de70f0deed893bba56ccb78eafd59606

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2020-Jun-20 13:39:22
Detected languages English - United States
Debug artifacts Set-up.pdb
CompanyName Adobe Inc.
FileDescription Adobe Installer
FileVersion 5.2.0.436
InternalName Adobe Installer
LegalCopyright © 2020 Adobe. All rights reserved.
OriginalFilename Adobe Installer
ProductName Adobe Installer
ProductVersion 5.2.0.436

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ 6.0 - 8.0
MASM/TASM - sig2(h)
Suspicious Strings found in the binary may indicate undesirable behavior: Looks for Qemu presence:
  • QEmU
  • QemU
 Miscellaneous malware strings:
  • virus
 Contains domain names:
  • JQ525L2MZD.com
  • accelerate.amazonaws.com
  • accounts.adobe.com
  • adminconsole.adobe.com
  • adobe.com
  • amazonaws.com
  • ccm.oobesaas.adobe.com
  • ccmdl.adobe.com
  • cdn-ffc.oobesaas.adobe.com
  • cdn-qe-ffc.oobesaas.adobe.com
  • cdn-stg-ffc.oobesaas.adobe.com
  • corp.adobe.com
  • customized-user-packages.s3-accelerate.amazonaws.com
  • customized-user-packages.s3.amazonaws.com
  • dev.corp.adobe.com
  • ffc-ccm.oobesaas.adobe.com
  • ffc-files.corp.adobe.com
  • ffc.oobesaas.adobe.com
  • files.corp.adobe.com
  • helpx.adobe.com
  • http://typekit.com
  • http://www.adobe.com
  • http://www.adobe.com/go/apps_install_hdesd_error
  • http://www.adobe.com/go/apps_install_hdesd_error_br
  • http://www.adobe.com/go/apps_install_hdesd_error_cn
  • http://www.adobe.com/go/apps_install_hdesd_error_cz
  • http://www.adobe.com/go/apps_install_hdesd_error_de
  • http://www.adobe.com/go/apps_install_hdesd_error_dk
  • http://www.adobe.com/go/apps_install_hdesd_error_es
  • http://www.adobe.com/go/apps_install_hdesd_error_fi
  • http://www.adobe.com/go/apps_install_hdesd_error_fr
  • http://www.adobe.com/go/apps_install_hdesd_error_it
  • http://www.adobe.com/go/apps_install_hdesd_error_jp
  • http://www.adobe.com/go/apps_install_hdesd_error_kr
  • http://www.adobe.com/go/apps_install_hdesd_error_nl
  • http://www.adobe.com/go/apps_install_hdesd_error_no
  • http://www.adobe.com/go/apps_install_hdesd_error_pl
  • http://www.adobe.com/go/apps_install_hdesd_error_ru
  • http://www.adobe.com/go/apps_install_hdesd_error_se
  • http://www.adobe.com/go/apps_install_hdesd_error_tr
  • http://www.adobe.com/go/apps_install_hdesd_error_tw
  • http://www.adobe.com/go/conflicting_process_hdesd
  • http://www.adobe.com/go/conflicting_process_hdesd_br
  • http://www.adobe.com/go/conflicting_process_hdesd_cn
  • http://www.adobe.com/go/conflicting_process_hdesd_cz
  • http://www.adobe.com/go/conflicting_process_hdesd_de
  • http://www.adobe.com/go/conflicting_process_hdesd_dk
  • http://www.adobe.com/go/conflicting_process_hdesd_es
  • http://www.adobe.com/go/conflicting_process_hdesd_fi
  • http://www.adobe.com/go/conflicting_process_hdesd_fr
  • http://www.adobe.com/go/conflicting_process_hdesd_it
  • http://www.adobe.com/go/conflicting_process_hdesd_jp
  • http://www.adobe.com/go/conflicting_process_hdesd_kr
  • http://www.adobe.com/go/conflicting_process_hdesd_nl
  • http://www.adobe.com/go/conflicting_process_hdesd_no
  • http://www.adobe.com/go/conflicting_process_hdesd_pl
  • http://www.adobe.com/go/conflicting_process_hdesd_ru
  • http://www.adobe.com/go/conflicting_process_hdesd_se
  • http://www.adobe.com/go/conflicting_process_hdesd_tr
  • http://www.adobe.com/go/conflicting_process_hdesd_tw
  • http://www.adobe.com/go/cust_support
  • http://www.adobe.com/go/cust_support_br
  • http://www.adobe.com/go/cust_support_cn
  • http://www.adobe.com/go/cust_support_cz
  • http://www.adobe.com/go/cust_support_de
  • http://www.adobe.com/go/cust_support_dk
  • http://www.adobe.com/go/cust_support_es
  • http://www.adobe.com/go/cust_support_fi
  • http://www.adobe.com/go/cust_support_fr
  • http://www.adobe.com/go/cust_support_it
  • http://www.adobe.com/go/cust_support_jp
  • http://www.adobe.com/go/cust_support_kr
  • http://www.adobe.com/go/cust_support_nl
  • http://www.adobe.com/go/cust_support_no
  • http://www.adobe.com/go/cust_support_pl
  • http://www.adobe.com/go/cust_support_ru
  • http://www.adobe.com/go/cust_support_se
  • http://www.adobe.com/go/cust_support_tr
  • http://www.adobe.com/go/cust_support_tw
  • http://www.adobe.com/go/system_requirements_hdesd
  • http://www.adobe.com/go/system_requirements_hdesd_br
  • http://www.adobe.com/go/system_requirements_hdesd_cn
  • http://www.adobe.com/go/system_requirements_hdesd_cz
  • http://www.adobe.com/go/system_requirements_hdesd_de
  • http://www.adobe.com/go/system_requirements_hdesd_dk
  • http://www.adobe.com/go/system_requirements_hdesd_es
  • http://www.adobe.com/go/system_requirements_hdesd_fi
  • http://www.adobe.com/go/system_requirements_hdesd_fr
  • http://www.adobe.com/go/system_requirements_hdesd_it
  • http://www.adobe.com/go/system_requirements_hdesd_jp
  • http://www.adobe.com/go/system_requirements_hdesd_kr
  • http://www.adobe.com/go/system_requirements_hdesd_nl
  • http://www.adobe.com/go/system_requirements_hdesd_no
  • http://www.adobe.com/go/system_requirements_hdesd_pl
  • http://www.adobe.com/go/system_requirements_hdesd_ru
  • http://www.adobe.com/go/system_requirements_hdesd_se
  • http://www.adobe.com/go/system_requirements_hdesd_tr
  • http://www.adobe.com/go/system_requirements_hdesd_tw
  • http://www.adobe.com/products/eulas/tou_typekit.
  • http://www.w3.org
  • http://www.w3.org/1999/xlink
  • http://www.w3.org/2000/svg
  • http://www.winimage.com
  • http://www.winimage.com/zLibDll
  • https://127.0.0.1
  • https://accounts.adobe.com
  • https://accounts.adobe.com/security/privacy
  • https://adminconsole.adobe.com
  • https://cdn-ffc.oobesaas.adobe.com
  • https://cdn-ffc.oobesaas.adobe.com/core/v1/update/description
  • https://cdn-ffc.oobesaas.adobe.com/core/v1/validation
  • https://cdn-ffc.oobesaas.adobe.com/core/v2/applications
  • https://cdn-ffc.oobesaas.adobe.com/core/v3/applications
  • https://cdn-ffc.oobesaas.adobe.com/core/v4/products/all?
  • https://cdn-qe-ffc.oobesaas.adobe.com
  • https://cdn-stg-ffc.oobesaas.adobe.com
  • https://helpx.adobe.com
  • https://helpx.adobe.com/br/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/cn/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/cz/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/de/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/dk/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/es/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/fi/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/fr/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/it/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/jp/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/kr/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/nl/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/no/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/pl/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/ru/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/se/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/tr/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/tw/x-productkb/global/desktop-app-usage-information-faq.html
  • https://helpx.adobe.com/x-productkb/global/desktop-app-usage-information-faq.html
  • https://oobe.adobe.com
  • https://oobe.adobe.com/
  • https://oobe.adobe.com/type3
  • https://prod-rel-ffc-ccm.oobesaas.adobe.com
  • https://prod-rel-ffc-ccm.oobesaas.adobe.com/adobe-ffc-external
  • https://qa.adminconsole.adobe.com
  • https://qe-prstg-ffc.oobesaas.adobe.com
  • https://qe-prstg-ffc.oobesaas.adobe.com/adobe-ffc-external
  • https://sqe-prstg-ffc.oobesaas.adobe.com
  • https://sqe-prstg-ffc.oobesaas.adobe.com/adobe-ffc-external
  • https://stage.adminconsole.adobe.com
  • https://tron-onesie-dev.corp.adobe.com
  • https://tron-onesie.corp.adobe.com
  • https://tron-prod-customized-user-packages.s3-accelerate.amazonaws.com
  • https://tron-prod-customized-user-packages.s3.amazonaws.com
  • https://tron-qe-user-packages.s3-accelerate.amazonaws.com
  • https://tron-qe-user-packages.s3.amazonaws.com
  • https://trondevuserpackages.s3-accelerate.amazonaws.com
  • https://trondevuserpackages.s3.amazonaws.com
  • https://tronstageuserpackages.s3-accelerate.amazonaws.com
  • https://tronstageuserpackages.s3.amazonaws.com
  • https://www.adobe.com
  • https://www.adobe.com/br/creativecloud/desktop-app.html
  • https://www.adobe.com/creativecloud/desktop-app.html
  • https://www.adobe.com/cz/creativecloud/desktop-app.html
  • https://www.adobe.com/de/creativecloud/desktop-app.html
  • https://www.adobe.com/dk/creativecloud/desktop-app.html
  • https://www.adobe.com/es/creativecloud/desktop-app.html
  • https://www.adobe.com/fi/creativecloud/desktop-app.html
  • https://www.adobe.com/fr/creativecloud/desktop-app.html
  • https://www.adobe.com/go/creative
  • https://www.adobe.com/go/creative_br
  • https://www.adobe.com/go/creative_cn
  • https://www.adobe.com/go/creative_cz
  • https://www.adobe.com/go/creative_de
  • https://www.adobe.com/go/creative_dk
  • https://www.adobe.com/go/creative_es
  • https://www.adobe.com/go/creative_fi
  • https://www.adobe.com/go/creative_fr
  • https://www.adobe.com/go/creative_it
  • https://www.adobe.com/go/creative_jp
  • https://www.adobe.com/go/creative_kr
  • https://www.adobe.com/go/creative_nl
  • https://www.adobe.com/go/creative_no
  • https://www.adobe.com/go/creative_pl
  • https://www.adobe.com/go/creative_ru
  • https://www.adobe.com/go/creative_se
  • https://www.adobe.com/go/creative_tr
  • https://www.adobe.com/go/creative_tw
  • https://www.adobe.com/go/download-packager-utility
  • https://www.adobe.com/go/download-packager-utility_br
  • https://www.adobe.com/go/download-packager-utility_cn
  • https://www.adobe.com/go/download-packager-utility_cz
  • https://www.adobe.com/go/download-packager-utility_de
  • https://www.adobe.com/go/download-packager-utility_dk
  • https://www.adobe.com/go/download-packager-utility_es
  • https://www.adobe.com/go/download-packager-utility_fi
  • https://www.adobe.com/go/download-packager-utility_fr
  • https://www.adobe.com/go/download-packager-utility_it
  • https://www.adobe.com/go/download-packager-utility_jp
  • https://www.adobe.com/go/download-packager-utility_kr
  • https://www.adobe.com/go/download-packager-utility_nl
  • https://www.adobe.com/go/download-packager-utility_no
  • https://www.adobe.com/go/download-packager-utility_pl
  • https://www.adobe.com/go/download-packager-utility_ru
  • https://www.adobe.com/go/download-packager-utility_se
  • https://www.adobe.com/go/download-packager-utility_tr
  • https://www.adobe.com/go/download-packager-utility_tw
  • https://www.adobe.com/it/creativecloud/desktop-app.html
  • https://www.adobe.com/jp/creativecloud/desktop-app.html
  • https://www.adobe.com/kr/creativecloud/desktop-app.html
  • https://www.adobe.com/nl/creativecloud/desktop-app.html
  • https://www.adobe.com/no/creativecloud/desktop-app.html
  • https://www.adobe.com/pl/creativecloud/desktop-app.html
  • https://www.adobe.com/ru/creativecloud/desktop-app.html
  • https://www.adobe.com/se/creativecloud/desktop-app.html
  • https://www.adobe.com/tr/creativecloud/desktop-app.html
  • https://www.adobe.com/tw/creativecloud/desktop-app.html
  • jquery.com
  • jquery.org
  • n.top-r.top
  • onesie-dev.corp.adobe.com
  • onesie.corp.adobe.com
  • oobe.adobe.com
  • oobesaas.adobe.com
  • packages.s3-accelerate.amazonaws.com
  • packages.s3.amazonaws.com
  • prod-customized-user-packages.s3-accelerate.amazonaws.com
  • prod-customized-user-packages.s3.amazonaws.com
  • prod-rel-ffc-ccm.oobesaas.adobe.com
  • prstg-ffc.oobesaas.adobe.com
  • qa.adminconsole.adobe.com
  • qe-ffc.oobesaas.adobe.com
  • qe-prstg-ffc.oobesaas.adobe.com
  • qe-user-packages.s3-accelerate.amazonaws.com
  • qe-user-packages.s3.amazonaws.com
  • rel-ffc-ccm.oobesaas.adobe.com
  • s3-accelerate.amazonaws.com
  • s3.amazonaws.com
  • sqe-prstg-ffc.oobesaas.adobe.com
  • stage-ffc-files.corp.adobe.com
  • stage.adminconsole.adobe.com
  • stg-ffc.oobesaas.adobe.com
  • t.top-s.top
  • top-r.top
  • top-s.top
  • tron-onesie-dev.corp.adobe.com
  • tron-onesie.corp.adobe.com
  • tron-prod-customized-user-packages.s3-accelerate.amazonaws.com
  • tron-prod-customized-user-packages.s3.amazonaws.com
  • tron-qe-user-packages.s3-accelerate.amazonaws.com
  • tron-qe-user-packages.s3.amazonaws.com
  • trondevuserpackages.s3-accelerate.amazonaws.com
  • trondevuserpackages.s3.amazonaws.com
  • tronstageuserpackages.s3-accelerate.amazonaws.com
  • tronstageuserpackages.s3.amazonaws.com
  • typekit.com
  • user-packages.s3-accelerate.amazonaws.com
  • user-packages.s3.amazonaws.com
  • winimage.com
  • www.adobe.com
  • www.w3.org
  • www.winimage.com
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Uses constants related to MD5
Uses constants related to SHA1
Uses constants related to SHA256
Uses constants related to SHA512
Uses known Mersenne Twister constants
Microsoft's Cryptography API
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryW
  • GetProcAddress
  • LoadLibraryA
  • LoadLibraryExA
  • LoadLibraryExW
 Functions which can be used for anti-debugging purposes:
  • CreateToolhelp32Snapshot
  • SwitchToThread
 Can access the registry:
  • SHGetValueW
  • RegFlushKey
  • RegCloseKey
  • RegDeleteKeyExW
  • RegCreateKeyExW
  • RegSetValueExW
  • RegOpenKeyExW
  • RegEnumValueW
  • RegQueryValueExW
 Possibly launches other programs:
  • ShellExecuteW
  • CreateProcessW
 Uses Microsoft's cryptographic API:
  • CryptReleaseContext
  • CryptGetHashParam
  • CryptDestroyHash
  • CryptHashData
  • CryptCreateHash
  • CryptAcquireContextW
  • CryptProtectData
  • CryptUnprotectData
  • CryptStringToBinaryW
  • CryptHashCertificate2
  • CryptImportPublicKeyInfoEx2
 Can create temporary files:
  • CreateFileW
  • GetTempPathW
  • GetTempPathA
  • CreateFileA
 Uses functions commonly found in keyloggers:
  • GetForegroundWindow
  • AttachThreadInput
  • GetAsyncKeyState
 Memory manipulation functions often used by packers:
  • VirtualProtect
  • VirtualAlloc
 Has Internet access capabilities:
  • InternetCanonicalizeUrlW
 Functions related to the privilege level:
  • AdjustTokenPrivileges
  • OpenProcessToken
  • DuplicateTokenEx
 Enumerates local disk drives:
  • GetDriveTypeW
 Manipulates other processes:
  • OpenProcess
  • Process32NextW
  • Process32FirstW
 Changes object ACLs:
  • SetNamedSecurityInfoW
 Can take screenshots:
  • GetDC
  • CreateCompatibleDC
  • BitBlt
 Interacts with the certificate store:
  • CertOpenStore
  • CertAddCertificateContextToStore
Malicious The PE's digital signature is invalid. Signer: Adobe Inc.
Issuer: DigiCert EV Code Signing CA (SHA2)
The file was modified after it was signed.
Safe VirusTotal score: 0/69 (Scanned on 2022-07-11 22:06:24) All the AVs think this file is safe.

Hashes

MD5 de70f0deed893bba56ccb78eafd59606
SHA1 f351b0c2996a3573d36deab9b6b3961876189f71
SHA256 b9a187b59c758ead0022e50bbaae4133d2e37b769a054249afc0b6aa2e26774d
SHA3 c0e7d0114228ecbae0b1febd276010b68bf3cee51dd42de7ebf68af5e4c9c534
SSDeep 98304:6FvXsG/he04LbyzviYHnl0p5585O5jqYCskq1c8kZMoB:wvX//MNL6vvl0p55R5kgoB
Imports Hash 2d9d574b2da6f163f58dae23edb29c9a

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x138

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2020-Jun-20 13:39:22
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x36ac00
SizeOfInitializedData 0x3d9e00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x002C9BEB (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x36c000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.1
ImageVersion 0.0
SubsystemVersion 5.1
Win32VersionValue 0
SizeOfImage 0x749000
SizeOfHeaders 0x400
Checksum 0x74f159
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 dffb0766f5ae83bff433318119dc5f92
SHA1 a3fb2093bc6cfea08f5c84a7f6a1748006d45ba9
SHA256 85a6fe3644f1ceee58d67ed69468555245e82f6199ea5090be53e473072eaf70
SHA3 6d3d410b9fbfb0431576dbfd2eb9e19d07d96bad31a9a4d24dbd50eb7ddf386a
VirtualSize 0x36aa10
VirtualAddress 0x1000
SizeOfRawData 0x36ac00
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.55008

.rdata

MD5 309fb97d07b670247e0c710560630282
SHA1 8e36ce085b32d88eef5cbe583a32c37315bdd6f1
SHA256 b4ab2cef39b892cbd3564f95087fdaeabc114e668a658bc6f2c20c57fdcf5003
SHA3 549e1c87d1e9da2f06bfbc2b51da42eb6af9e99b00317ea80057b5d33b07d6a5
VirtualSize 0xe20a6
VirtualAddress 0x36c000
SizeOfRawData 0xe2200
PointerToRawData 0x36b000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.2973

.data

MD5 95490e210872a1346a418115018f64a1
SHA1 1a8b6c26656119677c07278e22880a727ce9ce06
SHA256 6d6100303bee1a3c61b32c464ebe14c470e3f3e32f90a2418dd1c52355a319fd
SHA3 9042b7c23d178c202345913a395574c133e32737cd53db78872e3a40b7ab5bdd
VirtualSize 0x2804c
VirtualAddress 0x44f000
SizeOfRawData 0x21c00
PointerToRawData 0x44d200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 2.61541

.rsrc

MD5 a77037f96b83e153de60fbac994dbe7f
SHA1 3e8c7eeddc56b3d327406e034b8296008c2c0022
SHA256 78174e9e3a1e85264bacfb6f7bf0d149a3125b4bdbb28460e139ee2136a67bd0
SHA3 9a6289904ea433796a78505b9b73114dfc0f2f47f721c636128e3bd4390c44fc
VirtualSize 0x29e4c8
VirtualAddress 0x478000
SizeOfRawData 0x29e600
PointerToRawData 0x46ee00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.46996

.reloc

MD5 df4525eb3d96139a9a1c6de23f1bcbb1
SHA1 e46f4cbea77d9eabdf61add56dedc5e84784b499
SHA256 295d88a3a01d508be3645908f4c3cd8f3de3f81ab82b0cf887ea68f2feb8dee1
SHA3 34175e2accf97ad71559faea9143119c5c8d819d814c44da335db6e606cd5f50
VirtualSize 0x313b8
VirtualAddress 0x717000
SizeOfRawData 0x31400
PointerToRawData 0x70d400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 6.66682

Imports

COMCTL32.dll InitCommonControlsEx
SHLWAPI.dll PathRemoveBackslashW
PathIsNetworkPathW
PathIsUNCW
PathStripPathW
UrlIsW
SHGetValueW
UrlEscapeW
PathFindFileNameW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW
PathAppendW
PathIsDirectoryW
PathRenameExtensionW
PathIsSystemFolderW
PathFileExistsA
PathIsRelativeW
PathIsRootW
PathAddBackslashW
PathStripToRootW
SHELL32.dll SHGetKnownFolderPath
#51
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderLocation
SHCreateDirectoryExW
SHGetSpecialFolderPathW
#680
SHGetMalloc
SHGetFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW
CommandLineToArgvW
SHBrowseForFolderW
KERNEL32.dll FindNextFileW
WaitForMultipleObjects
CreateFileW
CreateEventW
SetEvent
ResetEvent
GetOverlappedResult
ReadDirectoryChangesW
MultiByteToWideChar
WideCharToMultiByte
GetFileSizeEx
FindClose
GetFileAttributesW
SetFileAttributesW
DeleteFileW
GetLocalTime
GetTimeFormatW
GetDateFormatW
GetCurrentProcess
DeviceIoControl
GetTempPathW
GetVersionExW
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
RaiseException
LoadLibraryW
GetProcAddress
CreateProcessW
GetModuleHandleW
FreeLibrary
InitializeCriticalSectionEx
DecodePointer
MulDiv
GetModuleFileNameW
TerminateProcess
RemoveDirectoryW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CopyFileW
GetExitCodeProcess
ReadFile
SetLastError
lstrlenW
LocalAlloc
GetDiskFreeSpaceExW
GetCurrentDirectoryW
SetCurrentDirectoryW
MoveFileExW
GetFileSize
lstrcpyW
lstrcmpiW
lstrcmpW
GetDriveTypeW
GetFullPathNameW
HeapSize
HeapReAlloc
HeapDestroy
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemDirectoryW
SetDllDirectoryW
GetStdHandle
AttachConsole
FreeConsole
GetConsoleWindow
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
LeaveCriticalSection
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
CreateFileMappingA
LockFileEx
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalFree
VerSetConditionMask
FindFirstFileW
GetUserDefaultLCID
LCMapStringW
DuplicateHandle
ProcessIdToSessionId
TerminateThread
CreateThread
FindResourceExW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultUILanguage
SetNamedPipeHandleState
CreateNamedPipeW
ConnectNamedPipe
CreateDirectoryW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
ReleaseSemaphore
OpenSemaphoreW
CreateSemaphoreW
GetTimeZoneInformation
QueryPerformanceFrequency
GetCurrentThread
SetFilePointerEx
ResumeThread
EnterCriticalSection
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
CompareStringW
GetCPInfo
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeW
SwitchToThread
GetModuleHandleExW
QueueUserWorkItem
IsProcessorFeaturePresent
LoadLibraryExA
VirtualQuery
VirtualProtect
GetCurrentProcessId
GetCurrentThreadId
OpenMutexW
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetProcessHeap
HeapAlloc
HeapFree
LocalFree
GetLastError
FormatMessageW
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
VirtualAlloc
VirtualFree
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
FreeLibraryAndExitThread
DeleteCriticalSection
GetModuleHandleA
LoadLibraryExW
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
SetStdHandle
WriteConsoleW
ExitProcess
GetConsoleCP
GetConsoleMode
IsValidLocale
EnumSystemLocalesW
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetACP
VerifyVersionInfoW
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSection
SetEnvironmentVariableW
GetFullPathNameA
USER32.dll CharNextW
BringWindowToTop
TranslateAcceleratorW
GetClassNameW
SetCapture
GetDlgItem
GetParent
RegisterWindowMessageW
GetForegroundWindow
GetSysColor
AttachThreadInput
IsChild
DestroyAcceleratorTable
ClientToScreen
RedrawWindow
InvalidateRgn
IsWindow
SetWindowTextW
ScreenToClient
FillRect
GetFocus
GetWindow
ReleaseCapture
SetForegroundWindow
InvalidateRect
IsIconic
BeginPaint
EndPaint
GetWindowTextW
GetSystemMetrics
GetWindowLongW
GetMessageW
DefWindowProcW
CreateAcceleratorTableW
DestroyWindow
SetWindowPos
CreateWindowExW
SendMessageW
MoveWindow
SetFocus
CallWindowProcW
GetWindowTextLengthW
GetWindowThreadProcessId
wsprintfW
PostThreadMessageW
RegisterClassExW
GetActiveWindow
DispatchMessageW
TranslateMessage
LoadCursorW
SetWindowLongW
PostQuitMessage
GetDesktopWindow
GetClassInfoExW
GetDC
MessageBoxW
ShowWindow
GetAsyncKeyState
ReleaseDC
PostMessageW
UnregisterClassW
GetClientRect
EnumWindows
GetShellWindow
AllowSetForegroundWindow
LoadImageW
SystemParametersInfoW
EnableMenuItem
LoadIconW
GetSystemMenu
GetClassLongW
AppendMenuW
SetClassLongW
GetWindowRect
GDI32.dll CreateCompatibleDC
GetStockObject
GetDeviceCaps
GetObjectW
DeleteObject
CreateSolidBrush
DeleteDC
SelectObject
CreateCompatibleBitmap
BitBlt
ADVAPI32.dll LookupAccountSidW
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
CreateWellKnownSid
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegFlushKey
RegCloseKey
RegDeleteKeyExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
EqualSid
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
DuplicateTokenEx
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegQueryValueExW
CredDeleteW
CredFree
CredEnumerateW
CredReadW
CredWriteW
GetUserNameW
GetTokenInformation
ole32.dll CoCreateGuid
CoAddRefServerProcess
OleRun
CoUninitialize
CoInitialize
CLSIDFromString
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
StringFromGUID2
OleInitialize
OleUninitialize
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
CoReleaseServerProcess
OLEAUT32.dll VariantChangeType
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
SysAllocString
OleCreateFontIndirect
LoadTypeLib
LoadRegTypeLib
SysAllocStringByteLen
VariantCopy
SysStringByteLen
DispCallFunc
GetErrorInfo
VariantClear
bcrypt.dll BCryptCloseAlgorithmProvider
BCryptVerifySignature
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptDecrypt
BCryptDestroyKey
BCryptEncrypt
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptCreateHash
BCryptHashData
BCryptFinishHash
BCryptGetProperty
CRYPT32.dll CertGetNameStringW
CertGetIssuerCertificateFromStore
CryptProtectData
CryptUnprotectData
CryptStringToBinaryW
CertOpenStore
CertFindCertificateInStore
CertFreeCertificateContext
CertCreateCertificateContext
CryptHashCertificate2
CryptImportPublicKeyInfoEx2
CertCloseStore
CertAddCertificateContextToStore
CertVerifySubjectCertificateContext
Secur32.dll GetUserNameExW
WINTRUST.dll WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperGetProvSignerFromChain
WININET.dll (delay-loaded) InternetCanonicalizeUrlW

Delayed Imports

Attributes 0x1
Name WININET.dll
ModuleHandle 0x470ab0
DelayImportAddressTable 0x470a84
DelayImportNameTable 0x44b3d8
BoundDelayImportTable 0x44b684
UnloadDelayImportTable 0
TimeStamp 1970-Jan-01 00:00:00

104

Type CSS
Language English - United States
Codepage UNKNOWN
Size 0x4126
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.07844
MD5 ee23e36c90c9fccd530504285d371ac3
SHA1 7a4e24d18ec723d38cd922e3845ff290f0299e15
SHA256 32616e0764c80efb4607a0dccfec7cf7862886c4ae80e6405dc3cc5c62cd0f82
SHA3 1ecb0ffcc01ce284f032a28c139d6705ad7f1668191756364a90e7751688f91d

106

Type CSS
Language English - United States
Codepage UNKNOWN
Size 0xaf895
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.00713
MD5 4f3364af3e396f92a8826532bfb1a7e5
SHA1 7f7b613435ece78a358f2066287c2f2c3c6aa168
SHA256 45b9b77499356527e9047256db96a542a720bf075d67e9f6ba55d51fd562339e
SHA3 9b3b08caccd4a53ed1199b2255e0cf52124c837f6ea22bd76bbcecdc3013db2c

153

Type CSS
Language English - United States
Codepage UNKNOWN
Size 0x43d5
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.93938
MD5 edacde36ff06bd26f1907ae092eac998
SHA1 c25e9052ee5b28ec28e2eceee40217302bf2caae
SHA256 257634b6fa84dce998b31d6497330f0a0661efbd270f58289fbe026ed95b6f2c
SHA3 c10f06708b8dd6772b2026aca86729f4d350c32e26b312349b057c1cd4ceab3a

161

Type CSS
Language English - United States
Codepage UNKNOWN
Size 0xa12
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.93153
MD5 1265d497504870d225452b3309b0e06b
SHA1 29a3b783e6f2f2cd3f6d08833b83c7848f8e3450
SHA256 4273a5d4ef990dead6cabe760c27b25f7fcf8a51177f1b31813ad8866a565330
SHA3 890b6622f9d83f9dd0bee5e9312cc6788c759803057d24ab70aee67fde7ff4d0

130

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12240
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.41667
MD5 c693e1bd4feda683ae5c71f2bd6b9de8
SHA1 2f3c32dbb95623c52ebf3b608074afdfbcbf050a
SHA256 5dffe13d4c72f59dbc6f8efb439350518acd4e8e07efa124973cfd1a625f60d4
SHA3 0ed0a9b0ff80ad9e6263b2fb772856b3b16dad36a9c7ec278891c072f20219c7

131

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x149dc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44277
MD5 de6ad36da9ce74f5acd9a8d9f100ae03
SHA1 35b6a82e664e3cf1155e04cfbe41af9b8ea954e3
SHA256 57203d2280f961cfc9286118ad2e869caba425b4a301687c2c4564fdb2ce7a97
SHA3 d9ff84d5552166cecd3fe2a1d7245feece4b9eac3ed0533846cbaa63581078d8

132

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x13e56
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44646
MD5 4a623550bcc7ce7fda3a49865a940c1f
SHA1 f15200c4728a6f73d4200c32b65ccd34c5a7c58b
SHA256 acdf380fc08961243e9427d963cfa81f95c25ecd140ead9cd262d531b082ff89
SHA3 f84c9ca436323c3b844affe82dfd8a03dfccdbb06f31a1e7b68f84f9ce7dfef7

133

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0xf0c8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.4524
MD5 a224d7059605d2fc80f500e8bc811353
SHA1 c168ba82f08eb29afe8b9679d3ffe05132068516
SHA256 1abda5ce05629bf052af2713fc749e5f4895ed315f577bcabb840159ab99c9f7
SHA3 b26aa308bb51c355bd7ca22cb10146c16e1cefa24e465a0e5e8793cb9f532642

134

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x13976
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.40641
MD5 1fa222d4e2c4f1c5004a04642607bd3f
SHA1 50427eba86cd90fa236a40806c76c4f4b4652c72
SHA256 256f87de5c08f8ae71927aed204a91e43da5b306758642c3ef57d8c7bc9aefd2
SHA3 433b3a5ea4ed81e19b410043e681f66f4143f3f4217dffd21cb209970a158569

135

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12c94
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.43668
MD5 226be0d23b22ca7d5fe7e9fd46ba725e
SHA1 5749bb0b4e6c7ecc53d859953a3a79b88c86c288
SHA256 5e6900b57e649d7d3018d7e7333076e1ea81b1d52cb178b0b00acf640c153531
SHA3 919b7ff803df870830a8a76f675380e215371f647ef8ec730b5f29d97ab679bf

136

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0xee7c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.42
MD5 fc4958aee8f92955054e0a6d5420a1ea
SHA1 8fe12f4298997e5302d8175171ea54394f223151
SHA256 15c3f1eba21ff69bc63a891cadf79d3c222b16a3c664cf8d993096b4dca0ccda
SHA3 6864d0d44fd57213cdf5b5c1b93e2f6601c566b71e294111fa927718180673ba

137

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x1347e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.41334
MD5 41a7b92ea3beb3343459daba3c986afc
SHA1 8bee4e0745762c08fb6a1d2431ad88494eb5e41e
SHA256 5d4d0d4a3998ccf8d5d001e8a1d3507a1844005ab60a5e3e14052c9c599d4eb8
SHA3 63ff9b3ab542419828e7bd9584a4c62629736ce18f04ea53e8aeab69ecf9087b

138

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0xd488
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.31819
MD5 7b16aa9d22d4bde82fb6738ca0f2101b
SHA1 d8c27a0dbae7613ccc1fa4156216ae7b3308a6d3
SHA256 8dce8a5c2ec2b9fe85c92c94e6f2f5e2cbe4b81303fef7a9960aa48c70923ef5
SHA3 bd8d4d9528cde4d85f1099049403ddf74a7969de5cd23cb268f2d89fe6c277bd

139

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0xd5ea
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.34886
MD5 a2cd388831739d4cf196e55ab7a47ba6
SHA1 9a9b8e2ff59bc9daa8eb5e442f9751cc0ace754a
SHA256 ad4a9dd753f4f7f94d09fd6bbd7baf73c5cf42d1e884a9f376a5442cff25b4d1
SHA3 906d04557cea37c71d38fd54c14398b12d85eec8c9dcb13330886e2dbb545c32

140

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x132ae
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.4161
MD5 87beca7210b95feb35a13faa0b718247
SHA1 903d1954fcb131bb7d440070c0f8ed52c5d32bdc
SHA256 5ec4a2f57b898659916497a4bba99321b60b342f3cf949326b33542527260998
SHA3 56cf876f9377f729311a16567ded459b4ad1716935610347ebbbedf40f14aaca

141

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12650
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44679
MD5 89eb53210f3a660e70e46272958d3101
SHA1 507fa9e541ab7063a684d7cfc316f810a95259ad
SHA256 c48b92d64dca15554d54ecc8d3103090a501a95b820510fbf230c709ce04eee2
SHA3 980f22e9c9d5913ea5fb44848fc341866f67934065979ce79ad44e9ed737e54c

142

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12b1e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.59838
MD5 12c074c451f31b9ed925b2252d182d21
SHA1 f41a1e064f10e5cb963fd0ce21d225b274be1549
SHA256 6cd291164b97ed87eb9716b0d9c1addc0b922b8cce6394ceac449e1a1d72e299
SHA3 887dce098008beb7cfc370a15ce1bc2630a54b2fdce0034f4814bac531ed00e5

143

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x130d8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.58377
MD5 280904291cdd806c249d03ddc31e8b89
SHA1 6ae28972a443faa2db43006cf9f240557096cb8f
SHA256 cbc14e8afc6aec9a35be38a9f0a28de13baf7d592bcbb01e2e93926703d26ff0
SHA3 574b0129a8fdc4edd1007b8adb23709d70885ac1e2492dbd00edf92e19ecf56b

144

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12df8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.16944
MD5 a3a45e0c196509e3678e5811442e80f0
SHA1 414ac4cd1f26a1c0c00720d9bdbf84a3691cf974
SHA256 493ee15fa6be9212c3492949da20e7e7e2081737f4e57b79cc74959ced55ccb3
SHA3 1406efc011d164f2f6abbc404f9430e4698154dbb75c5ec5afc73cf92b15570e

145

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x128e6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.58286
MD5 32e9b912cf2aa362c4817dda529f0095
SHA1 fb9fcb503b0a7328fa47cf74fbfb50af00aa30ce
SHA256 d91877d3610a1d36f953c47daa179c269f397f6dde1cc950ab1c7a3380a39858
SHA3 b6959219b6ae8d14ed48af3c3700aeec6109e80e2443b756f86852306798e813

146

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12994
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.43696
MD5 04f7e8a19ad5214283a2e66d4df8b53e
SHA1 fb0a3bf8186d9d6bd8acd86f1af9fa7fba558e10
SHA256 214d028deb319a5f97b0db1588170f3acc5ce5517aa7ed9cab34bd783e67dc5b
SHA3 16a2f1f41e56f707b3a5f5ce8fe60a244b58dc6b29caa0312dbe31fba8267ed3

147

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x128d4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.43422
MD5 24b7da18e16b19e086ea302fdd4fb22c
SHA1 f5610fe7857c946d63d19dcb9e68fcc516dcc66c
SHA256 d090326a593e4ba17b9d98457040a31e563013d7bb26b9c763dca409fdf8a0ec
SHA3 358a1ac0b52893781e8efa11c0dd69298c117612f7492a94e06d538f4cbeae1e

148

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x12b20
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.4346
MD5 31f81ede740b1a363a735bf823e8dcbc
SHA1 edd383dd380f9adc269308d9e356b1b45d6e35e0
SHA256 d2fa7289639491a5143dd2f7c35e6e8ba99d18ee6ce4175987c4fced07e54ed9
SHA3 6a3dbe8bb0457bd01075b25d0cec9fb5e4efbadeb6062311df8501a35f7ac728

149

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x13976
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.40641
MD5 1fa222d4e2c4f1c5004a04642607bd3f
SHA1 50427eba86cd90fa236a40806c76c4f4b4652c72
SHA256 256f87de5c08f8ae71927aed204a91e43da5b306758642c3ef57d8c7bc9aefd2
SHA3 433b3a5ea4ed81e19b410043e681f66f4143f3f4217dffd21cb209970a158569

150

Type DICTIONARY
Language English - United States
Codepage UNKNOWN
Size 0x13e56
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.44646
MD5 4a623550bcc7ce7fda3a49865a940c1f
SHA1 f15200c4728a6f73d4200c32b65ccd34c5a7c58b
SHA256 acdf380fc08961243e9427d963cfa81f95c25ecd140ead9cd262d531b082ff89
SHA3 f84c9ca436323c3b844affe82dfd8a03dfccdbb06f31a1e7b68f84f9ce7dfef7

110

Type GIF
Language English - United States
Codepage UNKNOWN
Size 0x2b
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03149
Detected Filetype GIF graphic file
MD5 325472601571f31e1bf00674c368d335
SHA1 2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
SHA256 b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
SHA3 afacd2b83f042f49e137cdd6d628d4da182929428180855ed51136a8479f5ea3

127

Type GIF
Language English - United States
Codepage UNKNOWN
Size 0x4b1a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.80744
Detected Filetype GIF graphic file
MD5 7699a4c54b1f5515a64e93fe3f801321
SHA1 2e51f7e1a331d921eaf15bd7dc9721a742984d47
SHA256 9146e2390273ac868609dac1be7f1a0458b7d4f7ecdfe1eaec107b3211f33aa2
SHA3 a80cbe5dba69ca119a4eba793244fa4761114cddf68950c5d8997d4cfcdf714c

128

Type GIF
Language English - United States
Codepage UNKNOWN
Size 0xe622
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.90998
Detected Filetype GIF graphic file
MD5 f5dad4bc08409591d0420aaa18a044ea
SHA1 f497cd492156d0c8c056d9d0dee1f47ee7f012c6
SHA256 2b3ae69a0e9301661be037690ac9682f898e288b70ca40acbfbd0e3c3cb43bc0
SHA3 d376a236b12953459893fe6eef1847b45de0d081edc3901e26aefdbcfcbe6972

103

Type JS
Language English - United States
Codepage UNKNOWN
Size 0xea25
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.02855
MD5 a8f9eb478c7512c98ca1ad46dbcc298a
SHA1 454226dc42b911caafc9a1e56d8ad0000bbb7643
SHA256 1df6cbdc80c1df47d93d6e7516a2d7017362413a6b9d93634e143856695c3645
SHA3 a1e7f4cfbb12be517e571f35dd8df6c3fc397360e710744d1205ee0d63cb3fe3

107

Type JS
Language English - United States
Codepage UNKNOWN
Size 0x16dc5
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.293
MD5 e1288116312e4728f98923c79b034b67
SHA1 8b6babff47b8a9793f37036fd1b1a3ad41d38423
SHA256 ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
SHA3 e1b6e1b3ae5e3a3ac93bb9c9da498fee7d29f426ef3f03792bd906092d74bb4e

108

Type JS
Language English - United States
Codepage UNKNOWN
Size 0x3984
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.01521
MD5 ab3adf4aff09a1c562a29db05795c8ab
SHA1 f6c3f470aea0678945cb889f518a0e9a5ce44342
SHA256 d05e193674c6fc31de0503cbc0b152600f22689ad7ad72adb35fcc7c25d4b01b
SHA3 8227f7310b58a15213072a11b8d3ae3369397ffc69e8d886e61e2d67bbdc6cc5

109

Type JS
Language English - United States
Codepage UNKNOWN
Size 0xe7a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.00095
MD5 e13f16e89fff39422bbb2cb08a015d30
SHA1 e7cacaf84f53997dd096afd1c5f350fd3e7c6ce9
SHA256 24320add10244d1834052c7e75b853aa2d164601c9d09220a9f9ac1f0ae44afe
SHA3 f8f8cb9fe62508d7100c5a2370223b5910e57a8f5da179f216ef0e3d522ca9d2

152

Type JS
Language English - United States
Codepage UNKNOWN
Size 0x938a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.99644
MD5 d5e6dacf9aa3069e9241780cbc82d50d
SHA1 1b510f2e06b363b4b138afc409a811254f976dca
SHA256 4c3f64961a872731185c0db4d155c9db73f7885ec4596f15098857c5e1fe91f4
SHA3 a83bd288ca81db0233dbbb50123d20c55fa7aa3f8d3482c5d546437932ec0ba7

163

Type JS
Language English - United States
Codepage UNKNOWN
Size 0xa48
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.12624
MD5 d98f70ffd105672292755a37f173c2ec
SHA1 c0154add295ac052f234a0282a62b704cdd01998
SHA256 257a42f797f140667c81930001e73943bfc243d50bcc775f75d0334a2d2cf2c3
SHA3 5668cb9f75228a4931af663a5136a7e62e3c109a2495ea630288e93627b60b27

111

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x9f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.90522
Detected Filetype PNG graphic file
MD5 c798f5f4b98fd335a77e600ce21e32dc
SHA1 3db71eb6d87c8a4fcc6fded25d420cf7ea79231d
SHA256 9b249680adc23b858b08a62ea83fd8373e3480ff6f9120195314897c6e5f2cea
SHA3 80a7403eebbf2998d93bc7f883d8af5ff7115226427056c2780b08357986d71a

112

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x1ac2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.94668
Detected Filetype PNG graphic file
MD5 2ef18565aa93c7a0cb24a4852aba0911
SHA1 0cf3ae591cdd4ebf985454bcd99872d86791eccf
SHA256 6db5d7eb5148243202715c337ec751b8816c0e689fff4a97e57cd47fb283d92c
SHA3 8ecdfc154c5890d29a6982933c3289be5e52cacdcdbf3fa8a39f79709cba5532

113

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x226
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.4944
Detected Filetype PNG graphic file
MD5 8d2c84506f3f48a810eb7232dc000d6f
SHA1 f4a238c1f7c02c7c907368b939efba7512c6be5a
SHA256 c4620bc8b293dd89db628d2002ef9fe02055e2d1cff1f07e18a3e2e4942ab7f1
SHA3 cb22a78f6154f6ab8eb76dfa2d49e6fbed30d0e230c6dfcbd24c0c27e980751d

114

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x42c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.7621
Detected Filetype PNG graphic file
MD5 8f59e78c9d29fe27d2461e3694ca19da
SHA1 4215e6467068ebda3a7657f45933c8e3a6b8848d
SHA256 9e7705ea53ca1437f73e64b58d434ebd653dfbdf39898eb551bd637701cb357d
SHA3 d7e2b3911f929165b74c9f86f61e1c4a3fbfc6f59ab88ec902411055142bfcf4

115

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x127
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.0091
Detected Filetype PNG graphic file
MD5 7ae9fb845b9137ef10002fe9d0f5c643
SHA1 9f3fa2b29b1b40e1b6794e5d624524de297a8b59
SHA256 e9e5fc264337bf6845b2cf2720ddcde8936cb120328087917bf94c5911edd74a
SHA3 bdf59cbc940280f6de26d3cb8333a76ebb05d9fe8b6db6a1363e2c126680f65c

116

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x213
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.42559
Detected Filetype PNG graphic file
MD5 1b46e3cd914d5e0a8647eb648e3969cf
SHA1 37a8f941f9d5717cb7108f976f9e16438afe24f4
SHA256 4d9aea82fa1e55f787fcacb17c893a7ea730ef44bf1e6696f284629b92b210f0
SHA3 769375bd16c06dfebe6f4011b59ad9c657d249c119f39ba77fddc92e6e935b07

119

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x1d2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.3262
Detected Filetype PNG graphic file
MD5 7978536150734ceffaf0720837e8b302
SHA1 7c11361af6e41d00beffaf4ef9e677506b32164d
SHA256 5d10637927b7a623428560eaf18fb8eaf439cd8731199c3b4d251b9846841183
SHA3 cb1d36d9fe251b457f6ce1095d09a0b2d8ad927adce3e4ddeed8cbb1768b6f9a

120

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x3fd
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.70355
Detected Filetype PNG graphic file
MD5 343b161e7996221bfbe4321a62628a29
SHA1 f072095a70ae958572d662958feb1200baea174f
SHA256 6385151b79e3ba406fb11027be016d42a8a0ce9d65012dbfc5d00a4fd5a1fc28
SHA3 78092f0e79709169693b63524e90ebc72fbe40a1f291dc429e99f36ffd03869d

121

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0xa7
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.10146
Detected Filetype PNG graphic file
MD5 d13cecc413374c4ddc22a9edacde8a11
SHA1 981295dd1f713584591716a6e753346b8a89215a
SHA256 b9c9ae215daf1bb5b6692f527375207aedc138891947e5f6c1c6b549c2ebf39a
SHA3 6600e2ff303330f12f991b77c7895f73f8b6792f68e793355924cc544260f72e

122

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0xfc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.68965
Detected Filetype PNG graphic file
MD5 42fb1ea073a33e5da9653529f46f66b0
SHA1 bf1837615c2e9d12c9dcc2869d05d3f0106a9de9
SHA256 d708b7b1c4a46677c4a9b82f81ad79067b9bbb133da43e797bba9679b21ed929
SHA3 963423f4a76e8d551cd796ccaa77222bf7798ad9dccb949d7254788341414d92

123

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x13d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.90778
Detected Filetype PNG graphic file
MD5 9f7974bbcc96f12769c1856045eb7bc7
SHA1 fa0b9b9d709718839ea525ab838260a4e124fb1d
SHA256 e7fcff2549114496e8141f46a7606f740bbadf22c9ad818c40d9ff9b9ea12198
SHA3 00be844f5803151347c86ba7139619cb2be43d7ed575e082a7513ba4aa7cdd0c

124

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x22a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.4941
Detected Filetype PNG graphic file
MD5 5e46e67c30c83f2e9278cc8f658bc74d
SHA1 621a956fd3ebb761469220c2eff56ba8d1149b28
SHA256 5985fe4917d51a2271d6019805313a1c2d48fa6eeb29228c7a19664255920621
SHA3 27d8d3a0f5ca3b38de0de51721cb9d0c5135e562429a9f3988a41dfb6b83ce80

125

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0xe0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.63735
Detected Filetype PNG graphic file
MD5 ee8599707751befddb2b94bc79525c15
SHA1 e118b48e25fe42d933377b03fb5a9a710e1c5caa
SHA256 c1f6844923f7c311d996d81eed6d8e769d52df6d95c898187d92997abbb2770b
SHA3 68b6bcf7d5da39b1e1a9f13c26c7629d7c196ba476b7504e848670c95bdeb95d

126

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x187
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.26639
Detected Filetype PNG graphic file
MD5 4071c682a19e2f47bb65e9aa485b8494
SHA1 222c3ee704f04256c07c341bbad49ecceb4acbd1
SHA256 5352b611b89eec98f0bd9017e420580f58fbe31cfed730d758c63dfbfeff8117
SHA3 9dfb3c7c7b470c99ae689571413a9362a0585862b0e599f5d27fd3faef38d931

154

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0xab5
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.85493
Detected Filetype PNG graphic file
MD5 26e9b0fe7397d9c072da92fcf6951b11
SHA1 4ee24ef82e7ee4fcc980e3caeca90b6e0d99b59f
SHA256 e4c2314a50cf372465c97d955645455ccad1911eed45ff2c2de5a310316ab15e
SHA3 abbaacfff7b25332262067240cae41c8b51f794208d5dfb16838816cad22b930

155

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x28e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.55792
Detected Filetype PNG graphic file
MD5 13b5f5e052334e0ad6d31845fc859e3d
SHA1 b71022382904d194a5d8f5cb3b1d0dd92e254b16
SHA256 87fd64c46642058fb6d7ae4ab2c71ba5df7ce12ffb8b9383edc7bb7a673f0306
SHA3 7c18ab7fa137ee7cebe82b3d14a18cfdc4985621167b70b98ceac49f4d2a6095

156

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x4f1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.71488
Detected Filetype PNG graphic file
MD5 34b670a842dff811281e3e619a0434a5
SHA1 9f239be72c7aece20ae08623260dd660ecb6503c
SHA256 8794d5ae6dbc5264a3592195e6b1e081f74734a950b02a4325b8899b35f78d07
SHA3 50a6f68fc3eb5679ee2610eabf99cd3f2541f85b7a7c09eae96b444e8c85e802

157

Type PNG
Language English - United States
Codepage UNKNOWN
Size 0x16c3
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.92856
Detected Filetype PNG graphic file
MD5 14d2959a1591466fee33784d9cd5ef1e
SHA1 4b69e3889ec3852123c9d47b927c97bf4a3b260f
SHA256 99da78dbe5bd8d904dd16208405b90c3103b4586796cae32539c3baf6fa3c216
SHA3 ab162831ff06decc3158c9a5e5bd815f2685a9bc32bf36a5a7df1e0b35e591b7

158

Type SVG
Language English - United States
Codepage UNKNOWN
Size 0x121
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.11754
MD5 4585f70294e7b625dcd1ea8c585067a5
SHA1 11c92ae523b0c588c5469814b0c3c7778cb3f133
SHA256 7e58a1cce147df03605a92ffda1b88ca26005c09d1eb9ae56f37accdebbfe348
SHA3 fb5634bf33386f084acc059d5657bb4fe50e5edbb842e7e23ece9015cd0b95b0

159

Type SVG
Language English - United States
Codepage UNKNOWN
Size 0x25a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.17012
MD5 3530c5040ac9af92cd0a7d347f764593
SHA1 b815ef3654ec2c677e8f8f68d8527b6d8142b4e9
SHA256 daf26ad61aee6152cf7c0e8f2d3936d0c220de2a3c329e6ce0fcc007cb64ca51
SHA3 ea43e9bf38779c4976d737f0d441a2c92e715f3f29f6c65ae27bb17fb536abe1

160

Type SVG
Language English - United States
Codepage UNKNOWN
Size 0x2ed
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.47618
MD5 e7b1717b9eba236b9c12be7a980b5b40
SHA1 f1baa3f41ffa5dfff320b7e289964cec54f19a99
SHA256 2a48e8db0f3991de1088936f56c583fe615fae4b9e14f4ebe2b33d29138088f3
SHA3 73909a1b2562d86784d58c9051f0a40223a537eb6e5b65898b2fdc261fbd5ef9

162

Type SVG
Language English - United States
Codepage UNKNOWN
Size 0x3be
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.38116
MD5 332816d7725fc31725b678cff1cb6dcc
SHA1 876f938efb86c1bb1733b47ec279335de97576da
SHA256 8b5469642507c00b9130bf7ed17a1e4d221e2a93dfd4d2972163650c4e94d714
SHA3 5156a317aaef915a8c1cd77c79516274bcc157f6ae7638bb143904d90420ca4b

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xa8c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.63008
Detected Filetype PNG graphic file
MD5 51d4520d0056dd78ab6030f864ec38dd
SHA1 3abad058263f068ef1138e7b7f4f1e4f19c3e2bc
SHA256 e7696d6f343d7fce61790194f4cdbae5352802f91dc77abe11df52ff9667b694
SHA3 7ada1217fa1603e2c53a1104d7f0f6f505eb01db6ed4adbbc210549c0de2c076

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.0532
MD5 c86c7954917a522e19993100c1f58b4e
SHA1 d65521b4fcbb0cd5ddf76c935faaae20c8ee36e2
SHA256 9e149fad424d365c899572aa296bf7f0508541cb5a4ad5794fc18e31ac9da756
SHA3 b4a748be55d5e5a9a469985dc7f67bffff924728dd64f6e140d2e7bd71d05d74

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.30056
MD5 e659557bc290ea500fb81a0e201e9aeb
SHA1 9703a758c26e6d9db6ac9211bbcb896e36671614
SHA256 5d788c89a6bb483a45d6419797eb379ac6a19ede3e72757faa260b0c03894523
SHA3 3df8af9e9746238ba20f3ee531243a968694268aea90f8ef464b74c11bd44eb5

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.41941
MD5 c4eb869be735c32ef365cbb40d78b7b2
SHA1 2accdbbcb10eeae85374ce61eefbfb9fcde4d2cb
SHA256 d27e623bf3e84226ae260a8afe0aa2beaffb1eb82fa76611a31c5b8945f41fbd
SHA3 4b0a7e48fc282a6b8167f2b5043ba14551c34fc2d032b5b5fe26dadcd6c33856

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.63697
MD5 e29d96cbe83ff4d632d10de953f7f016
SHA1 5d4bbb1a0127fb0725b4d5e3b5fa064ec4906581
SHA256 fd3e7c56697c473a437e44106bcb3ce6270f37ae480f8fac3e4d1a69ff2dbf04
SHA3 49920c39781ff17440cbdd1903d6c8dc8068c84a1d12f90704c0a7627571bd59

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.9739
MD5 0ff3165a66f0dde7b91977034c7584c2
SHA1 6fe7e5482ec702f275f13617ddbadce6377485ac
SHA256 4093f18b49c4b6b1fe693c6f815860f55e3a124cc2b9897b760d056ee42c4b57
SHA3 86db17ab2d6f00a29b69b08aa7297469393b264fbbc57d3c993ee6ef95a010fa

101

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.8213
Detected Filetype Icon file
MD5 4b784dc80c9a63e0229152169ca0cd19
SHA1 090d4dc9c6f9e84b6ae2593fb83bdd6e9f1df435
SHA256 8b3697e98e4a8ff04c68c3a54f2aedc687ac088b164eec09280675a13f63334b
SHA3 a9e1ce93528e2245f6969a8a3280aa22799afffd7eda755be68493ba3361f9f3

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x2fc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.41199
MD5 715626497f34574a216fdfebd25af70e
SHA1 322d26c5e4081a6ef8c3af917fa7745c1f1b30ec
SHA256 8ffdeabb4aab9bb125083a1b952e5db2d04e3ca0ef970180ee993638caf4dc42
SHA3 2150d5350ba6616916d77d51498c4cd008a79477254175570511d97fbc9e40b8

102

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x22b9
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.39077
MD5 f4b7942d6563727bd614f10da0f38445
SHA1 84f22240f7a5ed1c23b09e8677ac2ac3cd4e26f9
SHA256 e4bedde22ed405d291c746440a824d5f8527fb232e7a6be2ed9a76465d82f8dc
SHA3 b950c56923dd2edba931d47ac21e1ba6e83b66474fbc88d927dc487f7986915e

151

Type RT_HTML
Language English - United States
Codepage UNKNOWN
Size 0x1bc7
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.18569
MD5 60e80c05a9d6aa602626fec33cd99e3c
SHA1 7aeaac92d57fbabe5da2c923eb0ad1bb22e647ab
SHA256 5bd6a4bc514b2e697a0f0e8b7b8c0be0af34a9e1c25a628b286a5cdf8e1837d3
SHA3 ea3afdab437025f274fdd8a6518da5d37eb2490d9921a70c9f676faf9c604987

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x813
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.1674
MD5 02dc00ac1a8debbcbd7922efa6508447
SHA1 cbe08af121822dc0e826f92059e62bd60ece375c
SHA256 f916797f99304665dd1312489b5e6e53b8180dab9b779e8eed6f7fcb9c8fb250
SHA3 0e9307e39489d1c3deabace748864140d23269e5d6fe0f4d718257a8f418053c

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 5.2.0.436
ProductVersion 5.2.0.436
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
FileType VFT_DLL
Language English - United States
CompanyName Adobe Inc.
FileDescription Adobe Installer
FileVersion (#2) 5.2.0.436
InternalName Adobe Installer
LegalCopyright © 2020 Adobe. All rights reserved.
OriginalFilename Adobe Installer
ProductName Adobe Installer
ProductVersion (#2) 5.2.0.436
Resource LangID English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2020-Jun-20 13:39:22
Version 0.0
SizeofData 35
AddressOfRawData 0x4199a0
PointerToRawData 0x4189a0
Referenced File Set-up.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2020-Jun-20 13:39:22
Version 0.0
SizeofData 20
AddressOfRawData 0x4199c4
PointerToRawData 0x4189c4

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2020-Jun-20 13:39:22
Version 0.0
SizeofData 1092
AddressOfRawData 0x4199d8
PointerToRawData 0x4189d8

IMAGE_DEBUG_TYPE_ILTCG

Characteristics 0
TimeDateStamp 2020-Jun-20 13:39:22
Version 0.0
SizeofData 0
AddressOfRawData 0
PointerToRawData 0

TLS Callbacks

StartAddressOfRawData 0x819e2c
EndAddressOfRawData 0x819e34
AddressOfIndex 0x8744fc
AddressOfCallbacks 0x7701f0
SizeOfZeroFill 0
Characteristics IMAGE_SCN_ALIGN_4BYTES
Callbacks (EMPTY)

Load Configuration

Size 0xa4
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x84f060
SEHandlerTable 0x817f50
SEHandlerCount 1684

RICH Header

XOR Key 0x927e7a78
Unmarked objects 0
ASM objects (VS2017 v14.15 compiler 26715) 21
C++ objects (VS2017 v14.15 compiler 26715) 221
199 (41118) 1
C objects (VS2019 Update 2 (16.2) compiler 27905) 19
ASM objects (VS2019 Update 2 (16.2) compiler 27905) 25
C++ objects (VS2019 Update 2 (16.2) compiler 27905) 167
C objects (VS2017 v14.15 compiler 26715) 39
C++ objects (28106) 24
C objects (VS2015 UPD1 build 23506) 1
C++ objects (VS2015 UPD1 build 23506) 8
C objects (CVTCIL) (VS2017 v14.15 compiler 26715) 2
Imports (VS2017 v14.15 compiler 26715) 35
Total imports 565
C++ objects (LTCG) (28106) 331
Resource objects (28106) 1
151 1
Linker (28106) 1

Errors

<-- -->