Manalyze report for 93b0e83334836a4a811fef354d31fdb5

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2018-May-11 05:35:45

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA LoadLibraryExW`
Info	The PE's resources present abnormal characteristics.	`Resource 156 is possibly compressed or encrypted.`
Malicious	VirusTotal score: 55/69 (Scanned on 2018-10-02 18:11:24)	`Bkav: W32.BochachaAG.Trojan` `MicroWorld-eScan: Trojan.GenericKD.30770255` `CAT-QuickHeal: Trojan.Mauvaise.SL1` `ALYac: Trojan.Ransom.Rapid` `Cylance: Unsafe` `Zillya: Trojan.GenericKD.Win32.160890` `K7AntiVirus: Adware ( 004e096c1 )` `BitDefender: Trojan.GenericKD.30770255` `K7GW: Adware ( 004e096c1 )` `Arcabit: Trojan.Generic.D1D5844F` `TrendMicro: Ransom_RAPID.THEBAAH` `F-Prot: W32/S-e898dea3!Eldorado` `Symantec: Trojan.Gen.2` `TrendMicro-HouseCall: Ransom_RAPID.THEBAAH` `Paloalto: generic.ml` `Kaspersky: HEUR:Trojan.Win32.Generic` `NANO-Antivirus: Trojan.Win32.Chapak.fcazgp` `ViRobot: Trojan.Win32.GandCrab.322569` `AegisLab: Packer.Generic!c` `Rising: Trojan.Kryptik!1.B22E (CLOUD)` `Endgame: malicious (high confidence)` `Emsisoft: Trojan.GenericKD.30770255 (B)` `Comodo: UnclassifiedMalware` `F-Secure: Trojan.GenericKD.30770255` `DrWeb: Trojan.Encoder.24384` `VIPRE: Trojan.Win32.Generic!BT` `Invincea: heuristic` `McAfee-GW-Edition: BehavesLike.Win32.Generic.dh` `Fortinet: W32/Kryptik.GKJF!tr` `SentinelOne: static engine - malicious` `Cyren: W32/S-e898dea3!Eldorado` `Jiangmin: Trojan.GandCrypt.ci` `Webroot: W32.Adware.Gen` `Avira: HEUR/AGEN.1035231` `MAX: malware (ai score=100)` `Microsoft: Ransom:Win32/Genasom` `SUPERAntiSpyware: Trojan.Agent/Gen-Kryptik` `AhnLab-V3: Win-Trojan/Gandcrab01.Exp` `ZoneAlarm: HEUR:Trojan.Win32.Generic` `Sophos: Mal/GandCrab-B` `ESET-NOD32: a variant of Win32/Kryptik.GGQN` `McAfee: RDN/Generic.hbg` `AVware: Trojan.Win32.Generic!BT` `VBA32: TrojanRansom.GandCrypt` `Malwarebytes: Trojan.MalPack` `Panda: Trj/CI.A` `Tencent: Win32.Trojan.Chapak.Htvk` `Yandex: Trojan.Chapak!` `Ikarus: Trojan.Win32.Crypt` `GData: Win32.Trojan-Ransom.GandCrab.N` `Ad-Aware: Trojan.GenericKD.30770255` `AVG: Win32:Malware-gen` `Avast: Win32:Malware-gen` `CrowdStrike: malicious_confidence_60% (D)` `Qihoo-360: Win32/Trojan.c76`

Hashes

MD5	`93b0e83334836a4a811fef354d31fdb5`
SHA1	`378abc4903ec3af29dab0731ad0068eb15de39d6`
SHA256	`1db83903514d064201d54bf2fbb2dab9a373c3c399be45be1ecaf4559c6ed16b`
SHA3	`9f9cb16e3f025f43994fdc46ec51ad2862bd1b5a0690b6276c7c91bb203b6fe3`
SSDeep	`3072:lobRyeKZVIQWkyPIgoYxpqm5d+84UTfD2dYRdO190rqM:l2RyeKZrWkWIZwqutKdYRdlqM`
Imports Hash	`24e9edc23da490ca9ae7bd336fffd16d`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xe0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2018-May-11 05:35:45
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`12.0`
SizeOfCode	`0x17600`
SizeOfInitializedData	`0xa587400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00005DF2 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x19000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0xa5a3000`
SizeOfHeaders	`0x400`
Checksum	`0x3e03e`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`60b6a3a77ea6ab71ac1124b22c6f4df2`
SHA1	`af7954e059cd8aad5baa9142f670d0821afe5d47`
SHA256	`ee245cd940996371ce1e063f68ab8b9915ad0ed9c0beff85d51b6db230d950c5`
SHA3	`8c3a4f6a7f95af86dec326938ad6d620b8a9c76042f91f948dd38e12e7f33831`
VirtualSize	`0x175a9`
VirtualAddress	`0x1000`
SizeOfRawData	`0x17600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.68394`

.rdata

MD5	`716f6100aa5e5b856de49ad8b3a84a47`
SHA1	`9d5918e40def021049086c333ce7ef21c0c51e91`
SHA256	`401023b3625b710908357ab945084cd9d3d819be9a607ecb1cb744a25498fb24`
SHA3	`3abbaa1476bda602c3d1a37cc58d773dc9d488e146b4994912977594a994424b`
VirtualSize	`0x8456`
VirtualAddress	`0x19000`
SizeOfRawData	`0x8600`
PointerToRawData	`0x17a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.68035`

.data

MD5	`e8aa31ee225ec83a92029b526fd122da`
SHA1	`788026bc3b6e3e862f7e70d53e04bd47dc61d3b1`
SHA256	`fc5d981cdd186820d1206529dc2f024a8f97d09ad23221ee296290fb3c83e241`
SHA3	`04c23876b30461c4ed05da72ce836b95f1160a3110de2c0b2fc7dd104755730e`
VirtualSize	`0xa56a088`
VirtualAddress	`0x22000`
SizeOfRawData	`0x2000`
PointerToRawData	`0x20000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.43049`

.rsrc

MD5	`e7a83ede1e6205a2a758f85a65f19bd5`
SHA1	`09134969148d76011d18a5033a4a10f9007e7187`
SHA256	`dc443dd54faea65f1c0d8253b926eda41b5bd6b59b578bf392de213da30f47af`
SHA3	`1c3c2457ef2bcddc488ec13b610124391d3c10568a26d1753f1e276f1c3c3c06`
VirtualSize	`0x13e40`
VirtualAddress	`0xa58d000`
SizeOfRawData	`0x14000`
PointerToRawData	`0x22000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.60805`

.reloc

MD5	`fb6403b819b9a06fdd272212ec9dd68b`
SHA1	`1f074b7e783f3f5504eff706b81646259ca7ec28`
SHA256	`42f723276a1b51b03d294cf1d5f4c54640fde56193650599b135672a1f8b7431`
SHA3	`fdf001ea21afe2bc1bc5d6772915af5f91f9448236dacdfb72fe2ed2d08f13a2`
VirtualSize	`0x18f0`
VirtualAddress	`0xa5a1000`
SizeOfRawData	`0x1a00`
PointerToRawData	`0x36000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.39967`

Imports

KERNEL32.dll	`GetTapePosition` `lstrlenW` `GetProcAddress` `LoadLibraryA` `FindFirstVolumeMountPointA` `GetThreadPriority` `AddConsoleAliasA` `GlobalAlloc` `CreateFileW` `FlushFileBuffers` `WriteConsoleW` `SetStdHandle` `OutputDebugStringW` `LoadLibraryExW` `SetFilePointerEx` `GetConsoleMode` `lstrlenA` `WaitForSingleObject` `CloseHandle` `PulseEvent` `WideCharToMultiByte` `EncodePointer` `DecodePointer` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `MultiByteToWideChar` `GetStringTypeW` `GetLastError` `HeapFree` `GetCommandLineA` `GetCPInfo` `RaiseException` `RtlUnwind` `HeapAlloc` `IsProcessorFeaturePresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `SetLastError` `InitializeCriticalSectionAndSpinCount` `Sleep` `GetCurrentProcess` `TerminateProcess` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `GetStartupInfoW` `GetModuleHandleW` `LCMapStringW` `GetLocaleInfoW` `IsValidLocale` `GetUserDefaultLCID` `EnumSystemLocalesW` `IsDebuggerPresent` `GetProcessHeap` `GetCurrentThreadId` `ExitProcess` `GetModuleHandleExW` `HeapSize` `GetStdHandle` `GetFileType` `GetModuleFileNameA` `WriteFile` `GetModuleFileNameW` `QueryPerformanceCounter` `GetCurrentProcessId` `GetSystemTimeAsFileTime` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `IsValidCodePage` `GetACP` `GetOEMCP` `HeapReAlloc` `GetConsoleCP`
USER32.dll	`DrawCaption` `IsChild` `DeleteMenu` `GetWindowTextLengthA` `MapVirtualKeyA` `LoadCursorFromFileW` `PostMessageA` `GetMenuInfo` `GetWindow`
GDI32.dll	`SetMapMode`
ADVAPI32.dll	`ReportEventA`

Delayed Imports

156

Type	`LSUJNXFOW`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x364e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98617`
MD5	`33edb1eef12a07d5b8de88ade4e4746d`
SHA1	`783b1658d8af400a4d4f67dcc40a73095fcd897d`
SHA256	`5569b7c63115378d67a6ef79e1266ebd4cb78c951065a9afc90b40064f87c77f`
SHA3	`9395e1e3e69e8823f1c057c8b764fae7d85ca95d8f612953853a4570b2ff9f7f`

119

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x6e44`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.8971`
MD5	`ceee7f1a2e528e2678c8031ec3d6c738`
SHA1	`acb22a8a496a73e4367fd07b0bc09195d6de942d`
SHA256	`cfdc50b4d10eeabc8e298dbcbb762cc499ac2c05005acea823503195fa71e8c4`
SHA3	`fb83b425e42e015cdbca87314487700eda5e8cf43cff56d8bc2c2229145b4765`
Preview

181

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x6160`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29726`
MD5	`7a09ba7169c1d83cc5f38a93774bb600`
SHA1	`befb292ac5a645353e33bd08b178775d44bc3913`
SHA256	`072d272e4d303eea38998c8d13b3e2924d69cf338c8fba0b6496b6ad8d67d568`
SHA3	`7e4aba42a66004e4129a04eb988cc413d40ea54f5bda83c73ca88dd23f10938c`
Preview

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.95571`
MD5	`7144a8a33f02fa091fcb827c58b52820`
SHA1	`a32fccfb54f81a924c7bc913318ab70d61b2a53d`
SHA256	`3bf30546cfdb25aa4323e7e4ba783d5da6b4c6d6acafce3bfc55e78c065f80cb`
SHA3	`1c18a6fe3758370bde3c68019df864d5e418d3cd816481ced02ffbe8773993f7`

7

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86012`
MD5	`a3dddf7d6e601f44e264f8a54d5738b1`
SHA1	`c6e08a31d969f1fab4bc075b65bc3b5748ba3afd`
SHA256	`71dc6f7a27b6da44dd5499c7c9eae80c82362299763ec777fee445f22b5664dd`
SHA3	`017e4609ddebf7d34e29299c7ccbda1ece0584c643e133c71341b72398b2e421`

8

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.89116`
MD5	`ded33010b4a72405e2d4e6681cea81b5`
SHA1	`72b475300f9298577557bec4a98921c18bce6c43`
SHA256	`91a472a6235e9395c16a8398af7b5dd4ad2e27e73a9f753a0836dee8a51f81e4`
SHA3	`dd2abb3e8f8b35496f012efc9d8da0d59b3d4ea02013bc3171af2fa57f92d6fe`

9

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.033`
MD5	`79e43a46a3f79015218c4ebd18c5dac9`
SHA1	`55c01dd398e3f67ecd364206d26ec853143d268e`
SHA256	`ee95180a459d0a361847870f11981c49fddeac26a08038b3f7c68b0eaebf69c2`
SHA3	`2cd497755e87e60701e5c425f7e66a1d4d39d4967559c1382124d6cf6e531e3e`

10

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x120`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98555`
MD5	`88ff07d3b4661fecc53d42a0d076be74`
SHA1	`474857baa39683f40100ac36b0c1da9e01dcfe45`
SHA256	`e08d6743b69dab9c709788e8343fdb6c1974a46fd13e0a6b24c6674f31157e49`
SHA3	`f6b9e6ea964539be2b632152b145e6fd9ea8319400da467a9a466aacfad7c588`

11

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x15c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99983`
MD5	`56c2eda29faf4af32e9e47194bcde6de`
SHA1	`ba3580599bc0b4563eac87c1e760ac03f222757a`
SHA256	`388d87d71b9d6831c0223c068a31972c8a19e18d14f0df18f13de1556694474a`
SHA3	`606f4b9dfe75fa729c993ea6be2e224f271084ef07894d3f55651913324c2fa2`

13

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xb2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.77989`
MD5	`6deefd6a1d5158fcb30f52ddf9d59694`
SHA1	`ef64e08d748eacd65424f73c7a994ee3d591c206`
SHA256	`6b9dae7ab9e12c1f88700b044fa6f3d7b0b0df0b405486e496cb1b3e0b52b4ba`
SHA3	`f9bf63aab34a05591beaa913b936f368d9c385451f7aa626ca5178c0d9b82d0b`

14

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92136`
MD5	`9dcf0ea119f255fb6eee374a91765180`
SHA1	`410c363ffc067fd5b01bb797c01f7391d2412f5b`
SHA256	`f5086cf0f274e5533f51e07d09022e51bb85aa4f856ccce3b78995ff445ffa4f`
SHA3	`7aefc5ee6769494152342877d756ed9f1cf8a1c8cae23df36c633027a46bc34a`

15

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x11a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97799`
MD5	`52d4968d5109dbf4e411c1bab9355cc0`
SHA1	`edad34e454e5bcac19a55a813109f4496deedc39`
SHA256	`7e4124f44ddf41124a162df3e51b0ee4876a4bf3aaa8f1f0d7915e884bd98f4d`
SHA3	`a5db3cb52c43d41ba2604405a5b20df9091e94e11992b1d8409135890b190921`

16

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x15c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00641`
MD5	`2f5cbc9f698141eb8e9ae463ab24acda`
SHA1	`e4c0a6b2034961cf646976b9614c2b2c001a4d2b`
SHA256	`27d3cf9a1a5b21d23bded2aa59b7b41ae7367c0629883297dc2a8e3d779b2630`
SHA3	`6d0730c3d0a9de9b81aba5b4abfa4696dd8036fd1a1d7b0cc1f35b8e99bb7a46`

17

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xbc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.88439`
MD5	`3aef3dca66d02b7357e43bf78d9c977a`
SHA1	`33d5938e413adf7601cdbb8bc17a12c4d84997d6`
SHA256	`c8ff38c041e8690e557d481e5a4613a1bf941fd5f696fc907302975060fb7ec4`
SHA3	`2b7d76c34e04e03a099d5f1e66fb065eb982ec55a572b7ebd3a1715b143c4236`

18

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x142`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03866`
MD5	`f746a7525db85a1925e4df4811bcdc0b`
SHA1	`474c18da5ebad888bf7b8d6d8ed63efd7ec92b8f`
SHA256	`c25888f3794a11f4aaf08d75339f35b49d8f6ad0d8b687c9503471169334a65f`
SHA3	`69ca90e72a6854be4334651358d440df01b8fb6dff48e5b8c5cbe8874ad15032`

19

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x38`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.56933`
MD5	`8ec38d1a2680469925f7cb4e368bc604`
SHA1	`0a4fe36f7291535f0d2a933b27a4941389a817d1`
SHA256	`b84415c971884bc28b73e700a984915c4bf31cce8247d2ab8ba79e1673b3c107`
SHA3	`51501f68c24712e3013948872ba5546a4305bc7c670b4f8c5ec6a9dad945fcf9`

20

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.93707`
MD5	`7e7feda2cc5f43388e8ad60c3f1e477e`
SHA1	`9c69283ef6ff4fea47e6ca5ac3f4cd430edf9581`
SHA256	`15e00259096a7675a381db4da03fdf012d605b87ae72de7ae60678750b48044a`
SHA3	`77a9a8ca5f4bac4c6c5500a54e0e7cb10b4d5b32a35b39948e5f652dd7aa14e3`

21

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.60875`
MD5	`3468a146f1618a3500f2b238c5af7740`
SHA1	`c468242c3cf25414b942324327c48319ded8e0a3`
SHA256	`1f3bda7a5b3d17191eff73ec33efa693680b28f9541ef1a0b27b27a68e030851`
SHA3	`f246348b7fe4ca766cd7df9a0f75acb343703769229b3f361338c84ecd35261c`

22

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x82`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.53465`
MD5	`f141b11451bb73e7d7183d3c1546531d`
SHA1	`43b276bc74b7d48c42f492bb00e33444f2906fc6`
SHA256	`58987d101ab249130c520ce33ffe81a3e2a131e967f2f8b778fc16f4f3d3468a`
SHA3	`7baac8878bf39b8fa27ec3e05b9f332a10ed225d30f8484f59fcb22213512c90`

23

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x46`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91574`
MD5	`abba2fcfa0a9c58a0445048db8534b7a`
SHA1	`c823ae3147afd61528820baa0b97c5846e78526e`
SHA256	`812bb23580e07eaa8f68f2749b26179a15900b3aa4bc85187cba51a4a640a857`
SHA3	`6a293e2c539e69dab022b8dc4cc9109facce964c518403d2490ee4298b85f2da`

24

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91834`
MD5	`7e2788a904b865d7d74c824f846155a6`
SHA1	`7a1081cf94b81cd482c1f5c69fcd28a7432c83d2`
SHA256	`3d44056370e97401ff25ec0c4c68a402e3f969dfe08ef2f0bcef327a643df003`
SHA3	`c889b687da1c64d78af6ac97c3df0ebe4229c0c0264b7356d4dda13bb63e276c`

25

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x11c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9434`
MD5	`f8bc9dc79f830e36f8ff0cebbc59edc1`
SHA1	`485f7fa4a2469647e02f675aead3f6859e82d687`
SHA256	`2c4d60e2bb584585262afc85f4c27eca2d7c0248d732758d618934e133336714`
SHA3	`2ddc4db8e9fe64a39f6d9d2d8b8d94a939f1258f3fec7d98a50f253115532bbd`

26

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.91044`
MD5	`1125ac7d9dee68f76704dc5e9455f0e0`
SHA1	`16a78d400a734677f72ca5de448618559416491c`
SHA256	`88e75d0c7162ce1a8eddbb2804fad88dc4738d1bc6e472ab66e440c9e728bf26`
SHA3	`37b9a7e3648a82df282dddcf6da6209f2b66cdda9437387e475bd900246568e0`

27

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.75591`
MD5	`b0a9081faca4069c2ca7e9c97c0ba25d`
SHA1	`b5ec619e8ae56401243b6408753bd9d6d95183f3`
SHA256	`f5a2762f63da13da25be0d5f22fd7df3c80902b934e22b92fda441485d108615`
SHA3	`b0af728cb6fae7923d4b3b45c5115894a219ca79747e7fa950abff46b3e99328`

28

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.84585`
MD5	`61c23b09e1f8f89cb10b5f91fa0e1747`
SHA1	`a0e518d3fa9ae51ace498166319004a50e43903c`
SHA256	`de19a19da13ae3f834b204b173986a719d9201180cdbd6522002f18680c78c18`
SHA3	`a3a25564cf4b119a081acdfb2ba477b8b58855fec1e5f4eedd4df357dadd23b2`

31

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82311`
MD5	`ce471d29028af0d1f909365bdd4ee0db`
SHA1	`b5e0da78b7b94d3d4be513db99128a186034c390`
SHA256	`be5e90dfc549c099416d14039da849de3dbd84f6d2ecff83e6405e5824397303`
SHA3	`bc9e9a2b76d7b7c088671c0ba966c0f96c0ca0a92ff48dc1657895e1bd12209c`

33

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xa8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.788`
MD5	`d60a6b7aae686d6178fff022d799504a`
SHA1	`87e55873ad274fa62e40e1d7212a2628d437c59a`
SHA256	`218a3f68f6e009fbebb4476d6c87bd7e0e1e314dd404272803bf42b91ece1c85`
SHA3	`3216a96be7a6eaddf251f9fc7bf3059651d7ddea4542f13489c967d6fd523863`

34

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xb4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.65402`
MD5	`b877499c7bd0dfc39677fe42c5a66d65`
SHA1	`913a070b4cb7ff272b97e050272438ea5e771158`
SHA256	`ed629d3222c4f0643623aff3dcb720a061399ac22524ca3f1e87839b9d58b5e8`
SHA3	`9f10d6aad08a38bb28700daac16fbc92bb337ad51856487b33a3c7dfab239e9d`

35

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.84002`
MD5	`34d3629534416ea8fd2ed9a10bc21bab`
SHA1	`0d3b854ebd808611cacab5518466f64d1f748af4`
SHA256	`3212a66cdf3747ce15d61ed93867419f4efa6c26654d1c0b318cd6416386d4ff`
SHA3	`bd8da277430236ca9153557a8737e7f73294e41844aebf91e94d7f0d18951e3f`

36

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1fa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.13783`
MD5	`41b7ea4b5651b2b638afb9a3ac52950f`
SHA1	`06a54607b52b7a8ca6e5e62175efc28d97ab8704`
SHA256	`c9e77eab34d4076acc21b12e071456f3db86efcb19bd49ee364a68cd9737e401`
SHA3	`a894c333f47a4b96b9269b599852ddad0cb92606d44a719455bb17eb10da2a19`

39

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xec`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.90442`
MD5	`e6fe6214915a52c9e991606f88052afb`
SHA1	`4e9e9d257c39d7e6b985e19aa8784e7c696fc776`
SHA256	`e135f6865b612c59d03a38767e0ea50f368207b311a72e30e64a81e46a7a0904`
SHA3	`3b250ce01f6e065223ce8f656550be0743f0ad20f6897cc7ae20e75ee20c6485`

40

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x66`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.26457`
MD5	`ca860f67f2264b5708299d663815ddf0`
SHA1	`12187c560e4089b6545aed1837ef9c35a222dfcf`
SHA256	`400d1c7a044d92696489df80b2c38692d86d2a06d6899371fa5083cbe7786958`
SHA3	`de55e5e41a1f1fc597ae3a34b48fbce8dd0c96f77482ebf3ea89d370ae686672`

41

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02609`
MD5	`56b429dbb726fb1432532a29ec520014`
SHA1	`bc66cd7d240022eb6c622007b2cf1326f3f33bda`
SHA256	`452f8e747bc7064c01758d173f2a49d162b0f41a7234121021310c110bd9fc35`
SHA3	`34c61443cbd79a4241fee8afdc8ab763a3c5a44a480ff2d223f9dffbf624975f`

42

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xee`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.84413`
MD5	`48d9ec517ebaae9a4af18c31d7a92876`
SHA1	`436ea029b7a8412a3a840e53aa2dd77086b6ad2e`
SHA256	`7fcc651d984033e905e51ac2e272e3676c27d0996bfb1161d6a9948497d015a7`
SHA3	`963127e3d629e54d46281b8357f8278917c43da41f12a2c558280e66c2ab37b9`

43

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x126`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.01034`
MD5	`cb25feb6c80e5e286529971c18d183fd`
SHA1	`61dcdb010058eb6db6aaaffdafea0eee2a99e785`
SHA256	`6683ecca1b32f08799e015c3def83793956953e0afa66e50a5abc8805c76e762`
SHA3	`2021fd56f74a2fc80be89ec418649050e3e1c35a8a06dbddfc10847e7805561c`

45

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x9c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.63449`
MD5	`020e02085cf60845cf20f387db5e058f`
SHA1	`fbb8487a4e4c8c96684c74e07308d589de99b873`
SHA256	`97975c7b2bad1bd79a61df190295382f02abf2111e0683da90750a01f3f85663`
SHA3	`be9f3b259e7134d2147d5f26c4ec9d26935e17e71272b9a725b5e796cf21b2fe`

46

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x70`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.34877`
MD5	`ff51e9beafa94f3d89af34c329f67835`
SHA1	`4b3b90f0e2db93da2a9bab2c70a6b1ef30775793`
SHA256	`83742463d905e6ab5dcf836bb25c47d7597d000e8607bb20f13b17ce583d9238`
SHA3	`27215011c8b8497e6d3811be57f2626973c69945e027d80702eec4ee797d9bc7`

47

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x110`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.95658`
MD5	`844fbaad41f94d11579eface6ca0c504`
SHA1	`7df66163ba00250ef61f663badecdae26960786c`
SHA256	`e6ed6d44d277d3022c0356c55224114fea3ec175308023b1a1f8156868521b31`
SHA3	`ada6a0aa196be0d67453fb2d453067137a43acb0d9737e6ddc9dc8fcecc6dc00`

48

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x104`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.90382`
MD5	`6e19f53c2a181e404d239f593542626d`
SHA1	`838c5a9b965ca3d0df934a6000d0d50b5cb2687e`
SHA256	`493ba4a342280eadaa43e74dacace51ec67d89fe4f70a8b6b0152740f6ca955a`
SHA3	`fd6a87a5de6de736bf6054b2e7417b26908a0aa655f237ef2260d40f89cd7cd1`

50

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2a0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.12492`
MD5	`76290ddbdcd42d8688d3184aca97b4c9`
SHA1	`3e37f04e59d8a6502d129a427ee272b341868229`
SHA256	`278d92ac378df22b1d103cc5a79793adb46f9a5f0f686397402c95d1f275b7d0`
SHA3	`0cbd017f8609a04b867fa308b74df88ca772e57ec0b707f1689a1227f585570a`

51

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9014`
MD5	`a527350e36549637bd2db9bcade6960d`
SHA1	`1b69942a640b33e4d31962e0df09576064283fb9`
SHA256	`0bbd2be1be975853c39acc258cffe79fd217f2697b926f8d214fbe241b9ec67f`
SHA3	`e394e7419c5ed6f9e294ecc98f39b3047e7dae438082fe70f5ede07c81657d2b`

52

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x86`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.5283`
MD5	`d0e472aad0974c8cd7ced0acc6d60d46`
SHA1	`35fd9cf86b55e6a5ab708f812ddf8d78fcc79dd9`
SHA256	`f981b88c3848b77233974b1e28cf7be62bc4324d80750e3a3d14d38c00dbf704`
SHA3	`97b2db6140a284717115ba9bb93a9416c54b8205f225127f485eec747938a6a0`

54

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x142`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02498`
MD5	`0f832a4881e49b2dce5a5ffa0dccf41b`
SHA1	`d1a1d2564c794d799f2e8e6f90beed91f5e3cb3f`
SHA256	`5902092b28a9bb569c44a3e1e44cc82b17667e4432199210e30aea652a1ee6b7`
SHA3	`0c924055779b7688024bc0d375b33708492e20f83cde6660b3941cb4b84059eb`

55

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x170`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04581`
MD5	`01ad27f00c9a2f5e00ba26bba0b24b5b`
SHA1	`4d7b74b528c992bedb696a3470fe958dc4c9210c`
SHA256	`fa69c3e8b4ab80b04c95b6b089869170517fde9fac2c8c73a3b013267900a5f4`
SHA3	`81c04d3835b078c8e1510941cf86d0b27eb6794525acdef8f606041e487a29c5`

56

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x11a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04172`
MD5	`354a64fa652cf997850ed25a44bb06c6`
SHA1	`a437fb7a7dee1bf817c72366e13d0e086dda9e75`
SHA256	`2f7b52501932ef36d5bc7111439063351fe33688015c86896791f6849e55fac9`
SHA3	`87c0be26837c0b1c5b66641947a5ae57015a8134c76c2d0a36fafed293da1c8a`

57

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.91329`
MD5	`bcad640d81d353a78c1a83c95a24eb7c`
SHA1	`f6d0eb849df6f8e24b986854370cd5b7451f770a`
SHA256	`59a807661d4bded2e8b4fc5c06169f8888f90a59552481d381f81d9cff1dfc07`
SHA3	`cb2a0a7fbd1a95d56003dc450417a4dc47f49733058d12e8c8ba332c4103d335`

58

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.90849`
MD5	`e84d10c985a8e0d30d5be31797d74df4`
SHA1	`4909f99b610dd2daf09cb9b2deda99a2df9c7784`
SHA256	`a1074d644dde877bd81b2fd3beb2599307b894f04aec67116cca0f5eacecdb3f`
SHA3	`d310100727574c671e5b198f20f93839bc23163543144384043e41dfb779ebee`

61

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x15a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98539`
MD5	`2380e888285604f88e7ee13a5c9310f3`
SHA1	`ff7d335b7e328949f3a5278b93a72674a1b53c55`
SHA256	`dd5beeb86cb08bee2759400feafac0c6cea91455942b5159cec14cfa704fe331`
SHA3	`f95d25556e0482297ff322c33eaf0d25fbeb26460d5b41733d00523a1e95335c`

62

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x90`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.63788`
MD5	`d463811ccc88489259c36b830bf4ed5e`
SHA1	`b00c1ac48990e9310d3e4ecb9d3c1949bc73a242`
SHA256	`1ece1e3baf460d37ec653946ede8a3e62eaab13d5247a7fe6f7c7cec565af770`
SHA3	`ba9731e393e6a469a3430a820a20070c25d2e5511ef31a527b14bff5e38cb354`

63

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.12391`
MD5	`35b752c5079203a2632d77f518d31a21`
SHA1	`f46379d57c9b0db9fde279fdc503ff687c20788e`
SHA256	`378c2086fda932237d90cbcede37086bdbe98c6e48f8f224c2f75642088400cb`
SHA3	`0b141cd15a95f41a1255e510c1b32325eb50c0c703542ddde75540df72783187`

128

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`78bb727f88e9a797284b4261136ce56b`
SHA1	`5ed1d3100502c999ae46a84582b2978c9a4b4802`
SHA256	`404e02d011bc669c67ead03b175f7eaab8a01e00c044f6aed26dc0fb1ffef4f5`
SHA3	`f57de7a7e2c8e0c277f68d3240579431255bc793cf2c015ec7daed9f06b55d13`

String Table contents

Gumegeda gupegaleheruwa gobukire de
Voco xuvazege sucidu lasabahohome gevula heloyeho zojikilovaxa ru
Jedamacavi yeyojele fuwahokeno nohuwumipu tedi mabozodese yi lemejevuxotipu
Xabone ramuyokeza
Yoxitijigu desu hanudi
Teramexizosima keluxepuve mira zelerinekabati gisojerojezo tolupa sisulimuri
Rivu
Jufuro dehuhamoveto ketumo difejigefaso zamoluyu
Xuvuwa jeyowu jovutuzudiposu xezoyirudipu fopicivehopowe
Ru kukiyipucaje
Bonaxi wiyo vizicesehizu jiza yonizinuki sihi nitufatotovo hewimipuzigovu jozilu wibadu
Vazefabofavise funotudovoza wesoji metasujinefe geci pa no luyifozobe
Catu
Bageguzovewa naveto gisadaya rojo hefajagomate
Lisozaze lopuguye wotunedobedu hixoti wiroza coyemibatiyupi
Fisenogifakeku honi vasowoma zajitezapuvayi tolohureje vutusibebicixi dusawericeci
Doraju xejilizu yowi jufebo doyilubuli coki
Cakuja kacoza zususezebonu lise tusidafohixeka hotiyiwifuvuda moni xuxahotogu
Lagobaji rasularule ga fefojixe jalugivocifawi zaletexirubodo xuye budamozigohaxa
Degumofi pasi cajocowe
Cucipiwe te wavasa loge juxosidijoharu xayo
Zopizusu moko
Jukeyu pocunucipojafi yayama pinonebaza hinoja goho xogameki xi
Gihepipigudi si
Lowo xuwuyelepena darajuho jojinupucayiru redo
Nucosego gilibobixayo
Gelavomejuca
Fiteyiya pelitayazu kesijavobohi sabi yoho xucojanu
Hikeba zukilajatovi tacofu gorakojatobu
Medapiposijepa
Wucatojosutuya
Gacikuyi letozoyihebe zobuwuciwudoca duferojudewo
Pofo xobanijodirivu
Wutogogi difegoribiwi
Wuze juvinehi siviho hicefogavohazo
Ri fezidawa zugeniyokulu yesepu hezimo sa fodidusepeja cudage muvafalomiseyi cuwatitakoneye
Mejozuzuyuwa kocapa vayifire biguheyihe mesu
Poridukaferaho domafemiro cidareja xulada wimiduvitana
Hi furajodacira ricivu posamizezahoma sowakuzu kaku pikikumujagubo lagijonava jigoyu
Gulucu rukeyuroyupo hevelivudubiyu yina xodeyadosawe wecarixage virehu husezoyi fuwupivizimaja kacanaluhi
Hofe
Xoyefepuwahu jecugetutunivi leralu wafujojoxaruku lurazapunekuce dolapedu bo
Cawijataze pureduneyijo mocugagahu
Tutolorubewo mapebokazumi gesakuki
Tunodolekoxo sizeveke cecudixetixake herese yetasoho rabenusereva takeneva
Pacelu nuyifu nogaceboraco yenusa luwahozepumoju hogorunufigu
Natoduho kejekayilaka
Fafa
Delo cifucavoxilitu vabu jupe xoyixuhapi kosi hemukuxabikugi kijabeso gutuyo zukonipi
Dolipowelileba xupewu rixazona
Yaneyevetuwipu febedopi yocomujiyezejo susutimevu mavi zasehapezofo gijuxo
Cuza locitotebosi nimusebu yubepijepa puhaso
Yukoxuhiru renagepuxakeni hi fezace silotamomoxi hu lone xesodamerure ladupado
Yiwa yaye hacubenegijugu
Xelo zopo vuzevokubo munavepoxarozu
Buzolufafora
Haloxudelihe bomiwaroti jaxosuhevoyeca mi bezivehu duninexa wuvofapexawi xusukazerera cosugo balixiwe
Femaxusunutave cehenu bepuhugu wuje jixa fu
Notalefebuha fucayepe caxubofo serogatidi fevi cezakowukewo fejavehebaji givihazifuya cizogizanu gipaya
Fodujugifoyuni cekinobemitoku wacitixahaluxu
Pinecesaxi kula tebutohutejijo bodugorekoso recusotu
Zaxafixo ba moyevetizababa gewoxodo
Finaradolonumu wiwitowepore jezalefewuxamu xetajovowo taxayula
Gorayocicene hozogolehejo sazobilonoziwo
Tikefevasukena hewehove mari wikujinucewuza zaludavako
Niborukikekimu xurupo vojurotavugoyi yiyugosekadoha jedumiyabedase
Fazenevidizaho kaledeticegoda cegudohako mojewehogidipo kafusucoja xifogujeyi tabemojeyu zebazobupuyobu metelawefi
Xohilu jusucufususabo heni hideyadizerule viyahu dejitafepi jiwagekuwizume
Danepi kotigodi muwusocu diwuze mikevasohi rovacopisagibe pisa toxi
Dolezosiwayu humuni ciduladipibawe sacavawi cewecotu wijaharorajuco zibubajoce
Rarupixoyo wahulepoki kuwu cetuma gikezaca cudicuzo danecololaru malivuzawuju kigisunudoxefe sepexuje
Boxisitofijiva hima daxucohecavu liladoxu napibifu zidagoso sepudaheme
Gigore ri vekeka risaru ginile vusu
Yihuruya deyafi pihajabonorexo keneve kivubaki veke
Tuca wozibiyuhu renosu xipame nuponaga rozukafotovibi bozuvemayuzu te
Libuze vahilipezipaxu rotocomupekofe ridimarijo
Racurema xojose wumaja mepozo
Mirogifunohabu zo novi tekicole senimupe zumotibo
Nodi pececidujuciye xawekozari
Lugezelokaxefa molaliyevexe faki wo be koyetepeze soka xovovahoteri bewivo johikinoniwohe
Gecavapubaxaxi hibofexe
Kazahaviwexe peniwanegi kicudoso
Rabuzo gasojisorizose
Budiwuzahi beliga
Cesapajaye yazedexi sudoyomuhosa
Bata rikiyahavi xurifizaki xuhikatipucaxe
Jirehebe taje daraguluyoda wohu
Cekodi kicisupizipika rebegivine
Howusoceguto sixuxacojo fodagolu hito kihonize zigesoje vilohamocu gorozotahuja miju
Pi josudota kupove temulavifiposo
Yeruxiyehoxi decekajegexo zayagopegi yutusu wofobolikuhu bujojukalolijo ga
Xecufa zukofatepaxudo cagigiyove kesodoxo fezavu yubokejuni kudihube kopukafolozepi
Saxulu civavu hufirazepi bomigi fuzihu
Nasabuga kuku ceha
Bugukuwu

Version Info

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0`
SEHandlerTable	`0`
SEHandlerCount	`0`

RICH Header

XOR Key	`0x16bf054c`
Unmarked objects	`0`
ASM objects (VS2013 build 21005)	`28`
C++ objects (VS2013 build 21005)	`65`
C objects (VS2013 build 21005)	`179`
Imports (VS2008 SP1 build 30729)	`9`
Total imports	`99`
229 (VS2013 UPD5 build 40629)	`1`
Resource objects (VS2013 build 21005)	`1`
Linker (VS2013 UPD5 build 40629)	`1`

93b0e83334836a4a811fef354d31fdb5

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

.reloc

Imports

Delayed Imports

156

119

181

1

7

8

9

10

11

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

31

33

34

35

36

39

40

41

42

43

45

46

47

48

50

51

52

54

55

56

57

58

61

62

63

128

String Table contents

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors