Manalyze report for bbd0e13e7f978a857504172734517f15

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2021-Jan-15 12:16:35
Detected languages	English - United States
FileDescription	Project1
FileVersion	`1.0.0.0`
ProductName	Project1
ProductVersion	`1.0.0.0`
ProgramID	com.embarcadero.Project1

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ v6.0 DLL` `Microsoft Visual C++ 6.0 - 8.0`
Suspicious	PEiD Signature:	`Armadillo v4.30 - 4.40 -> Silicon Realms Toolworks`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Looks for VirtualPC presence: 0f 3f 07 0b`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to TEA`
Suspicious	The PE is possibly packed.	`Unusual section name found: .mwxhl` `Unusual section name found: .xiuya` `Unusual section name found: .ytvjau` `Unusual section name found: .uisyk` `Unusual section name found: .wzxbho` `Unusual section name found: .uxecl` `Unusual section name found: .jxlrkz` `Unusual section name found: .tejlw` `Unusual section name found: .yjsh` `Section .yjsh is both writable and executable.` `Unusual section name found: .dfnjbs` `Section .dfnjbs is both writable and executable.` `Unusual section name found: .dpwsg` `Unusual section name found: .gkmowa` `Unusual section name found: .mzanih` `Unusual section name found: .tjuv`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA LoadLibraryW` `Functions which can be used for anti-debugging purposes: FindWindowA` `Code injection capabilities (process hollowing): ResumeThread SetThreadContext WriteProcessMemory` `Possibly launches other programs: CreateProcessA` `Can create temporary files: CreateFileA GetTempPathA GetTempPathW CreateFileW` `Memory manipulation functions often used by packers: VirtualProtectEx VirtualProtect VirtualAlloc` `Manipulates other processes: WriteProcessMemory ReadProcessMemory` `Can take screenshots: FindWindowA BitBlt CreateCompatibleDC`
Info	The PE's resources present abnormal characteristics.	`The binary may have been compiled on a machine in the UTC+1 timezone.`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`bbd0e13e7f978a857504172734517f15`
SHA1	`483ad88ca05549cda3565bfc692f7a87ab553be8`
SHA256	`cc56302e7407e3046984a5069cd110b040f95d1826bfd85f943d4c118aedd0ae`
SHA3	`1a262579bad8b2e250704b0797244625da3f1d042a8ab24f5b9d136360d2feb0`
SSDeep	`98304:z7I4DUXvvzBQsJd4NCgG9ULZ8Sf1dPXLdrleJ:z7IWUX9QsJ7gsULZv1dP2`
Imports Hash	`daf574f3040b477b1ee15e12a0c73af8`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x120`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`16`
TimeDateStamp	2021-Jan-15 12:16:35
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`83.0`
SizeOfCode	`0xc9000`
SizeOfInitializedData	`0x284000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x015FBACE (Section: .yjsh)`
BaseOfCode	`0x158e000`
BaseOfData	`0x1559000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`5.0`
ImageVersion	`0.0`
SubsystemVersion	`5.0`
Win32VersionValue	`0`
SizeOfImage	`0x190b000`
SizeOfHeaders	`0x1000`
Checksum	`0x35549e`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.mwxhl

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x223a24`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`

.xiuya

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x16a4`
VirtualAddress	`0x225000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`

.ytvjau

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x53ac`
VirtualAddress	`0x227000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x1326af8`
VirtualAddress	`0x22d000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.uisyk

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x322e`
VirtualAddress	`0x1554000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.wzxbho

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0xb3c`
VirtualAddress	`0x1558000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.uxecl

MD5	`42a53bcdb8bc7e0830799c89ec021a68`
SHA1	`c7c723bb63ea75f8bb85ae679df6691b04c0b519`
SHA256	`0faf038e72b0f795324fff1fd0defdbb24bdcde1b317511036812191d33140ab`
SHA3	`a04b65e8e7a57f7258aa53d750c3195662af33bc8e600a15bf058ebb91242a86`
VirtualSize	`0x9a`
VirtualAddress	`0x1559000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.34363`

.tls

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x48`
VirtualAddress	`0x155a000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.jxlrkz

MD5	`4d047b88e1e230ced050ce2696ba2e33`
SHA1	`976d18b1cd24dd1ebf95db1bf390e9739544f7a3`
SHA256	`cd0648222e93aa0be8789c527c05eeeb43580382d65974cbad02db718661b6cf`
SHA3	`0e0626e38f6930df111c82f51aac34ab5230fcf33640850253ea205d500eb2a6`
VirtualSize	`0x5d`
VirtualAddress	`0x155b000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x2c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.24102`

.tejlw

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x31ebc`
VirtualAddress	`0x155c000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`

.yjsh

MD5	`38563f83b83f090cee29bcc86eb7b079`
SHA1	`1bc90c620eaa9c31e230a6a0e88844028e06e9a5`
SHA256	`e2b2df806af80385c71fbdaafb7cf2a600528af5a6d5b71143c6ff6994d2de37`
SHA3	`49ec9cdc0fc425a7d41c43e6dc0fc55202460b46f6ae89d72c3b97d05adc2214`
VirtualSize	`0xc0000`
VirtualAddress	`0x158e000`
SizeOfRawData	`0xbc000`
PointerToRawData	`0x4000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.54349`

.dfnjbs

MD5	`e0455eda2a2d56dfa5e3e0a588c93f18`
SHA1	`b06accd7a376308e9be8383eab1f507e773d9df7`
SHA256	`e86fed833693390dfccc790c9d7422b0bc83159a5e821e474a73440fec7667ca`
SHA3	`58e4f87b0612ef398cd1f6aeebdcb7a869449eb49dfa1a266ba332c326b1ef24`
VirtualSize	`0x10000`
VirtualAddress	`0x164e000`
SizeOfRawData	`0xd000`
PointerToRawData	`0xc0000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.01051`

.dpwsg

MD5	`d2106bf3a0f3be0868aeca67d62b46fa`
SHA1	`6e1fc5fa00bcf4953f23776be82ef372181e00f8`
SHA256	`25e1487f2140692f7e871d2fde252c58055728fc1e5c534beeff93b5473cad98`
SHA3	`0316def23e9dd5bdcbe9ae59e3389d90c741f58565e1257acaac65f39c60fafa`
VirtualSize	`0x30000`
VirtualAddress	`0x165e000`
SizeOfRawData	`0x21000`
PointerToRawData	`0xcd000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.61809`

.gkmowa

MD5	`7024033b388892dd6dcb157ee0c9b4ed`
SHA1	`d81bc8099a48424c8463fbd3151fb52225792a0f`
SHA256	`63b42fe3ae0a2e20fe6fe8afa08f66324780f21bd93f88c167cf9ed30fa26457`
SHA3	`98b5feed833cbc02054dbb09a83e3c0f01918acaaf885ab81bc44ee25819c08b`
VirtualSize	`0x10000`
VirtualAddress	`0x168e000`
SizeOfRawData	`0xa000`
PointerToRawData	`0xee000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.63325`

.mzanih

MD5	`fa36dcb5355ca79489ea41f2dd9cf507`
SHA1	`605c09ab1bd3dd6af33997259029085721650e0d`
SHA256	`7ff3d2daa3ccbc64b78de4a345ddb916a84ec725a1e79cc198d3e449d36ae64e`
SHA3	`cc8e9164fb10ba5a25093c119a217e2ea451f253dd0a209f0a007c4554e1f026`
VirtualSize	`0x200000`
VirtualAddress	`0x169e000`
SizeOfRawData	`0x1f2000`
PointerToRawData	`0xf8000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99902`

.tjuv

MD5	`1691f8ea66258f1d1b63bb60c18f3e26`
SHA1	`1071374f33dd307bc2c883f052c376a90b5b29c5`
SHA256	`d5e9d4dbe29513c948e5e9bcc2f1966e861fed19d61435376ac4621c5c9058c9`
SHA3	`1c29e6e172bdc39660f0dbc33ec3c9569e979c5321ca1ec15aebf9a6ef7c7998`
VirtualSize	`0x6d000`
VirtualAddress	`0x189e000`
SizeOfRawData	`0x65000`
PointerToRawData	`0x2ea000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.5184`

Imports

KERNEL32.dll	`VirtualProtectEx` `GetLastError` `CreateMutexA` `ContinueDebugEvent` `ResumeThread` `OutputDebugStringA` `OutputDebugStringW` `SetThreadContext` `GetThreadContext` `WaitForDebugEvent` `WriteProcessMemory` `UnmapViewOfFile` `InitializeCriticalSection` `FreeConsole` `CreateThread` `SuspendThread` `DebugActiveProcess` `SetEnvironmentVariableA` `GetCurrentProcessId` `MapViewOfFile` `DuplicateHandle` `GetCurrentProcess` `CreateFileMappingA` `GetVersionExA` `GetProcAddress` `LoadLibraryA` `GetEnvironmentVariableA` `VirtualProtect` `VirtualAlloc` `SetLastError` `ReleaseMutex` `WaitForSingleObject` `OpenMutexA` `SetErrorMode` `GetShortPathNameA` `GetModuleFileNameA` `GetShortPathNameW` `GetModuleFileNameW` `GlobalUnlock` `GlobalLock` `GlobalAlloc` `WideCharToMultiByte` `IsBadReadPtr` `GlobalAddAtomA` `GlobalAddAtomW` `GlobalFree` `GlobalGetAtomNameA` `GlobalDeleteAtom` `GlobalGetAtomNameW` `SetFilePointer` `CreateFileA` `ExitProcess` `GetLocalTime` `MultiByteToWideChar` `SearchPathA` `GetTempPathA` `GetTempPathW` `GetTempFileNameA` `GetTempFileNameW` `GetWindowsDirectoryA` `GetPrivateProfileStringA` `EnterCriticalSection` `DeleteFileA` `MoveFileA` `CreateProcessA` `GetStartupInfoA` `GetCommandLineA` `GetCurrentThreadId` `ReadFile` `GetFileSize` `GetProcessHeap` `FlushFileBuffers` `WriteConsoleW` `SetStdHandle` `GetConsoleMode` `GetConsoleCP` `HeapReAlloc` `GetStringTypeW` `IsValidLocale` `EnumSystemLocalesA` `GetLocaleInfoA` `GetUserDefaultLCID` `GetTimeZoneInformation` `LoadLibraryW` `FreeLibrary` `SetConsoleCtrlHandler` `FatalAppExitA` `IsValidCodePage` `GetOEMCP` `GetACP` `QueryPerformanceCounter` `HeapDestroy` `HeapCreate` `GetFileType` `InitializeCriticalSectionAndSpinCount` `SetHandleCount` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `HeapSize` `GetLocaleInfoW` `GetStdHandle` `WriteFile` `IsProcessorFeaturePresent` `CompareStringW` `IsDebuggerPresent` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `TerminateProcess` `TlsFree` `TlsSetValue` `TlsGetValue` `TlsAlloc` `GetCPInfo` `LCMapStringW` `HeapAlloc` `GetDateFormatA` `GetTimeFormatA` `GetModuleHandleW` `HeapFree` `GetSystemTimeAsFileTime` `GetStartupInfoW` `RaiseException` `RtlUnwind` `ReadProcessMemory` `LeaveCriticalSection` `GetExitCodeProcess` `GetCurrentThread` `SetThreadPriority` `Sleep` `GetTickCount` `VirtualQueryEx` `CreateEventA` `SetEvent` `CloseHandle` `GetModuleHandleA` `WritePrivateProfileStringA` `GetCommandLineW` `FormatMessageA` `LocalFree` `InterlockedIncrement` `InterlockedDecrement` `InterlockedCompareExchange` `InterlockedExchange` `DeleteCriticalSection` `SetEndOfFile` `SetFilePointerEx` `CreateFileW` `FindClose` `RemoveDirectoryW` `DeleteFileW` `DeviceIoControl` `GetFullPathNameW` `FindFirstFileW` `FindNextFileW` `GetFileAttributesW` `CreateDirectoryExW` `CopyFileW` `GetCurrentDirectoryW` `SetCurrentDirectoryW` `GetFileInformationByHandle` `GetFileAttributesExW` `GetFileTime` `SetFileTime` `MoveFileExW` `GetDiskFreeSpaceExW` `CreateDirectoryW` `AreFileApisANSI`
USER32.dll	`BeginPaint` `EndPaint` `KillTimer` `GetAsyncKeyState` `DefDlgProcA` `DrawTextA` `CreateDialogParamA` `RegisterClassExA` `DialogBoxParamA` `GetWindowTextLengthA` `GetWindowTextA` `SetWindowTextA` `GetDlgItem` `CreateDialogIndirectParamA` `ShowWindow` `UpdateWindow` `InSendMessage` `UnpackDDElParam` `DefWindowProcW` `DefWindowProcA` `LoadCursorA` `RegisterClassW` `CreateWindowExW` `RegisterClassA` `CreateWindowExA` `GetWindowThreadProcessId` `SendMessageW` `PeekMessageA` `EnumWindows` `IsWindowUnicode` `PackDDElParam` `PostMessageW` `PostMessageA` `IsWindow` `LoadStringA` `LoadStringW` `FindWindowA` `DestroyWindow` `GetDesktopWindow` `GetSystemMetrics` `MoveWindow` `SendMessageA` `SetPropA` `EnumThreadWindows` `GetPropA` `WaitForInputIdle` `SetTimer` `GetMessageA` `TranslateMessage` `DispatchMessageA` `MessageBoxA` `FreeDDElParam`
GDI32.dll	`SelectObject` `BitBlt` `DeleteObject` `CreatePalette` `CreateDCA` `SelectPalette` `RealizePalette` `CreateDIBitmap` `DeleteDC` `CreateCompatibleDC`
COMDLG32.dll	`GetOpenFileNameA` `GetSaveFileNameA`
SHELL32.dll	`SHGetSpecialFolderPathA`

Delayed Imports

dbkFCallWrapperAddr

Ordinal	`1`
Address	`0x23063c`

__dbk_fcall_wrapper

Ordinal	`2`
Address	`0x108f8`

TMethodImplementationIntercept

Ordinal	`3`
Address	`0xd7fc8`

1

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`a2a5bb0f1f0a8eb31a3c60a6ad28543f`
SHA1	`80ae948ca52e33a2dcd21779fa392266aa4cd8e1`
SHA256	`9575b2125169377b2ade7b401ea36c81228331d971f49664d9648d4f255d4868`
SHA3	`013abf10282fa58151b0e6c5359f78e6ffbc5426ff76f3229c8eacbaf1973e38`

2

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`3aaceebd65f0b79f9ae1718d3241bf37`
SHA1	`2ccf78e3b22f294c2b9d2af73d2fede8af96d6a8`
SHA256	`7b8ec8dd836b564f0c85ad088fc744de820345204e154bc1503e04e9d6fdd9f1`
SHA3	`e262f7ae2b2ac948bf2e190c498026adc3498f185352f1e610875031ef1da9ce`

3

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

5

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

6

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

7

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

1 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0.713694`
MD5	`83e891be7b67e83d323eec7634ffab67`
SHA1	`e8430a663272a273a402b7055d77112ab97b574e`
SHA256	`e0be415552eaa04e12c83ce574855eef37257c64c57cb13afeafec1ab69e0f7a`
SHA3	`cbd1d4dfbcf0b5b4a67111ea98de143c385b05ddf4e7578e6940a8106965df1f`

2 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0.598847`
MD5	`a374396519f56de2b6332ffd626ada92`
SHA1	`623bc110f2e9cd0a0ad6b3e1afb0e8af9a9f06d5`
SHA256	`b2a5ab776f34e82e32e91a971c39f170f9820a6e565b24e38968bab6aea99a89`
SHA3	`b266b007716a15abee9730087ad2637b14ee270c9523f6c0a815f406df0823af`

3 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0.52976`
MD5	`cc159dee9411660a12f006e257204409`
SHA1	`2d4d1073d5305b36a6e0a5deee34cd9769b1ac59`
SHA256	`49d0e88b15dbdab8f63efd8a4e9362c2286cf3b8c6961116312a1dd8ea4eeb32`
SHA3	`ce39bd297e2be62224b7cb89e34f0093d47ea1e5190dfa947658e53dcbbc9325`

4 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0.500929`
MD5	`8de630b91cffda93643f7ba2e7e118d2`
SHA1	`ec8c37d54e6fc14fa8d1924dc0f3f07e97dc12eb`
SHA256	`d52274a770460c2b07989b11835c2dd2615dd0dca81e912abbaea795c9c14d39`
SHA3	`5f6c73250f9f5dadc0f89f264ab4955ff6aa158d87bd3f9e975885c29a918dd7`

5 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0.444127`
MD5	`3b8b2cff26165c0484d6a3b4620b86bd`
SHA1	`0e53337f12b48090fc75455c54ce41ad36d12373`
SHA256	`2fe84e72f6e39f9543809117c7f4b0e83e4f5aedc090a059cb941f514404db63`
SHA3	`0d117c01e66b513787194a672ccc4b6a4099443dc27c11dfbe60c32b01639559`

6 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0.41816`
MD5	`bc3676720222fae614b9c803f92b3a29`
SHA1	`9765f61de452aa463d9fd072d7b7bb40cf7931f7`
SHA256	`60b140bae842db3f2d05088167bbfcaa05cc6c3e7fbdae41eabf5dbc75252438`
SHA3	`30021c10cc207a73b987304c241dcfb44dbd8495e6dc011b36d24b7025cbc9dc`

7 (#2)

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42028`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0.386229`
MD5	`c155cc74bcf404ed0c1bb44ba071c0c9`
SHA1	`076dc826cb088ad053619df68dfab94b218abaad`
SHA256	`6e2d6573babc2f0556dd5612b48cd6375cd9c2def17ec5dccfe0fba52329b4ad`
SHA3	`94765f531715fbc297c5675077dd7e197402dec2cea9e3eff0bf47aa38e40197`

4074

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ac`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4075

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x408`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4076

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x384`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4077

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x350`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4078

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x9c`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4079

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xf4`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4080

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x37c`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4081

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3f8`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4082

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x350`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4083

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x49c`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4084

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x294`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4085

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x420`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4086

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x4d8`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4087

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x45c`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4088

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x380`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4089

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x45c`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4090

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x19c`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4091

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xcc`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4092

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x198`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4093

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3c8`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4094

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3b4`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4095

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x354`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

4096

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2b0`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

DVCLAL

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

PACKAGEINFO

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x6dc`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

PLATFORMTARGETS

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TFORM1

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1295`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

TFORM2

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8a6`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32761

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32762

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32763

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32764

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32765

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32766

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

32767

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`0`
MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`

MAINICON

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`2.86354`
Detected Filetype	Icon file
MD5	`34da6d968a4b70bb7958157e1c605132`
SHA1	`689154d942969922a23ee66f9affd57cef1d93a8`
SHA256	`4cea2e943f93c25f578d453ef8cd0dcc50b569fb7d53c97ffe53ea36f79428ed`
SHA3	`113b0498b7a1bf6dadb1243e69833fac36a4fabb30e31a6d82edf3f2ddde0591`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x200`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`3.13033`
MD5	`8d201eb84d6ce37c7fd78eb713fd9cb7`
SHA1	`2c06f4f7cae900403a9f6e7672ded82a5a6f6f98`
SHA256	`6e3601d770ceff60748640cd98ac46fc2648f45a104e959e082327aeaf75eaaf`
SHA3	`007620bc55b513c1f00bb7ea2e9388ae09e0aecee6da1b314f175f38c395ec6a`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x70b`
TimeDateStamp	2021-Jan-15 13:16:34
Entropy	`5.27093`
MD5	`37f3d469d81afab86559a218b53883af`
SHA1	`f2947291a7ed1b36b475df473b80c124fe49e517`
SHA256	`57ddb0538b36184b8937f46f83424587a7985a1538e31c4bc35b046696923aea`
SHA3	`227324c0211fc51a9058cb37874892086e6889ccb48dd3c0356b627830836575`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
FileDescription	Project1
FileVersion (#2)	1.0.0.0
ProductName	Project1
ProductVersion (#2)	1.0.0.0
ProgramID	com.embarcadero.Project1

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

Errors

[!] Error: Could not reach the requested directory (offset=0x0).
[*] Warning: The PE's sections are not aligned to its reported FileAlignment. It was almost certainly crafted manually.
[!] Error: Could not reach the TLS callback table.
[*] Warning: Section .mwxhl has a size of 0!
[*] Warning: Section .xiuya has a size of 0!
[*] Warning: Section .ytvjau has a size of 0!
[*] Warning: Section .bss has a size of 0!
[*] Warning: Section .uisyk has a size of 0!
[*] Warning: Section .wzxbho has a size of 0!
[*] Warning: Section .tls has a size of 0!
[*] Warning: Section .tejlw has a size of 0!
[*] Warning: Resource DVCLAL is empty!
[*] Warning: Resource PACKAGEINFO is empty!
[*] Warning: Resource PLATFORMTARGETS is empty!
[*] Warning: Resource TFORM1 is empty!
[*] Warning: Resource TFORM2 is empty!
[*] Warning: Resource 7ff9 is empty!
[*] Warning: Resource 7ffa is empty!
[*] Warning: Resource 7ffb is empty!
[*] Warning: Resource 7ffc is empty!
[*] Warning: Resource 7ffd is empty!
[*] Warning: Resource 7ffe is empty!
[*] Warning: Resource 7fff is empty!