Manalyze report for adf3060cfeba1001a86904d90c0970fa17c92c11e2ec7c587e9eb08f5f8bc9a0

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2018-Feb-01 20:18:00
Detected languages	English - United States
FileDescription	Run As Administrator
CompanyName	n1kobg.blogspot.com
LegalTrademarks	n1kobgâ¢
LegalCopyright	Â© 2019 n1kobg
Comments	Run As Administrator

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig2(h)`
Info	Interesting strings found in the binary:	`Contains domain names: blogspot.com n1kobg.blogspot.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: LoadLibraryExW GetProcAddress LoadLibraryW` `Can create temporary files: GetTempPathW CreateFileW`
Suspicious	The PE is possibly a dropper.	`Resource AA038496EBB6CD40BDB4C397AAC42D4C446F106F is possibly compressed or encrypted.` `Resources amount for 76.4078% of the executable.`
Info	The PE is digitally signed.	`Signer: n1kobg` `Issuer: n1kobg`
Malicious	VirusTotal score: 51/72 (Scanned on 2025-07-29 06:43:55)	`ALYac: Trojan.Generic.38328978` `APEX: Malicious` `AVG: Win32:Malware-gen` `AhnLab-V3: Malware/Gen.Generic.C3144418` `Alibaba: TrojanDropper:Win32/Dapato.64a6e802` `Arcabit: Trojan.Generic.D248DA92` `Avast: Win32:Malware-gen` `BitDefender: Trojan.Generic.38328978` `Bkav: W32.AIDetectMalware` `CAT-QuickHeal: Trojan.Ghanarava.171483479498794f` `CTX: exe.trojan.dapato` `ClamAV: Win.Ransomware.Lockbit-9951835-0` `CrowdStrike: win/malicious_confidence_100% (W)` `Cylance: Unsafe` `DeepInstinct: MALICIOUS` `ESET-NOD32: a variant of Generik.DUKAQXY` `Elastic: malicious (high confidence)` `Emsisoft: Trojan.Generic.38328978 (B)` `Fortinet: W32/Dapato.PNFH!tr` `GData: Trojan.Generic.38328978` `Google: Detected` `Gridinsoft: Trojan.Win32.CoinMiner.vb!s1` `Ikarus: Trojan.SuspectCRC` `K7AntiVirus: Trojan ( 0055b8641 )` `K7GW: Trojan ( 0055b8641 )` `Kaspersky: Trojan-Dropper.Win32.Dapato.pnfh` `Kingsoft: malware.kb.a.999` `Lionic: Trojan.Win32.Dapato.b!c` `Malwarebytes: Generic.Malware.AI.DDS` `MaxSecure: Trojan.Malware.1728101.susgen` `McAfeeD: ti!ADF3060CFEBA` `MicroWorld-eScan: Trojan.Generic.38328978` `Microsoft: Trojan:Win32/Kepavll!rfn` `NANO-Antivirus: Trojan.Win32.Dapato.jrnqfq` `Paloalto: generic.ml` `Panda: Trj/CI.A` `Rising: Dropper.Dapato!8.2A2 (CLOUD)` `Sangfor: Trojan.Win32.Save.a` `Skyhigh: Artemis!Trojan` `Sophos: Mal/Generic-S` `Symantec: ML.Attribute.HighConfidence` `Tencent: Malware.Win32.Gencirc.14364b06` `Trapmine: malicious.moderate.ml.score` `TrellixENS: Artemis!5DB410A95668` `VBA32: TrojanDropper.Dapato` `VIPRE: Trojan.Generic.38328978` `Varist: W32/ABTrojan.YPMP-8545` `Xcitium: Malware@#3t8keumuupyoh` `Zoner: Trojan.Win32.73853` `alibabacloud: Trojan[dropper]:Win/Kepavll.Gen` `huorong: Trojan/Generic!F5C4E02B920CE789`

Hashes

MD5	`5db410a95668692e2a1a85141298794f`
SHA1	`f7a0d4bc492aaaa06b3cbf051314d405da502881`
SHA256	`adf3060cfeba1001a86904d90c0970fa17c92c11e2ec7c587e9eb08f5f8bc9a0`
SHA3	`4e976937f89ca3b1d6efc1b6f491589e04194092f22359a8568716bcab013406`
SSDeep	`6144:kzBkLL2NTBaFgY3JiqnDMhjy9y1WZ9/sTOfH7zTNeolFVTW:kKyNTgCcIqDMq9r/fPrNeKVK`
Imports Hash	`5877688b4859ffd051f6be3b8e0cd533`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2018-Feb-01 20:18:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x10800`
SizeOfInitializedData	`0x4d400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00001000 (Section: .code)`
BaseOfCode	`0x1000`
BaseOfData	`0x12000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x61000`
SizeOfHeaders	`0x400`
Checksum	`0x602be`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.code

MD5	`d8af5494a902a4276e7a118e639a9058`
SHA1	`6e426ae2df7082b91cd0cadbb72b138102ba6151`
SHA256	`48a78b31bf41ba0daf0c70d4ae1db2b1b55b841601fd275761ac97fca34fbae5`
SHA3	`1e664ef7bea68bb4dd13b5afa576da5ba19a356a6a8a8aa37e162ddc4bf7ff84`
VirtualSize	`0x37f0`
VirtualAddress	`0x1000`
SizeOfRawData	`0x3800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.61236`

.text

MD5	`3d44adf99d47c66df6ed2c6ecde44714`
SHA1	`80a57adbc364dfb80e69990554b76e3d5c1faef0`
SHA256	`6e2472ffd964225c655a494fa93de374ce169cf1b9e2ee74ced2f8b3161d4b5d`
SHA3	`e18bd2f60a34878ad204c417d8535ddadd9ecedbecd4f7d00e665c43ea400e5f`
VirtualSize	`0xcfa2`
VirtualAddress	`0x5000`
SizeOfRawData	`0xd000`
PointerToRawData	`0x3c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.58582`

.rdata

MD5	`e4a2346f39e8c4c981487f3b09547faf`
SHA1	`65e4957d4d49eac6870a775db724f4c14c125592`
SHA256	`a65928e839b65ed68bd3504d3c1951cd8ed2889a37405e602c3dd87210eeac9e`
SHA3	`036418b11deeda8fa99555c9c24e60fc5faea50444ad3a2b03ebdb417f1ddf3b`
VirtualSize	`0x33a0`
VirtualAddress	`0x12000`
SizeOfRawData	`0x3400`
PointerToRawData	`0x10c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.11024`

.data

MD5	`452977f828fff4c0bbea01288b49d4e8`
SHA1	`4901ce6c2fcb11b6cc543feb7df1c9c7af5c2ce1`
SHA256	`a257ad0dca31471b2edaea3bbb75c2dd323cfb4bc4f445aef2e346794d06217e`
SHA3	`573277ea503c39d04df7f2774402cd47f0a1e49ed5f8b0de976cb9381ec1f793`
VirtualSize	`0x1724`
VirtualAddress	`0x16000`
SizeOfRawData	`0x1200`
PointerToRawData	`0x14000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.93614`

.rsrc

MD5	`6f6e423f6401683ecf700a42594e688a`
SHA1	`d9c391f85dd43f338bd6d686888a99dfaacc11d4`
SHA256	`e443d8ffef4a0101b84a4356a6f139dc90cf99fdf1d7049ad2a127495e52b337`
SHA3	`76c33550ef462f4dd14238dff6bbf4e11783005e16eabc0e66af78168b601346`
VirtualSize	`0x48d9c`
VirtualAddress	`0x18000`
SizeOfRawData	`0x48e00`
PointerToRawData	`0x15200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.25917`

Imports

MSVCRT.dll	`memset` `wcsncmp` `memmove` `wcsncpy` `wcsstr` `_wcsnicmp` `_wcsdup` `free` `_wcsicmp` `wcslen` `wcscpy` `wcscmp` `memcpy` `tolower` `wcscat` `malloc`
KERNEL32.dll	`GetModuleHandleW` `HeapCreate` `GetStdHandle` `HeapDestroy` `ExitProcess` `WriteFile` `GetTempFileNameW` `LoadLibraryExW` `EnumResourceTypesW` `FreeLibrary` `RemoveDirectoryW` `GetExitCodeProcess` `EnumResourceNamesW` `GetCommandLineW` `LoadResource` `SizeofResource` `FreeResource` `FindResourceW` `GetNativeSystemInfo` `GetShortPathNameW` `GetWindowsDirectoryW` `GetSystemDirectoryW` `EnterCriticalSection` `CloseHandle` `LeaveCriticalSection` `InitializeCriticalSection` `WaitForSingleObject` `TerminateThread` `CreateThread` `Sleep` `GetProcAddress` `GetVersionExW` `WideCharToMultiByte` `HeapAlloc` `HeapFree` `LoadLibraryW` `GetCurrentProcessId` `GetCurrentThreadId` `GetModuleFileNameW` `GetEnvironmentVariableW` `SetEnvironmentVariableW` `GetCurrentProcess` `TerminateProcess` `SetUnhandledExceptionFilter` `HeapSize` `MultiByteToWideChar` `CreateDirectoryW` `SetFileAttributesW` `GetTempPathW` `DeleteFileW` `GetCurrentDirectoryW` `SetCurrentDirectoryW` `CreateFileW` `SetFilePointer` `TlsFree` `TlsGetValue` `TlsSetValue` `TlsAlloc` `HeapReAlloc` `DeleteCriticalSection` `InterlockedCompareExchange` `InterlockedExchange` `GetLastError` `SetLastError` `UnregisterWait` `GetCurrentThread` `DuplicateHandle` `RegisterWaitForSingleObject`
USER32.DLL	`CharUpperW` `CharLowerW` `MessageBoxW` `DefWindowProcW` `DestroyWindow` `GetWindowLongW` `GetWindowTextLengthW` `GetWindowTextW` `UnregisterClassW` `LoadIconW` `LoadCursorW` `RegisterClassExW` `IsWindowEnabled` `EnableWindow` `GetSystemMetrics` `CreateWindowExW` `SetWindowLongW` `SendMessageW` `SetFocus` `CreateAcceleratorTableW` `SetForegroundWindow` `BringWindowToTop` `GetMessageW` `TranslateAcceleratorW` `TranslateMessage` `DispatchMessageW` `DestroyAcceleratorTable` `PostMessageW` `GetForegroundWindow` `GetWindowThreadProcessId` `IsWindowVisible` `EnumWindows` `SetWindowPos`
GDI32.DLL	`GetStockObject`
COMCTL32.DLL	`InitCommonControlsEx`
SHELL32.DLL	`ShellExecuteExW` `SHGetFolderLocation` `SHGetPathFromIDListW`
WINMM.DLL	`timeBeginPeriod`
OLE32.DLL	`CoInitialize` `CoTaskMemFree`
SHLWAPI.DLL	`PathAddBackslashW` `PathRenameExtensionW` `PathQuoteSpacesW` `PathRemoveArgsW` `PathRemoveBackslashW`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xebc4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.9757`
Detected Filetype	PNG graphic file
MD5	`ebc6b91da612174edabc06fd43bc433f`
SHA1	`8f816a1c6953c0c42e9de151af0ec8c6121dceee`
SHA256	`f0955e400e6130c5a5053761776b0c37b3981e4d37e0dd600fa1f2362bceae9b`
SHA3	`a53d512a5f4835fc030de7eb827891a8919c0d91d21369f366038b6db3d85ecf`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.83133`
MD5	`f75c44bdf0b662e8a262b051d4f0429c`
SHA1	`c0165c360eaf176b83101adb64a44a13fd649949`
SHA256	`368e4b3188cae6cae5e274b3eab75494d09e3d66081a18cb366dc56b24596d86`
SHA3	`59bb9641183cf7d3f27c35ef7fdf5f76d78fb55b4033308c1a2a50eb17b3cf94`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.07885`
MD5	`0c908ad453ff2b978bd7d8ad06bf1b18`
SHA1	`3e9477bffddeb460a41d68403dc47a80d457d5f8`
SHA256	`b86652d48b93c333a055bcda868d3c42622a4b234f0ab3043c0ef96de934e54c`
SHA3	`82c85d766ced31af09962353006a19df980ca54d4929f007faf97aaef0f26a03`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x5488`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.03573`
MD5	`5746b70403fe4517acd131a9e766df41`
SHA1	`c54123c7541f94fb8203ff10c6d5b747fe4e0ceb`
SHA256	`38fd29ce32dff3cc9da35c4f155b3aad68a396c2263ad03514cfdeff87aabdd6`
SHA3	`8f533c92b13c12044de86e4e3f2efc6e184d8ae884bf42a555f93519b7bcf323`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.01275`
MD5	`accbfe688e1d85aeaaeb0432e0db5062`
SHA1	`ffc8be9bb9423536c84002f7a43c9dac73fd2944`
SHA256	`50a2991758a2907358d369479039412d301b9134635d10a7cfba8d7235f03c74`
SHA3	`9d69fbc30b01e2ca64fc7348b3a6d557ac6e9db7f24bbc5c2b6dc8a2e7133a7f`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.19164`
MD5	`465e02f37010643b5ef3b65754a32fa2`
SHA1	`5a058f8e2d3f8a40f0f79fbf6ae7b93390036b50`
SHA256	`18645cb7c8f1c5cad8a062c284fbd865608a2842b146d71d7eb56cc523fbed93`
SHA3	`5e7e4d1d4d434209fb34937fe4c74aba8356827bb8a2d595b6e96197310cf1a5`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29509`
MD5	`7f8cf9eaa24d34021921465feb11d42e`
SHA1	`9ee352910ce552c1c430175599605645e42dc551`
SHA256	`0244e4dc581ca392bee922b4c2ed58035c816f34d8bcf120e8a8e7d4913ab2f6`
SHA3	`77f230211b4bc29b9b8047b8c3f2d76e7e1957e5bb48987b65925b5e717b63f3`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.48349`
MD5	`5a8b2a1c5db4ff5c59a612eedd168a9a`
SHA1	`3c205d6a28102349697ac1bd3b53c3020da04ccc`
SHA256	`bba80205b0486eb6a62c7447b5df9191f076a80ec801cb21d03f5c76fca2a596`
SHA3	`70e74d080ecb358a32a32b0287a7ffa29075dd485cd978f9a7a9b718c506cb31`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29719`
MD5	`d01232948cef91f81ce91d43ffc51f68`
SHA1	`b645a63c9cd5a6533fed40e4827aa25266194838`
SHA256	`6f4ad3b26e8801f57bf31f2628f86e097bffd04ce131ad4f247d4f0105953709`
SHA3	`6a0e0214eee34376934f46e8978d1e6cf0c13798fb43f9b5adf962e161d92736`

69C13D9545

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`55a54008ad1ba589aa210d2629c1df41`
SHA1	`bf8b4530d8d246dd74ac53a13471bba17941dff7`
SHA256	`4bf5122f344554c53bde2ebb8cd2b7e3d1600ad631c385a5d7cce23c7785459a`
SHA3	`2767f15c8af2f2c7225d5273fdd683edc714110a987d1054697c348aed4e6cc7`

8F0AA6490482FE283A985D7C35B09B871D5E4C2F

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x13`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.14266`
MD5	`4bbe3cf3b4551d24a2e47cc1aa3bed1f`
SHA1	`4f6756514ae5383eab0e45e4f23248ab1c61c94a`
SHA256	`c0f4ba942f1ad49c607f1d1794afda3d319bbad8edc1336bd6eb2375c6ce7225`
SHA3	`9ee26446cfc5269f875f922a2a34cfee7061883d387ef4e92b2c687f344d8864`

AA038496EBB6CD40BDB4C397AAC42D4C446F106F

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x11e35`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99743`
MD5	`556ee5d36e18e673876cde5efa67c494`
SHA1	`febe50c95c06956ca80e970c7a8b5c6919ed9448`
SHA256	`d0cd17e26c93d3efaf6ca3fa1871651d229dad66d4052cb5a1de443c9060150c`
SHA3	`53e435c0bf7bf1c395002a29d5165ec4645ac5549962cc55900a229d09ac3008`

D598B48F935CF51CEA1744D18A91848E

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x44`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.91099`
MD5	`67e623e7427dc046bfaf56f05ec399fb`
SHA1	`feca91cb1fb2f4be4afea019e905a769375a2578`
SHA256	`f7542df9fcba5c0de4a7c6324128a89916c13690e2ef70e5e838c8bf1e52d5fa`
SHA3	`a4f9bd8845b427b786543366c8a24f7b309abc8160a0855874976ba2c36d28d1`

F7B94894BE8810DC58C8A54B33EFD8DC

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x12`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.61437`
MD5	`da488e15520e05e89db48a38128a66e8`
SHA1	`fe11f5a0e53550d7f4c3604fdb97a4469547c677`
SHA256	`4c5212ea91f51e298092efa075ad4d7215b6cbdd344cea257dad28670a4ec995`
SHA3	`59704db123ce06aeef9d96e5c5f2996f5d07938ac532c0bfea4ea1d7464805dc`

FA867FAC91D7AF9EB1E1F33EFD6DE756

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xad`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.89105`
MD5	`ab0267946a163599b5426632509bcfcd`
SHA1	`732417f48d6200529da514518020fc22dfd844e7`
SHA256	`3f5797980fd4230fa2de99f4b8fbb4c8d842585ce0b8205d33ba0cdb7d2d0e7f`
SHA3	`93ff3076eba1dae531195587f3eaa4e0e7fc7e100be8a17c437fd85da6c6a9ab`

1 (#2)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03466`
Detected Filetype	Icon file
MD5	`91162df1a8557a3d792865ab3d818688`
SHA1	`b7ba6b77c36efb613d99f3d4ed4cb103358e0849`
SHA256	`2568b700d640e4c150cf841419569a30ced19791d5a8a577b06cc50f8014afa3`
SHA3	`1c988f83ee475ca65d4c2d25d9d3f6fc0607b30e4291ae627d0f7ce9bee18987`

1 (#3)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x234`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3077`
MD5	`ecfa5dc4842807e2143237b398112a04`
SHA1	`966338f90268e2a022a97d92eca8d95c08d802c8`
SHA256	`9cc4f7c75e123c014286c624cdd0494ae567a86ad8a205fc153a08df0cd84602`
SHA3	`f1f54057ae63dbcd2c623e58b923fc249f7707f4c423382b54b1de8f6834ce16`

1 (#4)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2a0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.08821`
MD5	`ffd3b06250ba95d239365ef050b3627b`
SHA1	`16e3981245d8dbd44f33d93b203c02a44f3c2b95`
SHA256	`1c3703755b6e9a690e8eafaa0cc318f667cd5d4c06935b6e3cd07296df9e9dcd`
SHA3	`2c6baa84c172762978837565c2b2ed4f7716c0edaab79bda3a3ef74724426773`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.0.0.0
ProductVersion	0.0.0.0
FileFlags	`VS_FF_DEBUG` `VS_FF_PRERELEASE` `VS_FF_PRIVATEBUILD`
FileOs	`VOS_DOS` `VOS_DOS_WINDOWS16` `VOS_DOS_WINDOWS32` `VOS_OS232` `VOS_OS232_PM32` `VOS_WINCE` `VOS__PM32` `VOS__WINDOWS16`
FileType	`VFT_APP`
Language	English - United States
FileDescription	Run As Administrator
CompanyName	n1kobg.blogspot.com
LegalTrademarks	n1kobgâ¢
LegalCopyright	Â© 2019 n1kobg
Comments	Run As Administrator

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.