Manalyze report for 95dc5ccef3cba81028da04b28dcbe4da

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2009-Dec-05 22:50:52
Detected languages	English - United States
Comments	ScreenSaverGift.com
CompanyName	ScreenSaverGift.com
FileDescription	Cat And Dog Screensaver
FileVersion	`1.0.0.0`
InternalName	Cat And Dog Screensaver.exe
LegalCopyright	Copyright (c) 2018 ScreenSaverGift.com
LegalTrademarks	Copyright (c) 2018 ScreenSaverGift.com
OriginalFilename	Cat And Dog Screensaver.exe
ProductName	Cat And Dog Screensaver
ProductVersion	`1.0.0.0`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Looks for Qemu presence: qEMU` `Contains domain names: ScreenSaverGift.com http://nsis.sf.net http://nsis.sf.net/NSIS_Error nsis.sf.net`
Suspicious	The PE is an NSIS installer	`Unusual section name found: .ndata`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: LoadLibraryA LoadLibraryExA GetProcAddress` `Can access the registry: RegQueryValueExA RegSetValueExA RegEnumKeyA RegEnumValueA RegOpenKeyExA RegDeleteKeyA RegDeleteValueA RegCloseKey RegCreateKeyExA` `Possibly launches other programs: CreateProcessA ShellExecuteA` `Can create temporary files: CreateFileA GetTempPathA` `Can shut the system down or lock the screen: ExitWindowsEx`
Suspicious	The file contains overlay data.	`25293847 bytes of data starting at offset 0x21400.` `The overlay data has an entropy of 7.99792 and is possibly compressed or encrypted.` `Overlay data amounts for 99.4644% of the executable.`
Malicious	VirusTotal score: 38/72 (Scanned on 2024-12-01 19:16:47)	`AVG: NSIS:TrojanX-gen [Trj]` `Alibaba: Trojan:MSIL/Slithermon.1f6092b2` `Antiy-AVL: Trojan/MSIL.Slithermon` `Avast: NSIS:TrojanX-gen [Trj]` `Avira: PUA/Downloader.Gen` `Bkav: W32.AIDetectMalware` `CTX: exe.trojan.slithermon` `CrowdStrike: win/malicious_confidence_100% (W)` `Cylance: Unsafe` `Cynet: Malicious (score: 99)` `DeepInstinct: MALICIOUS` `ESET-NOD32: MSIL/Slithermon.A` `Elastic: malicious (high confidence)` `F-Secure: PotentialRisk.PUA/Downloader.Gen` `Google: Detected` `Ikarus: Trojan.MSIL.Slithermon` `K7AntiVirus: Trojan ( 005470b41 )` `K7GW: Trojan ( 005470b41 )` `Kaspersky: HEUR:Trojan-Ransom.Win32.Agent.gen` `Lionic: Trojan.Win32.Slithermon.j!c` `Malwarebytes: Slithermon.Adware.Advertising.DDS` `McAfee: Artemis!95DC5CCEF3CB` `McAfeeD: ti!750A94AA7B77` `Microsoft: Program:Win32/Wacapew.C!ml` `NANO-Antivirus: Trojan.Win32.Slithermon.fmrvoj` `Paloalto: generic.ml` `Rising: Adware.Slithermon!1.B89E (CLASSIC)` `Sangfor: Suspicious.Win32.Save.a` `Skyhigh: Artemis` `Sophos: Mal/Generic-S` `Symantec: Trojan.Gen.MBT` `Tencent: Win32.Trojan-Ransom.Agent.Nqil` `VBA32: TrojanRansom.Agent` `Varist: W32/Risk.CWPN-1334` `Xcitium: ApplicUnwnt@#1fvqnt6mowg8y` `Yandex: Trojan.Igent.bX9Ris.1` `Zillya: Trojan.Agent.Win32.975413` `alibabacloud: Ransomware:MSIL/Slithermon.A`

Hashes

MD5	`95dc5ccef3cba81028da04b28dcbe4da`
SHA1	`03c34eea09312e3fc29054237884f3f5e66a3a52`
SHA256	`750a94aa7b77a8cb51b09c2e89b26efcd80becf8898c364ad36b49d192cabdd2`
SHA3	`85c570687c538ace6bf02bd0a5057d6300b72eaaf6966e92b9a50f69f0ccadb4`
SSDeep	`393216:KJirk7v4Q6whZFlsb6BaYv0VGRp1M0joUN9LFMOXDlN9sLXSf3G4ADmf8eBdwGc6:Ki4wXwfLhBqV01zVJHtsLXqBTcqRyq`
Imports Hash	`7fa974366048f9c551ef45714595665e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xd8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2009-Dec-05 22:50:52
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x5e00`
SizeOfInitializedData	`0x28400`
SizeOfUninitializedData	`0x400`
AddressOfEntryPoint	`0x000030FA (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x7000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`6.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x5c000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`856b32eb77dfd6fb67f21d6543272da5`
SHA1	`6597c511c2ee72f68f5246460f0683dae16dcade`
SHA256	`c6c2b4f41d6598b94106de36b422dd84534fd9a11d84b2b6a47b3be49524c750`
SHA3	`649e621f7eb7edb175d8285b7c35de1209efc88af5abb31f95bab19076fff3b4`
VirtualSize	`0x5c4c`
VirtualAddress	`0x1000`
SizeOfRawData	`0x5e00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.44011`

.rdata

MD5	`dc77f8a1e6985a4361c55642680ddb4f`
SHA1	`3d397ee25b2dd83ab741c67375880151cae94ed8`
SHA256	`576cdd5bc72421d008c86f056d0727c54cc8b3ec0961e5d0462af48278543d51`
SHA3	`d419a2c597e2f7a8a19b7c5c2090a93c78625e69629ff7d66a5359bfd614a8f4`
VirtualSize	`0x129c`
VirtualAddress	`0x7000`
SizeOfRawData	`0x1400`
PointerToRawData	`0x6200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.04684`

.data

MD5	`7922d4ce117d7d5b3ac2cffe4b0b5e4f`
SHA1	`4e56bb1994226ae0285c7adee470777262de2c99`
SHA256	`97773fd68ac3aebb9795c59dc00c5dbc0c992ce0c3c2ef90bfff27eb1cd72b3d`
SHA3	`2a1aceed5a92a7ab4f568335758aa6da79df1e2fe50997652ea0f52f0813bead`
VirtualSize	`0x25c58`
VirtualAddress	`0x9000`
SizeOfRawData	`0x400`
PointerToRawData	`0x7600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.801`

.ndata

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x13000`
VirtualAddress	`0x2f000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rsrc

MD5	`d7b59f42839881a1d65ff21b673e5765`
SHA1	`d3f4f29c610682755fab4d1b83a22054e7c74a80`
SHA256	`1801660688d5a2a262a064f5693da1662ece4580811925a10c92ce6efb52a341`
SHA3	`1d87585fe14c25963f5833c2cedae88be79b4ff07d70cf94c7c9b9bf89775938`
VirtualSize	`0x199f0`
VirtualAddress	`0x42000`
SizeOfRawData	`0x19a00`
PointerToRawData	`0x7a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.72789`

Imports

KERNEL32.dll	`CompareFileTime` `SearchPathA` `GetShortPathNameA` `GetFullPathNameA` `MoveFileA` `SetCurrentDirectoryA` `GetFileAttributesA` `GetLastError` `CreateDirectoryA` `SetFileAttributesA` `Sleep` `GetTickCount` `GetFileSize` `GetModuleFileNameA` `GetCurrentProcess` `CopyFileA` `ExitProcess` `GetWindowsDirectoryA` `SetFileTime` `GetCommandLineA` `SetErrorMode` `LoadLibraryA` `lstrcpynA` `GetDiskFreeSpaceA` `GlobalUnlock` `GlobalLock` `CreateThread` `CreateProcessA` `RemoveDirectoryA` `CreateFileA` `GetTempFileNameA` `lstrlenA` `lstrcatA` `GetSystemDirectoryA` `GetVersion` `CloseHandle` `lstrcmpiA` `lstrcmpA` `ExpandEnvironmentStringsA` `GlobalFree` `GlobalAlloc` `WaitForSingleObject` `GetExitCodeProcess` `GetModuleHandleA` `LoadLibraryExA` `GetProcAddress` `FreeLibrary` `MultiByteToWideChar` `WritePrivateProfileStringA` `GetPrivateProfileStringA` `WriteFile` `ReadFile` `MulDiv` `SetFilePointer` `FindClose` `FindNextFileA` `FindFirstFileA` `DeleteFileA` `GetTempPathA`
USER32.dll	`EndDialog` `ScreenToClient` `GetWindowRect` `EnableMenuItem` `GetSystemMenu` `SetClassLongA` `IsWindowEnabled` `SetWindowPos` `GetSysColor` `GetWindowLongA` `SetCursor` `LoadCursorA` `CheckDlgButton` `GetMessagePos` `LoadBitmapA` `CallWindowProcA` `IsWindowVisible` `CloseClipboard` `SetClipboardData` `EmptyClipboard` `RegisterClassA` `TrackPopupMenu` `AppendMenuA` `CreatePopupMenu` `GetSystemMetrics` `SetDlgItemTextA` `GetDlgItemTextA` `MessageBoxIndirectA` `CharPrevA` `DispatchMessageA` `PeekMessageA` `DestroyWindow` `CreateDialogParamA` `SetTimer` `SetWindowTextA` `PostQuitMessage` `SetForegroundWindow` `wsprintfA` `SendMessageTimeoutA` `FindWindowExA` `SystemParametersInfoA` `CreateWindowExA` `GetClassInfoA` `DialogBoxParamA` `CharNextA` `OpenClipboard` `ExitWindowsEx` `IsWindow` `GetDlgItem` `SetWindowLongA` `LoadImageA` `GetDC` `EnableWindow` `InvalidateRect` `SendMessageA` `DefWindowProcA` `BeginPaint` `GetClientRect` `FillRect` `DrawTextA` `EndPaint` `ShowWindow`
GDI32.dll	`SetBkColor` `GetDeviceCaps` `DeleteObject` `CreateBrushIndirect` `CreateFontIndirectA` `SetBkMode` `SetTextColor` `SelectObject`
SHELL32.dll	`SHGetPathFromIDListA` `SHBrowseForFolderA` `SHGetFileInfoA` `ShellExecuteA` `SHFileOperationA` `SHGetSpecialFolderLocation`
ADVAPI32.dll	`RegQueryValueExA` `RegSetValueExA` `RegEnumKeyA` `RegEnumValueA` `RegOpenKeyExA` `RegDeleteKeyA` `RegDeleteValueA` `RegCloseKey` `RegCreateKeyExA`
COMCTL32.dll	`ImageList_AddMasked` `ImageList_Destroy` `#17` `ImageList_Create`
ole32.dll	`CoTaskMemFree` `OleInitialize` `OleUninitialize` `CoCreateInstance`
VERSION.dll	`GetFileVersionInfoSizeA` `GetFileVersionInfoA` `VerQueryValueA`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.61708`
MD5	`93cf1c07c4d70adaf4fefa4082387670`
SHA1	`7c0976eb311ef1e5930f73a80cf63e06d1357b6f`
SHA256	`746986947f03b65a3acf3d67518bc636d736dd462afd885c72f5e43e41fd36d0`
SHA3	`6e4f718c4a030bbaf664602a531386e747f163da8d939a674ae7db1b5f78195f`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.81396`
MD5	`71a6573a5effb19acc0ebc871d412894`
SHA1	`1c4a9ac540605c239ec5f4c6e1f22279f07728e9`
SHA256	`7b583f13503048d66eaa9656efbb5103eace3a11074285054a6157f38baeef03`
SHA3	`b05fe0f47bed6fe1d0fd83c13fb811d38478a577dfbfbc3b185c49ec8e4ccdb0`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.89286`
MD5	`92396f5597e152f54a38c61c90db1560`
SHA1	`dc38eb775ff722cb38c9742a4f68e663f29f4927`
SHA256	`5d3e690340e2a48fa1a56e1375774ae3e70d34b224e0f05cce5943910bdf7d40`
SHA3	`6ec5a5d61cd7d41e579bf1eded65dc6730497e746e8e555784b693ffba0a112e`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.07434`
MD5	`7b85ac36b8a1fed8abe3400f182d3568`
SHA1	`e1c1041bb7179c9ff2c9ce8233d8c6b8d32774f3`
SHA256	`54366527122742545c8b4d01a2537bd87702ddc8e7cfc74f00f6b0303bac430e`
SHA3	`50ebaa0d7af31ffeba4ce180820abeefb98ca6f0e44507e739b1f0478cb2be3d`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.15801`
MD5	`4bc8cc2e8db9e13731b68aece7f4a893`
SHA1	`1da40ddb1ea0b1a86dd015b6817e45d81a270105`
SHA256	`8f3701eb20d42e49c95633d857ff6f5e8da5755d5594f4bd8b542b283aae7241`
SHA3	`2b5da1922958aeb41aa249ce8726aa876e99840bc4ac0817081d381216d4aa66`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`809457c05fe696f5d34ac5ac8768cdd4`
SHA1	`a2c3e4966415100c7d24f7f3dc7e27d2a60d20c9`
SHA256	`1b66520d471367f736d50c070a2e2bba8ad88ac58743394a764b888e9cb6f6be`
SHA3	`002d1b10f28d74c7572fc7c5b403eb32f2a0540c4958d7878ef67edfd17c8109`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`982079681d7ad12766abc44f06946f3e`
SHA1	`50f73ed0787bf5911bb907e487efbc84a9714e48`
SHA256	`250f52cb2d6f1966a29f6ac771fa1cd185b8f8531396c8a4026c0fe635617e0c`
SHA3	`b8805d45012d79cfa8bb45e23c9b4a4421cd91538d569e58437efa0f545cf4d4`

102

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xb4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71813`
MD5	`7add80697358fcc3e63354d269ea5ac9`
SHA1	`72c0a1363b9b4fee0a4acb42b31cd9b5e0664c4c`
SHA256	`b29c7a1301ddb0e896faf944d8ea8f4e57ff4f3d5fc3e5dc5bf3e64ed6be2fdd`
SHA3	`40a0e6b6b579b110550a4c3304eb33293a293d9aa288b02b11750143b52423fe`

105

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67385`
MD5	`d1a92272fbd597e1aa19021483110d5a`
SHA1	`9f75072682b37c6c52361d8c988ebd06dd003f63`
SHA256	`15663576584c947d634dab9848defcc7d8f05eb0b7e7c6d52d81eca695fc7a6e`
SHA3	`704756797695ae34f6fae500852bca70e5066a1d1993348fe40ccf626235d0d6`

106

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.91148`
MD5	`fa83652660409e90e0db9731ad2adb17`
SHA1	`0a8f0af67723c87fe26ccf676b8e19ec6357b4dc`
SHA256	`4a55bd714f5d50cd8eabba10e57f0618f1842717dcfa582d73a917b1933cd1d4`
SHA3	`5b3e1cb25be7a2dbae4f08f0d4794ed23dbd6ea37a3f9702be12dba588f42a7b`

107

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.52183`
MD5	`6ffba239dcfcab2080195f23947b70aa`
SHA1	`bcda1ca8ee9bb9878bde83aa06c670bb5a4d5843`
SHA256	`a7e5ea849cb343e9b58de221aeb25c9dd4a3748070bfba879a30c4265fc39023`
SHA3	`a75544b4c3fcbcb32fe4e02d1a631e045b2e58516aa1065bb96cce681aea7030`

111

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xee`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92787`
MD5	`5dfa289639a3bcc0497da8db163f01fe`
SHA1	`6e2c6ea1e2594b66f563fb589276642c127e875f`
SHA256	`18466509968c3c0bf92ba410fea075def2b257a5a799a113cbc60f13e75f4b01`
SHA3	`85abdc8c431d91c72f3595a39881c96637ead09a0278d3cec0c1c9a8d873f031`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06598`
Detected Filetype	Icon file
MD5	`f04fe5e2018cdd7516c86dcc13dc563a`
SHA1	`da2dbd865baae03936f47eb550964f81260f0eab`
SHA256	`efa0b2c81c09d5b97850d91a44beb94285eb7add2ecde880c309d0511c50dc88`
SHA3	`03b4a6944e3c88d670afefd974a6b0c615ce0fbb9cc534c05cd3c6657b177a88`

1 (#2)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x414`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3125`
MD5	`4d5c75a7a167ac46f1734cc82343417f`
SHA1	`662a02fd01c841d9a64785b2361f95c59cab4f40`
SHA256	`5f80639fde9e39c05e86ef6577a4da74706e8ddf758c84853efd5db38e2c065d`
SHA3	`2f04a27052a9c922f99ca31a336568e26887431e28c298435f3f9df7d5025b6e`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3be`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.21482`
MD5	`18a65b0356650472e36d75deef2173b5`
SHA1	`ad8ae2a67c7258efa638901ff609cc6561b96b4f`
SHA256	`cb24fe30879e7b0870fb61f7c16bdb8c4fa9a2a8c2d945bd3ea8dd889e93c0ff`
SHA3	`55079671a0ec8905dde3e77ac6ab2a0ab33bc1d621f43b49f67d3539c1fd0723`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
Comments	ScreenSaverGift.com
CompanyName	ScreenSaverGift.com
FileDescription	Cat And Dog Screensaver
FileVersion (#2)	1.0.0.0
InternalName	Cat And Dog Screensaver.exe
LegalCopyright	Copyright (c) 2018 ScreenSaverGift.com
LegalTrademarks	Copyright (c) 2018 ScreenSaverGift.com
OriginalFilename	Cat And Dog Screensaver.exe
ProductName	Cat And Dog Screensaver
ProductVersion (#2)	1.0.0.0

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x69ead975`
Unmarked objects	`0`
C objects (VS2003 (.NET) build 4035)	`2`
Total imports	`155`
Imports (VS2003 (.NET) build 4035)	`17`
48 (9044)	`10`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

Errors

[*] Warning: Section .ndata has a size of 0!