Manalyze report for ecd6ff7f8e749d9a0463292f5a2bb859

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Dec-01 14:11:35
Detected languages	Chinese - PRC
FileVersion	`1.0.0.0`
FileDescription	易语言程序
ProductName	易语言程序
ProductVersion	`1.0.0.0`
LegalCopyright	作者版权所有请尊重并使用正版
Comments	本程序使用易语言编写(http://www.eyuyan.com)

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0` `Microsoft Visual C++ v5.0/v6.0 (MFC)`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentControlSet\Services` `Accesses the WMI: ROOT\CIMV2` `Contains references to mining pools: stratum+tcp://`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to MD5` `Uses constants related to SHA256` `Uses constants related to AES`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot FindWindowA` `Code injection capabilities (PowerLoader): FindWindowA GetWindowLongA` `Can access the registry: RegQueryValueA RegSetValueExA RegOpenKeyExA RegCloseKey RegCreateKeyExA` `Possibly launches other programs: CreateProcessA WinExec ShellExecuteA` `Uses functions commonly found in keyloggers: GetForegroundWindow CallNextHookEx` `Has Internet access capabilities: InternetCanonicalizeUrlA InternetCrackUrlA InternetReadFile InternetConnectA InternetSetOptionA InternetCloseHandle InternetOpenA` `Leverages the raw socket API to access the Internet: #19 #18 #116 #115 #12 #3 #101 #1 #5 #16 #10 #17` `Enumerates local disk drives: GetVolumeInformationA` `Manipulates other processes: Process32Next Process32First OpenProcess` `Can take screenshots: FindWindowA GetDC BitBlt CreateCompatibleDC` `Reads the contents of the clipboard: GetClipboardData`
Malicious	VirusTotal score: 54/65 (Scanned on 2018-01-19 15:10:56)	`MicroWorld-eScan: Adware.GenericKD.12644470` `CAT-QuickHeal: Trojan.BitMiner` `ALYac: Adware.GenericKD.12644470` `Cylance: Unsafe` `Zillya: Trojan.FlyStudio.Win32.21065` `K7AntiVirus: Trojan ( 0051f4e91 )` `K7GW: Trojan ( 0051f4e91 )` `Cybereason: malicious.215ad3` `Arcabit: Adware.Generic.DC0F076` `TrendMicro: TROJ_GEN.R002C0GL217` `Baidu: Win32.Trojan.WisdomEyes.16070401.9500.9706` `F-Prot: W32/Agent.EW.gen!Eldorado` `Symantec: Trojan.Gen.6` `TotalDefense: Win32/Oflwr.A!crypt` `TrendMicro-HouseCall: TROJ_GEN.R002C0GL217` `Paloalto: generic.ml` `ClamAV: Win.Trojan.Generic-6260335-1` `Kaspersky: not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen` `BitDefender: Adware.GenericKD.12644470` `NANO-Antivirus: Riskware.Win32.BitMiner.evrujf` `ViRobot: Trojan.Win32.Z.Onlinegames.1622016` `AegisLab: Backdoor.W32.Agent.liRL` `Rising: Trojan.Win32/64.XMR-Miner!1.ADCC (CLASSIC)` `Ad-Aware: Adware.GenericKD.12644470` `Emsisoft: Adware.GenericKD.12644470 (B)` `DrWeb: Trojan.KillProc.53965` `VIPRE: Trojan.Win32.Generic!BT` `Invincea: heuristic` `McAfee-GW-Edition: BehavesLike.Win32.Generic.th` `Cyren: W32/Agent.EW.gen!Eldorado` `Jiangmin: RiskTool.BitMiner.pr` `Avira: TR/CoinMiner.agdsu` `Antiy-AVL: RiskWare[RiskTool]/Win32.BitMiner` `Endgame: malicious (high confidence)` `Microsoft: Trojan:Win32/Pynamer.A!ac` `SUPERAntiSpyware: Trojan.Agent/Gen-OnlineGames` `ZoneAlarm: not-a-virus:HEUR:RiskTool.Win32.BitMiner.gen` `GData: Win32.Application.CoinMiner.T@gen` `Sophos: Generic PUA OL (PUA)` `AhnLab-V3: Trojan/Win32.CoinMiner.C2266243` `McAfee: Artemis!ECD6FF7F8E74` `AVware: Trojan.Win32.Generic!BT` `MAX: malware (ai score=100)` `Malwarebytes: Spyware.OnlineGames` `Panda: Trj/GdSda.A` `ESET-NOD32: a variant of Win32/FlyStudio.OPD` `Tencent: Win32.Risk.Adw.Aota` `Yandex: Trojan.Pasta.Gen.1` `SentinelOne: static engine - malicious` `eGambit: Unsafe.AI_Score_55%` `AVG: Win32:Malware-gen` `Avast: Win32:Malware-gen` `CrowdStrike: malicious_confidence_100% (W)` `Qihoo-360: Win32/Virus.RiskTool.46f`

Hashes

MD5	`ecd6ff7f8e749d9a0463292f5a2bb859`
SHA1	`eb21def215ad358fffb32ce3175d3288b16ee2cf`
SHA256	`7c19d04d615731aae1493aef8eb969d6386f4533a76d9f687f310b05be6cfebb`
SHA3	`9628f706e21547e54f350722bcdc22fb1afed0dcbe5234b4e2a6b0613a8bfe0e`
SSDeep	`49152:qYqpjclmfLOmTHDD0LkGrvjtK68M0viNttlwae:1qdclmfymbX0LkGrjQ68eNnl7e`
Imports Hash	`c364f1f919f0c4bddc07a3180ca25cd9`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x110`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2017-Dec-01 14:11:35
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x6a000`
SizeOfInitializedData	`0x121000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0004B58C (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x6b000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x1be000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`f08d9173d94f69a3cfa9d625520f5890`
SHA1	`99bbfd82562c97af883afb58cf89e1fcb3e23d7a`
SHA256	`aec090ab5195821ff86bd63232c23f9f8bffd655bacded4b1c835d0ca8e11a19`
SHA3	`09ee79c171c8c6dd47200d37afdee1ae1264cd149460a8739e89d375fe973e17`
VirtualSize	`0x69f8a`
VirtualAddress	`0x1000`
SizeOfRawData	`0x6a000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.56117`

.rdata

MD5	`6871a5b9c572cfeb69194e8c243cdf35`
SHA1	`b9a8cda5d8f3bf0237acad06728235e89d4dfd52`
SHA256	`ec9e3113b30a0266b6509377be10325135734aa08cc3dca1287f12c3a680649f`
SHA3	`544c1d3e5171296c76531d915d3d0f13ebf924896d481431716cb6a0482a6a5b`
VirtualSize	`0x10b468`
VirtualAddress	`0x6b000`
SizeOfRawData	`0x10c000`
PointerToRawData	`0x6b000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.80479`

.data

MD5	`6ab470f417b4ad2eff19556cbdcb010f`
SHA1	`53fff67f57484e1a29375979efd24d4a23cf661c`
SHA256	`df0dad1f156982c0acdd5ed2575ecd303433ff179589ec820ab22e0548002e1d`
SHA3	`a3d0793bb97fddf45fd39ea45bb3925467b2a25f99bff87b24e1cf0533ca1f00`
VirtualSize	`0x4016a`
VirtualAddress	`0x177000`
SizeOfRawData	`0xf000`
PointerToRawData	`0x177000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.85091`

.rsrc

MD5	`ecddcc9052c76299271e9f911541f370`
SHA1	`4fb6d57d6aae4cddccee554161d26dc760de4638`
SHA256	`c4355652bc044cf3be01d608addc288fab30a1959edb759bd2b0a70655cca457`
SHA3	`854d6e89f05f6093de58a2f54b5bbeb090289e726d1da4183ab340ba787c4c9e`
VirtualSize	`0x5740`
VirtualAddress	`0x1b8000`
SizeOfRawData	`0x6000`
PointerToRawData	`0x186000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.78433`

Imports

RASAPI32.dll	`RasHangUpA` `RasGetConnectStatusA`
WINMM.dll	`midiOutPrepareHeader` `midiStreamRestart` `midiStreamClose` `midiOutReset` `midiStreamStop` `midiStreamOut` `waveOutUnprepareHeader` `waveOutPrepareHeader` `waveOutWrite` `waveOutPause` `waveOutReset` `waveOutClose` `waveOutGetNumDevs` `midiStreamProperty` `midiStreamOpen` `midiOutUnprepareHeader` `waveOutOpen`
WS2_32.dll	`#19` `#18` `#116` `#115` `#12` `#3` `#101` `#1` `#5` `#16` `#10` `#17`
KERNEL32.dll	`WideCharToMultiByte` `Process32Next` `Process32First` `CreateToolhelp32Snapshot` `SetFilePointer` `GetFileSize` `TerminateProcess` `OpenProcess` `GetVersion` `MultiByteToWideChar` `GetCurrentProcess` `SetLastError` `GetTimeZoneInformation` `FileTimeToSystemTime` `CreateSemaphoreA` `ResumeThread` `ReleaseSemaphore` `EnterCriticalSection` `LeaveCriticalSection` `GetProfileStringA` `InterlockedExchange` `IsBadCodePtr` `IsBadReadPtr` `CompareStringA` `GetStringTypeW` `GetStringTypeA` `SetUnhandledExceptionFilter` `IsBadWritePtr` `VirtualAlloc` `LCMapStringW` `LCMapStringA` `SetEnvironmentVariableA` `VirtualFree` `HeapCreate` `HeapDestroy` `GetEnvironmentVariableA` `GetStdHandle` `SetHandleCount` `GetEnvironmentStringsW` `GetEnvironmentStrings` `FreeEnvironmentStringsW` `FreeEnvironmentStringsA` `UnhandledExceptionFilter` `GetFileType` `SetStdHandle` `GetACP` `HeapSize` `RaiseException` `GetLocalTime` `GetSystemTime` `RtlUnwind` `GetStartupInfoA` `GetOEMCP` `GetCPInfo` `GetProcessVersion` `SetErrorMode` `GlobalFlags` `GetCurrentThread` `GetFileTime` `TlsGetValue` `LocalReAlloc` `TlsSetValue` `TlsFree` `GlobalHandle` `TlsAlloc` `LocalAlloc` `lstrcmpA` `GlobalGetAtomNameA` `GlobalAddAtomA` `GlobalFindAtomA` `GlobalDeleteAtom` `lstrcmpiA` `SetEndOfFile` `UnlockFile` `LockFile` `FlushFileBuffers` `DuplicateHandle` `lstrcpynA` `FileTimeToLocalFileTime` `LocalFree` `InterlockedDecrement` `InterlockedIncrement` `WriteFile` `ReadFile` `GetLastError` `WaitForMultipleObjects` `CreateFileA` `CloseHandle` `WaitForSingleObject` `CreateProcessA` `GetTickCount` `GetCommandLineA` `MulDiv` `GetProcAddress` `GetModuleHandleA` `GetVolumeInformationA` `SetCurrentDirectoryA` `SetEvent` `FindResourceA` `LoadResource` `LockResource` `GetModuleFileNameA` `GetCurrentThreadId` `ExitProcess` `GlobalSize` `GlobalFree` `DeleteCriticalSection` `InitializeCriticalSection` `lstrcatA` `WinExec` `lstrcpyA` `FindNextFileA` `GlobalReAlloc` `HeapFree` `HeapReAlloc` `GetProcessHeap` `HeapAlloc` `GetFullPathNameA` `FreeLibrary` `LoadLibraryA` `lstrlenA` `GetVersionExA` `WritePrivateProfileStringA` `CreateThread` `CreateEventA` `Sleep` `GlobalAlloc` `GlobalLock` `GlobalUnlock` `FindFirstFileA` `FindClose` `GetFileAttributesA` `CompareStringW`
USER32.dll	`CloseClipboard` `WaitForInputIdle` `wsprintfA` `DestroyMenu` `GetClipboardData` `OpenClipboard` `SetClipboardData` `EmptyClipboard` `GetSystemMetrics` `GetCursorPos` `MessageBoxA` `SetWindowPos` `GetWindowTextA` `GetDlgItem` `FindWindowA` `GetWindowThreadProcessId` `GetClassNameA` `GetDesktopWindow` `GetForegroundWindow` `SetWindowTextA` `SystemParametersInfoA` `TranslateMessage` `LoadIconA` `DrawFrameControl` `DrawEdge` `DrawFocusRect` `WindowFromPoint` `GetMessageA` `DispatchMessageA` `SetRectEmpty` `RegisterClipboardFormatA` `CreateIconFromResourceEx` `CreateIconFromResource` `DrawIconEx` `SendMessageA` `DestroyCursor` `SetParent` `IsWindow` `GetSysColorBrush` `LoadStringA` `GetMenuCheckMarkDimensions` `GetMenuState` `SetMenuItemBitmaps` `CheckMenuItem` `MoveWindow` `IsDialogMessageA` `ScrollWindowEx` `SendDlgItemMessageA` `MapWindowPoints` `AdjustWindowRectEx` `GetScrollPos` `RegisterClassA` `GetMenuItemCount` `GetMenuItemID` `CreateWindowExA` `SetWindowsHookExA` `CallNextHookEx` `GetClassLongA` `SetPropA` `CreatePopupMenu` `AppendMenuA` `ModifyMenuA` `CreateMenu` `CreateAcceleratorTableA` `GetDlgCtrlID` `GetSubMenu` `EnableMenuItem` `ClientToScreen` `EnumDisplaySettingsA` `LoadImageA` `ShowWindow` `IsWindowEnabled` `TranslateAcceleratorA` `GetKeyState` `CopyAcceleratorTableA` `PostQuitMessage` `IsZoomed` `GetSystemMenu` `DeleteMenu` `GetClassInfoA` `DefWindowProcA` `GetMenu` `SetMenu` `PeekMessageA` `IsIconic` `SetFocus` `GetActiveWindow` `GetWindow` `DestroyAcceleratorTable` `SetWindowRgn` `GetMessagePos` `ScreenToClient` `ChildWindowFromPointEx` `CopyRect` `LoadBitmapA` `WinHelpA` `KillTimer` `SetTimer` `ReleaseCapture` `GetCapture` `SetCapture` `GetScrollRange` `SetScrollRange` `SetScrollPos` `InflateRect` `SetRect` `IntersectRect` `DestroyIcon` `PtInRect` `OffsetRect` `IsWindowVisible` `EnableWindow` `RedrawWindow` `GetWindowLongA` `SetWindowLongA` `GetSysColor` `SetActiveWindow` `SetCursorPos` `LoadCursorA` `SetCursor` `GetDC` `FillRect` `IsRectEmpty` `ReleaseDC` `IsChild` `UnregisterClassA` `SetForegroundWindow` `GetWindowRect` `EqualRect` `UpdateWindow` `ValidateRect` `InvalidateRect` `GetClientRect` `GetFocus` `GetParent` `GetTopWindow` `PostMessageA` `GetWindowTextLengthA` `CharUpperA` `GetWindowDC` `BeginPaint` `EndPaint` `TabbedTextOutA` `DrawTextA` `GrayStringA` `DestroyWindow` `CreateDialogIndirectParamA` `EndDialog` `GetNextDlgTabItem` `GetWindowPlacement` `RegisterWindowMessageA` `GetLastActivePopup` `GetMessageTime` `RemovePropA` `CallWindowProcA` `GetPropA` `UnhookWindowsHookEx`
GDI32.dll	`Escape` `ExtTextOutA` `TextOutA` `RectVisible` `PtVisible` `GetViewportExtEx` `ExtSelectClipRgn` `LineTo` `MoveToEx` `CreateRectRgnIndirect` `GetTextMetricsA` `SetStretchBltMode` `GetClipRgn` `CreatePolygonRgn` `SelectClipRgn` `DeleteObject` `CreateDIBitmap` `GetSystemPaletteEntries` `CreatePalette` `StretchBlt` `SelectPalette` `RealizePalette` `GetDIBits` `GetWindowExtEx` `GetViewportOrgEx` `GetWindowOrgEx` `BeginPath` `EndPath` `PathToRegion` `CreateEllipticRgn` `CreateRoundRectRgn` `GetTextColor` `GetBkMode` `GetBkColor` `GetROP2` `GetStretchBltMode` `GetPolyFillMode` `CreateCompatibleBitmap` `CreateDCA` `CreateBitmap` `SelectObject` `GetObjectA` `CreatePen` `PatBlt` `FillRgn` `CreateRectRgn` `CombineRgn` `CreateSolidBrush` `GetStockObject` `CreateFontIndirectA` `EndPage` `EndDoc` `DeleteDC` `StartDocA` `StartPage` `BitBlt` `CreateCompatibleDC` `Ellipse` `Rectangle` `LPtoDP` `DPtoLP` `GetCurrentObject` `RoundRect` `GetTextExtentPoint32A` `GetDeviceCaps` `SetBkColor` `SaveDC` `RestoreDC` `SetBkMode` `SetPolyFillMode` `SetROP2` `SetTextColor` `SetMapMode` `SetViewportOrgEx` `OffsetViewportOrgEx` `SetViewportExtEx` `ScaleViewportExtEx` `SetWindowOrgEx` `SetWindowExtEx` `ScaleWindowExtEx` `GetClipBox` `ExcludeClipRect`
WINSPOOL.DRV	`ClosePrinter` `OpenPrinterA` `DocumentPropertiesA`
ADVAPI32.dll	`RegQueryValueA` `RegSetValueExA` `RegOpenKeyExA` `RegCloseKey` `RegCreateKeyExA`
SHELL32.dll	`Shell_NotifyIconA` `ShellExecuteA`
ole32.dll	`CLSIDFromString` `OleUninitialize` `OleInitialize`
OLEAUT32.dll	`#186` `#163` `#161`
COMCTL32.dll	`ImageList_Destroy` `#17`
WININET.dll	`InternetCanonicalizeUrlA` `InternetCrackUrlA` `HttpOpenRequestA` `HttpSendRequestA` `HttpQueryInfoA` `InternetReadFile` `InternetConnectA` `InternetSetOptionA` `InternetCloseHandle` `InternetOpenA`
comdlg32.dll	`GetSaveFileNameA` `GetFileTitleA` `GetOpenFileNameA` `ChooseColorA`

Delayed Imports

1

Type	`TEXTINCLUDE`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xb`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.0958`
MD5	`0174b80aba6359d1011cd22b880f1a72`
SHA1	`9be77da1b2e1d6f4c0c77630334cf0f2a5a17ce6`
SHA256	`7791d56b6792eb1836f2e46ea02d208ffb1343ae922d6c696ad04de2e2c09441`
SHA3	`63aab311030110ae8c92e8229c5b4b6e6d796612f10c3fcfb448b681b4b3577a`

2

Type	`TEXTINCLUDE`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x16`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.27761`
MD5	`983c1066b8da83907ccb829dc9c725e6`
SHA1	`e5e00901ed07ee44b324ec54a39dbc7f998d1872`
SHA256	`4b345f7ee4c62582d946797d37a7dd8498af15f4afda496999d1ac54c108714a`
SHA3	`9e6e95da2a15de691b8d8369e4c0d15e125f5ec30cad35137ef9d61533b893a1`

3

Type	`TEXTINCLUDE`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x151`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.2478`
MD5	`2ed134514e374e40a710bd61d5190a86`
SHA1	`60ffcba570e819f041c84d7f1f2c0624daeada18`
SHA256	`6b993c9dc325863302d0ea34e4287822286f7fdf8e023320b9a520b5c9dcfa47`
SHA3	`b81bcaa3dc85c917820ef48bd60ee97d74a58b23c9d9d54b91e34e4fd097929b`

1 (#2)

Type	`RT_CURSOR`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16959`
MD5	`dd516f96a352053618af66614c7ee23d`
SHA1	`ac9f852776d2a94c6676a83d55b52d8ae4f6e75f`
SHA256	`d27dd42f6f0db9536d3d59a42c61f4049f73c3373c00afa0554e3e7f85f9a92b`
SHA3	`c5e1a2860e8ca5ce99813b88a1e892ac55347b029506db40f0918be4a6550267`

2 (#2)

Type	`RT_CURSOR`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.61097`
MD5	`5e4306d342f15693f982320008298649`
SHA1	`2f48a547a1427833013f1ccc5d3119ab36c1cb11`
SHA256	`ba8a8cf5ecd16690d37ba7f41f107973656c617488a880538e1e33821929d3a3`
SHA3	`59e7368ccafa1b3b925e68b2a015f7d8153e999ed3daaec8d48008e2f70c984a`

3 (#2)

Type	`RT_CURSOR`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02695`
MD5	`cab67e9ca149fb79ab4473998412b951`
SHA1	`2e793d35537bfb5d3f042ed0626d3b119d50519a`
SHA256	`fbeb3be87e80cb8e1d2af3d8140796c1bb80c6c7056f60897088ff9e355c3867`
SHA3	`0e72f5537421764effb2ed98e536358bb7e86eed7b0936e606e8d45559685684`

4

Type	`RT_CURSOR`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xb4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.74274`
MD5	`9fa8a914823ac7e5370652146901f4f1`
SHA1	`eb3224109abb341b6e464d2606fdbed1a7160bc6`
SHA256	`f64ccc0582bc7c66af8b40049e485e8e241335261ec95ace909293ba50b2e4a3`
SHA3	`bb348af06514e27cd1fa21ad524dfd037edcd3b36ef4cc6ab24c4a8ec38995ff`

1031

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x248`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.67246`
MD5	`4e68d48e0b5c427c7ab78cf473741530`
SHA1	`f1594c91aaddbea1e6f65d387f9bae32a1bc564c`
SHA256	`040a6280de380f6dfcf9335e7789c109fe6dca63b7875dfdf53b94e58444bc35`
SHA3	`1529b7b296eeadc4916f4556fe8f26a7af91b48effab377d02847269405bc4cc`
Preview

1038

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23563`
MD5	`4f5d3abeaf37aa12daf334577d763cf8`
SHA1	`e9eab315798bb74fc12b0950011265e0e994876e`
SHA256	`5df58f862fdad1191048c43102b19d2f0a2a072dca2d4a15e0ff410cff74d1e3`
SHA3	`2ad2879352c2e7e50fc772d46bc3a50999e43ed35d478082527c0b5a0b3b6a36`
Preview

1138

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.06778`
MD5	`801d95f64abdf551c76057465d9855ba`
SHA1	`187cd89b980aa8bd7d67a0b56a95f48a3ffc08d5`
SHA256	`f8608530637848da94fd3bcd6080ea29d165c5d6aa96bb8d7244175652d44e7d`
SHA3	`c42e3989ce955d83fe60e08d28c83f4df3aa94af382f5f96a068f7948b80cf4d`
Preview

1139

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.06778`
MD5	`cc4c8954ba21f7265d2e34af683822a7`
SHA1	`0cd5b70d6a36690e6b359917716ad20aaaeb1142`
SHA256	`0e0636237e784b7fdf6ee15903dd33ad0eac7f6de2411dc47de7426f61af573d`
SHA3	`7735bf1c6013300bb12ea4551b06952fc0289eff58ca65ee4cf0d686dbc0aded`
Preview

1140

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.82327`
MD5	`3fdb32df423939b6be9ef7ea2edc82de`
SHA1	`024376a1fe6db7d3f624a2e104b9281654682d23`
SHA256	`52b0d8794067fbb5b88c73f5875d3347d586fc6e92a79155d5f687c01afcdd2a`
SHA3	`592da405c94eaed47c9b7c84eec9728d98802a544cc0049b79e7de475ea29abe`
Preview

1141

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.87572`
MD5	`4fae4fdd7257306abf84838c723f521b`
SHA1	`76d5338f7be0ae0c5d479fa27f064858a35d4e7d`
SHA256	`f5214c0bb68205062476dae1ae48c7aac9b1a7b06af025247cdf1610a8b739b0`
SHA3	`d77023013488df3c8bdd13907dfd2a5775e5fded4b525514de4453fc2678d763`
Preview

1142

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.7844`
MD5	`aa147e1a1b27e664ee25ba1b761eb97d`
SHA1	`56ee86aa9618a346803983cfab333a1bb81ebe36`
SHA256	`bb87a47da4781dac354f71427b0461f8a4234e4c18cc9a167cb54960c5ebb742`
SHA3	`d34d69d3d4c123206aae799fd1cbd17ea22f3d4fa1021d00e9b7e3f3f14da6a5`
Preview

1143

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.57855`
MD5	`d2d7419aa33ed86048015fbfe27359a4`
SHA1	`3b8b10ecb2068f21a9fc466a69164c28ae7a1571`
SHA256	`00b25fcbf267a0945d6fe3612dbdbad6640d1c99a9cb443f06d016bd44f51eab`
SHA3	`1c5f91189689ddb079d8274281229a45737f716b4253912ba94265c44abececb`
Preview

1144

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.53371`
MD5	`a06c1fd9091b6f3ccba80f3dcdabf19e`
SHA1	`21a3a87f764727c69c85728346b1d05d97869807`
SHA256	`5b7335372b1be5486f289d5e7ee01155c1d7fb8df76d8495bf15b7cee3f94585`
SHA3	`048b0c8d2d44b34fea51e6ff4e2ae4f5c73b5f7c1211741cdc4fe6796000ad22`
Preview

1145

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x158`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.41101`
MD5	`d9851b0845656cb1b1f5c586547b83bf`
SHA1	`fbcf280c7ec369d349b10d31ecbf261758e1ef14`
SHA256	`a6b89465e793bf0f0001f27440617590039a7fb34a16bcb551ce4b10b49eb7db`
SHA3	`7472827cfb2a9b2f7537971c617d231e75e471c3502299bde2184d23f55d22f3`
Preview

26567

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x5e4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.09838`
MD5	`055505a1940f27993d40e136bc915615`
SHA1	`f6223d2c97df05fa6b6ca54b47c92438777eae79`
SHA256	`a9bb58f43df34b3dc05b79015210b5a1ca84f8ff97555cf7344ef8bb662e1a6d`
SHA3	`cf77404babde2509159cac5542bdbc409a869e1633222f15e62ccb39bb8ad59b`
Preview

30994

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xb8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.23666`
MD5	`8cf65be17e506ff24c2177078f88b56e`
SHA1	`3e397dc7597caeb844df0ea760b64231c8ce3dbf`
SHA256	`e7c0005285d1ab59732d5f99f77a9bdd6342b01cf44437ebd7a07611a227e272`
SHA3	`7da4c7aab356574679f0f9107740f01647864c846c04f699deef67577fd6aded`
Preview

30995

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x16c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.20022`
MD5	`a2153b6134d93fd17964b36be4821db4`
SHA1	`43d43980d7e6c1f080cc3eca82d84dc2ab8241b1`
SHA256	`4406c7739acdebe7be0510fb2cf7043ebec1f3dfd4fd876e1b6d0eb29fa79a14`
SHA3	`c6bfd5b740368d3cc00322a1d1ed6905cefec2b5a411b2100444a37e72f79fe6`
Preview

30996

Type	`RT_BITMAP`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87621`
MD5	`5a9c81cdbf480cf01daa71ba0e233c5f`
SHA1	`28e04c01584654e1974347d1baa462b2784e9c47`
SHA256	`abdf36bde89a26349f5741c17c235dacea88d441d8662ba16a598dc50c3c4864`
SHA3	`99dec83590ac444359a5a6f8924dae5615d93f4df527e10a8a61319ce3a5beaf`
Preview

1 (#3)

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.12749`
MD5	`0cb42696bae18798cb7086367e1c8648`
SHA1	`c8c1ea6ee6ae4285986c9ef7e3df213a32d76150`
SHA256	`c70bbabb35024b71265ad0cbc6b6553146b8417e6469c7031b292f87ac7f027c`
SHA3	`6f2d62a1fa986d2ef581c9c32b9e13c28f1689842f0bb999dd64e6ad58ac8fd3`

2 (#3)

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.18858`
MD5	`f7689df1f1046fd3a9329c2bed028a7a`
SHA1	`5c81380f4db520c34783768d528a1223ccc10298`
SHA256	`bfd6b9443d835d48f4872879c901fd73a9cb1dcd85ceb44ab769410cf282b756`
SHA3	`d8707398afb787b830b3e9fdd416041d648fd4ba2e0988a16906f692a85b7dc1`

3 (#3)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.45415`
MD5	`04baafb1cb412eb582f4efeb62f9d253`
SHA1	`b9c642c5e7d067553012761b3f8347bfd84b0a23`
SHA256	`b54b26d3012d075025490b7fbe82ab78a8f224bfec327ab6729c1006fe96ee52`
SHA3	`8f300f7830b1c5632b5e005a64c54069d34d461c5858a69fa006ddba6abd307a`

4 (#2)

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.84053`
MD5	`b3bad69116a95a2dbd41c21b952d1284`
SHA1	`5dd66dc4dcbb7d9c1c98ff39fc034c098ced7913`
SHA256	`ab9463f44814797b8ab01397e2b173baba25ef7538d0a41a20db1cdf3fff13b6`
SHA3	`be8257a5538c4b2f9a59f2ba5960f1a26606dde4b620314168465ffa85b871f7`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.61843`
MD5	`c65e4e7627c11195b31545f8e3164ba7`
SHA1	`0feddb751ac2aad549520f464776436835a42d42`
SHA256	`4eef9597d5719de21537d7f14e95e9ff946fb9333686e528e68f518ab91803eb`
SHA3	`6fcbfc7bcda936bb95127730e322cf8aa40eaba1240cc1e29f4e4420a8c2a8e2`

127

Type	`RT_MENU`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.4183`
MD5	`c01d4cd5bb1b57b835a1c2fba8e21e69`
SHA1	`be4bef44f1fce0552bee077b50211ebc04a5a777`
SHA256	`7dd1a3835eca622418f5fc87a53d3404b2b4766b8c0df00ee59ba679b35c70bc`
SHA3	`d1a9883d25af151238872bedfae8daade1eab0dcf9a4d516d8a000faab836a63`

1039

Type	`RT_MENU`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x284`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.27721`
MD5	`c8422eaddf07a9bee95c726c8426fcfc`
SHA1	`33056ecf914eebbd3029f658c22447e516747d4e`
SHA256	`7a7d7c4216cc704f4d47ea69d74851dab873624e47a6d40190e1a239db35715d`
SHA3	`c31c82b719ad6e62f6fc0e06e5fb0f61c126b8588ece4ee358543fe710229aeb`

150

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x98`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06278`
MD5	`44526224da99d6c18599dd024d03690c`
SHA1	`1ee6fbfe9206aaa8d4f0e3c00a79203d6832067b`
SHA256	`512c93356c834770fca27fb18e6271ede046e5679587c3448ef9be8fec2e3bba`
SHA3	`24a7af9dc861ffdfe9f1231bfd9c8b7a831cca871e5a2ddf8607965b46fcdbba`

286

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x17a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.5561`
MD5	`7680df3f58cc47c46b99d84b10112194`
SHA1	`f4fe13962765e8c117f19f0e6bf01d64b0a23420`
SHA256	`2dc26197331d3f1e46b99f0fe7cc2e6868d25b655f12e960f57bd7e1056cb06c`
SHA3	`5ed31f740eb95cbef0eba3a691239cd02b9a4e3428bc1155ed660425320189e2`

554

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xfa`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.78697`
MD5	`da7ba785cdcd261b11c0eb9e21645e33`
SHA1	`7e1d6e23f5ebd67f14e08b1435d8f0ef03c7ca97`
SHA256	`b9f9f75f7931892d9db0418d496c7d5845b7710ecffe2117250d99d61da59fd3`
SHA3	`5e23ddfcc02b150d79a0f5e731d5cd584648dbd3a857934ea42ea98dbe5ea4d4`

1037

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xea`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.45041`
MD5	`4b9b12aa24c41c52fe6e59c420fe8708`
SHA1	`339dcf23d4e8361fc78919cb2a00f89353277a70`
SHA256	`d2c7f254d83c3122744bc35895a946a2e3c9f0c9545ccae2289fe10a8a214a1b`
SHA3	`3d9023d40c905b660f421967e6b40b087bd2d9c7f11f7042889d7c99f62bea2f`

1084

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x8ae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.18397`
MD5	`3b69402c70fa480ec16568dd6b708e13`
SHA1	`e94831a62793cd4588263af60de9a78ffcf4eb8f`
SHA256	`09dd636320023e367b16b8992bdc09803f50eae040b33ab29df1d33e425568e1`
SHA3	`47aadf425b780072ffe63df8f37ab4465de00054aecd2c0f20c3acd844c82bae`

1124

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xb2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.51845`
MD5	`26c2bcd4e5333a75a1408c4e59711022`
SHA1	`c7fdff5b229cdf7882e81300285081b469d80755`
SHA256	`096a66c479bf64312d10d27270bf793aca7e14a0a731ea8af8b2eaaa91114117`
SHA3	`a39b0d306ee4cd54d1854deadadbfd63440982b3e6037fdd8022e595a73fe519`

1134

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xcc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.73942`
MD5	`be90a3c4f4988eaa4f1498ba66e25c8c`
SHA1	`95ab8be47f1c29af2ccebccd4f0b98322012f4bd`
SHA256	`5bdbd189b596b2b6658d2e7d0e7e9bb203ca7749da598f0343abcd2cd0e7a1e6`
SHA3	`38b0804ccdf19b3a754ee8aa96f33333b2a6438318d18a7b48e49ae26d6059ed`

1150

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xb2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.45225`
MD5	`5228e05f53b7eee70cdae8bfe4e116b7`
SHA1	`59952cfa6cf756626c57c641c85f752ea8997d80`
SHA256	`963d2d391d6ba60a6ac73c0041d23a862046afd9c446f4112b90ae290839a806`
SHA3	`258d162737232b01a90bfb86fb3de0d4cd3a935bb3e2f8a2a55d721037cf573d`

30721

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0xe2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.38941`
MD5	`085d5f15dba87cc77a4cad2d555d6c8c`
SHA1	`5299e0b15c862d118bed43251fd6ebde8d9f824d`
SHA256	`95681f43fb8cf9ff17d7a15cb0c12d9cb2b92282097283ec7388b18fe5d32f11`
SHA3	`c2751bef9db649f88eb88b6437728cbb74df17704c17242f5ebd14d96e6ee4aa`

30722

Type	`RT_DIALOG`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x18c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74445`
MD5	`ccf1e3cf6acded3c2c63ee305170de36`
SHA1	`c2b9c6b8fe4980da2513c20e85f2b8d78c9b1afc`
SHA256	`d20fbeb2fa69c10f2516fc4f545597734464e68bf7388c2c3325343be22f25ca`
SHA3	`8a595d24997078113f7b966fce4dd7b3b0d5bf4f068341973b55389fbb8cb566`

3841

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x50`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.68399`
MD5	`27e992d5cd65b0ca3d129106cc1e542b`
SHA1	`f38d0d22b7abdb0dc389790027f8baa65342c931`
SHA256	`8b568f62cc221d621d3c624e7363d59c4bf36a72bda8e147eda5374c232a41a5`
SHA3	`7c0b2073f7d8639e08933edd26259d17c657a3a8bd10c220b28dc36bf991db1a`

3842

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x2c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.37932`
MD5	`da86a7575ac8286809dd9481ec498fd8`
SHA1	`603b9d5525180b1dd7f12747c6686548abc3eb32`
SHA256	`0b985f127b9074f92daf51979d1228e8d0657682ed064beed98015d6775e51d0`
SHA3	`dfe329fb5f9e5b8c99125d3a6e59c3b7c9d3f58ceb00eddf3a2efe5c901decd8`

3843

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x78`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.07447`
MD5	`7c859626451a41d43bdb6e834b14377f`
SHA1	`da7c436fc04f4634e78d0e082ec2bd58df0d834f`
SHA256	`302aebc37216997e819a40d01fcf7bb9e167086ada2ebb0dd0e66ddfd01214b5`
SHA3	`579bfffbce971576d9259f238c3ba65c7dddab341ad697b96f24febf131b6a0c`

3857

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x1c4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.10651`
MD5	`ae6a056cefffe26b23eac60d04989987`
SHA1	`647f69e40048510c7bc2a85c56c31d3c5c93520e`
SHA256	`de0534ff3bbef338455e8429094952e27f2d32d55251eb0d06ff038a0712847a`
SHA3	`011f50fe2cdebe31e0f64c965e4764d31c9e8b301d36c77187675702c95eae4c`

3858

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x12a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.07121`
MD5	`7b9eb7d6204e8b40c165056d4f913aaa`
SHA1	`d6f0d252ab0d8a61a3b3bfa8d1d8f15b6b5980b4`
SHA256	`2ffbc578d90a3e38bdad4ec77d3af58a8658d50525c0181d367ecca3caa90343`
SHA3	`cfec62ae95d5501d7215671ed599e2836a1a68da564e36d75cec7714c40f0ffa`

3859

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x146`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.85681`
MD5	`8f0987ae2b73f266a0e1c3a542c98605`
SHA1	`5f255288183c4540cd3d17e77610727cc0abfec7`
SHA256	`d3d61705e766fd9a7fa182de39d008036d5806197e5f94069fb9639b7f8b3a7e`
SHA3	`b5960118e4788f9f9cfb34c06b009dcfb5aefd17cf426a2f83e57e021cf04bbd`

3865

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x40`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16865`
MD5	`4231654bdf85b678bb14449fdbfc7551`
SHA1	`52a66153e54242d310b717fe2ceb53985355fc63`
SHA256	`bd48ebe7d5151a7972cf4ef7398aa32197c09c043018152b275e194079e6cb36`
SHA3	`62e4d63095a5b69fbf08e4210c0c7595bbd3d9fd7762ff6ad7d68f6c43e9d3ce`

3866

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x64`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.15663`
MD5	`161e87eb73081d55a22eca8a7599cec9`
SHA1	`cbf8b9f13b16195df9f6f5fafebad37512189db1`
SHA256	`90acf703f238b79f43ed45dd995adb3a9aed92a4e2898a542960390a79986247`
SHA3	`86b3a428d12470b7143b3824c56db5fb856b417f42c299561be4c6307a73612c`

3867

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x1d8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.71189`
MD5	`ffb2c960432dbc57036b37f0dc4f1801`
SHA1	`f4fc7c61b2081e62cd7dc0aa0bc87c6d9c4ae4fb`
SHA256	`4bcda3f9066ac6438067470cc7619e93d205234c739e6def0fd9b1c17d8da3e8`
SHA3	`9de813c33aad1aa2a1de01e596223e4a72af5427e781f518052a0e8c558ad1e6`

3868

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x114`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.40365`
MD5	`2d219af23f43c40235ddae8924570225`
SHA1	`3d5261d86f26957dedb0ec73ceece9ebee2321d4`
SHA256	`7f3e8f1e71164263cf0ea5b7483a0c96fb880d008edbf7f5fc8452b41d72cd74`
SHA3	`6e37f0ee58bc4fd6a882903d21d1c60f24396c49917488eb23b51c51012811b6`

3869

Type	`RT_STRING`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x24`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.903812`
MD5	`3aeb0d04983923c5f3db08ff872ea9ea`
SHA1	`4464d409df76c913c59f2763bb0deb0eb2306e2b`
SHA256	`ae61f0cc506d48077e2c1df743ade849ee40e74ea228514f109782c78f402283`
SHA3	`98082029421f0596d00e3ce7c9599250fbb32c8ed767a6e8d132aeb329f4c377`

1032

Type	`RT_GROUP_CURSOR`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Cursor file
MD5	`aff0f5e372bd49ceb9f615b9a04c97df`
SHA1	`e3205724d7ee695f027ab5ea8d8e1a453aaad0dd`
SHA256	`b07e022f8ef0a8e5fd3f56986b2e5bf06df07054e9ea9177996b0a6c27d74d7c`
SHA3	`9cb042121a5269b80d18c3c5a94c0e453890686aedade960097752377dfa9712`
Preview

1033

Type	`RT_GROUP_CURSOR`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.83876`
Detected Filetype	Cursor file
MD5	`a2baa01ccdea3190e4998a54dbc202a4`
SHA1	`e8217df98038141ab4e449cb979b1c3bbea12da3`
SHA256	`c53efa8085835ba129c1909beaff8a67b45f50837707f22dfff0f24d8cd26710`
SHA3	`8874564c406835306368adf5e869422e1bb97109b97c1499caa8af219990e8dc`
Preview

30977

Type	`RT_GROUP_CURSOR`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.25451`
Detected Filetype	Cursor file
MD5	`ab177b955c2f330b053b1fe0a5618dc6`
SHA1	`4195f1dd0f34a982c8e5c95ac43412cec1462715`
SHA256	`58531242c8bcc3c5858701ac8b7e50aa34a2fcedaad81ce5dc0aa99effb79a7d`
SHA3	`576c511275899104d47c90f4087757f5ed8cac33415255dd0e5b773058c61461`
Preview

DEFAULT_ICON

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.37214`
Detected Filetype	Icon file
MD5	`f81ecaca4db901fd70858265fe46e226`
SHA1	`6a96a5189b31682c9537583934510938e181ee7d`
SHA256	`5b74f5f96e790889ab95b41a0a6c115441e28096bea721d861dd4f99daa863e5`
SHA3	`332a3fa98c3b0bdd7f761389e4a7a6cc45402c8ec56416c1abbb913178f3afe2`

1151

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.16096`
Detected Filetype	Icon file
MD5	`42cf62b780813706e75fb9f2b2e8c258`
SHA1	`a022d5c1cfdd8aace0089f3e72f2eedd41bda464`
SHA256	`a0c9d012e2bf6b2fe05c2d97cb5594d97cf2f539e97935c12abd7a3562f4d9bf`
SHA3	`0aafc8e3d8b6bde595537da4ffe0efc5fe53f01dafe336a2a5828b6a71283d3c`

1152

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.02322`
Detected Filetype	Icon file
MD5	`7a9605cb416b1a091d889b9d9f37ec66`
SHA1	`866c01641d672b6cd69901c1e055f174f47b35bb`
SHA256	`6bcce1250099cc08d574211b3debabb0244cd2641f6d960538e7ddc97d319164`
SHA3	`af43e622bf6c842d1ada2985f8e68920ff7b22d8a0b1a12871968c23b5065651`

1 (#4)

Type	`RT_VERSION`
Language	Chinese - PRC
Codepage	Latin 1 / Western European
Size	`0x240`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.82923`
MD5	`d9476cf3666d5874a0e81a010b7bdd93`
SHA1	`e06bb9c02f720e3a4f9f8124dd6d978b9bcfe150`
SHA256	`254d7a7bab5e4e6356caff98aaf3003b0366a0bd79217078050aaa313d872d9f`
SHA3	`4c26aaf8d2bfb1cd45975ee16cce5b9104aa34b50c262f0deea0d454dc7095bd`

String Table contents

打开
保存为
所有文件 (.)
无标题
一未命名文件
隐藏(&H)
得不到出错信息。
试图执行系统不支持的操作。
必需的资源无法得到。
内存不足。
出现了未知的错误
无效的文件名。
打开文档失败。
保存文档失败。
将改动保存到 %1？
建立空文档失败。
该文件太大，无法打开。
无法启动打印作业。
启动帮助失败。
内部应用程序出错。
命令失败。
没有足够的内存执行操作。
系统注册项已被移除并且相应的 INI 文件（假如存在）也被删除。
不是所有的系统注册项（或 INI 文件）都被移除。
在系统中没有找到此程序需要的文件%s。
此程序连接到文件 %s 中丢失的输出 %s 。此机器可能有一个 %s 不兼容的版本。
请键入一个整数。
请键入一个数。
“请填入一个在%1和%2之间的整数。”
“请填入一个在%1和%2之间的数字。”
“请填入不多于%1个的字符。”
请选择一个按钮。
“请填入一个在0和255之间的整数。”
“请填入一个正整数。”
“请填入一个日期和/或时间值。”
“请填入一个货币值。”
非预期的文件格式。
无法找到该文件。
请验证给出的路径和文件名是否正确。
目的磁盘驱动器已满。
无法对 %1 进行读操作，它已经被其他人打开。
无法对 %1 进行写操作，因为它是只读文件或已经被其他人打开。
在对 %1 进行读操作时发生了一个非预期的错误。
在对 %1 进行写操作时发生了一个非预期的错误。
无法读只写特性。
无法写只读特性。
无法装入邮件系统支援。
邮件系统 DLL 无效。
传递邮件未能传递信息。
无错误发生。
在对 %1 进行访问时发生了一个不明错误。
没有找到 %1。
%1 中包含无效的路径。
无法打开 %1 因为太多文件已被打开。
对 %1 的存取被拒绝。
一个无效的文件柄与 %1 相关联。
无法删除 %1 因为它是当前目录。
该目录已满，无法创建 %1。
对 %1 进行查找失败。
在存取 %1 时一个硬件输入/输出错误被报告。
在存取 %1 时发生共享违例。
在存取 %1 时发生锁违例。
在存取 %1 时磁盘已满。
试图越过其尾端对 %1 进行读写。
无错误发生。
在对 %1 进行访问时发生了一个不明错误。
试图在对 %1 进行读操作的同时对其进行写操作。
试图越过其尾端对 %1 进行读写。
试图在对 %1 进行写操作的同时对其进行读操作。
%1 格式错。
%1 含有非预期的对象。
%1 包含错误的模式。
象素

Version Info

Signature	`0xfeef04bd`
StructVersion	`0`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	Chinese - PRC
FileVersion (#2)	1.0.0.0
FileDescription	易语言程序
ProductName	易语言程序
ProductVersion (#2)	1.0.0.0
LegalCopyright	作者版权所有请尊重并使用正版
Comments	本程序使用易语言编写(http://www.eyuyan.com)

Resource LangID	Chinese - PRC

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xb602d6d8`
Unmarked objects	`0`
12 (7291)	`5`
C++ objects (8047)	`9`
C objects (8047)	`6`
14 (7299)	`44`
19 (8022)	`44`
Imports (2179)	`2`
Total imports	`680`
19 (8034)	`29`
C++ objects (VS98 SP6 build 8804)	`111`
C objects (VS98 SP6 build 8804)	`200`
C++ objects (VS98 build 8168)	`80`
Unmarked objects (#2)	`84`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

ecd6ff7f8e749d9a0463292f5a2bb859

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

Imports

Delayed Imports

1

2

3

1 (#2)

2 (#2)

3 (#2)

4

1031

1038

1138

1139

1140

1141

1142

1143

1144

1145

26567

30994

30995

30996

1 (#3)

2 (#3)

3 (#3)

4 (#2)

5

127

1039

150

286

554

1037

1084

1124

1134

1150

30721

30722

3841

3842

3843

3857

3858

3859

3865

3866

3867

3868

3869

1032

1033

30977

DEFAULT_ICON

1151

1152

1 (#4)

String Table contents

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors