Manalyze report for a23208499f80e7c4214916f77b2fe644

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2019-Jul-05 10:54:07
Detected languages	English - United States
Debug artifacts	C:\builds\ACC\GM\source\dev\target\win32\Release\HDCore\Set-up.pdb
CompanyName	Adobe Inc.
FileDescription	Adobe Installer
FileVersion	`4.9.0.504`
InternalName	Adobe Installer
LegalCopyright	© 2015-2019 Adobe. All rights reserved.
OriginalFilename	Adobe Installer
ProductName	Adobe Installer
ProductVersion	`4.9.0.504`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Looks for Qemu presence: QEmU QemU` `Accesses the WMI: ROOT\CIMV2` `Miscellaneous malware strings: exploit virus`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES` `Microsoft's Cryptography API`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryW GetProcAddress LoadLibraryA LoadLibraryExA LoadLibraryExW` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot SwitchToThread` `Can access the registry: SHGetValueW RegCloseKey RegCreateKeyExW RegFlushKey RegSetValueExW RegOpenKeyExW RegQueryValueExW` `Possibly launches other programs: ShellExecuteW CreateProcessW` `Uses Microsoft's cryptographic API: CryptReleaseContext CryptGetHashParam CryptDestroyHash CryptHashData CryptCreateHash CryptAcquireContextW` `Can create temporary files: GetTempPathW CreateFileW GetTempPathA CreateFileA` `Uses functions commonly found in keyloggers: AttachThreadInput GetForegroundWindow GetAsyncKeyState` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Has Internet access capabilities: InternetCanonicalizeUrlW` `Functions related to the privilege level: AdjustTokenPrivileges DuplicateTokenEx OpenProcessToken` `Enumerates local disk drives: GetDriveTypeW` `Manipulates other processes: OpenProcess Process32NextW Process32FirstW` `Changes object ACLs: SetNamedSecurityInfoW` `Can take screenshots: GetDC BitBlt CreateCompatibleDC`
Malicious	The PE's digital signature is invalid.	`Signer: Adobe Inc.` `Issuer: DigiCert EV Code Signing CA (SHA2)` `The file was modified after it was signed.`
Suspicious	VirusTotal score: 1/68 (Scanned on 2020-02-04 17:34:47)	`eGambit: PE.Heur.InvalidSig`

Hashes

MD5	`a23208499f80e7c4214916f77b2fe644`
SHA1	`6d8c776a6da0ed50b70aa13ec5fb279ff7830e50`
SHA256	`7af555ccc06b6bc9f7b4ba0ed4a696432f4d9401165058bab6fa10a955fffe1e`
SHA3	`0a461af81100c0780ff38262aa56cbdaa25eb1382f07ee62a2f59d9426fae96a`
SSDeep	`49152:hPcYIDNKhzevIwyWyL1beNu7TjsKzPPWwk/Ou9ZvTamEel+0BihL67Sy5BpNTVot:2CzevIw3yLRK6EunZ6Zczt`
Imports Hash	`1f6c6a9ea7532650070149d3a8c61c45`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x138`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`7`
TimeDateStamp	2019-Jul-05 10:54:07
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x1dda00`
SizeOfInitializedData	`0x313600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x001790DD (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x1df000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x4f5000`
SizeOfHeaders	`0x400`
Checksum	`0x4f1c32`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`7ac4a40d088b016855c64d1c4bb7e31a`
SHA1	`fed6c30453fc0036bb7d9e8bf767b7e540cebf6a`
SHA256	`60c48ba712c97f4181bd7e9035baaeb9d77a18b9baf843150b4c5f781c733b27`
SHA3	`0f046aed838dd3211321c055a16c014dd4baa7e0c3c0d28cd47c9d1a32138126`
VirtualSize	`0x1dd8a6`
VirtualAddress	`0x1000`
SizeOfRawData	`0x1dda00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.63505`

.rdata

MD5	`c59f6ad5c0e331cac383dfd5d04b49a4`
SHA1	`6efab25d224a340e98f7163021224bf9d7be3c95`
SHA256	`d851b254ddca413ed512ce3cee958ad52f07d3e8f731798224b5776a06e82655`
SHA3	`dcc4ab4b1856b03a44c061d5d80e3a483619c2441b9b3114123587f92557025b`
VirtualSize	`0x6dd12`
VirtualAddress	`0x1df000`
SizeOfRawData	`0x6de00`
PointerToRawData	`0x1dde00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.82716`

.data

MD5	`bacf80e9ee2a36e1b90a9420a4488d75`
SHA1	`1326a7a8d66e044ad1b577738d49985daf5ab5d6`
SHA256	`0062b4b2cb955076c791f8c6c61b629461931186146389396bf136dfd30f9de2`
SHA3	`9765cf6c50d0f95e6f8f82ff9f18344675fb420b9df8e82d3040ab6fe3e47365`
VirtualSize	`0xfe0c`
VirtualAddress	`0x24d000`
SizeOfRawData	`0x7e00`
PointerToRawData	`0x24bc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.99378`

.gfids

MD5	`0d9c7bb3fffe43bfcea67dc5de34067e`
SHA1	`64145d6247b5dc4e3cddbf51388b781796beb42a`
SHA256	`d3a6d29aba2feed3c0cb5d9498156f02a55d86906e07b641b197c2cdad3bd8e2`
SHA3	`bd887ae481232bd663f4ee85528238f6b7d2e5c1b98ff89732d2eacacc64534a`
VirtualSize	`0xb98`
VirtualAddress	`0x25d000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x253a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.87097`

.tls

MD5	`1f354d76203061bfdd5a53dae48d5435`
SHA1	`aa0d33a0c854e073439067876e932688b65cb6a9`
SHA256	`4c6474903705cb450bb6434c29e8854f17d8324efca1fdb9ee9008599060883a`
SHA3	`991fbbd46bbd69198269fe6c247d440e0f8a7d38259b7a1e04b74790301d1d2b`
VirtualSize	`0x9`
VirtualAddress	`0x25e000`
SizeOfRawData	`0x200`
PointerToRawData	`0x254600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.0203931`

.rsrc

MD5	`f4cdca5f8e7be04b1e201f646fface32`
SHA1	`5e1574c4d0ce37663a3f76a176075c8b99b8aee0`
SHA256	`cbe0b36f9547aaa5f3132921a766a86354f110aa8506018efd9b1e1d06ad307d`
SHA3	`8d2266fd9069757a121f0473581c2a5ee7d777b1049f2828d87d813f75782de5`
VirtualSize	`0x27b228`
VirtualAddress	`0x25f000`
SizeOfRawData	`0x27b400`
PointerToRawData	`0x254800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.53171`

.reloc

MD5	`d1ad39770b9bc069581fa0c29d3ffb33`
SHA1	`892edad81de333e6f912ca6dc7b1ee222092c00b`
SHA256	`aab286b9dfafe0c5fbc14aa3b985aed98c49997dbd5f26c62633657a61c9b3d4`
SHA3	`c821da2a15a372ee90b6525675ccf2a10f59c7b81602231828573a1d1f98bb0d`
VirtualSize	`0x1954c`
VirtualAddress	`0x4db000`
SizeOfRawData	`0x19600`
PointerToRawData	`0x4cfc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.68251`

Imports

SETUPAPI.dll	`CM_Get_DevNode_Status` `SetupDiEnumDeviceInfo` `SetupDiDestroyDeviceInfoList` `SetupDiGetClassDevsW` `SetupDiGetDeviceRegistryPropertyW` `SetupDiGetDeviceInstanceIdW`
COMCTL32.dll	`InitCommonControlsEx`
SHELL32.dll	`SHGetKnownFolderPath` `ShellExecuteW` `SHGetSpecialFolderPathW` `#51` `CommandLineToArgvW` `ShellExecuteExW` `SHCreateDirectoryExW` `SHGetFolderPathW` `SHGetPathFromIDListW` `SHGetFolderLocation` `SHGetSpecialFolderLocation` `SHBrowseForFolderW` `SHGetMalloc` `#680`
SHLWAPI.dll	`PathIsFileSpecW` `PathAddExtensionW` `PathRenameExtensionW` `PathRemoveBackslashW` `PathRemoveExtensionW` `UrlIsW` `SHGetValueW` `PathAppendW` `PathFileExistsW` `PathFileExistsA` `PathIsDirectoryW` `PathRemoveFileSpecW` `PathStripToRootW` `PathIsNetworkPathW` `PathFindFileNameW` `PathIsRootW` `PathIsRelativeW` `PathStripPathW` `PathIsUNCW`
KERNEL32.dll	`MultiByteToWideChar` `WideCharToMultiByte` `GetCurrentProcess` `GetTempPathW` `CreateFileW` `GetVersionExW` `GetComputerNameExW` `FileTimeToSystemTime` `CloseHandle` `RaiseException` `LoadLibraryW` `GetProcAddress` `LocalFree` `CreateProcessW` `GetModuleHandleW` `FreeLibrary` `FindFirstFileW` `FindNextFileW` `TerminateProcess` `RemoveDirectoryW` `GetModuleFileNameW` `FindClose` `WaitForSingleObject` `OpenProcess` `SetFileAttributesW` `CreateToolhelp32Snapshot` `Sleep` `GetLastError` `Process32NextW` `DeleteFileW` `Process32FirstW` `CopyFileW` `GetExitCodeProcess` `ReadFile` `SetLastError` `lstrlenW` `LocalAlloc` `GetFileAttributesW` `FormatMessageW` `GetDiskFreeSpaceExW` `GetCurrentDirectoryW` `SetCurrentDirectoryW` `MoveFileExW` `GetFileSize` `lstrcpyW` `lstrcmpiW` `lstrcmpW` `GetDriveTypeW` `InitializeCriticalSectionEx` `DecodePointer` `DeleteCriticalSection` `GetFullPathNameW` `HeapSize` `HeapReAlloc` `HeapDestroy` `EnterCriticalSection` `LeaveCriticalSection` `GetCurrentThreadId` `GlobalAlloc` `GlobalLock` `GlobalUnlock` `MulDiv` `GetSystemDirectoryW` `SetDllDirectoryW` `GetStdHandle` `AttachConsole` `FreeConsole` `GetConsoleWindow` `CreateMutexW` `ReleaseMutex` `InitializeCriticalSectionAndSpinCount` `AreFileApisANSI` `HeapCreate` `WriteFile` `InterlockedCompareExchange` `GetDiskFreeSpaceW` `OutputDebugStringA` `LockFile` `InitializeCriticalSection` `SetFilePointer` `GetFullPathNameA` `SetEndOfFile` `UnlockFileEx` `UnmapViewOfFile` `HeapValidate` `GetTempPathA` `HeapFree` `GetFileAttributesA` `GetFileAttributesExW` `OutputDebugStringW` `CreateFileA` `LoadLibraryA` `GetVersionExA` `DeleteFileA` `GetSystemInfo` `HeapCompact` `UnlockFile` `CreateFileMappingA` `LockFileEx` `GetCurrentProcessId` `SystemTimeToFileTime` `GetSystemTimeAsFileTime` `GetSystemTime` `FormatMessageA` `CreateFileMappingW` `MapViewOfFile` `QueryPerformanceCounter` `GetTickCount` `FlushFileBuffers` `SizeofResource` `LockResource` `LoadResource` `FindResourceW` `CreateEventW` `GetProcessHeap` `VerifyVersionInfoW` `GetUserDefaultLCID` `LCMapStringW` `DuplicateHandle` `ProcessIdToSessionId` `SetEvent` `TerminateThread` `GlobalFree` `CreateThread` `FindResourceExW` `ResetEvent` `GetThreadTimes` `QueryFullProcessImageNameW` `WaitForMultipleObjects` `GetFileSizeEx` `GetUserDefaultLangID` `GetUserDefaultUILanguage` `SetNamedPipeHandleState` `CreateNamedPipeW` `ConnectNamedPipe` `CreateDirectoryW` `SetFileTime` `LocalFileTimeToFileTime` `DosDateTimeToFileTime` `GetFileTime` `ReleaseSemaphore` `OpenSemaphoreW` `CreateSemaphoreW` `GetLocalTime` `GetTimeFormatW` `GetDateFormatW` `OpenMutexW` `GetTimeZoneInformation` `CreateSymbolicLinkW` `TryEnterCriticalSection` `QueryPerformanceFrequency` `GetCurrentThread` `SetFilePointerEx` `ResumeThread` `SignalObjectAndWait` `CreateTimerQueue` `VirtualFree` `VirtualAlloc` `FlushInstructionCache` `InterlockedPushEntrySList` `InterlockedPopEntrySList` `GetStartupInfoW` `IsDebuggerPresent` `InitializeSListHead` `IsProcessorFeaturePresent` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `GetLocaleInfoW` `CompareStringW` `GetCPInfo` `TlsFree` `TlsSetValue` `SwitchToThread` `TlsGetValue` `TlsAlloc` `WaitForSingleObjectEx` `GetStringTypeW` `EncodePointer` `LoadLibraryExA` `VirtualQuery` `VirtualProtect` `SetThreadPriority` `GetThreadPriority` `GetLogicalProcessorInformation` `CreateTimerQueueTimer` `ChangeTimerQueueTimer` `DeleteTimerQueueTimer` `GetNumaHighestNodeNumber` `GetProcessAffinityMask` `SetThreadAffinityMask` `RegisterWaitForSingleObject` `UnregisterWait` `FreeLibraryAndExitThread` `GetModuleHandleA` `LoadLibraryExW` `InterlockedFlushSList` `QueryDepthSList` `UnregisterWaitEx` `RtlUnwind` `GetFileType` `SetStdHandle` `GetModuleHandleExW` `ExitProcess` `GetACP` `IsValidLocale` `EnumSystemLocalesW` `GetConsoleMode` `ReadConsoleW` `GetConsoleCP` `FindFirstFileExW` `IsValidCodePage` `GetOEMCP` `GetCommandLineA` `GetCommandLineW` `GetEnvironmentStringsW` `VerSetConditionMask` `FreeEnvironmentStringsW` `SetEnvironmentVariableA` `WriteConsoleW` `HeapAlloc` `GetDiskFreeSpaceA`
USER32.dll	`IsWindow` `InvalidateRgn` `DispatchMessageW` `RedrawWindow` `ClientToScreen` `DestroyAcceleratorTable` `IsChild` `AttachThreadInput` `ShowWindow` `RegisterClassExW` `SetWindowTextW` `ScreenToClient` `CreateWindowExW` `FillRect` `DestroyWindow` `GetFocus` `GetWindow` `GetSysColor` `GetActiveWindow` `PostMessageW` `CallWindowProcW` `GetForegroundWindow` `MoveWindow` `CreateAcceleratorTableW` `SetFocus` `CharNextW` `DefWindowProcW` `GetMessageW` `PostQuitMessage` `GetWindowTextLengthW` `GetWindowThreadProcessId` `BringWindowToTop` `TranslateAcceleratorW` `TranslateMessage` `LoadCursorW` `GetClassNameW` `SetCapture` `SetWindowLongW` `GetClientRect` `GetDlgItem` `GetClassInfoExW` `GetParent` `RegisterWindowMessageW` `ReleaseCapture` `SetForegroundWindow` `InvalidateRect` `IsIconic` `BeginPaint` `EndPaint` `GetWindowTextW` `GetWindowRect` `GetDC` `SetWindowPos` `MessageBoxW` `SendMessageW` `GetDesktopWindow` `ReleaseDC` `UnregisterClassW` `GetWindowLongW` `wsprintfW` `PostThreadMessageW` `EnumWindows` `GetShellWindow` `AllowSetForegroundWindow` `LoadImageW` `SystemParametersInfoW` `EnableMenuItem` `LoadIconW` `GetSystemMetrics` `GetSystemMenu` `GetClassLongW` `AppendMenuW` `GetAsyncKeyState` `SetClassLongW`
GDI32.dll	`BitBlt` `CreateSolidBrush` `DeleteObject` `DeleteDC` `GetStockObject` `CreateCompatibleDC` `GetDeviceCaps` `CreateCompatibleBitmap` `SelectObject` `GetObjectW`
ADVAPI32.dll	`SetEntriesInAclW` `SetNamedSecurityInfoW` `GetNamedSecurityInfoW` `GetTokenInformation` `CreateWellKnownSid` `LookupPrivilegeValueW` `RegCloseKey` `AdjustTokenPrivileges` `RegCreateKeyExW` `RegFlushKey` `LookupAccountSidW` `RegSetValueExW` `RegOpenKeyExW` `EqualSid` `InitializeSecurityDescriptor` `FreeSid` `AllocateAndInitializeSid` `SetSecurityDescriptorDacl` `DuplicateTokenEx` `ConvertSidToStringSidW` `ImpersonateLoggedOnUser` `ConvertStringSidToSidW` `RevertToSelf` `CryptReleaseContext` `CryptGetHashParam` `CryptDestroyHash` `CryptHashData` `CryptCreateHash` `CryptAcquireContextW` `RegQueryValueExW` `GetUserNameW` `OpenProcessToken`
ole32.dll	`CoAddRefServerProcess` `OleRun` `CoReleaseServerProcess` `CoInitializeSecurity` `CoSetProxyBlanket` `CoUninitialize` `CoInitialize` `OleLockRunning` `CLSIDFromString` `OleInitialize` `CreateStreamOnHGlobal` `CLSIDFromProgID` `CoTaskMemAlloc` `OleUninitialize` `CoGetClassObject` `CoCreateInstance` `StringFromGUID2` `CoTaskMemFree` `CoCreateGuid` `CoInitializeEx`
OLEAUT32.dll	`#9` `#4` `#7` `#2` `#420` `#161` `#8` `#162` `#12` `#150` `#10` `#149` `#146` `#200` `#6`
CRYPT32.dll	`CertGetIssuerCertificateFromStore` `CertGetNameStringW`
WINTRUST.dll	`WTHelperGetProvSignerFromChain` `WTHelperGetProvCertFromChain` `WinVerifyTrust` `WTHelperProvDataFromStateData`
WININET.dll (delay-loaded)	`InternetCanonicalizeUrlW`

Delayed Imports

Attributes	`0x1`
Name	`WININET.dll`
ModuleHandle	`0x254d40`
DelayImportAddressTable	`0x254d14`
DelayImportNameTable	`0x24a3c0`
BoundDelayImportTable	`0x24a66c`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

104

Type	`CSS`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4125`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.07832`
MD5	`7c78973c915f36032696fdf7aec03a62`
SHA1	`8b97d334df0188ed2d423d295d8fb0decb0c2469`
SHA256	`bb9e634c550fa54e7b58f011a9182a52f36c93bc15e235c7d0d486617bd9a7c5`
SHA3	`7efca606655c6c2788668e8794cac72905cd5babf7d99bdcb4c4365ff1df49bb`

106

Type	`CSS`
Language	English - United States
Codepage	UNKNOWN
Size	`0xaf895`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.00713`
MD5	`4f3364af3e396f92a8826532bfb1a7e5`
SHA1	`7f7b613435ece78a358f2066287c2f2c3c6aa168`
SHA256	`45b9b77499356527e9047256db96a542a720bf075d67e9f6ba55d51fd562339e`
SHA3	`9b3b08caccd4a53ed1199b2255e0cf52124c837f6ea22bd76bbcecdc3013db2c`

153

Type	`CSS`
Language	English - United States
Codepage	UNKNOWN
Size	`0x391d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.94648`
MD5	`79f054b8449aa81463934c8222096d13`
SHA1	`03b74f26bbd0f8b36218bd1a14c71e11021e20df`
SHA256	`7393c3701ead6b4f7d303f985ce8c81597b89a66644ee829e1ff229e3459ee66`
SHA3	`3f8e3cb8a0bdb275744328b5badcf35d59544aa2acf243db600e4069c5bede81`

161

Type	`CSS`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa12`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.93153`
MD5	`1265d497504870d225452b3309b0e06b`
SHA1	`29a3b783e6f2f2cd3f6d08833b83c7848f8e3450`
SHA256	`4273a5d4ef990dead6cabe760c27b25f7fcf8a51177f1b31813ad8866a565330`
SHA3	`890b6622f9d83f9dd0bee5e9312cc6788c759803057d24ab70aee67fde7ff4d0`

130

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x109bc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4213`
MD5	`e31bb4d060dbc54389da6bb28563d32c`
SHA1	`74225ae9f23488dc0784796a7ab9ba0afcfd8a42`
SHA256	`03000343482070d46c57eac94a0422008bc9f7403bed7d437c83c7356a7221ad`
SHA3	`3d7bd5289d1d85ad6e638975af5d7d6541b6864c5eb59118f30f5ca9c447b519`

131

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x12e58`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44857`
MD5	`0c59256059b61cc20f0e9fb3d3def596`
SHA1	`d64239c69db83067f0143513bdbea4b29e48bd47`
SHA256	`148b64eb84f1393833e6f5c46f86a4a8e4518f96806d52dc8adbf6c33ac0a125`
SHA3	`660402cc996811f7603cf6b25015f4b18aefb95771774b902882e715e9d9ef03`

132

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x123be`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.45125`
MD5	`20240001bb1a24c98b4de4529641eedb`
SHA1	`d2e6cad95f1c6ca56c84943d8f07915335ed2f29`
SHA256	`85078bdc0dd7d01708680972cc46da4051303b8a8414c7276d88d053fbe16995`
SHA3	`c4737c07ad94d27447432594ba1259aacbdf9ee5e0cc8cde49c93c5b5298702c`

133

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0xddb6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.44534`
MD5	`7abfdd32277ff047c48956e5ec11468f`
SHA1	`e329127c0904106e79521ce82f2f0ec670494e09`
SHA256	`2554019b8b4a403386320b3353707673464afab9f3defca678c6d9231a701485`
SHA3	`89135c75e13e3cc00f3628876e20250b6c2354ec4f50ee69fc89f5ee729c8a4e`

134

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11f44`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41336`
MD5	`be2929b1f6630ec7f4ad7b107f4828a6`
SHA1	`8214a74fc685d46eea412bd6c5c7efe1cfeee0a5`
SHA256	`c85b9ba57125be20cd1a1bf68b7a989e8b919ecf9d760f3f96e358b1afd18e84`
SHA3	`8c3c3e3921fd89d593b6d2e782d528ff6d4a6129d07ba13cfe7d559c0e879162`

135

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x112ae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44271`
MD5	`a6aedaefd9171006332532274aff4e6e`
SHA1	`a1a965e71e6192b760cb6e1638a783b67870e0e8`
SHA256	`cbc2fd5e59b05023aa2d977e8c9e720657cbba5e6f7ef1816d29ea7d4aac1486`
SHA3	`c45bd814cb8cccf0b7a3434fbd1c34ef9d2e8aa2246ff6a59fdec0291abe397f`

136

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0xdbda`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.41301`
MD5	`954c3e813d6aa106200a6a6cc82d39d6`
SHA1	`dd62928347c243dba7c606738a4d05847759ccf9`
SHA256	`8614c547b5fceb11ee8de001bf11b839328f0ada683703afb47d1ef740425300`
SHA3	`d766988932315a3f0b6c731a5b23e642846bb3b57519a003fd096f0570dda192`

137

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11acc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4197`
MD5	`07eaed690479467726129a911d940953`
SHA1	`d343766681f9f79a22798386d6b17f9d0703a438`
SHA256	`19f985317d8a9ea2545568155e20cbe686ae33d21436a38827dfcd5784ab6421`
SHA3	`4a564c28bd69b7374769cf2468a26d690719c279c9ff37f9dc2dfd2a38197fdc`

138

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc414`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.30252`
MD5	`d2a9c6bec02576dad7879e0c7f05719d`
SHA1	`89ad5d8ecaca268b4066ceff7c84f2ff2a5f9332`
SHA256	`fc09a796e6ace50dd2e79184447ff258112355fedebb07a7ff9bf6b09d9dde3e`
SHA3	`9e75db585b6f3f3128408fe4a827174b6b0bcbfbc3b8f7ef60117e16317c4dcf`

139

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc584`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.33362`
MD5	`bdaf86403fb717a7255a8e34aa1bf5f5`
SHA1	`44406f3a0a7b10507355f0baf8a66b86191b134a`
SHA256	`fd255c548d3133fd43a7a18baaa3a722bff3056c1024ffcc3c75427ba6d6d106`
SHA3	`6d71a6105566d0bd1f363665e0680aa3856495e0601cc9efe5481a61192c67ba`

140

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11a28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42399`
MD5	`cedb1c242153bd34c7a23902ea5646f3`
SHA1	`385cd3df2292335ef6d65870ab6877226a37e102`
SHA256	`6a8f17539fe374dc36e45b081d9ead9f22cc688e51b959f8d1731bdccdd04421`
SHA3	`203769040a3380c8f056146b72b07a984197eba0e95f84f6ab8afd83f8f183a5`

141

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10e4a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.45207`
MD5	`ceff31da901d9e38fccf6e68d158cf5d`
SHA1	`9197f3c1f3a13a121e2b4631fa97d9e1f349a471`
SHA256	`1237c76e5a71ab5465180ef3bcf0effe130799db68199713c7156a9dbeb0d555`
SHA3	`b81f43ea3fa00b7004492588c7db5474fc9d744e59f1c5dbe5d293df5a7e788a`

142

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11256`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.60166`
MD5	`2d41f6711e86d778fb475361d9026e79`
SHA1	`e570a3fa7d7b7be1dea33ddfb64b8e9fe77281fa`
SHA256	`817ef19843fb31a9b37f5ee56ae370e7dbaff0d997945c5cde6bd05cf11b2e8c`
SHA3	`f8538f9dcabce9b4975bff631545a80b4b3e97e08d1cf1b2b4b553ed5e7e1857`

143

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x117a6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.58967`
MD5	`0d17ae1406628179747441adaae27be8`
SHA1	`0a2b9d00034e5291d7dfb73fd85d260902683cf6`
SHA256	`eaba45cfa31087c748972963993a10709dcc1e7f44839e759a56ac17c8ebfe70`
SHA3	`9718c081bdec61b0e9f894357534a240a1bd02cb9dafca6fc4412e8b2267ef78`

144

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11564`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.17158`
MD5	`b635c9d682275fadf628f68e7301711c`
SHA1	`d35319636ecd53a79830a2a90bf4e19685b66f68`
SHA256	`d90cdc63d732ead798e8af4d5a2aa0cd277518b3275206d56865bd3da62bca92`
SHA3	`d04010398cd971dd2db5e45758bbfb3817c4c5300d472e6e4753a5e07dc1397c`

145

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x110be`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.58646`
MD5	`1b456f23809731e410c3f6aa95089116`
SHA1	`6fc2d6e37be8ee248633d28d6a300cae840eb2db`
SHA256	`5f211d610c90b006bbac40a126b812382733a51e476c9e5f4f97133e5839412f`
SHA3	`817629c1ca02f1085ba3099d4e9c18ac819bb4e40bcf8311cdafbb5ee6fc224f`

146

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44343`
MD5	`da3a2618bc823df708f8ff322679ffe8`
SHA1	`c056e0b688b6a1579a6aea98bea24f8ac9003545`
SHA256	`e304c4c399392183567d5827dd32b74e5a349d0bf3174de913014623e3a3a50e`
SHA3	`f32021637bada0cc28a8e4323f11fa8d95bf5e396d412e7dc13089932d3d5e64`

147

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x110c2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44048`
MD5	`441f8d6e0c847e035929ea90191bce60`
SHA1	`ec114aee96eab28dc5c5d444394ac9a1487d55d8`
SHA256	`a2ea3a1e68ebec7615dfbee9989db0e9705013592d14aaed65bf2e204b3a6e34`
SHA3	`f750885cf90ce0dc395561d4e97c873e4a43ea9fcf7692611cd52e2cd973d323`

148

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x112a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4415`
MD5	`5809e9c0b73d227abace458310aa80f9`
SHA1	`4c5e317f6b579ca5ccea9395d14251be42a185af`
SHA256	`0add1b34061ea33b9fd4d9f631200451d27a95a0b49dbf43145f27b45bbbe562`
SHA3	`e832c9c4da1713e5ee948665c6e82375b0282fe49f51ebd32618e9a5350c74c4`

149

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11f44`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41341`
MD5	`d84f79b27e46838b3c77dee430350b89`
SHA1	`e4bc8c2ed5a20de022c45961c0a482fccee6d046`
SHA256	`61273e66afcf622a5f6ac311452e6e0b98fb3cdb3ff4ad244bb8b46644f034b3`
SHA3	`3a726261bbd2258866bd3067cc393103b1bb83b716b907f886a91566b990cae4`

150

Type	`DICTIONARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x123dc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4515`
MD5	`9ca9d126c1fb1c94751d7157d60f92bc`
SHA1	`117852dda119c0af4d17b76cf45218357fdaebd7`
SHA256	`589b53a41e0d59c87054c0ccf3cc4eaf882024ae367d782d512bbc06e2765d01`
SHA3	`eed3524ef2887f60401d509b01225436fb39dcb082243bae3320c68f7905d6af`

110

Type	`GIF`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03149`
Detected Filetype	GIF graphic file
MD5	`325472601571f31e1bf00674c368d335`
SHA1	`2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a`
SHA256	`b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b`
SHA3	`afacd2b83f042f49e137cdd6d628d4da182929428180855ed51136a8479f5ea3`

127

Type	`GIF`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4b1a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.80744`
Detected Filetype	GIF graphic file
MD5	`7699a4c54b1f5515a64e93fe3f801321`
SHA1	`2e51f7e1a331d921eaf15bd7dc9721a742984d47`
SHA256	`9146e2390273ac868609dac1be7f1a0458b7d4f7ecdfe1eaec107b3211f33aa2`
SHA3	`a80cbe5dba69ca119a4eba793244fa4761114cddf68950c5d8997d4cfcdf714c`

128

Type	`GIF`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe622`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.90998`
Detected Filetype	GIF graphic file
MD5	`f5dad4bc08409591d0420aaa18a044ea`
SHA1	`f497cd492156d0c8c056d9d0dee1f47ee7f012c6`
SHA256	`2b3ae69a0e9301661be037690ac9682f898e288b70ca40acbfbd0e3c3cb43bc0`
SHA3	`d376a236b12953459893fe6eef1847b45de0d081edc3901e26aefdbcfcbe6972`

103

Type	`JS`
Language	English - United States
Codepage	UNKNOWN
Size	`0xde28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.03742`
MD5	`38c26016189d4d1b68fa10c54050e53c`
SHA1	`081bd6a4e2e0831750e2fb8ad5af07cc9f8b112e`
SHA256	`8720e510401d8830f4324b4ab2f9e50acc91afab981e43e90688afac9eabc3e5`
SHA3	`e207fd1bd859875f6498b00bba9e52ca89ff64b2b4513c36091345999ca16a01`

107

Type	`JS`
Language	English - United States
Codepage	UNKNOWN
Size	`0x16dc5`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.293`
MD5	`e1288116312e4728f98923c79b034b67`
SHA1	`8b6babff47b8a9793f37036fd1b1a3ad41d38423`
SHA256	`ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32`
SHA3	`e1b6e1b3ae5e3a3ac93bb9c9da498fee7d29f426ef3f03792bd906092d74bb4e`

108

Type	`JS`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3984`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.01521`
MD5	`ab3adf4aff09a1c562a29db05795c8ab`
SHA1	`f6c3f470aea0678945cb889f518a0e9a5ce44342`
SHA256	`d05e193674c6fc31de0503cbc0b152600f22689ad7ad72adb35fcc7c25d4b01b`
SHA3	`8227f7310b58a15213072a11b8d3ae3369397ffc69e8d886e61e2d67bbdc6cc5`

109

Type	`JS`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe7a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00095`
MD5	`e13f16e89fff39422bbb2cb08a015d30`
SHA1	`e7cacaf84f53997dd096afd1c5f350fd3e7c6ce9`
SHA256	`24320add10244d1834052c7e75b853aa2d164601c9d09220a9f9ac1f0ae44afe`
SHA3	`f8f8cb9fe62508d7100c5a2370223b5910e57a8f5da179f216ef0e3d522ca9d2`

152

Type	`JS`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7358`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.00884`
MD5	`d533ddf54f159dc1f63336a26cfd896d`
SHA1	`e1e9eeb5ad93e33acf98742f49612fb2364df8b2`
SHA256	`2ccaac5eab4669abbd1bc5f9fd9736cfbebe3e7307dbefe9040cbc3a65ad4919`
SHA3	`f82502110fe406f4b7f3100fa6d1ed00792f6f63b0dd405cb9434d089a01a62e`

163

Type	`JS`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa48`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.12624`
MD5	`d98f70ffd105672292755a37f173c2ec`
SHA1	`c0154add295ac052f234a0282a62b704cdd01998`
SHA256	`257a42f797f140667c81930001e73943bfc243d50bcc775f75d0334a2d2cf2c3`
SHA3	`5668cb9f75228a4931af663a5136a7e62e3c109a2495ea630288e93627b60b27`

111

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x9f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.90522`
Detected Filetype	PNG graphic file
MD5	`c798f5f4b98fd335a77e600ce21e32dc`
SHA1	`3db71eb6d87c8a4fcc6fded25d420cf7ea79231d`
SHA256	`9b249680adc23b858b08a62ea83fd8373e3480ff6f9120195314897c6e5f2cea`
SHA3	`80a7403eebbf2998d93bc7f883d8af5ff7115226427056c2780b08357986d71a`

112

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1ac2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94668`
Detected Filetype	PNG graphic file
MD5	`2ef18565aa93c7a0cb24a4852aba0911`
SHA1	`0cf3ae591cdd4ebf985454bcd99872d86791eccf`
SHA256	`6db5d7eb5148243202715c337ec751b8816c0e689fff4a97e57cd47fb283d92c`
SHA3	`8ecdfc154c5890d29a6982933c3289be5e52cacdcdbf3fa8a39f79709cba5532`

113

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x226`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.4944`
Detected Filetype	PNG graphic file
MD5	`8d2c84506f3f48a810eb7232dc000d6f`
SHA1	`f4a238c1f7c02c7c907368b939efba7512c6be5a`
SHA256	`c4620bc8b293dd89db628d2002ef9fe02055e2d1cff1f07e18a3e2e4942ab7f1`
SHA3	`cb22a78f6154f6ab8eb76dfa2d49e6fbed30d0e230c6dfcbd24c0c27e980751d`

114

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.7621`
Detected Filetype	PNG graphic file
MD5	`8f59e78c9d29fe27d2461e3694ca19da`
SHA1	`4215e6467068ebda3a7657f45933c8e3a6b8848d`
SHA256	`9e7705ea53ca1437f73e64b58d434ebd653dfbdf39898eb551bd637701cb357d`
SHA3	`d7e2b3911f929165b74c9f86f61e1c4a3fbfc6f59ab88ec902411055142bfcf4`

115

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x127`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.0091`
Detected Filetype	PNG graphic file
MD5	`7ae9fb845b9137ef10002fe9d0f5c643`
SHA1	`9f3fa2b29b1b40e1b6794e5d624524de297a8b59`
SHA256	`e9e5fc264337bf6845b2cf2720ddcde8936cb120328087917bf94c5911edd74a`
SHA3	`bdf59cbc940280f6de26d3cb8333a76ebb05d9fe8b6db6a1363e2c126680f65c`

116

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x213`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.42559`
Detected Filetype	PNG graphic file
MD5	`1b46e3cd914d5e0a8647eb648e3969cf`
SHA1	`37a8f941f9d5717cb7108f976f9e16438afe24f4`
SHA256	`4d9aea82fa1e55f787fcacb17c893a7ea730ef44bf1e6696f284629b92b210f0`
SHA3	`769375bd16c06dfebe6f4011b59ad9c657d249c119f39ba77fddc92e6e935b07`

119

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.3262`
Detected Filetype	PNG graphic file
MD5	`7978536150734ceffaf0720837e8b302`
SHA1	`7c11361af6e41d00beffaf4ef9e677506b32164d`
SHA256	`5d10637927b7a623428560eaf18fb8eaf439cd8731199c3b4d251b9846841183`
SHA3	`cb1d36d9fe251b457f6ce1095d09a0b2d8ad927adce3e4ddeed8cbb1768b6f9a`

120

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3fd`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.70355`
Detected Filetype	PNG graphic file
MD5	`343b161e7996221bfbe4321a62628a29`
SHA1	`f072095a70ae958572d662958feb1200baea174f`
SHA256	`6385151b79e3ba406fb11027be016d42a8a0ce9d65012dbfc5d00a4fd5a1fc28`
SHA3	`78092f0e79709169693b63524e90ebc72fbe40a1f291dc429e99f36ffd03869d`

121

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa7`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.10146`
Detected Filetype	PNG graphic file
MD5	`d13cecc413374c4ddc22a9edacde8a11`
SHA1	`981295dd1f713584591716a6e753346b8a89215a`
SHA256	`b9c9ae215daf1bb5b6692f527375207aedc138891947e5f6c1c6b549c2ebf39a`
SHA3	`6600e2ff303330f12f991b77c7895f73f8b6792f68e793355924cc544260f72e`

122

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xfc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.68965`
Detected Filetype	PNG graphic file
MD5	`42fb1ea073a33e5da9653529f46f66b0`
SHA1	`bf1837615c2e9d12c9dcc2869d05d3f0106a9de9`
SHA256	`d708b7b1c4a46677c4a9b82f81ad79067b9bbb133da43e797bba9679b21ed929`
SHA3	`963423f4a76e8d551cd796ccaa77222bf7798ad9dccb949d7254788341414d92`

123

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x13d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.90778`
Detected Filetype	PNG graphic file
MD5	`9f7974bbcc96f12769c1856045eb7bc7`
SHA1	`fa0b9b9d709718839ea525ab838260a4e124fb1d`
SHA256	`e7fcff2549114496e8141f46a7606f740bbadf22c9ad818c40d9ff9b9ea12198`
SHA3	`00be844f5803151347c86ba7139619cb2be43d7ed575e082a7513ba4aa7cdd0c`

124

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.4941`
Detected Filetype	PNG graphic file
MD5	`5e46e67c30c83f2e9278cc8f658bc74d`
SHA1	`621a956fd3ebb761469220c2eff56ba8d1149b28`
SHA256	`5985fe4917d51a2271d6019805313a1c2d48fa6eeb29228c7a19664255920621`
SHA3	`27d8d3a0f5ca3b38de0de51721cb9d0c5135e562429a9f3988a41dfb6b83ce80`

125

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.63735`
Detected Filetype	PNG graphic file
MD5	`ee8599707751befddb2b94bc79525c15`
SHA1	`e118b48e25fe42d933377b03fb5a9a710e1c5caa`
SHA256	`c1f6844923f7c311d996d81eed6d8e769d52df6d95c898187d92997abbb2770b`
SHA3	`68b6bcf7d5da39b1e1a9f13c26c7629d7c196ba476b7504e848670c95bdeb95d`

126

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x187`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.26639`
Detected Filetype	PNG graphic file
MD5	`4071c682a19e2f47bb65e9aa485b8494`
SHA1	`222c3ee704f04256c07c341bbad49ecceb4acbd1`
SHA256	`5352b611b89eec98f0bd9017e420580f58fbe31cfed730d758c63dfbfeff8117`
SHA3	`9dfb3c7c7b470c99ae689571413a9362a0585862b0e599f5d27fd3faef38d931`

154

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xab5`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.85493`
Detected Filetype	PNG graphic file
MD5	`26e9b0fe7397d9c072da92fcf6951b11`
SHA1	`4ee24ef82e7ee4fcc980e3caeca90b6e0d99b59f`
SHA256	`e4c2314a50cf372465c97d955645455ccad1911eed45ff2c2de5a310316ab15e`
SHA3	`abbaacfff7b25332262067240cae41c8b51f794208d5dfb16838816cad22b930`

155

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x28e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.55792`
Detected Filetype	PNG graphic file
MD5	`13b5f5e052334e0ad6d31845fc859e3d`
SHA1	`b71022382904d194a5d8f5cb3b1d0dd92e254b16`
SHA256	`87fd64c46642058fb6d7ae4ab2c71ba5df7ce12ffb8b9383edc7bb7a673f0306`
SHA3	`7c18ab7fa137ee7cebe82b3d14a18cfdc4985621167b70b98ceac49f4d2a6095`

156

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4f1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.71488`
Detected Filetype	PNG graphic file
MD5	`34b670a842dff811281e3e619a0434a5`
SHA1	`9f239be72c7aece20ae08623260dd660ecb6503c`
SHA256	`8794d5ae6dbc5264a3592195e6b1e081f74734a950b02a4325b8899b35f78d07`
SHA3	`50a6f68fc3eb5679ee2610eabf99cd3f2541f85b7a7c09eae96b444e8c85e802`

157

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x16c3`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.92856`
Detected Filetype	PNG graphic file
MD5	`14d2959a1591466fee33784d9cd5ef1e`
SHA1	`4b69e3889ec3852123c9d47b927c97bf4a3b260f`
SHA256	`99da78dbe5bd8d904dd16208405b90c3103b4586796cae32539c3baf6fa3c216`
SHA3	`ab162831ff06decc3158c9a5e5bd815f2685a9bc32bf36a5a7df1e0b35e591b7`

158

Type	`SVG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x121`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.11754`
MD5	`4585f70294e7b625dcd1ea8c585067a5`
SHA1	`11c92ae523b0c588c5469814b0c3c7778cb3f133`
SHA256	`7e58a1cce147df03605a92ffda1b88ca26005c09d1eb9ae56f37accdebbfe348`
SHA3	`fb5634bf33386f084acc059d5657bb4fe50e5edbb842e7e23ece9015cd0b95b0`

159

Type	`SVG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.17012`
MD5	`3530c5040ac9af92cd0a7d347f764593`
SHA1	`b815ef3654ec2c677e8f8f68d8527b6d8142b4e9`
SHA256	`daf26ad61aee6152cf7c0e8f2d3936d0c220de2a3c329e6ce0fcc007cb64ca51`
SHA3	`ea43e9bf38779c4976d737f0d441a2c92e715f3f29f6c65ae27bb17fb536abe1`

160

Type	`SVG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2ed`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.47618`
MD5	`e7b1717b9eba236b9c12be7a980b5b40`
SHA1	`f1baa3f41ffa5dfff320b7e289964cec54f19a99`
SHA256	`2a48e8db0f3991de1088936f56c583fe615fae4b9e14f4ebe2b33d29138088f3`
SHA3	`73909a1b2562d86784d58c9051f0a40223a537eb6e5b65898b2fdc261fbd5ef9`

162

Type	`SVG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3be`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.38116`
MD5	`332816d7725fc31725b678cff1cb6dcc`
SHA1	`876f938efb86c1bb1733b47ec279335de97576da`
SHA256	`8b5469642507c00b9130bf7ed17a1e4d221e2a93dfd4d2972163650c4e94d714`
SHA3	`5156a317aaef915a8c1cd77c79516274bcc157f6ae7638bb143904d90420ca4b`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa8c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.63008`
Detected Filetype	PNG graphic file
MD5	`51d4520d0056dd78ab6030f864ec38dd`
SHA1	`3abad058263f068ef1138e7b7f4f1e4f19c3e2bc`
SHA256	`e7696d6f343d7fce61790194f4cdbae5352802f91dc77abe11df52ff9667b694`
SHA3	`7ada1217fa1603e2c53a1104d7f0f6f505eb01db6ed4adbbc210549c0de2c076`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0532`
MD5	`c86c7954917a522e19993100c1f58b4e`
SHA1	`d65521b4fcbb0cd5ddf76c935faaae20c8ee36e2`
SHA256	`9e149fad424d365c899572aa296bf7f0508541cb5a4ad5794fc18e31ac9da756`
SHA3	`b4a748be55d5e5a9a469985dc7f67bffff924728dd64f6e140d2e7bd71d05d74`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.30056`
MD5	`e659557bc290ea500fb81a0e201e9aeb`
SHA1	`9703a758c26e6d9db6ac9211bbcb896e36671614`
SHA256	`5d788c89a6bb483a45d6419797eb379ac6a19ede3e72757faa260b0c03894523`
SHA3	`3df8af9e9746238ba20f3ee531243a968694268aea90f8ef464b74c11bd44eb5`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.41941`
MD5	`c4eb869be735c32ef365cbb40d78b7b2`
SHA1	`2accdbbcb10eeae85374ce61eefbfb9fcde4d2cb`
SHA256	`d27e623bf3e84226ae260a8afe0aa2beaffb1eb82fa76611a31c5b8945f41fbd`
SHA3	`4b0a7e48fc282a6b8167f2b5043ba14551c34fc2d032b5b5fe26dadcd6c33856`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.63697`
MD5	`e29d96cbe83ff4d632d10de953f7f016`
SHA1	`5d4bbb1a0127fb0725b4d5e3b5fa064ec4906581`
SHA256	`fd3e7c56697c473a437e44106bcb3ce6270f37ae480f8fac3e4d1a69ff2dbf04`
SHA3	`49920c39781ff17440cbdd1903d6c8dc8068c84a1d12f90704c0a7627571bd59`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9739`
MD5	`0ff3165a66f0dde7b91977034c7584c2`
SHA1	`6fe7e5482ec702f275f13617ddbadce6377485ac`
SHA256	`4093f18b49c4b6b1fe693c6f815860f55e3a124cc2b9897b760d056ee42c4b57`
SHA3	`86db17ab2d6f00a29b69b08aa7297469393b264fbbc57d3c993ee6ef95a010fa`

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.8213`
Detected Filetype	Icon file
MD5	`4b784dc80c9a63e0229152169ca0cd19`
SHA1	`090d4dc9c6f9e84b6ae2593fb83bdd6e9f1df435`
SHA256	`8b3697e98e4a8ff04c68c3a54f2aedc687ac088b164eec09280675a13f63334b`
SHA3	`a9e1ce93528e2245f6969a8a3280aa22799afffd7eda755be68493ba3361f9f3`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x304`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.40832`
MD5	`e2b72b91843b9ec883a97dcbc3afdef1`
SHA1	`5cadb65980ad93367155a6902c53fe01a739f21e`
SHA256	`2f5a74c4119a1e4ac8712c39a3d8721368a308f15b3d929f6e6b34fce4ec7630`
SHA3	`2d341685e47e00c6f03c9baf979b5fa0aa8955d2319407cc1ce4d59b7df572c0`

102

Type	`RT_HTML`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22b9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.39077`
MD5	`f4b7942d6563727bd614f10da0f38445`
SHA1	`84f22240f7a5ed1c23b09e8677ac2ac3cd4e26f9`
SHA256	`e4bedde22ed405d291c746440a824d5f8527fb232e7a6be2ed9a76465d82f8dc`
SHA3	`b950c56923dd2edba931d47ac21e1ba6e83b66474fbc88d927dc487f7986915e`

151

Type	`RT_HTML`
Language	English - United States
Codepage	UNKNOWN
Size	`0x13b7`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.18685`
MD5	`d78782451d45883772a196d3897eb164`
SHA1	`aa2f7252c3db9b9c9a91ccbeb4cbbc03295a905a`
SHA256	`05f00418cca67ed5b176e9ff4fe39d8d542bdb8fb11b119f9e021d2dac36bb36`
SHA3	`aa743cd1c6662c5042dbe0593c5c7f456ac1e08db0cc25237910ce4ba35ffc88`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x813`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.1674`
MD5	`02dc00ac1a8debbcbd7922efa6508447`
SHA1	`cbe08af121822dc0e826f92059e62bd60ece375c`
SHA256	`f916797f99304665dd1312489b5e6e53b8180dab9b779e8eed6f7fcb9c8fb250`
SHA3	`0e9307e39489d1c3deabace748864140d23269e5d6fe0f4d718257a8f418053c`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	4.9.0.504
ProductVersion	4.9.0.504
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_DLL`
Language	English - United States
CompanyName	Adobe Inc.
FileDescription	Adobe Installer
FileVersion (#2)	4.9.0.504
InternalName	Adobe Installer
LegalCopyright	© 2015-2019 Adobe. All rights reserved.
OriginalFilename	Adobe Installer
ProductName	Adobe Installer
ProductVersion (#2)	4.9.0.504

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2019-Jul-05 10:54:07
Version	`0.0`
SizeofData	`91`
AddressOfRawData	`0x2319d8`
PointerToRawData	`0x2307d8`
Referenced File	C:\builds\ACC\GM\source\dev\target\win32\Release\HDCore\Set-up.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2019-Jul-05 10:54:07
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x231a34`
PointerToRawData	`0x230834`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2019-Jul-05 10:54:07
Version	`0.0`
SizeofData	`1132`
AddressOfRawData	`0x231a48`
PointerToRawData	`0x230848`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2019-Jul-05 10:54:07
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x65e000`
EndAddressOfRawData	`0x65e008`
AddressOfIndex	`0x6586a8`
AddressOfCallbacks	`0x5dfc2c`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x5c`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x64d078`
SEHandlerTable	`0x6308c0`
SEHandlerCount	`1094`

RICH Header

XOR Key	`0xf4bd1d04`
Unmarked objects	`0`
241 (40116)	`21`
243 (40116)	`200`
242 (40116)	`32`
C++ objects (23013)	`4`
199 (41118)	`1`
ASM objects (VS2015 UPD3 build 24123)	`25`
C objects (VS2015 UPD3 build 24123)	`39`
C++ objects (VS2015 UPD3 build 24123)	`135`
C objects (65501)	`9`
C++ objects (VS2015 UPD3.1 build 24215)	`24`
C objects (VS2015 UPD1 build 23506)	`1`
C++ objects (VS2015 UPD1 build 23506)	`8`
208 (65501)	`2`
Imports (65501)	`35`
Total imports	`528`
265 (VS2015 UPD3.1 build 24215)	`200`
Resource objects (VS2015 UPD3 build 24210)	`1`
151	`1`
Linker (VS2015 UPD3.1 build 24215)	`1`