Manalyze report for ec1123480e2adb23e5bf8e01603ecca9ea279e3e6e533684db89ad9437c9db98

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	1992-Jun-19 22:22:17
Detected languages	Chinese - PRC English - United States
CompanyName	http://www.haom2.com
FileDescription	ç¿é£ç»å½å¨éç½®å¨
FileVersion	`2.0.0.1`
InternalName	MakeGameLogin.exe
ProductVersion	`2.0.0.1`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains another PE executable: This program cannot be run in DOS mode.` `Contains domain names: haom2.com http://www.haom2.com www.haom2.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to SHA1`
Suspicious	The PE is possibly packed.	`Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found:` `Unusual section name found: .winlice` `Section .winlice is both writable and executable.` `Unusual section name found: .boot`
Info	The PE contains common functions which appear in legitimate applications.	`Can access the registry: RegQueryValueExA` `Possibly launches other programs: ShellExecuteW`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`d5fdeec2d3963360c206ef3ad11d1fd6`
SHA1	`08321d6807448f0a4debb52e5cb89c4bc67c1100`
SHA256	`ec1123480e2adb23e5bf8e01603ecca9ea279e3e6e533684db89ad9437c9db98`
SHA3	`127e038f047a76d18a48f8a0b52a6d652e1eef53185fb7b740672f6ad67ae8db`
SSDeep	`393216:DUnjie1BSN1CQRjPgk5SO8ibRV+rd0x0Bog4N0EJUtgOF8tB2:+j91s3lr5S/cr+rd0x0Bog4NqZ8tB2`
Imports Hash	`afd3e756c082767321c3cee1c00a964b`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`13`
TimeDateStamp	1992-Jun-19 22:22:17
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x22aa00`
SizeOfInitializedData	`0x111aa00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x01B1D058 (Section: .boot)`
BaseOfCode	`0x1000`
BaseOfData	`0x22c000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x1fb3000`
SizeOfHeaders	`0x400`
Checksum	`0x1120089`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x4000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

MD5	`09f4ca98a818a0ca84a142229dc2faaf`
SHA1	`20bb3ded1adc195b06dc3bd5edc6087af40a19da`
SHA256	`9c7265fc4743de56ec391cd38ebe1fe1fa1cfd3192e4b2157e9e464a420a116c`
SHA3	`c8e161961664a0d5efc7677083757d75a46f2f60e396138c9b2dd695597d8872`
VirtualSize	`0x22a810`
VirtualAddress	`0x1000`
SizeOfRawData	`0xf4e00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.98166`

(#2)

MD5	`971afb809cf24afe483cec54f999fd6b`
SHA1	`414db4a6ff7e63f774d9c70eef1e57bb23445508`
SHA256	`f8f6ca85f02d6af10ac2aed6b9faa6b408644db7dffe5a4bfa86fde0e96b560e`
SHA3	`a80cd4d8b6bba411c3253cc98dadc8881284c9e10acb4e28c9f7002366b400cc`
VirtualSize	`0x14174`
VirtualAddress	`0x22c000`
SizeOfRawData	`0x7000`
PointerToRawData	`0xf5200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.92453`

BSS

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x99e9`
VirtualAddress	`0x241000`
SizeOfRawData	`0`
PointerToRawData	`0xfc200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

(#3)

MD5	`7efcc388bf843ba7e5535f178b1b6618`
SHA1	`de5b79c0f8780c29690afb20b814fcdf86f9a09f`
SHA256	`6bf2341fc4d08c30582e6e919ba8d35499e2df55d4cda1d341ed759df4679ba8`
SHA3	`442ba771ab05df589877c45f68bce6a7dd581c8587975a01c3103420a9f5be14`
VirtualSize	`0x38b4`
VirtualAddress	`0x24b000`
SizeOfRawData	`0x600`
PointerToRawData	`0xfc200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.24311`

.tls

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x40`
VirtualAddress	`0x24f000`
SizeOfRawData	`0`
PointerToRawData	`0xfc800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

(#4)

MD5	`32c46e953b48f4434e323274d45cf41b`
SHA1	`d95dfa3c28f2da25d65d8d8828103600eb137e60`
SHA256	`5e35a55627a66364a980c88512b4389c65423c14d003626fadcb3decc577d371`
SHA3	`143e18e2dc68405db1fc590debe74f11c62d0f92167a4bce73d17792b5309c52`
VirtualSize	`0x18`
VirtualAddress	`0x250000`
SizeOfRawData	`0x200`
PointerToRawData	`0xfc800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`5.94565`

(#5)

MD5	`8f3ceea13e82ba233604d9ee315ee4aa`
SHA1	`27e7820b02eec9a0f0faddc0537e874b40ba03dd`
SHA256	`e5771fba257c5c49a7a9d68d4090dc2e667eaf2602b19c141ff6ff84d1dadee7`
SHA3	`7fe7e7fc1711f551b1952ed356b2ccf26e6bbcce4a694f26ba00d3bcec942120`
VirtualSize	`0x103bf0`
VirtualAddress	`0x251000`
SizeOfRawData	`0xed200`
PointerToRawData	`0xfca00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.98192`

(#6)

MD5	`fa326c542f07716f562c4118074edf8d`
SHA1	`0fc206b364a21cc9305dc43c1bce9b730ccc2839`
SHA256	`a6b8ccc095e32200c2cc967d85fcf4ee56a6cb07d7bc09baad1d93c17a6e670f`
SHA3	`b4c752b1c400562ee56cc38beaa8150959e0495dd1ccc6fd62cae58261d0b9a0`
VirtualSize	`0x10dfc34`
VirtualAddress	`0x355000`
SizeOfRawData	`0xa81c00`
PointerToRawData	`0x1e9c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`7.95274`

.idata

MD5	`78c1b4197eedf37633e546f443d538b5`
SHA1	`e484efdb46963af465f8c8c2ab5c1c720daae7f1`
SHA256	`2f61ca8ef3c4cc2a77dc83dadfc7640b508bf4bf1847d787ecb0c384796f33b9`
SHA3	`f0fce632bcb27348a9395989a418c52db55f9784b0eeefd7ef04f64dfd728493`
VirtualSize	`0x1000`
VirtualAddress	`0x1435000`
SizeOfRawData	`0x400`
PointerToRawData	`0xc6b800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.82973`

.tls (#2)

MD5	`93edb03b4c871eff2482677ccca7e4a2`
SHA1	`36d7451dfff0481f0e2e919f1027068ff8176e73`
SHA256	`26924c92c8454b80ab20d2cd9903c7017587a79985bf3c9067673f336d0cd3c0`
SHA3	`0edc4086af184a25205b1f72a270c7e44ad96cf80af41c30fe0ec910b05f7a6f`
VirtualSize	`0x1000`
VirtualAddress	`0x1436000`
SizeOfRawData	`0x200`
PointerToRawData	`0xc6bc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.192252`

.rsrc

MD5	`8b399b634854a4265b227c2bcebee821`
SHA1	`e52f087aed3ddff8d1870b0612bfa9a4a37f68c6`
SHA256	`e74bd404e2c864518f972098a007618b4e77fc2b4af2ec9812060607c1ea25de`
SHA3	`4580a709b254400f83cafac692fc1e38f95328978b531b45fe7b318e1c36dec1`
VirtualSize	`0xfa00`
VirtualAddress	`0x1437000`
SizeOfRawData	`0xfa00`
PointerToRawData	`0xc6be00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.29274`

.winlice

MD5	`d5b5b0ea5cee5582afc58cd73bffd197`
SHA1	`7ed5253ff343212adb11d6829adb47b3b382b0d3`
SHA256	`0cf818e0e8376c9acc12e099624e9a5f0f568c41fb88476f7d66057b36cf2a8a`
SHA3	`915ffe1857284461221406cc38abf98e073eec9292d3cb99dc52b4b29403adb1`
VirtualSize	`0x6d6000`
VirtualAddress	`0x1447000`
SizeOfRawData	`0x6d6000`
PointerToRawData	`0x1110c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.50496`

.boot

MD5	`f0d9be3cc19650514f429d96e6df4511`
SHA1	`16948434e9a3e88b8cbad3b5f8019d1b894cdf77`
SHA256	`e094ccf150aedbbbc5bbe62def921d3e8664685c1be7735b8542c9bafd22992c`
SHA3	`4d3fca6772417c73d41c3f934f355382aafadf0093676b66a556bed5fe11cc95`
VirtualSize	`0x495400`
VirtualAddress	`0x1b1d000`
SizeOfRawData	`0x495400`
PointerToRawData	`0xc7b800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.95195`

Imports

kernel32.dll	`GetModuleHandleA`
user32.dll	`GetKeyboardType`
advapi32.dll	`RegQueryValueExA`
oleaut32.dll	`SysFreeString`
mpr.dll	`WNetGetConnectionA`
version.dll	`VerQueryValueA`
gdi32.dll	`UnrealizeObject`
ole32.dll	`IsEqualGUID`
comctl32.dll	`ImageList_SetIconSize`
winspool.drv	`OpenPrinterA`
shell32.dll	`ShellExecuteW`
comdlg32.dll	`ChooseFontA`
winmm.dll	`timeSetEvent`
gdiplus.dll	`GdiplusShutdown`
GuiEdit.dll	`SaveGUIToStream`

Delayed Imports

1

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x3228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.41171`
MD5	`d3eaa2098b7a80c9d3daf79259f50ea3`
SHA1	`f7bf4ad03554f01b05394ef3eb63394861e88f70`
SHA256	`a9bcc98321f02002a5123515ce02aef38ae581b50670b50af2f14188de52c0bd`
SHA3	`fcc662f524d58b2e28f3932c9946ee415096ea294075f6616f2f5c0fda439252`

2

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x1ca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.51163`
MD5	`1c1fd0921dc3e1eb4b08aeae95dcd774`
SHA1	`5e17a03f2365ca823c5922425db37c59b284781c`
SHA256	`8056980fa74869b0fa7030c60cf0ca91def0b1b9cf760adfb9f1d553857efb07`
SHA3	`83eba320d0dddc66fdeb70ebf783c1c18f433658785ad9eb4e6a907ada8ac2a3`

3

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0xca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.70979`
MD5	`8cbc89e5281a90b870e27cc3d7f0b441`
SHA1	`75e1173a4e332b5330b68850f7e583bd83e0873a`
SHA256	`e61a6e2043640d09d7003b4cad4d3f14c4765ae7f42c0ab2285406fd45fbf9f0`
SHA3	`7a772a4462664cdc0c1d479ac9efe665011919155ff23b85188c0e2f0c976fa4`

4

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x748`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.92704`
MD5	`6a55ca00bbdfffa2ab5ed593145f5f8f`
SHA1	`fc2a88d5d8fb2b1dd8bac66900e443c8cb98f3e1`
SHA256	`c8d3217a7bc4fb17a0633200d5f441178c54ce315daeb6bd5f6d3aeb99ce1586`
SHA3	`475b5017bdc665205d66ba81ed2690ae5c51ed1ffd7d0ce3a49fd3fd75307f04`

5

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x368`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.0737`
MD5	`a2883b99c572512ec62392f43a2805b4`
SHA1	`d7a43b0d5e59fe5e457c5691d1f949c8d3fff7ce`
SHA256	`168869853258c96d6ecf5d9f641c48e3702ff9769aa92e1e7e37152191f2a4d5`
SHA3	`663d7d3a340fe19291a138fc88195815a39618fced8a4a7205fb2230e64a13b0`

6

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.79564`
MD5	`103dad0d57c803adf35533776dffc76a`
SHA1	`d373f056b665d292cab71c32099ebad6f26574f6`
SHA256	`2f7cbacfec532d71062046c597a92d854c127da1466db3fc98916a81addbc992`
SHA3	`d2b907377f2ab1506a458ede611a782c48ce67e1096bbc578108b9a2dbf173e3`

7

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.85559`
MD5	`bc9b6b6ba777fd1da9fb856e144169a3`
SHA1	`2ae9f1164cd8be1b8e24446f06c056a06b7cac8d`
SHA256	`23d0de6bece7db98a1fdb7b2ef7c33136cd23c087b24a993f6987d32b6b7f4f5`
SHA3	`a777f5906fd693a5e21e088ac2c5ad23f296e77771ff5303fef40ca8f110d135`

8

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.08883`
MD5	`ea22761884a633fb217b2a6b8b9b8d7d`
SHA1	`d58c550cc8b6882b837a8e91dbcb1a3483aa067a`
SHA256	`011f77c3a9db999b7589448ca876461ea6c0e75f02c56057173014fb174d0461`
SHA3	`a0de74119814712dd4d93a21aa2f260bd194df369f2a6f9d4a5d23edf4da1f76`

9

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.29686`
MD5	`24f241bf5a0b2b51575e8cdf5200cd83`
SHA1	`afaf3efcbf2319d2b6c125dd045652fe5f0d3ec5`
SHA256	`fb49e08488055babce07264dff95099f1e19bf3699d8b0688cb2dafa6be164bd`
SHA3	`7e0ed274f1d826a661e21b1d3c0baa757aa15f116f5a31a6d42eea4f0f8f273a`

10

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.46307`
MD5	`c70ea2e5c83018d1abdcebd1930745fd`
SHA1	`12183b0e253ea3038d8e83de4f4cdd1bad9fdb81`
SHA256	`657782d688a8f8baf9ce7f9d2c864a29445ad80de602cb11d697932916c2bcf2`
SHA3	`b77d21e4c185152c38eca51ad669e0940cdf77233bda8ad55533ec7bf32c4918`

12

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x3ae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.45459`
MD5	`47942dde56b7fd9b0b6c1e2ab1727faa`
SHA1	`465a8466bf16a52add49f44cae864e28eb413184`
SHA256	`79d3aa39cb7814089bd5ccd0c6f048e6d3823cded8f01620f2a64d4b08b9ccc8`
SHA3	`75bb9e11d899864ba53407d33e047c71cef5141eec33e5b53e2eeea0eb0c5130`

MAINICON

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x92`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98824`
Detected Filetype	Icon file
MD5	`897eb73f8af9aab7033d96e090833f4f`
SHA1	`b6ee53533754474121dbd8c5ead56a127af351fa`
SHA256	`04ff1604bf02d0045135334dbd11d4dfb15ad6885f0d91f56a4adcf674be059d`
SHA3	`abb7f16eb3a9b8f308b7da6b60007974709ddc70aec52c45e3fdad5bf9dc4cca`

1 (#2)

Type	`RT_VERSION`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x20c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44712`
MD5	`17bd23890c97392e3c3392811c773e16`
SHA1	`172e529d4d80c9a0b65511b37b91ec44cafd6811`
SHA256	`a7220926f4caeb3051a620cdc7db3c8cc5bb474b1532547cd87744da324ad7b5`
SHA3	`9366e95a2c1627daae6d12ae04ad56a1330af67435daa6d714bd4866324f392c`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.17015`
MD5	`e4c8a62db5113f6ecef8783d50f2f7f7`
SHA1	`3af0c70356976e15e7466aa0b39ebff654c02318`
SHA256	`6db2d03d69c169b420a447659d1b87487c4c1ed6acdd29fd0ff0499339c79d73`
SHA3	`d3525c8852a40d0763f57cc5611186ed68e94848ed2819546df4e22644a89442`

String Table contents

Open a Zip File
Zip Files (.ZIP)\|.zip\|SFX Files (.EXE)\|.exe\|Jar Files (.JAR)\|.jar\|All Files (.)\|.
User canceled Set Desination Directory
Index %d is out of range
User canceled loading new disk
User Aborted Operation
Incomplete Zip File
Not a valid zip file!
Please insert disk
of the multi-disk set.
User canceled setting zip file name.
User canceled Zip operation
Select a new name for the fixed file.
Zip Files (*.ZIP)

Seek error
Invalid seek origin (%d)

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.0.0.1
ProductVersion	2.0.0.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Chinese - PRC
CompanyName	http://www.haom2.com
FileDescription	ç¿é£ç»å½å¨éç½®å¨
FileVersion (#2)	2.0.0.1
InternalName	MakeGameLogin.exe
ProductVersion (#2)	2.0.0.1

Resource LangID	Chinese - PRC

TLS Callbacks

Load Configuration

RICH Header

Errors

[!] Error: Could not reach the TLS callback table.
[*] Warning: Section BSS has a size of 0!
[*] Warning: Section .tls has a size of 0!

Leave a comment

No comments yet.