f183676771863e395fdba50929e95a0c6024b8d378e9d9e019837870a63e1199

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2021-Jul-29 09:51:04
Debug artifacts C:\git\screenpresso\Screenpresso\src\obj\Release\net48\Screenpresso.pdb
Comments Screen capture tool
CompanyName Learnpulse
FileDescription Screenpresso
FileVersion 1.10.3.0
InternalName Screenpresso.exe
LegalCopyright Copyright © Learnpulse 2021
LegalTrademarks
OriginalFilename Screenpresso.exe
ProductName Screenpresso
ProductVersion 1.10.3.0
Assembly Version 1.10.3.0

Plugin Output

Info Matching compiler(s): Microsoft Visual C# v7.0 / Basic .NET
.NET DLL -> Microsoft
.NET executable -> Microsoft
Suspicious Strings found in the binary may indicate undesirable behavior: Contains references to system / monitoring tools:
  • rundll32.exe
 Contains references to internet browsers:
  • chrome.exe
  • iexplore.exe
 Tries to detect virtualized environments:
  • HARDWARE\DESCRIPTION\System
 May have dropper capabilities:
  • CurrentVersion\Run
 Contains another PE executable:
  • This program cannot be run in DOS mode.
 Miscellaneous malware strings:
  • cmd.exe
  • exploit
 Contains domain names:
  • .amazonaws.com
  • 623059400218.apps.googleusercontent.com
  • DirectShowNet.SourceForge.net
  • Screenpresso.com
  • SourceForge.net
  • amazon.com
  • amazonaws.com
  • analytics.com
  • api.bitly.com
  • api.dropboxapi.com
  • api.imgur.com
  • api.onedrive.com
  • api.screenpresso.com
  • api.twitpic.com
  • api.twitter.com
  • apis.live.net
  • apps.googleusercontent.com
  • aws.amazon.com
  • bitly.com
  • cacerts.digicert.com
  • camendesign.com
  • cdn.screenpresso.com
  • codeplex.com
  • console.aws.amazon.com
  • content.dropboxapi.com
  • crl.globalsign.com
  • crl3.digicert.com
  • crl4.digicert.com
  • digicert.com
  • dl.dropboxusercontent.com
  • dotnet.microsoft.com
  • drive.google.com
  • dropbox.com
  • dropboxapi.com
  • dropboxusercontent.com
  • evernote.com
  • flowplayer.org
  • github.com
  • globalsign.com
  • gmail.com
  • google-analytics.com
  • google.com
  • googleusercontent.com
  • http://DirectShowNet.SourceForge.net
  • http://api.bitly.com
  • http://api.bitly.com/v3/shorten?login
  • http://api.twitpic.com
  • http://api.twitpic.com/2/upload.xml
  • http://cacerts.digicert.com
  • http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
  • http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
  • http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
  • http://cacerts.digicert.com/NETFoundationProjectsCodeSigningCA.crt0
  • http://camendesign.com
  • http://crl.globalsign.com
  • http://crl.globalsign.com/ca/gstsacasha384g4.crl0
  • http://crl.globalsign.com/root-r3.crl0G
  • http://crl.globalsign.com/root-r6.crl0G
  • http://crl3.digicert.com
  • http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
  • http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
  • http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
  • http://crl3.digicert.com/NETFoundationProjectsCodeSigningCA.crl0E
  • http://crl3.digicert.com/sha2-assured-cs-g1.crl05
  • http://crl3.digicert.com/sha2-assured-ts.crl02
  • http://crl4.digicert.com
  • http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0
  • http://crl4.digicert.com/NETFoundationProjectsCodeSigningCA.crl0L
  • http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
  • http://crl4.digicert.com/sha2-assured-ts.crl0
  • http://flowplayer.org
  • http://james.newtonking.com
  • http://james.newtonking.com/projects/json
  • http://maps.google.com
  • http://maps.google.com/?ll
  • http://msdn.microsoft.com
  • http://msdn.microsoft.com/en-us/library/windows/desktop/dn481241
  • http://ocsp.digicert.com0C
  • http://ocsp.digicert.com0K
  • http://ocsp.digicert.com0N
  • http://ocsp.digicert.com0O
  • http://ocsp.globalsign.com
  • http://ocsp.globalsign.com/ca/gstsacasha384g40C
  • http://ocsp2.globalsign.com
  • http://ocsp2.globalsign.com/rootr306
  • http://ocsp2.globalsign.com/rootr606
  • http://s.ytimg.com
  • http://s.ytimg.com/yts/jsbin/player-
  • http://schemas.microsoft.com
  • http://schemas.microsoft.com/GroupPolicy/2006/07/PolicyDefinitions
  • http://schemas.microsoft.com/SMI/2005/WindowsSettings
  • http://schemas.microsoft.com/expression/blend/2008
  • http://schemas.microsoft.com/winfx/2006/xaml
  • http://schemas.microsoft.com/winfx/2006/xaml/presentation
  • http://schemas.openxmlformats.org
  • http://schemas.openxmlformats.org/markup-compatibility/2006
  • http://secure.globalsign.com
  • http://secure.globalsign.com/cacert/gstsacasha384g4.crt0
  • http://twitter.com
  • http://videojs.com
  • http://www.digicert.com
  • http://www.digicert.com/CPS0
  • http://www.macromedia.com
  • http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager04.html
  • http://www.screenpresso.com
  • http://www.screenpresso.com/?utm_source
  • http://www.w3.org
  • http://www.w3.org/2000/svg
  • http://www.w3.org/2000/xmlns/
  • http://www.w3.org/2001/XMLSchema
  • http://www.w3.org/2001/XMLSchema-instance
  • http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd
  • http://www.w3.org/TR/html4/strict.dtd
  • http://xml.evernote.com
  • http://xml.evernote.com/pub/enml.dtd
  • http://youtube.com
  • http://zxingnet.codeplex.com
  • http://zxingnet.codeplex.com/
  • https://api.dropboxapi.com
  • https://api.dropboxapi.com/2/files/delete
  • https://api.dropboxapi.com/2/files/list_folder
  • https://api.dropboxapi.com/2/files/list_folder/continue
  • https://api.dropboxapi.com/2/sharing/create_shared_link_with_settings
  • https://api.dropboxapi.com/2/users/get_current_account
  • https://api.dropboxapi.com/2/users/get_space_usage
  • https://api.dropboxapi.com/oauth2/token
  • https://api.imgur.com
  • https://api.imgur.com/3/
  • https://api.imgur.com/3/account/me
  • https://api.imgur.com/3/account/me/albums
  • https://api.imgur.com/3/album/
  • https://api.imgur.com/3/image
  • https://api.imgur.com/oauth2/
  • https://api.imgur.com/oauth2/authorize
  • https://api.imgur.com/oauth2/token
  • https://api.onedrive.com
  • https://api.onedrive.com/v1.0
  • https://api.onedrive.com/v1.0/drive
  • https://api.onedrive.com/v1.0/drive/items/
  • https://api.onedrive.com/v1.0/drive/root
  • https://api.screenpresso.com
  • https://api.screenpresso.com/1/
  • https://api.screenpresso.com/1/upload
  • https://api.screenpresso.com/2/
  • https://api.screenpresso.com/2/delete
  • https://api.screenpresso.com/2/list
  • https://api.twitter.com
  • https://api.twitter.com/
  • https://api.twitter.com/1.1/account/verify_credentials.json
  • https://api.twitter.com/1.1/help/configuration.json
  • https://api.twitter.com/1.1/statuses/update_with_media.json
  • https://api.twitter.com/oauth/
  • https://api.twitter.com/oauth/access_token
  • https://api.twitter.com/oauth/authorize?oauth_token
  • https://api.twitter.com/oauth/request_token
  • https://apis.live.net
  • https://apis.live.net/v5.0
  • https://aws.amazon.com
  • https://cdn.screenpresso.com
  • https://cdn.screenpresso.com/binaries
  • https://cdn.screenpresso.com/binaries/adb_20190828.zip
  • https://cdn.screenpresso.com/binaries/ffmpeg32_20160531.zip
  • https://cdn.screenpresso.com/binaries/ffmpeg32_20210114.zip
  • https://cdn.screenpresso.com/binaries/ffmpeg64_20210114.zip
  • https://cdn.screenpresso.com/binaries/tesseract32_20200621.zip
  • https://cdn.screenpresso.com/binaries/tesseract64_20200621.zip
  • https://console.aws.amazon.com
  • https://console.aws.amazon.com/s3/home?region
  • https://content.dropboxapi.com
  • https://content.dropboxapi.com/2/files/download
  • https://content.dropboxapi.com/2/files/upload
  • https://dotnet.microsoft.com
  • https://dotnet.microsoft.com/download
  • https://drive.google.com
  • https://imgur.com
  • https://login.live.com
  • https://login.live.com/oauth20_desktop.srf
  • https://notify.dropboxapi.com
  • https://notify.dropboxapi.com/2/files/list_folder/longpoll
  • https://onedrive.live.com
  • https://secure.screenpresso.com
  • https://secure.screenpresso.com/v1/2checkout
  • https://stats.screenpresso.com
  • https://stats.screenpresso.com/?ver
  • https://studio.youtube.com
  • https://studio.youtube.com/video/
  • https://twitter.com
  • https://www.digicert.com
  • https://www.digicert.com/CPS0
  • https://www.dropbox.com
  • https://www.dropbox.com/home
  • https://www.dropbox.com/oauth2/authorize?client_id
  • https://www.dropbox.com/register
  • https://www.evernote.com
  • https://www.evernote.com/Home.action#v
  • https://www.evernote.com/Login.action?targetUrl
  • https://www.evernote.com/OAuth.action
  • https://www.evernote.com/OAuth.action?oauth_token
  • https://www.evernote.com/Registration.action?code
  • https://www.evernote.com/edam/user
  • https://www.evernote.com/oauth
  • https://www.evernote.com/oauth?oauth_callback
  • https://www.evernote.com/oauth?oauth_verifier
  • https://www.evernote.com/shard/
  • https://www.globalsign.com
  • https://www.globalsign.com/repository/0
  • https://www.google-analytics.com
  • https://www.google-analytics.com/__utm.gif?utmwv
  • https://www.newtonsoft.com
  • https://www.newtonsoft.com/json
  • https://www.newtonsoft.com/jsonschema
  • https://www.nuget.org
  • https://www.nuget.org/packages/Newtonsoft.Json.Bson
  • https://www.onenote.com
  • https://www.onenote.com/api/v1.0/pages
  • https://www.screenpresso.com
  • https://www.screenpresso.com/api/v1/license
  • https://www.screenpresso.com/api/v1/license-validation
  • https://www.screenpresso.com/api/v1/ping
  • https://www.screenpresso.com/binaries/version4.xml
  • https://www.screenpresso.com/binaries/versionbeta4.xml
  • https://www.screenpresso.com/chrome-extension/
  • https://www.screenpresso.com/de/
  • https://www.screenpresso.com/de/chrome-extension/
  • https://www.screenpresso.com/de/download/
  • https://www.screenpresso.com/de/funktionen/
  • https://www.screenpresso.com/de/installation-subersicht/
  • https://www.screenpresso.com/de/nach-dem-kauf-umfrage/
  • https://www.screenpresso.com/de/preise/
  • https://www.screenpresso.com/de/support/
  • https://www.screenpresso.com/de/uninstall-umfrage/
  • https://www.screenpresso.com/docs/
  • https://www.screenpresso.com/docs/ScreenpressoHelp.pdf
  • https://www.screenpresso.com/download/
  • https://www.screenpresso.com/evernote
  • https://www.screenpresso.com/features/
  • https://www.screenpresso.com/fr/
  • https://www.screenpresso.com/fr/chrome-extension/
  • https://www.screenpresso.com/fr/fonctionnalites/
  • https://www.screenpresso.com/fr/sondage-apres-achat/
  • https://www.screenpresso.com/fr/sondage-desinstallation/
  • https://www.screenpresso.com/fr/sondage-installation/
  • https://www.screenpresso.com/fr/support/
  • https://www.screenpresso.com/fr/tarifs/
  • https://www.screenpresso.com/fr/telecharger/
  • https://www.screenpresso.com/install-survey/
  • https://www.screenpresso.com/ja/
  • https://www.screenpresso.com/ja/%E3%82%B5%E3%83%9D%E3%83%BC%E3%83%88/
  • https://www.screenpresso.com/ja/%E3%83%80%E3%82%A6%E3%83%B3%E3%83%AD%E3%83%BC%E3%83%89/
  • https://www.screenpresso.com/ja/%E4%BE%A1%E6%A0%BC%E8%A8%AD%E5%AE%9A/
  • https://www.screenpresso.com/ja/%E7%89%B9%E5%BE%B4/
  • https://www.screenpresso.com/ja/chrome-extension/
  • https://www.screenpresso.com/lost-key/
  • https://www.screenpresso.com/mobility
  • https://www.screenpresso.com/pricing/
  • https://www.screenpresso.com/purchase-survey/
  • https://www.screenpresso.com/releases/
  • https://www.screenpresso.com/support/
  • https://www.screenpresso.com/support/recording-error/
  • https://www.screenpresso.com/uninstall-survey/
  • https://www.screenpresso.com/upgrade/?key
  • https://www.screenpresso.com/version-test.xml
  • https://www.youtube.com
  • https://www.youtube.com/results?search_query
  • https://www.youtube.com/static?template
  • https://www.youtube.com/watch?v
  • imgur.com
  • inkscape.org
  • james.newtonking.com
  • login.live.com
  • macromedia.com
  • maps.google.com
  • microsoft.com
  • msdn.microsoft.com
  • newtonking.com
  • newtonsoft.com
  • notify.dropboxapi.com
  • nuget.org
  • ocsp.globalsign.com
  • ocsp2.globalsign.com
  • onedrive.com
  • onedrive.live.com
  • onenote.com
  • openxmlformats.org
  • paint.net
  • s.ytimg.com
  • schemas.microsoft.com
  • schemas.openxmlformats.org
  • screenpresso.com
  • secure.globalsign.com
  • secure.screenpresso.com
  • stats.screenpresso.com
  • studio.youtube.com
  • twitpic.com
  • twitter.com
  • videojs.com
  • www.digicert.com
  • www.dropbox.com
  • www.evernote.com
  • www.github.com
  • www.globalsign.com
  • www.google-analytics.com
  • www.inkscape.org
  • www.macromedia.com
  • www.newtonsoft.com
  • www.nuget.org
  • www.onenote.com
  • www.screenpresso.com
  • www.w3.org
  • www.youtube.com
  • xml.evernote.com
  • youtube.com
  • ytimg.com
  • zxingnet.codeplex.com
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Uses constants related to SHA256
Info The PE is digitally signed. Signer: Learnpulse SAS
Issuer: DigiCert SHA2 Assured ID Code Signing CA
Safe VirusTotal score: 0/66 (Scanned on 2021-09-22 06:03:27) All the AVs think this file is safe.

Hashes

MD5 20d271ed979ff4b06ef1581ea45c5235
SHA1 945c9f7242074ff6658adfe3d14e5c89b0e0e3da
SHA256 f183676771863e395fdba50929e95a0c6024b8d378e9d9e019837870a63e1199
SHA3 4603db2a52cdd06150c02d1bb9510ad5f3d2773239f747569d33b0953dc411e7
SSDeep 196608:r4ps9S+s7pJ4MZCiPCwtgUgTvTvRNSIM9GtcF8OFi0FiCUWn3h:r4e0CglrCTJIccFJkW3h
Imports Hash f34d5f2d4577ed6d9ceec516c1f5a744

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x80

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 3
TimeDateStamp 2021-Jul-29 09:51:04
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32
LinkerVersion 48.0
SizeOfCode 0xff2000
SizeOfInitializedData 0x1017000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00FF3E1E (Section: .text)
BaseOfCode 0x2000
BaseOfData 0x101a000
ImageBase 0x400000
SectionAlignment 0x2000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x101c000
SizeOfHeaders 0x200
Checksum 0x1021ba6
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 f70b8a578e262c4ca15fa9faa9ab553c
SHA1 6d83dd9bd505bf14d1774e3164598b2ac5e5d9b6
SHA256 e993b7f717353868db75795a1d953cdcb1baf69b26aa11e8be48f6ce23431942
SHA3 706619b3efce35698b65a9a27de50135d4897c7e7feb13536514444db8de6a47
VirtualSize 0xff1f40
VirtualAddress 0x2000
SizeOfRawData 0xff2000
PointerToRawData 0x200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 7.00651

.rsrc

MD5 44f95ec6578ad681e85d471fb1ecf913
SHA1 380b92673505a534c94560a6a4aadf4d61a9d054
SHA256 9494c39d8017717992ba2d4102c827d5ffdaa54af83ca6f0cdcab640443d8259
SHA3 de15ce676a72ff97e754a7aba53f89d632c6a8019d8e98186f404a5777c52c46
VirtualSize 0x24e14
VirtualAddress 0xff4000
SizeOfRawData 0x25000
PointerToRawData 0xff2200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 3.67871

.reloc

MD5 04f0fc05e2a3de1b3de60ad24acac212
SHA1 484c3a57123b7db49a80f410eb52587cd9a52937
SHA256 f6f083aaa6f14ae1540e1fd2aa265ca9539aed8525c129fd0951f0e4cbb0fcc7
SHA3 636a63096676c7b3759766cae59a5ddd7efbfadb7c2c758e713c39a9be8f6dbb
VirtualSize 0xc
VirtualAddress 0x101a000
SizeOfRawData 0x200
PointerToRawData 0x1017200
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 0.10191

Imports

mscoree.dll _CorExeMain

Delayed Imports

1

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x1c63
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.85823
Detected Filetype PNG graphic file
MD5 a1c3f84211de24aca931e41d5c42a055
SHA1 60c2d1f50e840b7a954f8e100d4c6cc7964b3fb1
SHA256 09268627b1ec4238c956ed061df3dfef1efd9c345bd9aa4395770cab611b536b
SHA3 9fe330856a15298eaf55eafe4f46b6ed66474ed5c54a5bd92ab18949d199105c

2

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x10828
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.7086
MD5 156e7c9affb744d2ea3e7c07929a2b90
SHA1 ef93ee5c70498bab85354fa3ef14b71c88eb1c11
SHA256 5b6f5f14184841ce1a15f705d2dc5445df0c632b8cb3af830e6a939201aa8870
SHA3 c004f8440a4e6eafa84f0acb7441a81be5e95e0eeea9e62326ce5650dee20e47

3

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x94a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.78533
MD5 531b6787dc47aebdec4456f847299d34
SHA1 631eeaf61575d3caaa7b22661e3b09cbc4133adc
SHA256 2e898f20023759311abf9d4c3c0a849d6531c7de626ddea04168904604189779
SHA3 2dd2c9d1d50487bd0acd5f7911d341b97b966aa0610e6ecf04691a1e19e5c09c

4

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.93589
MD5 ca14cb19a63f9e476fc8d06378190633
SHA1 a58f1aecf7aa23fc0e8460f56654a9daa0c260ad
SHA256 846e935c2885c2b7bac3b5a381c99e267e1336f88af9a59d94dc68056fd5a08f
SHA3 62882e9508ccafb27bd9afadc3c820acb6571d192a970dfcdc3f95caf0fee081

5

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.82143
MD5 0359c76bf02b1ee100d74f47964f5c73
SHA1 7f8ad16aabacc2095e7b4f5f1b3d464c2ea855c4
SHA256 d1f07b941b45db0572796f882eb8a8e326a19bc064a3415ebc0508cfb535e1f8
SHA3 300c14c85ddb93845ef400582df6377a326032367fff91c60941d02aa23995b7

6

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.32302
MD5 a199a239599cc6dea4bdcb9de918792d
SHA1 f2c60a9f0532d9d65a4300f566ea204386e04513
SHA256 877cf0326fa53fe9dff4232f6cbd20a8d5b12ace17a7a5eda93930424e5d7be3
SHA3 8a39caf8cf01f4dc09dc171eb2573683f77ddc0aaf7b96aa4972f32b300ece1c

7

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.5472
MD5 9eded5dbde96357e1914772d0aa93cf6
SHA1 d9ad1e5268af560a0076c3d8684058491b537147
SHA256 8db328b9054a42ca1a4869b944329c6daa3e1878963e844b03f1b10864228cc3
SHA3 0e6247a09a6fb6c797905e2c898c6fae9cf69148f39a1a19d1e02e8ff061f799

8

Type RT_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.05029
MD5 ea3057b2289364406e8a4d082e6002f7
SHA1 b879960c83eb7dc7e70bea5a561ddc87b77f298d
SHA256 6487b64a7068f2a8aebae126ad9304714023a1d4b52acc900711365d73540df4
SHA3 976f765fc996954af4b5da2eb86240ba5303659d3a82434dde4f066364335617

32512

Type RT_GROUP_ICON
Language UNKNOWN
Codepage UNKNOWN
Size 0x76
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.97321
Detected Filetype Icon file
MD5 6d554d3c4dbddc0e6e4f97325e214dc0
SHA1 281f56479698825aa5e485b757e803a0ee6f342f
SHA256 8dff49ba6a29a9ebdced168cda7bdaae1e75b13037aea95c783cfe7ecb69cda9
SHA3 93cf99bcb5b356ac13b22a6f49ff62a753bbc09e0f7d3fd3873d1e0bb0b6acfe

1 (#2)

Type RT_VERSION
Language UNKNOWN
Codepage UNKNOWN
Size 0x392
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.31181
MD5 85be00e2bd4fbe31d6872d75d7a4e9a7
SHA1 e6ae99aa56501961867ac82c1ecb6007cdadab6f
SHA256 7cc741a5c2c248f1a83775d396748e31940361147770d40cf97da67467fc6a99
SHA3 efabd48915548a566ba0b6627a98fdce8c2e221606d287bbeaa6b61debf0b88a

1 (#3)

Type RT_MANIFEST
Language UNKNOWN
Codepage UNKNOWN
Size 0x7ec
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.2257
MD5 837f19a7797db39474bc2fd144c0b182
SHA1 c767276f608adb3129ba99ef86c7180ffa743fec
SHA256 60b593831f6216cc81f8aaf3127006abaf38b8e28b799d6ca813f04d7d214cf0
SHA3 e6dc0abf2b6ad1b7b7f6e34533807f0d0a28c1a533c326715de7a83eb75498fa

Version Info

Signature 0xfeef04bd
StructVersion 0x10000
FileVersion 1.10.3.0
ProductVersion 1.10.3.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language UNKNOWN
Comments Screen capture tool
CompanyName Learnpulse
FileDescription Screenpresso
FileVersion (#2) 1.10.3.0
InternalName Screenpresso.exe
LegalCopyright Copyright © Learnpulse 2021
LegalTrademarks
OriginalFilename Screenpresso.exe
ProductName Screenpresso
ProductVersion (#2) 1.10.3.0
Assembly Version 1.10.3.0
Resource LangID UNKNOWN

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2063-Apr-23 18:43:51
Version 256.20557
SizeofData 96
AddressOfRawData 0xff3e60
PointerToRawData 0xff2060
Referenced File C:\git\screenpresso\Screenpresso\src\obj\Release\net48\Screenpresso.pdb

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.