Manalyze report for d644b6138b108648c9c3606708c12eb6

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Jun-19 09:55:38
Detected languages	Japanese - Japan
Comments
CompanyName
FileDescription	AGE_System
FileVersion	`1, 0, 0, 1`
InternalName	AGE_System
LegalCopyright	Copyright (C) 2012
LegalTrademarks
OriginalFilename	AGE_System.exe
PrivateBuild
ProductName	AGE_System
ProductVersion	`1, 0, 0, 1`
SpecialBuild

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Accesses the WMI: root\cimv2`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32`
Suspicious	The PE is possibly packed.	`Unusual section name found: .2DJ` `Section .2DJ is both writable and executable.`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA` `Functions which can be used for anti-debugging purposes: FindWindowA` `Code injection capabilities (PowerLoader): GetWindowLongA FindWindowA` `Can access the registry: RegCloseKey RegQueryValueExA RegOpenKeyA` `Possibly launches other programs: ShellExecuteA` `Enumerates local disk drives: GetDriveTypeA GetVolumeInformationA` `Can take screenshots: GetDC FindWindowA CreateCompatibleDC`
Suspicious	The file contains overlay data.	`3584 bytes of data starting at offset 0xfd200.`
Malicious	VirusTotal score: 38/67 (Scanned on 2018-01-14 19:27:39)	`Bkav: W32.HfsAutoB.248E` `MicroWorld-eScan: Trojan.GenericKD.5858814` `CAT-QuickHeal: Trojan.IGENERIC` `McAfee: Artemis!D644B6138B10` `Cylance: Unsafe` `VIPRE: Trojan.Win32.Generic!BT` `K7GW: Riskware ( 0040eff71 )` `K7AntiVirus: Riskware ( 0040eff71 )` `TrendMicro: TROJ_GEN.R08JC0OH117` `Baidu: Win32.Trojan.WisdomEyes.16070401.9500.9991` `Cyren: W32/Trojan.WGPR-3013` `Symantec: Trojan.Gen.2` `TrendMicro-HouseCall: TROJ_GEN.R08JC0OH117` `Paloalto: generic.ml` `BitDefender: Trojan.GenericKD.5858814` `NANO-Antivirus: Virus.Win32.Gen.ccmw` `Tencent: Win32.Trojan.Crypt.Wqcq` `Ad-Aware: Trojan.GenericKD.5858814` `Sophos: Mal/Generic-S` `F-Secure: Trojan.GenericKD.5858814` `Invincea: heuristic` `McAfee-GW-Edition: BehavesLike.Win32.Ramnit.fh` `Emsisoft: Trojan.GenericKD.5858814 (B)` `Webroot: W32.Trojan.Gen` `Antiy-AVL: Trojan/Win32.SGeneric` `Microsoft: Trojan:Win32/Skeeyah.A!bit` `Endgame: malicious (high confidence)` `Arcabit: Trojan.Generic.D5965FE` `AegisLab: Ml.Attribute.Gen!c` `GData: Trojan.GenericKD.5858814` `ALYac: Trojan.GenericKD.5858814` `AVware: Trojan.Win32.Generic!BT` `MAX: malware (ai score=100)` `WhiteArmor: Malware.HighConfidence` `Ikarus: Trojan.Win32.Skeeyah` `Fortinet: PossibleThreat` `Cybereason: malicious.1b8fb7` `Panda: Generic Suspicious`

Hashes

MD5	`d644b6138b108648c9c3606708c12eb6`
SHA1	`569249cdef4b6a90951567668d390fd06bed7f87`
SHA256	`e55d28c647a7faf37419f0b32aac6f9e18d40ad987938aeff15abd12790bc09e`
SHA3	`96b7645b13d876011aee7407b32a882645240319e60d1429cb3f2cabbf75a001`
SSDeep	`12288:KdAk4bkkNJhFyV3bMPvu6yBC4pQUI1JjSVqscnp75Si20CTO2B:FgkNfFyt43uDBCSIutshOO8`
Imports Hash	`cc41570a22714db4efec6a8e3fd61123`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2017-Jun-19 09:55:38
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0xbd000`
SizeOfInitializedData	`0xb22000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00BE0004 (Section: .2DJ)`
BaseOfCode	`0x1000`
BaseOfData	`0xbe000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0xbe1000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`85176ee2066548e8a38e4eed246cb2c4`
SHA1	`bfe69c3bb202bcf77012820727c57adf587a491a`
SHA256	`d8ac588d5f4da71d807223ff6425eb9c048a45b5b38767638d78ff3af6b840bc`
SHA3	`80d6fe500fd16b476c426c9ab6414aac256abbe7795dbf42830e01944430dbac`
VirtualSize	`0xbca05`
VirtualAddress	`0x1000`
SizeOfRawData	`0xbd000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.70163`

.rdata

MD5	`6d7ac3e7a638f4c1fc8e66de8714a49f`
SHA1	`19e85aee8fea8dac026c4b0e52c262a1f05fc257`
SHA256	`1ad4bc67934edeb08db4bf0f4ef25369c25b204a5b07c4c8e563d212a9a77379`
SHA3	`7a3d66bb8706a6f2c21124036816de3fa94b69df874d69ff9dd0f6b808d74755`
VirtualSize	`0x114ba`
VirtualAddress	`0xbe000`
SizeOfRawData	`0x12000`
PointerToRawData	`0xbe000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.80287`

.data

MD5	`7a23440c47a6f4fc626c6fd1389c604e`
SHA1	`bf628921e48d71f74c67cdf6e93bf9796c187150`
SHA256	`cf65cd15033d60d7246d1fa96df99b9bb14a7400d9959a761f5d73317517161f`
SHA3	`07e7f4fe8848e33cabe6c19ce9f67ea4ce82e9ccee1ae675c73127ebefe454c3`
VirtualSize	`0xb09964`
VirtualAddress	`0xd0000`
SizeOfRawData	`0x27000`
PointerToRawData	`0xd0000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.03835`

.rsrc

MD5	`0909283951eb68a4ae5233593f1d36a8`
SHA1	`2b3c57ac98635eda14de1a71096fa27d85ace4d1`
SHA256	`1670cabc6dfb123e56785acc55ce15e8c1f449d88eee3c06a33e96294f52a3ce`
SHA3	`2aa41fc475ab124a10e915dd12a5c21f217bb5306911f898f660823a2445262f`
VirtualSize	`0x5190`
VirtualAddress	`0xbda000`
SizeOfRawData	`0x6000`
PointerToRawData	`0xf7000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.14094`

.2DJ

MD5	`61a97c63ae8d4034dd9c9f9121c26aa3`
SHA1	`c1bbb94aebe61010471e2003648dd7315b68013c`
SHA256	`f89585ab7d99ef3220b3e72f4e06132a53e54b9f4a423b251f36c347de820bcf`
SHA3	`4c36f2f709bb6d6b8ae5183267cc9706dd7218f1f1fc3666c00af152cf757505`
VirtualSize	`0x200`
VirtualAddress	`0xbe0000`
SizeOfRawData	`0x200`
PointerToRawData	`0xfd000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.33401`

Imports

KERNEL32.dll	`GlobalFree` `GlobalAlloc` `MultiByteToWideChar` `CreateEventA` `WaitForMultipleObjects` `DeleteFileA` `GlobalMemoryStatusEx` `WideCharToMultiByte` `SetEndOfFile` `IsBadCodePtr` `IsBadReadPtr` `SetUnhandledExceptionFilter` `GetStringTypeW` `GetStringTypeA` `FlushFileBuffers` `SetStdHandle` `GetCurrentProcessId` `LCMapStringW` `LCMapStringA` `RaiseException` `GetEnvironmentStringsW` `GetEnvironmentStrings` `FreeEnvironmentStringsW` `FreeEnvironmentStringsA` `UnhandledExceptionFilter` `GetDriveTypeA` `GetStdHandle` `WaitForSingleObject` `GetOEMCP` `GetCPInfo` `IsBadWritePtr` `HeapCreate` `HeapDestroy` `GetEnvironmentVariableA` `TlsGetValue` `SetLastError` `TlsAlloc` `TlsSetValue` `HeapSize` `TerminateProcess` `ExitProcess` `GetVersion` `GetCommandLineA` `GetStartupInfoA` `CreateDirectoryA` `RtlUnwind` `HeapReAlloc` `GetTickCount` `GetCurrentThread` `GetThreadPriority` `SetThreadPriority` `GetACP` `CreateThread` `GetLocalTime` `SetFilePointer` `CreateFileA` `SetFilePointerEx` `CloseHandle` `GetVersionExA` `GetModuleHandleA` `GetProcAddress` `GetSystemInfo` `FindFirstFileA` `GetModuleFileNameA` `QueryPerformanceCounter` `QueryPerformanceFrequency` `LeaveCriticalSection` `EnterCriticalSection` `DeleteCriticalSection` `GetVolumeInformationA` `InterlockedIncrement` `MulDiv` `GetCurrentThreadId` `GetFullPathNameA` `lstrcpyA` `OutputDebugStringA` `InitializeCriticalSection` `FreeLibrary` `ResetEvent` `SetEvent` `HeapFree` `GetCurrentProcess` `SetHandleCount` `ReadFile` `GetFileType` `Sleep` `VirtualFree` `VirtualAlloc` `IsProcessorFeaturePresent` `LoadLibraryA` `WriteFile` `GetLastError` `MapViewOfFile` `GetFileSize` `CreateFileMappingA` `CreateFileW` `UnmapViewOfFile` `HeapAlloc` `GetProcessHeap` `InterlockedDecrement`
USER32.dll	`MsgWaitForMultipleObjects` `GetQueueStatus` `PostThreadMessageA` `MoveWindow` `EnableWindow` `ClientToScreen` `SetCursorPos` `GetWindow` `GetClientRect` `InvalidateRect` `UpdateWindow` `CreateDialogParamA` `SetRect` `GetDlgItem` `SendMessageA` `GetDlgItemTextA` `EndDialog` `SetDlgItemTextA` `SystemParametersInfoA` `GetDC` `ReleaseDC` `GetAsyncKeyState` `GetKeyboardState` `ReleaseCapture` `SetCapture` `wsprintfA` `RegisterWindowMessageA` `GetWindowTextA` `IsWindowVisible` `GetWindowLongA` `ShowCursor` `ChangeDisplaySettingsA` `SetWindowTextA` `SetWindowLongA` `GetWindowRect` `SetWindowPos` `ShowWindow` `FindWindowA` `LoadIconA` `LoadCursorA` `RegisterClassExA` `CreateWindowExA` `AdjustWindowRect` `DestroyWindow` `EnumDisplaySettingsA` `DefWindowProcA` `PeekMessageA` `TranslateMessage` `DispatchMessageA` `PostQuitMessage` `BeginPaint` `EndPaint` `DialogBoxParamA` `MessageBoxA`
GDI32.dll	`GetGlyphOutlineA` `EnumFontFamiliesExA` `CreateFontA` `SetTextColor` `CreateCompatibleDC` `CreateDIBSection` `SelectObject` `DeleteDC` `DeleteObject` `GetStockObject`
comdlg32.dll	`GetSaveFileNameA`
SHELL32.dll	`SHGetSpecialFolderPathA` `ShellExecuteA`
ole32.dll	`CoCreateInstance` `CoUninitialize` `CoTaskMemAlloc` `CoFreeUnusedLibraries` `CoTaskMemFree` `CoSetProxyBlanket` `CoInitialize`
OLEAUT32.dll	`#6` `#2`
WINMM.dll	`timeSetEvent` `timeGetTime` `timeBeginPeriod` `timeEndPeriod` `timeKillEvent`
d3d9.dll	`Direct3DCreate9`
DSOUND.dll	`#11`
ADVAPI32.dll	`RegCloseKey` `RegQueryValueExA` `RegOpenKeyA`

Delayed Imports

1

Type	`RT_ICON`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.46618`
MD5	`d8c74cd73d1d949e2588e00c889da838`
SHA1	`aca6bcc537bd970524f8706d7aacf1961bdbcb9c`
SHA256	`cd7b08e0032396e17046e49b98fb2af19da7531d4b7be12ae898a0c97a79d07c`
SHA3	`2208d68c65158c81ce2075d02edf1ed27a679878dad61d729090a2e254c05c64`

103

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xde`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29165`
MD5	`87223c87f1015a6a4c5068fc1a722971`
SHA1	`5293f648a6746494b6214127c1869e8f96d71937`
SHA256	`1e4c0c6d2e612fcb5a7e41bd0aa3c10e153dd527eb05f797cb7502c07194d914`
SHA3	`35380860703ae45e5c04b3bca29a89342369ea69560a676365ed9360a094f900`

104

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.99173`
MD5	`2b4c2057cdec8b242fb5f38c0bdbf35a`
SHA1	`2a594b81be0338c1bb84de3b5093b06507369366`
SHA256	`6a21908fff7044042270809cc6da252c0d4838a5dffbd8759985ca70b0829abd`
SHA3	`93f9a270933e4ebe0408b087f571e314123dc9baf1c39bd74007514728316db2`

110

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x20c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.00785`
MD5	`c674966f6a0688a69b7fccabbd318f93`
SHA1	`91b5e7e68af4fa2f5cab3e070d34b7fac95c86e2`
SHA256	`ea1ee3cb4d271369700882318890a4b2f97faa234834e853bb721809d0634918`
SHA3	`76fc8011c159db65c4685ddc3fdf7b1ccf9b4910696e7fb1724fb1388be66fbe`

111

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x90`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24856`
MD5	`2396253118aaf033af6e830179e38de9`
SHA1	`bab78e879b0be60947c84c15312502db75f40d96`
SHA256	`4c9eef46a4ebcf8c9b6c21e324b7e4528f38ef37e96b3e513b55dc007e54ac75`
SHA3	`9419ad71e99850b53bfa5da251e1dc135c0a845c0a2078e54c19901ecadad4cf`

112

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xbe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.72446`
MD5	`5443ebc0aadd77975f3cd4b69d72027d`
SHA1	`b9cdc4131c798de30a2591ab04439c0ceef1ee71`
SHA256	`585d8bc6df0a6cb2a6c8f9d6d3292044098c5889de4ed7f1da1e95b3955bd8b2`
SHA3	`fbd810d333f7cd5dd8ae21ecd5f232c55a709070b39e48bfb1ebde7a71f75792`

114

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x2f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.48452`
MD5	`b91635693beee81915c019dfe353d17e`
SHA1	`fab91256cb8c9a94d72c88fafff46ee361bb5812`
SHA256	`ad61dbf6049ce4c28865f789149eb6265490ba8b6b1e5491b65051fe954be65c`
SHA3	`e68a3c0cb6d8eee5e6dcf52ea7930312e99b6e264905f16b106603479e494ea5`

115

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x150`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.22179`
MD5	`b935987fe6820c22a694a143ea4724d4`
SHA1	`2feab5c675b076c8154977c75403b4f77ec749b8`
SHA256	`b2ecfbc563b5518f4f4b9873b4a6bd0ab9af0ad1f07130abd314b6c8e29999c2`
SHA3	`6d03bb79c3a58155766d1ad7acde3ce86f9ab6eaa37017ce26e48f08437196d9`

116

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x276`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.18011`
MD5	`57a9ac8ec31f34c34b7aeeff77856a31`
SHA1	`9940313ca661c78d687172f574498896cdd3803a`
SHA256	`728f5bd85a79da83e29188bbfcf77f8b9f4bf47e9f8de36c182a29901a83ac55`
SHA3	`678053b325d9e59384cded7ff6691f0ca648b739b206d733510e3c7d55f87ce6`

117

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xb2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.64213`
MD5	`175c1b4c0fd2b3f4aa0e21a1101b02c7`
SHA1	`eb07956772d301b085509d5646e383ec068a7548`
SHA256	`83282f28c41bad3141ba6f53de1cf220ac60980918f5693c452636f4bf2df9c3`
SHA3	`6f5dde3d7d05e6fa15abb64c2d3e99dd94fe98bad77e4877761ff5767bcad290`

118

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x156`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.94533`
MD5	`27931363b36de0d4a688f16d17ecada6`
SHA1	`e05fd15e435afb38f6f0d09192182bf2c8d484cf`
SHA256	`5bffde9a7c173e56130573d480fee450968ce9e60b53cbddf8c57a2573300db5`
SHA3	`5e430d8ff62a49881031ac39801c5199188a760ec17baf3101e05d2728fe179f`

119

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x2c2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.2798`
MD5	`b11b5b787606d3c57564b565a0b9c5da`
SHA1	`e5e5985674423af14367bbbdedcbef333d0e1940`
SHA256	`3f0b9f07997a32b466cbfe3627ec92d40ebafbd2f06096b6725a6459bf5d0de4`
SHA3	`bc4035343e69380d55dcf6a9e6bc5e99aa5e2340df42713d144040db53c28c51`

120

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x14c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.58706`
MD5	`0d6137330c1ddaf2ad98fc255bea879c`
SHA1	`b30364352bcb156795f70d85e8e4d7167e1d4930`
SHA256	`6a83358c1c1bec5ce10eb229c62a025e7cbf9c0b1059af5eb76264deb7cbc5a7`
SHA3	`863aaff25d833d96e26646918b0535b88ccf9709f776189175be786441300343`

121

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xe6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.23231`
MD5	`cd982b775293f6d4358b10f0ec58f640`
SHA1	`cdffa897d9327570f86c632fec5d0f44b6f79fe5`
SHA256	`92828bc77cd8b9cfaaedf88af440cbb7bdc2f49894ec33ef227f0225196a91be`
SHA3	`e6a2813f73f6427bb54804729f4e04034e7d9ebad85348961a39bd0575aef9f5`

122

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xf0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32701`
MD5	`7b4a6eea080cdb49ef6c53644727c497`
SHA1	`b70dfa6c086254ca69ce5ac77cc35145e0b87b9e`
SHA256	`90a2aa1e4aa1a175efec24a0d8a281d7d891eadbc3a89e388595ff700b0936d2`
SHA3	`d733488776c866535abdf6e817129bc9d0e3591d1cc7387cd937d1d704d48ffb`

124

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x166`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.69805`
MD5	`d97234eb29939fe23a206b148374e293`
SHA1	`8cb4107f09e6be592382eaf7255ecddce4b4cc8f`
SHA256	`024586f751ef9e7f0e8898ace7640365046f4e459b6b4a6b5cdf0d32ab8912c2`
SHA3	`272252c953a4469dde7f0da2d8078367bf7ad8dfa14ae97e1a18ad4fe5ddae2b`

125

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xf6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.29302`
MD5	`4075c7841246c2a7b5f69ee9561256e2`
SHA1	`2ce2484612fc958aba89ccaa3f5a936a06d238f7`
SHA256	`0c5abf8070c84a736e80f26ee2f5b404c2be25a4647c223b76fb629e56a94ef6`
SHA3	`c27dc8ba7ebd8655c7842d09e222503501eaa266a6b6e19c1d555338d7e4f61e`

126

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x11e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.68042`
MD5	`c9f997441a915ff4dd192e993884857d`
SHA1	`349e73dd66951aea7062c930e7143d74795157d2`
SHA256	`54e7afd9310658830b20054933a83fda242745590fffe04d86efe3953fb7f513`
SHA3	`4f0b76698a7a78b33da0ad6c181fb6d49f0a25bc60142edf68fca7ea3dddc9c5`

127

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xde`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.20772`
MD5	`9c8f0a8ef824767d198d1856e8188c7c`
SHA1	`fa4d2b6b42de4ea5d27fb2103a8fe8c4e5b5102f`
SHA256	`39efcaffd1cdca28084d34c3cf604430a79a1e45f2a8afbb5e84a19b5b0aafb0`
SHA3	`1462bf7c973eabdf9ca63cdd37c49df8dcdc1f7761be51a4ac1a547fa18b21d9`

128

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xd6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.37812`
MD5	`8f6c91c3624bf7918d0a9d15d4bd948b`
SHA1	`ff15dd26bb73a2a82c76fc42d7906ef7a9b32334`
SHA256	`3b7bdf19f7621d828690846d4e95a7cbc5c5eda9d116ba9e34d270fc9114967c`
SHA3	`1dfd34b815f67a2733cd83a8a3e3a3dc680d41281f46de41499b636931e77b11`

129

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x11a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.68151`
MD5	`d284be11bf88b9bc6f6d7dab39ec7b02`
SHA1	`d508a00d15d6c0e034b8889fe01e1a4b5dd42b62`
SHA256	`1403339be589f0a3fce26c49ae6dab4eb616b8d751fa878dc549fec2b90709cd`
SHA3	`6f5d3703abfc6ae0e2d43b11a7521ff2edee0465e92fe4ba68930344f2751bc0`

130

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x76`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.45108`
MD5	`1128925cd68b23d06d67d157a7c1e255`
SHA1	`e98fb28de835a2b4adc5bf371b2397113115c92b`
SHA256	`b495323dc5d5884b24eea9b471f5ebd2951fa60efa6e0109f2d3b607e2280710`
SHA3	`e52e617a6c6cf43b4d77664d1a88e3cbd29151ccaf3c8164bc5e633a7787c287`

131

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x98`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.47512`
MD5	`dc780cd4dd4a1ee43ecaaac2d0e7b0cb`
SHA1	`8eb1663609b6e8d4680d4ddc35f71652c46de59a`
SHA256	`0c6b89bd8170f653c1944f181774087549cdb300c45ac29c0206aa11eba6ee30`
SHA3	`5290539193656f9486225462d8b630390fc3a15c883aea6888d47dd70276d30e`

132

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x20e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.96532`
MD5	`71d85c8dc98da20b46929fe364774a7c`
SHA1	`4a37fedf2e209691f90a03e7f7c372f5fa597cea`
SHA256	`163060e4fa06438b42d5d63d3c7a28aecf8a4eade847647a00ada134aa17397a`
SHA3	`fbf3910d5719914de37a0812c360b94da341ff1e0f5ce4cfb4e4e198bf01d7ef`

133

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x172`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.90535`
MD5	`e74122dfe8a8fcb09d30029aaad1457e`
SHA1	`37d507f98ac8dc84f20c5c9b5b38dae718d1c34d`
SHA256	`17a1b6a0614f04bec25102e7e94ae43ebc23233b80351d40cda2cf81fb0340c6`
SHA3	`5c43199f3cdf7094102d2690b1492b5311479d654346e3f65f998c9dfd84648d`

134

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x1ae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.8742`
MD5	`a34555d1697bc16960d0ebb433a40a2c`
SHA1	`21f6cb941b2ee1a2dc83efa2176499628494077f`
SHA256	`6a92c23ff6032afe706e10d3d607f727cf29184ecf3eab747d576e00abc73b1d`
SHA3	`053ba6791963d92a7aabcd3433a339d8544485b6629dd7b438d4a525a0af7c4a`

135

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x186`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.69604`
MD5	`99e1c50d94d1ae94c110219a03bc5812`
SHA1	`85aff2795a2799ad40afdc69e4f5317a6c725aa0`
SHA256	`4155c8026a60a41752a1346591f41219eab5a76e8e66711ef4c92036c7d9ff05`
SHA3	`6e1d9445d2f6a6141a92cbb172289a3537ee6fbe2ecb77f34dd7deb46ce460ed`

101

Type	`RT_GROUP_ICON`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`6da8e7d5ae1d5d15e0230a67a7c16c6d`
SHA1	`678db52cbe5d617c33c6269bfd4b6d8d1a17f956`
SHA256	`6eb54801f91b6d8effccbfaefe6b2d7705a274a75940e6226e24e0d4ec58c396`
SHA3	`994fc217c7b8bc8008ac262ff58044403206de6eceafd424d4640ecad395eb2f`

1 (#2)

Type	`RT_VERSION`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0x338`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34395`
MD5	`8796c9f356e5713fa606587757be8417`
SHA1	`8908aac539e5a9971a721e4e95af06852ee2b62b`
SHA256	`a59cf33e281b7732732c4f017a458407bc700fdf2e6d4b36a7c0a6a64304bbd5`
SHA3	`1c83c4085749ef27d5ad2338e8aafd2e2dfb03eb165ae86922c802491d2c2ce8`

112 (#2)

Type	`UNKNOWN`
Language	Japanese - Japan
Codepage	UNKNOWN
Size	`0xe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.4138`
MD5	`b012ec000d75418cc7e50bbcc3e4415f`
SHA1	`f39b31ca3d565f5c591a6f636e343ba996a3b96a`
SHA256	`adfa1591c3993ad524396473f74e67aa4a31bf9ae70d908bc4e568e35f261d10`
SHA3	`ddba547e387effc217b928e2efee70aa26b2922b3ac7845e850f35f9fd4f2b83`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.1
ProductVersion	1.0.0.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Japanese - Japan
Comments
CompanyName
FileDescription	AGE_System
FileVersion (#2)	1, 0, 0, 1
InternalName	AGE_System
LegalCopyright	Copyright (C) 2012
LegalTrademarks
OriginalFilename	AGE_System.exe
PrivateBuild
ProductName	AGE_System
ProductVersion (#2)	1, 0, 0, 1
SpecialBuild

Resource LangID	Japanese - Japan

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x3c0dcbc9`
Unmarked objects	`0`
12 (7291)	`2`
C objects (VS98 SP6 build 8804)	`148`
14 (7299)	`45`
C objects (VS98 build 8168)	`22`
C objects (9178)	`2`
18 (8444)	`6`
C++ objects (9178)	`117`
C objects (2067)	`9`
Imports (9210)	`4`
C objects (2190)	`3`
Imports (2179)	`19`
Total imports	`231`
C++ objects (VS98 SP6 build 8804)	`136`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

d644b6138b108648c9c3606708c12eb6

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

.2DJ

Imports

Delayed Imports

1

103

104

110

111

112

114

115

116

117

118

119

120

121

122

124

125

126

127

128

129

130

131

132

133

134

135

101

1 (#2)

112 (#2)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors