Manalyze report for b9dc00589356c64a2e2b0cd777427059e4b8a49ce2f912f424caaf46ad60727a

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1970-Jan-01 00:00:00
Detected languages	English - United States
TLS Callbacks	2 callback(s) detected.
FileDescription	Provides utilities for working with device driver picker on Windows
OriginalFilename	DeviceDriverPicker.exe
InternalName	DeviceDriverPicker.exe
ProductVersion	`2.0.7054.29`
FileVersion	`2.0.7054.29`
CompanyName	Foxglove Interactive Co.
ProductName	Device Driver Picker
PrivateBuild	E7Hn9d4TsJ4qUk
LegalCopyright	(c) Foxglove Interactive Co.. All rights reserved.

Plugin Output

Suspicious	PEiD Signature:	`XWD graphics format` `HQR data file`
Info	Interesting strings found in the binary:	`Contains domain names: golang.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to AES`
Suspicious	The PE is possibly packed.	`Unusual section name found: .xdata`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA LoadLibraryExW` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect`
Info	The PE is digitally signed.	`Signer: Device Driver Picker` `Issuer: Device Driver Picker`
Malicious	VirusTotal score: 18/70 (Scanned on 2026-06-13 05:16:08)	`AVG: MalwareX-gen [Misc]` `AhnLab-V3: Malware/Win.MalwareX-gen.R779336` `Avast: MalwareX-gen [Misc]` `Bkav: W32.Malware.CAD6C63F` `Cylance: Unsafe` `DeepInstinct: MALICIOUS` `ESET-NOD32: Win64/Agent.JUM trojan` `Elastic: malicious (high confidence)` `Google: Detected` `Kaspersky: UDS:Trojan.Win64.DLLhijack.fbo` `McAfeeD: ti!B9DC00589356` `Microsoft: Trojan:Win32/Wacatac.B!ml` `Rising: Trojan.DLLhijack!8.1B50 (TFE:5:8E0C2eaMorT)` `Sophos: Mal/Generic-S` `Symantec: Trojan.Gen.MBT` `Tencent: Win32.Trojan.FalseSign.Hplw` `Trapmine: malicious.high.ml.score` `TrellixENS: Artemis!E3148FF4F181`

Hashes

MD5	`e3148ff4f181e46301a45d84189e9b06`
SHA1	`d3680197830d942cb1928e409df7e09ff86f384a`
SHA256	`b9dc00589356c64a2e2b0cd777427059e4b8a49ce2f912f424caaf46ad60727a`
SHA3	`ca3acdba66002725a004aac42939b312cb3db78033d0e726ee39f639eab58695`
SSDeep	`98304:D5oZ79jM0Q4R5On+IpdbbBcDAaDvzM9AmzIwkkdPAJVVvoR9:DeB4r4R5Tw3ccQj8Z3ZaUR9`
Imports Hash	`f604c1c3e882e6a725b213d7fdcb6bc5`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`12`
TimeDateStamp	1970-Jan-01 00:00:00
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_DEBUG_STRIPPED` `IMAGE_FILE_DLL` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`2.0`
SizeOfCode	`0xe1000`
SizeOfInitializedData	`0x5b2800`
SizeOfUninitializedData	`0x204ae00`
AddressOfEntryPoint	`0x00000000000012EF (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x393140000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.1`
ImageVersion	`0.0`
SubsystemVersion	`6.1`
Win32VersionValue	`0`
SizeOfImage	`0x26e6000`
SizeOfHeaders	`0x400`
Checksum	`0x69a5ee`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b81e3b35ada5d8b931de2ef824d6c5b4`
SHA1	`a680e1564e9b07575059a106575fc5cd569f4186`
SHA256	`e3a000683e6b30dfd6c5576cd83f98f83cfc83c9d99ad43806816b5817e5353f`
SHA3	`2071bdecd2d018ccb5c371560c6a9e1abd2e7da153bc1676a28085c55bac6a86`
VirtualSize	`0xe0e70`
VirtualAddress	`0x1000`
SizeOfRawData	`0xe1000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.30346`

.data

MD5	`3fff2963690efbc4132e392b67739f16`
SHA1	`d87a740721370aee2c117dce4e65da4e73bac5d3`
SHA256	`dd4a275564bd9a4771cacf52c72d070f56815397ec51eb5a886d3d360d0a7482`
SHA3	`a610fb07fe166fc29c2f38fdc30f42f0f001a4489ceb1711fb3733f85125ddd5`
VirtualSize	`0x4867f0`
VirtualAddress	`0xe2000`
SizeOfRawData	`0x486800`
PointerToRawData	`0xe1400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99245`

.rdata

MD5	`f99424f9c021c09bf37300b987114e79`
SHA1	`e17b8756e1b312aa8e97c9904f29a080623d93f1`
SHA256	`5a8abfea7e89a7b9cd41a4b8deb0457d87cc857c6a5bf1f7a2ce686754d56a69`
SHA3	`1e7a50029fabab5aedaeb21bea0d6f600b4a75908ee16d6b4defc774fcfd46fe`
VirtualSize	`0x111600`
VirtualAddress	`0x569000`
SizeOfRawData	`0x111600`
PointerToRawData	`0x567c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.5536`

.eh_fram

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x4`
VirtualAddress	`0x67b000`
SizeOfRawData	`0x200`
PointerToRawData	`0x679200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.pdata

MD5	`f61d7d81e1c92744b232dd106e919a6b`
SHA1	`c7bd3b3408b187c37a2b39be5e8e80dd5f345f96`
SHA256	`cdd3de5e115242fe1f678dbf9ef804ebaac99e0da7067d030b7c7ef3e1006a82`
SHA3	`5a662e798f0e36921cd0a5b10d77ff802796d5dff393b8722452822ba2d80639`
VirtualSize	`0x6240`
VirtualAddress	`0x67c000`
SizeOfRawData	`0x6400`
PointerToRawData	`0x679400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.29622`

.xdata

MD5	`82e958f1db33d67d1ef887b4d7a330e6`
SHA1	`862665290983925cebb6f5b78083b1b51762771c`
SHA256	`5fa5aefc60599ebf274a7bb655072eae93aa36fd2be30bb4914f621f8dcc8291`
SHA3	`75c855af66e102f83a5714c93a2c93895c14a173cbf43b649e276426e6cc1158`
VirtualSize	`0x364`
VirtualAddress	`0x683000`
SizeOfRawData	`0x400`
PointerToRawData	`0x67f800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.51521`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x204add0`
VirtualAddress	`0x684000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.edata

MD5	`05aa64af42a18f393e324f26225378ee`
SHA1	`5a8fada385a070f8677154ef0dfd72da6bfc7d46`
SHA256	`307de78f3235b36645398de2cffae1e35e5a45950091dd2648d1324b5f47cafd`
SHA3	`a332b08aa7c5df9024c1bc98968e00b43c21d5c321e97b1d1a48884f8c86e327`
VirtualSize	`0xf2`
VirtualAddress	`0x26cf000`
SizeOfRawData	`0x200`
PointerToRawData	`0x67fc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.79266`

.idata

MD5	`88ab7a70acf256030619029856965a90`
SHA1	`4fbe191ccbe0f8b5d9e1edef72b4223bb838a292`
SHA256	`d3df618a4ff39d488e61d4d37b78fca173411ba498e1305f94db80095089ae40`
SHA3	`c3503b9ef312c3f00f41277a9360b31a08126781b3b429a1934294feea73271c`
VirtualSize	`0xd48`
VirtualAddress	`0x26d0000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x67fe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.46987`

.tls

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x10`
VirtualAddress	`0x26d1000`
SizeOfRawData	`0x200`
PointerToRawData	`0x680c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.reloc

MD5	`4cb78a0f5a4ceee7f105b896fd0490a3`
SHA1	`a452bd42d1edee5c96e87e4a6e8267e3eae33408`
SHA256	`61e93c6338456c509d2dd872190e390bf48ed1a50c9678eaa1fe8d7f80607334`
SHA3	`7a3c3332c4d39585c1afa6af91a593ddae2ea32edff8ef47839ece5aadb1ea7b`
VirtualSize	`0x4ac8`
VirtualAddress	`0x26d2000`
SizeOfRawData	`0x4c00`
PointerToRawData	`0x680e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.42081`

.rsrc

MD5	`7e9fd89e6c706b8ed71e038577bafa43`
SHA1	`141c8e08ea95410a58cc6c94f63af805d31e45c5`
SHA256	`050a9f84ae21e5a1199fea245893bd9f2e9dd5a8d09192d8dba972e098335526`
SHA3	`50f35b60e8d18a71036341a9dd2dd702445411c2bbeac6f9e59c0eb1153cedae`
VirtualSize	`0xe04f`
VirtualAddress	`0x26d7000`
SizeOfRawData	`0xe200`
PointerToRawData	`0x685a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.79354`

Imports

KERNEL32.dll	`AddVectoredContinueHandler` `AddVectoredExceptionHandler` `CloseHandle` `CreateEventA` `CreateIoCompletionPort` `CreateThread` `CreateWaitableTimerExW` `DeleteCriticalSection` `DisableThreadLibraryCalls` `DuplicateHandle` `EnterCriticalSection` `ExitProcess` `FreeEnvironmentStringsW` `FreeLibrary` `GetConsoleMode` `GetCurrentThreadId` `GetEnvironmentStringsW` `GetErrorMode` `GetLastError` `GetModuleHandleA` `GetModuleHandleW` `GetProcAddress` `GetProcessAffinityMask` `GetQueuedCompletionStatusEx` `GetStdHandle` `GetSystemDirectoryA` `GetSystemInfo` `GetThreadContext` `InitializeCriticalSection` `LeaveCriticalSection` `LoadLibraryA` `LoadLibraryExW` `PostQueuedCompletionStatus` `QueryPerformanceCounter` `RaiseFailFastException` `ResumeThread` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `SetConsoleCtrlHandler` `SetErrorMode` `SetEvent` `SetProcessPriorityBoost` `SetThreadContext` `SetWaitableTimer` `Sleep` `SuspendThread` `SwitchToThread` `TlsAlloc` `TlsGetValue` `VirtualAlloc` `VirtualFree` `VirtualProtect` `VirtualQuery` `WaitForMultipleObjects` `WaitForSingleObject` `WerGetFlags` `WerSetFlags` `WriteConsoleW` `WriteFile`
api-ms-win-crt-heap-l1-1-0.dll	`calloc` `free` `malloc`
api-ms-win-crt-private-l1-1-0.dll	`memcpy`
api-ms-win-crt-runtime-l1-1-0.dll	`_execute_onexit_table` `_exit` `_initialize_onexit_table` `_initterm` `_initterm_e` `_register_onexit_function` `abort`
api-ms-win-crt-stdio-l1-1-0.dll	`__acrt_iob_func` `__stdio_common_vfprintf` `fwrite`
api-ms-win-crt-string-l1-1-0.dll	`_stricmp` `strcmp` `strlen` `strncmp`

Delayed Imports

curl_easy_cleanup

Ordinal	`1`
Address	`0xe0210`

curl_easy_duphandle

Ordinal	`2`
Address	`0xe0240`

curl_easy_init

Ordinal	`3`
Address	`0xe00e0`

curl_easy_perform

Ordinal	`4`
Address	`0xe01c0`

curl_easy_setopt

Ordinal	`5`
Address	`0xe0150`

curl_easy_strerror

Ordinal	`6`
Address	`0xe0270`

curl_ext_load

Ordinal	`7`
Address	`0xdfca0`

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x7a60`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.97525`
Detected Filetype	PNG graphic file
MD5	`5d5c0bfd0f9817d8fd024c6f96a24fba`
SHA1	`7c2d5cdb6be729997dd89e870a36e9bd68a772e9`
SHA256	`88cfd87e93a68af7f3f804dea68c959c0d4346ed2d2be89a4477f83a4e915a21`
SHA3	`b62fd72e7bd07f1bf6b29ef9c9e46af2c4bdf5b0d4d3915afb0b9ec4c4eb4467`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2cb1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96239`
Detected Filetype	PNG graphic file
MD5	`bd174a83e05e00e4f677dc01946403ef`
SHA1	`58625b2f5519b451ae840d882cc0700581f413f0`
SHA256	`ae8071407b7d348d61e17aaba7c1e63835bbd2961e5d637ee3618824a78aa3bd`
SHA3	`1a64d7ba80db7d9526ddc8e95929159b586bca7b0e2dac4f0b3a3c86a6f6bcc3`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf6a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.93189`
Detected Filetype	PNG graphic file
MD5	`d2d6a27c152d974c283e0519a7448d63`
SHA1	`b7db32be286787d4d92e06dede82ac9edc6263fe`
SHA256	`1dd9b4ca81356a812c8dc7055a7bd9ebf8c8611f0999b091928b118618801fc6`
SHA3	`9b4e9f0f560a4925cdff485878e8b4f7e166c1ba83c76ccc8dedd30b20a2aee0`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xa12`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.88683`
Detected Filetype	PNG graphic file
MD5	`46d030e8e95cfec5ca96919bfeea6861`
SHA1	`5de151bc32bd328b0d61aeeda2b261bdd8953b29`
SHA256	`66831236d1b8339b14aa36fb2194b83040b8c7a4c56b151e221c1308cca536bc`
SHA3	`49557becc9248ae798960e5200c34e04bd58c7e179796e925bd9126833d158b8`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x55e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.80064`
Detected Filetype	PNG graphic file
MD5	`f2a19543fafbfee77d421790b6c8d9b6`
SHA1	`59f6c81654f270e6295e034cdfb2f8431297fd60`
SHA256	`cd2d39f436a2ebdd17dd16d00d04dc2dd0a14906983b887acb7be81966a04dfe`
SHA3	`69a55581fc7f59da4bb0af1aa9764c694be416fec5a62a04e5de98ed9be2481a`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1f2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.41548`
Detected Filetype	PNG graphic file
MD5	`ff20becd3b72f24c2fcbfad117a7cadc`
SHA1	`f13e0eddf19e865c0513785dc377add9f04619b7`
SHA256	`1bef72184cfbc3628475d7d08129cebf0fb20060c48ef3bdc83beb1f979c7920`
SHA3	`66f3cced7d404e572a318ca9878363500e271ae5462ae4bafb18b39e3e5471af`

63

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x188`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.18022`
MD5	`6f04515bc92e27dd387a9b1a976ae113`
SHA1	`74cfa7d20c1e96fba55b0fed6686a868a34341a8`
SHA256	`6331857d48d847cfe3f07e1ebdc6a78d70fe33e12627d4b2f1a645c7d3008688`
SHA3	`6ea99ce642db6129fa253523b29128f845ae8f2b0614be2c437c78677c49123a`

69

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xb0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.95418`
MD5	`78dc478eed2054945387d87b8e778831`
SHA1	`f71c9069f6b909d1d8aeb94ea1e6e5ee09dad5f3`
SHA256	`01e55f2315e07fb9ea076e44fee08608f76bd0668be36aec70ae27e750d35015`
SHA3	`3aa0f74c386e28a1cafa91f169c68cda56d5bc488cb14e5c03dec00f23589208`

70

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03746`
MD5	`0257a6a8aebdfbf0fec7f470f797425a`
SHA1	`47f6d9241f5e771c715c0bd2a53ced1b63b3017b`
SHA256	`f95d786c486bfd36686e3aa436cec3ff26afe12e46347c544f86326b4ed58e81`
SHA3	`7452e044cc3b742e5019d1e02138cf821719e90dbc8417d6294599483e59b95d`

126

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09641`
MD5	`6806ed53a3a47feb1b01e5e7a44dff12`
SHA1	`9f54e9db8acc8a1332e2631b3532aed8a305ab45`
SHA256	`afac62576beb92cbf322eef842cbda19137e62732257d3bc621f559fef9dff86`
SHA3	`609d5e28cdf3e68ddaaff81af254579fbecae09dca1a8cee4bd90f85dfe83d18`

188

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x12c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.00958`
MD5	`0d02b1125a68fc59a24976e07be5b08d`
SHA1	`7079b7c64678dce508d3f614bcb79218b99b70e8`
SHA256	`d0ba56d0c8d1b2535ef61e7b20f04925ed6804335cb503936af2d36caf1d4cc2`
SHA3	`be6e0dcd45823b831a9b7784761a121be8b1566b5cdda8385c52e31c82297e2e`

251

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x15c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.18673`
MD5	`e977cbf15badaf093dddfe484eba4f69`
SHA1	`2d028eeae31f1298261e9d48540bb2e1e36dbf60`
SHA256	`17d3b09dfe48874f68a7ea596754d3b1d4f60e2221191053d7f1b870af22db0e`
SHA3	`541ff599260336f6a8e92b75e9e66d09f5cf3101384a282f834e592ee55f0a1e`

313

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.25105`
MD5	`542bfbe3292d76b4cb5a4fdfe942387a`
SHA1	`39fd06d373935c2ec654d7745a048e08657ffb9f`
SHA256	`49aa7e0b5615b600abac63fcfbf87886d520c5c786441dc791876e1e95b2963e`
SHA3	`5ce0a9fc37651a85243c83eaa77da5209ba07a4cc5b40148447f602989c4a5d9`

376

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x150`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.10229`
MD5	`6cdde00d43045785da9603fc229debc2`
SHA1	`646fa76a3477c239a8bea549d1c202032da2c805`
SHA256	`106992f0752c91ab788a6cf0705e26b013675e60f2e371b1ca863dc82c1f3af9`
SHA3	`b88cb311be39370e48a1177b2a9a3d6edc23e325a1e8d7df3d670213b4719547`

1 (#2)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79621`
Detected Filetype	Icon file
MD5	`abaa685e34d8d6db7445a2a11cf0a14a`
SHA1	`cc3442478ff2775e1f8a53076de7852fb521c053`
SHA256	`dd10cdbb34aade785c9d10afa3e0014583ea3f9422ded8fff678d1632f724c8b`
SHA3	`d1db15d265f639d9bf7f4751a24239715227c8e024142787423478935f12edbe`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x414`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.43144`
MD5	`b6a920ffa3cab10dc4c1fbcbdde80a7f`
SHA1	`bc274b65858dc9d02bc085eef9b95db48d73f8d7`
SHA256	`c2ed656e49462f295f30336f8936826c03926812e75712df84e9efcfdee08a7f`
SHA3	`e9239f87e7740a570458996c3895e6cd8149902fbb145c48534980267875a2d0`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x67f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.20148`
MD5	`eed5c40f4875556635f650e2b138ec2a`
SHA1	`9c7c383fa004dd7d3b5cc0fcdf1e130b78114bf0`
SHA256	`46e1b500bbf9f8e47e1411902cb55488b995bc6b7cd00c5a4cc8e3673751acd2`
SHA3	`5c6bb80695e7354046ab88749a6724175f1b64abc2215f01b9a9baa29bb85501`

String Table contents

Device Driver Picker
Provides utilities for working with device driver picker on Windows
Foxglove Interactive Co.
Version 2.0.7054.29
(c) Foxglove Interactive Co.. All rights reserved.
Item 4322: pending.
Item 1371: skipped.
The parameter is incorrect.
Enable
Disk free: 128 GB
Log file rotated.
Preferences
Help
Item 6916: skipped.
Build succeeded. 0 errors, 2 warnings.
The process cannot access the file because it is being used by another process.
Test run: 128 passed, 0 failed.
Access is denied.
Camera access denied
An unexpected error has occurred.
Item 548: ready.
Item 8473: ready.
Item 6390: ready.
Item 3197: ready.
Item 616: ready.
Item 5772: ready.
Item 3506: ready.
Item 5891: ready.
Installing...
Item 6155: updated.
Item 3300: updated.
Update installed successfully.
Item 7286: updated.
Restart required to complete the update.
Item 861: updated.
DNS lookup succeeded.
Proxy authentication required.
Packets sent: 8,412
Packets received: 8,390
SSL handshake completed.
USB device connected.
Microsoft account connected.
Work or school account added
License valid until December 31, 2026.
Session expired. Please sign in again.
Sign in to continue.

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.0.7054.29
ProductVersion	2.0.4083.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS` `VOS_DOS_WINDOWS16` `VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS_OS232` `VOS_OS232_PM32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
FileDescription	Provides utilities for working with device driver picker on Windows
OriginalFilename	DeviceDriverPicker.exe
InternalName	DeviceDriverPicker.exe
ProductVersion (#2)	2.0.7054.29
FileVersion (#2)	2.0.7054.29
CompanyName	Foxglove Interactive Co.
ProductName	Device Driver Picker
PrivateBuild	E7Hn9d4TsJ4qUk
LegalCopyright	(c) Foxglove Interactive Co.. All rights reserved.

Resource LangID	English - United States

TLS Callbacks

StartAddressOfRawData	`0x395811000`
EndAddressOfRawData	`0x395811008`
AddressOfIndex	`0x39580ed30`
AddressOfCallbacks	`0x3937ba5d8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`0x0000000393220940` `0x00000003932209F9`

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!

Leave a comment

No comments yet.