e87cbd264a2ca9b80cc9883b3e6f3aa9

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2010-Apr-10 12:19:38
Detected languages English - United States
CompanyName Disc Soft Ltd.
FileDescription DAEMON Tools Lite Downloader
FileVersion 1.0.0
InternalName DAEMON Tools Lite Downloader1.0.exe
LegalCopyright Copyright (C) 2000-2015
OriginalFilename DTLiteDownloader.exe
ProductName DAEMON Tools Lite Downloader
ProductVersion 1.0.0

Plugin Output

Suspicious The PE is an NSIS installer Unusual section name found: .ndata
Suspicious The PE contains functions most legitimate programs don't use. [!] The program may be hiding some of its imports:
  • LoadLibraryW
  • GetProcAddress
  • LoadLibraryA
  • LoadLibraryExW
Can access the registry:
  • RegEnumKeyW
  • RegOpenKeyExW
  • RegCloseKey
  • RegDeleteKeyW
  • RegDeleteValueW
  • RegCreateKeyExW
  • RegSetValueExW
  • RegQueryValueExW
  • RegEnumValueW
Possibly launches other programs:
  • CreateProcessW
  • ShellExecuteW
Can create temporary files:
  • GetTempPathW
  • CreateFileW
Manipulates other processes:
  • OpenProcess
Can shut the system down or lock the screen:
  • ExitWindowsEx
Info The PE is digitally signed. Signer: Disc Soft Ltd
Issuer: COMODO RSA Code Signing CA
Safe VirusTotal score: 0/67 (Scanned on 2019-03-02 15:51:19) All the AVs think this file is safe.

Hashes

MD5 e87cbd264a2ca9b80cc9883b3e6f3aa9
SHA1 bb6f202494aa9f2b04b861b90716a9b68b6f56b1
SHA256 7b4166f4d8db8e52e1b15eda450d5480617696d19295e657b6f7939f0f50a794
SHA3 b985e2ff6620d5eb9ed7146c5d3a065e8ba3a8317a74745faeabe998674fc01e
SSDeep 49152:E1JxhDZZLX8FPaOdVk5jSexnScUGCAJuzlUqmcu5dcj:ELv/sFPaOdVy2onx1JbCu5dcj
Imports Hash 9b1688171e53fe150c16c17a7df4d77c

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xe0

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2010-Apr-10 12:19:38
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 9.0
SizeOfCode 0x6800
SizeOfInitializedData 0x74000
SizeOfUninitializedData 0x4200
AddressOfEntryPoint 0x00003415 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x8000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 5.0
ImageVersion 6.0
SubsystemVersion 5.0
Win32VersionValue 0
SizeOfImage 0x1ce000
SizeOfHeaders 0x400
Checksum 0x1a3f9a
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 cb807804553819b70f6e16b8a094d327
SHA1 8e0ec650fc101b2c2e33e4d8b269a6dc9499e8d0
SHA256 d674b70f973771c0350e72498477b9240a4b3e2d6489b05afe00cae642769774
SHA3 a5e6dc762d983a4f73ceac316f5cab8f07d287eeef72a704f0cae07e111726c6
VirtualSize 0x671c
VirtualAddress 0x1000
SizeOfRawData 0x6800
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.50461

.rdata

MD5 161b329b4c70ce4fbd9c1143e738896b
SHA1 e08fa356a7aa0040d1da68b8c9850ce54da2371c
SHA256 a77eb42b295842c84c670ef56bf57f17c08ce14ffca324ee0d3b90eea2b7369f
SHA3 25aa2bfc5c46eac6702538c0193a47f665cd624cc0ed59d8789d6b89af7f4d70
VirtualSize 0x19d6
VirtualAddress 0x8000
SizeOfRawData 0x1a00
PointerToRawData 0x6c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.02684

.data

MD5 140876ba314e7bc36379ee5c6db80876
SHA1 a2ea157dd321d7f51b80aba4e82c27755871d6c0
SHA256 4c2b857f81503b2f51b6632165e5123e9b5f3c0a902ba0f77441a4c9e7d53575
SHA3 0e203e8f560fb03153fe9a7e6d668bb088f3e83df442317869a0b92c226be2c3
VirtualSize 0x7139c
VirtualAddress 0xa000
SizeOfRawData 0x200
PointerToRawData 0x8600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 1.73601

.ndata

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x119000
VirtualAddress 0x7c000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc

MD5 ada8d6b97b047b535d53378e786fee6c
SHA1 222308a13019bb30a756d9161c661734e5d63d9f
SHA256 459a101c0e0b22a3637c36a4ad80453310336a714a55a47fe22875f050616c1b
SHA3 6d67a6c32f333686f86a914c45222d93fb06ff8e4b4b03a68ed59bb663b0362d
VirtualSize 0x38698
VirtualAddress 0x195000
SizeOfRawData 0x38800
PointerToRawData 0x8800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.62901

Imports

KERNEL32.dll SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW
USER32.dll ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow
GDI32.dll SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
SHELL32.dll SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation
ADVAPI32.dll RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
COMCTL32.dll ImageList_AddMasked
ImageList_Destroy
#17
ImageList_Create
ole32.dll CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
VERSION.dll GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Delayed Imports

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.10332
MD5 1bdf905301f99c23a94b938245a69c81
SHA1 aac9e38b7f5f44124905632c6174718f8fea5d46
SHA256 c3268e48f44db9d92df12c1f0ae416542c397cf90869b51bd4a46933daa0fba5
SHA3 57a659683dea97f4a0f75866845669f186183080ac2cbaf782f6e16ad0aae9bb

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x107cc
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.98977
Detected Filetype PNG graphic file
MD5 95cce5b59b9cb0053cbd44e829f26542
SHA1 972f25aeeedd57d93f2438b061a6d6f6ca144586
SHA256 0aa454fbfdd2365df5f9dc501226cd3897cd774242b65c60dfb3b533012dd36a
SHA3 1e0b0d2017ecba6929364f32299c8df14178b61254696f73059e4e45a003f0ba

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4c28
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.74981
MD5 3d70e92c26eb3d1fb8237d4b7a09a543
SHA1 dd083457cac1c74b3409add5322162d721f09a62
SHA256 50c7d147afaf42c078996ea35b056ad6fb076afbaaacb89dc50a4bf1de54e120
SHA3 13bffe4f3a4cb43999d8468c4fea8fabecead1780b253154c2b8b2c2d4d8bc9e

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.23624
MD5 f165270b83599b230d7618fdafdd0d6f
SHA1 5667171c4622a7183004c48e8949811b6a977d41
SHA256 92db2cb28ad4ca37dba5ea30254d04d94148f2e02262e9f2b1107883719623e6
SHA3 10b35a2c0901ee497b012f30da47ac7c74c3fe7c3249e49c500b3e18658dc1d8

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x3821
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.93034
Detected Filetype PNG graphic file
MD5 32fc7bc01b16f7013c1e772c4f1c4f6e
SHA1 59276324af81876bea860cc45a7d92ae0d9f496d
SHA256 ac926aa115090d5e96898300233d9df025d144746c31cb016d1f65e8d092653a
SHA3 0b66d00ebc7b4ddfef6b188a4ec13e061f6f1496cddb8a3050ba9812a9702b85

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.33083
MD5 158fe37ed9a60eab45e72612d2b75218
SHA1 bca71cdb5bbb7bbcfee2085d577debad5aafdb13
SHA256 6bdbcb69efc4ef9710c4e18ad44c8ab6ee3e7064e3f9c1478b0285a9c25cbcab
SHA3 39335873e73cde207f3d367ce3a47a25eca57e55bc8064ffb8d8d9dc04a0f887

7

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x1628
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.67632
MD5 73b2a7cb55b411b27362bf23d194fcfd
SHA1 492337507f6173af2b4e3012871824e91d13e54c
SHA256 c0100a4d3e725bf187d15d2dcb7c0958b2f5ddb9b7e53ef4f09863742115ad56
SHA3 ed7751db042a253182a66108ae8402a433bd36f3eee758e648b0579d8a39e390

8

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.49418
MD5 ace024f4fd07dfd2aea072a67315a46c
SHA1 0a80bc9203bb81cbc6acf51c45b52972a3ac3fc7
SHA256 919151814c3b63c6ca110215859e8b3ce9c1eb2ae457dc43a9ab9316f319b465
SHA3 2f728e130e5a00c2e3361445c69845fc4087cf5285de493d1b296ac3c8c90f40

9

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xea8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.8103
MD5 543c1f584d82322a8abd52e7dad825c7
SHA1 810221b0a063c266a913da4bf0f6149276e8eb6c
SHA256 9d688561b8024a84e2b8bb02e8016bb058f8cd4f0048bc05300db927b7be65de
SHA3 0bb5624dd219c7db8c82912a2389b25dcf9a7fe45a611cd3c4e7dac4f745c82d

10

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0xa68
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.70115
MD5 948e73e871fde6f9aa2683739f587681
SHA1 ce830fa75f29ccc3b5951ba8d44aae74370001d0
SHA256 94469b2432d1d2cd9ca725c3c12f32028d32bae8cbb0c82e867d129fc87b49b8
SHA3 16586b675d7ef05ca68a9867a18b431e8dbe6585866e2a31789c2aa54a056af1

11

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x8a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.17858
MD5 df18befb37844fc35db78f3bad085729
SHA1 9eb6887a7c33868e1c696dc0e1cffa5afee9a9a3
SHA256 f7133fca95b126c5589f719b180147e38be2910f0a77ce8dd871e54e2d0353e2
SHA3 a203c6df97239d2535d576d2bfbf56be1f69986b8010600d695a6e872cf4e3c5

12

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x668
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.84526
MD5 569f853dc03cfd5a7c450a68320107fe
SHA1 c31a178d67020823970dbce8cebf84296be46917
SHA256 e654d3aa96c896549d56c190ddb3e171ce66352f9e945348918842747a609fcf
SHA3 520d9dce34a5b0fe7fef345999b76158119f852097e84aece87016f3f23f6969

13

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x568
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 6.12002
MD5 f70143d8b87f6fbb1eb38da32c5c2f28
SHA1 3277f97897d109ed26f02f3dab7f8cd6bc9656ce
SHA256 cc3f7535f21ea75a1fb564b46d24fc70db7d34b59ed9d3d82d73f0318e38870a
SHA3 627eaeaf835885ef4f818c87742abdf2b58e53ccbba1f97876120a7a7e540f20

14

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.97608
MD5 f76c998ab97321b13184de6d03f9292f
SHA1 40d59e2f90ac5ba292137f7e151f744941789161
SHA256 8802b8b0f02ff9613d41312b7d6e7aef651408b5c16c48f11d4a4224851a2288
SHA3 cfb73ad4f505aec7bd18ff9bb4be79f250ba065aedcee3b284a009244300236f

15

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x2e8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.21406
MD5 e838ccfef68c8a1aa5d30eb6b50e8f9f
SHA1 2c72a09d3f15b7171f53c58a8cfac416e9572110
SHA256 c8cf19c77d5f71f3f9c180dc21bf41f0225224272c9863d4d17a3315793e159e
SHA3 0e10bc3b1374ad897dffffad942e4c86fc8a888a8298203ed5d88c439a0fe4d9

16

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x128
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.15764
MD5 afe50f09077d5be3fee344534abd649b
SHA1 813ea6c72178beffe4eb3783114f655dc1c838ba
SHA256 2011f644091190838463887e7920ef65c516c02658c6d8772a81c521461af3fe
SHA3 f765163f473014a56114fe48b45e47c2a92ee5ef8fe5cd6619cbd3a0fdadcce6

105

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x202
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.73893
MD5 386770584473e271f23dced36427f4ff
SHA1 d14ce95f784b35e4e3ebee535476ebcd3e380c19
SHA256 425b8270f7ca42a927eae6bea468acf414a3e4b58b5ba2c56aaae4d1b2c11014
SHA3 db13e5969376b27e8443eebff685230e2b74685aeb2fba73973f06e5cddc8662

106

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xf8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.89384
MD5 3f145145da21614de72c0da073529fb6
SHA1 824b69a49adb1c6105446ed2d4fdf482d6a497ca
SHA256 2291b810e47f055ab2ff100618a8a9966f1fbf5fc0cb58e9f8fbb36ac7c983fa
SHA3 999c540cbf8b2538317695989c1e3c2913db9113267473fc49c24cac4119d558

111

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.92787
MD5 5dfa289639a3bcc0497da8db163f01fe
SHA1 6e2c6ea1e2594b66f563fb589276642c127e875f
SHA256 18466509968c3c0bf92ba410fea075def2b257a5a799a113cbc60f13e75f4b01
SHA3 85abdc8c431d91c72f3595a39881c96637ead09a0278d3cec0c1c9a8d873f031

205

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x202
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03251
MD5 16e4e392aaffaa0ee7e77b5be867e10f
SHA1 f7f681d8ec7c8a1aaa98b7a1d6bf14cfe730bbec
SHA256 699e0b19b7a5592c6cd94847130b28d57bf86ea61019043b9a6a3c88e6debc3d
SHA3 e91dc6b4bb438e908867a57a350a8f08d1116bc10d1694ba284a5a44360277b3

206

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xf8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.09145
MD5 6430a75b69158e6b5890246d8ac0edf6
SHA1 4f5353305dd677f43a3462c25cf99297bece29d8
SHA256 ba0c4c14006f63e456fd88d3abad2f6ae9e4de2968f272f97c7c563f85802c20
SHA3 749fb97d10b20596b5202124a14db6483c6af7e72a599022ba049417b6d4f38c

211

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.06584
MD5 7ce8a17102daebb8d864cd1063e987d1
SHA1 072345a235d4947d36b53fd47da68e7e6a93fe62
SHA256 0fd40b240b9df8f2dece8947dabbebce898f12becca8e196136e4231efba2dc1
SHA3 59c7281c1d6dca36fed8a44ee5b408f11090812626d5c5fe1da3d72b526208ab

305

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1ee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.68733
MD5 c0c4f9be63c9d286b8d1265977ac9d86
SHA1 f9c0d915ded3ea188f342d0e5341e67701eed813
SHA256 349420ba5b5de0b0081e96a686c826e0f409f2f3413f2e9fb7e6f71cb544c325
SHA3 dce55e6d53e014b0786bba9e4f6c7d81ed0c04fde8279c3b54f7c2f5a9fe121a

306

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.84758
MD5 020919d85c431e79ad2e793848c07916
SHA1 29f3928b0f1d6f74e173a985492c39a62282f2d1
SHA256 4d63e28b1c215b5115efcf9ccb1f71b682ab1d0a485da44fd10cf65c72002515
SHA3 c4b5e250767ce9e7581e7dd1dc2e08b17820ef8298cfe40f4b18d17d1b350fea

311

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xda
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.9304
MD5 2497a44fff8b76b5129662b60a617c85
SHA1 f73bd7c9caa4c1f7a0e4840d69b0accdc6d167a0
SHA256 a10617b39293152a65ad5c91ca4f35135845c7b785e3a582e58f6c8229045b85
SHA3 aaf1dc708c305944a11a7180ef5ee2c8f722c3dd6d4bf91e0ae0f6c2b1a331ca

405

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1f2
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.74143
MD5 0af4d59488d775d20c2e6725f3ed95a9
SHA1 f7c55407fa28f7d3eb8f6a4d4b988947f57c4c4a
SHA256 ab979c8f6052af662e37a55c3aa42a884f0ce537317ce85f25d6c2307eb198f5
SHA3 cbd4ee359d3f62e7dfb156ecd5dcd05351e2728ee88efb928161a5f2b62fd5c3

406

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.94675
MD5 14166a0be7fcfb56fa217bcb7df0877a
SHA1 f87292d312c8b9af84deaef0a1bde48e2c11a581
SHA256 a17970aa1fbc5c2e34c2beb4c7bb07774f361884597a1d239b85d68b04465be2
SHA3 871f7509a85b535fc79f8a9bc1d610d1d035bef260732870c4e711585b41310e

411

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xde
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03655
MD5 2802ee53bc08ac9a2cfaed81b3d79d05
SHA1 b7faac6a14545ea9c03651f69ae27cce0e62b010
SHA256 65fb71b054977a55435f45bbcddddedaa1e1cf43fdd9fc230938d625c3f7edcd
SHA3 1b03466617102ef078d2690bf5a361563eae8b960554205937f87a6c81d328c5

505

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x202
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03251
MD5 16e4e392aaffaa0ee7e77b5be867e10f
SHA1 f7f681d8ec7c8a1aaa98b7a1d6bf14cfe730bbec
SHA256 699e0b19b7a5592c6cd94847130b28d57bf86ea61019043b9a6a3c88e6debc3d
SHA3 e91dc6b4bb438e908867a57a350a8f08d1116bc10d1694ba284a5a44360277b3

506

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xf8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.09145
MD5 6430a75b69158e6b5890246d8ac0edf6
SHA1 4f5353305dd677f43a3462c25cf99297bece29d8
SHA256 ba0c4c14006f63e456fd88d3abad2f6ae9e4de2968f272f97c7c563f85802c20
SHA3 749fb97d10b20596b5202124a14db6483c6af7e72a599022ba049417b6d4f38c

511

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.06584
MD5 7ce8a17102daebb8d864cd1063e987d1
SHA1 072345a235d4947d36b53fd47da68e7e6a93fe62
SHA256 0fd40b240b9df8f2dece8947dabbebce898f12becca8e196136e4231efba2dc1
SHA3 59c7281c1d6dca36fed8a44ee5b408f11090812626d5c5fe1da3d72b526208ab

605

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x202
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.03251
MD5 16e4e392aaffaa0ee7e77b5be867e10f
SHA1 f7f681d8ec7c8a1aaa98b7a1d6bf14cfe730bbec
SHA256 699e0b19b7a5592c6cd94847130b28d57bf86ea61019043b9a6a3c88e6debc3d
SHA3 e91dc6b4bb438e908867a57a350a8f08d1116bc10d1694ba284a5a44360277b3

606

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xf8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.09145
MD5 6430a75b69158e6b5890246d8ac0edf6
SHA1 4f5353305dd677f43a3462c25cf99297bece29d8
SHA256 ba0c4c14006f63e456fd88d3abad2f6ae9e4de2968f272f97c7c563f85802c20
SHA3 749fb97d10b20596b5202124a14db6483c6af7e72a599022ba049417b6d4f38c

611

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.06584
MD5 7ce8a17102daebb8d864cd1063e987d1
SHA1 072345a235d4947d36b53fd47da68e7e6a93fe62
SHA256 0fd40b240b9df8f2dece8947dabbebce898f12becca8e196136e4231efba2dc1
SHA3 59c7281c1d6dca36fed8a44ee5b408f11090812626d5c5fe1da3d72b526208ab

705

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1fa
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.78574
MD5 2c1f44c0a248a53a50a661eb9a65cdcf
SHA1 69a0418cac4aaa30203faa1f0bdbe74fe1cc29c6
SHA256 1382f1e9260b7e203ceafc6936ef1dae48898fcf8fb04a446cd27a4384bc40c3
SHA3 2391f29b4bbdb35210160bdff0e5454a66809bd69915f6c5af5ec10cbbf057aa

706

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xf0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.02918
MD5 a364144b05237bef8a098361270651c7
SHA1 bc6f439ad956d67ce6f5614545db20fa90b9771a
SHA256 a38fe6199b9c05d8f7b4b574305070d5b70c5f419667ba3b1ea6b256782ed397
SHA3 a31a6c5032365bf669508614296b7f2bd2f3da09205fd41acc0ea7638ef29fbe

711

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.09674
MD5 30dab3583979c2008e8de9295ab7c36b
SHA1 186cd9560b358bbf8b523d1050573f22bb00264d
SHA256 8c64a2341dc473a7d8ab4956af589e9a7257c4f05a8dc229f862c16d49ba37e5
SHA3 4449f57b4725dc59d7d66dc9b817250112828d0f5d6b31cba247cd36ff544268

805

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1ee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.68176
MD5 1cdff3870b4510f9c4a40874187787a2
SHA1 a7a0949b603bcbf6fdfe4a68eeba4c06cfda442b
SHA256 d542230218a67392c3e8d2c61f29f66f8724d837e83e9c0a49f30bdf02d722d7
SHA3 0ebf01d8f7e1f18047d7637f891d36fb662a028e2d4bbfd752c0cf4de4e50c9f

806

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.84427
MD5 e0d1f7e59e4524d95cb3e6e34cda214a
SHA1 2623ddfa44e7391eb408915e36477821def00da8
SHA256 9d94bca9d6cfa8d18bc0559d87059f8bea0953c5957544fa03f9cf91d22e6d5f
SHA3 5bac19cfe702aaa13feacdf3acfc635510e3d742544180acf1c659c913260ff1

811

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xda
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.92694
MD5 408a7443d8f432b28a248059d8669d1c
SHA1 c199828e8051a2825b1d5e216360eb57cd0b37f7
SHA256 4677979c1665998318fcb65b9a0c0b3dd9204c12dbddbd5e76df8822ed6e347a
SHA3 a3fbf76ef107912c1222e3203143386903416d7d7c171d53f3e0988bea2e4923

103

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0xe6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.12818
Detected Filetype Icon file
MD5 3b98d7215979d067be8867d98ce68502
SHA1 53551349b299ace759a97d635600916633b762c6
SHA256 e0d848435f83cb9249817fe6833c6624a3eb6f01d8814cb93ebea9941ca661ce
SHA3 f386776eb8a6cf7295eaa7102bf52194a491c5dd57ad919200fa7c34d3daba4e

1 (#2)

Type RT_VERSION
Language UNKNOWN
Codepage UNKNOWN
Size 0x348
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.33003
MD5 43838eee1768a35f96f73269a01589de
SHA1 0d5c94532cec77fc222f06a14502d8ec5ceb9b7f
SHA256 eb787b3d01fa98f2e4bba6fb8bf482ae40b707a472974d6ab6517a7913a1e7e5
SHA3 1176f57e478d87eae8fcc0ba4a15a9e973f18211cd87997a98b980f5ddd3042c

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x21d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.10572
MD5 6bfbe1cf5476996687b4ad3930405023
SHA1 0cab5b4e3fcbeacb9aedbc1159d6a4f3a28e768c
SHA256 33e762db1dbad841d0ad87e45c09d9280631771f2d26b8c260fc714744b90027
SHA3 cb269d293109666f1d30404c630c9f4efa8eb3e03b039ed7a826a6b7c77e4017

Version Info

Signature 0xfeef04bd
StructVersion 0
FileVersion 1.0.0.0
ProductVersion 1.0.0.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
CompanyName Disc Soft Ltd.
FileDescription DAEMON Tools Lite Downloader
FileVersion (#2) 1.0.0
InternalName DAEMON Tools Lite Downloader1.0.exe
LegalCopyright Copyright (C) 2000-2015
OriginalFilename DTLiteDownloader.exe
ProductName DAEMON Tools Lite Downloader
ProductVersion (#2) 1.0.0
Resource LangID UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

XOR Key 0x37178e78
Unmarked objects 0
C objects (VS2012 build 50727 / VS2005 build 50727) 3
Imports (VS2012 build 50727 / VS2005 build 50727) 17
Total imports 168
C objects (VS2008 SP1 build 30729) 11
Linker (VS2008 SP1 build 30729) 1
Resource objects (VS2008 SP1 build 30729) 1

Errors

[*] Warning: Section .ndata has a size of 0!