c5d8b49ad99a232ee535127d409211c1

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2008-Jul-23 15:21:46
Detected languages Dutch - Netherlands
English - United States

Plugin Output

Suspicious Strings found in the binary may indicate undesirable behavior: May have dropper capabilities:
  • CurrentVersion\Run
Contains domain names:
  • bsalsa.com
  • gomyhit.com
  • http://bsalsa.com
  • http://gomyhit.com
  • http://www.universal101.com
  • http://www.universal101.com/upd.sc
  • http://www.universal101.com/upd02.app
  • universal101.com
  • www.universal101.com
Suspicious The PE is possibly packed. Unusual section name found: .itext
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryExA
  • GetProcAddress
  • LoadLibraryA
Functions which can be used for anti-debugging purposes:
  • FindWindowA
Code injection capabilities (PowerLoader):
  • GetWindowLongW
  • GetWindowLongA
  • FindWindowA
Can access the registry:
  • RegQueryValueExA
  • RegOpenKeyExA
  • RegCloseKey
  • RegSetValueExA
  • RegQueryInfoKeyA
  • RegFlushKey
  • RegEnumValueA
  • RegEnumKeyExA
  • RegDeleteKeyA
  • RegCreateKeyExA
Possibly launches other programs:
  • ShellExecuteA
Uses functions commonly found in keyloggers:
  • MapVirtualKeyA
  • GetForegroundWindow
  • GetAsyncKeyState
  • CallNextHookEx
Has Internet access capabilities:
  • InternetSetOptionA
  • InternetReadFile
  • InternetOpenUrlA
  • InternetOpenA
  • InternetConnectA
  • InternetCloseHandle
Can take screenshots:
  • GetDCEx
  • GetDC
  • FindWindowA
  • CreateCompatibleDC
  • BitBlt
Reads the contents of the clipboard:
  • GetClipboardData
Info The PE's resources present abnormal characteristics. Resource TMMRFORM is possibly compressed or encrypted.
The binary may have been compiled on a machine in the UTC+2 timezone.
Suspicious The file contains overlay data. 102984 bytes of data starting at offset 0xb1e00.
Malicious VirusTotal score: 66/72 (Scanned on 2020-07-21 19:21:54) Bkav: W32.AIDetectVM.malware1
MicroWorld-eScan: Gen:Variant.Ser.Zusy.1470
VBA32: TrojanPSW.Gamania
FireEye: Generic.mg.c5d8b49ad99a232e
CAT-QuickHeal: TrojanSpy.Banker.LY8
McAfee: FakeAV-DR
Cylance: Unsafe
Zillya: Trojan.Banker.Win32.55
SUPERAntiSpyware: Trojan.Agent/Gen-BankSpy
Sangfor: Malware
K7AntiVirus: Trojan-Downloader ( 0001b7311 )
Alibaba: TrojanSpy:Win32/Banker.53d1342a
K7GW: Trojan-Downloader ( 0001b7311 )
Cybereason: malicious.ad99a2
Arcabit: Trojan.Ser.Zusy.D5BE
Invincea: heuristic
F-Prot: W32/Trojan2.JTRU
Symantec: Trojan.FakeAV
TotalDefense: Win32/Oneraw.JJ
APEX: Malicious
Avast: Win32:Trojan-gen
ClamAV: Win.Trojan.Bancos-17785
Kaspersky: HEUR:Trojan.Win32.Generic
BitDefender: Gen:Variant.Ser.Zusy.1470
NANO-Antivirus: Trojan.Win32.Banker.oygn
AegisLab: Trojan.Win32.Generic.4!e
Rising: Downloader.FakeAlert!8.4FF (KTSE)
Endgame: malicious (high confidence)
TACHYON: Banker/W32.DP-Pharm.831560
Sophos: Mal/Banker-F
Comodo: TrojWare.Win32.TrojanDownloader.Banload.~AHI@7lad3
F-Secure: Trojan.TR/Delf.865208
DrWeb: Trojan.PWS.Gamania.10780
VIPRE: Trojan.Win32.Generic!BT
TrendMicro: TROJ_FAKEAV.SMNA
Trapmine: malicious.moderate.ml.score
Emsisoft: Gen:Variant.Ser.Zusy.1470 (B)
SentinelOne: DFI - Suspicious PE
Cyren: W32/Trojan.ORSB-8183
Jiangmin: TrojanSpy.Banker.rxi
Webroot: W32.Trojan.Gen
Avira: TR/Delf.865208
Fortinet: W32/FAKEAV.Q!tr
Antiy-AVL: Trojan[Banker]/Win32.Banker
Microsoft: TrojanSpy:Win32/Banker.LY
ViRobot: Trojan.Win32.Banker.766787
ZoneAlarm: HEUR:Trojan.Win32.Generic
Cynet: Malicious (score: 100)
AhnLab-V3: Trojan/Win32.Banker.R8976
Acronis: suspicious
BitDefenderTheta: AI:Packer.E13D85A419
ALYac: Gen:Variant.Ser.Zusy.1470
MAX: malware (ai score=88)
Ad-Aware: Gen:Variant.Ser.Zusy.1470
Malwarebytes: Trojan.Banker
Zoner: Trojan.Win32.89386
ESET-NOD32: a variant of Win32/TrojanDownloader.FakeAlert.VA
TrendMicro-HouseCall: TROJ_FAKEAV.SMNA
Tencent: Malware.Win32.Gencirc.10b07a10
Yandex: Trojan.PWS.Banker!at4P5MVsOAQ
Ikarus: Trojan-Banker.Win32.Banker
eGambit: Unsafe.AI_Score_99%
GData: Win32.Trojan.FakeAV.Q
AVG: Win32:Trojan-gen
CrowdStrike: win/malicious_confidence_90% (W)
Qihoo-360: Generic/HEUR/QVM05.1.86EF.Malware.Gen

Hashes

MD5 c5d8b49ad99a232ee535127d409211c1
SHA1 fee4ab2a851740b7e18239715faf5a57b1f86211
SHA256 682c6f5d5409ae6be9a2056e1239bd5747e1daa69689667681292ed8784ca234
SHA3 b037783f1ddd1364ee9acef9ad91b30f43f637ba696cc6a9ef30b98c33a5a740
SSDeep 12288:yoxejOONAM7GUC1Jr+4o628gx2Jw+tP3Jzm8JOsHXC3X+pd167QhEQO:hxY3NtGUmJr+4Obxd+tPZSZ4iE6EhE
Imports Hash 5f3f4cec5bb9bcfc242cbcb284ebd9c5

DOS Header

e_magic MZ
e_cblp 0x50
e_cp 0x2
e_crlc 0
e_cparhdr 0x4
e_minalloc 0xf
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0x1a
e_oemid 0
e_oeminfo 0
e_lfanew 0x100

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 8
TimeDateStamp 2008-Jul-23 15:21:46
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 2.0
SizeOfCode 0x87c00
SizeOfInitializedData 0x29e00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00089990 (Section: .itext)
BaseOfCode 0x1000
BaseOfData 0x8a000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0xbd000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
SizeofStackReserve 0x10000
SizeofStackCommit 0x4000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 f2e59086c6002e69ee389fd6ee173358
SHA1 b790987945bab8d33f321036fcbd89afac72bdec
SHA256 40604e19010dc5fde13ecab84c52dba05f8c0db3193b6ad91ca0afedabde6f1e
SHA3 89be51b7f9fc56984ae1867edb2a650e0884be7bbaa0d8bdce57a5143e0cbad1
VirtualSize 0x871c4
VirtualAddress 0x1000
SizeOfRawData 0x87200
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.59289

.itext

MD5 c29546ca3cc0483df253a231a85fa09f
SHA1 0a6e472dd5ac8644a8ff406668a0ee2f4f8655d1
SHA256 4c82a96b7b7a8af0877de985c6445eaba24b857a83dfd1b6560d8459041f1826
SHA3 75fab668145ed821021a7eadef0cfa7a9ef5679ee64fcbf37add880c81530aae
VirtualSize 0xa00
VirtualAddress 0x89000
SizeOfRawData 0xa00
PointerToRawData 0x87600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.35357

.data

MD5 f6763ca8c6d1424f93228d3b45f004af
SHA1 6fe721bddfd7db593d5a3bf1b0da58dd9d45acb1
SHA256 7813da268b57c100eeacfb58082639f99cf050d32f00f2435858071a8b5ff5a9
SHA3 f2525d5470b12ba493d22dca383ff11d49dee04a8f7e731b8d498ca0823a6787
VirtualSize 0x2870
VirtualAddress 0x8a000
SizeOfRawData 0x2a00
PointerToRawData 0x88000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.31556

.bss

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x5040
VirtualAddress 0x8d000
SizeOfRawData 0
PointerToRawData 0x8aa00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata

MD5 11e622523dd42b35b0c80b15ad75c9e9
SHA1 ebdb5c246035eb18f7920d2556f3dd5d7820d4f5
SHA256 2e988f068a995bbf914565756c9cfb5ef7c4ef495467bc7ad450fde2ff7e76cb
SHA3 159f76b8a6854d6b2d1cb6543b20f6cc738e26127bd5fc4e46a1a69852ff9cd9
VirtualSize 0x30a8
VirtualAddress 0x93000
SizeOfRawData 0x3200
PointerToRawData 0x8aa00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 5.03013

.tls

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x34
VirtualAddress 0x97000
SizeOfRawData 0
PointerToRawData 0x8dc00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata

MD5 3ff24e3eadd74cc59a170927a0f645be
SHA1 45ae96f149e41945b174a344e9a7986b7b0b956d
SHA256 586c302b965d7306d88c8abbb5bdf5e589e8ce4df706bae817378db92657eda7
SHA3 62ab0a7f6e587cebd1b1dce6cf89b90bba2672ca5e9604703a4a9ee4e023f1d3
VirtualSize 0x18
VirtualAddress 0x98000
SizeOfRawData 0x200
PointerToRawData 0x8dc00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 0.210826

.rsrc

MD5 c855f4a33ebe7a85ad439638acccbb25
SHA1 23a7b15da00f3c47a8b83e0b59f154a70c5f1328
SHA256 74f00326cdbdc865cbc3f6bccee844cd0859fb910b52a7ac511f2aae583090fa
SHA3 5b18ac2a7e47e8df5876538a91455a52155f1e006cdf23ff66459b17bd565425
VirtualSize 0x24000
VirtualAddress 0x99000
SizeOfRawData 0x24000
PointerToRawData 0x8de00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.79988

Imports

oleaut32.dll SysFreeString
SysReAllocStringLen
SysAllocStringLen
advapi32.dll RegQueryValueExA
RegOpenKeyExA
RegCloseKey
user32.dll GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
kernel32.dll GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
kernel32.dll (#2) GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
user32.dll (#2) GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
gdi32.dll UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
Rectangle
RectVisible
RealizePalette
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
LPtoDP
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPointA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionA
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateEnhMetaFileA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CloseEnhMetaFile
BitBlt
version.dll VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
kernel32.dll (#3) GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
advapi32.dll (#2) RegQueryValueExA
RegOpenKeyExA
RegCloseKey
oleaut32.dll (#2) SysFreeString
SysReAllocStringLen
SysAllocStringLen
ole32.dll CreateStreamOnHGlobal
IsAccelerator
OleDraw
OleSetMenuDescriptor
RevokeDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
ProgIDFromCLSID
StringFromCLSID
CoCreateInstance
CoGetClassObject
CoUninitialize
CoInitialize
IsEqualGUID
kernel32.dll (#4) GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
ole32.dll (#2) CreateStreamOnHGlobal
IsAccelerator
OleDraw
OleSetMenuDescriptor
RevokeDragDrop
RegisterDragDrop
OleUninitialize
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
ProgIDFromCLSID
StringFromCLSID
CoCreateInstance
CoGetClassObject
CoUninitialize
CoInitialize
IsEqualGUID
oleaut32.dll (#3) SysFreeString
SysReAllocStringLen
SysAllocStringLen
comctl32.dll _TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
URLMON.DLL CoInternetCreateZoneManager
CoInternetCreateSecurityManager
wininet.dll InternetSetOptionA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetConnectA
InternetCloseHandle
shell32.dll ShellExecuteExA
ShellExecuteA
shell32.dll (#2) ShellExecuteExA
ShellExecuteA
shell32.dll (#3) ShellExecuteExA
ShellExecuteA

Delayed Imports

1

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x134
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.6633
MD5 ff4e5862f26ea666373e5fab2bddfb11
SHA1 cfa13c0ab30f1bbd566900dee3631902f9b6451c
SHA256 b8e6fc93d423931acbddae3c27dd3c4eb2a394005d746951a971cb700e0ee510
SHA3 91dae12a9f43c5443e0661091a336f882fa1482f75fa9a57c9298d1d70c8ae69

2

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x134
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.80231
MD5 2e87b3c111e3073a841775c1f8ec5a90
SHA1 20292304fa2ef1bfdc4a1000e90a1c16d4765a96
SHA256 ce19ace18e87b572e6912306776226af5b8e63959c61cde70a8ff05b3bbdcc41
SHA3 9527f09e739c2064835800a7e5c317cb422bdd7237f00fca079a1c62f58a2612

3

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x134
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.00046
MD5 a04c3c368cb37c07bd5f63e7e6841ebd
SHA1 699300bceaa1256818c43fecfc8cad93a59156b2
SHA256 ee1c9c194199c320c893b367602ccc7ee7270bd4395d029f727e097634f47f8c
SHA3 58722e3138aad1382e284c1605ecd665ced536de4906749ac8d6e11252cc9558

4

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x134
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.56318
MD5 9929115b21c2c59348058d4190392e75
SHA1 626fba1825d572ea441d36363307c9935de3c565
SHA256 9d9edf87ca203ecc60b246cc783d54218dd0ce77d3a025d0bafc580995a4abd8
SHA3 fea156e872544252c625076a6bf3baa733ee5b3d5399716e156734af7a841369

5

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x134
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.6949
MD5 f321ad13d1c3f35a05d67773b4bc27d6
SHA1 30aded8525417e2531d5eb88bf2f868172945baa
SHA256 99676c52310db365580965ea646ece86c62951bfd97ec0aae9f738a202a90593
SHA3 04c839da98a8c50a36697076af5bc6d527560a69153b2f718f065908fd4fe3ad

6

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x134
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.62527
MD5 5ca217e52bdc6f23b43c7b6a23171e6e
SHA1 d99dc22ec1b655a42c475431cc3259742d0957a4
SHA256 11726dcf1eebe23a1df5eb0ee2af39196b702eddd69083d646e4475335130b28
SHA3 b358d8a5b0f400dd2671956ec45486ae1035556837b5289df5f418fe69348b3f

7

Type RT_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x134
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.91604
MD5 6be7031995bb891cb8a787b9052f6069
SHA1 487eb59fd083cf4df02ce59d9b079755077ba1b5
SHA256 6f938aab0a03120de4ef8b27aff6ba5146226c92a056a6f04e5ec8d513ce5f9d
SHA3 0f1c6c0378a3646c9fbf3678bbeeccf929d32192f02d1ea9d6ba0be5c769e6ab

1 (#2)

Type RT_ICON
Language Dutch - Netherlands
Codepage UNKNOWN
Size 0x128
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.25755
MD5 c5af786bfd9fd1c53c8fe9f0bd9ce38b
SHA1 4f6f7d9973b47063aa5353225a2bc5a76aa2a96a
SHA256 f59f62e7843b3ff992cf769a3c608acd4a85a38b3b302cda8507b75163659d7b
SHA3 e178a71f02edb18e31bf550d484b2cba8d865e1e9796065addb07855ce5627f9

2 (#2)

Type RT_ICON
Language Dutch - Netherlands
Codepage UNKNOWN
Size 0x568
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.47151
MD5 0a451222f7037983439a58e3b44db529
SHA1 6881cba71174502883d53a8885fb90dad81fd0c0
SHA256 dc785b2a3e4ea82bd34121cc04e80758e221f11ee686fcfd87ce49f8e6730b22
SHA3 d5599c242df5383add3fb330d42b31f1751594b36bbf52195e7d1dd564e7f0e3

3 (#2)

Type RT_ICON
Language Dutch - Netherlands
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.91708
MD5 90ed3aac2a942e3067e6471b32860e77
SHA1 b849a2b9901473810b5d74e6703be78c3a7e64e3
SHA256 ca8fc96218d0a7e691dd7b95da05a27246439822d09b829af240523b28fd5bb3
SHA3 3f02085a0d69091556ede0b585f45145adce9849e175d8177c2f0fe0891a1bd8

4 (#2)

Type RT_ICON
Language Dutch - Netherlands
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.91366
MD5 af05dd5bd4c3b1fc94922c75ed4f9519
SHA1 f54685a8a314e6f911c75cf7554796212fb17c3e
SHA256 3bbacbad1458254c59ad7d0fd9bea998d46b70b8f8dcfc56aad561a293ffdae3
SHA3 150dba8cc825d5c0e9ff3c59015533288d19931847210338a3ef7cdc390c0e78

5 (#2)

Type RT_ICON
Language Dutch - Netherlands
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 4.02252
MD5 0a32af36e9f3ff2bfb686892dbc76e7f
SHA1 4d2cc068f7b71244190a174e2ec4595d6d9a2614
SHA256 8a5df9bfd804a125d891bd567e7b0890b508950cc54130066d97175d1f826e4e
SHA3 8e14d73e5daaf1e9fecaa8816a14ece135fd6353aed61d71fe452053d43cf60e

6 (#2)

Type RT_ICON
Language Dutch - Netherlands
Codepage UNKNOWN
Size 0x668
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.62911
MD5 10e4a9330ed641c05b4999444bfc3fbd
SHA1 453247eb70fec1eb7d95cf2561945d38ca5533d6
SHA256 64ea64ed88dc134f22303dd615f02cfb747dd74317f6d1822f2477c2352ddeb7
SHA3 e097ab28a4244abf7a390414c536f109ddfd07d42157641598a36d4bf7d72fb8

4082

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x5c
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.31395
MD5 562a42fa78a3445af4578f781ecee779
SHA1 ca31b22e33072e7d965bba105b2c6a90251b2a3d
SHA256 8242ed80d6433bb56a5255d73bf849876efc0c699d2a8e5cdd09aa61dfc941f3
SHA3 92e3cba35abcee8c6ee541eee3368d5ad3e582af866effeb9882f4e9d6242d10

4083

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x43c
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.27885
MD5 a69017079d0949b1abbb1d4f684a2239
SHA1 4500be2d5cd948d116785f5457f700737cb82eb5
SHA256 739f8d01c108a25b3f080422fb10882d49e3975f2b5275a614a432b337cb4065
SHA3 824ebafab362f01eca9dd97c29ca58a331bd53b55006460cad2a957808bad133

4084

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x2d8
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.34772
MD5 b8d6ccc8c42e260a4752668b925c5b3b
SHA1 3f3e6a2f3a99569f42632df41a9cd6d7a419b675
SHA256 91be020c1390a0191800c4b911228390141bb65570d1ee9e25bad6c75b07748e
SHA3 c4a6082540feaff00905752f954a2d00bf555e7881468a1136ebed29e3032419

4085

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0xc0
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.48358
MD5 ec9b5adb78278b91f710c54611646fac
SHA1 0f5f3fd65ac15d8791a1af92212d9c4fa7c469c2
SHA256 d3cef558d353d7a289937245f349d1f286b3d49311edd39b8c69e51a7d0e9e1b
SHA3 4a08e2827a30bc2e38ec57b09364dee496086532671e93d0c3016ed803a466ec

4086

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x158
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.3769
MD5 d6b258b8328d61bc049c5b663a00d76b
SHA1 4d6ac3b76048c8f9388dd2c9e8d33e1b70c2e174
SHA256 a7c330b9804c615cfcf36d23db59607afb7cfd6d592b14f8c203d117da2c9fde
SHA3 73fff310b441d2c88e02a34cd068221e6e4656c6d21e7d1264b981c4ad97fa7b

4087

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x494
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.29073
MD5 28f5720ed51ad245a50686a129e32aa9
SHA1 532c2517458c99c9ff5f662a382049efa9a315e2
SHA256 deb64f3f70421c08432466bc416dba2a7c19f16c8afca1c5fe5486c99195c2b7
SHA3 fe11ba79b5eb7078b8edd2374c72fadc4c8d71725a76f6984e146fd9acff29e1

4088

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x360
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.28759
MD5 2b09e7fb9377e56eeecf016fb41e3625
SHA1 65d85844580f45eec55a9b35c0866b32bea39b28
SHA256 a21bfdd9eb52720231ed4b9e5b094023e3926e3110df7bc63744997178607c63
SHA3 77af6270c3638d20a486f6a8a9cebe16f0ba22a817cdfea6d1503372e6242d64

4089

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x374
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.26839
MD5 e01fedd49445c6f1d3f3bc0492826593
SHA1 640fc3ebb3bb5d7630a11400f6fca890ba6f5ad4
SHA256 2d09dcf0a397092db9a222401c31f594c00c1ba87fe0f14c2ef61da6dad2ff93
SHA3 c0cca99483a62ab5f322108c51f92cef28a6305791e9804be3ffe7f6799c39c7

4090

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x418
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.34209
MD5 411f8d9cc73133fad3bd19035641c6a4
SHA1 70703ff7eb3bca7ebd2a9f65221d380ccc190dfe
SHA256 311e7d6b4fe1cd81f5855d1b1cc60e5f2770af02b739cb44b058f3b479a2dff3
SHA3 5f0dca43c8523a8400685d44cc7adbf9c362dd8479391056f252ed4da72c2fcc

4091

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x140
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.30609
MD5 f113f8942eff6bd131276c328748404c
SHA1 7a8c5e743ec60abdf884890b38a05f66053447b6
SHA256 21880d9d2145681bb044a97fe43146478d0c95db02625a6f63ce66d876f94a61
SHA3 5c5488744854133f9338d0636d7c9f8ab74fe409a10101c5fd2c4f6698070fd4

4092

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0xcc
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.34889
MD5 41e84c55d83e38e1b0ccab4f95866254
SHA1 450faac12f2e13711bfc14c90b000d3cf66d9e5c
SHA256 e04403c92735b3fc70823791da7ca19ed2a76b68328a76743f07290479c44652
SHA3 5ebd657deaf91b038845ad4b68ebcec97e3c47da836a637a570e0d27d0a48024

4093

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x1ec
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.40792
MD5 8f38e3aa2e8063df6ee858880d352c50
SHA1 25cf011f22631968b12cbab98d07b1f7f588e9cf
SHA256 cf9dd14a3e0c4458530937ddeaa98f67f2665d94d5a0bbaa124fb69c83f6af6e
SHA3 76072ee50a4cc5408d3ac8fcc0a1ea57ba8bd31f74c71086fe8b4e615d4f80bc

4094

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x3b0
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.25896
MD5 aa9b11a37a4b3287619a28a3fb1b06d1
SHA1 c969b9bbae921e9aaa08126f1a7c0a781a752291
SHA256 a15f5d2d3fde5dcde265224aa0539a07e702b7eec89218bf3aaf55022cf5017f
SHA3 821f9a7f36eec6cc2ed8642754c60dc134c6130863a7f91904c98f2ce2e48d3a

4095

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x354
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.35521
MD5 1df99738dfa2acc32adac6f62d3cd875
SHA1 fcbf4213c46237d44993d5788d586118a32e1931
SHA256 10560849e7babf2b275fd7464015f3522b08c7cbe2fd6fc9dbb72602070d9ca8
SHA3 83b5c88b59d43465b598a46002a88b880b40ebebea586e0216fb20e6bfa3aec6

4096

Type RT_STRING
Language UNKNOWN
Codepage UNKNOWN
Size 0x2b4
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 3.30387
MD5 de1a896f03fa6ee6b11874cf24cd7bcf
SHA1 7f1b6d6163bd79160d9d73cebb5549ad411b0491
SHA256 320d43cb98b69aa5582f6b455c7f889b6034dfe47ed150e5c140f2d2cb6e9caa
SHA3 bf8170e830a6fbcb357caabb27a0c24118d67a9a1533bf63c4bccd8e3045ef04

DVCLAL

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x10
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 4
MD5 a40263c75fde7440b1086b7da9c51fc2
SHA1 139a84f87110fb5cb16a386adade21f30cae98b0
SHA256 e7dbe99baa5c1045cdf7004edb037018b2e0f639a5edcf800ec4514d5c8e35b5
SHA3 d3a734fa7d36868d301f9569de92e1bfc551e4b5cf6d7c59eace8d0a554093c0

PACKAGEINFO

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x33c
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 5.39457
MD5 6982dbf6fcfc5d65d3779728cfe1530f
SHA1 79dff74df504a6b2f9ff8c5ddf4de4aca3b9ddfd
SHA256 4cdf77c6a110827972d68ee49344948861728959f9e6fe5d6b3c2e682ca5f73b
SHA3 6a9765cafc8d58cfff8e24a8f37c24dd007ac3f6cb00059549aeeb1c2ff9f971

TMMRFORM

Type RT_RCDATA
Language UNKNOWN
Codepage UNKNOWN
Size 0x1d7f9
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 7.13426
MD5 8555516c567906f21f641cc7c27a1cd0
SHA1 1802081a28556a2f7d6dcb53fa210831d55538a6
SHA256 420cfda873b3336c834b6289ca11600860bc3e449714c9220e84ebd94d8bb31b
SHA3 569d8a43503cd31daa7c3ad87b3cc553d61cd1eb44e84112d42b683b32c9716d

32761

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 1.83876
Detected Filetype Cursor file
MD5 a2baa01ccdea3190e4998a54dbc202a4
SHA1 e8217df98038141ab4e449cb979b1c3bbea12da3
SHA256 c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710
SHA3 8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc
Preview

32762

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 1.91924
Detected Filetype Cursor file
MD5 aff0f5e372bd49ceb9f615b9a04c97df
SHA1 e3205724d7ee695f027ab5ea8d8e1a453aaad0dd
SHA256 b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c
SHA3 9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712
Preview

32763

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.01924
Detected Filetype Cursor file
MD5 48e064acaba0088aa097b52394887587
SHA1 310b283d52aa218e77c0c08db694c970378b481d
SHA256 43f40dd5140804309a4c901ec3c85b54481316e67a6fe18beb9d5c0ce3a42c3a
SHA3 38753084b0ada40269914e80dbacf7656dc94764048bd5dff649b08b700f3ed5
Preview

32764

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.01924
Detected Filetype Cursor file
MD5 1ae28d964ba1a2b1b73cd813a32d4b40
SHA1 8883cd93b8ef7c15928177de37711f95f9e4cd22
SHA256 ff47a48c11c234903a7d625cb8b62101909f735ad84266c98dd4834549452c39
SHA3 a85dadd416ce2d22aa291c0794c45766a0613b853c6e3b884a2b05fc791427b8
Preview

32765

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.01924
Detected Filetype Cursor file
MD5 0893f6ba80d82936ebe7a8216546cd9a
SHA1 0754cbdf56c53de9ed7fbd47859d20b788c6f056
SHA256 a0adcedb82b57089f64e2857f97cefd6cf25f4d27eefc6648bda83fd5fef66bb
SHA3 ce6148ade08ef9b829f83cb13b4c650d9d4a7012bfd1ab697a7870a05f4104f8
Preview

32766

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.01924
Detected Filetype Cursor file
MD5 dcaa3c032fe97281b125d0d8f677c219
SHA1 58fe36409f932549e2f101515abee7a40cf47b2c
SHA256 6e1e7738a1b6373d8829f817915822ef415a1727bb5bb7cfe809e31b3c143ac5
SHA3 02ef292e1b4a70e439e362af6b4fa213e3816ade45222b78dabab712b6afba54
Preview

32767

Type RT_GROUP_CURSOR
Language English - United States
Codepage UNKNOWN
Size 0x14
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.01924
Detected Filetype Cursor file
MD5 a95c7c78d0a0b30b87e3c4976e473508
SHA1 b19f3999f1b302a2d28977cb18a3416c918d486c
SHA256 326c048595bbc72e3f989cb3b95fbf09dc83739ced3cb13eb6f03336f95d74f1
SHA3 8157b4e6afa7ed2e2ffc174d655bec9fb81db609e4c5864faa5ead931ff60689
Preview

MAINICON

Type RT_GROUP_ICON
Language Dutch - Netherlands
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 2.86669
Detected Filetype Icon file
MD5 a36bfe9720c6b3e28e2e7f36948102eb
SHA1 44d4f7438416bd4634bd699fd3dbd21492dda23c
SHA256 a2fa837c8040b5541e0978df87c47b627cad06b4ea1234b8ffbacbb88d1f12cf
SHA3 4254fefaa0e78f3799434b3c5887cafa2e8b475c84452f7600427ed28358f394

1 (#3)

Type RT_MANIFEST
Language Dutch - Netherlands
Codepage UNKNOWN
Size 0x351
TimeDateStamp 2008-Jul-23 17:21:46
Entropy 4.92058
MD5 a81c4d0b544e9660fb96f9713597b89a
SHA1 36a5f3f2c790cf22a44e6474c660b0393db30786
SHA256 5aa96833caf701138eaec5cdff3b259d1a453d163d5f72b7c2a4698f0e0abab2
SHA3 f78bb88208b1dad6eb00a1c94c88a5b343f38e9b260a3fb869ec6368a8b0fa39

String Table contents

JPEG error #%d
JPEG Image File
add
modify
delete
set focus to
set version of
OLE error %.8x
Method '%s' not supported by automation object
Variant does not reference an automation object
Dispatch methods do not support more than 64 parameters
DCOM not installed
OLE control activation failed
Could not obtain OLE control window handle
License information for %s is invalid
License information for %s not found. You cannot use this control in design mode
Unable to retrieve a pointer to a running object registered with OLE for %s/%s
Cannot change the size of a JPEG image
Right
Down
Ins
Del
Shift+
Ctrl+
Alt+
Clipboard does not support Icons
Cannot open clipboard
Menu '%s' is already being used by another form
Docked control must have a name
Error removing control from dock tree
- Dock zone not found
- Dock zone has no control
Error loading dock zone from the stream. Expecting version %d, but found %d.
Failed to %s notify icon
&Retry
&Ignore
&All
N&o to All
Yes to &All
BkSp
Tab
Esc
Enter
Space
PgUp
PgDn
End
Home
Left
Up
A control cannot have itself as its parent
Cannot drag a form
Metafiles
Enhanced Metafiles
Icons
Bitmaps
Warning
Error
Information
Confirm
&Yes
&No
OK
Cancel
&Help
&Abort
Failed to read ImageList data from stream
Failed to write ImageList data to stream
Error creating window device context
Error creating window class
Cannot focus a disabled or invisible window
Control '%s' has no parent window
Parent given is not a parent of '%s'
Cannot hide an MDI Child Form
Cannot change Visible in OnShow or OnHide
Cannot make a visible window modal
Menu index out of range
Menu inserted twice
Sub-menu is not in menu
Not enough timers available
GroupIndex cannot be less than a previous menu item's GroupIndex
Cannot create form. No MDI forms are currently active
No context-sensitive help installed
No help found for context
No topic-based help system installed
Bitmap image is not valid
Icon image is not valid
Metafile is not valid
Invalid pixel format
Scan line index out of range
Cannot change the size of an icon
Invalid operation on TOleGraphic
Unsupported clipboard format
Out of system resources
Canvas does not allow drawing
Invalid image size
Invalid ImageList
Invalid ImageList Index
List index out of bounds (%d)
Out of memory while expanding memory stream
Error reading %s%s%s: %s
Stream read error
Property is read-only
Failed to create key %s
Failed to get data for '%s'
Failed to set data for '%s'
Resource %s not found
%s.Seek not implemented
Operation not allowed on sorted list
%s not in a class registration group
Property %s does not exist
Stream write error
Unable to find a Table of Contents
No help found for %s
Can't write to a read-only resource stream
CheckSynchronize called from thread $%x, which is NOT the main thread
Class %s not found
A class named %s already exists
List does not allow duplicates ($0%x)
A component named %s already exists
String list does not allow duplicates
Cannot create file "%s". %s
Cannot open file "%s". %s
Invalid stream format
''%s'' is not a valid component name
Invalid property path
Invalid property value
Invalid data type for '%s'
List capacity out of bounds (%d)
List count out of bounds (%d)
Mon
Tue
Wed
Thu
Fri
Sat
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Ancestor for '%s' not found
Cannot assign a %s to a %s
Bits index out of range
Oct
Nov
Dec
January
February
March
April
May
June
July
August
September
October
November
December
Sun
Interface not supported
Exception in safecall method
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
System Error. Code: %d.
%s
A call to an OS function failed
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Write
Error creating variant or safe array
Variant or safe array index out of bounds
Variant or safe array is locked
Invalid variant type conversion
Invalid variant operation
Invalid variant operation (%s%.8x)
%s
Could not convert variant of type (%s) into type (%s)
Overflow while converting variant of type (%s) into type (%s)
Variant overflow
Invalid argument
Invalid variant type
Operation not supported
Unexpected variant error
External exception %x
Assertion failed
Floating point division by zero
Floating point overflow
Floating point underflow
Invalid pointer operation
Invalid class typecast
Access violation at address %p. %s of address %p
Access violation
Stack overflow
Control-C hit
Privileged instruction
Exception %s in module %s at %p.
%s%s
Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
Variant method calls not supported
Read
'%s' is not a valid integer value
'%s' is not a valid floating point value
'%s' is not a valid GUID value
Out of memory
I/O error %d
File not found
Invalid filename
Too many open files
File access denied
Read beyond end of file
Disk full
Invalid numeric input
Division by zero
Range check error
Integer overflow
Invalid floating point operation

Version Info

TLS Callbacks

StartAddressOfRawData 0x497000
EndAddressOfRawData 0x497034
AddressOfIndex 0x48a78c
AddressOfCallbacks 0x498010
SizeOfZeroFill 0
Characteristics IMAGE_SCN_TYPE_REG
Callbacks (EMPTY)

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0! [*] Warning: Section .tls has a size of 0!
<-- -->