Manalyze report for cd34135861112338b55e8cf1dc3239e5b0ec290810bcbc1e3b411bc6366a816b

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Mar-08 23:05:20
Detected languages	English - United States
CompanyName	trske lnintervallers echinocereus
FileDescription	prehemiplegic
FileVersion	`1.2.0.0`
OriginalFilename	udsmidninger.exe
ProductName	brunsttid linningens

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: http://nsis.sf.net http://nsis.sf.net/NSIS_Error nsis.sf.net`
Suspicious	The PE is an NSIS installer	`Unusual section name found: .ndata`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExW GetProcAddress` `Can access the registry: RegEnumValueW RegEnumKeyW RegQueryValueExW RegSetValueExW RegCloseKey RegDeleteValueW RegDeleteKeyW RegOpenKeyExW RegCreateKeyExW` `Possibly launches other programs: CreateProcessW` `Can create temporary files: CreateFileW GetTempPathW` `Functions related to the privilege level: AdjustTokenPrivileges OpenProcessToken` `Can shut the system down or lock the screen: ExitWindowsEx`
Info	The PE is digitally signed.	`Signer: Deviationspl` `Issuer: Deviationspl`
Malicious	VirusTotal score: 10/70 (Scanned on 2026-05-14 08:32:55)	`APEX: Malicious` `CrowdStrike: win/malicious_confidence_100% (D)` `Elastic: malicious (high confidence)` `Kaspersky: UDS:Trojan-Downloader.Win32.Minix` `Microsoft: Trojan:Win32/Sonbokli.A!cl` `Paloalto: generic.ml` `Sangfor: Trojan.Win32.Save.a` `Symantec: Scr.NSISHeur!gen3` `TrendMicro-HouseCall: Trojan.Win32.VSX.PE04CA1` `huorong: Trojan/Injector.bql`

Hashes

MD5	`dc132f1b51f74dba47c32366c035a630`
SHA1	`18a1c20eca02f9ab169e1d1870c84dd8dce75cbc`
SHA256	`cd34135861112338b55e8cf1dc3239e5b0ec290810bcbc1e3b411bc6366a816b`
SHA3	`8ef41bb1ffbc84c6b2d93576134a8b959ddcf5d5aa1886f18240fca7afebdebe`
SSDeep	`12288:MTABJahivBwjzZBC83TSY1wdG+yskU83AeFnKf9sM5D4FIATG31Ywoz:MTABJaYBw5IaTtudGCMAeFnO+I/Hoz`
Imports Hash	`573bb7b41bc641bd95c0f5eec13c233b`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xd8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2025-Mar-08 23:05:20
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x6a00`
SizeOfInitializedData	`0x2d200`
SizeOfUninitializedData	`0x800`
AddressOfEntryPoint	`0x0000358D (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x8000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`6.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x6a000`
SizeOfHeaders	`0x400`
Checksum	`0xa047c`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`94737d36b692e6ce59779da29276e9c8`
SHA1	`404ffd0e99a36598d581f0deacadf58c31b81d76`
SHA256	`787c8bd338cc402b56aef79522566487fdabe71002273f1d61ce33d95a2169f0`
SHA3	`665383489e0ae2585e100f5d3ff3c374634934f15cda26f93559903cb218a967`
VirtualSize	`0x6933`
VirtualAddress	`0x1000`
SizeOfRawData	`0x6a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.48911`

.rdata

MD5	`830eee471db242c9b32a1101979a5864`
SHA1	`20670ffd0ac07ff2f163663df488d0bcb50a239d`
SHA256	`24f50a92df2985fbe4e63fdb8aa01b8822dc5b9249aca403ac13ef300bd19429`
SHA3	`2f7c867f1b73add842cb3153a0233ba004e4f2cc4ac7ad9b3d5f7c8c5d548f94`
VirtualSize	`0x1464`
VirtualAddress	`0x8000`
SizeOfRawData	`0x1600`
PointerToRawData	`0x6e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.97094`

.data

MD5	`75e4d782d218f1e0e97d1f4aa26f7911`
SHA1	`18ba47233a004a3adc6589c8191cf98e30694f97`
SHA256	`bf0018ee8238ec05803110c1d17310d37416bf72548b9912c00f5cecc209d7d0`
SHA3	`fcfb042b8f00be3ccf01cf41bed67736c2e03884e63075ffd81bafefb4702d59`
VirtualSize	`0x2a818`
VirtualAddress	`0xa000`
SizeOfRawData	`0x600`
PointerToRawData	`0x8400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.17431`

.ndata

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x2c000`
VirtualAddress	`0x35000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rsrc

MD5	`585f2a33cef216d0e50a27b155c883e9`
SHA1	`f4f479aa5331cfa67ed344e0ae460653f170c88f`
SHA256	`fe91aea3a1f4856835d0e077ef781f1041d52f797be52cac1bf33df54830aa2d`
SHA3	`35915e28004fb4908bf3ed5abdd3e476d1871ffd996765313bbe40f4ba9e9c6d`
VirtualSize	`0x8320`
VirtualAddress	`0x61000`
SizeOfRawData	`0x8400`
PointerToRawData	`0x8a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.70843`

Imports

ADVAPI32.dll	`RegEnumValueW` `RegEnumKeyW` `RegQueryValueExW` `RegSetValueExW` `RegCloseKey` `RegDeleteValueW` `RegDeleteKeyW` `AdjustTokenPrivileges` `LookupPrivilegeValueW` `OpenProcessToken` `RegOpenKeyExW` `RegCreateKeyExW`
SHELL32.dll	`SHGetPathFromIDListW` `SHBrowseForFolderW` `SHGetFileInfoW` `SHFileOperationW` `ShellExecuteExW`
ole32.dll	`CoCreateInstance` `OleUninitialize` `OleInitialize` `IIDFromString` `CoTaskMemFree`
COMCTL32.dll	`ImageList_Destroy` `#17` `ImageList_AddMasked` `ImageList_Create`
USER32.dll	`MessageBoxIndirectW` `GetDlgItemTextW` `SetDlgItemTextW` `CreatePopupMenu` `AppendMenuW` `TrackPopupMenu` `OpenClipboard` `EmptyClipboard` `SetClipboardData` `CloseClipboard` `IsWindowVisible` `CallWindowProcW` `GetMessagePos` `CheckDlgButton` `LoadCursorW` `SetCursor` `GetSysColor` `SetWindowPos` `GetWindowLongW` `IsWindowEnabled` `SetClassLongW` `GetSystemMenu` `EnableMenuItem` `GetWindowRect` `ScreenToClient` `EndDialog` `RegisterClassW` `SystemParametersInfoW` `CharPrevW` `GetClassInfoW` `DialogBoxParamW` `CharNextW` `ExitWindowsEx` `DestroyWindow` `CreateDialogParamW` `SetTimer` `SetWindowTextW` `PostQuitMessage` `SetForegroundWindow` `ShowWindow` `wsprintfW` `SendMessageTimeoutW` `FindWindowExW` `IsWindow` `GetDlgItem` `SetWindowLongW` `LoadImageW` `GetDC` `ReleaseDC` `EnableWindow` `InvalidateRect` `SendMessageW` `DefWindowProcW` `BeginPaint` `GetClientRect` `FillRect` `DrawTextW` `EndPaint` `CharNextA` `wsprintfA` `DispatchMessageW` `CreateWindowExW` `PeekMessageW` `GetSystemMetrics`
GDI32.dll	`GetDeviceCaps` `SetBkColor` `SelectObject` `DeleteObject` `CreateBrushIndirect` `CreateFontIndirectW` `SetBkMode` `SetTextColor`
KERNEL32.dll	`lstrcmpiA` `CreateFileW` `GetTempFileNameW` `RemoveDirectoryW` `CreateProcessW` `CreateDirectoryW` `CreateThread` `GlobalLock` `GlobalUnlock` `GetDiskFreeSpaceW` `WideCharToMultiByte` `lstrcpynW` `lstrlenW` `SetErrorMode` `GetVersionExW` `GetCommandLineW` `GetTempPathW` `GetWindowsDirectoryW` `SetEnvironmentVariableW` `WriteFile` `ExitProcess` `GetCurrentProcess` `GetModuleFileNameW` `GetLastError` `GetFileSize` `GetTickCount` `Sleep` `SetFileAttributesW` `GetFileAttributesW` `SetCurrentDirectoryW` `MoveFileW` `GetFullPathNameW` `GetShortPathNameW` `SearchPathW` `CompareFileTime` `SetFileTime` `CloseHandle` `lstrcmpiW` `lstrcmpW` `ExpandEnvironmentStringsW` `GlobalFree` `GlobalAlloc` `GetModuleHandleW` `LoadLibraryExW` `FreeLibrary` `WritePrivateProfileStringW` `GetPrivateProfileStringW` `lstrlenA` `MultiByteToWideChar` `ReadFile` `SetFilePointer` `FindClose` `FindNextFileW` `FindFirstFileW` `DeleteFileW` `MulDiv` `lstrcpyA` `MoveFileExW` `lstrcatW` `GetSystemDirectoryW` `GetProcAddress` `GetModuleHandleA` `GetExitCodeProcess` `WaitForSingleObject` `CopyFileW`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50467`
MD5	`49f1ba6c416b1d86c897ff917770dcc9`
SHA1	`ccb0c21ca6c652da99a269e494fd5f67e55c36e8`
SHA256	`575b37ff915f46ce7efc47a57e3c68bcdc5e848ff96c6e84f38020893ddc4215`
SHA3	`217b563b7e342a35d15ae827b38d1f7ac78ee6d5d032672b13c318c79dcbe530`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.69798`
MD5	`196a22288654ec0fb8fe59eba24b1dce`
SHA1	`6774b619a13b958c94e879c5990a72f7fe6df559`
SHA256	`ab3eb0f7b8f4d55ed9915fd4041c372e18a8c3b1572e685edeec5298045fab2e`
SHA3	`2ed8dbd3376b4bb5a8ee6104f007ebb650371d7cfb8f7be3b203c8439959649a`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.22326`
MD5	`40f5f832cc50da78e9d9f172bd3b1a76`
SHA1	`12eaa77cf94567318620219b2600037d00ab1044`
SHA256	`d2596232fcfdce06c7b92ec333152e470126d9da867343870962a7248d5a59da`
SHA3	`51f7ff73c616d096ba22e0449751db7bf8267412c982c29cb046504cda17ea2a`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32702`
MD5	`fce7135bd62aea35f464e8e402a33f81`
SHA1	`3365e3191acab5347c57964d8a33c319e7f0c44a`
SHA256	`b653e316bda1b6256ca06cad7dcd205fafc37ce8698aae2793eea9c39f2c9ec9`
SHA3	`5a014b90cbfae93adfb3e130436d1919ebe2a1a1611fe4f1a61d56211cc0b6ff`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.04494`
MD5	`a091d997cb52572a382e81735618b20a`
SHA1	`51bdfad46416deae3a3d4d725d2c807f04bf70a7`
SHA256	`3a8a4c1940637f2b3306c6a2799a799ddecf5a1ab288c0c3ddc17f0cffffa10e`
SHA3	`c369fe479f554422127063d15a383ef57beacee5f6a2cff20438c7ee6acf7b77`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.80461`
MD5	`75fc52e0d09b3243762ccb0da697edc8`
SHA1	`b2ed931de3277e55ea62645115d46836c2da65f0`
SHA256	`9676897115720476764e5676460ca8d23131f637f69a2851fbfad94d2f67bcf5`
SHA3	`5c11a9c66930d3087f77124ec5db8a8fcf02a3801a809fb8fc04604dbee890a8`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.59913`
MD5	`c2ec5f955da689298560f8561326e30a`
SHA1	`0415367966aa9690f33c35af647f56a35014db8b`
SHA256	`e3c50d4dff1d97267df28c4e88a94303d1f422de8def8ff65befa21613e9c83f`
SHA3	`9a72920066280f437db288ad3200a6d791fcd1ee8c4a633dcf7f68bf83d28de3`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.34391`
MD5	`e64a2ff39b7df5174d67538b529f4ae4`
SHA1	`b5d2a40dab1be6bf5bc1378ffd1d469b06773abf`
SHA256	`98b5fcea28626570f063aef3c45ce2d28a7d2638dc101c5931d00daa3b099000`
SHA3	`b682fd1d61f8d96fd238aa64fe402d090f10b13318fb7eb62cc3dcd9d8ee2b99`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.09941`
MD5	`709d27d76ec48c8b34c7266de9b8345b`
SHA1	`1a5320268104023f98a9c30e4cf1e8288c207ac1`
SHA256	`467e303c8c17c9e02a44d95cc426e7955a7ebabca66ae5a177cd054afa5a6334`
SHA3	`2618e452918f44d4f8ef9ca779b95d254d1e2e268ef6328c26108577420e266e`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.88864`
MD5	`979c53527a86b1dc579519af8efc1314`
SHA1	`9771761f8942310726bf6b95eef101d4467c108b`
SHA256	`f49b8542103a530f401c0517cb79ecdbc9d775ab8c21ca289a6ecc1d42e0111d`
SHA3	`4cde2fff6f8a8326d1a3d9a35163afca35c24993916603a5fb7bb37c3780cdde`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.90617`
MD5	`4a320ee1e834b700b8efe4c87622f5a8`
SHA1	`a94915fc995abacb7ed5a98be60b4178706baaab`
SHA256	`0c236c06266619a0bd69e21fab798dca304403a5e893f109315ead0ed49714b4`
SHA3	`cf0a5a957d144cbd700aa7ea6b8138babcaaf72d7f3734ec961e68ba05b68a67`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71666`
MD5	`f44bfaf2e58dac22576f0f45d47afca6`
SHA1	`dd5bff13e587e2831cc3353dee9217cd8d9e69a1`
SHA256	`ab2346b49e119fc4e8c0cf859546029ec08a1ea2fca87f3d38f6af00190ddd7e`
SHA3	`4b5ddb2587e31751fbb236588484e3fa91a95bc9719c443168cefecb04dccd02`

105

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x202`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.73893`
MD5	`386770584473e271f23dced36427f4ff`
SHA1	`d14ce95f784b35e4e3ebee535476ebcd3e380c19`
SHA256	`425b8270f7ca42a927eae6bea468acf414a3e4b58b5ba2c56aaae4d1b2c11014`
SHA3	`db13e5969376b27e8443eebff685230e2b74685aeb2fba73973f06e5cddc8662`

106

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.91148`
MD5	`fa83652660409e90e0db9731ad2adb17`
SHA1	`0a8f0af67723c87fe26ccf676b8e19ec6357b4dc`
SHA256	`4a55bd714f5d50cd8eabba10e57f0618f1842717dcfa582d73a917b1933cd1d4`
SHA3	`5b3e1cb25be7a2dbae4f08f0d4794ed23dbd6ea37a3f9702be12dba588f42a7b`

111

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xee`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92767`
MD5	`1db3e4c32b9560257ddf3506fef9dd3f`
SHA1	`6666e0c8336456cfacec71d84415c6516e9e2673`
SHA256	`587a03198c39f990e77691056bb5705e21374281862ce06de94c68172f50f763`
SHA3	`30ca0affc3f1d2ef8b37f2103db7581caaf88548823fb3ae1d308fae9738dab4`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06492`
Detected Filetype	Icon file
MD5	`756c3df7e9fb5f971b7b408a7629d2e4`
SHA1	`a7f6e84e784f20f0a2b4d2f30457fbe6509cf2b7`
SHA256	`75fd9f4d84588baa3497e46456481212106efc54e467b8d385762cf2a94fee38`
SHA3	`5738a7040e6e73af1e284b7ba016393a4cfe912eb3ab05abb0ab540e2be51228`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x24c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.19523`
MD5	`90ca9e3594197530dd6af44c6f8089a6`
SHA1	`921a3ce3a8f8e99c873b2d8a9f4747f14307fdac`
SHA256	`16aeb95a67bfd7ea3cc8703063a004445f5ff1e6744ac5bf527063e9c0f7fed7`
SHA3	`53beb6d356c4e980c5d888be4ac5b19c1b60a755944b74ae29449e07f2bbfb17`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x423`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.2963`
MD5	`662b16c4d985e3591933ad728bdcec2b`
SHA1	`5cb1bfabcf8cf16ea352e4c4fa6199ce584dc8eb`
SHA256	`5497d875c369bb57e73aa3fe6febe076565d9ca0cf3def3466b74c50b14476a9`
SHA3	`7c149f19a323bbd135c1060a473141451c5cbe68436930b8f0bba4bff533a7e6`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0`
FileVersion	1.2.0.0
ProductVersion	1.2.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	trske lnintervallers echinocereus
FileDescription	prehemiplegic
FileVersion (#2)	1.2.0.0
OriginalFilename	udsmidninger.exe
ProductName	brunsttid linningens

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xd24e50e9`
Unmarked objects	`0`
C objects (VS2003 (.NET) build 4035)	`2`
Total imports	`163`
Imports (VS2003 (.NET) build 4035)	`15`
48 (9044)	`10`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

Errors

[*] Warning: Section .ndata has a size of 0!

Leave a comment

No comments yet.