Manalyze report for d107a0aa6b9bd18f79b28529d7b84624

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	1992-Jun-19 22:22:17
Detected languages	English - United States Russian - Russia
FileDescription	InnoUnp - Inno Setup Unpacker
ProductName	Inno Setup Unpacker
ProductVersion	`0.50`
FileVersion	`0.50`
InternalName	innounp.exe
OriginalFilename	innounp.exe
LegalCopyright	Copyright (c) 2004-2006 QuickeneR.
Licence	GNU General Public License (GPL)
Info	http://innounp.sourceforge.net/

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: http://innounp.sourceforge.net http://innounp.sourceforge.net/ innounp.sourceforge.net sourceforge.net`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: LoadLibraryExA GetProcAddress` `Can access the registry: RegQueryValueExA RegOpenKeyExA RegCloseKey`
Suspicious	The PE header may have been manually modified.	`The resource timestamps differ from the PE header: 2020-Dec-18 21:05:40`
Malicious	VirusTotal score: 3/70 (Scanned on 2024-06-06 05:12:14)	`APEX: Malicious` `Lionic: Virus.Win32.Neshta.n!c` `Trapmine: malicious.moderate.ml.score`

Hashes

MD5	`d107a0aa6b9bd18f79b28529d7b84624`
SHA1	`d964660cf0bec894173f33c429c3908b082b6e82`
SHA256	`9b72ad9f93d167652a0e2bf3921abdfd3e6747c5e718461a2e58b9dfacd31f4c`
SHA3	`c0543a6e9d3ed0b44226c337a3696ec7fe1a87550015f04e2f0c3b8966e865fe`
SSDeep	`12288:bK55LmgD2QMqUIwBjKGk9BTyP/iYi+ERJvHl9RjT:bKLagyXkTg/ti+EPvHfpT`
Imports Hash	`28b691ab7b94e2832ec71ab5d6a816f5`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`8`
TimeDateStamp	1992-Jun-19 22:22:17
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x97800`
SizeOfInitializedData	`0x13a00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00097D4C (Section: CODE)`
BaseOfCode	`0x1000`
BaseOfData	`0x99000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xb2000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

CODE

MD5	`cccf9c0c6055d2eb8cd4aa8d9ea75b05`
SHA1	`6bfa3e88470992f1953feab2b2f1bc0044367c8d`
SHA256	`f95719175681d215dd59502a3f8c2334a17403c2ccc881e91d2d48b1433569b7`
SHA3	`97f4f67200cfb1579bc4eb04271c563ef3f66048118f665da2a7a7d570630ce2`
VirtualSize	`0x976c4`
VirtualAddress	`0x1000`
SizeOfRawData	`0x97800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.4225`

DATA

MD5	`223ddc8b8527c3c95ee4e32c6d5641ce`
SHA1	`490d29f2c142741f11648f52d10aa1811aadab15`
SHA256	`09de6b32ee9bc5fce9f8937ea545879e4c0eb63ed2dd898e11c06430004f7e93`
SHA3	`7e87904682c0dc4e724247134a522c7c167d0a319b0ecc35b4673f5eced1acec`
VirtualSize	`0x72bc`
VirtualAddress	`0x99000`
SizeOfRawData	`0x7400`
PointerToRawData	`0x97c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.58635`

BSS

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x12d9`
VirtualAddress	`0xa1000`
SizeOfRawData	`0`
PointerToRawData	`0x9f000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`bcf324708ef816cf48e120c043a99df3`
SHA1	`2e1897441653f9fd41a75c91af24d667e4aa50cf`
SHA256	`b0f83b4b5cbbc7c91894aba96f71ba127c67db5cea74810310a6da7dd82aeeda`
SHA3	`bf603009d3b26c5360b8d401e7bbb1f61766c8dad49f672fdec5b15c3008fb77`
VirtualSize	`0xce6`
VirtualAddress	`0xa3000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x9f000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.59773`

.tls

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0xc`
VirtualAddress	`0xa4000`
SizeOfRawData	`0`
PointerToRawData	`0x9fe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.rdata

MD5	`abd4d3dbea15593afcc659ee8a725fa0`
SHA1	`9538a0c6adc9416a32efbec98ed5a202e11c621e`
SHA256	`0357b8be2fb864c187434416c423a9e26edb25fc0b2b61227f91112e77fc6519`
SHA3	`db35110b9c1bc46bed8b3959a23e7a3ebe7408a25290e7a0e0c8c7b457143fa1`
VirtualSize	`0x18`
VirtualAddress	`0xa5000`
SizeOfRawData	`0x200`
PointerToRawData	`0x9fe00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`0.210826`

.reloc

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x8eec`
VirtualAddress	`0xa6000`
SizeOfRawData	`0`
PointerToRawData	`0xa0000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`

.rsrc

MD5	`b0ee4c5f4536946b76a7d86d24784867`
SHA1	`973184ee64dc1110ac59403dec00a1225dd6e165`
SHA256	`a3123f260289fb8a4cb7936d1c51b88fa7e3db6335f8b972095f81276c78c495`
SHA3	`74869dca1509072ab5a49f41c5d3dfc507191c4e78d313589cbfdf769e00e9fd`
VirtualSize	`0x2600`
VirtualAddress	`0xaf000`
SizeOfRawData	`0x2600`
PointerToRawData	`0xa0000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`4.45356`

Imports

kernel32.dll	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `GetVersion` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
user32.dll	`GetKeyboardType` `LoadStringA` `MessageBoxA` `CharNextA`
advapi32.dll	`RegQueryValueExA` `RegOpenKeyExA` `RegCloseKey`
oleaut32.dll	`SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
kernel32.dll (#2)	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `GetVersion` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
kernel32.dll (#3)	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `GetVersion` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
user32.dll (#2)	`GetKeyboardType` `LoadStringA` `MessageBoxA` `CharNextA`
kernel32.dll (#4)	`DeleteCriticalSection` `LeaveCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `VirtualFree` `VirtualAlloc` `LocalFree` `LocalAlloc` `GetVersion` `GetCurrentThreadId` `InterlockedDecrement` `InterlockedIncrement` `VirtualQuery` `WideCharToMultiByte` `MultiByteToWideChar` `lstrlenA` `lstrcpynA` `LoadLibraryExA` `GetThreadLocale` `GetStartupInfoA` `GetProcAddress` `GetModuleHandleA` `GetModuleFileNameA` `GetLocaleInfoA` `GetLastError` `GetCommandLineA` `FreeLibrary` `FindFirstFileA` `FindClose` `ExitProcess` `WriteFile` `UnhandledExceptionFilter` `SetFilePointer` `SetEndOfFile` `RtlUnwind` `ReadFile` `RaiseException` `GetStdHandle` `GetFileSize` `GetFileType` `CreateFileA` `CloseHandle`
oleaut32.dll (#2)	`SysFreeString` `SysReAllocStringLen` `SysAllocStringLen`
comdlg32.dll	`GetOpenFileNameA`

Delayed Imports

4090

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x200`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`3.12096`
MD5	`4b5a7d61a241e574a34d79f6f2bbe2e3`
SHA1	`d589f2500fe8c54cba77f139f988aed9052274a8`
SHA256	`42116a7119937662f362dfc9eb09af5101685ad59afbddcfa7a579aca6dc7767`
SHA3	`a8e68c8cfd27ea8d5ae7b55d7d50f734d9cc2848e4b0afa2871458125ca4749b`

4091

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x17c`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`3.11453`
MD5	`2536543e9329e8c2afabe095ddcfef81`
SHA1	`e503dbf025acb73e687e9a09dad6c20642a7f193`
SHA256	`dbf55b6ab5ee89efa166e87c1d48516e6c89594495f7464fce58a51171626a77`
SHA3	`c6fda8287d3982b00d6b8ed3b765f175cf18d1760a274d6b456232e56c09840d`

4092

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xec`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`3.0171`
MD5	`6df726e1c32fcc209b07058892dc17cd`
SHA1	`461e3ec886ac47995c794ad19d7c5c4f43d6c6cf`
SHA256	`5546566866f4492b408eb6e88129e980a245bf15887a12f3929dfc30cd96c8d1`
SHA3	`0f2c119ac9eb0e4070d31abe6e289238aff32aff5cfcc53f2c4f38619133103e`

4093

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x20c`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`3.25818`
MD5	`c051d200f2cb26177ab1fe689b5855d5`
SHA1	`d689a757f6b1c3b4bac61e402fdabe3100822380`
SHA256	`43db115baa8926f5a11e2ee888444297ec14ffc24284678690c65bad78ab7c3a`
SHA3	`de0a0ed9bd58c0088fec270a58f42d76cab70549400f80d91ed3184415186459`

4094

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3d0`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`3.18412`
MD5	`e374d658a83bec76ed34b22c7fdca7ad`
SHA1	`c6ed53cffc92bfcf7107f97c25833a274e8483bc`
SHA256	`7e4f7da8176f408a8e8e7ebd8f2f9da9ca23c95b6a6d5188a13b8f388332289a`
SHA3	`6c1130277bf61e21c2e24233b2e0d26855289b005a2594fc50995de2bb75ef19`

4095

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x358`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`3.26663`
MD5	`28cc8896ab09846f9dcdb6b6ff55e8e9`
SHA1	`770687a7ad7dfecdc6174a9996e8b9c29227a989`
SHA256	`917afd027cd1b911d3a95faec12cee2d2fd17e3bef88ad2dabb093a73976ae3f`
SHA3	`4d00cfa81adda0c8da184ad1ceba7954862927632bc94d9c4311c733a03aaec9`

4096

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2c0`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`3.16152`
MD5	`2014c4998ddb899c7bd2509f76bae38c`
SHA1	`1915a6b0a273b5572fae13947a0f11bae83b5e6a`
SHA256	`66632b0e362eeaa2c9660fad5883e531ecc6ab947cb7d5c1293ac146f025c3f8`
SHA3	`c653157992d29071024057418d086af3398fee5a65c3b24235fba0cfa58fd4f5`

DVCLAL

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`4`
MD5	`d8090aba7197fbf9c7e2631c750965a8`
SHA1	`04f73efb0801b18f6984b14cd057fb56519cd31b`
SHA256	`88d14cc6638af8a0836f6d868dfab60df92907a2d7becaefbbd7e007acb75610`
SHA3	`a5a67ad8166061d38fc75cfb2c227911de631166c6531a6664cd49cfb207e8bb`

PACKAGEINFO

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd08`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`4.84171`
MD5	`8506f196dd8346c7793b1da677bed8dc`
SHA1	`28065ebcfaa1f34c1d0211bbb1704d1b05bf38fc`
SHA256	`86c71fd8f8125ce6537d2f3068ad4d90ca5981513eb1675e40fc998ff9125ca8`
SHA3	`592493902df6988db0be0baf1e13836de5d69b5d3769833ea27f4f4ab35fab8f`

1

Type	`RT_VERSION`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x374`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`3.36968`
MD5	`3e49662a40f9ea83079dba08f917579c`
SHA1	`e6fa82e2713f162b14144cf8b8ee87dbd3263391`
SHA256	`68e27f46fb55f60b19270f02dcbf0481ef360485add77c4c71e89808c566305b`
SHA3	`d3ce86e5019dc6163624e7bce80c50bb8558050ddfb46126d54959c9e60625aa`

1 (#2)

Type	`RT_MANIFEST`
Language	Russian - Russia
Codepage	UNKNOWN
Size	`0x180`
TimeDateStamp	2020-Dec-18 21:05:40
Entropy	`4.89137`
MD5	`5ff15ff0c3d02e1831af0621b27c7a9a`
SHA1	`9653a75d46facd4c9fb2c1ed2149631568bd9b0f`
SHA256	`6912b10e7f0cbee747d6c6fa92a3a80d6cf527c8cf7187142ab1cf6222062b9c`
SHA3	`47820a7da0a9ac62632366595c68bc6686595368cefc6f0b64a056c03e8bebca`

String Table contents

Cannot open file "%s". %s
Invalid property value
List capacity out of bounds (%d)
List count out of bounds (%d)
List index out of bounds (%d)
Stream read error
%s.Seek not implemented
Operation not allowed on sorted list
Stream write error
Mon
Tue
Wed
Thu
Fri
Sat
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Cannot assign a %s to a %s
String list does not allow duplicates
Cannot create file "%s". %s
Oct
Nov
Dec
January
February
March
April
May
June
July
August
September
October
November
December
Sun
Interface not supported
Exception in safecall method
%s (%s, line %d)
Abstract Error
Access violation at address %p in module '%s'. %s of address %p
System Error. Code: %d.
%s
A call to an OS function failed
Jan
Feb
Mar
Apr
May
Jun
Jul
Aug
Sep
Write
Error creating variant or safe array
Variant or safe array index out of bounds
Variant or safe array is locked
Invalid variant type conversion
Invalid variant operation
Invalid variant operation (%s%.8x)
%s
Could not convert variant of type (%s) into type (%s)
Overflow while converting variant of type (%s) into type (%s)
Variant overflow
Invalid argument
Invalid variant type
Operation not supported
Unexpected variant error
External exception %x
Assertion failed
Floating point overflow
Floating point underflow
Invalid pointer operation
Invalid class typecast
Access violation at address %p. %s of address %p
Access violation
Stack overflow
Control-C hit
Privileged instruction
Operation aborted
Exception %s in module %s at %p.
%s%s

Application Error
Format '%s' invalid or incompatible with argument
No argument for format '%s'
Variant method calls not supported
Read
Invalid argument to time encode
Invalid argument to date encode
Out of memory
I/O error %d
File not found
Invalid filename
Too many open files
File access denied
Read beyond end of file
Disk full
Invalid numeric input
Division by zero
Range check error
Integer overflow
Invalid floating point operation
Floating point division by zero

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.50.0.0
ProductVersion	0.50.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
FileDescription	InnoUnp - Inno Setup Unpacker
ProductName	Inno Setup Unpacker
ProductVersion (#2)	0.50
FileVersion (#2)	0.50
InternalName	innounp.exe
OriginalFilename	innounp.exe
LegalCopyright	Copyright (c) 2004-2006 QuickeneR.
Licence	GNU General Public License (GPL)
Info	http://innounp.sourceforge.net/

Resource LangID	Russian - Russia

TLS Callbacks

StartAddressOfRawData	`0x4a4000`
EndAddressOfRawData	`0x4a400c`
AddressOfIndex	`0x4990c0`
AddressOfCallbacks	`0x4a5010`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`(EMPTY)`

Load Configuration

RICH Header

Errors

[*] Warning: Section BSS has a size of 0!
[*] Warning: Section .tls has a size of 0!
[*] Warning: Section .reloc has a size of 0!