Manalyze report for 918c69d572366acbccd2386750d7e55e

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2008-Jan-23 19:25:42
Detected languages	English - United States Russian - Russia
CompanyName	Fairdell Software
FileDescription	HexCmp
FileVersion	`2.34.0.0`
InternalName
LegalCopyright	Fedor Mishin
LegalTrademarks
OriginalFilename	HexCmp
ProductName	HexCmp
ProductVersion	`2.34.0.0`
Comments

Plugin Output

Suspicious	PEiD Signature:	`ASPack v2.12`
Suspicious	The PE is packed with Aspack or Armadillo	`Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found: .adata` `The PE's resources are bigger than it is.`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA` `Can access the registry: RegCloseKey`
Suspicious	The PE is possibly a dropper.	`Resource 1 is possibly compressed or encrypted.` `Resource 2 is possibly compressed or encrypted.` `Resource 3 is possibly compressed or encrypted.` `Resource 4 is possibly compressed or encrypted.` `Resource 5 is possibly compressed or encrypted.` `Resource 6 is possibly compressed or encrypted.` `Resource 7 is possibly compressed or encrypted.` `Resource BBABORT is possibly compressed or encrypted.` `Resource BBALL is possibly compressed or encrypted.` `Resource BBCANCEL is possibly compressed or encrypted.` `Resource BBCLOSE is possibly compressed or encrypted.` `Resource BBHELP is possibly compressed or encrypted.` `Resource BBIGNORE is possibly compressed or encrypted.` `Resource BBNO is possibly compressed or encrypted.` `Resource BBOK is possibly compressed or encrypted.` `Resource BBRETRY is possibly compressed or encrypted.` `Resource BBYES is possibly compressed or encrypted.` `Resource 4084 is possibly compressed or encrypted.` `Resource 4086 is possibly compressed or encrypted.` `Resource 4087 is possibly compressed or encrypted.` `Resource 4088 is possibly compressed or encrypted.` `Resource 4089 is possibly compressed or encrypted.` `Resource 4090 is possibly compressed or encrypted.` `Resource 4091 is possibly compressed or encrypted.` `Resource 4092 is possibly compressed or encrypted.` `Resource 4093 is possibly compressed or encrypted.` `Resource 4094 is possibly compressed or encrypted.` `Resource 4095 is possibly compressed or encrypted.` `Resource 4096 is possibly compressed or encrypted.` `Resource TABOUTFORM is possibly compressed or encrypted.` `The binary may have been compiled on a machine in the UTC-5 timezone.` `Resources amount for 213.749% of the executable.`
Suspicious	VirusTotal score: 1/68 (Scanned on 2021-05-19 13:01:01)	`APEX: Malicious`

Hashes

MD5	`918c69d572366acbccd2386750d7e55e`
SHA1	`442fed75586704ff4f2575719beaba198d722ab6`
SHA256	`9bf004ce7ffbdcc020f5f3dce94888791b0e8647c48c7ce89588fb2fd5cbfb34`
SHA3	`a5f004ddcabb4e944555a5b6841a44ed9e2e37cbc51c339c4dd4283a95388be5`
SSDeep	`12288:soiXCoW507opMKEGuaanC4VTDimtdcsGSeDDL/:HiSPWcpaxC4VTZpbYDL/`
Imports Hash	`e3f58240cd86f0c753e3ff5138743174`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x200`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`10`
TimeDateStamp	2008-Jan-23 19:25:42
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_DEBUG_STRIPPED` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`5.0`
SizeOfCode	`0xbc000`
SizeOfInitializedData	`0x1e000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00001000 (Section: )`
BaseOfCode	`0x1000`
BaseOfData	`0xbd000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x1ec000`
SizeOfHeaders	`0x600`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x2000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

Section_1

MD5	`c8699b0258ac71b1e288cdeb1041b3b2`
SHA1	`753bdcd80df9eb91640bc2f06e1b945d04f019a0`
SHA256	`209e0e7f2c69bd630f64c638d2c060801bdb350c390cbb3348dc350138feca51`
SHA3	`6a77a26c35f013b0ef49d4c0e37f70fad93ce9af3c723eb910cb1143673a4d9c`
VirtualSize	`0xbc000`
VirtualAddress	`0x1000`
SizeOfRawData	`0x42800`
PointerToRawData	`0x600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.9992`

Section_2

MD5	`e63ae8fbdcfc5ffb4d4f23063921266d`
SHA1	`d125fa93ec465773b075dcdeb1df41553c9e1447`
SHA256	`121f5b4003c70e333344173883dbc5cf00ec1eef6a8198773907f649175da1d3`
SHA3	`c38f294147296fdc4d17b543bad6ffe7258d50350789771eafc5dcb0a857be84`
VirtualSize	`0x1e000`
VirtualAddress	`0xbd000`
SizeOfRawData	`0x5600`
PointerToRawData	`0x42e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.97818`

Section_3

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x1000`
VirtualAddress	`0xdb000`
SizeOfRawData	`0x200`
PointerToRawData	`0x48400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

Section_4

MD5	`495646ac489789c6fe2a67a20c9541ae`
SHA1	`1dc89102fc054107599020d0ecd173959de4f259`
SHA256	`539d8d3351aa9fef8a0acd1d7a076c618b9467d8e100264a40ef802cee667cf0`
SHA3	`20b740ca1d0bfd080330ad304113b5b9091f9c1e9bd7480447a49f6cb1d47b22`
VirtualSize	`0x1000`
VirtualAddress	`0xdc000`
SizeOfRawData	`0x200`
PointerToRawData	`0x48600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.204488`

Section_5

MD5	`29383a176d916f1ead8bd37564c3acaa`
SHA1	`3789939ba5f9d8b1e148f5c572e5cef32ba0996a`
SHA256	`a975c93d1fa727fe2a4d6f752c59122c289dd0d8c0dc0dd1084c6d901e6e2467`
SHA3	`ed3103af5d57d1fd90aa6b4f468824efaa86863f8bfb47a7bf6235425cdfd4dc`
VirtualSize	`0x3000`
VirtualAddress	`0xdd000`
SizeOfRawData	`0x2a00`
PointerToRawData	`0x48800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.97483`

Section_6

MD5	`522c44f0c216f5c90817f733fac94a89`
SHA1	`4a70eef88d1ba35d0e490b18073372b162a90a2d`
SHA256	`d492ab97af78c448b06cf8f5431fa883c34ba0cbd0f3b3a920ea84a9f7d1db0a`
SHA3	`647fe8b4b1cac4fc396481ae750dfe0cbfb7614cdba2aa5b295af509dea71210`
VirtualSize	`0x1000`
VirtualAddress	`0xe0000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x4b200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.42381`

.rsrc

MD5	`556d58cf5cf993c5d50f8bd9a20907bc`
SHA1	`645869b3dde061e56bf5eb970e78130dc7f57c87`
SHA256	`19b5badc249db4f01867ac47365a8fe8b36ce7fc260611c33d9d88ea085a11c9`
SHA3	`c3ed6d92befda4c0a75afd854203bd26305255b435762a3d141e22d717bdf931`
VirtualSize	`0xeb000`
VirtualAddress	`0xe1000`
SizeOfRawData	`0x10000`
PointerToRawData	`0x4c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.92028`

Section_8

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0xd000`
VirtualAddress	`0x1cc000`
SizeOfRawData	`0`
PointerToRawData	`0x5c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.data

MD5	`65b5b1b5b749fecb3244b5317e428332`
SHA1	`8c6d4805fbdd28722cf91246537724ee398043fd`
SHA256	`730a7a96ad5610aa376a6580fb8de4ec62c7a47ce81bcbed6699808302d3f7b6`
SHA3	`6c64b66a14f9f4f4ef3eb67bc47a7135588003f19f60adb09389336bc43dfc50`
VirtualSize	`0x12000`
VirtualAddress	`0x1d9000`
SizeOfRawData	`0x11600`
PointerToRawData	`0x5c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.74134`

.adata

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x1000`
VirtualAddress	`0x1eb000`
SizeOfRawData	`0`
PointerToRawData	`0x6d600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

Imports

kernel32.dll	`GetProcAddress` `GetModuleHandleA` `LoadLibraryA`
advapi32.dll	`RegCloseKey`
version.dll	`GetFileVersionInfoA`
winspool.drv	`ClosePrinter`
comctl32.dll	`ImageList_Add`
comdlg32.dll	`ChooseColorA`
gdi32.dll	`AbortDoc`
shell32.dll	`DragAcceptFiles`
user32.dll	`ActivateKeyboardLayout`
ole32.dll	`IsEqualGUID`
oleaut32.dll	`SysAllocStringLen`

Delayed Imports

__GetExceptDLLinfo

Ordinal	`1`
Address	`0x1059`

@@Mainfrm@Initialize

Ordinal	`2`
Address	`0x220f8`

@@Mainfrm@Finalize

Ordinal	`3`
Address	`0x22108`

@THexMemo@$bctr$qqrp18Classes@TComponent

Ordinal	`4`
Address	`0x22118`

@THexMemo@$bdtr$qqrv

Ordinal	`5`
Address	`0x2235c`

@THexMemo@CreateParams$qqrr22Controls@TCreateParams

Ordinal	`6`
Address	`0x2242c`

@THexMemo@CreateHandle$qqrv

Ordinal	`7`
Address	`0x224cc`

@THexMemo@Resize$qqrv

Ordinal	`8`
Address	`0x22554`

@THexMemo@OpenFile$q17System@AnsiStringio

Ordinal	`9`
Address	`0x226f8`

@THexMemo@CloseFile$qv

Ordinal	`10`
Address	`0x22f24`

@THexMemo@SetChars$qqro

Ordinal	`11`
Address	`0x231a4`

@THexMemo@SetFontSize$qqri

Ordinal	`12`
Address	`0x23218`

@THexMemo@GetFontSize$qqrv

Ordinal	`13`
Address	`0x23228`

@THexMemo@SetFontName$qqr17System@AnsiString

Ordinal	`14`
Address	`0x23238`

@THexMemo@GetFontName$qqrv

Ordinal	`15`
Address	`0x2329c`

@THexMemo@WMHScroll$q18Messages@TWMScroll

Ordinal	`16`
Address	`0x2332c`

@THexMemo@WMVScroll$q18Messages@TWMScroll

Ordinal	`17`
Address	`0x2349c`

@THexMemo@Redraw$qv

Ordinal	`18`
Address	`0x237b8`

@THexMemo@IncludeSkippedElement$qjj

Ordinal	`19`
Address	`0x237d4`

@THexMemo@ExcludeSkippedElement$qjj

Ordinal	`20`
Address	`0x23b04`

@THexMemo@IncludeGroupElement$qjji

Ordinal	`21`
Address	`0x23c20`

@THexMemo@ExcludeGroupElement$qjj

Ordinal	`22`
Address	`0x23cf8`

@THexMemo@GetGroup$qjrirj

Ordinal	`23`
Address	`0x24108`

@THexMemo@OnCursorTimer$qqrp14System@TObject

Ordinal	`24`
Address	`0x24348`

@THexMemo@ShowCursor$qo

Ordinal	`25`
Address	`0x249ac`

@THexMemo@MouseDown$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii

Ordinal	`26`
Address	`0x249e8`

@THexMemo@CursorNextChar$qqrv

Ordinal	`27`
Address	`0x24cc8`

@THexMemo@CursorPrevChar$qqrv

Ordinal	`28`
Address	`0x24d54`

@THexMemo@SetBlinketCursor$qqro

Ordinal	`29`
Address	`0x24dd0`

@THexMemo@GetMinHeight$qqrv

Ordinal	`30`
Address	`0x24df0`

@THexMemo@CreateWindowHandle$qqrrx22Controls@TCreateParams

Ordinal	`31`
Address	`0x24dfc`

@THexMemo@Paint$qqrv

Ordinal	`32`
Address	`0x24e24`

@THexMemo@SetMemoCursorPosition$qqrj

Ordinal	`33`
Address	`0x27428`

@THexMemo@SetCursorActive$qqro

Ordinal	`34`
Address	`0x276d4`

@THexMemo@SetByteCursorPosition$qqro

Ordinal	`35`
Address	`0x27720`

@THexMemo@SwitchCursor$qv

Ordinal	`36`
Address	`0x27730`

@THexMemo@SetMemoPosition$qqrj

Ordinal	`37`
Address	`0x27750`

@THexMemo@ClearGroups$qv

Ordinal	`38`
Address	`0x2789c`

@THexMemo@ClearSkipped$qv

Ordinal	`39`
Address	`0x278d4`

@THexMemo@GetValue$qj

Ordinal	`40`
Address	`0x27a64`

@THexMemo@GetFileOffset$qj

Ordinal	`41`
Address	`0x27ac0`

@THexMemo@GetMemoOffset$qj

Ordinal	`42`
Address	`0x27afc`

@THexMemo@PushKey$qc

Ordinal	`43`
Address	`0x27bc0`

@$xp$8THexMemo

Ordinal	`44`
Address	`0x27ec4`

@THexMemo@Dispatch$qqrpv

Ordinal	`45`
Address	`0x28270`

@@Hexmemo@Initialize

Ordinal	`46`
Address	`0x28448`

@@Hexmemo@Finalize

Ordinal	`47`
Address	`0x28458`

@@Preferencesfrm@Initialize

Ordinal	`48`
Address	`0x28c54`

@@Preferencesfrm@Finalize

Ordinal	`49`
Address	`0x28c64`

@@Fileinfoframe@Initialize

Ordinal	`50`
Address	`0x29970`

@@Fileinfoframe@Finalize

Ordinal	`51`
Address	`0x29980`

@@Gotoform@Initialize

Ordinal	`52`
Address	`0x2a860`

@@Gotoform@Finalize

Ordinal	`53`
Address	`0x2a870`

@@Findfrm@Initialize

Ordinal	`54`
Address	`0x2b7b8`

@@Findfrm@Finalize

Ordinal	`55`
Address	`0x2b7c8`

@@Searchstring@Initialize

Ordinal	`56`
Address	`0x2c0c8`

@@Searchstring@Finalize

Ordinal	`57`
Address	`0x2c0d8`

@@Cmpfrm@Initialize

Ordinal	`58`
Address	`0x2c1f0`

@@Cmpfrm@Finalize

Ordinal	`59`
Address	`0x2c200`

@@Cmpthread@Initialize

Ordinal	`60`
Address	`0x2c7f0`

@@Cmpthread@Finalize

Ordinal	`61`
Address	`0x2c800`

@@Filemap@Initialize

Ordinal	`62`
Address	`0x2db58`

@@Filemap@Finalize

Ordinal	`63`
Address	`0x2db68`

@@Aboutfrm@Initialize

Ordinal	`64`
Address	`0x2e240`

@@Aboutfrm@Finalize

Ordinal	`65`
Address	`0x2e250`

@@Regfrm@Initialize

Ordinal	`66`
Address	`0x2e5dc`

@@Regfrm@Finalize

Ordinal	`67`
Address	`0x2e5ec`

@@Savedifferent@Initialize

Ordinal	`68`
Address	`0x2f208`

@@Savedifferent@Finalize

Ordinal	`69`
Address	`0x2f218`

@@Savedifffrm@Initialize

Ordinal	`70`
Address	`0x2f338`

@@Savedifffrm@Finalize

Ordinal	`71`
Address	`0x2f348`

@@Setshiftfrm@Initialize

Ordinal	`72`
Address	`0x2f4c0`

@@Setshiftfrm@Finalize

Ordinal	`73`
Address	`0x2f4d0`

@@Intelhexfilemap@Initialize

Ordinal	`74`
Address	`0x2fc64`

@@Intelhexfilemap@Finalize

Ordinal	`75`
Address	`0x2fc74`

@@Map@Initialize

Ordinal	`76`
Address	`0x2fc84`

@@Map@Finalize

Ordinal	`77`
Address	`0x2fc94`

@@Printfrm@Initialize

Ordinal	`78`
Address	`0x32660`

@@Printfrm@Finalize

Ordinal	`79`
Address	`0x32670`

@@Localize@Initialize

Ordinal	`80`
Address	`0x3a168`

@@Localize@Finalize

Ordinal	`81`
Address	`0x3a178`

@@Motorolahexfilemap@Initialize

Ordinal	`82`
Address	`0x3a850`

@@Motorolahexfilemap@Finalize

Ordinal	`83`
Address	`0x3a860`

@@Searchfileentry@Initialize

Ordinal	`84`
Address	`0x3ab68`

@@Searchfileentry@Finalize

Ordinal	`85`
Address	`0x3ab78`

___CPPdebugHook

Ordinal	`86`
Address	`0xbd484`

@THexMemo@

Ordinal	`87`
Address	`0xc975c`

_MainForm

Ordinal	`88`
Address	`0xd694c`

_InfoFrame

Ordinal	`89`
Address	`0xd695c`

1

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.25052`
MD5	`f938c5a47e347469fc9e6428e140ea92`
SHA1	`5802fc1676f42ed747f2602578f891d9afe7ec78`
SHA256	`32aa3370b8c7b63fded4ec75908d678a3fe1833e2195c4db024613a321851f52`
SHA3	`3ef4944c7698a185949de4cc4a378295ff01fb228b2fdd13b646238430fefd32`

2

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.3322`
MD5	`d57cb1a4de6c5eff65924c5068f65262`
SHA1	`e97a7c06ded2b11428bd841a899cbc16106af13f`
SHA256	`645e5b224e2e5a0eae0fc923a486fd8e5d7b4df556248c93dfd38b068d2456f7`
SHA3	`07a53baab0053bf458a2712ef03b257567ac091a097035a13719f0878622debe`

3

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.19269`
MD5	`aa6e6b5fcf0fb502a2971b73159b667d`
SHA1	`bcafff128a513c34eed2c700e6ccdb830120b014`
SHA256	`1b09cb95f62104af13da7a548085e9f27a845bde09dfa0feab033e3497624b5c`
SHA3	`c0ba0615764ef791c3ac27c9969eac34ebc91df58e22566267a29a9c2f137a39`

4

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.2847`
MD5	`47b94f5875ff995945a89b88bebaa0ff`
SHA1	`e595de7ff1a0df53565afcc9a7038055369f44c3`
SHA256	`dae1aa2458f6874c1b4b5063f7daee54d75668516c537ae6aa9c47fe415584fd`
SHA3	`ebbe925c79df55a6c26721016725684d4eb46022314f9e46e151c36186962f93`

5

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.22688`
MD5	`64ea917e78bc15fc04b73bd9cf86f338`
SHA1	`c79a644bccf47b6b01593f75ec905f204a87ab75`
SHA256	`5de90fd649d1f046a92e15168525c98c5350e1f1a445e168a56e42a0a20e6eb4`
SHA3	`a17536179e0e2795f2e9b9b00ded7c7a18a4d11046a7fe2c248038c384fdcfa6`

6

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.25224`
MD5	`eed81e341bbaafcd223f870b6ae45423`
SHA1	`676b973213992307fa1b0f5db70e5028fd9420b9`
SHA256	`429b445c2a26b2d9b2cb4374dfce2b074502cc3d0f4366d04f32297409518585`
SHA3	`914b4f0f4a5bbc0d38e7dff5e8aab7947635bb68efbc9c01156a92b640b2d778`

7

Type	`RT_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.32538`
MD5	`e51b370e79114d8a84b4d19b48bbe317`
SHA1	`809dc79bc6b17d89af39608610e9ecfdb1d3bb95`
SHA256	`2e04baf46744688ac0d0102b2cc5f72237c3c6732804053ceb3aaffe29be6d6f`
SHA3	`2a06d873b74947117fd4d7ed3a5cff9de47aedc5742bbd34e5aa70f7e562a601`

BBABORT

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.56314`
MD5	`375283e228cbf8a3c752b5a498f3553b`
SHA1	`569c22885d42ed8164df69cb15eed30938205fba`
SHA256	`694ad18976844cedf3b3b2aade4145521763b38970695185fbd5d755ccced910`
SHA3	`9a5038bd9a633958af53aba895928616db3d0e43129c837dc4323cd8d196a18a`
Preview

BBALL

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1e4`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.54201`
MD5	`9c23f5c28bcd40d9800fdd7645125c93`
SHA1	`cd0a2f737c7a50d7b2e45a4d016a5bdbd20bacf5`
SHA256	`6801f4f569747c260687c0de68376df96b10ec927de2e772d6b82096c84103c3`
SHA3	`f1d9a6d4fcfef48f04d1b4dc675fb59e3a78e464d844122a5fac4b87c7852683`
Preview

BBCANCEL

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.515`
MD5	`0d47d73d4137a26181d516fb2c1b414a`
SHA1	`21c74d49bf713d2bacadd2c8bf1023aea7acc853`
SHA256	`0ba562a70c0cc7587e7bcb63e72e6e80e2951ec27f138dbf24a36cfe1ed772dc`
SHA3	`7a8094dcb221b49ab7ba01ac31ad27e9e8cab2879dc04a9988cc88e1f87be817`
Preview

BBCLOSE

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.5329`
MD5	`799670257764b3cc13c6f095ee92c3dc`
SHA1	`cd6fe2cac0c3d69aeb30531dad8887993f85b087`
SHA256	`cc2bb93cc43ec5027e58ccf5477c92896a1d5cd5cfe6b19b11b379a861dbb33a`
SHA3	`8e8c5792869e5cc323f715317e94e475debc0ab03e957067d09803312af9ddcb`
Preview

BBHELP

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.4643`
MD5	`7bdd38ef8171c000261ed8c510fd4fb2`
SHA1	`ed89b00144f3b400b7d1bcfa1c909bed4d64a119`
SHA256	`dae6c0f2469cd3fada8fa3037b03d404d7c4db24c8afb7d990f97147980ce250`
SHA3	`e4ac3116c0c203eff0af833484f5b4b121cbfec93652315db4134b3197850b39`
Preview

BBIGNORE

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.52263`
MD5	`0c0df2b64f639c9818a036d6fc6fa0c5`
SHA1	`419b9b4c46d9c0b02d08c52d28705ac96a0ee591`
SHA256	`a25b20c19b6cb51779580a4a9227dbc887e395c828f318026253019b26b125b2`
SHA3	`143ba5bc381b865a63d7a4a542e92852f6920cb668008487fde7e3549b407699`
Preview

BBNO

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.46957`
MD5	`a6eefe1efe7cdfa9b5bf36496d66baa4`
SHA1	`2b30279e55b80ca6697d6140837830b7cace5d1c`
SHA256	`e8edf494b952c3e32c55bdce444fc2498a027e0ed0795faf4035474c2302926d`
SHA3	`48e14e7e0a44bb609daf27e169b9f465abd90146b7dd40c07f71ad4d34599832`
Preview

BBOK

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.53195`
MD5	`382a6aff01e9099a03e992e733087834`
SHA1	`075a9300cd95ba31fbdcaed6258ba9eab2cd14e4`
SHA256	`1ddfa5426c2eb12ca425dfa1f165ad706287e51023b69a1b51115564a2fec677`
SHA3	`5fbb90886cdbfa31f4fc802f5cc1dac8f1d154b6afefb37c840691e2d76761f2`
Preview

BBRETRY

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.55018`
MD5	`3ea2c758a7fa38b45d30fee3e7fb2c16`
SHA1	`b87484d44222fd7f8ee8cc410898f39d3ba22edb`
SHA256	`a3e895f2ad8ea053d3c96c33af35a18334ecd9bf3628021a033e33a7e560f8e4`
SHA3	`bc84c5ffaa26847aee7797b2773d5b0fec33cc177b646ce4d327617c5fe4a760`
Preview

BBYES

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.54085`
MD5	`a13c0308ffe8aad09857a40b35339917`
SHA1	`279fc0dacb8fbfa72707a5759c770cb49179b370`
SHA256	`46a93d67ea95389848073fe68c903334e0dd5b72b5d91bf1bf88ca69151acef5`
SHA3	`dad637f4014bae32efdd486b80cd816ea5995a0589530503aba6050cbafb829e`
Preview

1 (#2)

Type	`RT_ICON`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`5.52628`
MD5	`296924938806e219bac61144d7a5ee4c`
SHA1	`7738ec8fcf1f5d7e749d0ef7ea83bfd22ba8bb3d`
SHA256	`76eec854212d8e70750972c0ba03575977f855227e329179c6c3bed9d8619c2b`
SHA3	`98f893be9b6db3afe197834ffe491bc864cd88d68772642a5421901ba6458452`

2 (#2)

Type	`RT_ICON`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`5.32307`
MD5	`14db2afc3223059df1338844c6ad69c5`
SHA1	`dfccc290eb7119c0aafca6a775209fba61bcc30f`
SHA256	`f4179dd3749dd2c49a21e485550e68b9860e385728fb3538c7d11a680e6225ed`
SHA3	`f9306c599aebc31891d1977108318b50d597c40aa19cac74894608234c3bb44f`

4083

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`6.28679`
MD5	`22e7aade5f721a065b06238de6e94d8e`
SHA1	`c6852ca00a894584737403c48b1319d6a902b1cb`
SHA256	`79daabe87b990c5052460cf7254ac73a06fe83e1c7af2f97082f9408c167977a`
SHA3	`c47b703f97a038f4fdf11ac5744c8447a86406e8b290ece731322d132d62632e`

4084

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe4`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.03834`
MD5	`08548cced4bd853fa5d535bd82ed0d78`
SHA1	`0b57a12de9e1fa625f922f8e05f84ae7b11cfecc`
SHA256	`6962d0c8149060c387c9fb899eca0d0a603625b448c410ffc52697ab90d0dd6d`
SHA3	`61c9a2b861c849179728d35cf3495b6c9ff439ad9ce4767a4edd6100ee263a26`

4085

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xbc`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`6.95061`
MD5	`82dc495f68f3f6316e75fdd7a604639f`
SHA1	`32bfb8e0651ecf523e27ef6fac50167fb544a2ac`
SHA256	`4349837c155909cba87fbb7558a88ea53e40ae57292f5d1065246b60a1eb8ac1`
SHA3	`48064979cf229514c3e3933a644f1a2cf1a45da082087118f09e8c7825534d94`

4086

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2dc`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.74086`
MD5	`1038d460383c8c4d79a90ce8288285ad`
SHA1	`55c7ee7940655cc489a62f33b96fe1a29df0aa1a`
SHA256	`c2e0d3c0501e6f26cab4f81eea8ec83e1ebc29c9e4a6b00f9c1a4b83e095acff`
SHA3	`63fb374cb060901bbf7f1def09109a39a85ee642c260cb44f4933a18c22f328e`

4087

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3b4`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.77657`
MD5	`4593d21fe1c41507db75fcedc29dbe28`
SHA1	`9af90aa394fdfddb147f27e3f6fe3bd378097082`
SHA256	`e980de27cfd53fc960829845622c24652f7b9ddb98b232886d3edfd9fab02b2b`
SHA3	`cd6ac76286cf3fdac204faaf0202aa91239781fc7392ace43ece301fe86ce121`

4088

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2a8`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.65896`
MD5	`1eaa7293612c6294cb0b18e85aa33481`
SHA1	`f7985b26e621e705d734b164d89af0fd1e1deb6f`
SHA256	`476fa06ef6e4be69db97036e618656a5a3617ca01abf5f2418646df4181dd9c6`
SHA3	`58d309a51f274a81619339f6d393b9d56dac681db802cc08b6e5bce4c5bf9435`

4089

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3d8`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.82751`
MD5	`6b38b1a7c180d8501900d328b31289d4`
SHA1	`61331049e6c05603e6b40e554045ccc8d166c685`
SHA256	`98de492ef4b31d198c1c52dd64f55906f93b40b6e3d5b9e23431a7a13e8a24b2`
SHA3	`c448452f0a5cf448c8b793380a8d48d76ba2b526d65cc7a80e8f9e86d27e65ae`

4090

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1f8`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.56371`
MD5	`cb3f2b54c53a0ec279c3bb62867a0438`
SHA1	`d464d9335a6e3f9e0ea25b72c41badd20a932dc0`
SHA256	`2dbbb637b06a64d4063886d71cfbbc3e60396ce98b79af08fd94f4570496ad94`
SHA3	`9f95459c4faff8cdfbed4c1dfffb2e35c3b627a036d2f9fcf8e427e496d52ed6`

4091

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xec`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.12712`
MD5	`79c918f3d497ea097b370e89fff77a43`
SHA1	`ea9b3a3053a5707cc9ef26a0f0909823e10f8903`
SHA256	`cd06ba85913e1ea232ab133bf2ecf11364299f053dca8e128e510cc4f76f681e`
SHA3	`9423f6acc66955d5355bd7cac6cf48ea1e4c3aafc400d71e28ed5d74efe57c18`

4092

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14c`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.42541`
MD5	`375f981998e40f35f25c884905b452a0`
SHA1	`3970c7768b762b4a5d4094fc47e4de06badc0d94`
SHA256	`2c64858889d0187dac8bcbe33c189a1850e6832d6d0da776cb6f7c60723c3965`
SHA3	`496c498d715395bb5a6ee430a5afa59458befa2f376b592eb65de6c67c8d5079`

4093

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x30c`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.74407`
MD5	`19cbfb5dec40c89a89229ab798012225`
SHA1	`0a5af8abfde9d9ecb77e4a810e8efcfd2e0c5fb6`
SHA256	`8b4b07bacbbc3271a21e56fd0e964fba69602c33032f98799bb0224e1b0d0ade`
SHA3	`c842a2fb97ff2c40a11f9842a9bed9957cf8c2106794cd5d24303b98fb556a44`

4094

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3f8`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.80751`
MD5	`d5e4bca8abdf488c686eb11ae49f66c9`
SHA1	`77cd1dd5489ff6c1e294e1506717d2e252624a75`
SHA256	`952f3fbc2a532748bd789601aee5e6142dc4a4f16ad51b3c3d880ce824cc4395`
SHA3	`22a96ee8c510bb72c75f6af7f785438991556e742721ee0b694a778c612befd3`

4095

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x36c`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.75417`
MD5	`c4f11bc8709eaa09eb96761b1812a205`
SHA1	`0c3de1624bb00449ca1bb43881168cda4e5c12e8`
SHA256	`c0141b2c81f0cbaa0ddd7e351f12d8e63f0c5d38d166a5d2e97df45284ba98e8`
SHA3	`4df3ae54510ce75dd3958124871dc73aa265959694c0d8023edaceed96d96ee9`

4096

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3c8`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.77552`
MD5	`41d01ed21cd94218a3228194a4fe3cd2`
SHA1	`9e85caa5aaa5bd36047fec6837c2033c5f8d57c1`
SHA256	`20ad64a01538e6e447bc01d06e8393ad8b4bb0093a0530391ef2abd875d2f05d`
SHA3	`b65217c355afdc1950b030d7d4d46afca91c31e606743454fc91d5b30bb5359a`

DVCLAL

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`4`
MD5	`4e68db8dfffb9f3d7b66909066556d46`
SHA1	`ce559925b73fa0451436eedcafeb9b1962568a10`
SHA256	`31cf0b47f2b044f448b067a4554ed3585f3662c2926a8cd26b671a48602fff23`
SHA3	`ba4ead56cefae84ffe0d43325712f4b60844a0656c8ed095b7b891d74a54ab2f`

TABOUTFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4d1ae`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`7.86906`
MD5	`4c7d11d2c968720e293397e461b1001b`
SHA1	`43b7fe22e196a81180e78ca1dd10efd7ea3c60a2`
SHA256	`55c62d0928b9ad757fee80d6f8565403fcd763c96fd689806c7006aeb6b5b70d`
SHA3	`47058c94f7b7ec4f4ccf77752e5e6625f6e51ee3516f9206946a614d4575b986`

TCMPFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x42735`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TFINDFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x32045`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TGOTOFRM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x690`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TINFOFRAME

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1c8e`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TMAINFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe4a3`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TPREFERENCESFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe03`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TPRINTFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe4c`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TREGFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2af`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TSAVEDIFFFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10bc2`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TSETSHIFTFORM

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x32c`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32761

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32762

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32763

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32764

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32765

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32766

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32767

Type	`RT_GROUP_CURSOR`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

MAINICON

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`2.32824`
Detected Filetype	Icon file
MD5	`62d6b1d51e9721a781148fb63c1970c6`
SHA1	`0491f06e0b5fe9241d44138303ece1776840fd6d`
SHA256	`1d47c7bd2cc20089bc0387c8e7ac0a1680e9b4dc81dbde998c3c5c8e6c7d69aa`
SHA3	`9f1474d08ea9f8bc44f2b127a2a96dbaaed16872128ddd81afe07b2b3756d3bd`

1 (#3)

Type	`RT_VERSION`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x2d8`
TimeDateStamp	2008-Jan-23 14:25:44
Entropy	`3.24982`
MD5	`fc3e9ed7a9e85d7c65f9d0b4e6320b12`
SHA1	`7d04bde76cbf4fa299512333ec1326091926d393`
SHA256	`21d5ab0a979e51e47fa8eb28c73a2951606dd248399015ec0e700133ab468bad`
SHA3	`f8b4946d76c806f1f1961a8776e3d661e39cbc5960f69dd4fed389a32874c804`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.34.0.0
ProductVersion	2.34.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Fairdell Software
FileDescription	HexCmp
FileVersion (#2)	2.34.0.0
InternalName
LegalCopyright	Fedor Mishin
LegalTrademarks
OriginalFilename	HexCmp
ProductName	HexCmp
ProductVersion (#2)	2.34.0.0
Comments

Resource LangID	Russian - Russia

TLS Callbacks

StartAddressOfRawData	`0x4db000`
EndAddressOfRawData	`0x4db0b4`
AddressOfIndex	`0x4d6934`
AddressOfCallbacks	`0x4dc010`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`(EMPTY)`

Load Configuration

RICH Header

Errors

[*] Warning: Section  has a size of 0!
[*] Warning: Section .adata has a size of 0!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Resource TCMPFORM is empty!
[*] Warning: Resource TFINDFORM is empty!
[*] Warning: Resource TGOTOFRM is empty!
[*] Warning: Resource TINFOFRAME is empty!
[*] Warning: Resource TMAINFORM is empty!
[*] Warning: Resource TPREFERENCESFORM is empty!
[*] Warning: Resource TPRINTFORM is empty!
[*] Warning: Resource TREGFORM is empty!
[*] Warning: Resource TSAVEDIFFFORM is empty!
[*] Warning: Resource TSETSHIFTFORM is empty!
[*] Warning: Resource 32761 is empty!
[*] Warning: Resource 32762 is empty!
[*] Warning: Resource 32763 is empty!
[*] Warning: Resource 32764 is empty!
[*] Warning: Resource 32765 is empty!
[*] Warning: Resource 32766 is empty!
[*] Warning: Resource 32767 is empty!