Manalyze report for bcc55438adf48355f528b1647e9074ce

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1992-Jun-19 22:22:17
Detected languages	English - United States Russian - Russia
CompanyName
FileDescription
FileVersion	`4.1.0.0`
InternalName
LegalCopyright	paul_met & EdHell
LegalTrademarks
OriginalFilename	MakaronEX
ProductName	MakaronEX NewGen
ProductVersion	`4.1.0.0`
Comments	Enjoy!

Plugin Output

Info	Interesting strings found in the binary:	Contains domain names: Emu-land.net adobe.com componentace.com http://ns.adobe.com http://ns.adobe.com/photoshop/1.0/ http://ns.adobe.com/xap/1.0/ http://ns.adobe.com/xap/1.0/mm/ http://ns.adobe.com/xap/1.0/sType/ResourceEvent# http://ns.adobe.com/xap/1.0/sType/ResourceRef# http://purl.org http://www.componentace.com http://www.iec.ch http://www.w3.org http://www.w3.org/1999/02/22-rdf-syntax-ns# http://www.wmtransfer.com ns.adobe.com wmtransfer.com www.componentace.com www.iec.ch www.w3.org www.wmtransfer.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to SHA1` `Uses constants related to AES`
Suspicious	The PE is possibly packed.	`Unusual section name found: .itext`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExA GetProcAddress LoadLibraryA` `Functions which can be used for anti-debugging purposes: FindWindowA` `Code injection capabilities (PowerLoader): GetWindowLongW GetWindowLongA FindWindowA` `Can access the registry: RegQueryValueExA RegOpenKeyExA RegCloseKey RegFlushKey` `Possibly launches other programs: WinExec CreateProcessA ShellExecuteA` `Can create temporary files: CreateFileA GetTempPathA CreateFileW` `Uses functions commonly found in keyloggers: MapVirtualKeyA GetForegroundWindow CallNextHookEx` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Enumerates local disk drives: GetDriveTypeA` `Can take screenshots: GetDCEx GetDC FindWindowA CreateCompatibleDC BitBlt` `Reads the contents of the clipboard: GetClipboardData`
Suspicious	The PE header may have been manually modified.	`Resource TFORM7 is possibly compressed or encrypted.` `Resource TFORM8 is possibly compressed or encrypted.` `The resource timestamps differ from the PE header: 2012-Dec-03 14:43:52`
Suspicious	VirusTotal score: 2/72 (Scanned on 2022-11-17 00:31:24)	`APEX: Malicious` `MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`bcc55438adf48355f528b1647e9074ce`
SHA1	`9cac01f19c40415d411180bd0abe9f0a047890c9`
SHA256	`8f97bf5eeeb39207f9bddb9458d708f85baa0765690848d04058464ab9f8bb0d`
SHA3	`f73da59646606f83e51927d8cfdff2fde3d40b04d243435931453b96908d55b7`
SSDeep	`24576:WEZlXB8sYW5ArmgomdcP9ZJnUrlt1yu3fPdX+G9T0Ghx:WESTi2X8u3nduAT0Gh`
Imports Hash	`bc4eb2251f07dbfabfa673b37a59eae5`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`9`
TimeDateStamp	1992-Jun-19 22:22:17
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0xdc400`
SizeOfInitializedData	`0x54800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000DD5F0 (Section: .itext)`
BaseOfCode	`0x1000`
BaseOfData	`0xde000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x13d000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`0a2c4f91f768f093e7e94829cd6e55ae`
SHA1	`cce7b5d71a6726745696029603ccb60edb2bd3ef`
SHA256	`ad87b136e24d98aba9468b07db440a793d03f6fceef667507d8062560e6979c4`
SHA3	`bf9da6717f0f65a48bdc22944943eb6acba6f6eabebcce28645344ccf848b286`
VirtualSize	`0xdaa74`
VirtualAddress	`0x1000`
SizeOfRawData	`0xdac00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.54975`

.itext

MD5	`79bf51e12608b3273a5a52d0843a35f6`
SHA1	`b795c365e16bb047b38e42f1243eec6c5885d0fe`
SHA256	`dc402173fe0a569fbc50a100ac3862658baf2c5e5e7775c4046b5849b036affe`
SHA3	`7c1d85c3991ce631430f447ab27e8aa1a1f31c74a558b5278dff204834fca07a`
VirtualSize	`0x165c`
VirtualAddress	`0xdc000`
SizeOfRawData	`0x1800`
PointerToRawData	`0xdb000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.06303`

.data

MD5	`09b988a52f9bb7b570c628ed2b285647`
SHA1	`815adb904318dc48ee9138c51e20e42606a49549`
SHA256	`24283496366dfa40d719ecd88526e56f8ca1eaa46791a2e3e74aabb4df89b6c3`
SHA3	`74a02c7d47cdc12a141b47f120e3383a5b35e00f2bb80489cf73d2da05298e03`
VirtualSize	`0x8c54`
VirtualAddress	`0xde000`
SizeOfRawData	`0x8e00`
PointerToRawData	`0xdc800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.87798`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x6e14`
VirtualAddress	`0xe7000`
SizeOfRawData	`0`
PointerToRawData	`0xe5600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`24071a46f621c5d6b28dc54247c89ed0`
SHA1	`631e8d4501d6b70f36823697975c92768cd914ff`
SHA256	`99bde9ee0e2085cd548cf5fa74d8442c6d3cbb3384cd7c0226e90e4c3c65d610`
SHA3	`10cd61b1ceb92c672b28738f57a10995f0ca9e45e04b3c88c5f6671acadd53ee`
VirtualSize	`0x3316`
VirtualAddress	`0xee000`
SizeOfRawData	`0x3400`
PointerToRawData	`0xe5600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.22267`

.tls

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x54`
VirtualAddress	`0xf2000`
SizeOfRawData	`0`
PointerToRawData	`0xe8a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rdata

MD5	`fd87d25a37ff7e334e39235e3a4c2914`
SHA1	`41664623366b86961e175cad0f7a0ba42344861a`
SHA256	`a4a6a60f4da28ea32f4af755d7ce3d5535aaab21ab2453ea30e0f440484f17ee`
SHA3	`5f40fdc89f0eb0bc1133910c0f4322ae12824d85e67cadb69b613b02756355d7`
VirtualSize	`0x18`
VirtualAddress	`0xf3000`
SizeOfRawData	`0x200`
PointerToRawData	`0xe8a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.210826`

.reloc

MD5	`fe1ac8a5f1fe8b33c27589c9494074df`
SHA1	`64530e6c564fad8a2843c6a46990509cedb66066`
SHA256	`8c38113b906886f855624f4affadbbd0acf06f9c8f72ebbb3d45cbd493df21ef`
SHA3	`7c76dc85e3b746e5e12f7fa1784074e54c6a4e9bb9ffa8e76db6de871b57e24b`
VirtualSize	`0xd578`
VirtualAddress	`0xf4000`
SizeOfRawData	`0xd600`
PointerToRawData	`0xe8c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.68865`

.rsrc

MD5	`1b9822dc1b90e2bada3f41076766dabe`
SHA1	`bf68c3fdea6f5c7de0e0fb2b7ab0492f3e48e6e6`
SHA256	`31e42461b695efbcf00f425710dc811c2ec71ea84f408010c1fd2ed31b99b426`
SHA3	`144a237a3b34fedc35838697af22546d7d87400b018e29501578bc1a4e6a3e5e`
VirtualSize	`0x3ae00`
VirtualAddress	`0x102000`
SizeOfRawData	`0x3ae00`
PointerToRawData	`0xf6200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.0816`

Imports

oleaut32.dll	`SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
advapi32.dll	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
user32.dll	`GetKeyboardType` `DestroyWindow` `LoadStringA` `MessageBoxA` `CharNextA`
kernel32.dll	`GetACP` `Sleep` `VirtualFree` `VirtualAlloc` `GetTickCount` `QueryPerformanceCounter` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `SetCurrentDirectoryA` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCurrentDirectoryA` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `ExitThread` `CompareStringA` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
kernel32.dll (#2)	`GetACP` `Sleep` `VirtualFree` `VirtualAlloc` `GetTickCount` `QueryPerformanceCounter` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `SetCurrentDirectoryA` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCurrentDirectoryA` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `ExitThread` `CompareStringA` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
user32.dll (#2)	`GetKeyboardType` `DestroyWindow` `LoadStringA` `MessageBoxA` `CharNextA`
opengl32.dll	`wglMakeCurrent` `wglDeleteContext` `wglCreateContext`
msimg32.dll	`GradientFill`
gdi32.dll	`UnrealizeObject` `SwapBuffers` `StretchBlt` `SetWindowOrgEx` `SetWinMetaFileBits` `SetViewportOrgEx` `SetTextColor` `SetStretchBltMode` `SetROP2` `SetPixelFormat` `SetPixel` `SetEnhMetaFileBits` `SetDIBColorTable` `SetBrushOrgEx` `SetBkMode` `SetBkColor` `SelectPalette` `SelectObject` `SelectClipRgn` `SaveDC` `RestoreDC` `Rectangle` `RectVisible` `RealizePalette` `Polyline` `Polygon` `PlayEnhMetaFile` `PatBlt` `MoveToEx` `MaskBlt` `LineTo` `IntersectClipRect` `GetWindowOrgEx` `GetWinMetaFileBits` `GetTextMetricsA` `GetTextExtentPointA` `GetTextExtentPoint32A` `GetSystemPaletteEntries` `GetStockObject` `GetRgnBox` `GetPixel` `GetPaletteEntries` `GetObjectA` `GetEnhMetaFilePaletteEntries` `GetEnhMetaFileHeader` `GetEnhMetaFileBits` `GetDeviceCaps` `GetDIBits` `GetDIBColorTable` `GetDCOrgEx` `GetCurrentPositionEx` `GetClipBox` `GetBrushOrgEx` `GetBitmapBits` `GdiFlush` `ExtTextOutA` `ExcludeClipRect` `DeleteObject` `DeleteEnhMetaFile` `DeleteDC` `CreateSolidBrush` `CreateRectRgn` `CreatePenIndirect` `CreatePalette` `CreateHalftonePalette` `CreateFontIndirectA` `CreateDIBitmap` `CreateDIBSection` `CreateCompatibleDC` `CreateCompatibleBitmap` `CreateBrushIndirect` `CreateBitmap` `CopyEnhMetaFileA` `CombineRgn` `ChoosePixelFormat` `BitBlt`
version.dll	`VerQueryValueA` `GetFileVersionInfoSizeA` `GetFileVersionInfoA`
kernel32.dll (#3)	`GetACP` `Sleep` `VirtualFree` `VirtualAlloc` `GetTickCount` `QueryPerformanceCounter` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `SetCurrentDirectoryA` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCurrentDirectoryA` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `ExitThread` `CompareStringA` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
advapi32.dll (#2)	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
oleaut32.dll (#2)	`SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
ole32.dll	`CoTaskMemAlloc` `CoCreateInstance` `CoUninitialize` `CoInitializeEx` `CoInitialize`
kernel32.dll (#4)	`GetACP` `Sleep` `VirtualFree` `VirtualAlloc` `GetTickCount` `QueryPerformanceCounter` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `SetCurrentDirectoryA` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCurrentDirectoryA` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `ExitThread` `CompareStringA` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
oleaut32.dll (#3)	`SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
comctl32.dll	`_TrackMouseEvent` `ImageList_SetIconSize` `ImageList_GetIconSize` `ImageList_Write` `ImageList_Read` `ImageList_GetDragImage` `ImageList_DragShowNolock` `ImageList_DragMove` `ImageList_DragLeave` `ImageList_DragEnter` `ImageList_EndDrag` `ImageList_BeginDrag` `ImageList_GetIcon` `ImageList_Remove` `ImageList_DrawEx` `ImageList_Replace` `ImageList_Draw` `ImageList_GetBkColor` `ImageList_SetBkColor` `ImageList_ReplaceIcon` `ImageList_Add` `ImageList_GetImageCount` `ImageList_Destroy` `ImageList_Create` `InitCommonControls`
shell32.dll	`Shell_NotifyIconA` `ShellExecuteA`
shell32.dll (#2)	`Shell_NotifyIconA` `ShellExecuteA`
comdlg32.dll	`GetOpenFileNameA`
glu32.dll	`gluPerspective`
opengl32.dll (#2)	`wglMakeCurrent` `wglDeleteContext` `wglCreateContext`

Delayed Imports

1

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.6633`
MD5	`ff4e5862f26ea666373e5fab2bddfb11`
SHA1	`cfa13c0ab30f1bbd566900dee3631902f9b6451c`
SHA256	`b8e6fc93d423931acbddae3c27dd3c4eb2a394005d746951a971cb700e0ee510`
SHA3	`91dae12a9f43c5443e0661091a336f882fa1482f75fa9a57c9298d1d70c8ae69`

2

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.80231`
MD5	`2e87b3c111e3073a841775c1f8ec5a90`
SHA1	`20292304fa2ef1bfdc4a1000e90a1c16d4765a96`
SHA256	`ce19ace18e87b572e6912306776226af5b8e63959c61cde70a8ff05b3bbdcc41`
SHA3	`9527f09e739c2064835800a7e5c317cb422bdd7237f00fca079a1c62f58a2612`

3

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.00046`
MD5	`a04c3c368cb37c07bd5f63e7e6841ebd`
SHA1	`699300bceaa1256818c43fecfc8cad93a59156b2`
SHA256	`ee1c9c194199c320c893b367602ccc7ee7270bd4395d029f727e097634f47f8c`
SHA3	`58722e3138aad1382e284c1605ecd665ced536de4906749ac8d6e11252cc9558`

4

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.56318`
MD5	`9929115b21c2c59348058d4190392e75`
SHA1	`626fba1825d572ea441d36363307c9935de3c565`
SHA256	`9d9edf87ca203ecc60b246cc783d54218dd0ce77d3a025d0bafc580995a4abd8`
SHA3	`fea156e872544252c625076a6bf3baa733ee5b3d5399716e156734af7a841369`

5

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.6949`
MD5	`f321ad13d1c3f35a05d67773b4bc27d6`
SHA1	`30aded8525417e2531d5eb88bf2f868172945baa`
SHA256	`99676c52310db365580965ea646ece86c62951bfd97ec0aae9f738a202a90593`
SHA3	`04c839da98a8c50a36697076af5bc6d527560a69153b2f718f065908fd4fe3ad`

6

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.62527`
MD5	`5ca217e52bdc6f23b43c7b6a23171e6e`
SHA1	`d99dc22ec1b655a42c475431cc3259742d0957a4`
SHA256	`11726dcf1eebe23a1df5eb0ee2af39196b702eddd69083d646e4475335130b28`
SHA3	`b358d8a5b0f400dd2671956ec45486ae1035556837b5289df5f418fe69348b3f`

7

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.91604`
MD5	`6be7031995bb891cb8a787b9052f6069`
SHA1	`487eb59fd083cf4df02ce59d9b079755077ba1b5`
SHA256	`6f938aab0a03120de4ef8b27aff6ba5146226c92a056a6f04e5ec8d513ce5f9d`
SHA3	`0f1c6c0378a3646c9fbf3678bbeeccf929d32192f02d1ea9d6ba0be5c769e6ab`

BBABORT

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.92079`
MD5	`c987e709cafd3a191333610e4c44914d`
SHA1	`901e4db5d379a222dd416776633ca9738db32e14`
SHA256	`c0ede68a98bd2bc58c78564dfb42f1640dc29766d3ab2782ab8b5ed28c6fd414`
SHA3	`7b14efd89b642988834daf08c97db5bb847f941d75f44a3915e3e5dca2510c53`
Preview

BBALL

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1e4`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.16995`
MD5	`f8a9b4a8f4097cea6a482026484c4d12`
SHA1	`2057a63edce2cbb165512bfad326728cf1053d60`
SHA256	`46cfc44afa8ab31ae3da35fa8346e4c085c441659d9992b09fc8ad517f2b289a`
SHA3	`f3852a8bcb1b38f498231cca2b0427af6c4c52886f92f980968d40fd8e8c5337`
Preview

BBCANCEL

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.92079`
MD5	`c987e709cafd3a191333610e4c44914d`
SHA1	`901e4db5d379a222dd416776633ca9738db32e14`
SHA256	`c0ede68a98bd2bc58c78564dfb42f1640dc29766d3ab2782ab8b5ed28c6fd414`
SHA3	`7b14efd89b642988834daf08c97db5bb847f941d75f44a3915e3e5dca2510c53`
Preview

BBCLOSE

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.68492`
MD5	`6c2fba077bd332b3a48d6b5e43fe4a22`
SHA1	`e7d12e9fd5659881742773884db8ca537765dc81`
SHA256	`f8e1696801fe89b88936ac4226cea03bfa5aa345aa33ca982822ae7fbc6557e2`
SHA3	`39193ea4b2ffb32f16c75ca88ca20465a374cd928aac9b4b3ba5739bbb6222de`
Preview

BBHELP

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.88085`
MD5	`1021657335ba4838db07f5231723df3b`
SHA1	`68f04f6ecbf628029e4e0061392029edec2b0e43`
SHA256	`cb7421b5c6af74c3159c361f3bb78bba8a488d8979d1250e106fa96cbf928789`
SHA3	`888ed4f8473561552d848c3d6624e2331c4ec7795bc5001237cb752b96e4929c`
Preview

BBIGNORE

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.29718`
MD5	`098b5f6c87471f5a83a4e55a6a036d6c`
SHA1	`e16d9186ffa72cc3e373cdf8e40f9e570f0082e7`
SHA256	`41f05a4df5f42d92b879493d51941de342d36460fe15c0f3b63b2b706b928fef`
SHA3	`7939e94342a45e6742dbf7c93f5b42fb861ac81b1fe5e8e04e49c0421338b2cf`
Preview

BBNO

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.58804`
MD5	`8832519641f28981f87e1b3006896eef`
SHA1	`916eaafcf9ffb12bfd6338419bdd22764778ebbd`
SHA256	`81265e63c89ee5c2e5126452e22f84e9be9452449f3e5959ab6d346cb58b2bde`
SHA3	`39743ce838b215420cbb732e107e4c45f63384dcdd5b830d15097fa06cf32cc2`
Preview

BBOK

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.67459`
MD5	`4b349737af0b7e5a5308dff7b93b274b`
SHA1	`b3d36a94fa9a57ad7a68a3b30be92947e811e760`
SHA256	`6b97877cdd547e6ba6467f86055f1fc7b06660b034439f0da4c137538ef14a83`
SHA3	`b9e9646067eae58ad9aded92130651d090a92771bae94676003e9aba47f77cd6`
Preview

BBRETRY

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.53344`
MD5	`7daf7522622a4fe823701fd2ff6f4996`
SHA1	`89f40bad3052afafbd71e80c07b928ec1aa7f4e5`
SHA256	`c925e4a8cbf6d42dbb1220a510614df725558f8d843338982bab8c4e020f6429`
SHA3	`95aa592de7b91edb5889cf5f9a7b042d3b6f6910bbd657ba85632f0d0ed557fb`
Preview

BBYES

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.67459`
MD5	`4b349737af0b7e5a5308dff7b93b274b`
SHA1	`b3d36a94fa9a57ad7a68a3b30be92947e811e760`
SHA256	`6b97877cdd547e6ba6467f86055f1fc7b06660b034439f0da4c137538ef14a83`
SHA3	`b9e9646067eae58ad9aded92130651d090a92771bae94676003e9aba47f77cd6`
Preview

CDROM

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.78825`
MD5	`6bb98462b4b00776fd17038cbf1fb4bd`
SHA1	`f40205d022d824e0b7d930151138991504af3dc6`
SHA256	`4f72c53f3bac49ce0b7c248152479a14e383a90c9fe95edbddec9f03784ca698`
SHA3	`2e951c0dc6c1e7540825793fbf48393c33a7156ba8a9ce6343a06323ef1716aa`
Preview

CLOSEDFOLDER

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.01477`
MD5	`7a7f1740c64d8b5af56ef7611410255c`
SHA1	`df7641fd3a5588e182515b337dcbbd28f2de12ab`
SHA256	`d20c1e7cdff419e1efe08e1b91b4c0d772f7436de618045f7e0fdb3afb662849`
SHA3	`111928d2405474821d76f758f1ba2dfb15368f64bbfde0644c9ec7acc5f56c9f`
Preview

CURRENTFOLDER

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.97986`
MD5	`53466cf475196c6a883514140b1253c1`
SHA1	`02f577f238ea87b3400ec0ced2315d53cddfc7d1`
SHA256	`0f5248f16fe2b1e73aa9be760a6f0bef933dc09e3cc6d8a8958eae1ce0bd0f97`
SHA3	`e38ae4779212d26cd9f3f9298910aa52dbbbce2527673aa9ada7de9deb1a817c`
Preview

EXECUTABLE

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.96393`
MD5	`d623fd4c67881a744b9783e77cdaa9a3`
SHA1	`07fd1454decb874d847cb6e3a847391e3b03865a`
SHA256	`4a217ca811d9c29363ead1d67b7ffa0f6e8b8e1d1a068730f4f7d557c3710b44`
SHA3	`2aa8c8713c75f32e131b449444a6b570ee7be8da50c2f7e8a499cef693339e85`
Preview

FLOPPY

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.63812`
MD5	`c3a2737f14f437f54cbf251782ae0a45`
SHA1	`e0a402c41f62804664b9d9cb9bae9615bf60f5ed`
SHA256	`2cb60d7d674640457497f54b82b42afaa8a2cbd7c28a1aae35f128b4471cfaaa`
SHA3	`eb1bb0ae168e1645292c6759be7ba322451b7035d87f01f8bf0f548290bb1830`
Preview

HARD

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.62043`
MD5	`47957e26414e5a0cf93c9049b1a7f2a2`
SHA1	`08a70125bb3cf069d224c94dd4f4632b8f671a61`
SHA256	`a36fee3ac0a24b86169997e112d55de38ae2080815d2104c73bc90ad4eff5cbe`
SHA3	`59409ff1a314a69758371a1dafa7f175812eb3821240ff5b25b7b881b9d58deb`
Preview

KNOWNFILE

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.83217`
MD5	`7a6c4028ea8bdbe916a592614cb67a33`
SHA1	`e84fa7f028b79b4c641a2d66ad1ad296b7e6a262`
SHA256	`d8444a0e4c91df51a151d4c64256e5d5f62a3e4a5b17ccb9778422f0e01223c3`
SHA3	`de4dcc10f2110aa3f30104c8ef6a447c8fb22789a236072e61e38d5e16d0e0c9`
Preview

NETWORK

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.73457`
MD5	`30e739f7ed3dd033117260d97bb67e99`
SHA1	`b97adf513dd432cf039cd9425caf9b3241d7d233`
SHA256	`caf10784d936136cddde6b4489d7ffdc6098f8050a81c7e02d1ebdd9878cff15`
SHA3	`1511f9fa160bee36e6099269dade08d1a5709a22360ccbd4060fa6b54b8fb7d4`
Preview

OPENFOLDER

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.0519`
MD5	`9b7d7f0031cfa6a137ff6436e59986fb`
SHA1	`20eb56f55581540919b119113b567bec618c3f95`
SHA256	`e086586402b8c51192766a01a37dd2f2b4b657bbd4d5b721f1eed692678f6ef6`
SHA3	`86a19763883baaae65d79b7e3c64525f16b942bd1187792bab8f56f7efaa2c56`
Preview

PREVIEWGLYPH

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe8`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.85172`
MD5	`48276e8432af5a23af78e1d23de8ef5a`
SHA1	`12fb57606d03e3fe28263e3e9e96b4eedc79aef7`
SHA256	`78507a772de646626b196a743cee75b298a68c33a0fd482842071519d59037b2`
SHA3	`1cf31d53c7ea5dbe90181cb2db39ce6cd21484f5495b0af59f5c6164d9b3d3d0`
Preview

RAM

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.73213`
MD5	`0ad765e61ab984673ce3db3a91fc6182`
SHA1	`2b67d4f1eec717c3aa2472db56ab4472c96b742f`
SHA256	`5bea8ae9edb158f767d478703ce5153b8773e1e0390fa2c4af83f063c6c2f1fa`
SHA3	`deda4d692b33e267292ba10effd899736e090a1af7f55028cdaa0ef850a85945`
Preview

UNKNOWNFILE

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.50975`
MD5	`307c6180ecb5efadfc8d59bb7dc28a5c`
SHA1	`8cd2e11eefecccd0c1414ce2b548c4fa82621dd4`
SHA256	`6af26f85073e8fce3b9ab49acbde0b702f68ec078be72e8aeca66086947a885e`
SHA3	`3e2f18021c6974600d7e8fc8064bb225657e4aeb0e28b7fdae034c6e938e264f`
Preview

1 (#2)

Type	`RT_ICON`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`6.17279`
MD5	`d52e2b54bfb470b57ad08bbc0b8f2b5d`
SHA1	`bd3dc60b67c1325ec0262117cc129f05d143826e`
SHA256	`76abe26c0438e4c7171ea341dc962b55241cef16aa532d675bf0f4b704897960`
SHA3	`0ba5ba8c3d61756a84689353a646ea2aa2fcda04a7d68a9b16db9ffd2078ed81`

DLGTEMPLATE

Type	`RT_DIALOG`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x52`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.5627`
MD5	`db949b51eec31f37281a7fa424a3e158`
SHA1	`f61214ce31a91d174e77f12c90f18ddd4e265a1d`
SHA256	`771f64afb45a9edc8c4f6c5b2039f9b32623cea53bf0cab5bf1f371cc5d1abe4`
SHA3	`4a2bc09771734352d594a48fe2249ca0697c471d80a4001f60c6d86c46b6319e`

TEXTFILEDLG

Type	`RT_DIALOG`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x52`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.61605`
MD5	`ac5eefd684bd75f9ded1d0e368f566da`
SHA1	`33dd756799618130fd3c1097be1638f47ada0f90`
SHA256	`26be3f5d9e8788884e3d857861b2666da59e7e80dfaa6e7e52832428980204fc`
SHA3	`bb30afb20c2bc5d31729c46212a31568a47a85da5d4bed5e936bee775915da30`

4080

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x254`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.38048`
MD5	`dc6403fa0d0f9454e569a07217e43ec4`
SHA1	`0919c919f1034e6ccbaa87cd32b786a108e09720`
SHA256	`a78fd3dfd149e46d709fddc921c9b561e461f29776587e5a7046c80545a2c6b5`
SHA3	`da1e4b59d114315eb0414708f4f20b66bc6cca4d490be59b6da9ddb8598c9de2`

4081

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x52c`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.33269`
MD5	`6784d7cff4cdda4491477d2922b5a108`
SHA1	`e4df2067aedc13e6ec18cc52df6a9cb1bc8579a7`
SHA256	`3c7bc82224f9248830ef8c3c23ec9c44af78a527f0d32753e19e1a5f1db32610`
SHA3	`4bcd8362cb116f16b62046cdd626ddb8498f6e9c40270777c32076ba4968b933`

4082

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2c4`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.48549`
MD5	`f5cc5da1443062ac1600c8471b311c5d`
SHA1	`d5a457a13bb479475a13c491d13fc51c5b7e5046`
SHA256	`9dfd44b135c1610ab6004fcc2549f5c99e50f9a9b850e01ea4bfc57567e6adb4`
SHA3	`884d6f3a880e22c7001aedaccfe19ecf2c5307fac98cae70dfd7f7c19a0020dc`

4083

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x390`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.33118`
MD5	`7d9475e707535e326d06804352128110`
SHA1	`8bc9d064550d02e8e854b8cc3d3763bc43607bf8`
SHA256	`127b1956d91b572f380d1825c5a520635349ea588753a951e2ce04b344b6c0b5`
SHA3	`cd1311b1510c33f44338232c918edc1b5d6da644d7a97d553573c9225800c4c0`

4084

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x9c`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.44967`
MD5	`210964f4e28003a874454a06a5c2fca1`
SHA1	`715336d8fe6c741ec768b35c455ef99362ea658e`
SHA256	`3c8133ad5dc190728cd90e6bfccd9132046b36df960d4d900b1ac3ddcf37e078`
SHA3	`4b00d35e2af286b15e1965f9b132081dc597e596a8edbe19e66f654a03c5da04`

4085

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xec`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.3924`
MD5	`9e9984ec70b00055b64d9bf1ba6d4668`
SHA1	`4d121afb97d959499ec750de40b64c22c6c8cbd4`
SHA256	`dc526c2370d72308334da7808c65812e4d34a1b3f8bd8a345aeab889ea0b4f9a`
SHA3	`02d90ee49b3c90bac757871054b70a9ab675aae4f0bbe45cb53edc90fbb2869b`

4086

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1a4`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.37082`
MD5	`ecda3ac63f8759543c9628410c788ef9`
SHA1	`38bea2987c93ecfedd67436d622750d7909d68f5`
SHA256	`6f7f705c9c53416b2fbc27cf86be9b0d6d0dbeabda2c7bc24bdcc62688656a82`
SHA3	`15e8b5f5697aa124b21958bdc7a17a181885f4c5704db1e11ae9c17e1b4fa00c`

4087

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x458`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.29102`
MD5	`9b7f13db8313675aa171eca726780f6f`
SHA1	`75ba9c27cfdedddf71f4539ae6e30e8d5753b19c`
SHA256	`fba2664e375524e197609b75331c3635245f95789a408e8ba5daadfdf312193e`
SHA3	`f4dc50bf3ecf937764df8a5d799826460b5ff25ed777439a35cd288aac5de26e`

4088

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x350`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.31979`
MD5	`070093ab316d4aaef2ed9c169cbc4701`
SHA1	`8cbcb3d2a62296d3e2826988ad7b0f805aab4cc2`
SHA256	`bde95710a0329b83f1de17d51ea5eb6eaf0898c9c44eaa84c4448b17756b6461`
SHA3	`1832b3f4832db966080386bd1cd1e4861a19d761efee8f2689cc973e01bd4410`

4089

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x390`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.29176`
MD5	`c0eae5de147cbfaf42595c75435edbef`
SHA1	`c561f404d4eb5cabc521144daa505d9c6e5b631f`
SHA256	`40c4406542507cc47eda69f22d0c973a10f72b438cfd7c5eeaef5fcd71644fdc`
SHA3	`094723d3451b0d8cbb311fe2c823707ad90ca7f65a57c072f6d6b3e47600003e`

4090

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x40c`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.33267`
MD5	`4b6cf28a9c549ba84870ee77de28e7cc`
SHA1	`fd8a96e2422f34fd22e13ed33b57947e13bbc78a`
SHA256	`f4fd56d09647b961e1e891e1b954dc00f8772f040f0d94962bbef6c4ef10a59b`
SHA3	`bc80040f972e9e287f0bc94cda4ab8325f75bfd818b530b191900ba6ed6a2bc9`

4091

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x140`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.30609`
MD5	`f113f8942eff6bd131276c328748404c`
SHA1	`7a8c5e743ec60abdf884890b38a05f66053447b6`
SHA256	`21880d9d2145681bb044a97fe43146478d0c95db02625a6f63ce66d876f94a61`
SHA3	`5c5488744854133f9338d0636d7c9f8ab74fe409a10101c5fd2c4f6698070fd4`

4092

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xcc`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.34889`
MD5	`41e84c55d83e38e1b0ccab4f95866254`
SHA1	`450faac12f2e13711bfc14c90b000d3cf66d9e5c`
SHA256	`e04403c92735b3fc70823791da7ca19ed2a76b68328a76743f07290479c44652`
SHA3	`5ebd657deaf91b038845ad4b68ebcec97e3c47da836a637a570e0d27d0a48024`

4093

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ec`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.40792`
MD5	`8f38e3aa2e8063df6ee858880d352c50`
SHA1	`25cf011f22631968b12cbab98d07b1f7f588e9cf`
SHA256	`cf9dd14a3e0c4458530937ddeaa98f67f2665d94d5a0bbaa124fb69c83f6af6e`
SHA3	`76072ee50a4cc5408d3ac8fcc0a1ea57ba8bd31f74c71086fe8b4e615d4f80bc`

4094

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3e4`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.2573`
MD5	`55d51b80e36beeaca9e3309e80914129`
SHA1	`4db6c6354bb94e89bb8b3d78681daf2b64b4af6c`
SHA256	`dfc36f3550142e9374fb33bf3a6e10b77765b136af5f4f1031902640d9d02ee8`
SHA3	`c52122c31c3c808d36fdfe0c4b96d5f961f33b5d2b67490845a81675a78a7fba`

4095

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x31c`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.36055`
MD5	`d2cda95c908c086fa8ac8a3a78ffc7d0`
SHA1	`c8dc241cd62c8489a322e72603c7a42642243da2`
SHA256	`a69136035854523ea2b36fee57f9f0823db73631c7aabce5e952ba6b80bf8238`
SHA3	`d5fb66a81ee9f78ac5c406447a4627b4554ad0b061d3ac822be9d709fb089bb1`

4096

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x294`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.29371`
MD5	`0a399d0f0d06f3807ce2b2bb95a277c8`
SHA1	`5142268d23a5b4e39d181255166bb1ef41141548`
SHA256	`b48888f35b371cfb0451cb3a85d8eaafdd440c96c3631acd94b1855c34a25b64`
SHA3	`3867a5cc562325ef1216b90bf3f340d06f0ef28dcbd9d3191ea47617856abe85`

DVCLAL

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`4`
MD5	`d8090aba7197fbf9c7e2631c750965a8`
SHA1	`04f73efb0801b18f6984b14cd057fb56519cd31b`
SHA256	`88d14cc6638af8a0836f6d868dfab60df92907a2d7becaefbbd7e007acb75610`
SHA3	`a5a67ad8166061d38fc75cfb2c227911de631166c6531a6664cd49cfb207e8bb`

PACKAGEINFO

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x40c`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`5.4207`
MD5	`a68dbffb6cec08d2fa3f7fb010d4354b`
SHA1	`8d5a6c2398c9bb2002681d6783a08622b54e5d3c`
SHA256	`38ef922f49303dd189d2bd44ff3645b1800a60f120bee35de29717e269f823c6`
SHA3	`082330c98115d2d99ad1c64a9ac041ba894ae03515322e527aa33a0c59875ce3`

TFORM1

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x6c8f`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`5.55397`
MD5	`2b995a8ac080fe0b7639bac0924ebb16`
SHA1	`0b3bc3e54ae4d0747b9247112e3bfb3b2a5b19b3`
SHA256	`8bca535737899e6f2ee1c58be3a670cb77e7c7fc1b8ce11e6d63e475e1c21cf0`
SHA3	`e491d04565683f066ab398af95306d4ad6dd84bc95670c5f3f52728383dc2142`

TFORM2

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x34d`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`5.48494`
MD5	`1ea1387e74e41b12cc304d288848e83b`
SHA1	`d24d5f7cfe9ce02c2e81f26a0fb4223217c7b1a2`
SHA256	`3ce3899a207cb7a8acc74105d4cd233abb67d147eef6f51294ac28abdd2cf114`
SHA3	`57ddfbc88c6e95507a0d502847d804199edc095d442d9f215184bcd0de02733e`

TFORM3

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x7c47`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.53143`
MD5	`7869002882677f794e1440fb66a7652c`
SHA1	`913ec33f9598b0ebee9581152a4223bc6e52e418`
SHA256	`366c206a5ae600a4555e1b3c3bb168c53d11fc2af84fd5d91b17a8bfb1017510`
SHA3	`8c2a5fd4eb42bd2ee5c053b59c452f0a469dcc59900d41313d5571765571d3ce`

TFORM4

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x321d`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.27033`
MD5	`9b11d35743a93b17ddd9fd552e48d887`
SHA1	`cf32d28c82116a65a51390ca977e73c500072d5d`
SHA256	`94f2990f673be684b67acf7877fd31449e44bac8c3b0cb8b203c9442e5bebe28`
SHA3	`fd9b2e175047d05dbb7f77761beab70f5e34ac486b39f5f3228285eb192a352a`

TFORM5

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1ad8`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`5.6726`
MD5	`c992e1ecfa171d528a482a9ea904ab82`
SHA1	`cc23c3b103da276bd2aae0f587c3ec96c093e08d`
SHA256	`b2437eac6a726108630a03372a5956332ef5ebfa3921ead1016598b1566999be`
SHA3	`96708807ebc99dbdd87e6a8bc560ee56e3417e78a740109070c34c28b7dc54c5`

TFORM6

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x7da7`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.93586`
MD5	`6a0cb9188daab62ac093fa5ed5853d16`
SHA1	`2fea44e5d1662480acc60f219193e323cbc34e08`
SHA256	`1bc561f60892d64c5b9c122be6c8d3ccadb3ccb5127b09c7dd3909e2311a0bfc`
SHA3	`10fb0a240a71c23eca03cbceb5fa278cd45c3c1a338b2b23e0ab187d61da6744`

TFORM7

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xa2b6`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`7.8575`
MD5	`e270e73989fe7f9c9de8e04eed41344a`
SHA1	`d2c2c8392d6bbaefbab86caa729ac2d479e8c884`
SHA256	`5372ce9a00a27dcf5e45b2e37a6be323db7d8e6a771bb8244ac706545b5d7fee`
SHA3	`524a2cbefc462cef7b82b7c3eb188b12bca7bd780bf1c1a6c2551992729ea332`

TFORM8

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xbb56`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`7.59415`
MD5	`eff65f0141ca09f64321557271c0a995`
SHA1	`5c96eaa0be8cf3d26df739f0059c549e3455234a`
SHA256	`2ce0867ec94b769ac089cdf73b9ef66d7d7a68e1223c92cffda9de229715e5bc`
SHA3	`cc06a119b000162bc7060ec6863db95090d2cb1118daf6a65065adccff696937`

TFORM9

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5a6`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`5.55801`
MD5	`78d10d471a71c27b1b429d5c9d36ae59`
SHA1	`1b699a8b57c32d0aeaf271ec14c90c3e86abbb20`
SHA256	`d20c03446855bca213971ec5bd1cc263c677e8cfd3d80bf9d108e66e41bba6ec`
SHA3	`5bbcfeae7042660104218f3f3d54a7c472cf3b2533551a722606556c50c74602`

32761

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`1.83876`
Detected Filetype	Cursor file
MD5	`a2baa01ccdea3190e4998a54dbc202a4`
SHA1	`e8217df98038141ab4e449cb979b1c3bbea12da3`
SHA256	`c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710`
SHA3	`8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc`
Preview

32762

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`1.91924`
Detected Filetype	Cursor file
MD5	`aff0f5e372bd49ceb9f615b9a04c97df`
SHA1	`e3205724d7ee695f027ab5ea8d8e1a453aaad0dd`
SHA256	`b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c`
SHA3	`9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712`
Preview

32763

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`48e064acaba0088aa097b52394887587`
SHA1	`310b283d52aa218e77c0c08db694c970378b481d`
SHA256	`43f40dd5140804309a4c901ec3c85b54481316e67a6fe18beb9d5c0ce3a42c3a`
SHA3	`38753084b0ada40269914e80dbacf7656dc94764048bd5dff649b08b700f3ed5`
Preview

32764

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`1ae28d964ba1a2b1b73cd813a32d4b40`
SHA1	`8883cd93b8ef7c15928177de37711f95f9e4cd22`
SHA256	`ff47a48c11c234903a7d625cb8b62101909f735ad84266c98dd4834549452c39`
SHA3	`a85dadd416ce2d22aa291c0794c45766a0613b853c6e3b884a2b05fc791427b8`
Preview

32765

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`0893f6ba80d82936ebe7a8216546cd9a`
SHA1	`0754cbdf56c53de9ed7fbd47859d20b788c6f056`
SHA256	`a0adcedb82b57089f64e2857f97cefd6cf25f4d27eefc6648bda83fd5fef66bb`
SHA3	`ce6148ade08ef9b829f83cb13b4c650d9d4a7012bfd1ab697a7870a05f4104f8`
Preview

32766

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`dcaa3c032fe97281b125d0d8f677c219`
SHA1	`58fe36409f932549e2f101515abee7a40cf47b2c`
SHA256	`6e1e7738a1b6373d8829f817915822ef415a1727bb5bb7cfe809e31b3c143ac5`
SHA3	`02ef292e1b4a70e439e362af6b4fa213e3816ade45222b78dabab712b6afba54`
Preview

32767

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`a95c7c78d0a0b30b87e3c4976e473508`
SHA1	`b19f3999f1b302a2d28977cb18a3416c918d486c`
SHA256	`326c048595bbc72e3f989cb3b95fbf09dc83739ced3cb13eb6f03336f95d74f1`
SHA3	`8157b4e6afa7ed2e2ffc174d655bec9fb81db609e4c5864faa5ead931ff60689`
Preview

MAINICON

Type	`RT_GROUP_ICON`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`6da8e7d5ae1d5d15e0230a67a7c16c6d`
SHA1	`678db52cbe5d617c33c6269bfd4b6d8d1a17f956`
SHA256	`6eb54801f91b6d8effccbfaefe6b2d7705a274a75940e6226e24e0d4ec58c396`
SHA3	`994fc217c7b8bc8008ac262ff58044403206de6eceafd424d4640ecad395eb2f`

1 (#3)

Type	`RT_VERSION`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x2d0`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`3.27177`
MD5	`c3a739906d9b9320bc47b139ca393f3f`
SHA1	`cc129d59bf00f8876b28ec55afc8acd924e5d2f5`
SHA256	`bec8c2d8b45af488873df155356b1e7f92da406fde8206a1885f3d8d443af167`
SHA3	`e1bfd016fb01418a466f306e412b0689e60d55b8ef2d88d972013b8c61ac0b24`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x245`
TimeDateStamp	2012-Dec-03 14:43:52
Entropy	`4.95218`
MD5	`ec5f45455a2dc2584390b6ba8dac86b6`
SHA1	`c4430217c0673d86805482d90cf34fa38a3f758c`
SHA256	`a3eca8428248ea414fdceaf0b451393866fe413a5eae29264d1e29bb60c0c68c`
SHA3	`227245b0c93388712983c330d15338e56d8d46dbeb08c42d717f98c86d65706f`

String Table contents

Input is not an valid %s Format.
Input can not be convert to %s Format.
copy Input to Output
Hexadecimal
Hexadecimal lowercase
MIME Base 64
UU Coding
XX Coding
Length from Encryptionkey is invalid.
Keysize for %s must be to %d-%d bytes
%s is not initialized call Init() or InitKey() before.
Enter password:
Please insert a blank disk #%d
Please insert the first disk
Please insert the last disk
Please insert disk #%d
Disk is full. Required free space: %d bytes, but available only: %d bytes. Clean the disk or find another blank disk
%s. File processing error, possibly disk is full
File '%s' not found on inserted disk. Please insert last disk with required file
Buffer overflow
Invalid UTF7
OLE error %.8x
Method '%s' not supported by automation object
Variant does not reference an automation object
Dispatch methods do not support more than 64 parameters
Circular Protection detected, Protection Object is invalid.
String Format "%d" not exists.
ASCII
Unicode
Big Endian Unicode
UTF-8
UTF-7
Cannot remove shell notification icon
Cannot create shell notification icon
Invalid index
Unable to insert an item
Invalid owner
This control requires version 4.70 or greater of COMCTL32.DLL
Cannot change the size of a JPEG image
JPEG error #%d
JPEG Image File
Overwrite file "%s" with "%s"
Password for "%s"
Ctrl+
Alt+
Unable to insert a line
Clipboard does not support Icons
Cannot open clipboard
Menu '%s' is already being used by another form
Docked control must have a name
Error removing control from dock tree
- Dock zone not found
- Dock zone has no control
Error loading dock zone from the stream. Expecting version %d, but found %d.
Multiselect mode must be on for this feature
Separator
No OnGetItem event handler assigned
"%s" is an invalid path
ANSI
BkSp
Tab
Esc
Enter
Space
PgUp
PgDn
End
Home
Left
Up
Right
Down
Ins
Del
Shift+
Bitmaps
Warning
Error
Information
Confirm
&Yes
&No
OK
Cancel
&Help
&Abort
&Retry
&Ignore
&All
N&o to All
Yes to &All
Cannot create form. No MDI forms are currently active
A control cannot have itself as its parent
OK
Cancel
&Yes
&No
&Help
&Close
&Ignore
&Retry
Abort
&All
Cannot drag a form
Metafiles
Enhanced Metafiles
Icons
Failed to read ImageList data from stream
Failed to write ImageList data to stream
Error creating window device context
Error creating window class
Cannot focus a disabled or invisible window
Control '%s' has no parent window
Parent given is not a parent of '%s'
Cannot hide an MDI Child Form
Cannot change Visible in OnShow or OnHide
Cannot make a visible window modal
%s property out of range
Menu index out of range
Menu inserted twice
Sub-menu is not in menu
Not enough timers available
GroupIndex cannot be less than a previous menu item's GroupIndex
No help found for context
No topic-based help system installed
Bitmap image is not valid
Icon image is not valid
Metafile is not valid
Invalid pixel format
Scan line index out of range
Cannot change the size of an icon
Unknown picture file extension (.%s)
Unsupported clipboard format
Out of system resources
Canvas does not allow drawing
Invalid image size
Invalid ImageList
Unable to Replace Image
Invalid ImageList Index
List count out of bounds (%d)
List index out of bounds (%d)
Out of memory while expanding memory stream
Error reading %s%s%s: %s
Stream read error
Property is read-only
Failed to get data for '%s'
Resource %s not found
%s.Seek not implemented
Operation not allowed on sorted list
%s not in a class registration group
Property %s does not exist
Stream write error
Unable to find a Table of Contents
No help found for %s
No context-sensitive help installed
Can't write to a read-only resource stream
CheckSynchronize called from thread $%x, which is NOT the main thread
Class %s not found
A class named %s already exists
List does not allow duplicates ($0%x)
A component named %s already exists
String list does not allow duplicates
Cannot create file "%s". %s
Cannot open file "%s". %s
Invalid stream format
''%s'' is not a valid component name
Invalid property value
Invalid property path
Invalid property value
Invalid data type for '%s'
List capacity out of bounds (%d)
Mon
Tue
Wed
Thu
Fri
Sat
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Ancestor for '%s' not found
Cannot assign a %s to a %s
Bits index out of range
Oct
Nov
Dec
January
February
March
April
May
June
July
August
September
October
November
December
Sun
Interface not supported
Exception in safecall method
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
System Error. Code: %d.
%s
A call to an OS function failed
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Error creating variant or safe array
Variant or safe array index out of bounds
Variant or safe array is locked
Invalid variant type conversion
Invalid variant operation
Invalid NULL variant operation
Invalid variant operation (%s%.8x)
%s
Could not convert variant of type (%s) into type (%s)
Overflow while converting variant of type (%s) into type (%s)
Variant overflow
Invalid argument
Invalid variant type
Operation not supported
Unexpected variant error
External exception %x
Assertion failed
Floating point underflow
Invalid pointer operation
Invalid class typecast
Access violation at address %p. %s of address %p
Access violation
Stack overflow
Control-C hit
Privileged instruction
Exception %s in module %s at %p.
%s%s

Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
Variant method calls not supported
Read
Write
Format string too long
'%s' is not a valid integer value
Out of memory
I/O error %d
File not found
Invalid filename
Too many open files
File access denied
Read beyond end of file
Disk full
Invalid numeric input
Division by zero
Range check error
Integer overflow
Invalid floating point operation
Floating point division by zero
Floating point overflow

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	4.1.0.0
ProductVersion	4.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Russian - Russia
CompanyName
FileDescription
FileVersion (#2)	4.1.0.0
InternalName
LegalCopyright	paul_met & EdHell
LegalTrademarks
OriginalFilename	MakaronEX
ProductName	MakaronEX NewGen
ProductVersion (#2)	4.1.0.0
Comments	Enjoy!

Resource LangID	Russian - Russia

TLS Callbacks

StartAddressOfRawData	`0x4f2000`
EndAddressOfRawData	`0x4f2054`
AddressOfIndex	`0x4de7b4`
AddressOfCallbacks	`0x4f3010`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`(EMPTY)`

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!
[*] Warning: Section .tls has a size of 0!