bfb0398592e7abe1c0da6619007f65d6

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 1992-Jun-19 22:22:17
Detected languages English - United States
Farsi - Iran
Comments This installation was built with Inno Setup.
CompanyName GOG.com
FileDescription Cannon Fodder Setup
FileVersion 1.0.0.1
LegalCopyright
ProductName Cannon Fodder
ProductVersion 1.0.0.1

Plugin Output

Suspicious Strings found in the binary may indicate undesirable behavior: Looks for Qemu presence:
  • Qemu
 Contains domain names:
  • http://mcop.netfirms.com
  • http://mcop.netfirms.com/
  • mcop.netfirms.com
  • netfirms.com
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Uses constants related to MD5
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryExA
  • GetProcAddress
  • LoadLibraryA
 Functions which can be used for anti-debugging purposes:
  • FindWindowA
 Code injection capabilities (PowerLoader):
  • GetWindowLongA
  • FindWindowA
 Can access the registry:
  • RegQueryValueExA
  • RegOpenKeyExA
  • RegCloseKey
 Possibly launches other programs:
  • CreateProcessA
 Uses functions commonly found in keyloggers:
  • MapVirtualKeyA
  • GetForegroundWindow
  • CallNextHookEx
 Memory manipulation functions often used by packers:
  • VirtualAlloc
  • VirtualProtect
 Functions related to the privilege level:
  • OpenProcessToken
  • AdjustTokenPrivileges
 Can take screenshots:
  • CreateCompatibleDC
  • BitBlt
  • GetDCEx
  • GetDC
  • FindWindowA
 Reads the contents of the clipboard:
  • GetClipboardData
 Can shut the system down or lock the screen:
  • ExitWindowsEx
Suspicious The file contains overlay data. 19541979 bytes of data starting at offset 0x164c00.
The overlay data has an entropy of 7.99999 and is possibly compressed or encrypted.
Overlay data amounts for 93.0427% of the executable.
Safe VirusTotal score: 0/70 (Scanned on 2019-10-18 08:14:48) All the AVs think this file is safe.

Hashes

MD5 bfb0398592e7abe1c0da6619007f65d6
SHA1 a327d7ce5dbf98e419615f1daa7a40e7bc16f1da
SHA256 7e026dd0f2dd2cfa38c6efe754a77a335a91701b306bd78b0006985a16a643bb
SHA3 d2d8e83163b6b6bcdbaef3ed44c217d0c9b24512b777f147978445430085876f
SSDeep 393216:i/v44P1rJKz7YvoVcbChluZ38gwWCP/m/S4LFyVYoPcDN3YpDxAg:i/v4IdJKn6oVzluF85P/m/S6MnkDN3Iz
Imports Hash c94ab418bb2d27db5778fed5081fb370

DOS Header

e_magic MZ
e_cblp 0x50
e_cp 0x2
e_crlc 0
e_cparhdr 0x4
e_minalloc 0xf
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0x1a
e_oemid 0
e_oeminfo 0
e_lfanew 0x100

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 8
TimeDateStamp 1992-Jun-19 22:22:17
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 2.0
SizeOfCode 0xd8000
SizeOfInitializedData 0x8c800
SizeOfUninitializedData 0
AddressOfEntryPoint 0x000D872C (Section: CODE)
BaseOfCode 0x1000
BaseOfData 0xd9000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 6.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x16b000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x4000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

CODE

MD5 ec3a2c6d97a9a17aed8aabeeedd106a0
SHA1 fc233f5f8035b4a38bd225b0c9bff2daee149453
SHA256 235c50611e452a4d0651eb56030db115c1f0403caf965daa3678d9452e236f83
SHA3 75468af0f7ecfabae42b6213f7b377df12e96adc5d90466f97f6bc6faf23a634
VirtualSize 0xd7f88
VirtualAddress 0x1000
SizeOfRawData 0xd8000
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.55667

DATA

MD5 ba39121ad358f0a666add6539c2574f2
SHA1 8eb731fab90b4f4ffadfd2f37278118861882dc8
SHA256 da036fdcca262d5db46b769ccf7b4690503c7c689eaa37fc79c2c8dcddfe56d7
SHA3 07c5f943ba17e722cae0363df2e8033c67a0444f0732c4dafed30f6945b76fbd
VirtualSize 0x5850
VirtualAddress 0xd9000
SizeOfRawData 0x5a00
PointerToRawData 0xd8400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 6.26627

BSS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x1c7d
VirtualAddress 0xdf000
SizeOfRawData 0
PointerToRawData 0xdde00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata

MD5 d63eb6bc5d0a6d1a070d2d1cd6c1ba5c
SHA1 afa6acd758d6d5a1bbf75ab2de5cd058b5b7fbe7
SHA256 49549e067155187f37b63be6df1b90f340339fc4418471624161275dd878424b
SHA3 f57b24b5e468103ffbfef7f68e1a9a79bbf5f66c1aa03fe00aa6a17f7c610a3e
VirtualSize 0x2860
VirtualAddress 0xe1000
SizeOfRawData 0x2a00
PointerToRawData 0xdde00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.92873

.tls

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x10
VirtualAddress 0xe4000
SizeOfRawData 0
PointerToRawData 0xe0800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata

MD5 fcd56d6399c189495b562b7a023f3488
SHA1 6bde2795a30837a12c51e6d6b062385795977b4c
SHA256 11ab6219da60d4b7a636f158e76a7a9eddd878f18f0c7aa7a3e9c9efeed241c6
SHA3 0956ded641d4a017c2aba624cceeadc3599e53ea9033c2cd16c724bea11c5e64
VirtualSize 0x18
VirtualAddress 0xe5000
SizeOfRawData 0x200
PointerToRawData 0xe0800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_SHARED
Entropy 0.20692

.reloc

MD5 002e10e5869801811c1939288752a636
SHA1 2c963c73a0754ff986d98563eee8d586e72e20ab
SHA256 ab0803127decc9e887ff7f920224a773ed01b75700a1c9b1920a28f43f0478c4
SHA3 165781819110fa963891f5ee1f049177d85e1a5275ac57185c4d1c7865d36ab7
VirtualSize 0xb5f4
VirtualAddress 0xe6000
SizeOfRawData 0xb600
PointerToRawData 0xe0a00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_SHARED
Entropy 6.66896

.rsrc

MD5 b85c908153e5e9da6e254c969278f972
SHA1 b4849c6c2c7d4189781ca4179a82748a9d6543cc
SHA256 6541ddd88dc983d02ea0cf816458a8fa2e06c8c2f33c20deff2255e5b38598d9
SHA3 527054d0d9b1856962fbae10f9ef2f7f9165bfcf4100e45252be7977d70cd79c
VirtualSize 0x78bc4
VirtualAddress 0xf2000
SizeOfRawData 0x78c00
PointerToRawData 0xec000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_SHARED
Entropy 5.91098

Imports

kernel32.dll DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetSystemTime
GetFileType
CreateFileA
CloseHandle
user32.dll GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
advapi32.dll RegQueryValueExA
RegOpenKeyExA
RegCloseKey
oleaut32.dll SysFreeString
SysReAllocStringLen
SysAllocStringLen
kernel32.dll (#2) DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetSystemTime
GetFileType
CreateFileA
CloseHandle
advapi32.dll (#2) RegQueryValueExA
RegOpenKeyExA
RegCloseKey
kernel32.dll (#3) DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetSystemTime
GetFileType
CreateFileA
CloseHandle
version.dll VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
gdi32.dll UnrealizeObject
StretchDIBits
StretchBlt
SetWindowOrgEx
SetWindowExtEx
SetWinMetaFileBits
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetPaletteEntries
SetMapMode
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RoundRect
RestoreDC
ResizePalette
Rectangle
RectVisible
RealizePalette
Polyline
PolyPolyline
PlayEnhMetaFile
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPointA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetNearestPaletteIndex
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExtTextOutA
ExtCreatePen
ExcludeClipRect
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePen
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CombineRgn
BitBlt
user32.dll (#2) GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
comctl32.dll ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls
kernel32.dll (#4) DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetSystemTime
GetFileType
CreateFileA
CloseHandle
shell32.dll SHGetFileInfoA
advapi32.dll (#3) RegQueryValueExA
RegOpenKeyExA
RegCloseKey
oleaut32.dll (#2) SysFreeString
SysReAllocStringLen
SysAllocStringLen
msimg32.dll GradientFill
kernel32.dll (#5) DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetSystemTime
GetFileType
CreateFileA
CloseHandle

Delayed Imports

1

Type RT_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.6633
MD5 ff4e5862f26ea666373e5fab2bddfb11
SHA1 cfa13c0ab30f1bbd566900dee3631902f9b6451c
SHA256 b8e6fc93d423931acbddae3c27dd3c4eb2a394005d746951a971cb700e0ee510
SHA3 91dae12a9f43c5443e0661091a336f882fa1482f75fa9a57c9298d1d70c8ae69

2

Type RT_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.80231
MD5 2e87b3c111e3073a841775c1f8ec5a90
SHA1 20292304fa2ef1bfdc4a1000e90a1c16d4765a96
SHA256 ce19ace18e87b572e6912306776226af5b8e63959c61cde70a8ff05b3bbdcc41
SHA3 9527f09e739c2064835800a7e5c317cb422bdd7237f00fca079a1c62f58a2612

3

Type RT_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.00046
MD5 a04c3c368cb37c07bd5f63e7e6841ebd
SHA1 699300bceaa1256818c43fecfc8cad93a59156b2
SHA256 ee1c9c194199c320c893b367602ccc7ee7270bd4395d029f727e097634f47f8c
SHA3 58722e3138aad1382e284c1605ecd665ced536de4906749ac8d6e11252cc9558

4

Type RT_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.56318
MD5 9929115b21c2c59348058d4190392e75
SHA1 626fba1825d572ea441d36363307c9935de3c565
SHA256 9d9edf87ca203ecc60b246cc783d54218dd0ce77d3a025d0bafc580995a4abd8
SHA3 fea156e872544252c625076a6bf3baa733ee5b3d5399716e156734af7a841369

5

Type RT_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.6949
MD5 f321ad13d1c3f35a05d67773b4bc27d6
SHA1 30aded8525417e2531d5eb88bf2f868172945baa
SHA256 99676c52310db365580965ea646ece86c62951bfd97ec0aae9f738a202a90593
SHA3 04c839da98a8c50a36697076af5bc6d527560a69153b2f718f065908fd4fe3ad

6

Type RT_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.62527
MD5 5ca217e52bdc6f23b43c7b6a23171e6e
SHA1 d99dc22ec1b655a42c475431cc3259742d0957a4
SHA256 11726dcf1eebe23a1df5eb0ee2af39196b702eddd69083d646e4475335130b28
SHA3 b358d8a5b0f400dd2671956ec45486ae1035556837b5289df5f418fe69348b3f

7

Type RT_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x134
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.91604
MD5 6be7031995bb891cb8a787b9052f6069
SHA1 487eb59fd083cf4df02ce59d9b079755077ba1b5
SHA256 6f938aab0a03120de4ef8b27aff6ba5146226c92a056a6f04e5ec8d513ce5f9d
SHA3 0f1c6c0378a3646c9fbf3678bbeeccf929d32192f02d1ea9d6ba0be5c769e6ab

BBABORT

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.92079
MD5 c987e709cafd3a191333610e4c44914d
SHA1 901e4db5d379a222dd416776633ca9738db32e14
SHA256 c0ede68a98bd2bc58c78564dfb42f1640dc29766d3ab2782ab8b5ed28c6fd414
SHA3 7b14efd89b642988834daf08c97db5bb847f941d75f44a3915e3e5dca2510c53
Preview

BBALL

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1e4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16995
MD5 f8a9b4a8f4097cea6a482026484c4d12
SHA1 2057a63edce2cbb165512bfad326728cf1053d60
SHA256 46cfc44afa8ab31ae3da35fa8346e4c085c441659d9992b09fc8ad517f2b289a
SHA3 f3852a8bcb1b38f498231cca2b0427af6c4c52886f92f980968d40fd8e8c5337
Preview

BBCANCEL

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.92079
MD5 c987e709cafd3a191333610e4c44914d
SHA1 901e4db5d379a222dd416776633ca9738db32e14
SHA256 c0ede68a98bd2bc58c78564dfb42f1640dc29766d3ab2782ab8b5ed28c6fd414
SHA3 7b14efd89b642988834daf08c97db5bb847f941d75f44a3915e3e5dca2510c53
Preview

BBCLOSE

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.68492
MD5 6c2fba077bd332b3a48d6b5e43fe4a22
SHA1 e7d12e9fd5659881742773884db8ca537765dc81
SHA256 f8e1696801fe89b88936ac4226cea03bfa5aa345aa33ca982822ae7fbc6557e2
SHA3 39193ea4b2ffb32f16c75ca88ca20465a374cd928aac9b4b3ba5739bbb6222de
Preview

BBHELP

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.88085
MD5 1021657335ba4838db07f5231723df3b
SHA1 68f04f6ecbf628029e4e0061392029edec2b0e43
SHA256 cb7421b5c6af74c3159c361f3bb78bba8a488d8979d1250e106fa96cbf928789
SHA3 888ed4f8473561552d848c3d6624e2331c4ec7795bc5001237cb752b96e4929c
Preview

BBIGNORE

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.29718
MD5 098b5f6c87471f5a83a4e55a6a036d6c
SHA1 e16d9186ffa72cc3e373cdf8e40f9e570f0082e7
SHA256 41f05a4df5f42d92b879493d51941de342d36460fe15c0f3b63b2b706b928fef
SHA3 7939e94342a45e6742dbf7c93f5b42fb861ac81b1fe5e8e04e49c0421338b2cf
Preview

BBNO

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.58804
MD5 8832519641f28981f87e1b3006896eef
SHA1 916eaafcf9ffb12bfd6338419bdd22764778ebbd
SHA256 81265e63c89ee5c2e5126452e22f84e9be9452449f3e5959ab6d346cb58b2bde
SHA3 39743ce838b215420cbb732e107e4c45f63384dcdd5b830d15097fa06cf32cc2
Preview

BBOK

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.67459
MD5 4b349737af0b7e5a5308dff7b93b274b
SHA1 b3d36a94fa9a57ad7a68a3b30be92947e811e760
SHA256 6b97877cdd547e6ba6467f86055f1fc7b06660b034439f0da4c137538ef14a83
SHA3 b9e9646067eae58ad9aded92130651d090a92771bae94676003e9aba47f77cd6
Preview

BBRETRY

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.53344
MD5 7daf7522622a4fe823701fd2ff6f4996
SHA1 89f40bad3052afafbd71e80c07b928ec1aa7f4e5
SHA256 c925e4a8cbf6d42dbb1220a510614df725558f8d843338982bab8c4e020f6429
SHA3 95aa592de7b91edb5889cf5f9a7b042d3b6f6910bbd657ba85632f0d0ed557fb
Preview

BBYES

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1d0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.67459
MD5 4b349737af0b7e5a5308dff7b93b274b
SHA1 b3d36a94fa9a57ad7a68a3b30be92947e811e760
SHA256 6b97877cdd547e6ba6467f86055f1fc7b06660b034439f0da4c137538ef14a83
SHA3 b9e9646067eae58ad9aded92130651d090a92771bae94676003e9aba47f77cd6
Preview

CDROM

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xc0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.78825
MD5 6bb98462b4b00776fd17038cbf1fb4bd
SHA1 f40205d022d824e0b7d930151138991504af3dc6
SHA256 4f72c53f3bac49ce0b7c248152479a14e383a90c9fe95edbddec9f03784ca698
SHA3 2e951c0dc6c1e7540825793fbf48393c33a7156ba8a9ce6343a06323ef1716aa
Preview

CLOSEDFOLDER

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xe0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.01477
MD5 7a7f1740c64d8b5af56ef7611410255c
SHA1 df7641fd3a5588e182515b337dcbbd28f2de12ab
SHA256 d20c1e7cdff419e1efe08e1b91b4c0d772f7436de618045f7e0fdb3afb662849
SHA3 111928d2405474821d76f758f1ba2dfb15368f64bbfde0644c9ec7acc5f56c9f
Preview

CURRENTFOLDER

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xe0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.97986
MD5 53466cf475196c6a883514140b1253c1
SHA1 02f577f238ea87b3400ec0ced2315d53cddfc7d1
SHA256 0f5248f16fe2b1e73aa9be760a6f0bef933dc09e3cc6d8a8958eae1ce0bd0f97
SHA3 e38ae4779212d26cd9f3f9298910aa52dbbbce2527673aa9ada7de9deb1a817c
Preview

EXECUTABLE

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xe0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.96393
MD5 d623fd4c67881a744b9783e77cdaa9a3
SHA1 07fd1454decb874d847cb6e3a847391e3b03865a
SHA256 4a217ca811d9c29363ead1d67b7ffa0f6e8b8e1d1a068730f4f7d557c3710b44
SHA3 2aa8c8713c75f32e131b449444a6b570ee7be8da50c2f7e8a499cef693339e85
Preview

FLOPPY

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xc0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.63812
MD5 c3a2737f14f437f54cbf251782ae0a45
SHA1 e0a402c41f62804664b9d9cb9bae9615bf60f5ed
SHA256 2cb60d7d674640457497f54b82b42afaa8a2cbd7c28a1aae35f128b4471cfaaa
SHA3 eb1bb0ae168e1645292c6759be7ba322451b7035d87f01f8bf0f548290bb1830
Preview

HARD

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xc0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.62043
MD5 47957e26414e5a0cf93c9049b1a7f2a2
SHA1 08a70125bb3cf069d224c94dd4f4632b8f671a61
SHA256 a36fee3ac0a24b86169997e112d55de38ae2080815d2104c73bc90ad4eff5cbe
SHA3 59409ff1a314a69758371a1dafa7f175812eb3821240ff5b25b7b881b9d58deb
Preview

KNOWNFILE

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xe0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.83217
MD5 7a6c4028ea8bdbe916a592614cb67a33
SHA1 e84fa7f028b79b4c641a2d66ad1ad296b7e6a262
SHA256 d8444a0e4c91df51a151d4c64256e5d5f62a3e4a5b17ccb9778422f0e01223c3
SHA3 de4dcc10f2110aa3f30104c8ef6a447c8fb22789a236072e61e38d5e16d0e0c9
Preview

NETWORK

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xc0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.73457
MD5 30e739f7ed3dd033117260d97bb67e99
SHA1 b97adf513dd432cf039cd9425caf9b3241d7d233
SHA256 caf10784d936136cddde6b4489d7ffdc6098f8050a81c7e02d1ebdd9878cff15
SHA3 1511f9fa160bee36e6099269dade08d1a5709a22360ccbd4060fa6b54b8fb7d4
Preview

OPENFOLDER

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xe0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.0519
MD5 9b7d7f0031cfa6a137ff6436e59986fb
SHA1 20eb56f55581540919b119113b567bec618c3f95
SHA256 e086586402b8c51192766a01a37dd2f2b4b657bbd4d5b721f1eed692678f6ef6
SHA3 86a19763883baaae65d79b7e3c64525f16b942bd1187792bab8f56f7efaa2c56
Preview

PREVIEWGLYPH

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xe8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.85172
MD5 48276e8432af5a23af78e1d23de8ef5a
SHA1 12fb57606d03e3fe28263e3e9e96b4eedc79aef7
SHA256 78507a772de646626b196a743cee75b298a68c33a0fd482842071519d59037b2
SHA3 1cf31d53c7ea5dbe90181cb2db39ce6cd21484f5495b0af59f5c6164d9b3d3d0
Preview

RAM

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xc0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.73213
MD5 0ad765e61ab984673ce3db3a91fc6182
SHA1 2b67d4f1eec717c3aa2472db56ab4472c96b742f
SHA256 5bea8ae9edb158f767d478703ce5153b8773e1e0390fa2c4af83f063c6c2f1fa
SHA3 deda4d692b33e267292ba10effd899736e090a1af7f55028cdaa0ef850a85945
Preview

TMCOPSHADOWBUTTON

Type RT_BITMAP
Language Farsi - Iran
Codepage Latin 1 / Western European
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.90171
MD5 37e74b9c4fdc8f5a7fd0d9194eee541a
SHA1 607350decd4e7c318f6adc3666551adae393e74a
SHA256 2b5b7dfa50f7c845f74bcfddd287fd8272d00ac1d9ddd6c74ac0840d9a23aff3
SHA3 bfcf3fc29619f95723d006f849284719bb1124774bb1a85957d36f50f4e9bfff
Preview

UNKNOWNFILE

Type RT_BITMAP
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xe0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.50975
MD5 307c6180ecb5efadfc8d59bb7dc28a5c
SHA1 8cd2e11eefecccd0c1414ce2b548c4fa82621dd4
SHA256 6af26f85073e8fce3b9ab49acbde0b702f68ec078be72e8aeca66086947a885e
SHA3 3e2f18021c6974600d7e8fc8064bb225657e4aeb0e28b7fdae034c6e938e264f
Preview

1 (#2)

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.12391
MD5 cf9a6e717da9905f890d56decc8678d2
SHA1 90f954506edf16a064241cf0f1f894a62cfd73b4
SHA256 42c928be39968cf703a5d53c7a26443ed5d4170dd4494bf57bda8189a5079417
SHA3 42e3029dcd97128f1b66af76d8665b91b41c4d6fb33ff8991b1585b77011561f

2 (#2)

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.43915
MD5 9d26503f6570a4a3bc5d9fb0d2e09d0a
SHA1 bf2171df1dc48608c13b60ee84b055b701e090ed
SHA256 573594fbcef3de2b659be4913881583a78699aba19fca919afdde52382ee70b3
SHA3 11c58f33d166fa682e97a0ea8b91bb04b7c2027d909e6bb57ce617ccc1123b8d

3 (#2)

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.88504
MD5 e6f8e51ba875a7dccd1be4da61dd062c
SHA1 d34fb7e738f3aef4c01644ff2780574967b171ef
SHA256 71b197d0a0e13323d0a4df43c922b43077ff9a45655dce3a6be5094ff265f3eb
SHA3 4ab984e0aae9da3b861cbe291cde4752fd7a6aeb18d67adde7a5637d246bded3

4 (#2)

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0xb69a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.96547
Detected Filetype PNG graphic file
MD5 c9970e2fe2aa4161f760aa08404a0669
SHA1 07c2673d30b97bcc1a530af7d71c3748a348087f
SHA256 ea0f69d1cfe965ab083983fd2666f5344c6203b8a61bc1748b74e6ac72c5634e
SHA3 8d3625aff872d72b250b5f5bb0221ecd165132a361ab2e84fda82644ed45e6de

5 (#2)

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.79234
MD5 2ed6fd4dcebc5bc61e7778d50950e07a
SHA1 c94520b5d959bcb26a81cfb161df4580781b0ee8
SHA256 861d1225004c93acccef08faa901bf6efe11a4ca12e4e2139ebae7e38c3ef1bd
SHA3 6324920c2080a39cee63270967e0c40236e0bfbca3e6253d695c6dc6565fe761

6 (#2)

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.89025
MD5 667b48fd7ba5c34d4cb44a4f1513ac22
SHA1 d8a52066e1ed45986a6edd9d94e4842bfea1327d
SHA256 a06d0a2829ea91c17be4aaa422fcf54d085ccf9b5f3eec82ee0c4c9ccf4b117a
SHA3 f912da9c470d7efd7d6bff92ad99df192dc81a030c98c1e8dc412aa5cc75ef69

7 (#2)

Type RT_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.23976
MD5 409040c7690d2fbd0289082dbfdd338d
SHA1 16fe2c60c60e6f1a23322ab78416263955a30fb5
SHA256 a912680cf8a64f748ccbefa6309174ef3023961779842c5a3698853ad62dd11d
SHA3 df34a936a6f8b4b9d475de95e3776123e1cff1e52bd7139a274fb6029d795fc8

DLGTEMPLATE

Type RT_DIALOG
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x52
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.5627
MD5 db949b51eec31f37281a7fa424a3e158
SHA1 f61214ce31a91d174e77f12c90f18ddd4e265a1d
SHA256 771f64afb45a9edc8c4f6c5b2039f9b32623cea53bf0cab5bf1f371cc5d1abe4
SHA3 4a2bc09771734352d594a48fe2249ca0697c471d80a4001f60c6d86c46b6319e

3682

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x4c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.04342
MD5 3d60ddeaf6bea5daf7a9c7cbd6b09e48
SHA1 2bdc027dd19b7a6d7eba9cd1556b2051095bf816
SHA256 e36c6d730814156bacab1acf6c98732dad709c4750b311cfa068b2c3c622f3e4
SHA3 7f17bca6c93f6c4d57ecd2619ddbc87333092e56bdde9d691a34e4a38b495e5f

3683

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x12a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.42796
MD5 bcd10dad5f3cae5e5da46b41efae9434
SHA1 fe483231832d4cf3a25e1331c58ebae4cb9f2a73
SHA256 ca2bab3201ba9e1dc3ea5778bce43f0fb3086397583d0329892a1e609bb63070
SHA3 e2dcc802cdcbc07c6da5b82f2d0aa55439e8cd262a7db8631c0631939ed57dd9

3684

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x186
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.47221
MD5 1ec17c6a0ef3ebeec0934ab3dc5a949c
SHA1 c2ae86472ece7c4debcaf93d981b9680fa50a8d3
SHA256 043682eb90c932a3cc5509e78b522fe3f84bf8096075270a4eebc2b2bdd973a4
SHA3 2a84a54bb8784ffbcd8162e187c5aa5220f2dc566f90a3ca795ed3f354f174c8

3685

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1ce
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.39032
MD5 3620598cbf4d64cf36a7bf8561b0687d
SHA1 f2e358c5f7fe8acbf1c9950fabfcb2350da8cc53
SHA256 cd1984df43d496bc1cbe563defbc6e33357f2bff36c7fdae379339c09e6e9a1d
SHA3 6fa94570d91c1ed64e6ff04d369746094753c8bec510bde4a25a5298ecfe4742

3686

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.38663
MD5 c2a56f1af67ccab2d8fc326b9443d336
SHA1 ea5426cc53206377af8fdc980ae0936575ca90b2
SHA256 fbda17485581955a7b7799ba19d18ac07e5bd2bbacf6cc69b80d86feb1d5df00
SHA3 759e024b1fd16d54cd9d6f5f49a41251dbe9a52290eb480da13762b0f5502e02

3687

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x100
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.38359
MD5 29500b592ed276aee10d266a18a83e4c
SHA1 6fc6f73f5f744a6037ba14f0e61bf9b1b75170ae
SHA256 540ac9b06bddb1b9ef215f1ac0b99840148f26f2a24b74ae09868d17cdac5b1d
SHA3 364be1cf1e428f8c12a3a961b845bebee296f40c68162c06a3ac3cd84906e601

3688

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x6e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.80423
MD5 f2bd8d87f8f2555ebbf6c74b236ea78e
SHA1 5c95d91ae6444ac7581be6255064278eb0b96caa
SHA256 883cbe971b7c80fbc4eaaa38da3552f44c1a2381152ba032b2a0f5f185272721
SHA3 c9b748562ac09d7846157dfa7e3afc7883320fc6780db790b4fa9aceec41f18e

4081

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x20c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.97697
MD5 91129dd027f189d75d53d5dce0ddf441
SHA1 5484899ce2be9dc09f9185dbaa4a3d0f357f05f9
SHA256 3cd2aee66e08b347619915f97890f375e3566bacceb07f3f80adc85c7ae0a5b7
SHA3 bac3e6faa6dfc27fefe64c0fcef073cd2c64dae3552dfa4f4b28b7d5b03cd0ab

4082

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xb94
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.24949
MD5 67e92d03e8d7602c46edfc9a181397c7
SHA1 25246929b1278783a9cf2fffcd62f10f0dd19976
SHA256 1289ee52520636219687b17f85b0b3de1a8f054528f2e1ea449661f38905c9e8
SHA3 a283e321eb6eefbf3312a1f7839a6b1e512605b38b4b18cc2db32d84d03323b9

4083

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x3e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.31983
MD5 34cde71e600d727f2c80b0ff7abce3ff
SHA1 6aad6986d5c008a2a70ff5d590fdd1ffe29e264c
SHA256 efec727c8b8f8e07c2af364b5a180df1f33a109211cb1471f61a293778c3a16f
SHA3 571f2c6e1f92b7570aa5f373f656fd352f68908c387fdb4c562e450124b4024a

4084

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x26c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.23909
MD5 09facdd96678484aaa2343db4c8c1024
SHA1 ecdfb107a281db3b783154ee39aeef6cf570c684
SHA256 8f0b7ede8940a7c2a855aa8698fe557e2710a405744efa9a1dbc4b5f443b35e9
SHA3 f31906f6c9a462761de3c37a54639da68b3b91939a8b0bb8f06082b404ec52d8

4085

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xe8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.10551
MD5 eafa06a8f855b8a8050e1a9fe1258913
SHA1 17e8d759ea4fb3dc90bc9e72751ca9737095b690
SHA256 4d760eb8dada1511d55b4ff31b648392757f2f3af9d790f2998bd080c49f0b16
SHA3 97b7a53bf1b4633a226fd92b9419aabc9db2f62f9fbfd842062899243721fc9c

4086

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x1ac
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.2421
MD5 1ce42e6c0ea51532014e9f8b6c1ca2e6
SHA1 78b9984c41744f42f745291439443a09094f22df
SHA256 49af7f5f6802104ed2ad9660bc788b90e3d3f0bb2ce892fcc20afa98a14dcf90
SHA3 2dd3e925dc5dcc1144c4715c7a21bf5b2ac8566ab999ac8e3620dbd50c7e98fc

4087

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x268
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.26696
MD5 33f8b1db2478b40de3a9d8bad65fd354
SHA1 fc74c672f65c51a67cc704e40129600d159ddc8a
SHA256 2cd5f65f35a0f335a2790e0a9eca09baaef979aa3922160cefee68d526e44355
SHA3 f59f3ed32d16b93d4e6f4b4588490a78cfd5f0c7f372f730c9fbf1c7960f2288

4088

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x40c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.22358
MD5 85061b3f3ec61a1e1c22c9911c5e2a47
SHA1 ecda9721ebb00ee9aa0c564cb20d6d7addeba3a7
SHA256 471e2243c0332353f6ac328565038768f512ed339bf6a2d2e51e1d0c742ca53c
SHA3 b42863cbae0da9c0439958855122cdcf92d812db2d0bb4d8db247928fc85ea36

4089

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x368
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.15875
MD5 978de5c5871cfbadb20105360604bd34
SHA1 a812bfe9f4e42804c9b6f7ab945c4f7a88037f4a
SHA256 00b6777db726853e03ec30bacc4b0dbdf0d83ec6904c07401818b4fc69c38bb3
SHA3 27cc1f63849375335316ba0d96dd46478ec91199a76b01615ac5ea20d14307d2

4090

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x3f8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.20367
MD5 c8d49900bf06f298f448379d3bdd9f33
SHA1 bdc11b3a8a7ac7d6506be699322cce3fb3b840d0
SHA256 fe890d198cf6b6b98be66f5df3527e343632537e5e47d5db42c268e1650b4209
SHA3 46c114ee1830396880cb45ed0f28f5a47c05b708c0bcc1a4d729f20576be7508

4091

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x30c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.25753
MD5 9e15b2684285ee5e6b543e71b8e2bd8e
SHA1 6d9e2ea66081aa809756bdd6639dc045e2daf616
SHA256 c18e53898cee5e4239fa2aa70e9e1951f0befbee40e436944c264c1e940aa893
SHA3 46935a300d2a9091b1bb286da8b28fb5b42f1a5a40e7f93764a47e2ad9352889

4092

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xd8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.97746
MD5 daaa375aeb1ca86378ccf948d95ef0dd
SHA1 c8349faeca35aa68ecbe650a08565416b9063106
SHA256 edd29ad3c116bfcd84f392e1c7f6b857d96e97d56249699df2d4e05bb54590c6
SHA3 ff879f12a602f20598bf8b4e62d8f379bc25cc2187a0827d0a3672c72d15c747

4093

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0xf0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.95813
MD5 f45455ae13d2c39b971f4a1deda0a61d
SHA1 8df25c1a596f7bb6ca728493b9bff314a6a4849c
SHA256 3106f8dc874e9bf5cd3cc75403b855505ec70a6ad5887d6e4638cf79da76a394
SHA3 c0d5423bff07897061111a1d507db5d89a2c18e3cd0656d86636dd5c0aa4e99e

4094

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x350
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.21881
MD5 e2f7fae6afdddb739c382bd2eb4c229a
SHA1 a66dcab2c2ae008759bad74e4ebaa3b6737b89b7
SHA256 b90a29ecd64c8b2f32e7fc65896498d2f69ed83db44db0b6b2a03b1e7a263c2c
SHA3 1556f9ece844f080c63e165472f071bf5dd935955ae49eea0c4bd6ec1622b8d5

4095

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x384
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.23229
MD5 890a0706ec03962e7e6bd9db644b101d
SHA1 74e906e1e146b5870bf27f1a772b0b26721471ec
SHA256 4557ba194c11223e6bfd2efb3c01af1b128ed898277ba9f82fb8293ba3d86ddc
SHA3 e7783a6d15d20c965fdc8702278a4b05f948ca408ee36d5732c7913fb7258101

4096

Type RT_STRING
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x2d8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16623
MD5 83569eb5d9a7ff5e0d861f24436e1b16
SHA1 9600fa3a6d42445ef1c619e8db486ab3c630e2b8
SHA256 e7c2a218d76fc656d37c31362a8a8bc9051b01bfb40d696ab0299dcd73cb5597
SHA3 4147baad8a9cd3582632116dfbf4477bc8c7a851c38054907a84e5eeb6fef281

DVCLAL

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x10
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4
MD5 d8090aba7197fbf9c7e2631c750965a8
SHA1 04f73efb0801b18f6984b14cd057fb56519cd31b
SHA256 88d14cc6638af8a0836f6d868dfab60df92907a2d7becaefbbd7e007acb75610
SHA3 a5a67ad8166061d38fc75cfb2c227911de631166c6531a6664cd49cfb207e8bb

PACKAGEINFO

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x4ec
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.32633
MD5 ca7279473103cec6b378c1e1213ef9d0
SHA1 3ca2655761bf5b302dd7a1b6259038be59c1d171
SHA256 8e208ff8e287ed8dfbd6309f87c8ffffc1abef1b92ea79db438cdca44129f190
SHA3 f0923b99aa5bc6546387bcb107b1ef20b6884272187e3d6b26e24325ec0c4893

TFORM1

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x170
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.46112
MD5 ba22265442d152903532264f8b499cb6
SHA1 9eadcd3ad919ec4dab02f638a3bfd3229f9a4d4e
SHA256 2a6b3b97960b9a169e4eabe40ce392c15deabd12e8bfabb9704df44a476c23c3
SHA3 e13e683dba75e97e4d21fc786960c68d19b2fbc32781ccfc2c9d7cc4931a1285

TINTEGRITYFORM

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x5f0b5
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.50279
MD5 4a3779646acf1ec5c985712361c91908
SHA1 e436ca841fa84e381c3a335578719269ec4d8f19
SHA256 e060cc5f96b044e9ad1f67a4ba565ba944d7d1563a5f59e35555e609ec0b8f8a
SHA3 5af9b310eec62bbb8c723e60fe3cd7b226cb26579d823d3b9ce520ad76f0a509

TMAINFORM

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x453
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.51249
MD5 c6771776775b421e280507fd8ac75ef0
SHA1 e52ef745fe49521caad483559d1b3ea704655c9a
SHA256 04082d7e718f5068f19cc8c0a22bb70ee837d14bca3d68aabc623e41ecf3bf67
SHA3 7b161ca8eabb809138f524ae260f86a4397f897a0b7edd02fdf4edcd4af29561

11111

Type RT_RCDATA
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x2c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.78553
MD5 a6883fb35a5fe8386812cf5c0c156471
SHA1 c7ff61641c101d79c089ed76974554eab8576de9
SHA256 25e4515cd568c0057f50cc0796dfbc7d01746eb7048e735f20fc3999bdf6cc52
SHA3 936656cb322792818a26c9d9215798c56258494c2813abab88206418320d11af

32761

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.83876
Detected Filetype Cursor file
MD5 a2baa01ccdea3190e4998a54dbc202a4
SHA1 e8217df98038141ab4e449cb979b1c3bbea12da3
SHA256 c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710
SHA3 8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc
Preview

32762

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 1.91924
Detected Filetype Cursor file
MD5 aff0f5e372bd49ceb9f615b9a04c97df
SHA1 e3205724d7ee695f027ab5ea8d8e1a453aaad0dd
SHA256 b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c
SHA3 9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712
Preview

32763

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 48e064acaba0088aa097b52394887587
SHA1 310b283d52aa218e77c0c08db694c970378b481d
SHA256 43f40dd5140804309a4c901ec3c85b54481316e67a6fe18beb9d5c0ce3a42c3a
SHA3 38753084b0ada40269914e80dbacf7656dc94764048bd5dff649b08b700f3ed5
Preview

32764

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 1ae28d964ba1a2b1b73cd813a32d4b40
SHA1 8883cd93b8ef7c15928177de37711f95f9e4cd22
SHA256 ff47a48c11c234903a7d625cb8b62101909f735ad84266c98dd4834549452c39
SHA3 a85dadd416ce2d22aa291c0794c45766a0613b853c6e3b884a2b05fc791427b8
Preview

32765

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 0893f6ba80d82936ebe7a8216546cd9a
SHA1 0754cbdf56c53de9ed7fbd47859d20b788c6f056
SHA256 a0adcedb82b57089f64e2857f97cefd6cf25f4d27eefc6648bda83fd5fef66bb
SHA3 ce6148ade08ef9b829f83cb13b4c650d9d4a7012bfd1ab697a7870a05f4104f8
Preview

32766

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 dcaa3c032fe97281b125d0d8f677c219
SHA1 58fe36409f932549e2f101515abee7a40cf47b2c
SHA256 6e1e7738a1b6373d8829f817915822ef415a1727bb5bb7cfe809e31b3c143ac5
SHA3 02ef292e1b4a70e439e362af6b4fa213e3816ade45222b78dabab712b6afba54
Preview

32767

Type RT_GROUP_CURSOR
Language UNKNOWN
Codepage Latin 1 / Western European
Size 0x14
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.01924
Detected Filetype Cursor file
MD5 a95c7c78d0a0b30b87e3c4976e473508
SHA1 b19f3999f1b302a2d28977cb18a3416c918d486c
SHA256 326c048595bbc72e3f989cb3b95fbf09dc83739ced3cb13eb6f03336f95d74f1
SHA3 8157b4e6afa7ed2e2ffc174d655bec9fb81db609e4c5864faa5ead931ff60689
Preview

MAINICON

Type RT_GROUP_ICON
Language English - United States
Codepage Latin 1 / Western European
Size 0x68
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.71858
Detected Filetype Icon file
MD5 232023b445cbe11daa44739e40da75f1
SHA1 20cd92e6f023491463dd9adf68c77ed89e364039
SHA256 2f9f6e32df7bc4b78172d2445ca9489ff8b9694c339c1072825293963ca4c437
SHA3 57202acd336ab756f32a8b7954e03e893f81c2945b658c2be188a3b3bdedbb5d

1 (#3)

Type RT_VERSION
Language English - United States
Codepage Latin 1 / Western European
Size 0x4b8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.65656
MD5 a56dee02003e5bf177d87b7bc1ce5bd0
SHA1 e81192c4d71f14b4c472080e6a9a1f6b6f9413c8
SHA256 20b94fdfd00d5db3ca5904ad10469b31116a77049b5df6985ccd325a29e8f370
SHA3 2828a012ae76b218705c09e1e55bebd90ab9f01ed8e9c52d0064b17565827657

1 (#4)

Type RT_MANIFEST
Language English - United States
Codepage Latin 1 / Western European
Size 0x47e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.94378
MD5 ebb3b9668f69fa766dafeb4ae5d7002c
SHA1 48917c07b746d75c1ecab307352191936ef7820f
SHA256 5845116e30159de93263a7f63b3e659eb7faa53fe0ed5a3ea181eb44cfacbf61
SHA3 b98cdd0686e19f21e537889327744ff1043e120f2b04604be58623673003267e

String Table contents

Create
Select directory
Save
Open
Save
Open
Small icons
Icons
Details
List
Read only
File type
File name
Folder
Preview of the future hint window
Gradient
Background
Shadow
Bottom border
Top border
Color
Save to file as...
Load from file
Texture
Font
No picture available
Transparency
Offset
Percent
Pause hide (ms)
Max width
Corners radius
Vert. margin
Horiz. margin
Arrow length
Blur
Bevel width
Style :
Preserved settings :
Hint Designer Form
TsFrameAdapter adapter must be placed on the handled frame
Hex -
Decimal -
Blue :
Green :
Red :
Color
Additional colors :
Main palette :
Define colors
Add to custom colors set
Listbox (%s) style must be virtual in order to set Count
Error setting %s.Count
(internal)
Available skins
&Panels...
&Hot gradient builder...
&Gradient builder...
Calculator
File open
Help
Restore
Minimize
Maximize
Close
Close
Maximize
Minimize
Size
Move
Restore
Yes to &All
N&o to All
&All
&Ignore
&Retry
&Abort
Help
No help available
&Help
Cancel
OK
&No
&Yes
Confirm
Information
Error
Warning
Some operation could not be performed because the system is out of resources. Close some windows and try again.
This operation is not valid because the current image contains no valid header.
The new size provided for image resizing is invalid.
JPEG Image File
This "Portable Network Graphics" image is not valid because it contains invalid pieces of data (crc error)
The "Portable Network Graphics" image could not be loaded because one of its main piece of data (ihdr) might be corrupted
This "Portable Network Graphics" image is invalid because it has missing image parts.
Could not decompress the image because it contains invalid compressed data.
Description:
The "Portable Network Graphics" image contains an invalid palette.
The file being readed is not a valid "Portable Network Graphics" image because it contains an invalid header. This file may be corruped, try obtaining it again.
This "Portable Network Graphics" image is not supported or it might be invalid.
(IHDR chunk is not the first)
This "Portable Network Graphics" image is not supported because either it's width or height exceeds the maximum size, which is 65535 pixels length.
There is no such palette entry.
This "Portable Network Graphics" image contains an unknown critical part which could not be decoded.
This "Portable Network Graphics" image is encoded with an unknown compression scheme which could not be decoded.
This "Portable Network Graphics" image uses an unknown interlace scheme which could not be decoded.
The chunks must be compatible to be assigned.
This "Portable Network Graphics" image is invalid because the decoder found an unexpected end of the file.
This "Portable Network Graphics" image contains no data.
- Dock zone not found
- Dock zone has no control
Multiselect mode must be on for this feature
Separator
Error setting %s.Count
Listbox (%s) style must be virtual in order to set Count
Unable to find a Table Of Contents
No help found for %s
No context-sensitive help installed
No topic-based help system installed
Invalid index
Unable to insert an item
Invalid owner
This control requires version 4.70 or greater of COMCTL32.DLL
Cannot change the size of a JPEG image
JPEG error #%d
Up
Right
Down
Ins
Del
Shift+
Ctrl+
Alt+
Value must be between %d and %d
Unable to insert a line
Invalid clipboard format
Clipboard does not support Icons
Cannot open clipboard
Menu '%s' is already being used by another form
Docked control must have a name
Error removing control from dock tree
&Abort
&Retry
&Ignore
&All
N&o to All
Yes to &All
BkSp
Tab
Esc
Enter
Space
PgUp
PgDn
End
Home
Left
Cannot drag a form
Metafiles
Enhanced Metafiles
Icons
Bitmaps
Invalid input value
Invalid input value. Use escape key to abandon changes
Warning
Error
Information
Confirm
&Yes
&No
OK
Cancel
&Help
Menu inserted twice
Sub-menu is not in menu
Not enough timers available
GroupIndex cannot be less than a previous menu item's GroupIndex
Cannot create form. No MDI forms are currently active
A control cannot have itself as its parent
OK
Cancel
&Yes
&No
&Help
&Close
&Ignore
&Retry
Abort
&All
Unsupported clipboard format
Out of system resources
Canvas does not allow drawing
Invalid image size
Invalid ImageList
Invalid ImageList Index
Failed to read ImageList data from stream
Failed to write ImageList data to stream
Error creating window device context
Error creating window class
Cannot focus a disabled or invisible window
Control '%s' has no parent window
Cannot hide an MDI Child Form
Cannot change Visible in OnShow or OnHide
Cannot make a visible window modal
Menu index out of range
Error reading %s%s%s: %s
Stream read error
Property is read-only
Resource %s not found
%s.Seek not implemented
Operation not allowed on sorted list
Too many rows or columns deleted
%s not in a class registration group
Property %s does not exist
Stream write error
Bitmap image is not valid
Icon image is not valid
Metafile is not valid
Invalid pixel format
Scan line index out of range
Cannot change the size of an icon
String list does not allow duplicates
Cannot create file %s
Fixed column count must be less than column count
Fixed row count must be less than row count
Cannot open file %s
Grid too large for operation
Grid index out of range
Invalid stream format
''%s'' is not a valid component name
Invalid property value
Invalid property path
Invalid property value
List capacity out of bounds (%d)
List count out of bounds (%d)
List index out of bounds (%d)
Out of memory while expanding memory stream
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Ancestor for '%s' not found
Cannot assign a %s to a %s
Bits index out of range
Can't write to a read-only resource stream
CheckSynchronize called from thread $%x, which is NOT the main thread
Class %s not found
A class named %s already exists
List does not allow duplicates ($0%x)
A component named %s already exists
April
May
June
July
August
September
October
November
December
Sun
Mon
Tue
Wed
Thu
Fri
Sat
A call to an OS function failed
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
January
February
March
Invalid variant type conversion
Invalid variant operation
Variant method calls not supported
Read
Write
Error creating variant array
Variant is not an array
Variant array index out of bounds
External exception %x
Assertion failed
Interface not supported
Exception in safecall method
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
System Error. Code: %d.
%s
Integer overflow
Invalid floating point operation
Floating point division by zero
Floating point overflow
Floating point underflow
Invalid pointer operation
Invalid class typecast
Access violation at address %p. %s of address %p
Stack overflow
Control-C hit
Privileged instruction
Operation aborted
Exception %s in module %s at %p.
%s%s
Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
'%s' is not a valid integer value
'%s' is not a valid floating point value
'%s' is not a valid date
'%s' is not a valid time
'%s' is not a valid date and time
Out of memory
I/O error %d
File not found
Invalid filename
Too many open files
File access denied
Read beyond end of file
Disk full
Invalid numeric input
Division by zero
Range check error

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.0.0.1
ProductVersion 0.0.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
Comments This installation was built with Inno Setup.
CompanyName GOG.com
FileDescription Cannon Fodder Setup
FileVersion (#2) 1.0.0.1
LegalCopyright
ProductName Cannon Fodder
ProductVersion (#2) 1.0.0.1
Resource LangID English - United States

TLS Callbacks

StartAddressOfRawData 0x4e4000
EndAddressOfRawData 0x4e4010
AddressOfIndex 0x4df708
AddressOfCallbacks 0x4e5010
SizeOfZeroFill 0
Characteristics IMAGE_SCN_TYPE_REG
Callbacks (EMPTY)

Load Configuration

RICH Header

Errors

[*] Warning: Section BSS has a size of 0! [*] Warning: Section .tls has a size of 0!
<-- -->