Manalyze report for b7aafafc4fd37e2fa8e513fc575b54f5

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2019-Oct-08 07:54:45
Detected languages	English - United States

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: editpadpro.com http://www.editpadpro.com http://www.editpadpro.com/spell.html www.editpadpro.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32`
Suspicious	The PE is possibly packed.	`Unusual section name found: .itext`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: LoadLibraryExA GetProcAddress LoadLibraryA` `Can access the registry: RegQueryValueExA RegOpenKeyExA RegCloseKey RegSetValueExA RegCreateKeyExA` `Enumerates local disk drives: GetDriveTypeA`
Info	The PE's resources present abnormal characteristics.	`The binary may have been compiled on a machine in the UTC+7 timezone.`
Info	The PE is digitally signed.	`Signer: Just Great Software company Ltd.` `Issuer: COMODO RSA Code Signing CA`
Safe	VirusTotal score: 0/70 (Scanned on 2021-02-21 23:46:43)	`All the AVs think this file is safe.`

Hashes

MD5	`b7aafafc4fd37e2fa8e513fc575b54f5`
SHA1	`74f9018a24282cc7329780b810ca1817eb60f84c`
SHA256	`2a65fe15399945f6179ba445a70e37280cc304b7d112d0d6b590a7bb7fb8db33`
SHA3	`8ad613bbad068905b790a5f92d4489085ffe3512cf648efb4072f74e9ca705d5`
SSDeep	`12288:kyN5lsUJ5nIiSRqQwciicU2x9Rf8OhZIsg+YtLAcYFHuoNG:dlHJ5nWKcFcdx3fZEdAcYFHBG`
Imports Hash	`82aa4e6257275b038cbdc65769710c4d`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`9`
TimeDateStamp	2019-Oct-08 07:54:45
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0xaa00`
SizeOfInitializedData	`0x2a600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000B134 (Section: .itext)`
BaseOfCode	`0x1000`
BaseOfData	`0xc000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x3f000`
SizeOfHeaders	`0x400`
Checksum	`0xb1534`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`3b57175e35ad97122a2df7c848eb9662`
SHA1	`d061eb05622eaa0d3d603ea213909d5baf562d1d`
SHA256	`83d25688b8ac6f563f85bb7128bad2570d93a7588a081a18068537b28c66b6c0`
SHA3	`edd7420cf256f7eb2deec0426ff2bae42a1a04f639222b3750a1975be2cf79f3`
VirtualSize	`0x9820`
VirtualAddress	`0x1000`
SizeOfRawData	`0x9a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.54629`

.itext

MD5	`f453f241330c73b1320b7e8b8479b442`
SHA1	`40975507ca56baa1dbd7bc74a992681550575513`
SHA256	`a6f1a7cb52dc749c3876ddd9c5717b071bf660960a4a2bf53b08c32d68c8d3e3`
SHA3	`3900ca32e5fa7f61123acfc4cce395693acb8d346206d1f01c90a47f022c1664`
VirtualSize	`0xfa4`
VirtualAddress	`0xb000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x9e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.92228`

.data

MD5	`641b0a1e415b23ad1a72a51b1bdaf9d4`
SHA1	`b5c9661b2f70fbef7ea77482a4b2ed07f40436d9`
SHA256	`fde676f53aceefb95aec63fb0289c4a38945fb66ffe7e6b9f8040c70f6afd118`
SHA3	`09e1364167d03acdeb5a7d3f174925f485e052a2e97f737b0cf9959adbfbe59d`
VirtualSize	`0x1120`
VirtualAddress	`0xc000`
SizeOfRawData	`0x1200`
PointerToRawData	`0xae00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.42143`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x4eec`
VirtualAddress	`0xe000`
SizeOfRawData	`0`
PointerToRawData	`0xc000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`77d4e8b84aaded6cfceb0b64a01beb46`
SHA1	`29f9b85f06aa11830605a1614d9f6d0de7206480`
SHA256	`5a897a9f13088bed896c22d6a0ed88e304ea38ed21758a0e2ff90763057a0e60`
SHA3	`86a1bad409edc9af505f62c41befd17a00361cd49a35c7825f5ad52813e56242`
VirtualSize	`0x8f2`
VirtualAddress	`0x13000`
SizeOfRawData	`0xa00`
PointerToRawData	`0xc000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.52108`

.tls

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x8`
VirtualAddress	`0x14000`
SizeOfRawData	`0`
PointerToRawData	`0xca00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rdata

MD5	`daaa69a9dcee2ca8d442a46c1ffe7e27`
SHA1	`4a2c5b7e4e245235156c3d33fcc6c0a854b50082`
SHA256	`6ae153d3d9448aeb79d9eeab9c4b78b016039a9cba540c72ec401972c709d927`
SHA3	`f0ec2efa6268e803ba96e69ccc9deacaf3a698b1ab51445228501e0d4a5c7847`
VirtualSize	`0x4f`
VirtualAddress	`0x15000`
SizeOfRawData	`0x200`
PointerToRawData	`0xca00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.13163`

.reloc

MD5	`df3bf51e0ac8fe06d108fda617160299`
SHA1	`8c5188a4263ebee58e10420749bd09e41030a5d6`
SHA256	`f9538183ad2c7db3f01acde82f0e3b49f537017b290c35e018fc545853cfce71`
SHA3	`efa001a8630a64aeb1643b6cbb26d270d89fafdd7dbfd4ce2f72b115754a57bb`
VirtualSize	`0xe1c`
VirtualAddress	`0x16000`
SizeOfRawData	`0x1000`
PointerToRawData	`0xcc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.25434`

.rsrc

MD5	`938a6f1cece0bb73e6c01a1e9a8e3722`
SHA1	`d0fcfadeb4ea1bf42fbbc9ef510af0b833b0dd12`
SHA256	`c81788350e42b5c263928ca0d1a92178ef9182eeedc5ca23cdbdb0546e7517bf`
SHA3	`def080a0d735fbf5b28ad30ede88d15281304fd42f302112ff92a747a7a59c02`
VirtualSize	`0x27800`
VirtualAddress	`0x17000`
SizeOfRawData	`0x27800`
PointerToRawData	`0xdc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.72969`

Imports

oleaut32.dll	`SysFreeString`
advapi32.dll	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
user32.dll	`GetKeyboardType` `DestroyWindow` `LoadStringA` `MessageBoxA` `CharNextA`
kernel32.dll	`GetACP` `Sleep` `VirtualFree` `VirtualAlloc` `GetCurrentThreadId` `VirtualQuery` `WideCharToMultiByte` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
kernel32.dll (#2)	`GetACP` `Sleep` `VirtualFree` `VirtualAlloc` `GetCurrentThreadId` `VirtualQuery` `WideCharToMultiByte` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
user32.dll (#2)	`GetKeyboardType` `DestroyWindow` `LoadStringA` `MessageBoxA` `CharNextA`
kernel32.dll (#3)	`GetACP` `Sleep` `VirtualFree` `VirtualAlloc` `GetCurrentThreadId` `VirtualQuery` `WideCharToMultiByte` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
advapi32.dll (#2)	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.24879`
MD5	`21ff710ee66a4bbb909a0cc7b009a491`
SHA1	`0d85c2b4d0f47a265c37edfe4f240d707e42e299`
SHA256	`8e353e7810f055917388f660fd38f83ce748201584a8c17dbd6f06021db65521`
SHA3	`ee1667fec1df6bdfa11b720ec09f452d75e8fd0bbe26c28166274bf9319ac303`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6b8`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.562`
MD5	`b3475290874cb56514486d43091776a3`
SHA1	`a4a0bc4c4060347ec9f8705dae0d6483b73d8aa1`
SHA256	`4e16c6f527b2562b16400d84dbf2c5524440c04aa30d0edde2a0f16c952b1d35`
SHA3	`44a6d1076ffedd0aa2d91cf8e3e93b5e58c5f7e040620f46b9cf3adb1b414c50`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.37388`
MD5	`edc139c346e04a3ee7205264b315bb06`
SHA1	`2dcddff97dff8cfc8ac5bf6c01fba0c679a71cb6`
SHA256	`af973a6c1d61a32d4c9e0c223978bbf67118ecadd4610c25701e4c38ed4e4588`
SHA3	`567cbe994605b924b4a9e5785e2b2a3157300701faefa8e28a79cefb6433450c`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xcd8`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.5783`
MD5	`a141974755329f23ddbad5b623bba1f5`
SHA1	`71907e824c19989ed41f4276ab49a652f9dfcf1f`
SHA256	`5e17add131d0a2fa11718105bc112602c55a48f3ccd9b3801d50f6eee32c274f`
SHA3	`e93ff38447494962be46f15810c0464d62373b8bc482d721126fc64a12196edc`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.58649`
MD5	`057c62cff6a00ca68acbc544fa9be0ff`
SHA1	`8b012844d11b3a1a0151bd7af88e37d4f874eb11`
SHA256	`be6a585e6df974b38ebb5f173906ddb1524015762484bc7bb135578b153d3e50`
SHA3	`58de6f1b94400494517d7bae5c33e237634ec02473a6571e201b69a49ae44204`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1588`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.40004`
MD5	`4f3cee32503f050a3e3a85aad1364896`
SHA1	`4a5d1313f5653dd03304c20c16f88363397eec09`
SHA256	`c0ce76ab50e446b30fb130a51bf632579b54f448326bb5d1743127505411ed0a`
SHA3	`dee4c5cc959f9b5ff9cae3d937d80d76262cef1bd1ed28587960e0b89b6dba79`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1a68`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.2356`
MD5	`88fb5dbf94f1c6bfa7f8389dfd6b2952`
SHA1	`207b8afcdde42b733d28e6a48fe63aecd3bf6308`
SHA256	`0fc514252f577720f8d8066e073a01163b477c03d6d796f13fb187fee9937f9a`
SHA3	`9ae3d3d3be48f789f2f4557a00366abf545e14500ca2eef2a2f20d6ed4e43ee0`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.39366`
MD5	`57291bf0adacc9cc84af8f643e7e48ae`
SHA1	`4b95d8986823fcc9f5b2c22b0738544d9a297e2e`
SHA256	`2ca4382ad45e88e6c78e3f67fb7b50e47cd8fe7cbce2f4ec51c492665c2ac2c9`
SHA3	`1a61bda15649eb3e9ba392ab100e6c30f98e14437bec3aacf6f8876aab9568cb`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x32e8`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.25698`
MD5	`8b0cfa5728b38677075674c8c9e20507`
SHA1	`3523483ee251b00d13f4709e5a8a34a89427716d`
SHA256	`3ac0fd08620243c0b5f235b2c65bf712bf2c3836fc9e716155aa4d6fbe67af54`
SHA3	`b4be26a02a4b6701f142489c38b483500775df7604d681ce398f65db94f3fbfe`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.26094`
MD5	`488818cc678a7c2a7c16a5f919d54f9d`
SHA1	`cfedd10ac40193635297142c99872ba8d5975186`
SHA256	`5e87225b3a8ca64b245f4132d76e6b2d5b005a1ecc68358a0221fa932f66ec9f`
SHA3	`f41cb8fff6b2628ab6250c2680c2913ea1965dbe5608e47c52d31fa3d93fe05d`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5488`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.20175`
MD5	`ae696f520a8b629c2560eeb6e9a7a161`
SHA1	`038affa1e583be8f43affeaff4661e6549f79602`
SHA256	`7ec465455e2cd2da5a5b18afef13ac578d474dc977c711ab08d9f828ce372143`
SHA3	`90a3967ff1c3bbb455e5cdbf5d098e24e787c488a890df3bba8f43fc74021222`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x67e8`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.12887`
MD5	`a03cca2f56d1ae199772ec3377e99edf`
SHA1	`93ef0544bd228e04555313490fdeb4ef83db989a`
SHA256	`33185bf549596f04b4a337f218fef997298248b6b05db9c98af31c4a5f4b5488`
SHA3	`15fe04438e81f4ea8b6d275d57211be1df42dab728e87ec60d71e8dc59eec9be`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.08791`
MD5	`254c9860e3937987f32df7efcd7fdf67`
SHA1	`39f1bd721e00c477bc8f5a3b4f760005aa75970f`
SHA256	`fa795740e4dfedfe65de8ba328bbda6bd0c90bb8132780529bb2dedf0ee94e64`
SHA3	`8232e710da23c18422a5ea4f2f96c1d873bc0e2b06a2ec65852bee3f05b04d92`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x190b`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`7.86575`
Detected Filetype	PNG graphic file
MD5	`692208a5125faa7ee116e22813d16ba2`
SHA1	`a6087401e9619324070f1117c9639f35cd2afb31`
SHA256	`77f294e78d6f6b9fddab5dc7ab9ab1623b27b33a380d243f79518776dc9f4393`
SHA3	`eaf5102ebf4d361fa773a1fe1595c4bd156bda70fdfc2fed6de12a12c6902c6d`

4091

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x54`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`2.0978`
MD5	`4e0f3855b034cb129e2298913e46e360`
SHA1	`bbcee6f028e6f8dd94f329db93b124646165c1ab`
SHA256	`8a83ee6feda51928679ed61a1e7cd61b25b97370b7457385efac6168e46cc640`
SHA3	`09bbb023db07dc8a40e706ae57f6c99630a5d427dc45ec5fecfd4a584a54d4dc`

4092

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd0`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`3.2023`
MD5	`2c445e7460778069a108bfa6e5838bf4`
SHA1	`ada7c52ba585077d914fb80b269ec8a841801795`
SHA256	`67fa84ed1924419c10197924c66863e6a229a1e590b17e32bde70bb75a809f82`
SHA3	`266c4ad63b3566332930feba77a9fb887467da0eb433709aa903dd5b70f234ec`

4093

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xb8`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`3.34911`
MD5	`4a1e6314536c88cfa0467bf5b0cc0dd1`
SHA1	`34d0696c00ac0a6e0171d94cdb9cb2b3bc662afb`
SHA256	`dbd0defe0cb0baca38eba086f1db49f41b260ac4f9cd2d6cdaed54074f04e2f9`
SHA3	`f1cc84f17e27543fee905fa4c85e54deef05696a42b067f54e122085710e76d2`

4094

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x240`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`3.33001`
MD5	`b1ddb51fa6f37ba6c368cefa2f2758c4`
SHA1	`cbd129a306495b470ff9635b5f469846853aef78`
SHA256	`f6c922f8922e4b5d921f80eae02005303529c711e152dd862e51acbb658d7254`
SHA3	`22ed81d6ecab4c2320b0137ec5a02cc4c30b40fe505894ebb2e620b79bd69f80`

4095

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x35c`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`3.33933`
MD5	`3959de07687076819e595c726efe714f`
SHA1	`607464112d8c08052ce60fa48ab176430abede27`
SHA256	`5de3ab0e6ffdee43cf7921ca4d399bfe27e67fa00ab2d657012e9157fc5c3d3a`
SHA3	`74197beeec1e37d1a5d6929fc585c80da29c68310172de16533f3559a6af3227`

4096

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x280`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`3.29535`
MD5	`dbb1639cae4f97cb2a198d7320249054`
SHA1	`1b511b62f1478abba0b447ef2658172611af4de0`
SHA256	`1893a4eed0a8c996ee87a4a73bfa06c6fb9a147117e1925983caff227c147943`
SHA3	`dea7ef99f7dd7753ee0b074698f13a7f028a1d5dfdc74dea01c0675466013aa0`

DESCRIPTION

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x70`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`3.02689`
MD5	`9bf448ec8bac312f8ba4f9ab88b6f628`
SHA1	`64ef772525fcc57838aeff90375d8b45cac001c7`
SHA256	`b9e8f2bf219fb0a52ccc3549916ffd42b08c02c32bd0d70062c9509a120a1b93`
SHA3	`ad07eac345764668a273bc425bb295ff892067631ddee65fb98f998a18e64fcc`

DVCLAL

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`4`
MD5	`d8090aba7197fbf9c7e2631c750965a8`
SHA1	`04f73efb0801b18f6984b14cd057fb56519cd31b`
SHA256	`88d14cc6638af8a0836f6d868dfab60df92907a2d7becaefbbd7e007acb75610`
SHA3	`a5a67ad8166061d38fc75cfb2c227911de631166c6531a6664cd49cfb207e8bb`

PACKAGEINFO

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x6c`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`4.62517`
MD5	`e1e1c735e97405c82d8cccc504db94cb`
SHA1	`518807f141d639fedae3a4a5e0a24613d2f4682b`
SHA256	`5bdcf5d80b922b25947dc5b118a7483ab3d7fda9c9e3596fd90f3e7d4baf9085`
SHA3	`914a7cd6190f550b019a793610b17f3823b8c0a93a94c35b2671b231add039cd`

MAINICON

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xca`
TimeDateStamp	2019-Oct-08 14:54:44
Entropy	`3.30244`
Detected Filetype	Icon file
MD5	`d7b0d0c14a4518fab2f25956408aa5c8`
SHA1	`fdfac12219f8c751afe2bd53d675a7562d789383`
SHA256	`91157a8341baf441ecc03af21e42ce9271ee2931094179c53996e93f16be3ed4`
SHA3	`84a8773178bf0f3971e7037f4d08ec0516424ea4a80356b73dd905aaa5363c2a`

String Table contents

Unable to create directory
November
December
Sun
Mon
Tue
Wed
Thu
Fri
Sat
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Jul
Aug
Sep
Oct
Nov
Dec
January
February
March
April
May
June
July
August
September
October
Invalid variant type conversion
Invalid variant operation
Invalid argument
External exception %x
Assertion failed
Interface not supported
Exception in safecall method
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
Jan
Feb
Mar
Apr
May
Jun
Invalid pointer operation
Invalid class typecast
Access violation at address %p. %s of address %p
Access violation
Stack overflow
Control-C hit
Privileged instruction
Exception %s in module %s at %p.
%s%s

Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
Variant method calls not supported
Read
Write
Error creating variant or safe array
Variant or safe array index out of bounds
Out of memory
I/O error %d
File not found
Invalid filename
Too many open files
File access denied
Read beyond end of file
Disk full
Invalid numeric input
Division by zero
Range check error
Integer overflow
Invalid floating point operation
Floating point division by zero
Floating point overflow
Floating point underflow

Version Info

TLS Callbacks

StartAddressOfRawData	`0x414000`
EndAddressOfRawData	`0x414008`
AddressOfIndex	`0x40c7a0`
AddressOfCallbacks	`0x415010`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`(EMPTY)`

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!
[*] Warning: Section .tls has a size of 0!