Manalyze report for 99da9dc7523d9a19b22d178d1a567f76

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2018-Oct-03 12:52:43
Detected languages	English - United Kingdom English - United States
CompanyName	Sokpop Collective
FileDescription
FileVersion	`1.1.5.0`
InternalName	GameMaker:Studio Windows C++ Runner
LegalCopyright
PrivateBuild	01.00.00.00
ProductName
ProductVersion	`1.1.5.0`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Accesses the WMI: root\cimv2` `Contains domain names: RetroUSB.com adobe.com cameronmusic.co.uk gmail.com http://ns.adobe.com http://ns.adobe.com/xap/1.0/ http://ns.adobe.com/xap/1.0/mm/ http://ns.adobe.com/xap/1.0/sType/ResourceRef# http://www.w3.org http://www.w3.org/1999/02/22-rdf-syntax-ns# https://ping.yoyogames.com https://ping.yoyogames.com/pingback?data ns.adobe.com ping.yoyogames.com www.cameronmusic.co.uk www.w3.org yoyogames.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1`
Suspicious	The PE is possibly packed.	`Unusual section name found: .mydata`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExA GetProcAddress LoadLibraryExW LoadLibraryW` `Can access the registry: RegCloseKey RegOpenKeyExW RegQueryValueExW` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Can create temporary files: GetTempPathA CreateFileW` `Uses functions commonly found in keyloggers: GetAsyncKeyState GetForegroundWindow` `Has Internet access capabilities: InternetConnectA InternetCanonicalizeUrlA InternetCrackUrlA InternetOpenA InternetReadFile InternetCloseHandle InternetGetConnectedState` `Leverages the raw socket API to access the Internet: ntohs htonl htons getpeername __WSAFDIsSet select freeaddrinfo WSAGetLastError closesocket sendto connect inet_addr shutdown WSAStartup getsockopt setsockopt ioctlsocket socket bind getaddrinfo send recvfrom inet_ntoa recv accept listen` `Enumerates local disk drives: GetDriveTypeW` `Reads the contents of the clipboard: GetClipboardData`
Safe	VirusTotal score: 0/68 (Scanned on 2018-10-26 10:03:18)	`All the AVs think this file is safe.`

Hashes

MD5	`99da9dc7523d9a19b22d178d1a567f76`
SHA1	`f0aec82adb722c13ad3c9e26f1268566a27511d6`
SHA256	`725b92001f6e9e51652dc39dbfcaa45ae3638b73ca0a9ea3ff20f0ae1d858ff7`
SHA3	`f66f4ba1c517c421e499954034ee3ba8e040678c20a48c9d8586309f206274cd`
SSDeep	`196608:YO26gLZrmgxGr2b8rFO0W/Kd4aTv9of6dqgqxLge6zhXhhSz9VcBEexZx6//woT:cnaXZiwPwqm8tFKr5y1v8NJgx8Pzf`
Imports Hash	`2bee3b645c46b3857579cfcbb568d584`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`6`
TimeDateStamp	2018-Oct-03 12:52:43
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`11.0`
SizeOfCode	`0x57e000`
SizeOfInitializedData	`0xa18800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00300852 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x57f000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x11f1000`
SizeOfHeaders	`0x400`
Checksum	`0xf90e1c`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`85d36aec319d975173bfe2ba1c7e3141`
SHA1	`af47320e12eb71bcfaf9f33d6d531cbbe9dcccf0`
SHA256	`7532394b326b3827b0a5465d6e74a2630f984d0f2910ebf8c300fc3c0a6cfe34`
SHA3	`35fc95b2f5f311b401da19cf3983fcafdda3df3f8996605fc56db9935c43b8bb`
VirtualSize	`0x57df1b`
VirtualAddress	`0x1000`
SizeOfRawData	`0x57e000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.2649`

.rdata

MD5	`b4b43b48f37672befc2948758d62f18f`
SHA1	`c7b0b51cab056d003572a4e88b90479aca04baa8`
SHA256	`0c8f40967717563dd07e6668dcd6cb1dfa91be2b32a1ef8c28e066c2aec8c133`
SHA3	`81ff4f53e2a663568495ed2f8823936d16141a6296eed35aa5e55c067f2d192d`
VirtualSize	`0x106884`
VirtualAddress	`0x57f000`
SizeOfRawData	`0x106a00`
PointerToRawData	`0x57e400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.81587`

.data

MD5	`adfafeb26049c716c945a511012afce0`
SHA1	`6dca0c1b9be6bf5f09c08b0a0e128e8b0cb4ce69`
SHA256	`503cdf232002de69a553e1b8aa52303930f5d8b386c09d10616434fb7ec6a674`
SHA3	`4b73a2b51eb6f1bf289ab59cc48243efa06a15acc2cf47b79a2ff8055f966f2c`
VirtualSize	`0xaeffb8`
VirtualAddress	`0x686000`
SizeOfRawData	`0x898c00`
PointerToRawData	`0x684e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.07551`

.mydata

MD5	`5b71e4c27591ccb21954d71d656b28fb`
SHA1	`9cf3bdc3e0e647cb864581406250a7c21f51524d`
SHA256	`6bafe4f53b35a27d41c72c80d8fdfcd2aca79ce310b990ee55c7a04d65b6e96f`
SHA3	`efdeae6073a6cce468f62cdbdfc2d0f9ea3d196156860e5cac0d2038149f9a3e`
VirtualSize	`0x8`
VirtualAddress	`0x1176000`
SizeOfRawData	`0x200`
PointerToRawData	`0xf1da00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.0203931`

.rsrc

MD5	`af81625066af21bbe12fd556c77e5da3`
SHA1	`c8dabfa9d89c9fcff134e3a30c93b99d3af8ffe6`
SHA256	`fcdad65a018dff92cebc2647f16f63a586adf6e0ca3726d3fb7852260cdb6835`
SHA3	`e6420916665971223acb0187840fd747133edf52b66e929a291610c9fbc3f6dc`
VirtualSize	`0x298b4`
VirtualAddress	`0x1177000`
SizeOfRawData	`0x29a00`
PointerToRawData	`0xf1dc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.62786`

.reloc

MD5	`fb7f70f7000a221de2017d6107b9b45d`
SHA1	`70b7f917a3846c23b8155bc13216230b5fb0d9c3`
SHA256	`83c70805f5d42629d24c69ef968442c7ac2dfefe1a32392ea76073184c234269`
SHA3	`dae1375fab54f069d3e5edc41c14e821029fe297cbca8a83c6aefd23a5fd6f86`
VirtualSize	`0x4f45e`
VirtualAddress	`0x11a1000`
SizeOfRawData	`0x4f600`
PointerToRawData	`0xf47600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.25593`

Imports

WININET.dll	`InternetConnectA` `HttpOpenRequestA` `HttpSendRequestA` `InternetCanonicalizeUrlA` `InternetCrackUrlA` `InternetOpenA` `HttpQueryInfoA` `InternetReadFile` `InternetCloseHandle` `InternetGetConnectedState`
d3dx9_43.dll	`D3DXGetPixelShaderProfile` `D3DXGetImageInfoFromFileInMemory` `D3DXCreateTextureFromFileInMemoryEx` `D3DXCreateTextureFromFileW` `D3DXGetVertexShaderProfile` `D3DXCompileShader`
dbghelp.dll	`SymFromAddr` `SymInitialize`
WINMM.dll	`joyGetPos` `joyGetDevCapsA` `joyGetPosEx` `mciSendStringA` `mciGetErrorStringA`
WS2_32.dll	`ntohs` `htonl` `htons` `getpeername` `__WSAFDIsSet` `select` `freeaddrinfo` `WSAGetLastError` `closesocket` `sendto` `connect` `inet_addr` `shutdown` `WSAStartup` `getsockopt` `setsockopt` `ioctlsocket` `socket` `bind` `getaddrinfo` `send` `recvfrom` `inet_ntoa` `recv` `accept` `listen`
gdiplus.dll	`GdiplusStartup` `GdiplusShutdown`
COMCTL32.dll	`InitCommonControlsEx`
KERNEL32.dll	`GetTempPathA` `FindFirstFileExW` `SetFileAttributesW` `GetFileAttributesExW` `ReadFile` `HeapWalk` `HeapValidate` `FileTimeToSystemTime` `SystemTimeToTzSpecificLocalTime` `GetTimeZoneInformation` `FindFirstFileExA` `LoadLibraryExA` `GetDriveTypeW` `SetEnvironmentVariableW` `SetEnvironmentVariableA` `GetFileInformationByHandle` `PeekNamedPipe` `MoveFileExW` `ReadConsoleW` `SetFilePointer` `FindNextFileA` `FileTimeToLocalFileTime` `lstrlenA` `CreateDirectoryW` `GetFileAttributesW` `FindFirstFileW` `RemoveDirectoryW` `FindNextFileW` `FindClose` `CreateProcessW` `GetExitCodeProcess` `GlobalAlloc` `GlobalLock` `GlobalUnlock` `SetPriorityClass` `SetThreadPriority` `DeleteFileW` `GetExitCodeThread` `FormatMessageW` `LocalFree` `GetCurrentDirectoryW` `GlobalMemoryStatusEx` `GetSystemInfo` `GetLocaleInfoW` `GetUserDefaultLCID` `GetVersionExW` `SetEndOfFile` `TlsAlloc` `EncodePointer` `DecodePointer` `GetCommandLineA` `GetLastError` `HeapFree` `InterlockedDecrement` `ExitProcess` `GetModuleHandleExW` `GetProcAddress` `AreFileApisANSI` `MultiByteToWideChar` `HeapSize` `Sleep` `IsProcessorFeaturePresent` `SetLastError` `InterlockedIncrement` `GetCurrentThread` `GetCurrentThreadId` `GetStdHandle` `WriteFile` `GetModuleFileNameW` `GetProcessHeap` `GetFileType` `InitializeCriticalSectionAndSpinCount` `DeleteCriticalSection` `InitOnceExecuteOnce` `GetStartupInfoW` `GetModuleFileNameA` `QueryPerformanceCounter` `GetSystemTimeAsFileTime` `GetTickCount64` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `WideCharToMultiByte` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `FlsAlloc` `FlsGetValue` `FlsSetValue` `FlsFree` `GetCurrentProcess` `TerminateProcess` `GetModuleHandleW` `IsDebuggerPresent` `EnterCriticalSection` `LeaveCriticalSection` `InterlockedExchange` `FreeLibrary` `LoadLibraryExW` `IsValidCodePage` `GetACP` `GetOEMCP` `GetCPInfo` `HeapAlloc` `HeapReAlloc` `RtlUnwind` `OutputDebugStringW` `LoadLibraryW` `GetTimeFormatEx` `GetDateFormatEx` `CompareStringEx` `GetLocaleInfoEx` `GetUserDefaultLocaleName` `LCMapStringEx` `IsValidLocaleName` `EnumSystemLocalesEx` `GetStringTypeW` `RaiseException` `FlushFileBuffers` `GetConsoleCP` `GetConsoleMode` `SetStdHandle` `SetFilePointerEx` `WriteConsoleW` `CloseHandle` `CreateFileW` `ExpandEnvironmentStringsW` `MoveFileA` `GetFullPathNameW` `SetErrorMode` `GetCommandLineW` `GetCurrentProcessId` `RtlCaptureStackBackTrace` `GetTickCount` `QueryPerformanceFrequency` `WaitForSingleObject` `SetWaitableTimer` `CreateWaitableTimerW` `TlsSetValue` `CreateThread` `GetConsoleWindow` `SetCurrentDirectoryA` `GetCurrentDirectoryA` `GetEnvironmentVariableW`
USER32.dll	`DialogBoxParamW` `GetDlgItem` `DrawTextW` `ScreenToClient` `keybd_event` `EndDialog` `GetDlgItemTextW` `SetDlgItemTextW` `wsprintfW` `GetFocus` `GetAsyncKeyState` `SetDlgItemTextA` `GetRawInputDeviceInfoA` `GetRawInputDeviceList` `EnumDisplayDevicesA` `CreateDialogParamW` `SetClipboardData` `MessageBoxA` `PostMessageW` `IsDialogMessageW` `DispatchMessageW` `TranslateMessage` `PeekMessageW` `SetFocus` `GetActiveWindow` `GetKeyState` `SetCapture` `ReleaseCapture` `DefWindowProcW` `GetWindowRect` `GetClientRect` `SetCursor` `SendMessageW` `CreateWindowExW` `RegisterClassExW` `LoadCursorW` `LoadImageW` `AdjustWindowRectEx` `GetSystemMetrics` `SetWindowPos` `SetForegroundWindow` `BringWindowToTop` `ShowWindow` `DestroyWindow` `MessageBoxW` `EnumDisplaySettingsW` `ChangeDisplaySettingsW` `GetCursorPos` `SetCursorPos` `SetWindowLongW` `UpdateWindow` `EnumDisplaySettingsExW` `ReleaseDC` `GetDC` `SetWindowTextW` `MoveWindow` `ClientToScreen` `GetMonitorInfoW` `MapWindowPoints` `SetWindowTextA` `IsClipboardFormatAvailable` `CloseClipboard` `GetClipboardData` `OpenClipboard` `EmptyClipboard` `GetForegroundWindow`
GDI32.dll	`GetDeviceCaps` `SelectObject`
COMDLG32.dll	`GetOpenFileNameW` `GetSaveFileNameW`
ADVAPI32.dll	`RegCloseKey` `RegOpenKeyExW` `RegQueryValueExW`
SHELL32.dll	`SHGetFolderPathW` `ShellExecuteW`
ole32.dll	`CoUninitialize` `CoCreateInstance` `CoInitialize`
OLEAUT32.dll	`SysAllocString` `SysFreeString` `VariantClear`
VERSION.dll	`GetFileVersionInfoW` `GetFileVersionInfoSizeW` `VerQueryValueW`
d3d9.dll (delay-loaded)	`Direct3DCreate9` `Direct3DCreate9Ex`

Delayed Imports

Attributes	`0x1`
Name	`d3d9.dll`
ModuleHandle	`0x1174c04`
DelayImportAddressTable	`0xf1eaa0`
DelayImportNameTable	`0x683f0c`
BoundDelayImportTable	`0x683f40`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

135

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.33764`
Detected Filetype	Bitmap graphic
MD5	`0e502e77b617a3843b7d45f3de521a2c`
SHA1	`2d3fdf653979d1642a868d2ce2d4b7708c858426`
SHA256	`cb297aa243552ededd5aa0c25955322c287d36aa0d69ec68790900521ca1f211`
SHA3	`0a11d650715449bac5a4e6a89d9aa0c3ebb2dfd1b3e38efafdd48bc486467599`

136

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.993047`
Detected Filetype	Bitmap graphic
MD5	`0d483ad6da4e6f42f3c93d1b5924bb63`
SHA1	`e46c97a01a3fdd8edde15863148008298f703352`
SHA256	`b063e8200a53924c74d2992d56e43e6f7fff8383365d39e7dc880a2ce75b8b5f`
SHA3	`2c873b21dcbd04d9e547d9af7906ce201679192d92e2412bea1ccc1532a99aa3`

137

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.15256`
Detected Filetype	Bitmap graphic
MD5	`3be49c28e1fdb8aa1df022b36cede81e`
SHA1	`ff9e3ba28f30b560f0a946902d21b96cf7d8b090`
SHA256	`d04274209f89c47c9806b94082e05d1a072fc077c28ccf48f800c8bdbb9880c8`
SHA3	`122b324b232907b9d5342f2f081dce1c736dc825993a133b5ac6907416109bd1`

138

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.89372`
Detected Filetype	Bitmap graphic
MD5	`9e0d1b8218f2c07c149209f4991280d4`
SHA1	`9e22b219e4093f8ab599576c9da8ff851f004143`
SHA256	`eeac23e7bb8ce9b4ab0722f69bcf79ac5a9b5c0d7ad5e67dedbf1d77c2d8ade6`
SHA3	`1ab3de0e9285a8c7c82fecce41d4d6077ca94910ad2e735a2c643aba79eb0957`

139

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.76889`
Detected Filetype	Bitmap graphic
MD5	`6dbdee0c8e0ee023e9b57a9eecc0ee1d`
SHA1	`12ae24109df25a5dad2b7d34f13c89a8b1726c76`
SHA256	`3ac5bf02e1bb1a0975966df1ca1a515f866eb50baf156c4d5c614be342a42268`
SHA3	`48017038ccb6a5ee432c3fcfd0f9b4f00b6477085f4651859970fea7582fca7c`

140

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.5738`
Detected Filetype	Bitmap graphic
MD5	`fe8f56958aad10589723b7314317b833`
SHA1	`3c4f024fc0fc6690accfbd3a6eb167d84c4a563f`
SHA256	`f3c1366344b2898e928ad38699a61337ecd8c79604b338d8bafe931f67184ef7`
SHA3	`dcbd16085a4c18bfaf9afb3be726675825f19d2fc5081119cbae69fb390658fe`

141

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.35572`
Detected Filetype	Bitmap graphic
MD5	`55894bb63626eb9849b6f8eacc62da92`
SHA1	`88b8670956ae3c8fb1b2bde8a44b5c8c8ef20473`
SHA256	`d3631b49f188c12b8e45436a6219421eb6e623f680d108a111e5b97a366d8925`
SHA3	`371d3f3e3214d1ed1344c9b98e9d774e17a66f306c77cb935d4dea1cfecf8b86`

142

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.77467`
Detected Filetype	Bitmap graphic
MD5	`2407cb5a8ae0830297eb2b34611a288e`
SHA1	`dcfb184b9b17b29f1a4ad6b1a06721ec4b07a2a6`
SHA256	`c868e02eade177601671c64315a5eee20883ab9cb0fc4efce212016afcee7dc7`
SHA3	`35163e1fd5d64dfed87502a46c5c36cfc9f297560ae68bdba590c1d4dd513474`

143

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.19257`
Detected Filetype	Bitmap graphic
MD5	`9ddc3df1155230511f45d1677c70dcb3`
SHA1	`799f847c6b512acc5e846559d216ae6394919028`
SHA256	`4b84982fb983a64480c589cb3d2c7fce20bc8cea86b9eb2f0ba3c11ab55fa1a2`
SHA3	`954017ae7356108b957bf37b7c74f10887bf2d2e12670d49b62c8c177d9553ac`

144

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.76158`
Detected Filetype	Bitmap graphic
MD5	`16430adab8190094cbe4a553692347de`
SHA1	`8f2cd135001304b4b766b1f3e061bd1d2407e212`
SHA256	`fd67c51055c3f203782d8d3a13a34697d95afddcbc06c5183284c9fe0d950a52`
SHA3	`0092b52ca7e99c11646dd8825d525459b29308d0ca77699e07eedae730962645`

145

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.61258`
Detected Filetype	Bitmap graphic
MD5	`7c261bcb470a60bb330dcd1f88cdd234`
SHA1	`182e7329dcca5817a907580c067d3e623fe0535b`
SHA256	`e5ca37c2b2bdcbe8e4b5857f1113eb3e0642118e4acded05b5c02e8df3ad52fd`
SHA3	`0e8dee8293df10ef065f5acf7e4c4823f44a12e4a8cd056392eee29d5166d467`

146

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.52092`
Detected Filetype	Bitmap graphic
MD5	`10d42c236cedc22ab8758ae3a2d99060`
SHA1	`001436d0e4188cffdd58d40081a651173185968e`
SHA256	`d32391f1bd6a81a326289c2e1276a3f7326c2f14d71591f40779fc833c5c91c5`
SHA3	`b79832c0228a740166020259b0fba9e04ea7ce6540eac99c8fde6e90385f96b6`

147

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36284`
Detected Filetype	Bitmap graphic
MD5	`f3f29eadb4ae02d0d6691c418e46f3ab`
SHA1	`9bcf0bd1e89802ca25e764a81676aebb8d154002`
SHA256	`497abbc44a14af8460963a561b9c3353b41605349b7a903efa287e4d113cd4f5`
SHA3	`907ee5ab4c252e60672903517682d4477509d58c74fe90fda360d0878e9d1a32`

148

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.48054`
Detected Filetype	Bitmap graphic
MD5	`7aa9f99487a51a26033a557a2700c405`
SHA1	`1407f1c2016fdcce786c4e1a8c0a67d128407786`
SHA256	`caa7fcd55f3db50af6e9e4273c71cd182ece9be9755dd53f75ff473fb88a5f5f`
SHA3	`c264454c9a231d4bb18fffd46a7d01cbda72346f2baf69ee335415a971f8db53`

149

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27853`
Detected Filetype	Bitmap graphic
MD5	`fbca651b85b45550d204bd2000cf9dd2`
SHA1	`5d3145149b881ac59a59e4adaf292dc5bba4f40d`
SHA256	`37b0ae57f593dad56c65b1acef50ddca2d641bb0cf1b801e49666cd0ac49e807`
SHA3	`528c5ab896e5a3656f5f593165024372a8007fb8a58b2a6b8537b702c37a8c1e`

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24143`
MD5	`2a949c551be79290f452c7f153607690`
SHA1	`524c56aa444a1168950baf7edabba658a299a03d`
SHA256	`c7eea2cf68be7e5fbb4c93b601fb34f627a0cb359cfac2307529045162522c7f`
SHA3	`e3f9ed0229989a05c18b64a049c632c75f02aa3ad07d52e0f6a20d01ea383942`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.73925`
MD5	`053d46d28b037b1f9ee57b0d95325577`
SHA1	`6a1d33b54fcb330d252d49eee88eb759977002d1`
SHA256	`1f5c3a3533d7340e9d032e8a68dd922ce9fd683bf7efea3f0cbd0183d05f39d4`
SHA3	`a63111eaa7affc1bfa9a7395351852ec17d040cf762dc76df05b33991082593b`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.39433`
MD5	`12a0fd987c526842b9c74a91117f76b7`
SHA1	`8c1723756175b1fc2161e86e132520292397323c`
SHA256	`6917a93ee94753832c3974b7004b936c3a5186cd8965f10aa740c8799f11cd8b`
SHA3	`94ea8e7df2bb237c58cb66d37fd885a3cf12b22a630c8771f7dd6b0570e08bdc`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.87982`
MD5	`8a6fbc566e5681ac049f9a716c06acfa`
SHA1	`b18da2f2c08c6cddd3acef47c27866e3d2ae1115`
SHA256	`e4c3f6364e9c0e725c62ce9a8fdaad80bc4eeb8cf7f583846aa8acef21b00dc8`
SHA3	`e7b56ac3699898e8be506b68fb91a194c6ec1177f2fafbcb8ba6480331e29ae1`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.46963`
MD5	`6f46b35299fc40c10b508a770a3447be`
SHA1	`caa60bdbafd12f7dc596cb35c07f852a3ea80798`
SHA256	`a26adf32bf60b326f04fd4a771970640dceb8d9773955b94e92ce1b967ddcaba`
SHA3	`f31426d9d107a302dae3545a62146fcf5cd36f7ce16e3daf2fda7f8c5b21f83e`

IDD_ERROR_CODE

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x120`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11903`
MD5	`585333ed67fe4fdeeeb081ee4897904a`
SHA1	`906e8560bd7787ab1de7d5303ebce0184d1928f9`
SHA256	`cd6fe44b77393474766ed6946f6a35ff66ca6fc926a89c361861006d2fc15b87`
SHA3	`4ebec79e45a81ff2ffe10c5c09247c59de1a6b4ac2c766dc518b5bcd5eebe793`

IDD_INPUTQUERY

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0xf0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09333`
MD5	`9f9f2c8a6f4b306b41dda835d90c37eb`
SHA1	`3b12f1b6d8c5e887caaeac46f8918808543f708f`
SHA256	`bf96593a642a5a7785b22ab22e69e3609f3c361e6ae90982ce4c1e1056d40ef1`
SHA3	`ed7e786cd66ca80dd9f0842dca11025d91ba8d222429026534dbde9c2b6325a5`

IDD_LOGIN_ASYNC

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x13c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.07583`
MD5	`6b0f04cd06a91ff5ee96decd8eb6dbc6`
SHA1	`240236f7e7f1c2cea21c1d5eac0bef98094eb18a`
SHA256	`28ae1807e280b537ef8a9b5df66942cd52adf418cd5a2e0b07ef48b25bd08955`
SHA3	`f3d6f5a0f7c6fb4bd8a283c4f8bfc9337364cb28e696784dcb8f543d9d79e89b`

IDD_MESSAGE_ASYNC

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x9c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00453`
MD5	`ed9d6ad0e3e5f287913a8c39386eb08e`
SHA1	`3856ad95adbb8ffdb971bd44a43e32ff7da10c9e`
SHA256	`09ae8082cc363799b57616423e47409390c11fc632c0958826d98420683aa83a`
SHA3	`19d277b2aea915c99d664198e3339347acae3070829ba1269eda8de02a6b820e`

IDD_QUESTION

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0xcc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14448`
MD5	`a1cb026f8ac0e660d2dbb8b8de96ea59`
SHA1	`74271f454c727706fcdae5cc75fb59d2f54116a1`
SHA256	`3981d095cf944141f06895b29e6606015852408d2636844c6a8eef781c6067a2`
SHA3	`e896b8b0cc00a316588ed19d413a5c1f2963591a80916246895f3112feb029ce`

101

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97604`
MD5	`a12fa2524c10e9d3aa595a0a61af48c3`
SHA1	`1b50a67f54de04a27c268720bb4d3dd26739f535`
SHA256	`095689eb7e4e8c2e31c1718463a158554c0261e9872bf9c3a497e6baee29d0e3`
SHA3	`7b1dd499012d4bace7e2758b1e829120463cadf602af2b8c39e1bceb46f6d040`

102

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x40`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.4002`
MD5	`cb861dfde44d04231e4880679d8c4c27`
SHA1	`d5fea594012e7305e3c871d47128b7d2ecb2d5dc`
SHA256	`78d86ff624bedba3c25db2571361a13a13bcb6d064f88c5e586747b9c5fa179c`
SHA3	`59f409436199cefd5e86941fd7a17bcc74a9281b15f18e9a521afb1ba97bb0e7`

129

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x60`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.48825`
MD5	`fc397f24ff24058e906c80aa0ba293b0`
SHA1	`5a595d303f58d30ce064a363b06b52ac5abadb66`
SHA256	`cff945155a9afffac367c241b1435a70f7667ddf4dfa097f6f1160de9aea96b7`
SHA3	`0a4e851708d2ac9cdd97f3951f1be23880728eddc20d6ffdd9eabaf9739f0d5c`

188

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0xbc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98411`
MD5	`b575ec076bc372b21c1332d665a56db6`
SHA1	`05b8ac0f862665caea395eac0f88d9a0369af081`
SHA256	`228733761baa9bec731d5830271e716af779a29d6fbae25dee72a6d51706e438`
SHA3	`4cf5a0abcafe469752d2f2dd365bd616993eb63b939a985a6c633c1c72cbf665`

7

Type	`RT_STRING`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1c0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6517`
MD5	`fe86798eb9a185aa07757fc60cccb701`
SHA1	`fe8578f4d1eab03a0520a25cb5146b669988a598`
SHA256	`194604625fffb999d1d570f9bd69f763810364fffb8fe43037795099062135df`
SHA3	`9c075faec10d0a13da88b59bfb6c5d68760b4a5174a3523988ad960fae6e952e`

152

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.82914`
Detected Filetype	Icon file
MD5	`a1697bc56a7898148c652d33bf9e120d`
SHA1	`ded2543530f3d9d294ca58b3e6ebced21479ff0e`
SHA256	`9265532ba125a4d4ced68f468600bdfa64ad441bcd558092f0b2e4e1aca70420`
SHA3	`1a64d049dffff9be80633825ecb429a551107dc8da687d70f948d0914f9eecfc`

1 (#2)

Type	`RT_VERSION`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x91c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.70717`
MD5	`94133b68aeb133b3fbbebd4cd0c2f151`
SHA1	`8ba92272c55192f79f8a26033e1885dcef0c0e0d`
SHA256	`675225428c39587918ab9376975d08aadca6c578023797e1dfd45cec915d4149`
SHA3	`1703ccc7746b9f4e81f2405b50b4834afe5cd6596aee327fc1a88a994b863c19`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x3b1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.08809`
MD5	`24bce3bb8cd9c354f1d8576eabda2af8`
SHA1	`0d51ad758c62b56466ef860ccd1d0dd66aac372a`
SHA256	`047a49866c5b41fc70cc8f558b161b1f63ff0e983b2acdc071288f5b6b56b6cb`
SHA3	`e37231d14c5ba83df93c8def939359dc2d85a3466923993dcfaec65b063afe71`

String Table contents

OLE initialization failed. Make sure that the OLE libraries are the correct version.
Windows sockets initialization failed.
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.1.5.0
ProductVersion	1.1.5.0
FileFlags	`VS_FF_PRIVATEBUILD`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United Kingdom
CompanyName	Sokpop Collective
FileDescription
FileVersion (#2)	1.1.5.0
InternalName	GameMaker:Studio Windows C++ Runner
LegalCopyright
PrivateBuild	01.00.00.00
ProductName
ProductVersion (#2)	1.1.5.0

Resource LangID	English - United Kingdom

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x12d3f68`
SEHandlerTable	`0xa7e130`
SEHandlerCount	`430`

RICH Header

XOR Key	`0x2ff3172b`
Unmarked objects	`0`
189 (30716)	`1`
190 (30716)	`1`
Imports (21202)	`2`
C++ objects (VS2008 SP1 build 30729)	`307`
C objects (VS2008 SP1 build 30729)	`129`
199 (41118)	`5`
ASM objects (50628)	`66`
C++ objects (50628)	`78`
C objects (50628)	`232`
Total imports	`296`
185 (30716)	`31`
Unmarked objects (#2)	`515`
Resource objects (VS2012 build 50727 / VS2005 build 50727)	`1`
Linker (VS2012 build 50727 / VS2005 build 50727)	`1`

99da9dc7523d9a19b22d178d1a567f76

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.mydata

.rsrc

.reloc

Imports

Delayed Imports

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

1

2

3

4

5

IDD_ERROR_CODE

IDD_INPUTQUERY

IDD_LOGIN_ASYNC

IDD_MESSAGE_ASYNC

IDD_QUESTION

101

102

129

188

7

152

1 (#2)

1 (#3)

String Table contents

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors