Manalyze report for 1df72273b235bd99c9551c66a16c78611c81c9a50a381faeca838d9708a35b84

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2015-Mar-24 09:52:25
Detected languages	English - United Kingdom English - United States
Debug artifacts	c:\hudson\GMBase\GMGreen\GameMaker\Runner\VC_Runner\Release\Runner.pdb
CompanyName	Toby Fox
FileDescription	Leading Brand UNDERTALE-type Software
FileVersion	`0.9.9.5`
InternalName	GameMaker:Studio Windows C++ Runner
LegalCopyright	(C) 2015 Toby Fox
PrivateBuild	01.00.00.00
ProductName	UNDERTALE
ProductVersion	`0.9.9.5`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `MASM/TASM - sig1(h)`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1`
Suspicious	The PE is possibly packed.	`Unusual section name found: .mydata`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryW LoadLibraryA` `Can access the registry: RegQueryValueExW RegOpenKeyExW RegCloseKey` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Uses Windows's Native API: ntohs ntohl` `Uses functions commonly found in keyloggers: GetAsyncKeyState GetForegroundWindow CallNextHookEx` `Has Internet access capabilities: InternetCloseHandle InternetWriteFile InternetReadFile InternetOpenA InternetCrackUrlA InternetCanonicalizeUrlA InternetConnectA InternetGetConnectedState` `Leverages the raw socket API to access the Internet: ntohs ntohl htons htonl __WSAFDIsSet getpeername select freeaddrinfo WSAAddressToStringA getaddrinfo WSAGetLastError gethostname closesocket shutdown WSAStartup WSACleanup getsockopt setsockopt ioctlsocket socket bind sendto connect inet_addr send recvfrom inet_ntoa recv accept listen` `Enumerates local disk drives: GetDriveTypeA` `Can use the microphone to record audio: waveInOpen` `Reads the contents of the clipboard: GetClipboardData`
Safe	VirusTotal score: 0/74 (Scanned on 2024-08-20 03:28:16)	`All the AVs think this file is safe.`

Hashes

MD5	`b392aa35283369dc4e14a01ee534a942`
SHA1	`b70df17f0c81ee8a662e567a0616a0afbec50ccd`
SHA256	`1df72273b235bd99c9551c66a16c78611c81c9a50a381faeca838d9708a35b84`
SHA3	`5c9e56d8e2493ee1bcabb265a2cb69d2f69c188204a45bc289a1b6f4ff5fcbd0`
SSDeep	`49152:NlvL98KQu+vHQZByECxlKPY9KPqfru2toaMETR/:DZByESlKPY93frDtlM8/`
Imports Hash	`0edbe75768c95c86b566750036b3095e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2015-Mar-24 09:52:25
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`9.0`
SizeOfCode	`0x259a00`
SizeOfInitializedData	`0xbcc00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00229E08 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x25b000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.0`
ImageVersion	`0.0`
SubsystemVersion	`5.0`
Win32VersionValue	`0`
SizeOfImage	`0x567000`
SizeOfHeaders	`0x400`
Checksum	`0x32cab1`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`deb774dd6c6194685a96ebc0cfc6024e`
SHA1	`ccbc359392f453dc406cf7a152377a6c91b9ded1`
SHA256	`d4043643fb0ac550aa27f6b96dbea1c2c5a1869a821dbb6579b79a1e8ed777bb`
SHA3	`7cf14f2c104aff63506cd57fed9dbe53f0c791effbf1dc40d2bbd27975dfaf3c`
VirtualSize	`0x25987f`
VirtualAddress	`0x1000`
SizeOfRawData	`0x259a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.68914`

.rdata

MD5	`ac0f7afecd3abb643e096324cd3fb9d9`
SHA1	`c95a9eeb9763e623afe9335284b510502cd5a393`
SHA256	`5d018f05611f472fc403029d72ba4b4d512fabaeed0b0475a6f06f181f790def`
SHA3	`5621eee1eb2b3a7c2c6bbb411421fab6808d4a0641feab408f4cc267117a7f36`
VirtualSize	`0x65d86`
VirtualAddress	`0x25b000`
SizeOfRawData	`0x65e00`
PointerToRawData	`0x259e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.50334`

.data

MD5	`ba530889cf59308c78e56dcdc04119c1`
SHA1	`391429ac6a7bc791cc759b5c7ba8e9b39087d1a4`
SHA256	`1cc8e1ef17226493c078e9d04ac0214d5fae312396c6b5f644adba46b9c0fee6`
SHA3	`80cf86403a138891612618d0c4a6dc772cf782e51e5cb0ede5003b083239a7d9`
VirtualSize	`0x2761e4`
VirtualAddress	`0x2c1000`
SizeOfRawData	`0x29000`
PointerToRawData	`0x2bfc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.74856`

.mydata

MD5	`5b71e4c27591ccb21954d71d656b28fb`
SHA1	`9cf3bdc3e0e647cb864581406250a7c21f51524d`
SHA256	`6bafe4f53b35a27d41c72c80d8fdfcd2aca79ce310b990ee55c7a04d65b6e96f`
SHA3	`efdeae6073a6cce468f62cdbdfc2d0f9ea3d196156860e5cac0d2038149f9a3e`
VirtualSize	`0x8`
VirtualAddress	`0x538000`
SizeOfRawData	`0x200`
PointerToRawData	`0x2e8c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.0203931`

.rsrc

MD5	`d13e00e293b69ca0ef84289b09e7fe5c`
SHA1	`8555bb3c8a46389175c6f7fd14f8f24bc91fe421`
SHA256	`3602c5a395bae88304afd38d31705897b4100d5b4a1d3f8def11b989c74f5bb6`
SHA3	`1facdb65fb7107f441a0221e652763a25369867a7de0a6acf7c873f6c83c9ca1`
VirtualSize	`0x2daa8`
VirtualAddress	`0x539000`
SizeOfRawData	`0x2dc00`
PointerToRawData	`0x2e8e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.98213`

Imports

WININET.dll	`InternetCloseHandle` `InternetWriteFile` `HttpEndRequestW` `InternetReadFile` `HttpQueryInfoA` `InternetOpenA` `InternetCrackUrlA` `InternetCanonicalizeUrlA` `HttpSendRequestA` `HttpOpenRequestA` `InternetConnectA` `InternetGetConnectedState`
d3dx9_43.dll	`D3DXGetPixelShaderProfile` `D3DXCompileShader` `D3DXGetVertexShaderProfile` `D3DXCreateTextureFromFileInMemoryEx` `D3DXCreateTextureFromFileW`
dbghelp.dll	`MiniDumpWriteDump`
WINMM.dll	`mciGetErrorStringA` `mciSendStringA` `joyGetPos` `joyGetPosEx` `joyGetDevCapsA` `timeGetTime` `waveInGetDevCapsW` `waveInGetNumDevs` `waveInAddBuffer` `waveInClose` `waveInUnprepareHeader` `waveInPrepareHeader` `waveInOpen` `waveInReset` `waveInStart` `waveInStop`
WS2_32.dll	`ntohs` `ntohl` `htons` `htonl` `__WSAFDIsSet` `getpeername` `select` `freeaddrinfo` `WSAAddressToStringA` `getaddrinfo` `WSAGetLastError` `gethostname` `closesocket` `shutdown` `WSAStartup` `WSACleanup` `getsockopt` `setsockopt` `ioctlsocket` `socket` `bind` `sendto` `connect` `inet_addr` `send` `recvfrom` `inet_ntoa` `recv` `accept` `listen`
gdiplus.dll	`GdiplusStartup` `GdiplusShutdown`
COMCTL32.dll	`InitCommonControlsEx`
KERNEL32.dll	`GetStringTypeA` `IsValidLocale` `EnumSystemLocalesA` `GetLocaleInfoA` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `LCMapStringW` `LCMapStringA` `GetFullPathNameA` `InitializeCriticalSectionAndSpinCount` `SetConsoleCtrlHandler` `SetFilePointer` `SetStdHandle` `ReadFile` `VirtualAlloc` `VirtualFree` `HeapDestroy` `HeapCreate` `FatalAppExitA` `FlushFileBuffers` `GetConsoleMode` `GetConsoleCP` `GetModuleFileNameA` `WriteFile` `IsValidCodePage` `GetOEMCP` `GetACP` `GetCPInfo` `HeapSize` `SetLastError` `GetStdHandle` `SetHandleCount` `IsDebuggerPresent` `TerminateProcess` `GetModuleHandleA` `GetStartupInfoA` `GetCommandLineA` `CreateDirectoryA` `GetFileType` `PeekNamedPipe` `GetFileInformationByHandle` `HeapReAlloc` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `FindNextFileA` `GetDateFormatA` `GetTimeFormatA` `DeleteFileA` `GetSystemTimeAsFileTime` `SetFileAttributesW` `FindFirstFileA` `GetDriveTypeA` `FileTimeToLocalFileTime` `FileTimeToSystemTime` `ExitProcess` `HeapAlloc` `HeapFree` `HeapWalk` `GetStringTypeW` `GetTimeZoneInformation` `MultiByteToWideChar` `GetConsoleWindow` `WideCharToMultiByte` `OutputDebugStringW` `CreateFileA` `GetProcAddress` `LoadLibraryW` `GetFullPathNameW` `GetCurrentDirectoryW` `GetLastError` `LocalFree` `GetModuleHandleW` `InterlockedDecrement` `InterlockedIncrement` `CreateThread` `GetExitCodeThread` `CloseHandle` `Sleep` `FreeLibrary` `SetCurrentDirectoryA` `LoadLibraryA` `GetCurrentDirectoryA` `GetExitCodeProcess` `CreateProcessW` `FindClose` `DeleteFileW` `FindNextFileW` `RemoveDirectoryW` `FindFirstFileW` `GetFileAttributesA` `GetFileAttributesW` `CreateDirectoryW` `GetEnvironmentVariableW` `GetTickCount` `QueryPerformanceCounter` `QueryPerformanceFrequency` `SetThreadPriority` `SetPriorityClass` `GetCurrentProcess` `GetCurrentThread` `GlobalUnlock` `GlobalLock` `GlobalAlloc` `GetVersionExW` `GetUserDefaultLCID` `GetLocaleInfoW` `ExpandEnvironmentStringsW` `GetModuleFileNameW` `MoveFileA` `GetCommandLineW` `GetCurrentProcessId` `GetCurrentThreadId` `CreateFileW` `IsBadWritePtr` `InitializeCriticalSection` `DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `TlsAlloc` `TlsSetValue` `TlsGetValue` `TlsFree` `ExitThread` `WaitForSingleObject` `SetEvent` `CreateEventW` `WaitForSingleObjectEx` `RtlUnwind` `RaiseException` `InterlockedExchange` `LocalAlloc` `FreeEnvironmentStringsA` `GetEnvironmentStrings` `WriteConsoleA` `GetConsoleOutputCP` `WriteConsoleW` `CompareStringA` `CompareStringW` `SetEnvironmentVariableA` `SetEnvironmentVariableW` `SetEndOfFile` `FormatMessageW` `GetProcessHeap` `HeapValidate`
USER32.dll	`GetDlgItem` `SetDlgItemTextW` `SetWindowTextW` `GetDlgItemTextW` `EndDialog` `DialogBoxParamW` `CreateDialogParamW` `ScreenToClient` `ReleaseDC` `DrawTextW` `GetDC` `MoveWindow` `ClientToScreen` `GetMonitorInfoW` `SetCursorPos` `MapWindowPoints` `GetCursorPos` `wsprintfW` `GetActiveWindow` `DispatchMessageW` `TranslateMessage` `GetMessageW` `EnumDisplaySettingsW` `ChangeDisplaySettingsW` `SetWindowLongW` `UpdateWindow` `EnumDisplaySettingsExW` `ShowWindow` `GetAsyncKeyState` `SetWindowTextA` `IsClipboardFormatAvailable` `CloseClipboard` `GetClipboardData` `OpenClipboard` `SetClipboardData` `EmptyClipboard` `GetFocus` `MessageBoxA` `SetDlgItemTextA` `IsDialogMessageW` `PeekMessageW` `GetForegroundWindow` `PostThreadMessageW` `AdjustWindowRectEx` `LoadImageW` `LoadCursorW` `RegisterClassExW` `CreateWindowExW` `SendMessageW` `SetCursor` `GetClientRect` `GetWindowRect` `DestroyWindow` `PostMessageW` `SetFocus` `BringWindowToTop` `SetForegroundWindow` `SetWindowPos` `keybd_event` `DefWindowProcW` `GetKeyState` `CallNextHookEx` `MessageBoxW` `GetSystemMetrics`
GDI32.dll	`GetDeviceCaps` `CreateFontA` `SelectObject` `DeleteObject`
COMDLG32.dll	`GetSaveFileNameW` `GetOpenFileNameW`
ADVAPI32.dll	`RegQueryValueExW` `RegOpenKeyExW` `RegCloseKey`
SHELL32.dll	`SHGetSpecialFolderPathA` `SHGetFolderPathW` `ShellExecuteW`
d3d9.dll (delay-loaded)	`Direct3DCreate9` `Direct3DCreate9Ex`

Delayed Imports

Attributes	`0x1`
Name	`d3d9.dll`
ModuleHandle	`0x534d2c`
DelayImportAddressTable	`0x2e9e00`
DelayImportNameTable	`0x2bf40c`
BoundDelayImportTable	`0x2bf440`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

135

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.33764`
Detected Filetype	Bitmap graphic
MD5	`0e502e77b617a3843b7d45f3de521a2c`
SHA1	`2d3fdf653979d1642a868d2ce2d4b7708c858426`
SHA256	`cb297aa243552ededd5aa0c25955322c287d36aa0d69ec68790900521ca1f211`
SHA3	`0a11d650715449bac5a4e6a89d9aa0c3ebb2dfd1b3e38efafdd48bc486467599`

136

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.993047`
Detected Filetype	Bitmap graphic
MD5	`0d483ad6da4e6f42f3c93d1b5924bb63`
SHA1	`e46c97a01a3fdd8edde15863148008298f703352`
SHA256	`b063e8200a53924c74d2992d56e43e6f7fff8383365d39e7dc880a2ce75b8b5f`
SHA3	`2c873b21dcbd04d9e547d9af7906ce201679192d92e2412bea1ccc1532a99aa3`

137

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.15256`
Detected Filetype	Bitmap graphic
MD5	`3be49c28e1fdb8aa1df022b36cede81e`
SHA1	`ff9e3ba28f30b560f0a946902d21b96cf7d8b090`
SHA256	`d04274209f89c47c9806b94082e05d1a072fc077c28ccf48f800c8bdbb9880c8`
SHA3	`122b324b232907b9d5342f2f081dce1c736dc825993a133b5ac6907416109bd1`

138

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.89372`
Detected Filetype	Bitmap graphic
MD5	`9e0d1b8218f2c07c149209f4991280d4`
SHA1	`9e22b219e4093f8ab599576c9da8ff851f004143`
SHA256	`eeac23e7bb8ce9b4ab0722f69bcf79ac5a9b5c0d7ad5e67dedbf1d77c2d8ade6`
SHA3	`1ab3de0e9285a8c7c82fecce41d4d6077ca94910ad2e735a2c643aba79eb0957`

139

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.76889`
Detected Filetype	Bitmap graphic
MD5	`6dbdee0c8e0ee023e9b57a9eecc0ee1d`
SHA1	`12ae24109df25a5dad2b7d34f13c89a8b1726c76`
SHA256	`3ac5bf02e1bb1a0975966df1ca1a515f866eb50baf156c4d5c614be342a42268`
SHA3	`48017038ccb6a5ee432c3fcfd0f9b4f00b6477085f4651859970fea7582fca7c`

140

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.5738`
Detected Filetype	Bitmap graphic
MD5	`fe8f56958aad10589723b7314317b833`
SHA1	`3c4f024fc0fc6690accfbd3a6eb167d84c4a563f`
SHA256	`f3c1366344b2898e928ad38699a61337ecd8c79604b338d8bafe931f67184ef7`
SHA3	`dcbd16085a4c18bfaf9afb3be726675825f19d2fc5081119cbae69fb390658fe`

141

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.35572`
Detected Filetype	Bitmap graphic
MD5	`55894bb63626eb9849b6f8eacc62da92`
SHA1	`88b8670956ae3c8fb1b2bde8a44b5c8c8ef20473`
SHA256	`d3631b49f188c12b8e45436a6219421eb6e623f680d108a111e5b97a366d8925`
SHA3	`371d3f3e3214d1ed1344c9b98e9d774e17a66f306c77cb935d4dea1cfecf8b86`

142

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.77467`
Detected Filetype	Bitmap graphic
MD5	`2407cb5a8ae0830297eb2b34611a288e`
SHA1	`dcfb184b9b17b29f1a4ad6b1a06721ec4b07a2a6`
SHA256	`c868e02eade177601671c64315a5eee20883ab9cb0fc4efce212016afcee7dc7`
SHA3	`35163e1fd5d64dfed87502a46c5c36cfc9f297560ae68bdba590c1d4dd513474`

143

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.19257`
Detected Filetype	Bitmap graphic
MD5	`9ddc3df1155230511f45d1677c70dcb3`
SHA1	`799f847c6b512acc5e846559d216ae6394919028`
SHA256	`4b84982fb983a64480c589cb3d2c7fce20bc8cea86b9eb2f0ba3c11ab55fa1a2`
SHA3	`954017ae7356108b957bf37b7c74f10887bf2d2e12670d49b62c8c177d9553ac`

144

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.76158`
Detected Filetype	Bitmap graphic
MD5	`16430adab8190094cbe4a553692347de`
SHA1	`8f2cd135001304b4b766b1f3e061bd1d2407e212`
SHA256	`fd67c51055c3f203782d8d3a13a34697d95afddcbc06c5183284c9fe0d950a52`
SHA3	`0092b52ca7e99c11646dd8825d525459b29308d0ca77699e07eedae730962645`

145

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.61258`
Detected Filetype	Bitmap graphic
MD5	`7c261bcb470a60bb330dcd1f88cdd234`
SHA1	`182e7329dcca5817a907580c067d3e623fe0535b`
SHA256	`e5ca37c2b2bdcbe8e4b5857f1113eb3e0642118e4acded05b5c02e8df3ad52fd`
SHA3	`0e8dee8293df10ef065f5acf7e4c4823f44a12e4a8cd056392eee29d5166d467`

146

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.52092`
Detected Filetype	Bitmap graphic
MD5	`10d42c236cedc22ab8758ae3a2d99060`
SHA1	`001436d0e4188cffdd58d40081a651173185968e`
SHA256	`d32391f1bd6a81a326289c2e1276a3f7326c2f14d71591f40779fc833c5c91c5`
SHA3	`b79832c0228a740166020259b0fba9e04ea7ce6540eac99c8fde6e90385f96b6`

147

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36284`
Detected Filetype	Bitmap graphic
MD5	`f3f29eadb4ae02d0d6691c418e46f3ab`
SHA1	`9bcf0bd1e89802ca25e764a81676aebb8d154002`
SHA256	`497abbc44a14af8460963a561b9c3353b41605349b7a903efa287e4d113cd4f5`
SHA3	`907ee5ab4c252e60672903517682d4477509d58c74fe90fda360d0878e9d1a32`

148

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.48054`
Detected Filetype	Bitmap graphic
MD5	`7aa9f99487a51a26033a557a2700c405`
SHA1	`1407f1c2016fdcce786c4e1a8c0a67d128407786`
SHA256	`caa7fcd55f3db50af6e9e4273c71cd182ece9be9755dd53f75ff473fb88a5f5f`
SHA3	`c264454c9a231d4bb18fffd46a7d01cbda72346f2baf69ee335415a971f8db53`

149

Type	`GIF`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1436`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27853`
Detected Filetype	Bitmap graphic
MD5	`fbca651b85b45550d204bd2000cf9dd2`
SHA1	`5d3145149b881ac59a59e4adaf292dc5bba4f40d`
SHA256	`37b0ae57f593dad56c65b1acef50ddca2d641bb0cf1b801e49666cd0ac49e807`
SHA3	`528c5ab896e5a3656f5f593165024372a8007fb8a58b2a6b8537b702c37a8c1e`

156

Type	`JPEG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0xb336`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.777345`
Detected Filetype	Bitmap graphic
MD5	`632e711123b0fd395b3e119e454e57c6`
SHA1	`f4f3294e9c30fc6bf166b63ebfb49219acdae0a4`
SHA256	`af0ab41643d325975149f4e3327abc46009d492ef9f3b721a790147dcd1d79f2`
SHA3	`2d7a6d6a77d40039e3b6747290f51a716d575f81848e9fa0cf59bfa157e55e56`

133

Type	`RT_BITMAP`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x4a0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.98789`
MD5	`a7299671f9ac143b68b89cbd7073aa56`
SHA1	`a0d4904fe608d1f758112b229cb2fe89cabdc3f1`
SHA256	`87d20d7e08ef065a0f44de6591e796d41f570e68fb14ddb5cd10ac674a72385d`
SHA3	`fb7ed8aa15af3bd248c2648f9e60dcbf695825cd2b2fa93443c0a676570d6993`
Preview

165

Type	`RT_BITMAP`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x7558`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.8406`
MD5	`ae5be74113b8108d4092667015f88cbf`
SHA1	`61bcde019fd6d3d64614b579e593ec2512b692c1`
SHA256	`c3430c1ad6b9e3585ce6020e6337b78c863123fb0d07d65b1938769c17009648`
SHA3	`87541209302c2bacd518c828a19283b9cc3fa0bb21701dbba7ecdafce32b2f60`
Preview

176

Type	`RT_BITMAP`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1b28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.57572`
MD5	`32700ebf36f9c1cdebbabf17777894f3`
SHA1	`7e51fc29c8197724249ef357d1d0e319a1867400`
SHA256	`eb691c31eb5148a74ead4bb72e3b669801d4cab4c61787ece6b40311711065b7`
SHA3	`9054795488cbed4be2cd5f7d5f64758ef1b292981ddc81aa97ca89e8b77f39c5`
Preview

177

Type	`RT_BITMAP`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1b28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92841`
MD5	`97c1fa00e9c580e8762c3827c9efd995`
SHA1	`4440fd9725c6fbfe350ed7f05605f12dac59ab96`
SHA256	`0179374b52eaffac22872e7ca9249a06dfe9a911607316509e58e226c002411d`
SHA3	`875b2107e0bce723b0817d1b3ac4f44e02d1bdd9921f80b7e9b65f2c439bd365`
Preview

178

Type	`RT_BITMAP`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1b28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92841`
MD5	`97c1fa00e9c580e8762c3827c9efd995`
SHA1	`4440fd9725c6fbfe350ed7f05605f12dac59ab96`
SHA256	`0179374b52eaffac22872e7ca9249a06dfe9a911607316509e58e226c002411d`
SHA3	`875b2107e0bce723b0817d1b3ac4f44e02d1bdd9921f80b7e9b65f2c439bd365`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.826948`
MD5	`eb41dfb8fa9253dd6389b35d7a14f41a`
SHA1	`450e360baedf95041be668231275e6f28c3e0c4b`
SHA256	`17627228a14a62c099da418e399f581400fefd956dacc2fde2587a0dd299f818`
SHA3	`686b5768eb2140501eee891ecf7a7f7049cd59b9e2cc9929e78ee814563ad37b`

132

Type	`RT_MENU`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x17e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.20451`
MD5	`6be803b5d3022239a7d8c4608f15bf99`
SHA1	`5dae7ff08616769a79db9b418fabbe79f5773037`
SHA256	`c878b68b6e4b78b0562dbff5341193f82ba001b3debc67a35773be819152481e`
SHA3	`81e72992ad2fc4f33c2e9c257c9e069367ac0c1ef5decd07ed4ea96973322c90`

IDD_DEBUG_FORM

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x250`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.32903`
MD5	`24f66ee5c4e5967e6b1c5f03b8a89508`
SHA1	`2a0c6b55f31941b0bfe9f16630891740e86ffb62`
SHA256	`4ac41cef279151c7a591c5efe5c4426708c67202b89b24c2c03a3be5c8c30703`
SHA3	`1c4b2d716c7ad3c5c589a8eadf8988c976f9c83c4cfb38ebc44c4b7a445bc4e7`

IDD_DEBUG_INFO_GLOBALS

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x90`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.89272`
MD5	`c153b5698564827caf6dc882dacfdc43`
SHA1	`602d54888132d7e7f8561b19b614b65d57b2cff5`
SHA256	`3ecc8565d7dddca92dc565a4165caec8e2574b79a2f6ee3e96a4415a3b80491f`
SHA3	`53bc2f095c487d7360d5d4ccfc4930edb6c78a1f31f1dc44a654a5247b939e16`

IDD_DEBUG_INFO_INSTANCES

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x146`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.05544`
MD5	`13c02b2adb2459f7d1ec27d08e0466af`
SHA1	`331cadce2af8c6ddfdc5246e987d7d9b17b822f3`
SHA256	`460fe185a002d9b4a0ab28682b6912c2d416452cdafa626a62bca8067aa613f5`
SHA3	`beaa285ae3d67c0a1c0236f9e96ec11b39a0201f07f86ebe3bd41766bb3333eb`

IDD_DEBUG_INFO_LOCALS

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x8c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92046`
MD5	`ba5f99fd11ab327dc0fbf3d1e2294051`
SHA1	`fa0727388dc1c834c9655a8b44ce196244fded5b`
SHA256	`f222120826a99ebbf6fe78eae6b98f2fed1d8ca7ee532026fc0b8ee67a886ca3`
SHA3	`1968802b92d6ba443c14384a77887a23e59a543ac7ea9b0184d557baefdb8c7e`

IDD_DEBUG_INFO_MESSAGES

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x70`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87953`
MD5	`5dd7e4551730117980f9eb576f6cacee`
SHA1	`24be37a32db2bda6dc750cb954d7e36d81e0be67`
SHA256	`7754e8b369b12ef91dd79ff827e96a1a50dd858524f1e6dcf4cfb60e516e58fe`
SHA3	`f89a8c51dbebfb0995849c91db2cc054cbb905d1aa0003417a084908eface419`

IDD_ERROR_CODE

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x120`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11903`
MD5	`ac3f07c5aa93e413823a32f659240ad1`
SHA1	`d78e110cb30ccff6366e410f6a16009383f8f2e9`
SHA256	`b45c6a3366adc913f8d1f3cd2289aeddc2b4dae28c0e39daa911009f50234c43`
SHA3	`89f27075d14968fef9bdad5097adf1e3f751b7238149ba82eec741da3e19086a`

IDD_HISCORE

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x532`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.85053`
MD5	`754b7fc0bc0ccd1730bc563fad964f30`
SHA1	`1c9ff03ef04a62e5e04e0a728d080366c1aa1a00`
SHA256	`182848d5c2ae84be479ae144ecad6adefe92b9b05e017fee8a4fb32469f9964e`
SHA3	`3d23895f95ffb67ba2c52a46cd6cbe0d305065d43bdf44aefa8f5c71443a1801`

IDD_INPUTQUERY

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0xf0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09333`
MD5	`9f9f2c8a6f4b306b41dda835d90c37eb`
SHA1	`3b12f1b6d8c5e887caaeac46f8918808543f708f`
SHA256	`bf96593a642a5a7785b22ab22e69e3609f3c361e6ae90982ce4c1e1056d40ef1`
SHA3	`ed7e786cd66ca80dd9f0842dca11025d91ba8d222429026534dbde9c2b6325a5`

IDD_LOGIN_ASYNC

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x13c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.07583`
MD5	`6b0f04cd06a91ff5ee96decd8eb6dbc6`
SHA1	`240236f7e7f1c2cea21c1d5eac0bef98094eb18a`
SHA256	`28ae1807e280b537ef8a9b5df66942cd52adf418cd5a2e0b07ef48b25bd08955`
SHA3	`f3d6f5a0f7c6fb4bd8a283c4f8bfc9337364cb28e696784dcb8f543d9d79e89b`

IDD_MESSAGE_ASYNC

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x9c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00453`
MD5	`ed9d6ad0e3e5f287913a8c39386eb08e`
SHA1	`3856ad95adbb8ffdb971bd44a43e32ff7da10c9e`
SHA256	`09ae8082cc363799b57616423e47409390c11fc632c0958826d98420683aa83a`
SHA3	`19d277b2aea915c99d664198e3339347acae3070829ba1269eda8de02a6b820e`

IDD_QUESTION

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0xcc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14448`
MD5	`a1cb026f8ac0e660d2dbb8b8de96ea59`
SHA1	`74271f454c727706fcdae5cc75fb59d2f54116a1`
SHA256	`3981d095cf944141f06895b29e6606015852408d2636844c6a8eef781c6067a2`
SHA3	`e896b8b0cc00a316588ed19d413a5c1f2963591a80916246895f3112feb029ce`

101

Type	`RT_DIALOG`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.97604`
MD5	`a12fa2524c10e9d3aa595a0a61af48c3`
SHA1	`1b50a67f54de04a27c268720bb4d3dd26739f535`
SHA256	`095689eb7e4e8c2e31c1718463a158554c0261e9872bf9c3a497e6baee29d0e3`
SHA3	`7b1dd499012d4bace7e2758b1e829120463cadf602af2b8c39e1bceb46f6d040`

102

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x40`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.4002`
MD5	`cb861dfde44d04231e4880679d8c4c27`
SHA1	`d5fea594012e7305e3c871d47128b7d2ecb2d5dc`
SHA256	`78d86ff624bedba3c25db2571361a13a13bcb6d064f88c5e586747b9c5fa179c`
SHA3	`59f409436199cefd5e86941fd7a17bcc74a9281b15f18e9a521afb1ba97bb0e7`

129

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x60`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.48825`
MD5	`fc397f24ff24058e906c80aa0ba293b0`
SHA1	`5a595d303f58d30ce064a363b06b52ac5abadb66`
SHA256	`cff945155a9afffac367c241b1435a70f7667ddf4dfa097f6f1160de9aea96b7`
SHA3	`0a4e851708d2ac9cdd97f3951f1be23880728eddc20d6ffdd9eabaf9739f0d5c`

130

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x40`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.5167`
MD5	`9f9cae26a539630c1029c5f1070ec30e`
SHA1	`6d63b828807f26764c8edb3c864a6630b5932133`
SHA256	`7951ea2454bbfc7d6dd6f2ba8d3e29f01b3ec75658687cf7568b68e8f394c90b`
SHA3	`0877a53feb8dc02c9ae70ee3b3df3246db19a96391fcd8574b69c888aadf26c8`

188

Type	`RT_DIALOG`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0xbc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98411`
MD5	`b575ec076bc372b21c1332d665a56db6`
SHA1	`05b8ac0f862665caea395eac0f88d9a0369af081`
SHA256	`228733761baa9bec731d5830271e716af779a29d6fbae25dee72a6d51706e438`
SHA3	`4cf5a0abcafe469752d2f2dd365bd616993eb63b939a985a6c633c1c72cbf665`

7

Type	`RT_STRING`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1c0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6517`
MD5	`fe86798eb9a185aa07757fc60cccb701`
SHA1	`fe8578f4d1eab03a0520a25cb5146b669988a598`
SHA256	`194604625fffb999d1d570f9bd69f763810364fffb8fe43037795099062135df`
SHA3	`9c075faec10d0a13da88b59bfb6c5d68760b4a5174a3523988ad960fae6e952e`

152

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.53321`
Detected Filetype	Icon file
MD5	`148347b1b114d56422121f4bd47bcee4`
SHA1	`c7ecb354a46d45ceea0dbd2dc3bb52b041f7bbe8`
SHA256	`eebd507b6f20cf6695d3eeb15cc932e48a7bdd0e1f10c92a703005fb2ac37d2d`
SHA3	`88d51b696b744a0dde3ec6e744a87ae67be529f13e5629f748cca274418bed16`

1 (#2)

Type	`RT_VERSION`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x91c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.83538`
MD5	`53c22faa8c9c889ff59916d1c775ee6a`
SHA1	`5070041726ff70b329bf07fce9dad4f8a091dd24`
SHA256	`136ae2f322fafb2c481fd8f9adcc64dd5f0ac9807f1b5331bb8f3e1375482c31`
SHA3	`34e04e660651ae83e6d9686c75bdf145d2e2519b09a3f2490c73b227400a74f0`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2d5`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.04069`
MD5	`0c8bbb3c1cd4b665d123daf3200292a6`
SHA1	`dd1db0f54421bd84115d3a17fdcdb1f261678334`
SHA256	`d8ffc3635546a2721c5b4b03ed926a822742b14b427a243f0b778cee4f37bf63`
SHA3	`c7b25df36667b2f651d7bc07d1448d02c763c30408789ae5366fb66535a17d92`

133 (#2)

Type	`UNKNOWN`
Language	English - United Kingdom
Codepage	Latin 1 / Western European
Size	`0x1c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23453`
MD5	`064e798e056fc2a118b7a19cfb2bf4a6`
SHA1	`b4906a04b3de00091637cf81b01d6a735ea6b388`
SHA256	`99a76be7f5e4de14bd6dc653d179c5d8d88300f137116eef65944d5e512ef9e2`
SHA3	`ce4a6123a39d6fa13f7d22684297bdaa4a4de5062f9417cd8dd1afc23feebb31`

String Table contents

OLE initialization failed. Make sure that the OLE libraries are the correct version.
Windows sockets initialization failed.
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.9.9.5
ProductVersion	0.9.9.5
FileFlags	`VS_FF_PRIVATEBUILD`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United Kingdom
CompanyName	Toby Fox
FileDescription	Leading Brand UNDERTALE-type Software
FileVersion (#2)	0.9.9.5
InternalName	GameMaker:Studio Windows C++ Runner
LegalCopyright	(C) 2015 Toby Fox
PrivateBuild	01.00.00.00
ProductName	UNDERTALE
ProductVersion (#2)	0.9.9.5

Resource LangID	English - United Kingdom

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2015-Mar-24 09:52:25
Version	`0.0`
SizeofData	`95`
AddressOfRawData	`0x2b8b60`
PointerToRawData	`0x2b7960`
Referenced File	c:\hudson\GMBase\GMGreen\GameMaker\Runner\VC_Runner\Release\Runner.pdb

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x6e84e0`
SEHandlerTable	`0x6ba880`
SEHandlerCount	`311`

RICH Header

XOR Key	`0x991d5d3`
Unmarked objects	`0`
150 (20413)	`8`
ASM objects (VS2008 build 21022)	`66`
Imports (21202)	`2`
Imports (VS2012 build 50727 / VS2005 build 50727)	`25`
Total imports	`289`
C++ objects (VS2008 build 21022)	`400`
C objects (VS2008 build 21022)	`405`
Linker (VS2008 build 21022)	`1`
Resource objects (VS2008 build 21022)	`1`

Errors

[*] Warning: Could not read a WIN_CERTIFICATE's header.

Leave a comment

No comments yet.