ade449592745b54724fa70ec488b99fd

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2013-Oct-13 08:19:32
Detected languages English - United States
Comments This installation was built with Inno Setup.
CompanyName Megaify Software
FileDescription DriverToolkit Setup
FileVersion 8.5
LegalCopyright
ProductName DriverToolkit
ProductVersion 8.5.0.0

Plugin Output

Info Interesting strings found in the binary: Contains domain names:
  • http://www.jrsoftware.org
  • http://www.jrsoftware.org/ishelp/index.php?topic
  • jrsoftware.org
  • www.jrsoftware.org
Suspicious The PE is possibly packed. Unusual section name found: .itext
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryExW
  • GetProcAddress
  • LoadLibraryW
Can access the registry:
  • RegQueryValueExW
  • RegOpenKeyExW
  • RegCloseKey
Possibly launches other programs:
  • CreateProcessW
Memory manipulation functions often used by packers:
  • VirtualAlloc
  • VirtualProtect
Functions related to the privilege level:
  • OpenProcessToken
  • AdjustTokenPrivileges
Can shut the system down or lock the screen:
  • ExitWindowsEx
Info The PE is digitally signed. Signer: Megaify Software Co.
Issuer: Symantec Class 3 SHA256 Code Signing CA
Malicious VirusTotal score: 22/70 (Scanned on 2020-05-21 01:06:48) DrWeb: Program.Unwanted.681
Cylance: Unsafe
K7AntiVirus: Trojan ( 00524fd41 )
Alibaba: RiskWare:Win32/DriverToolKit.0c267678
K7GW: Trojan ( 00524fd41 )
TrendMicro: PUA.Win32.DriverToolkit.AA
ESET-NOD32: a variant of Win32/UwS.DriverToolkit.A
TrendMicro-HouseCall: PUA.Win32.DriverToolkit.AA
ClamAV: Win.Trojan.Drivertoolkit-7639971-0
Kaspersky: Hoax.Win32.DriverToolKit.b
AegisLab: Hacktool.Win32.DriverToolKit.3!c
Rising: Malware.Undefined!8.C (CLOUD)
Invincea: heuristic
Sophos: Generic PUA ON (PUA)
Fortinet: Riskware/Generic_PUA_ON
Endgame: malicious (moderate confidence)
Microsoft: PUA:Win32/DriverToolkit
ZoneAlarm: Hoax.Win32.DriverToolKit.b
Malwarebytes: PUP.Optional.DriverToolkit
APEX: Malicious
Yandex: Riskware.DriverToolkit!
GData: Win32.Application.DriverToolkit.A

Hashes

MD5 ade449592745b54724fa70ec488b99fd
SHA1 9aa32c2a67da99465f6b4c8c88cd52b109a243c4
SHA256 2097cfcef072f6b12370139d94a171073df2255807c01ad6d747f0d24a190aa6
SHA3 9ebd0dcd40e210e40fceb6e1e2aca78578a5af4e1b104a18b5fdd5226d8f9f29
SSDeep 49152:khg3LcSpYqQLyUf42fy6A4OeOqdAIjtYKmbaS/0GfVfcDi9r:JLcSpd8yEzvPlK1JODiN
Imports Hash c60f9a83fcd28ab2eb686b76b194eb79

DOS Header

e_magic MZ
e_cblp 0x50
e_cp 0x2
e_crlc 0
e_cparhdr 0x4
e_minalloc 0xf
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0x1a
e_oemid 0
e_oeminfo 0
e_lfanew 0x100

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 8
TimeDateStamp 2013-Oct-13 08:19:32
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 2.0
SizeOfCode 0xfe00
SizeOfInitializedData 0x10a00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000113BC (Section: .itext)
BaseOfCode 0x1000
BaseOfData 0x12000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.0
ImageVersion 6.0
SubsystemVersion 5.0
Win32VersionValue 0
SizeOfImage 0x2b000
SizeOfHeaders 0x400
Checksum 0x25c26c
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x4000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 3a126e478661f20816f9d9285615f98e
SHA1 e446317d7cb464e9ab9c259129ffb390c0e85bbc
SHA256 dc180f94aef37a4dd045f59040ace3a17d4c009644bba1492300cff94a1ab660
SHA3 cfda01e42a8e06ccf82d4a430132d82477efc589570aa87e785cede7d31e76fd
VirtualSize 0xf12c
VirtualAddress 0x1000
SizeOfRawData 0xf200
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.39148

.itext

MD5 ba48b9b17b3dd8b92da3bd93f20ddb34
SHA1 3ee09b4d597b2047cd658a1acfa454edb77e09c7
SHA256 32890d767e5e23e3e538c87cbb41ff5ce98dd329c069467c4cd556fb5ba618c9
SHA3 ec46821fa99cbddc600875f6eb7e4b34240d0f2e3167c9a37af603f6fb6a06d7
VirtualSize 0xb44
VirtualAddress 0x11000
SizeOfRawData 0xc00
PointerToRawData 0xf600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 5.73207

.data

MD5 d7fd5f4b562d7961758f3d6a8c834fd0
SHA1 04e9419b80ec90dff0906e2b7ef0749593fd8648
SHA256 54a41d6d92705a381f85668d43ece5cf07750f582985eb152fb62bbbb5800a78
SHA3 553391203f25d793c5f95e0efccdaa93bbfd3da8cb5515cec8f8b4871f3739f0
VirtualSize 0xc88
VirtualAddress 0x12000
SizeOfRawData 0xe00
PointerToRawData 0x10200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.24631

.bss

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x56b4
VirtualAddress 0x13000
SizeOfRawData 0
PointerToRawData 0x11000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata

MD5 93d91a2b90e60bd758fc0c4908856ae1
SHA1 391bdc96affa3aca04b3ed0fdce8edbd5a888a76
SHA256 87a62dbf1079da4759be08abcac1d4057824eb72be12cddad633200a6df3d267
SHA3 74535fa748cef59b8fbcbc2f73db78b397a804d24d3ee6adbefe0cdd3bd86d35
VirtualSize 0xdd0
VirtualAddress 0x19000
SizeOfRawData 0xe00
PointerToRawData 0x11000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.97188

.tls

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x8
VirtualAddress 0x1a000
SizeOfRawData 0
PointerToRawData 0x11e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata

MD5 3dffc444ccc131c9dcee18db49ee6403
SHA1 45d8f890e32cc1adf7ded113fd19004c8869f419
SHA256 821b0bda5922cc6f5fb74fb3a160e39c97727c21beb1ecf4f96e3bcfad9edbe3
SHA3 426ea652dcd361ec016030230ec1c87a2bc522f69cfb4c2af6313465cb2c516f
VirtualSize 0x18
VirtualAddress 0x1b000
SizeOfRawData 0x200
PointerToRawData 0x11e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 0.204488

.rsrc

MD5 734e5dcf3e49a8b10c93186bbbf58aff
SHA1 13d97868ee69795cf8952c4fce3f4a3710cc9105
SHA256 a47b267f4aa09f064023d9450f693955f29300f619165870f357137509e26d1c
SHA3 0b89375f35aeb8370277cbda59892226628689931f460e1f2d128c6d81feb8c0
VirtualSize 0xea44
VirtualAddress 0x1c000
SizeOfRawData 0xec00
PointerToRawData 0x12000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.91667

Imports

oleaut32.dll SysFreeString
SysReAllocStringLen
SysAllocStringLen
advapi32.dll RegQueryValueExW
RegOpenKeyExW
RegCloseKey
user32.dll GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
kernel32.dll GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
kernel32.dll (#2) GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
user32.dll (#2) GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
kernel32.dll (#3) GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
advapi32.dll (#2) RegQueryValueExW
RegOpenKeyExW
RegCloseKey
comctl32.dll InitCommonControls
kernel32.dll (#4) GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
advapi32.dll (#3) RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Delayed Imports

1

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.89369
MD5 0fd11411d4b84878c3b75da9b56575e2
SHA1 7de140db5946f4b9a17c47ba3c7fe08acdea35d9
SHA256 e8f7e1743c045949fd2be45255f6589214eececdb4920e97933dd787ea85eac6
SHA3 6a7bd0800009c5f469c93d9c3e9e1d6e5d77f8d06f4638eac45d4ed5873ca6ac

2

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.7389
MD5 8d0db2a512ff162a60738c5433202ec5
SHA1 6d7496835e3c160a512dc0ba9a40400345bdcadf
SHA256 37fa4afffa7d70f0d9ed27b9ee8b39b9c841f71f1ef12d1ccc0035ce4a16872d
SHA3 be11d526f58314bf2ca8ecf5a16adeadd070fb5dd1a1b3708ad521c061ea7289

3

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.91559
MD5 58f2431ef667443875c171adb8732378
SHA1 f8dcd977f97c39450fff221780aac601401456a5
SHA256 fe475f530de8cd49cbd45bd4a1a463a5f89d5cdf04c789726e23c9813f5f7d4a
SHA3 94d6982f280a7928c813e89f408d849ca0538597cbacbc5ea2245b66e5bce752

4

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.11662
MD5 258c291508c9f9f698640081133afc5c
SHA1 2b1641632b51d64ad375a36cf11047bf5dbbaeb8
SHA256 311239219a488bcbd1998d2aad0ed581a7ea7ea14fd5192fbad11d91368d1e2a
SHA3 de958ac1fc47b59390392a0aa38d349f6fa476536d25962d14b945d8e7a5c48a

5

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.62687
MD5 ec2f36d9389cf8643ccbaddde5ac7ac7
SHA1 77e7a527b18bb87ec8375db342f9d3fb3452c88a
SHA256 9bbcc7469ac02148cd0276a994244de64deffea6242722c2d045377f00d51643
SHA3 3109ede061d7f8b74d8ed1d47a908b85c6c45ad3502aa12561cee37648016269

6

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.97397
MD5 c48c45ea1fc8fc823d2d6ab5721c2ede
SHA1 0e224b840046d54867264c5dcc2ea8527ee73b6d
SHA256 34cb09fb06cb348710051f0157c23f9a06323c24d0f15def76dc1740d76ba6ab
SHA3 9150440f42aa6b6e2751a912dd4b2fb54e47f8bdcdcdf755d7febcd6f9da92a2

4091

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x68
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.56031
MD5 e518b8ae009986dd90363fcc61d7fff7
SHA1 24ed3f9f44fce167e79b53ea5f9b0505c4d567e1
SHA256 34ea1c2173226ecc593f8a2b0224c51ebbee1928715bda9339eec7717a822b89
SHA3 519dec097566117a56d9c49b0a711e82451c0f81fbb53f042549a61cd51122e6

4092

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xd4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.25287
MD5 ac85ded4e576ce909f5460536b63a4f1
SHA1 07e0380006e58eec02eaaa047a58aceeef1552d3
SHA256 e1d818d622875ce2cf81883816ef982aa05a724c46f82b3e67875e0bc24228b1
SHA3 d70f10064348a4608f8b92740e05f739736144b222db3aa5c51187c75c5cc4eb

4093

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xa4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.26919
MD5 519a33f5d2b4442ef3caf6d4501995fb
SHA1 e54df9d112555eb11a132bfee15b69ac186b422e
SHA256 80bc91470ef70d527d0c4e0824945bc3b17ff84f464bca425661c3e7e1972ce7
SHA3 88c911ed5f1b1354c3379baaaef2540d70c370fd877f536d069dc0ea55cd0b13

4094

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x2ac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.33268
MD5 234c2763997eec9c8a72ef190b928d68
SHA1 089fcaabba97f63455ce8a47e2d5d07fa56ba55b
SHA256 33ef72f38fc1fe2842c44e11bb351f94385bb186fee0fadbefc9364ed52aeb93
SHA3 10cbb07d784f332702d9d3451649950c1af6fb999ac1c2dac82df168cba5f302

4095

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x34c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.34579
MD5 2596d19a6b88cbba9c9c9cb003affbc6
SHA1 37091a716fd1eed000e0c3bb195fbd589a750608
SHA256 7f63f3f944a0b62f8f3b35a60141081599f7f175605ced7e1b4dcb80fda58c8a
SHA3 0b2581dd0c1b08d882b1f4c4014652d2e7d046d95aa3df236690e9d22572b27c

4096

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x294
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.28057
MD5 1f9009e4d5b61392e05aa8ac6eceb6aa
SHA1 4af6f3144fff0951da37370a3d200e8d74fc4862
SHA256 cb21f2b28bfc6b8046348c7a96bf97149dc5f91e1cc1a4f2904a1044a008425a
SHA3 c1aebde06ed543947facd67a9541283cbec74e559e267c1b84c168a2bf839812

CHARTABLE

Type RT_RCDATA
Language English - United States
Codepage Latin 1 / Western European
Size 0x82e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.5072
MD5 6e9c1c8c0a0ec8d73165779560cd7ba4
SHA1 d044c45e2ffd24e1abef00079577df385e325ab4
SHA256 677245e2a6b2eb5495b4965b8c26025a4b26e8b8c21a825f658cb390b493b9a0
SHA3 3ec7819e8561ecad66b1ef2652d4f3b275030f7cf402f276daa38f28d288e4e7

DVCLAL

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x10
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4
MD5 d8090aba7197fbf9c7e2631c750965a8
SHA1 04f73efb0801b18f6984b14cd057fb56519cd31b
SHA256 88d14cc6638af8a0836f6d868dfab60df92907a2d7becaefbbd7e007acb75610
SHA3 a5a67ad8166061d38fc75cfb2c227911de631166c6531a6664cd49cfb207e8bb

PACKAGEINFO

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x150
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.17906
MD5 8383ba160a86b918ac500521efb456a7
SHA1 f22c6fdd31aa68c5f9e247f8ccf0f565e14a0189
SHA256 abd66b63471de2699c97d06e41cfe0702144237079f76a9e0bd965b1a1862231
SHA3 efd13cc0570151797c6c4b7e4b3761f636efa32240f45d0558ce27bb27985147

11111

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x2c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.56808
MD5 df146b526d92f7809dcc6b37fa165bc2
SHA1 c3b802bdd66cdc1d5ac8fcd7788a44e231779bc6
SHA256 565422b29861986e2433d1208b34f756020d96a4ad64d59df1207c024128c530
SHA3 2a41affa934de08a7c64cf150840afc7b0aa54f6ed8cf79ba5644b158db080cb

MAINICON

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.72033
Detected Filetype Icon file
MD5 99759dedd27cc46591c5a39b35ce9a0e
SHA1 61ae506edaf01979947800b97455bb052940b3a6
SHA256 67456b1cdcca4d86c9efdf600e4fef092b7fa201ae52a1fe90b66fd3c3979087
SHA3 3a281764e4c0ac1fa7ec6feedda5f7fe6977c87c6e9ab89c856a1e8b369b8b3b

1 (#2)

Type RT_VERSION
Language English - United States
Codepage Latin 1 / Western European
Size 0x4f4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.65313
MD5 89e2762853df82db99dd59a37b805d9b
SHA1 b6d73a663b64c411890a2e847f24d1c7fcb5cdaa
SHA256 303654951e7639aa9ad7f7dc4dc1bda157e6db96dfe81da8ff496a8adbd0005d
SHA3 127f442145394c0a0c220483849ce4a3fd28f738ae415b17a4597a8832ebade7

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage Latin 1 / Western European
Size 0x5e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.11919
MD5 a561f3d4bfa3931040422a49ec17c06e
SHA1 9a27136c8b8073f832d2f3a9239a49f0c14cfaf6
SHA256 8d51d4405593fb12ba0d4a2708507e2300b363f7ce3cf538cb65c25cc1d3044f
SHA3 5ef4d8131a8cc50f1295dc3ebde9c211384f3ca41c657f5c8b18fd6b3a5c7c75

String Table contents

Friday
Saturday
Invalid file name - %s
September
October
November
December
Sun
Mon
Tue
Wed
Thu
Fri
Sat
Sunday
Monday
Tuesday
Wednesday
Thursday
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
January
February
March
April
May
June
July
August
Invalid variant type conversion
Invalid variant operation
Invalid argument
External exception %x
Assertion failed
Interface not supported
Exception in safecall method
Object lock not owned
Monitor support function not initialized
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
Jan
Feb
Mar
Apr
Invalid class typecast
Access violation at address %p. %s of address %p
Access violation
Stack overflow
Control-C hit
Privileged instruction
Operation aborted
Exception %s in module %s at %p.
%s%s
Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
Variant method calls not supported
Read
Write
Error creating variant or safe array
Variant or safe array index out of bounds
Out of memory
I/O error %d
File not found
Too many open files
File access denied
Read beyond end of file
Disk full
Invalid numeric input
Division by zero
Range check error
Integer overflow
Invalid floating point operation
Floating point division by zero
Floating point overflow
Floating point underflow
Invalid pointer operation

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 8.5.0.0
ProductVersion 8.5.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
Comments This installation was built with Inno Setup.
CompanyName Megaify Software
FileDescription DriverToolkit Setup
FileVersion (#2) 8.5
LegalCopyright
ProductName DriverToolkit
ProductVersion (#2) 8.5.0.0
Resource LangID English - United States

TLS Callbacks

StartAddressOfRawData 0x41a000
EndAddressOfRawData 0x41a008
AddressOfIndex 0x4127ac
AddressOfCallbacks 0x41b010
SizeOfZeroFill 0
Characteristics IMAGE_SCN_TYPE_REG
Callbacks (EMPTY)

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0! [*] Warning: Section .tls has a size of 0!