Manalyze report for c684835974b81bfbe4929170522e1935f901bb7728aa4bc949fb6fcac3ee2578

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2013-Aug-24 08:13:42
Detected languages	Chinese - PRC English - United States
Debug artifacts	E:\ç³»ç»æä»¶å¤¹\æçææ¡£\Visual Studio 2010\Projects\dnp\Release\DnPakStudio.pdb
FileDescription	é¾ä¹è°·è¡¥ä¸å·¥å
FileVersion	`2.4.4984.28883`
InternalName	DnPakStudio.exe
LegalCopyright	Copyright Â© 2013 ãç¬æ åã. All Rights Reserved.
OriginalFilename	DnPakStudio.exe
ProductName	é¾ä¹è°·è¡¥ä¸å·¥å
ProductVersion	`2.4.4984.28883`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `MASM/TASM - sig1(h)`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryW` `Can access the registry: RegOpenKeyExW RegCreateKeyExW RegDeleteKeyW RegDeleteValueW RegSetValueExW RegCloseKey RegQueryValueExW RegEnumKeyExW` `Possibly launches other programs: ShellExecuteW` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: GetAsyncKeyState MapVirtualKeyW GetForegroundWindow CallNextHookEx` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Enumerates local disk drives: GetVolumeInformationW` `Can take screenshots: GetDC CreateCompatibleDC BitBlt`
Suspicious	VirusTotal score: 2/70 (Scanned on 2023-09-21 23:27:34)	`APEX: Malicious` `Rising: Trojan.Generic@AI.90 (RDML:jWsmv3vx1v64FGIeGaVZlA)`

Hashes

MD5	`51e25bd29dcaedcde3bb8c3fae64896f`
SHA1	`ce36fcca4e9977e49be73fcc43e717b7f4336161`
SHA256	`c684835974b81bfbe4929170522e1935f901bb7728aa4bc949fb6fcac3ee2578`
SHA3	`04503e5e1436bd1df7879224483ec3f508b87d3236d7a0b04ba06756ac42c657`
SSDeep	`49152:b9nBHHRVEfpGOem2fSlWj/KLj+Nz+a+9V4B/IFQc0rbZhVlVBr:B9RVEfp4m2fQWj/KLj+J+axI2c0rbZh`
Imports Hash	`4a0bf0e5316348ab220281e2d7905fbd`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2013-Aug-24 08:13:42
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`10.0`
SizeOfCode	`0x112200`
SizeOfInitializedData	`0x8ce00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000F05F3 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x114000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x1aa000`
SizeOfHeaders	`0x400`
Checksum	`0x1aef5f`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b8f968bb77050752f4afbbd5c2bcea73`
SHA1	`843132d52fd073f658c068737f2b9c3facbb9b0b`
SHA256	`ac09863fd193a3cb33389be67492f5cadf5d223c24de6325ee2b7fc7164a27e3`
SHA3	`2118487fe8ebe4ac5d753d7fdddb58e455d083e8eff19df5f0fe0c371cc8483e`
VirtualSize	`0x11218c`
VirtualAddress	`0x1000`
SizeOfRawData	`0x112200`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.51965`

.rdata

MD5	`b4e55e448684018456665b00569dc39d`
SHA1	`94d550fcf58a283ee21c1fd4d4385441dbc69c74`
SHA256	`064d983745d4356ca9822d211675d581a095670acd5256bfcbcb7010b88cab22`
SHA3	`1e955c411261d7070ae84c1e31bcd38d6a865e60c6cc1588c0a1df1ba3fdf2a2`
VirtualSize	`0x4054e`
VirtualAddress	`0x114000`
SizeOfRawData	`0x40600`
PointerToRawData	`0x112600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.02419`

.data

MD5	`affbadda8ba4ba2601637c36964e6df0`
SHA1	`409f541b8626c5570c3644ab3b8d02d64b0d8a6d`
SHA256	`4a522188b470fab370949507679614db2991252eb476f1ded490bb6c762d56a9`
SHA3	`0370a59421c01d253ae69f8dfe602ec6a8b315995fa27f15bb8cf1e89569b41a`
VirtualSize	`0xcfdc`
VirtualAddress	`0x155000`
SizeOfRawData	`0x5800`
PointerToRawData	`0x152c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.68989`

.rsrc

MD5	`6bcad7efc632b6c4cf2c348bfb0669c3`
SHA1	`e8ded70ec5def4fccd83ee2114ac53edff9b7894`
SHA256	`db4102826a81e46097b2165372d399f675e900bcf1e27736363df5759a980fcb`
SHA3	`f7cb24926f45227e23dcc9abe18c90f2714a479c588a8db187fe19d5aa80a5bc`
VirtualSize	`0x1e98c`
VirtualAddress	`0x162000`
SizeOfRawData	`0x1ea00`
PointerToRawData	`0x158400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.16495`

.reloc

MD5	`71acab7f8c3cbbbbd2ab845e8d6cd9bb`
SHA1	`917a5b7078165a4b875228bcece4977ce762ea5b`
SHA256	`5eb684c4b07bca298cf8d40d79dee4e4d80e726676a464ffb3f219823cb698b8`
SHA3	`e2c07d0d0c82890a7ad837b11841550417d63c7e4c2a1a3fa0ed958643a5ba40`
VirtualSize	`0x2854c`
VirtualAddress	`0x181000`
SizeOfRawData	`0x28600`
PointerToRawData	`0x176e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.89695`

Imports

KERNEL32.dll	`SetEnvironmentVariableA` `GetConsoleMode` `GetConsoleCP` `LCMapStringW` `GetTimeZoneInformation` `GetStringTypeW` `IsValidCodePage` `GetOEMCP` `GetACP` `GetCPInfo` `IsProcessorFeaturePresent` `IsDebuggerPresent` `UnhandledExceptionFilter` `TerminateProcess` `QueryPerformanceCounter` `HeapCreate` `SetHandleCount` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `GetStdHandle` `SetUnhandledExceptionFilter` `GetFileType` `GetFileAttributesW` `SetStdHandle` `VirtualQuery` `GetSystemInfo` `VirtualAlloc` `GetSystemTimeAsFileTime` `ExitProcess` `CreateThread` `ExitThread` `HeapSize` `WriteConsoleW` `EncodePointer` `DecodePointer` `RaiseException` `RtlUnwind` `HeapReAlloc` `HeapFree` `HeapAlloc` `GetStartupInfoW` `HeapSetInformation` `GetCommandLineW` `FindResourceExW` `VirtualProtect` `SearchPathW` `Sleep` `GetProfileIntW` `GetTickCount` `GetTempPathW` `GetTempFileNameW` `GetCurrentDirectoryW` `GetNumberFormatW` `lstrcpyW` `GetSystemDirectoryW` `GetFileTime` `GetFileSizeEx` `FileTimeToLocalFileTime` `HeapQueryInformation` `GetFileAttributesExW` `GetUserDefaultUILanguage` `GetLocaleInfoW` `InterlockedExchange` `FreeResource` `GlobalFindAtomW` `GlobalDeleteAtom` `GetVersionExW` `InitializeCriticalSectionAndSpinCount` `WaitForSingleObject` `GetCurrentThreadId` `ResumeThread` `SetThreadPriority` `GetFullPathNameW` `GetVolumeInformationW` `FindFirstFileW` `FindClose` `GetCurrentProcess` `DuplicateHandle` `CloseHandle` `GetFileSize` `SetEndOfFile` `UnlockFile` `LockFile` `FlushFileBuffers` `SetFilePointer` `WriteFile` `ReadFile` `CreateFileW` `lstrcmpiW` `GlobalAddAtomW` `GlobalFlags` `lstrcmpW` `TlsFree` `DeleteCriticalSection` `LocalReAlloc` `TlsSetValue` `TlsAlloc` `InitializeCriticalSection` `GlobalHandle` `GlobalReAlloc` `EnterCriticalSection` `TlsGetValue` `LeaveCriticalSection` `LocalAlloc` `GetCurrentProcessId` `CompareStringW` `ActivateActCtx` `ReleaseActCtx` `DeactivateActCtx` `InterlockedDecrement` `InterlockedIncrement` `GetModuleHandleW` `FileTimeToSystemTime` `lstrlenA` `lstrcmpA` `GlobalGetAtomNameW` `GetLastError` `SetLastError` `GlobalFree` `CopyFileW` `GlobalSize` `GlobalAlloc` `GlobalLock` `GlobalUnlock` `FormatMessageW` `LocalFree` `lstrlenW` `MulDiv` `WideCharToMultiByte` `FreeLibrary` `GetProcAddress` `LoadLibraryW` `GetWindowsDirectoryW` `FindResourceW` `LoadResource` `LockResource` `SizeofResource` `MultiByteToWideChar` `GetModuleFileNameW`
USER32.dll	`TranslateMDISysAccel` `DrawMenuBar` `DefMDIChildProcW` `DefFrameProcW` `WaitMessage` `PostThreadMessageW` `UnpackDDElParam` `ReuseDDElParam` `InsertMenuItemW` `TranslateAcceleratorW` `IsMenu` `MonitorFromPoint` `UpdateLayeredWindow` `UnionRect` `MapVirtualKeyExW` `IsCharLowerW` `EmptyClipboard` `CloseClipboard` `SetClipboardData` `OpenClipboard` `GetKeyNameTextW` `LockWindowUpdate` `BringWindowToTop` `SetCursorPos` `SetRect` `CreateAcceleratorTableW` `LoadAcceleratorsW` `GetKeyboardState` `GetKeyboardLayout` `ToUnicodeEx` `CopyAcceleratorTableW` `DrawFrameControl` `DrawEdge` `DrawStateW` `GetSystemMenu` `LoadMenuW` `SetClassLongW` `WindowFromPoint` `DestroyAcceleratorTable` `SetParent` `SetWindowRgn` `IsZoomed` `DeleteMenu` `ShowOwnedPopups` `CreateDialogIndirectParamW` `DrawIconEx` `GetNextDlgGroupItem` `KillTimer` `SetTimer` `LoadImageW` `GetIconInfo` `OffsetRect` `GetNextDlgTabItem` `MessageBeep` `NotifyWinEvent` `SetCursor` `EnableScrollBar` `HideCaret` `DrawFocusRect` `InvertRect` `GetAsyncKeyState` `SetCapture` `InvalidateRect` `MapVirtualKeyW` `IsRectEmpty` `CreatePopupMenu` `GetMenuDefaultItem` `SetLayeredWindowAttributes` `EnumDisplayMonitors` `SetRectEmpty` `CopyImage` `SystemParametersInfoW` `DestroyMenu` `GetMenuItemInfoW` `IntersectRect` `InflateRect` `SetMenuItemBitmaps` `GetMenuCheckMarkDimensions` `LoadBitmapW` `ModifyMenuW` `EnableMenuItem` `CheckMenuItem` `RegisterWindowMessageW` `SendDlgItemMessageA` `WinHelpW` `IsChild` `GetCapture` `GetClassLongW` `SetPropW` `GetPropW` `RemovePropW` `GetForegroundWindow` `SetActiveWindow` `BeginDeferWindowPos` `EndDeferWindowPos` `GetTopWindow` `GetMessageTime` `GetMessagePos` `MonitorFromWindow` `GetMonitorInfoW` `MapWindowPoints` `ScrollWindow` `TrackPopupMenu` `SetMenu` `SetScrollRange` `GetScrollRange` `SetForegroundWindow` `ShowScrollBar` `RedrawWindow` `GetClientRect` `PostMessageW` `GetClassInfoExW` `GetClassInfoW` `RegisterClassW` `AdjustWindowRectEx` `EqualRect` `DeferWindowPos` `GetScrollInfo` `SetScrollInfo` `SetWindowPlacement` `GetWindowPlacement` `CallWindowProcW` `GetMenu` `CopyRect` `GetWindowDC` `ScreenToClient` `GrayStringW` `DrawTextExW` `DrawTextW` `TabbedTextOutW` `FillRect` `SetWindowsHookExW` `CallNextHookEx` `GetMessageW` `TranslateMessage` `DispatchMessageW` `GetActiveWindow` `IsWindowVisible` `GetKeyState` `PeekMessageW` `GetCursorPos` `ValidateRect` `CharUpperW` `DestroyIcon` `SetWindowPos` `MoveWindow` `SetWindowLongW` `IsWindow` `IsDialogMessageW` `SendDlgItemMessageW` `CreateMenu` `SetMenuDefaultItem` `IsClipboardFormatAvailable` `FrameRect` `GetWindowRgn` `DestroyCursor` `DrawIcon` `MapDialogRect` `GetDlgItem` `CheckDlgButton` `GetScrollPos` `SetScrollPos` `SetFocus` `GetFocus` `GetDesktopWindow` `RealChildWindowFromPoint` `SubtractRect` `GetDoubleClickTime` `CharUpperBuffW` `CopyIcon` `RegisterClipboardFormatW` `IsIconic` `GetUpdateRect` `ClientToScreen` `GetWindow` `GetDlgCtrlID` `GetWindowRect` `GetClassNameW` `PtInRect` `SetWindowTextW` `GetWindowThreadProcessId` `SendMessageW` `GetParent` `GetWindowLongW` `GetLastActivePopup` `IsWindowEnabled` `EnableWindow` `UnhookWindowsHookEx` `GetSystemMetrics` `GetDC` `ReleaseDC` `GetSysColor` `GetSysColorBrush` `GetWindowTextLengthW` `GetWindowTextW` `GetMenuState` `GetMenuStringW` `AppendMenuW` `GetMenuItemID` `InsertMenuW` `GetMenuItemCount` `GetSubMenu` `RemoveMenu` `EndDialog` `PostQuitMessage` `EndPaint` `BeginPaint` `DefWindowProcW` `DestroyWindow` `UpdateWindow` `ShowWindow` `CreateWindowExW` `LoadCursorW` `LoadIconW` `MessageBoxW` `ReleaseCapture`
GDI32.dll	`CreateFontIndirectW` `CreateRectRgnIndirect` `SetRectRgn` `CombineRgn` `PatBlt` `DPtoLP` `GetTextExtentPoint32W` `CreateDIBitmap` `CreateCompatibleBitmap` `GetTextMetricsW` `EnumFontFamiliesW` `GetTextCharsetInfo` `GetBkColor` `CreatePalette` `GetPaletteEntries` `GetNearestPaletteIndex` `RealizePalette` `GetSystemPaletteEntries` `CreateDIBSection` `CreateRoundRectRgn` `CreatePolygonRgn` `GetTextColor` `CreateEllipticRgn` `Polyline` `Ellipse` `Polygon` `SetDIBColorTable` `StretchBlt` `CreateHatchBrush` `Rectangle` `OffsetRgn` `GetRgnBox` `EnumFontFamiliesExW` `LPtoDP` `GetWindowOrgEx` `GetViewportOrgEx` `PtInRegion` `FillRgn` `FrameRgn` `GetBoundsRect` `ExtFloodFill` `SetPaletteEntries` `SetPixelV` `GetTextFaceW` `OffsetViewportOrgEx` `SetViewportOrgEx` `SelectObject` `CreateSolidBrush` `Escape` `CreatePen` `GetObjectType` `SetViewportExtEx` `SelectPalette` `GetStockObject` `CreateCompatibleDC` `CreateBitmap` `CreatePatternBrush` `DeleteDC` `ExtSelectClipRgn` `ScaleWindowExtEx` `SetWindowExtEx` `OffsetWindowOrgEx` `SetWindowOrgEx` `SetPixel` `GetDeviceCaps` `ExtTextOutW` `TextOutW` `RectVisible` `PtVisible` `GetPixel` `BitBlt` `GetWindowExtEx` `GetViewportExtEx` `GetObjectW` `CreateRectRgn` `SelectClipRgn` `SetLayout` `GetLayout` `SetTextAlign` `MoveToEx` `LineTo` `IntersectClipRect` `ExcludeClipRect` `GetClipBox` `SetMapMode` `SetTextColor` `SetROP2` `SetPolyFillMode` `SetBkMode` `SetBkColor` `RestoreDC` `SaveDC` `DeleteObject` `CreateDCW` `CopyMetaFileW` `ScaleViewportExtEx`
MSIMG32.dll	`AlphaBlend` `TransparentBlt`
COMDLG32.dll	`GetFileTitleW`
WINSPOOL.DRV	`ClosePrinter` `OpenPrinterW` `DocumentPropertiesW`
ADVAPI32.dll	`RegOpenKeyExW` `RegCreateKeyExW` `RegDeleteKeyW` `RegDeleteValueW` `RegSetValueExW` `RegCloseKey` `RegQueryValueExW` `RegEnumKeyExW`
SHELL32.dll	`DragFinish` `SHGetFileInfoW` `SHGetDesktopFolder` `SHGetPathFromIDListW` `SHGetSpecialFolderLocation` `ShellExecuteW` `SHAppBarMessage` `DragQueryFileW` `SHBrowseForFolderW`
COMCTL32.dll	`ImageList_GetIconSize`
SHLWAPI.dll	`PathFindFileNameW` `PathStripToRootW` `PathIsUNCW` `PathFindExtensionW` `PathRemoveFileSpecW`
ole32.dll	`DoDragDrop` `OleLockRunning` `IsAccelerator` `OleTranslateAccelerator` `OleDestroyMenuDescriptor` `OleCreateMenuDescriptor` `CreateStreamOnHGlobal` `CoInitializeEx` `CoUninitialize` `CoInitialize` `CoCreateInstance` `OleDuplicateData` `CoTaskMemAlloc` `ReleaseStgMedium` `CoTaskMemFree` `RevokeDragDrop` `CoLockObjectExternal` `RegisterDragDrop` `OleGetClipboard`
OLEAUT32.dll	`SysFreeString` `SysAllocString` `VariantInit` `VarBstrFromDate` `SysAllocStringLen` `SysStringLen` `SystemTimeToVariantTime` `VariantTimeToSystemTime` `VariantChangeType` `VariantClear`
OLEACC.dll	`LresultFromObject` `AccessibleObjectFromWindow` `CreateStdAccessibleObject`
gdiplus.dll	`GdipGetImageGraphicsContext` `GdipBitmapUnlockBits` `GdipBitmapLockBits` `GdipCreateBitmapFromScan0` `GdipCreateBitmapFromStream` `GdipGetImagePalette` `GdipGetImagePaletteSize` `GdipGetImagePixelFormat` `GdipGetImageHeight` `GdipGetImageWidth` `GdipCloneImage` `GdipDrawImageRectI` `GdipSetInterpolationMode` `GdipCreateFromHDC` `GdiplusShutdown` `GdiplusStartup` `GdipCreateBitmapFromHBITMAP` `GdipDisposeImage` `GdipDeleteGraphics` `GdipAlloc` `GdipFree` `GdipDrawImageI`
IMM32.dll	`ImmGetOpenStatus` `ImmReleaseContext` `ImmGetContext`
WINMM.dll	`PlaySoundW`

Delayed Imports

1

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x2d6c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94955`
Detected Filetype	PNG graphic file
MD5	`c838935d6dbc2a3ff52317f156e07bc9`
SHA1	`0dbec697f81bcc2774ecd99b0601a79eae592957`
SHA256	`3842b8539e3eab7bffb0c9dfa5ff4785b036718aa4afc44ff292cee8177d6874`
SHA3	`a61fb3ef277431effdbca67c2174dd78ac7236f99f74f5d4c1654f0e6b04f917`

2

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.39149`
MD5	`30e309f3ff3e8abc2336f47f9c485460`
SHA1	`2f42af7fd11e5fa1b70e3920b5409b7bb62497d7`
SHA256	`2891412afdd440813b53138e95c987bb27b8b1f1db4745728b82563fce4a38db`
SHA3	`63e4cb142488c21fb1af715e47b8222fa6f592b973f14a2ed2f0b6a08bf618ef`

3

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.20558`
MD5	`2b80fe47ee41cedb1c4a484f71af240c`
SHA1	`6b8a32c67d38f58f7f5cb1344d9218da0d1b5818`
SHA256	`cf67f59540ba062fca29b30df9779bfe05f436d5a15e30c7413cd840edfdab74`
SHA3	`ec20377fdeb14a3381ebad0f14f74cfeee95443d4a0e18155186f9a8b4393fee`

4

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.67615`
MD5	`5da0374f0b9d26332b2c6a92681b9abf`
SHA1	`ef82b85118e6caa2988e26db3fda4a8dac51e179`
SHA256	`27c186a6cc38de1334e8a908f393238e99a3b5d9b0d036b4b555f9b45c22ef72`
SHA3	`154621068628e3e9c827f1ef2a9f15727546508f65d12212f723d62ac5bfb78a`

5

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x3cb5`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94613`
Detected Filetype	PNG graphic file
MD5	`a95b36fd73b4bdb9ba9ffcb6f920b507`
SHA1	`3e4c02da03c6f06d851ebaa3ffca6c12dd1a985e`
SHA256	`c0a5edf3baaaa3fd94d6388071b7c339b615467ce41653a491dfaefcf4732405`
SHA3	`e51ec4fbd8d26eab6fa018c23027c6a0575e36501b611d85de9bca3ff87d0b68`

6

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99637`
MD5	`3f87f78653ba0cf73a38a91a738cde9c`
SHA1	`64b220b5e011788306fed14e05ff0043fa9d276d`
SHA256	`52a27297b97b2abc35185302ff0deb902b01194b69e8e025c5c9197dba5176e5`
SHA3	`fb63d28f85e78c7a138405179dfd0ec53144b992d2c76517d68438777c08d84e`

7

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23775`
MD5	`502b1734da57a0be0583640fb714b1a8`
SHA1	`a77580b3c9a19900a74ac52d803b4f71df64d7fc`
SHA256	`5f53ffd2335673394991b19ddd016f6898844197867ea00c24c45583e27aba67`
SHA3	`ad9440fd627f32336045f829b6724e5f48fe1f4d3041badff35b981f92268e88`

8

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4833`
MD5	`40c55c469beafffe891e1a6aeab5e936`
SHA1	`f8118c4db7beacbf059ce58066c72a2c4fca2395`
SHA256	`1356f3c812c3fcf027aea1e88e6df2675b37515d5d245e3a367f44ed46340aee`
SHA3	`6835455ffb5a572be00eb6507dba9bed95ddf48e9bbd2b70fd013725c34a3734`

9

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x2d6c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94955`
Detected Filetype	PNG graphic file
MD5	`c838935d6dbc2a3ff52317f156e07bc9`
SHA1	`0dbec697f81bcc2774ecd99b0601a79eae592957`
SHA256	`3842b8539e3eab7bffb0c9dfa5ff4785b036718aa4afc44ff292cee8177d6874`
SHA3	`a61fb3ef277431effdbca67c2174dd78ac7236f99f74f5d4c1654f0e6b04f917`

10

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.39149`
MD5	`30e309f3ff3e8abc2336f47f9c485460`
SHA1	`2f42af7fd11e5fa1b70e3920b5409b7bb62497d7`
SHA256	`2891412afdd440813b53138e95c987bb27b8b1f1db4745728b82563fce4a38db`
SHA3	`63e4cb142488c21fb1af715e47b8222fa6f592b973f14a2ed2f0b6a08bf618ef`

11

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.20558`
MD5	`2b80fe47ee41cedb1c4a484f71af240c`
SHA1	`6b8a32c67d38f58f7f5cb1344d9218da0d1b5818`
SHA256	`cf67f59540ba062fca29b30df9779bfe05f436d5a15e30c7413cd840edfdab74`
SHA3	`ec20377fdeb14a3381ebad0f14f74cfeee95443d4a0e18155186f9a8b4393fee`

12

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.67615`
MD5	`5da0374f0b9d26332b2c6a92681b9abf`
SHA1	`ef82b85118e6caa2988e26db3fda4a8dac51e179`
SHA256	`27c186a6cc38de1334e8a908f393238e99a3b5d9b0d036b4b555f9b45c22ef72`
SHA3	`154621068628e3e9c827f1ef2a9f15727546508f65d12212f723d62ac5bfb78a`

13

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x3cb5`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94613`
Detected Filetype	PNG graphic file
MD5	`a95b36fd73b4bdb9ba9ffcb6f920b507`
SHA1	`3e4c02da03c6f06d851ebaa3ffca6c12dd1a985e`
SHA256	`c0a5edf3baaaa3fd94d6388071b7c339b615467ce41653a491dfaefcf4732405`
SHA3	`e51ec4fbd8d26eab6fa018c23027c6a0575e36501b611d85de9bca3ff87d0b68`

14

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99637`
MD5	`3f87f78653ba0cf73a38a91a738cde9c`
SHA1	`64b220b5e011788306fed14e05ff0043fa9d276d`
SHA256	`52a27297b97b2abc35185302ff0deb902b01194b69e8e025c5c9197dba5176e5`
SHA3	`fb63d28f85e78c7a138405179dfd0ec53144b992d2c76517d68438777c08d84e`

15

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23775`
MD5	`502b1734da57a0be0583640fb714b1a8`
SHA1	`a77580b3c9a19900a74ac52d803b4f71df64d7fc`
SHA256	`5f53ffd2335673394991b19ddd016f6898844197867ea00c24c45583e27aba67`
SHA3	`ad9440fd627f32336045f829b6724e5f48fe1f4d3041badff35b981f92268e88`

16

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4833`
MD5	`40c55c469beafffe891e1a6aeab5e936`
SHA1	`f8118c4db7beacbf059ce58066c72a2c4fca2395`
SHA256	`1356f3c812c3fcf027aea1e88e6df2675b37515d5d245e3a367f44ed46340aee`
SHA3	`6835455ffb5a572be00eb6507dba9bed95ddf48e9bbd2b70fd013725c34a3734`

17

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.24527`
MD5	`8f2abb5f401ebb8c196963559eb6d9a8`
SHA1	`c8d92971678de6eb885d634cf8fb96e1d59bd288`
SHA256	`a6262a0178ec793f650cb107a5827b1b001230f3d68e7c6aef53a88f3980deba`
SHA3	`82d86bb797ebe742733b30247b5347e89792d841807f9c730ac2d004d363df9d`

18

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.87284`
MD5	`77f45256cb89616b5190b138ad497792`
SHA1	`3cf0f68b0ff5e374423168a3b692b3c96f2dbc18`
SHA256	`1bfebea0cc7473a3f33ab521ec9e06c9c68f675df846e6692c56e6fa0fb058a7`
SHA3	`17219559706e178ccdff1897a871ffb169f57c8e5be6b94cc30f1a6b7508a201`

19

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.96704`
MD5	`07ec24401fc4cc0a26347a72ef04a8e0`
SHA1	`a19db60a8d5baee0ba598f8dbaf6704bb89c8641`
SHA256	`3d798df1cddb3bc008395fb00d18bf373ae3358b23796d65f317dec6fb4357fe`
SHA3	`35e75f626431d2b86ded4b0c738a3c7443c92a52fc4f8c9e5df1acaf684b78c7`

20

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.52174`
MD5	`c32cf24db842e504f9c5855985f856ad`
SHA1	`779298786d30f2247520e0a1d28e1f36c99afa20`
SHA256	`6bb498c3fd05817037adc80f3df3c9f3892e70e7f34437651c265d0e3c40eb5d`
SHA3	`a57ae97ebf0f8a98bc39e7289f165639dd2d6a02ce9c4669093f55bb31ac3d04`

21

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.17091`
MD5	`5a5039d57ac29791ef3d4b2808e50822`
SHA1	`73bb132b939a24f5afa2d28de67c06f0d16fea8a`
SHA256	`892800a700d3ae166cdfbf666c5d27d6fe175a7061622cb53827d32567561176`
SHA3	`cc7f017dbea0526569b10f324426218bba3636571c2337f5dcec4e893dfc4493`

22

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99831`
MD5	`a7ce64bc192366a1d58443575e10782f`
SHA1	`134c9e61569c7bb6ac598030f5f54b89ce223b28`
SHA256	`ccf6f697530d2c1670e0feb5f09668e230f1939122c4f28613876dbecf7af36e`
SHA3	`0387c2ff141f886a45d5fd262f29515c055d5593fb06a210df5b597f4d1222f6`

109

Type	`RT_MENU`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x50`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24529`
MD5	`3768d661f1606dafe0bbd6dbcbb1aa50`
SHA1	`250a2f56a3becde33eceeb3ef69a502fc3bdfcca`
SHA256	`8f0d417b64215ec2f33379d29e91fbdcd15cd710652ef28e0478c7f4be0a030c`
SHA3	`e3cf07897350f1c39ad0376f00125782ae1786e1592554044d93e4f679f73935`

103

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x12c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.29745`
MD5	`86ebbc743afdd5c8ba295bc4e1db901a`
SHA1	`48f85aa58e7bab22907af2298a010c8ced0f3957`
SHA256	`af59f0668061c4f1715f787f41c79e63149adb8c1954928e768843b0e1fe3fb6`
SHA3	`9172b9db6c7aad959496fca96c6d32d05e3fbecb27c80354085002018d2ec82d`

7 (#2)

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.20611`
MD5	`6bfbfb6d4e547fa9c600fa1ab80f5cc8`
SHA1	`22f98edb04f0789a6a381a488e9bf28bfc2bd6cf`
SHA256	`6a4ee36da11db3e717bb413c8b871a04e26cbacc3ebdbf5a3fc1d7190e78f78a`
SHA3	`97b2f5e4794635ca17d964c035424afad715267c2e4d5fff7936616f949e5b24`

109 (#2)

Type	`RT_ACCELERATOR`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x10`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.79879`
MD5	`3d2b1af3424dbcd504f73918619c7d99`
SHA1	`10d6ed54ea742211a14a05414883f6c00c03080a`
SHA256	`c2f0c188d6c493d7827bf83fb89c704815796445a0178bb2ae79658d96703a3c`
SHA3	`b8c5f28d2c132e5bc304e4dc1b314a3f32a2e48675c06828a2a8a014ea05e7fb`

107

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.69213`
Detected Filetype	Icon file
MD5	`c5f84a4bc2a3faf5d6582c0b6835b441`
SHA1	`085a5a618bd5602c9b9726b65f8de23377ad5cd7`
SHA256	`9eb9e4304e9b39a5838d258926bedb9244967870c6aa555747c899532825c2d8`
SHA3	`632f4852382ef6ff03d9174da6be1e6e8021fb77be61416183111b0b79be6271`

108

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.75087`
Detected Filetype	Icon file
MD5	`bb330e279d4b4fa396b43dae2315336e`
SHA1	`35824ef366a9b7dbf79ceebbc8c972d3b8efc402`
SHA256	`a73032b07128dec1a07a4e734955ae7f55104fd8cb63adb2e6a1bcda80b9c0dd`
SHA3	`446b000c5f84f4bb4bd12bcc91da168e0b4c8e87eaf94dfc7a5004e4a7ae6380`

132

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.81411`
Detected Filetype	Icon file
MD5	`bc603f82f8f38b053481e7b513817268`
SHA1	`13bef18b69ab9d67c274058c952273a8fabf4356`
SHA256	`c3b08b0734fb3d0dbb37c93041fc455bfe58911476191cacbd0349137739abfe`
SHA3	`ae8cd237feb04f27612523b5a9e426cf1df847c8c777f4716d3c2e5c59d1fd5d`

1 (#2)

Type	`RT_VERSION`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x2d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.77131`
MD5	`1bc8c113fadd0805aa97622def088c69`
SHA1	`2913a347bc9d3e4fe5e4a60bdc6051d8e0e76310`
SHA256	`39c94d6ae9b895d9216d5885a7374b73505c5aff3e3554cabe3d9ad7294cfe40`
SHA3	`33569459863eb3678e1dc70f1cd272e8911937ab3d6d1284e099de3c35b6a7e5`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.94904`
MD5	`e54df675446f104f3e6153a586774b18`
SHA1	`2f5a10f15684b67189b923111f804cace29d5ae2`
SHA256	`45cb3493020782cfcd906fb9afbf72d7f973b6e425fc5d3bd88a429e8ea395b1`
SHA3	`0c19618a4c7e6c8a7d54b8702d0132f746eb83cfff35aa7a8d49792cfda314df`

String Table contents

DnPakStudio
DNPAKSTUDIO

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.4.4984.28883
ProductVersion	2.4.4984.28883
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Chinese - PRC
FileDescription	é¾ä¹è°·è¡¥ä¸å·¥å
FileVersion (#2)	2.4.4984.28883
InternalName	DnPakStudio.exe
LegalCopyright	Copyright Â© 2013 ãç¬æ åã. All Rights Reserved.
OriginalFilename	DnPakStudio.exe
ProductName	é¾ä¹è°·è¡¥ä¸å·¥å
ProductVersion (#2)	2.4.4984.28883

Resource LangID	Chinese - PRC

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2013-Aug-24 08:13:42
Version	`0.0`
SizeofData	`112`
AddressOfRawData	`0x13d100`
PointerToRawData	`0x13b700`
Referenced File	E:\ç³»ç»æä»¶å¤¹\æçææ¡£\Visual Studio 2010\Projects\dnp\Release\DnPakStudio.pdb

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x5592f0`
SEHandlerTable	`0x544800`
SEHandlerCount	`770`

RICH Header

XOR Key	`0xf29a3c0a`
Unmarked objects	`0`
C++ objects (VS2008 SP1 build 30729)	`1`
C objects (VS2008 SP1 build 30729)	`12`
Imports (VS2008 SP1 build 30729)	`35`
Total imports	`748`
ASM objects (VS2010 SP1 build 40219)	`43`
C objects (VS2010 SP1 build 40219)	`179`
C++ objects (VS2010 SP1 build 40219)	`369`
175 (VS2010 SP1 build 40219)	`2`
Resource objects (VS2010 SP1 build 40219)	`1`
Linker (VS2010 SP1 build 40219)	`1`

Errors

Leave a comment

No comments yet.