adcb904556f0bc995a1e7f206771fb9b56f29c379c7346a1601a5592231118a5

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2009-Aug-15 19:29:32
Detected languages English - United States
Comments This installation was built with Inno Setup.
CompanyName Redragon
FileDescription
FileVersion
LegalCopyright
ProductName
ProductVersion

Plugin Output

Suspicious The PE is possibly packed. Unusual section name found: .itext
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryExW
  • GetProcAddress
  • LoadLibraryW
 Can access the registry:
  • RegQueryValueExW
  • RegOpenKeyExW
  • RegCloseKey
 Possibly launches other programs:
  • CreateProcessW
 Memory manipulation functions often used by packers:
  • VirtualAlloc
  • VirtualProtect
 Functions related to the privilege level:
  • OpenProcessToken
  • AdjustTokenPrivileges
 Can shut the system down or lock the screen:
  • ExitWindowsEx
Suspicious The file contains overlay data. 2888971 bytes of data starting at offset 0x34200.
The overlay data has an entropy of 7.99994 and is possibly compressed or encrypted.
Overlay data amounts for 93.1183% of the executable.
Safe VirusTotal score: 0/72 (Scanned on 2026-01-02 15:20:41) All the AVs think this file is safe.

Hashes

MD5 c801d2d26883ab10197c86cc2a542211
SHA1 9bdec068ada7cd44bae683394d6cea33f8167501
SHA256 adcb904556f0bc995a1e7f206771fb9b56f29c379c7346a1601a5592231118a5
SHA3 18cf23854262b553357bfb96ad29dc80201acc2b89d4887b12434ea9e186343e
SSDeep 49152:tEgc9+1Dd50d1DycfatvDjttEp7IYej9WEj4uZ1HwJUX89Xu:GREdmDyciLWp7IYehMUs9Xu
Imports Hash 9d8fb47598991ad8c0094898c32a6c3b

DOS Header

e_magic MZ
e_cblp 0x50
e_cp 0x2
e_crlc 0
e_cparhdr 0x4
e_minalloc 0xf
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0x1a
e_oemid 0
e_oeminfo 0
e_lfanew 0x100

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 9
TimeDateStamp 2009-Aug-15 19:29:32
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 2.0
SizeOfCode 0x15000
SizeOfInitializedData 0x1ee00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000163C4 (Section: .itext)
BaseOfCode 0x1000
BaseOfData 0x17000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.0
ImageVersion 6.0
SubsystemVersion 5.0
Win32VersionValue 0
SizeOfImage 0x40000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x4000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 cda3f5db2a563079f68ff49207a072e8
SHA1 7f8a97dc635c8a71069c3a7b7cdb06cc9bea59cd
SHA256 1d5aae4bc6f41b1bd3e9ade5730db8051d18572ef8e402107678d84d7eff584f
SHA3 f3fbb6e288c2d9323a3e7325b5a4c73d304c9dfd1bcbf486adde37fcbae10bb2
VirtualSize 0x143d4
VirtualAddress 0x1000
SizeOfRawData 0x14400
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.47911

.itext

MD5 751be2588cbfe7e40eb201c2cff8a4c7
SHA1 830a360a320c6cd9bcabbb7d06ab8c0ff82f5857
SHA256 f2ae11f289056d567c4856febca97253f8e97d3daa79b17a6229d2afdbe792de
SHA3 a2fedf08547663f5a64ebe402074dd8640ecaa89b391b23a4ee32591d4f10816
VirtualSize 0xb2c
VirtualAddress 0x16000
SizeOfRawData 0xc00
PointerToRawData 0x14800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.7344

.data

MD5 e62932c7214c54c4c642c26544c71fc3
SHA1 98901d465b7cf7322d0f22d9a73e340c1219f772
SHA256 f128330e01595cbd0310d68e9271f5a80437cde1903594784def728adae54c84
SHA3 6cc96dffdfd9c92ec1ef025d7d86cd6687271841cfd98f5f9f655352580d3c08
VirtualSize 0xd9c
VirtualAddress 0x17000
SizeOfRawData 0xe00
PointerToRawData 0x15400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.66817

.bss

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x56d8
VirtualAddress 0x18000
SizeOfRawData 0
PointerToRawData 0x16200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata

MD5 0c8776d0bdc06df93ba1292a2e0aaaeb
SHA1 2a3cebdb8091f4c4fe323bfa640aceddd63dfb5b
SHA256 118b86e5e72a3d5c124bd06f1ed5b6406408fbf0138ec1511769a8c7dc1456c4
SHA3 86216d9bad395500accc0599691e80473b6dc965b47fb500da11a5c17c02cf2d
VirtualSize 0xf96
VirtualAddress 0x1e000
SizeOfRawData 0x1000
PointerToRawData 0x16200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.96271

.tls

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x8
VirtualAddress 0x1f000
SizeOfRawData 0
PointerToRawData 0x17200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata

MD5 3746f5876803f8f30db5bb2deb8772ae
SHA1 65e8dad930c8c32d40ca9aff4890630f20d87074
SHA256 9c8a4b346c5df43a9f90f5d15227c2dea3e7dfabfbe8402bcba85c3b2e9c84ae
SHA3 956c3695e53f796282349fc0b391c557d3f9bef6abb0d58045dacccc70b3a4cf
VirtualSize 0x18
VirtualAddress 0x20000
SizeOfRawData 0x200
PointerToRawData 0x17200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 0.190489

.reloc

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x1954
VirtualAddress 0x21000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc

MD5 1b57251c1d0612b7728dd066c89eb061
SHA1 9001596cb362868e9c79464823486c209ea3b197
SHA256 9616d901da7bb24835a2aa00f885cff20463cd0090aff860f36520d15a2e43a2
SHA3 f8c01f3cc54bca25f6dcb8d4f5bfec57f4e4669e60c98311b8dc14a333d3b579
VirtualSize 0x1cd94
VirtualAddress 0x23000
SizeOfRawData 0x1ce00
PointerToRawData 0x17400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.75965

Imports

oleaut32.dll SysFreeString
SysReAllocStringLen
SysAllocStringLen
advapi32.dll RegQueryValueExW
RegOpenKeyExW
RegCloseKey
user32.dll GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
kernel32.dll GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
kernel32.dll (#2) GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
user32.dll (#2) GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
kernel32.dll (#3) GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
advapi32.dll (#2) RegQueryValueExW
RegOpenKeyExW
RegCloseKey
comctl32.dll InitCommonControls
kernel32.dll (#4) GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
advapi32.dll (#3) RegQueryValueExW
RegOpenKeyExW
RegCloseKey
oleaut32.dll (#2) SysFreeString
SysReAllocStringLen
SysAllocStringLen

Delayed Imports

1

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.82398
MD5 3e86124875da2aedeed912c6a69556b1
SHA1 79fa3241b1dca9dc7fb31081f05cd640149bff60
SHA256 9db956b04d7164185452585e400bf831b9530ed0ad1f9720aaacd9acf85870ff
SHA3 10b5c42b7cc5dc1b3cea79b8e9621e8a68e3d3c1e2df89f332aff7eb6b6b196b

2

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.40708
MD5 2d1b64b47a5756041bcd7170d531923f
SHA1 f8422c03793b70987c1ed5fa458a22a88efdb1b9
SHA256 63f5596caf6c6312b7ff850bb1b964b6ca837e7a08110673996191eb3fb7ecc8
SHA3 6aa2230ad76e4366afaf77d1609d3817cb0ad554bf0615b989086b7ef68650af

3

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.26655
MD5 8005a94df408359f624da728be2c14c9
SHA1 a780406ff3ce1cddcd36940755295b9f604495e9
SHA256 b7604aa69f81d99826be624f0af4daf35d2104f11faf9549aa8721d9a5fd4cc7
SHA3 92b805af4cb76769bd3b6f541d501e98c81d2804ed8e8355a507674d230371ae

4

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.85038
MD5 1353a5b8fc7d4d533e176e3894a33e82
SHA1 43c62fb5b341116210ebc8aafbb98b6981f32739
SHA256 2b1d3ea01c626cc8508bd859b7428fc2d1bce64fd4a927ed21e3cba79ef4db24
SHA3 dedb94391025239306c946d75020a5e05ef45a977b9160a1772234a36e0cf7ae

5

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.13484
MD5 148951b966a7b252e3004d733b7d208d
SHA1 44412aae0f4aaee18429a8287eb21b5394c92be1
SHA256 13bf8445ddace00b2ed0577c265133c0e8c0e0f45dd5c05d6599db0cca30bc34
SHA3 1b0790b1c1876e1620726b81a1c87cb92641955f570040cea2dae48b84abaab9

6

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x6373
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.97718
Detected Filetype PNG graphic file
MD5 ee99db517df214a5f5fcc62157cc79ed
SHA1 a8e2df501e68c5662d77d5f2b4ed0c09c6df5739
SHA256 a91a65635d5477a6bfc4aeb5eb804d14ec83125a7db5d9ceb2023bdac4687392
SHA3 478e3a09e7d07be6fb643a93568b56f91cefb35604b85262d35dc3422e4de5fa

7

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.71366
MD5 53a63331f0d4a11877320e5ebaa16810
SHA1 15386d9c646f9dffdc76fb5328bd09395f5055fa
SHA256 539906251a14b3542c369e3843f28a438ff11a266523ae15d93611a80691c492
SHA3 e5ed82e3c62b6689b8c123b404851995b94033f4ecf982df105ec18ad1d57a82

8

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.82301
MD5 1b543c9e1f980cc2be52c05f61d54dec
SHA1 c3fdd173ab6c98d01f2975ddce4cfb10864266c2
SHA256 46c6f5054280e5769bd42b24484a16e9abab80a66d13c1a647b371fda1050a2f
SHA3 8c738123c44aa76384e6b7814b64e190acd9c24368357b1816fb2e1a915f5e58

9

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x1a68
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.92447
MD5 aff1c6c4d120879946e67a2781b5b185
SHA1 04c0e0b0ccc0fc3f9404f7b1de92a07def8bb0f3
SHA256 7b5c5a96e2708be3b62f068f88ca79962e57d26b2076dbc73a896454108a67bc
SHA3 51fc08b101a0cd2654a06ffe1a4fb2b1525549304fa1b70f3e2f5beb95562d20

10

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.11168
MD5 5635c6bd00c9d52b35b99def47973d29
SHA1 0c8edf18b8616cfc614e52942346c1e4c1d1a363
SHA256 90e2578ed29d72c2c72b5bb9d4127e613b91a2bcc521ea8ab230a5a5c5406c23
SHA3 25a06efbb942152136e2460a863647866d3a123bdb909fe18ec1b46f94b1e0dd

11

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.24388
MD5 1da45b222d4c5a09c656d71ff664542f
SHA1 7b68f288da39ab0e13bcefaa2e0271d2bdfc200f
SHA256 f50235444ce55f51a1da54537b4320ac72a0a12dd4d6aeb0d75f1edf4657e2ce
SHA3 0d0fdd9500a60f4d0bb286c4134b7d09fc472e52ce55989a75617b6f93f7a489

12

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x6b8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.23909
MD5 bea6b006bcb7545519f7e2d86c23e055
SHA1 691570156f677da373a174e7002e4fa6e720ca5c
SHA256 849d4101fd5ab84c55a32e996a63b5915fe484b64e833a50af769585427c88f6
SHA3 786777554b982ccc9c23472313a811e9d15d73353717baec7f0d6321d096c070

13

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.24308
MD5 f9c97018b464f6be57fb7bcd65998004
SHA1 da653883f6e56cc5a2c2ebcd6804d45cdb3ed4e4
SHA256 f708e8734c4e390cbc72947627587e0de0f684dab0553ec1cbdd2c4b6b98a726
SHA3 e8614f0072a6e39489ddd14279e32e72fdb5f9c3f6a83c6f79b83515411f19c8

4091

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xc4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.13038
MD5 d2772bcc007d8465cf41352da64ed008
SHA1 3cb80c1ec7e649f89f425b6d7fdd11dd5333e052
SHA256 57fbdcb9b1d61d1269f5e9bc3e4f325029bd89778123d7703251761eebe26dea
SHA3 28c495a2cc8d92c07ea21db55f8e6ea142d60465f042d175b590db37884f5eb4

4092

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xcc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.36196
MD5 1bb1699f3e79a261a1cb71a60a1ace7c
SHA1 268f9a2602e1187b881d96db521e82c8d051d656
SHA256 a073bc06540956a93a3ef6eaa7d558de6f92de721edd29d6a93551a0fab23c08
SHA3 a0d833ced8297a2d82be5b80dd79fa9f61b84033377016f4c588ff2cfc168cf9

4093

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x174
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.34841
MD5 b6bedb71d6a6fa5215e4afdd1e983bdc
SHA1 7541a76c3ab32506ab00c3ab56076bf01532b267
SHA256 203e2c213958348f4911dd2e3188ea694f7d1d97f9ea9a82f89f5ee7af8c9607
SHA3 3ad5273f1d88b58db23b17b0ecd52f1280b9c279f64aad4404f5487b5d8f264e

4094

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x39c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.29351
MD5 0b1533b447231c6319c4a10d84508e60
SHA1 f5477d91942bfe92a5dc3c46897a66fb663a124f
SHA256 6fa3bbc46b4cc3a979f4ebfc293c50453912eb51ef76d2ea3c7d3d86d7223e86
SHA3 aed1581927a66228d158a903e015bdfa9a12e44865ff24c991ba8e2c1a9de8c1

4095

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x34c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.34579
MD5 2596d19a6b88cbba9c9c9cb003affbc6
SHA1 37091a716fd1eed000e0c3bb195fbd589a750608
SHA256 7f63f3f944a0b62f8f3b35a60141081599f7f175605ced7e1b4dcb80fda58c8a
SHA3 0b2581dd0c1b08d882b1f4c4014652d2e7d046d95aa3df236690e9d22572b27c

4096

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x294
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.28057
MD5 1f9009e4d5b61392e05aa8ac6eceb6aa
SHA1 4af6f3144fff0951da37370a3d200e8d74fc4862
SHA256 cb21f2b28bfc6b8046348c7a96bf97149dc5f91e1cc1a4f2904a1044a008425a
SHA3 c1aebde06ed543947facd67a9541283cbec74e559e267c1b84c168a2bf839812

CHARTABLE

Type RT_RCDATA
Language English - United States
Codepage Latin 1 / Western European
Size 0x82e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.5072
MD5 6e9c1c8c0a0ec8d73165779560cd7ba4
SHA1 d044c45e2ffd24e1abef00079577df385e325ab4
SHA256 677245e2a6b2eb5495b4965b8c26025a4b26e8b8c21a825f658cb390b493b9a0
SHA3 3ec7819e8561ecad66b1ef2652d4f3b275030f7cf402f276daa38f28d288e4e7

DVCLAL

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x10
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4
MD5 d8090aba7197fbf9c7e2631c750965a8
SHA1 04f73efb0801b18f6984b14cd057fb56519cd31b
SHA256 88d14cc6638af8a0836f6d868dfab60df92907a2d7becaefbbd7e007acb75610
SHA3 a5a67ad8166061d38fc75cfb2c227911de631166c6531a6664cd49cfb207e8bb

PACKAGEINFO

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x180
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.2284
MD5 98ec1fe524012b4d8654f7e01c44dac5
SHA1 fe5caa2503936543be6e1023dd443541acda7639
SHA256 906feffafc48fd76f3d15a5f5944a46a58634e7e2876a64f91e0d991c54d9e99
SHA3 6d9573800860b1df064d54a18cad1f9feac9d413f3319be6980dece251ff85ac

11111

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x2c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.56808
MD5 2f2eb40bddf3ff2d5c7aad421ea8e6e4
SHA1 fc5e7cdeef54b6e2e2c176f0c3d99d68614adbb3
SHA256 9816661eb3913b95865c54f3f93933103b34692299bc5eb771751412f27933e5
SHA3 28e137ee9aad23f0eb602ffdcac9f4384f92175307193a595d23bfd64edd8ed8

MAINICON

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0xbc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.11665
Detected Filetype Icon file
MD5 5d3201f0135376159714a88c069b5909
SHA1 840636ebb78a0db9e0df1fb8c06494a1ddd981c1
SHA256 ac8692717b864b74c31c3d2c0191e10cca18cfd89f27a47d0b41b2be553a2999
SHA3 101179115b93ca37c716a6b14b2710c7d1e5ace16eb2c36b86267f8d4f2cf1d2

1 (#2)

Type RT_VERSION
Language English - United States
Codepage Latin 1 / Western European
Size 0x4b8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.45067
MD5 2462135f0fa7bbb46d6eedcaf047c0e9
SHA1 f74ec258b845f193876e8fc974248b75b500c0de
SHA256 95ac4accc2146eee8f488323e7c5ccd37efc6962393278b109e1ddb5858d630c
SHA3 911146be5e9e4a8b6eca255bf3c54a096e43b47845722c5ea27c949d8e1cb89b

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage Latin 1 / Western European
Size 0x56b
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.04657
MD5 404a5522519dc05554e93482e7abdf47
SHA1 24a9c7f8d79148b2078833d0ad43430517ddd7ff
SHA256 b4f72b11d003ad504b4aed916c9c52aefe1d9d06da90584ba6a72c9ce89ef51d
SHA3 13c4e5375dfae3c7e9932960d0f88dd0e66a9b5716471a4c72cdd592de94a22d

String Table contents

Thu
Fri
Sat
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Invalid file name - %s
January
February
March
April
May
June
July
August
September
October
November
December
Sun
Mon
Tue
Wed
Monitor support function not initialized
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
Variant or safe array is locked
Invalid variant type conversion
Invalid variant operation
Invalid variant operation (%s%.8x)
%s
Could not convert variant of type (%s) into type (%s)
Overflow while converting variant of type (%s) into type (%s)
Variant overflow
Invalid argument
Invalid variant type
Operation not supported
Unexpected variant error
External exception %x
Assertion failed
Interface not supported
Exception in safecall method
Object lock not owned
Invalid class typecast
Access violation at address %p. %s of address %p
Access violation
Stack overflow
Control-C hit
Privileged instruction
Operation aborted
Exception %s in module %s at %p.
%s%s
Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
Variant method calls not supported
Read
Write
Error creating variant or safe array
Variant or safe array index out of bounds
Out of memory
I/O error %d
File not found
Too many open files
File access denied
Read beyond end of file
Disk full
Invalid numeric input
Division by zero
Range check error
Integer overflow
Invalid floating point operation
Floating point division by zero
Floating point overflow
Floating point underflow
Invalid pointer operation

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 0.0.0.0
ProductVersion 0.0.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
Comments This installation was built with Inno Setup.
CompanyName Redragon
FileDescription
FileVersion (#2)
LegalCopyright
ProductName
ProductVersion (#2)
Resource LangID English - United States

TLS Callbacks

StartAddressOfRawData 0x41f000
EndAddressOfRawData 0x41f008
AddressOfIndex 0x4177b4
AddressOfCallbacks 0x420010
SizeOfZeroFill 0
Characteristics IMAGE_SCN_TYPE_REG
Callbacks (EMPTY)

Load Configuration

RICH Header

Errors

[*] Warning: directory 5 has a size of 0! This PE may have been manually crafted! [!] Error: Could not reach the requested directory (offset=0x0). [*] Warning: Section .bss has a size of 0! [*] Warning: Section .tls has a size of 0! [*] Warning: Section .reloc has a size of 0!
Leave a comment

No comments yet.