Manalyze report for d2513e69992107dc14c4ba9d458dcb35

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2012-Dec-06 20:17:13
Detected languages	English - United States
Comments	Xbox Backup Creator
CompanyName	Scene Release
FileDescription	Xbox Backup Creator - All the tools you need to create a working backup.
LegalCopyright	2006(c) Redline99
ProductName	Xbox Backup Creator
FileVersion	`2.09.0425`
ProductVersion	`2.09.0425`
InternalName	Xbox Backup Creator
OriginalFilename	Xbox Backup Creator.exe

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual Basic v5.0/v6.0` `Microsoft Visual Basic v5.0 - v6.0` `Microsoft Visual Basic v6.0`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA1`
Malicious	VirusTotal score: 28/68 (Scanned on 2019-11-27 15:06:43)	`DrWeb: Trojan.Siggen4.43251` `CMC: HackTool.Win32.Agent!O` `CAT-QuickHeal: PUA.AgentVMF.S7091861` `McAfee: PUP-XFV-CD` `Cylance: Unsafe` `Zillya: Tool.Agent.Win32.7959` `K7AntiVirus: Riskware ( 0040eff71 )` `K7GW: Riskware ( 0040eff71 )` `TrendMicro: HKTL_AGENT` `Symantec: Trojan.Gen` `TrendMicro-HouseCall: HKTL_AGENT` `Kaspersky: HackTool.Win32.Agent.shs` `Alibaba: HackTool:Win32/Agent.45a8485c` `NANO-Antivirus: Trojan.Win32.Agent.dxhiyy` `Sophos: Generic PUA BL (PUA)` `Comodo: Malware@#1x1vo65ig1u22` `VIPRE: HackTool.Win32.Agent (not malicious)` `McAfee-GW-Edition: PUP-XFV-CD` `Jiangmin: HackTool.Agent.bli` `Webroot: W32.Malware.Gen` `Endgame: malicious (high confidence)` `ZoneAlarm: HackTool.Win32.Agent.shs` `Malwarebytes: HackTool.Agent` `Panda: Trj/OCJ.E` `Rising: HackTool.Agent!8.335 (TFE:3:0PrBWUK3TnR)` `Yandex: Riskware.HackTool!zM6dR4QRxek` `MAX: malware (ai score=100)` `Fortinet: Riskware/Agent`

Hashes

MD5	`d2513e69992107dc14c4ba9d458dcb35`
SHA1	`1bfa23aa3411994229f1c411a32abcb90c34e387`
SHA256	`5c610d9b13f82b82c37a0f3ba7eb209d4ad132e0d1826aa96a56223bbc79a1ab`
SHA3	`6b6b999c0aec9be33978f96d51c28a4ff76e8c72dc5be8ed973ce73e22e4aeb4`
SSDeep	`49152:/tksNECro0cAIzyVMMhw/ItY1LDsAk8TZIND3ZaK3H:/tksNECro0cAIzyVMMhw/B1LDXHTZIN`
Imports Hash	`05ab45eff3baf12f746bd5269c548f8f`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xc0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2012-Dec-06 20:17:13
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.9`
SizeOfCode	`0x1f7000`
SizeOfInitializedData	`0x1b000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000155CC (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x1f8000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`2.9`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x213000`
SizeOfHeaders	`0x1000`
Checksum	`0x20dce8`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`8db1ea22e9da7fe0d0d7542c7f451e43`
SHA1	`f40c41d85ff63504dd16d1d3040240e132fbfb9c`
SHA256	`d81704072b7ccd50110428f50fe563d95daf04fc4612b6c2985ef2571827e493`
SHA3	`1bab390836f63d27ecf33bf3afaf934b3f1004133a81d7951a668e46367e4547`
VirtualSize	`0x1f6464`
VirtualAddress	`0x1000`
SizeOfRawData	`0x1f7000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.00696`

.data

MD5	`620f0b67a91f7f74151bc5be745b7110`
SHA1	`1ceaf73df40e531df3bfb26b4fb7cd95fb7bff1d`
SHA256	`ad7facb2586fc6e966c004d7d1d16b024f5805ff7cb47c7a85dabd8b48892ca7`
SHA3	`a99f9ed58079237f7f0275887f0c03a0c9d7d8de4443842297fceea67e423563`
VirtualSize	`0x80c0`
VirtualAddress	`0x1f8000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x1f8000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`48c9cd048176fb05a509d73e6c633bd5`
SHA1	`08997ff456bd1afd0ae0701bcc757ca30b260cb0`
SHA256	`3fe9c98f5033b190510785d9c833d5b0f4d4b867db1b5dbbd803e83065c7a081`
SHA3	`24fb2fec9c9a5b022b8c90599fc85e495340ef6b554bfb0fec911827e051b4a9`
VirtualSize	`0x1174c`
VirtualAddress	`0x201000`
SizeOfRawData	`0x12000`
PointerToRawData	`0x1f9000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.27637`

Imports

MSVBVM60.DLL	`EVENT_SINK_GetIDsOfNames` `__vbaVarTstGt` `__vbaVarSub` `#690` `__vbaStrI2` `#691` `_CIcos` `_adj_fptan` `__vbaHresultCheck` `__vbaVarMove` `__vbaStrI4` `__vbaVarVargNofree` `__vbaCyMul` `#694` `__vbaAryMove` `__vbaFreeVar` `__vbaLineInputStr` `__vbaGosubReturn` `__vbaLenBstr` `__vbaStrVarMove` `__vbaLateIdCall` `#588` `#697` `__vbaVarIdiv` `__vbaFreeVarList` `_adj_fdiv_m64` `__vbaFpCDblR8` `__vbaAryRecMove` `EVENT_SINK_Invoke` `__vbaRaiseEvent` `__vbaNextEachVar` `__vbaFreeObjList` `#516` `__vbaStrErrVarCopy` `_adj_fprem1` `#518` `__vbaRecAnsiToUni` `#519` `__vbaI2Abs` `#628` `__vbaCopyBytes` `__vbaResume` `__vbaVarCmpNe` `__vbaStrCat` `__vbaCyInt` `__vbaLsetFixstr` `#660` `#661` `__vbaSetSystemError` `__vbaRecDestruct` `__vbaLenBstrB` `__vbaHresultCheckObj` `__vbaVargVarCopy` `#665` `#558` `_adj_fdiv_m32` `__vbaAryVar` `Zombie_GetTypeInfo` `__vbaVarXor` `__vbaAryDestruct` `__vbaLateMemSt` `#591` `EVENT_SINK2_Release` `#592` `__vbaVarForInit` `__vbaExitProc` `__vbaForEachCollObj` `#300` `__vbaI4Abs` `#301` `#595` `__vbaOnError` `__vbaCyAdd` `__vbaObjSet` `__vbaStrLike` `#596` `_adj_fdiv_m16i` `#303` `__vbaObjSetAddref` `_adj_fdivr_m16i` `__vbaVarIndexLoad` `#598` `__vbaCyStr` `__vbaFpR4` `#306` `__vbaForEachCollVar` `__vbaStrFixstr` `#520` `__vbaBoolVar` `#307` `#522` `#309` `__vbaRefVarAry` `__vbaFpR8` `__vbaVarTstLt` `__vbaBoolVarNull` `_CIsin` `#524` `#709` `__vbaErase` `#631` `__vbaVarZero` `__vbaVargVarMove` `__vbaVarCmpGt` `#632` `__vbaLateMemStAd` `#525` `__vbaNextEachCollObj` `__vbaChkstk` `__vbaI2Cy` `__vbaGosubFree` `#526` `__vbaCyVar` `__vbaFileClose` `EVENT_SINK_AddRef` `#527` `__vbaGenerateBoundsError` `#528` `__vbaGet3` `#529` `__vbaExitEachColl` `__vbaStrCmp` `__vbaCyI2` `__vbaVarTstEq` `__vbaAryConstruct2` `__vbaPutOwner3` `__vbaR4Str` `__vbaCyI4` `__vbaObjVar` `__vbaNextEachCollVar` `__vbaI2I4` `__vbaVarLikeVar` `#561` `DllFunctionCall` `__vbaVarOr` `#563` `__vbaCySub` `#564` `__vbaFpUI1` `__vbaCastObjVar` `__vbaStrR4` `__vbaRedimPreserve` `__vbaLbound` `_adj_fpatan` `__vbaR4Var` `__vbaFixstrConstruct` `__vbaLateIdCallLd` `Zombie_GetTypeInfoCount` `__vbaStrR8` `__vbaR8Cy` `__vbaRedim` `__vbaRecUniToAnsi` `EVENT_SINK_Release` `__vbaNew` `#600` `#601` `__vbaUI1I2` `_CIsqrt` `__vbaRedimVar` `__vbaObjIs` `__vbaVarAnd` `EVENT_SINK_QueryInterface` `__vbaVarMul` `__vbaStr2Vec` `__vbaStrUI1` `__vbaUI1I4` `__vbaFpCmpCy` `__vbaExceptHandler` `#711` `__vbaPrintFile` `__vbaStrToUnicode` `#712` `#606` `_adj_fprem` `_adj_fdivr_m64` `__vbaFailedFriend` `__vbaGosub` `__vbaI2Str` `#607` `__vbaVarDiv` `#608` `__vbaFPException` `__vbaInStrVar` `#717` `#319` `__vbaGetOwner3` `__vbaUbound` `__vbaStrVarVal` `#534` `__vbaVarCat` `__vbaDateVar` `__vbaCheckType` `__vbaI2Var` `__vbaFileSeek` `#537` `#644` `#645` `#538` `_CIlog` `#646` `#539` `__vbaErrorOverflow` `#647` `__vbaFileOpen` `#570` `__vbaVar2Vec` `__vbaNew2` `__vbaInStr` `#648` `#571` `__vbaCyMulI2` `__vbaVarInt` `_adj_fdiv_m32i` `#572` `_adj_fdivr_m32i` `#573` `__vbaStrCopy` `EVENT_SINK2_AddRef` `__vbaI4Str` `#681` `__vbaVarCmpLt` `__vbaVarNot` `__vbaFreeStrList` `_adj_fdivr_m32` `__vbaPowerR8` `__vbaR8Var` `_adj_fdiv_r` `#685` `#100` `__vbaVarTstNe` `__vbaI4Var` `#689` `__vbaVarCmpEq` `__vbaFpCy` `__vbaLateMemCall` `__vbaVarAdd` `__vbaAryLock` `#320` `__vbaStrComp` `__vbaStrToAnsi` `__vbaVarDup` `#321` `#613` `__vbaCheckTypeVar` `__vbaVarLateMemCallLd` `__vbaVarCopy` `__vbaVarTstGe` `__vbaFpI4` `#616` `__vbaR8IntI2` `__vbaLateMemCallLd` `__vbaRecDestructAnsi` `#617` `_CIatan` `__vbaAryCopy` `#618` `__vbaStrMove` `__vbaCastObj` `__vbaStrVarCopy` `__vbaI4Cy` `__vbaForEachVar` `#619` `__vbaR8IntI4` `#650` `_allmul` `__vbaLateIdSt` `__vbaAryRecCopy` `_CItan` `#546` `__vbaUI1Var` `__vbaFPInt` `__vbaAryUnlock` `__vbaVarForNext` `__vbaFpCSngR8` `_CIexp` `__vbaStrCy` `__vbaMidStmtBstr` `__vbaRecAssign` `__vbaFreeObj` `__vbaFreeStr` `__vbaI4ErrVar` `#581`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0xea8`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.18414`
MD5	`1f02b308f4b8c7052f4f43c43351bbd9`
SHA1	`0b61fd773354a9926573a9e36d0280da18ba262e`
SHA256	`a6bd3caa5e4d614462f74f0dda7d1a4e27d1ec7f9d6d76075d6b02e6c5efe175`
SHA3	`ebec66970f4b328de561afa6603af898fed8df27a057455aaa9b02feea8a63dc`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x8a8`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.89039`
MD5	`d06fcfcf6c02bebd00c190ba7cab24de`
SHA1	`76c7678bc62c1a94037659e16de35242369b3c58`
SHA256	`1eebf747befc2894ee4ecb41ee3361681fd94c0ad36754fffde3c412759e4741`
SHA3	`d1e8dbdcfdb17eb1d0f5eb98adaffd8ef07ff00f4cf078aba84b4a3231522ba2`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x568`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`3.81096`
MD5	`6e3a13e4e0e9fdb9bc90af6d940b46aa`
SHA1	`ef41282502fd73041681f5b8603a4891de06e059`
SHA256	`bbfe181889366b527b053e236d46de081246c9d7aab76a7d884ec3f90cf48d05`
SHA3	`63b2402dece38179cdeec27be16702bfbf313dbc3644fe931dde065948c12cb8`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x5488`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.13869`
MD5	`d5297a1894660e6d533e953294922ca2`
SHA1	`e02a49435136fe2f6f0cdff0cc1cd49623467611`
SHA256	`61fb4c87dace39d450b4be94e77f6d5944a47f1c8ae7ad786e37e218acb69253`
SHA3	`67e9003cf0cbcf3273d250fd9cac6ecfe378dcef8c3ff5e68362fed53974b2b5`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x4228`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`4.96615`
MD5	`ef2d544d33bad5b636a358fe2baa3182`
SHA1	`f2bfe4bd3002ef6d0599793b209a1f277b1d6ad1`
SHA256	`d7f74004cbd0a25310cec89a46e2174af19837b5b965b74682f8dc8a64efe2b2`
SHA3	`35c0e11bc467a1c7090f90b3dd8df572037b6a73b001dde93a4e05fb2bf49ff6`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x25a8`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.12635`
MD5	`35ad9332718755527033fe7b1bd003d6`
SHA1	`ea807bcc2f9fcd5c4cc04f561f0907a4932b6077`
SHA256	`e9ee7341e01fcabf07099d74500798066dcd4d1134fc136b47d98fc7d61cd870`
SHA3	`5bbf1e99a13934f203cb5e2793537ec9c628ca26dd311dbfa8fc8c922937967d`

7

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x10a8`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.8792`
MD5	`784fc64f6db8a52054a04b95738cb790`
SHA1	`cd2fae54b848e57aee057c993ef5811f14a878ca`
SHA256	`d02801eec59b11050c8e35b75826f1701054094fa96cd7d5f75e38dbf699f8ab`
SHA3	`a09a010ca0f61ff1001565a028e8ca1e6249c20c059a07f50219ddbf74aa40ba`

8

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x988`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.67429`
MD5	`8b3c31913a01dcb32485229f7dfc314f`
SHA1	`d47d13456f5e556485f0c37289f5189ee76254c9`
SHA256	`568fcecd1ae7ae0847e6cb5a2d46f998a9695782226700774071c841a34138f8`
SHA3	`4d5b37a76798760508e72436dd9435d41daf657e613d1c53845ce8a5032367ed`

9

Type	`RT_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x468`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.94447`
MD5	`2429282f4893e6506158884df658960c`
SHA1	`29d2734af10f74bd83237667b9a605174971796f`
SHA256	`6d01ca94b452cb589ab5a044591470eb2e30a9f3c25229ee41db4796b35fd280`
SHA3	`d315b0f2283eba7a94ed5907899877eb30dd04f67f1ce167b6851b76a8af444a`

30001

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Unicode (UTF 16LE)
Size	`0x8a8`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.31875`
MD5	`0960ea5a7e1b0bbe1e79795a5c46be2e`
SHA1	`1d887cce8f52247f342e6a53c6563363244e082f`
SHA256	`a5f986f228693bd590961fbd0f8128944dade66104ff5f2d725a9c8572a62e64`
SHA3	`9917116656379947217b4479c957c30ff73c349144a483cf3d886445756105bb`

30002

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Unicode (UTF 16LE)
Size	`0x6c8`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`5.20218`
MD5	`38d0a843972083ee43792fe6616658ca`
SHA1	`86ffbfa5fc0f176e30de947b23d892faeae784c7`
SHA256	`59c6eb7df7a2dcb241d41394c7201fae35949c5440bcb1e6185753ac75c314ea`
SHA3	`121f9244a3696f7699010cd4a99c2738dbf32dba483b6892470569d25c59f6eb`

30003

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Unicode (UTF 16LE)
Size	`0x568`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`3.90188`
MD5	`82442b6337c5fc3192ed6cb22c731cf7`
SHA1	`e1030b1630897b3ee74c299c14f18828522088f0`
SHA256	`c2ae265f564c33f7250a9a1af480249d0b8486fcafd08d63f11a208b70fd6e0c`
SHA3	`8249b29e0bf78bdceebcb7c4b9edd22e94cda7b8303a707e4bd4bdcb82802db8`

APPICON

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x84`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`2.98625`
Detected Filetype	Icon file
MD5	`8a340a75212296cbe14528e4885fd6cc`
SHA1	`617db2a62d777628588153a71311d0d3f3e25a6c`
SHA256	`43cc85ee26b48f514d804a2e6006026f9a97b0d32622b080ee39ee817f4b642c`
SHA3	`a3e1977f9fcdfd0e13b7e620200692d2ef1afbb8edbd60f9f1bb37cedfac56ff`

1 (#2)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Unicode (UTF 16LE)
Size	`0x30`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`2.98366`
Detected Filetype	Icon file
MD5	`38e9d3ec0507af1e8249b918123a7e6e`
SHA1	`c0cdfd15534454352c138d902cc06bde4612110d`
SHA256	`554a8a95d86bb058207dbf915abc9c771d5483605564e09cc2a9346d6719e690`
SHA3	`68c92cbdb6a751c70a050e0eab2ee7e9066e9140138db862eb3076593c581ed6`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x3b0`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`3.45827`
MD5	`9bb6bfd0a0c9665925f441ea045feffe`
SHA1	`d9406f8d75808b75f69dcfe660ad9b278c282207`
SHA256	`a7363483615f78905160e708f1be6aad9955b0270f26259dccb78571f6284114`
SHA3	`fa171ca02c47ae9dc7c467ecb2019501dad0c2ed3138ed9167ae9a3288ae2dbf`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Unicode (UTF 16LE)
Size	`0x2e8`
TimeDateStamp	2012-Dec-06 20:17:13
Entropy	`4.89546`
MD5	`c23dd391c265a539c95447476ce35bfb`
SHA1	`bd3f5501b6e57cc14cd1eb587458c9b601893ae3`
SHA256	`814c0d1226e1e0737832e90cd66244d35014077dbb52670e3d1d9abcd5e89249`
SHA3	`1f0c5858dcb1cdb3d2f357d0c9224703dff5468cd4551d4298cf7b7a4348bef1`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.9.0.425
ProductVersion	2.9.0.425
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
Comments	Xbox Backup Creator
CompanyName	Scene Release
FileDescription	Xbox Backup Creator - All the tools you need to create a working backup.
LegalCopyright	2006(c) Redline99
ProductName	Xbox Backup Creator
FileVersion (#2)	2.09.0425
ProductVersion (#2)	2.09.0425
InternalName	Xbox Backup Creator
OriginalFilename	Xbox Backup Creator.exe

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x88a4aba`
Unmarked objects	`0`
14 (7299)	`1`
9 (8783)	`95`
13 (VS98 SP6 build 8804)	`1`

d2513e69992107dc14c4ba9d458dcb35

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.data

.rsrc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

30001

30002

30003

APPICON

1 (#2)

1 (#3)

1 (#4)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors