Manalyze report for dc7419c654ce0bb16dbbeb9806143a7e5755fd90797ad724750098ec827fcab8

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2002-Feb-27 20:58:08
Detected languages	English - United States
CompanyName	Barking Dog Studios
FileDescription	Global Operations Client
FileVersion	`1, 16, 0, 29`
InternalName	CShell.dll
LegalCopyright	Copyright (C) 2002
OriginalFilename	CShell.dll
ProductName	Global Operations Client
ProductVersion	`1, 0, 0, 0`

Plugin Output

Suspicious	PEiD Signature:	`SafeDisc v4` `SafeDisc 4`
Info	Interesting strings found in the binary:	`Contains domain names: http://www.lithtech.com http://www.lithtech.com. lithtech.com www.lithtech.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32`
Suspicious	The PE is possibly packed.	`Unusual section name found: .exc` `Unusual section name found: stxt774` `Section stxt774 is both writable and executable.` `Unusual section name found: stxt371` `Section stxt371 is both writable and executable.`
Info	The PE contains common functions which appear in legitimate applications.	`Can access the registry: RegQueryValueExA`
Suspicious	The file contains overlay data.	`858861 bytes of data starting at offset 0x140000.` `The overlay data has an entropy of 7.99959 and is possibly compressed or encrypted.`
Malicious	VirusTotal score: 5/72 (Scanned on 2025-12-27 13:07:02)	`APEX: Malicious` `MaxSecure: Trojan.Malware.300983.susgen` `Paloalto: generic.ml` `VBA32: BScope.Trojan.MulDrop` `Zoner: Probably Heur.ExeHeaderL`

Hashes

MD5	`2d83a9346f5e33cfa0506e276f88ce66`
SHA1	`cd7d91d57789f5152535569e0299c5fba4e4766c`
SHA256	`dc7419c654ce0bb16dbbeb9806143a7e5755fd90797ad724750098ec827fcab8`
SHA3	`dfa4e48dab54157a47fe3cd1b912909e052dae02cbee52e118f4390c4789aa09`
SSDeep	`49152:oAONhU2/62ZsIVzEyrO7mCSsFaHPLO845xd/Zu:ahb62ZdJSB70OHvu`
Imports Hash	`7dcaefdde48bb5dd7e7dc616ef17fd54`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`7`
TimeDateStamp	2002-Feb-27 20:58:08
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x11d000`
SizeOfInitializedData	`0xa2000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x001BC052 (Section: stxt371)`
BaseOfCode	`0x1000`
BaseOfData	`0x119000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x1c0000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`15d4c386a32b2957c41c8fca1f8c75b6`
SHA1	`020a18113a44b11fcbb588d5ac327c3a297c9d71`
SHA256	`41569bbf306c43eb6388c3c5d1ae86548b76c842d65f59fc2fff2ee436fc07ab`
SHA3	`6bf443529aa0625613de3091e5e22494b051817df9e6aec6a019417b17263776`
VirtualSize	`0x11728d`
VirtualAddress	`0x1000`
SizeOfRawData	`0x118000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.9984`

.rdata

MD5	`131dd33149d1507da909efd9d30e1473`
SHA1	`6381219f65dee27af07b4f203bd0715c107c38a3`
SHA256	`b09118362487dabf999220ed74349f1b27baf5b05ba9ed33aca7c0d42d146dc6`
SHA3	`37ce92a77a0a5aedf2ab4b47945d5539c500cab65b8fcc4b34bef697e512e142`
VirtualSize	`0x99c1`
VirtualAddress	`0x119000`
SizeOfRawData	`0xa000`
PointerToRawData	`0x119000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.90419`

.data

MD5	`4fbac7c74948fba24d524a6b049aa244`
SHA1	`ea1e630466503b35f15e0e0351b5abb13f0be65b`
SHA256	`1f3f106ec9b293e7eca0f334856a1d31c752597ab85f007992c3dbcf28e21dfa`
SHA3	`f1242e196578380facbb91a313c0f3f9aceac784f0bc9db941c46c718308e4f8`
VirtualSize	`0x92854`
VirtualAddress	`0x123000`
SizeOfRawData	`0x12000`
PointerToRawData	`0x123000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99504`

.exc

MD5	`1aea4fdf923236e790923ebd0cac5ede`
SHA1	`375f5336b1d2d57a81c650c373bdff1cdefb5bbf`
SHA256	`73a12347775b9e4ac1d81418d751464e3c7abfd3d9f9473888e25970c08dc872`
SHA3	`cd016ad556a1f698786f12d1f71be3bb0a138089f7fde11c6f0fe324b5abe4cb`
VirtualSize	`0x10`
VirtualAddress	`0x1b6000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x135000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.0252759`

.rsrc

MD5	`5240d64c1edae4beaf9b0e53d0edb1e2`
SHA1	`85228e14967268358efd4dd2327970d52d04dba6`
SHA256	`7e70cc4dd6b81cb6d3a644997fcea5538c4579f99e9a0a69477a6c4034205ab0`
SHA3	`035a63b68cb617c40346c390d0c07a2cf8b7f32d37d48cc5f5960df5462ebbd8`
VirtualSize	`0x34b6`
VirtualAddress	`0x1b7000`
SizeOfRawData	`0x4000`
PointerToRawData	`0x136000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.4221`

stxt774

MD5	`aee1168c9b1faf4cce11a5804bd549fb`
SHA1	`4e21fb374e755a088ec77db08cc96af82536c29d`
SHA256	`1eba62fed2490a6ce98ace1c552b0ae4623be70a41823fe3dbbf94ed368611c8`
SHA3	`4af91ff883315e8f939ba312d69aefa10e9ee9cd4c9adf3b7f751efbd20f29b3`
VirtualSize	`0x3ff`
VirtualAddress	`0x1bb000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x13b000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.22044`

stxt371

MD5	`ad09b28039889b45efd278d303018e2f`
SHA1	`1e1876013e710edb2dc64bade36d4aa4787bc0e5`
SHA256	`ee98e79ce8191b6c8b40ed6ed96bc71ea0497a34de7b39221b6899648eeb3cce`
SHA3	`19b57969afaae02eafbb9d2d1678295400b415080eaec9fe648aa2148667af5b`
VirtualSize	`0x3a77`
VirtualAddress	`0x1bc000`
SizeOfRawData	`0x4000`
PointerToRawData	`0x13c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.01445`

Imports

KERNEL32.dll	`GetModuleHandleA` `GetProcAddress` `GlobalAlloc` `GlobalFree` `ExitProcess`
USER32.dll	`MessageBoxA`
DDRAW.dll	`DirectDrawCreateEx`
WINMM.dll	`timeGetTime`
DINPUT8.dll	`DirectInput8Create`
GDI32.dll	`GetStockObject`
ADVAPI32.dll	`RegQueryValueExA`
ole32.dll	`CoCreateInstance`
mss32.dll	`_AIL_digital_handle_reacquire@4`
VERSION.dll	`VerQueryValueA`
WSOCK32.dll	`gethostname`
d3d8.dll	`Direct3DCreate8`

Delayed Imports

SetMasterDatabase

Ordinal	`1`
Address	`0x5b8c0`

2

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02695`
MD5	`cab67e9ca149fb79ab4473998412b951`
SHA1	`2e793d35537bfb5d3f042ed0626d3b119d50519a`
SHA256	`fbeb3be87e80cb8e1d2af3d8140796c1bb80c6c7056f60897088ff9e355c3867`
SHA3	`0e72f5537421764effb2ed98e536358bb7e86eed7b0936e606e8d45559685684`

3

Type	`RT_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0xb4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.74274`
MD5	`9fa8a914823ac7e5370652146901f4f1`
SHA1	`eb3224109abb341b6e464d2606fdbed1a7160bc6`
SHA256	`f64ccc0582bc7c66af8b40049e485e8e241335261ec95ace909293ba50b2e4a3`
SHA3	`bb348af06514e27cd1fa21ad524dfd037edcd3b36ef4cc6ab24c4a8ec38995ff`

26567

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5e4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.09838`
MD5	`055505a1940f27993d40e136bc915615`
SHA1	`f6223d2c97df05fa6b6ca54b47c92438777eae79`
SHA256	`a9bb58f43df34b3dc05b79015210b5a1ca84f8ff97555cf7344ef8bb662e1a6d`
SHA3	`cf77404babde2509159cac5542bdbc409a869e1633222f15e62ccb39bb8ad59b`
Preview

30994

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xb8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.23666`
MD5	`8cf65be17e506ff24c2177078f88b56e`
SHA1	`3e397dc7597caeb844df0ea760b64231c8ce3dbf`
SHA256	`e7c0005285d1ab59732d5f99f77a9bdd6342b01cf44437ebd7a07611a227e272`
SHA3	`7da4c7aab356574679f0f9107740f01647864c846c04f699deef67577fd6aded`
Preview

30995

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x16c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.20022`
MD5	`a2153b6134d93fd17964b36be4821db4`
SHA1	`43d43980d7e6c1f080cc3eca82d84dc2ab8241b1`
SHA256	`4406c7739acdebe7be0510fb2cf7043ebec1f3dfd4fd876e1b6d0eb29fa79a14`
SHA3	`c6bfd5b740368d3cc00322a1d1ed6905cefec2b5a411b2100444a37e72f79fe6`
Preview

30996

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87621`
MD5	`5a9c81cdbf480cf01daa71ba0e233c5f`
SHA1	`28e04c01584654e1974347d1baa462b2784e9c47`
SHA256	`abdf36bde89a26349f5741c17c235dacea88d441d8662ba16a598dc50c3c4864`
SHA3	`99dec83590ac444359a5a6f8924dae5615d93f4df527e10a8a61319ce3a5beaf`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33073`
MD5	`8389e138dd6def24f5f3aa2a5a10e37c`
SHA1	`4287517898404d5635edc67626d896bdb1e74723`
SHA256	`f634d0347e4634e29cfe201e0e2cd10e05550fe121ec59bc34a12fc814633582`
SHA3	`bd2fa2b68444858a01038c20f6bb560c0db77e01672bcbdbc0cb65307bfd70df`

137

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.53666`
MD5	`717e2ffbc312e7e80fabc687e1485c82`
SHA1	`4c4fd7074581e6a2858394f689ed6a7f81af7fc1`
SHA256	`b42d8997c842d7c6ee19a5ee58e509e608ea49a5029f8a5e03a4f660f5a670a9`
SHA3	`f42c78db0f61bcc6a88e37fbc49536ec7ec0c76f86cbbe04c026c1610b53d8f8`

30721

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06676`
MD5	`ad7b15160c8bf80910606d417f40fef5`
SHA1	`9752acb8e012635c4356f7f2a20191d656b53faf`
SHA256	`6e113fd8e9f3156ae68251c6076beb9b59fe29e589d06398e7019802521f69d3`
SHA3	`50c74f1eeba91cb4ecc237c0b18cd2f6c0e2b6064e8d13ce1a779160c03b5d48`

3841

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x82`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.81705`
MD5	`8bb814f43734537868736a6df5dcc012`
SHA1	`3ae7a8f8678bc2aed76f745960730097032389b6`
SHA256	`d91dc4e26fd86def5ee907c72f32457bea07d21fa618012245f641d08501548d`
SHA3	`73fabbc3aad03738eda288b6d45b076e7f94f1ff8de37df5ac4d6e7dc7a48f98`

3842

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.960953`
MD5	`0131ce1c2237957b6926d5097b0af63d`
SHA1	`2ce37b98065cc4de92e99eb0777e0e1159102068`
SHA256	`05e0d5787611ed4f643733e3e6e62d00f426422b5d3e443ceebac22e9d294bc4`
SHA3	`9ee7bcb02f48332a4fac72465297312ef9c765b03edf2ab24a4b3de0840bda6c`

3843

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.04939`
MD5	`7076fb3ae32a748de6a3418a66192a8e`
SHA1	`dde3419cf897be2f5511a3daffc195ef132afcd2`
SHA256	`45e62b458c61b6cbdda7b5e9d11f5a6df837cf398c16a6257cd3b970a4ba051f`
SHA3	`f570484090cc667aaba4c771246cf979c70ef084b24fd08874b2ebfc95a53d95`

3857

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4e2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26139`
MD5	`a9e50c9388d7cdac902c23acec7aa23c`
SHA1	`d54e8c937a904c58112c0fd868012f1808bc7def`
SHA256	`d036e1af5639fb867f5035330e81788bbc24eff762610e3f6bba5d78903a845a`
SHA3	`d6269db5a679dd9690f84a835d71985ba4651061b49478a4df8690ece671a473`

3858

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2a2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99242`
MD5	`baaa947d6b05abd2548055fa7716fef3`
SHA1	`4ab0c053f47617c11883897e52ecda97f99ed49d`
SHA256	`1bf3b476c90b4d69ffacf814700ff58d3745713ee100baa8d6a5f6c64862d4d4`
SHA3	`8d872e55129a7d342578ba0fdc42f71b15e6e764872b5b50458c5632f43137b4`

3859

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2dc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16997`
MD5	`8e2ac8a2e85ae2a4a7d1b1fec0c30687`
SHA1	`e8ad7766b7c342e2721e21c0d7f0c222ee8720e9`
SHA256	`c1bc5318a82ea1a1809618040026851947f6aa5171d904a9e60966f4551ca1a3`
SHA3	`b12ff47988f4fe62a2460361df0144ad3366d59e0ffa2b6f38b3469d7b24fc79`

3865

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.63903`
MD5	`5fbbd2a5f564e043553889eec9147920`
SHA1	`2ddafabdf2bf5b62090419f07f731c4d02f0d987`
SHA256	`1b8660b0c53b94f3e029de58e56d08c8097a080244e9dc65d4155a9b603820d8`
SHA3	`1a90cf149f1fc5cfa9cd3f82f9a079ec48c7f7ce76dc4be601e538ae5c052ab9`

3866

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xde`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87807`
MD5	`a0838b75a6ffc345212d18178663bb7d`
SHA1	`a90a0eccdf4cc4c50f430195695a3b65adefe5e8`
SHA256	`31bff9afbf08a8869318cd946a1d73a4425afefc5693c6e06671bde1e86de1dc`
SHA3	`ad576d2bedb8e173fb207310f244bee3ad8c898a2101cb67da930fadf80ec7d0`

3867

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23259`
MD5	`f2cb4a170c1677e5a01e7be62eb9cb0d`
SHA1	`2dd9a30c267d734a1b6da203ac4ddf4512ce30bf`
SHA256	`36db380991291cac5c99e42332efda20210f63985544d95e8fa6ef85bf2bdf8e`
SHA3	`2a1b4ca5a692c8deed0fef985b009b14ce015981e2b6bcf1469bba5700456504`

3868

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x264`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09466`
MD5	`22bc73fe721ab70d0af71b166577d914`
SHA1	`3f6f9d5eacc66775e33fa6644ffcb06e141b8955`
SHA256	`7f51554313c6765ba649783a942064cdfe6f5a70248a6f56840f71969f87ced0`
SHA3	`a37cc4b7ff7538179044beda7e177e62d1691994b518d2151622c975b5f282ef`

3869

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.07875`
MD5	`4b18eed800e2806db8e0aacb95fd54f2`
SHA1	`8b09634f818d6823f6466717f3863cbb466d97c1`
SHA256	`0714c554acd308b38c3d6319f7e470f76a16d712f696545eacac2bdc725dfb95`
SHA3	`067dea0fda55e331beab407da1e0e79a9d71fe8a8d0c965384d459ce0a8d499a`

30977

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.17349`
Detected Filetype	Cursor file
MD5	`82087004b160772173284c3dae85be2f`
SHA1	`a3c1f9340fc37dff751efbe6673b5e9ef3e4a8b1`
SHA256	`e6bef05177430dd0710b2878ea9028fb4cd23b7dd9e6066a7dce3934c8e05124`
SHA3	`09d33054c8076b56ab90b399acf5383351b59ba9db1cac26820c9b60cc9532d0`
Preview

128

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.16096`
Detected Filetype	Icon file
MD5	`42cf62b780813706e75fb9f2b2e8c258`
SHA1	`a022d5c1cfdd8aace0089f3e72f2eedd41bda464`
SHA256	`a0c9d012e2bf6b2fe05c2d97cb5594d97cf2f539e97935c12abd7a3562f4d9bf`
SHA3	`0aafc8e3d8b6bde595537da4ffe0efc5fe53f01dafe336a2a5828b6a71283d3c`

VS_VERSION_INFO

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x338`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35479`
MD5	`4adeaa0b9e83e9c7bb4791ff5fd355e2`
SHA1	`52ad861b64e8de3e8b1e368b98a0964c371b8810`
SHA256	`66ac769c3723e2c33f336d28d44b722e80f886fa7c1c8c7298ca6b6d1739d431`
SHA3	`9580694d2fa6e893aaf1637811066f0e4960f0903d0644dcc3d82929ea0269e2`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x338`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35479`
MD5	`4adeaa0b9e83e9c7bb4791ff5fd355e2`
SHA1	`52ad861b64e8de3e8b1e368b98a0964c371b8810`
SHA256	`66ac769c3723e2c33f336d28d44b722e80f886fa7c1c8c7298ca6b6d1739d431`
SHA3	`9580694d2fa6e893aaf1637811066f0e4960f0903d0644dcc3d82929ea0269e2`

String Table contents

Open
Save As
All Files (.)
Untitled
an unnamed file
&Hide
No error message is available.
An unsupported operation was attempted.
A required resource was unavailable.
Out of memory.
An unknown error has occurred.
Invalid filename.
Failed to open document.
Failed to save document.
Save changes to %1?
Failed to create empty document.
The file is too large to open.
Could not start print job.
Failed to launch help.
Internal application error.
Command failed.
Insufficient memory to perform operation.
System registry entries have been removed and the INI file (if any) was deleted.
Not all of the system registry entries (or INI file) were removed.
This program requires the file %s, which was not found on this system.
This program is linked to the missing export %s in the file %s. This machine may have an incompatible version of %s.
Please enter an integer.
Please enter a number.
Please enter an integer between %1 and %2.
Please enter a number between %1 and %2.
Please enter no more than %1 characters.
Please select a button.
Please enter an integer between 0 and 255.
Please enter a positive integer.
Please enter a date and/or time.
Please enter a currency.
Unexpected file format.
%1
Cannot find this file.
Please verify that the correct path and file name are given.
Destination disk drive is full.
Unable to read from %1, it is opened by someone else.
Unable to write to %1, it is read-only or opened by someone else.
An unexpected error occurred while reading %1.
An unexpected error occurred while writing %1.
Unable to read write-only property.
Unable to write read-only property.
Unable to load mail system support.
Mail system DLL is invalid.
Send Mail failed to send message.
No error occurred.
An unknown error occurred while accessing %1.
%1 was not found.
%1 contains an invalid path.
%1 could not be opened because there are too many open files.
Access to %1 was denied.
An invalid file handle was associated with %1.
%1 could not be removed because it is the current directory.
%1 could not be created because the directory is full.
Seek failed on %1
A hardware I/O error was reported while accessing %1.
A sharing violation occurred while accessing %1.
A locking violation occurred while accessing %1.
Disk full while accessing %1.
An attempt was made to access %1 past its end.
No error occurred.
An unknown error occurred while accessing %1.
An attempt was made to write to the reading %1.
An attempt was made to access %1 past its end.
An attempt was made to read from the writing %1.
%1 has a bad format.
%1 contained an unexpected object.
%1 contains an incorrect schema.
pixels

Version Info

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xb9d723c6`
Unmarked objects	`0`
12 (7291)	`6`
C objects (VS98 build 8168)	`162`
14 (7299)	`39`
C objects (8799)	`1`
Linker (VC++ 6.0 SP5 imp/exp build 8447)	`88`
Unmarked objects (#2)	`5`
C objects (8830)	`1`
19 (8034)	`16`
C++ objects (8830)	`58`
Total imports	`210`
37 (8755)	`14`
C++ objects (VS98 build 8168)	`270`
Resource objects (VS98 cvtres build 1720)	`1`
Linker (VS98 build 8168)	`1`

Errors

[*] Warning: Multiple nodes using the name Version Info in a dictionary.

Leave a comment

No comments yet.