetTextExtentExPointW
GetObjectW
TextOutW
ExtTextOutW
GetRandomRgn
Arc
BitBlt
Chord
CombineRgn
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateEllipticRgn
CreatePen
CreatePenIndirect
CreatePatternBrush
CreateRectRgn
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EqualRgn
ExcludeClipRect
ExtCreateRegion
ExtFloodFill
FillRgn
GetROP2
GetBkColor
GetBitmapBits
GetClipBox
GetClipRgn
GetCurrentObject
GetDeviceCaps
GetDIBits
GetMapMode
GetObjectType
GetPixel
GetRegionData
GetRgnBox
GetStockObject
GetTextAlign
GetTextColor
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LineTo
MaskBlt
OffsetRgn
PatBlt
Pie
PaintRgn
PtInRegion
RectInRegion
RectVisible
Rectangle
RestoreDC
RealizePalette
RoundRect
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetPixel
SetPolyFillMode
StretchBlt
SetRectRgn
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
CreateDIBSection
SetArcDirection
ExtCreatePen
MoveToEx
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
SetBrushOrgEx
GetDCOrgEx
version.dll GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
shell32.dll DragQueryFileA
DragQueryFileW
DragFinish
DragAcceptFiles
ole32.dll OleInitialize
OleUninitialize
comctl32.dll InitCommonControls
ImageList_Create
ImageList_Destroy
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_Add
ImageList_Replace
ImageList_AddMasked
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Remove
ImageList_Copy
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
_TrackMouseEvent

Delayed Imports

1

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.14151
MD5 216372bfc20f8f32318ef19b09cd2e16
SHA1 1e07e5f0b44d56a91e40f2d72e85a5b7b3560a96
SHA256 946370032ee874d7b229ac7cb89703f59dee1de76607bcc6bd82d8e437cc8074
SHA3 97b6a32531803fd1e6502cd2af2e464828db6b2b39190c346aa9b9cbea5693be

2

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.84538
MD5 fa70fcdf79fe20cd7938d717ea5c428a
SHA1 d1c6508f38ae09e489391191da71751edd73adc0
SHA256 a4e28fc96fa7b73d4bfebcfa6d253b608d3d4042669b11c6701654da2bfdaf88
SHA3 0343fa42e9b7143fe1c5144d00e9c6acad9a885a8f44b0642e4ffdd9dd16b2a5

3

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.68416
MD5 7c04b23884bb861566712f73828cd2d0
SHA1 f2a564e2451a1a7c7c9f2182cb5b8fc3549c928b
SHA256 32586c8df6d4af8dca43376f6715e4f35bd4e6e1f134a369c5656d02edbd2aa6
SHA3 e3e3b0f99829ad8a5455dc0e8ffc7d070418ad5a82f09c3779982fc624f5b72e

4

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x334
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.12399
MD5 247899f4f5d48d915ae35913a00e8657
SHA1 0309a535cc26a724ce08fa77622280ec375c7c52
SHA256 ea51fdb46da1476e25d603924c5a7b6238a1e8db1d9ec1dd164a5da8cdb1d8f0
SHA3 5f115dd96f30921b6c5467a1ad70807b0a00a4660151dab1f58056d1a7719598

5

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x434
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.44713
MD5 0a8f44266eabd458c238f90bdd428bfb
SHA1 2af283be5d85c00d983a5ac21e7da89f692de1d0
SHA256 a062a54f1bc450806e4b2d9442d22378c50b0a449ed6a45861c2ef2f487fe929
SHA3 b09994c82aa98dc1a27e76a4f20f14f95adeeccba5f531e412e86e38ee9d6055

6

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.95195
MD5 74e67c4ad429317a51af69d7f983acae
SHA1 563ef3800172d42991b20998af254d11f32a22b5
SHA256 5caccd5ad7c2259ae17f7bc8156fff1a2d3108795dcda304d961e30c3ea98297
SHA3 38a5bdf13f2b147ce05cc55b4e0b7ccb2591d685151414948689d19d024b9234

7

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x334
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.30447
MD5 20a1dfdddc2ef93acc809e821f087894
SHA1 8befddabf74fc80cd4447af9ac23c9fb9c898427
SHA256 2a38625fce5265fc1d54291e4d5cc820aec6af31ddaac5fed4761b186e7aab10
SHA3 44a18b5cc560f69b5daba53b48a8f5bda1544718b2e8cfe8469dbbf59a1385ed

8

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x434
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.44516
MD5 56f70b5c9a001a69fd2efb9f52395b5d
SHA1 a910b4b3905c3ad770cee6237284670b4e7db484
SHA256 d36cd6c29b03bcd3c3b312082c5318cfaf11bdb6be853805bd6023bdbcc0ab6a
SHA3 89680cceeb9c10ffc46c7f3b382ceeffdb98d4ab8f5c5c0a0b1733d5cc88eab7

9

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.71988
MD5 ea6d61f306abfd0541845bfe2d451cb9
SHA1 2ffff6db1ba106112d7f88e592f5b1888579636c
SHA256 0c5db39157715b5652f9851da40a754d6843eaf1cf3a059d537afa4ef5ecc123
SHA3 00943478acf56fa28e63340cc8373833ce1c95e28d409856945078bae9e19aaa

10

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x334
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.26315
MD5 7459850989d69fbd9be4254591a74e66
SHA1 5224d0d46c149d3f711b7b2848dd8188fba5a8dc
SHA256 bbd4e894ced50b89afd2ae7c25174648d93aa8f6755bdd041810189f7880504b
SHA3 19156228606a39dda8788fa30a1e66d0c9628876c1e45c7ec60046bf42004944

11

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x434
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.3356
MD5 0d1e8ac6ac59aeeaf34bbff6c3150d6d
SHA1 ccd37f6d34081b0bc795a6d59ed4438958064b3e
SHA256 90dbdb0296ef20effed2306446fe2d078a1d65b4f19abb75ae9ab5ea5e04d422
SHA3 693e07009fcac4fd627ceefa490d60efc6f2782aaa5f9565a4e9d47eee647c94

12

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.58702
MD5 07ed260734f7b55527d2f769621b6359
SHA1 341f41b21eecf29dcdac33c5d7b9c114e9ca4c06
SHA256 0f2a06371781c041f2004ceff5f5936e2118cbe063c0a766265499adddcb6720
SHA3 40e3eb6df1458b154a0d8ca10e556adaee3738240d9303c7a68c02fb6d26d0d4

13

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x334
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.90098
MD5 95a394bdc738a4c5cb5d4f7d7e17e41c
SHA1 47e4ce6d7f5ca80918eb73e4f7da00bfeab018cd
SHA256 7f2d50f330a8dd05983527a9052fb524f32b85b081dca1ecbd42111add680385
SHA3 f04d602d546d3cf095ee7db842e761e8b73303d6d360077eb004239c7c43505b

14

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x434
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.90488
MD5 8d2420c8100d78d05bcf2f181df62056
SHA1 2f003d9610c4d616029392ce99297d68fe28839c
SHA256 79c8bb34737a2617a58771935517e0903d9297e21c9c6e355bf18584ddd38721
SHA3 3e5e2c571a2a1bf8b3b6a9ca90ce389f914a54ccbc8dbc6db5b95490c026d60f

15

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.13248
MD5 6324322fd38a93fd050e93b3a12b2488
SHA1 bf243cb6f9635546a6a4831e6c98687e32541615
SHA256 1fc0c7932be3b5f9e48111433f2eede60198ad779b462d98617608a5e541826a
SHA3 b089d240738ad7118f61c507e06f2d12af8418d54b87fd9f11f4e6e73d5e168b

16

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x334
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.37353
MD5 f6278f414cc6b7f27fde20c938b22de7
SHA1 833c27ff0eac0635a378aebaeb07df556f924223
SHA256 70baf3857705d32fc478f601217f6c86b12e95d91fca74a9a5f522bab4d733ae
SHA3 ea685bf3c5c0135cb6691c2a2db67f7426e223b9047ff0936d31a456f4e3d079

17

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x434
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.7321
MD5 b02b90e65572789ad7ef9f12375cd765
SHA1 24e70f9cd6147281e913e6b00d5c40864d1e08cb
SHA256 2535f78806ac60b97d1bf097df18dd2f6e648cc4bb9f2c6eb55db6d27467defd
SHA3 e33a90a338b3175c9aab6c842183faec76195fdb43cbd2062cd970e4c826e170

18

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.75285
MD5 ff36766b97304ca7da8e74f38d3ee9b3
SHA1 da526ae7f53bcb7919cf9512123c6ca177663fc9
SHA256 96051f219c5d5f91cc1708a754c5742a0fe49c0a5809efe1c25ace674c56b9c3
SHA3 c6c9066d0b5cfa445aed29d326f8378e715f2536ef9247af194a1aa4c610b355

19

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x334
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.13156
MD5 fecb2a40ca14e4823b3f109226ba301e
SHA1 f0fcd5c6a5b48924856b2b45ad9db5941e2615b2
SHA256 b586a9ef537b3dae12e722dd31b67a6ddc365b21681e03d45e0f431b5b09c217
SHA3 e7c769407ad492ecd2182046c6d456baca9feefbb9e6473abcf42f9281804ceb

20

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x434
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.32921
MD5 3819daaaeb9cec5aeb231bd85f05a36e
SHA1 d80eccdf6ab31c9629f7de1653ce20e1accf5c3e
SHA256 be29fb1aedeb6c0bd5d16da6d1256f58516b8e63a7367f707ab4e1d10cbab6a8
SHA3 9a20ccf837e824e0bb3288a3ae0e70a962d3f10b210477ab83f5c77e5a7ec56e

21

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.95195
MD5 74e67c4ad429317a51af69d7f983acae
SHA1 563ef3800172d42991b20998af254d11f32a22b5
SHA256 5caccd5ad7c2259ae17f7bc8156fff1a2d3108795dcda304d961e30c3ea98297
SHA3 38a5bdf13f2b147ce05cc55b4e0b7ccb2591d685151414948689d19d024b9234

22

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x334
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.30447
MD5 20a1dfdddc2ef93acc809e821f087894
SHA1 8befddabf74fc80cd4447af9ac23c9fb9c898427
SHA256 2a38625fce5265fc1d54291e4d5cc820aec6af31ddaac5fed4761b186e7aab10
SHA3 44a18b5cc560f69b5daba53b48a8f5bda1544718b2e8cfe8469dbbf59a1385ed

23

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x434
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.44516
MD5 56f70b5c9a001a69fd2efb9f52395b5d
SHA1 a910b4b3905c3ad770cee6237284670b4e7db484
SHA256 d36cd6c29b03bcd3c3b312082c5318cfaf11bdb6be853805bd6023bdbcc0ab6a
SHA3 89680cceeb9c10ffc46c7f3b382ceeffdb98d4ab8f5c5c0a0b1733d5cc88eab7

24

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.69666
MD5 321a559e4ca9b67093e4d1eba3f7c35f
SHA1 4f2bc1a335dd636a7771070cc034e101e1b98557
SHA256 de84e37dfc7d56edf7019f961d33b71aab148cfb5611fab535af6e302e8183ba
SHA3 f58434c54141cba7c99c0ddda0b3016d9fbcfecfdf757214e115752f7c6c2736

25

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.71291
MD5 9d5206467032c1ee96bec93df854a506
SHA1 65cf429f0d5835c38b4575809046ac95617f7958
SHA256 df2877a1a7ef3316bf26010f991d03b5860b6ed87dd46ab60d85c0c5746d1884
SHA3 d8e5d7236984c524b9855bbae9831ecc6c0d5e43589b17159282c7edc2c05c40

26

Type RT_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.40524
MD5 ac5064f5d44d105879bdb1dc144a697b
SHA1 0489c59812bcbdafb59a54e3d2daf30eb6607d6a
SHA256 fc19a784a1b314dae99103c10e4253849d1a99f78d200a2e586db265e7a1ba22
SHA3 897a5cf8aa5ed2dc720249afd99749b831a8b17bb6c201b91ee1c64a4e1132da

1 (#2)

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.3418
MD5 abf3bd889ae7dc402fa664393cc55a7a
SHA1 d61661bff1ff2a20f87240307403da1272524c10
SHA256 50fe46218b6676b001a1a61782c679b1cd2ced766a66d47d2bf4d50e50dc3615
SHA3 093783debd6af0535deb8a3fbdba4986fba99932dae36b631efc3a842d2089cb

2 (#2)

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.20292
MD5 586925206724f81f31b9e903d24609d7
SHA1 bfd1405b4e8a798c6fcaba393cc03d4d1431d8fc
SHA256 ba69ec8896ae45656df283388514d64686caa932399e04b34e7568da9609cf43
SHA3 42a21d3389f87985ee67d2d596daa9dddbe7073334f2160c22fec5673ee99ef8

3 (#2)

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.19527
MD5 bdaf1f1e5db989c720088038f54beb8a
SHA1 0050350044874327638f6987940cf1565459b18c
SHA256 aa1d4ce1c81736d435a2147bc8023583d18b935413ce98baad16626549ca8c90
SHA3 5ba3589dfef0f8fe7474643ee917f70f399d44bda8acb3aa30eb967784a2f27f

4 (#2)

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.01596
MD5 2d15c15b7f0999fe3c22e43971245020
SHA1 73607937c1b244cb8a5d38c47e031759dcc96f41
SHA256 94a8cb39fb488448b2a794b132eb8b03ecdb977012e770403ae1f445575f5df9
SHA3 7d6b7001dad2bab20103f2fabcd5cfb60697ff91f9fedf7ac0c084d47662ac5c

5 (#2)

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0xa3a1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.98888
Detected Filetype PNG graphic file
MD5 c48e36bb594b77ef2692cb48672158e2
SHA1 0e29bc432c3c0d118f6d20eaab1ebf5fff14bf1f
SHA256 4c9f44de10273d65e46687b4a7c018e830b7f892382c18ee54c74c0c79b3d090
SHA3 f5cbc5b4f706f926f1a2db8988d559eb49c1477b6aad1e0d2d32c138649ffefc

LAZ_PIC_DIALOG_TEMPLATE

Type RT_DIALOG
Language UNKNOWN
Codepage UNKNOWN
Size 0x32
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.96928
MD5 fefd69e2a0f256f888409a157fae2532
SHA1 d816a6febf61a8ecc562d08f4a5145d495dd25c7
SHA256 84206051bdea064c59d10e8c709b06a3e83e07f4e73c683f569cc9a95055903c
SHA3 fcda52bbc4b633d5d12615ba0063df2b443456a7754b620998a1b5355f5b30a8

BTN_ABORT

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x294
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.66225
Detected Filetype PNG graphic file
MD5 5fa75d28bc21e824838f90531d91d9fe
SHA1 f95dd246484a691079b8c3f1a06d9433844b4d59
SHA256 6b7e6ba2456dd1c7241e0110f7f49e7cb569205ba8b4b30eee5dfef7f1ded0d0
SHA3 f9ec2f77fa497d1c6a98b66044ba38f72a119a7b5aa954f8efe244c92dd35174

BTN_ALL

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x28d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.64835
Detected Filetype PNG graphic file
MD5 a00d1115dba7ec0fe182bf9087b3842c
SHA1 1ea774fba391cdb1a06a897ebef576c2baa57171
SHA256 40afe70df948e8570d2919d043e080910fdd552ab5495353d8e12bd3c35d989d
SHA3 4550bffff5dad9d33cf202fa07aaf526bf0c977c2a0d7a0459c06b3412a22999

BTN_ARROWRIGHT

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x648
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.07996
Detected Filetype PNG graphic file
MD5 eb99799d3d23341407b3ab875cff2e58
SHA1 c73480cea57bcc59f1dc3d27bf4754ce4d932f10
SHA256 9d50f839e6457ba4f0e22c418632c5425611e5b28b5c598844f551694f94386d
SHA3 d9773fd10340143ac039e9a8c5c8b0e28e99035adbc7054767f173ddac76fb64

BTN_CANCEL

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x255
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.49727
Detected Filetype PNG graphic file
MD5 93233a07eea113abb4389e6c424fba20
SHA1 f226588c3b023db4ab55be4c31f912584cba107e
SHA256 dbeeeecbd2ccfd9b5fdd8394ff8bce1e4455073015cfcd99f7fec1fe67df8a31
SHA3 056aaba2e1931855a4cb533fe282bcfe19aa23b6bdd646bc92488ab28f7f951e

BTN_CLOSE

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x2b6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.63642
Detected Filetype PNG graphic file
MD5 fd0a40950e81405ad8dd1dd9d146d63a
SHA1 9f829fb9fd87bc1376e7c650b51ff696e5f23f5a
SHA256 7a73ede59013f0ce610c470e55941f31b2c34a22428bcb2a4baefcc4bcecaabe
SHA3 510471f3b84cd7d6a83c024c6dfa196fcec3cce9395df7619c2cecbe67b1d7ec

BTN_HELP

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x34b
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.7209
Detected Filetype PNG graphic file
MD5 8de8fdcb96e0f95b88535301987afcb3
SHA1 792fd8669b4472ff68fb44da239a6390da8a8402
SHA256 8e9c461d3a1b5adfd6be90d1efa6f84289c4e318bcff00c604a404c87739cca2
SHA3 04683941be1ec3e95471fe271e066dad19d98da1707b4b93db237e834d0fc722

BTN_IGNORE

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x249
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.56405
Detected Filetype PNG graphic file
MD5 089554d1dd7b0c7a6347649ee9dbe6e0
SHA1 186ace456a9ace761de3d90adf3ed04e9147f06e
SHA256 348df08fa388198cb301cdc09eebdab4f1dcb1b556dccf448933f70e4ea6b123
SHA3 aec359929d2270244f3fcaaef6a86709b5681d221c4f0e10230564e089d1f7ba

BTN_NO

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x2e7
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.65692
Detected Filetype PNG graphic file
MD5 f0914d881326fe5106c973cc3a098290
SHA1 0eef8b004f0df485060d9eb83736c1651a60e3f0
SHA256 5ed873fa59ed7c6e126b88845f00cba1227ee8217aa4e2635eae27d733c031d4
SHA3 362b4b95440f7f9bab16a6914260735e2e9c15218aa905f3c6cef97b23824e04

BTN_OK

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x1f8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.21533
Detected Filetype PNG graphic file
MD5 70dd7eae3c4ef712c7f991bb55a21aaa
SHA1 40ccb8d8cd3cc9d116888c1334126e99fc66e40c
SHA256 f29f5c0cb948c15f008efea4fe1670607cfda9e991866d35a0f9926edb492ffb
SHA3 31e1557669e8cb828570b23eca76699ed62020c03b2338fe138a41ab6d837127

BTN_RETRY

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x349
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.7235
Detected Filetype PNG graphic file
MD5 907628cb917cc0c3eacebf329b9540f8
SHA1 eba5f3fdda9d3dd4ec9e179613b29430dc0911b8
SHA256 fdd13596888da8d1a29661a230830a8ea6d7a89f35c5ffa4ed6c0df13981807e
SHA3 8878d9b9b8270fcf3a741671f8f4341f2806ba8c547ebbc391f481586e6dec2a

BTN_YES

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x1f8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.21533
Detected Filetype PNG graphic file
MD5 70dd7eae3c4ef712c7f991bb55a21aaa
SHA1 40ccb8d8cd3cc9d116888c1334126e99fc66e40c
SHA256 f29f5c0cb948c15f008efea4fe1670607cfda9e991866d35a0f9926edb492ffb
SHA3 31e1557669e8cb828570b23eca76699ed62020c03b2338fe138a41ab6d837127

DBGRIDCHECKEDCB

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x1c1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.56347
MD5 c503cb13d753a9532e153409861853a8
SHA1 6f61624fa99d7c861f6f2c571732e0456708c822
SHA256 4c13c31fd77c885037093f6bbe323dce2747979ed7d44f3de26be1e787e3b60a
SHA3 0de49581a48bb68e6570e842cee713a6920617409f59eaf1b01c7f4bd67fd8d0

DBGRIDGRAYEDCB

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x1c0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.3172
MD5 c2984c2ce9974ab898cae57198a54cf1
SHA1 f2584241f7859d62605e920e16c6cfdbe7813cfa
SHA256 fd5e0622eaa503c505a3ea3e3e2f5d100b430e4ccd1e9a27620f5bdae96a5a27
SHA3 f66dcb53c5bc1b2144b5311a4ccd64694b5a34b3a1a4558c8dd86aedfa23f64a

DBGRIDUNCHECKEDCB

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x1c3
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.39199
MD5 6238233353ea62834ab570979b6a001b
SHA1 6fc3d680e3960fb3835d216c74c2a35dba8460df
SHA256 394e19feb335006b645b0b4024fbc63605cd8a2d25630fc61e7d70c9d6447b9a
SHA3 ac920cb61da535919120c1a907bd3f5a3545ff05bca29ce66fb8769ef5c76627

DIALOG_CONFIRMATION

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x822
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.89967
Detected Filetype PNG graphic file
MD5 c24ee1ff4117c3f8c541e0cca00e0c94
SHA1 0b117a0499db5f5ce2e165fa1d8e13fadcb81f1b
SHA256 842914e746afd743c0b4319b2ccb1d80f1e88ec1c162cbd70112d81e68f7c5c0
SHA3 8eba1e15a6607f80139e763f60602e075086916fdcc2d485d0aef5b977b02cdf

DIALOG_ERROR

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x605
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.84224
Detected Filetype PNG graphic file
MD5 7ce226dde7656ff1c1ded9bde7389884
SHA1 569ea8f3d474a12b98b7752d6b9454480eb7c789
SHA256 b965e37e3bb998029faf25df2fa9bef5b3c4e4f7d52054e1b707c1b1cc1d5ed1
SHA3 16ca36fb5f8de77276f577c0fd082dafb4c034cfc23c03976145ab76b0106ba7

DIALOG_INFORMATION

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x722
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.87157
Detected Filetype PNG graphic file
MD5 11ce57ca14e3dece5a90a1268158ba9f
SHA1 3fb25fc2f5983feaa1b7c46043123a08617268ae
SHA256 a0a1b573a6b491299c13d2728ee7bd0ea9417ab35183eefe55cca090ffd535c3
SHA3 814d767229c99d752e862bd5e123d69d02af395d60aa66f4fb8c365e633af782

DIALOG_SHIELD

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x713
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.85888
Detected Filetype PNG graphic file
MD5 038bed7ce6b4ea50338f36467d216aef
SHA1 217ca008458cdfcb17f58fc29c9482636a5a0edd
SHA256 b8748c0322852287a898da843a4dea7d581151ae42aa920fcd6eed2c69d098cc
SHA3 852141efdc96784107390fcde2dfd8844274bd836f7f690b4526d83dbd1e4ffc

DIALOG_WARNING

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x512
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.82361
Detected Filetype PNG graphic file
MD5 b68a0e5a62091edf8322b193b5101b4a
SHA1 f8a90ca769f51dc3cab6696dcc321374a571bf08
SHA256 408da8e699df3b28f178859773ef0a3bae5bb98e6359a37335b71efcea534fed
SHA3 1b05d1badec55509ae320c57b43868b70beea77508a9a684480f7453b15dfed7

SORTASC

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x26b
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.61507
Detected Filetype PNG graphic file
MD5 c337d2cafafd65fed2b7d5fdbce44e2e
SHA1 a0bb18dfff408b588f84c44bfdcb5258c433848b
SHA256 81bcf9895ade80fe0b874129ac13895d43f4a1c987898a6f8f6570b20d2ad8cd
SHA3 2eb6b1b49064828db838475b41628d083915a9f68124eb44171f66cab2b4fbb8

SORTDESC

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x24f
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.52906
Detected Filetype PNG graphic file
MD5 80fde6be9b645fd4aeadcddc0f5f4a9a
SHA1 bda3d9d90bd458c9ac5e0d25fc843f8242ab277f
SHA256 b92525b1a009ae96bd4eaa226f38274a0e226140fbf10f575928ffdce85c31af
SHA3 e6b2ac8d926bce6732b15efc451f2fbcac8888cc61ef5a30a9065196a1e38e93

TFORM1

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x2292ce
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.91693
MD5 59f7a430adfc7e3350f55dfe77703674
SHA1 87144e085e9be236369295c11491788caec77069
SHA256 32c90177bd06daa87de0ad6ee32ef2bb632d8794224f5fe094c7100b073dff21
SHA3 e42b5effece6e8a1322dc523b8d72422d4b4b9ebda60f625d2e4e7737cf9a36f

CUR_1

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.83876
Detected Filetype Cursor file
MD5 a2baa01ccdea3190e4998a54dbc202a4
SHA1 e8217df98038141ab4e449cb979b1c3bbea12da3
SHA256 c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710
SHA3 8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc
Preview

CUR_10

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.91924
Detected Filetype Cursor file
MD5 aff0f5e372bd49ceb9f615b9a04c97df
SHA1 e3205724d7ee695f027ab5ea8d8e1a453aaad0dd
SHA256 b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c
SHA3 9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712
Preview

CUR_12

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x30
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.47543
Detected Filetype Cursor file
MD5 7dbe38cb039bee1cad82f3d1ecca2f43
SHA1 57087f3270093244748eeafe82c02c3072069192
SHA256 fec1d2e29c0b714d35cccee2a58336c6d8faf737ebe358fdac809cb14a86cedc
SHA3 675e6d758b3eabe47bc1ffc2fd13df0de64027551fd6ff565a803fe6b4769799
Preview

CUR_13

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x30
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.57449
Detected Filetype Cursor file
MD5 abb2893182a5b8d2329fc7e82e813b0c
SHA1 ace81b82a5856b19099742704626054ba8a21377
SHA256 d6928fa43bb9bd29be828a7d23e2d2b01bd3350926012c134ef81ad71e989772
SHA3 82ff3d6428bd1446310058d5fb44e9519c6ba7faeccea99f0b0bc9c24d62026e
Preview

CUR_14

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x30
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.57449
Detected Filetype Cursor file
MD5 978461672c2cd5a5a5dbb721af4d6791
SHA1 29f032af5bc73137a49c1a276085bd7d54a0c2ea
SHA256 e72055d4322b7fdd808af83e3cf59721a7e06077fc2f70148274fff2dfc6b3a3
SHA3 b595d10a5e1dcf86869e296ae581e1d40a98eb27356c745827c45e5cc60c8a33
Preview

CUR_15

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x30
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.57449
Detected Filetype Cursor file
MD5 7caf6a3df76ac196c10db3b9d37d30d7
SHA1 0b947bb9a27045971a0183d5f65d0954e845a849
SHA256 c51d04794f93991b820a261a4f7d6d034e7dbfe7eb2ee0ff3ff4ecfcc15e035b
SHA3 b07d6f7b5d960d1cfd03be7b763b3ddd501221b58a786f3b65c527d24fa18f02
Preview

CUR_16

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x30
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.57449
Detected Filetype Cursor file
MD5 42436382568435516b6340526d4eebaa
SHA1 b61243141b41982b9c81bb2cfae5b4609dd23fcf
SHA256 7d8f562b3b29f6fc9cd512c15eaf25378d761b16d3f0d06e2f51fc4c39b54b4f
SHA3 eb90fa5771ab1f71e34344ef4ebee714f2ef9f677fb15574e1e9e3dcc1614191
Preview

CUR_17

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x30
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.57449
Detected Filetype Cursor file
MD5 9984fe0969e1053cfc2db737d62a23ba
SHA1 2a992931f3a3699c996bfa5e66526294148e5df3
SHA256 e1bd5c69909aa5a99d8e962e86a9d452d7d83d778f5db3ad5bb3d6956d8874ff
SHA3 9fad46cc03453dacaf4e9d01a84121a27c43e4bfb08f5677a605463a38d1f575
Preview

CUR_18

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x30
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.57449
Detected Filetype Cursor file
MD5 f0fe207138a22bbd0945d5ad34fe8881
SHA1 b5bac7d6cffe0317694115ec207bf3e2f17c569a
SHA256 41d0b53da694f0f1d2f752d963261dfa5c3ff7954af8fb52f8b33effda20c39a
SHA3 2007724f9171b6cea7e331ca0be905224001602e459a05a5149d8c1498746336
Preview

CUR_20

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 2fbccba7b754792dfc2070456e66fbd7
SHA1 6017f22c993c7d724876e35e8c54e7c4603eafae
SHA256 60a0a8bc0169228c8af42c377d93a218ccc9712a17b76ef014f81e156a36c66f
SHA3 f1edf8c8df156e449682ec443c0a87232b94e17062148388949ba84b7eb55227
Preview

CUR_21

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 eaf1b83c561a97555fc0cde38891a389
SHA1 29eca824a284b26bb760963ad84bce64799dc770
SHA256 b077d477d0775d0b86be9bedee8ec134bdc213d6941e9ae60adcf8bdd18623cc
SHA3 2f4c2fa13d5c6dda7479c65d1e74e7d1977e50560f25c62b466daad9e75722ae
Preview

CUR_22

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage UNKNOWN
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 79ae5478465a9feb537afcca01f560d8
SHA1 48a70a0e9667e0f1726a2bac4c971616e1980c1a
SHA256 90b143ec83ef48639ea48969a1d0850aa14b573b48dadef87e4230e42bdb5971
SHA3 db5dc137de891f95ecec33bb5ab37284a6b6e93c595a6892970111442b14c483
Preview

MAINICON

Type RT_GROUP_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x4c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.64638
Detected Filetype Icon file
MD5 9259e37127b1409de8a3cca640b29873
SHA1 2b99d3ad615358c326a57943fa4dc27f3361d01c
SHA256 4b4c82769cecbec7e0b23e7c56ac895b8dd0c8c4a78e1a0128ea2af101bd4938
SHA3 2f87810cc68a231e7dd3899f9784aba330ec4f99274b65bdb47debf4073ca1ba

Version Info

TLS Callbacks

StartAddressOfRawData 0x100000000
EndAddressOfRawData 0x100000000
AddressOfIndex 0x1001cc3f0
AddressOfCallbacks 0x100da1000
SizeOfZeroFill 0
Characteristics IMAGE_SCN_TYPE_REG
Callbacks 0x00000001000151A0

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!
<-- -->