Manalyze report for 644d082bd6ca7072225518fc93c66cb28a8a02985efff6b52b756a1b827a3827

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2019-Jul-07 21:21:44
Detected languages	English - United States Japanese - Japan
Debug artifacts	D:\Development\MyCode\VStudio\2005\WeKnows\Release\Installer.pdb
CompanyName	Moo0
FileDescription	Moo0 Installer
FileVersion	`1.0.0.0`
InternalName	Installer.exe
LegalCopyright	(c) Moo0. All rights reserved.
OriginalFilename	Installer.exe
ProductName	Moo0 Installer
ProductVersion	`1.0.0.0`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to internet browsers: IEXPLORE.EXE iexplore.exe` `Contains references to security software: avguard.exe avp.exe ccapp.exe guard.exe mcshield.exe mpfservice.exe outpost.exe persfw.exe smc.exe vsmon.exe` `Accesses the WMI: root\Security` Contains domain names: ara.moo0.com bel.moo0.com dan.moo0.com deu.moo0.com ell.moo0.com fra.moo0.com http://ara.moo0.com http://ara.moo0.com/best/#tools http://bel.moo0.com http://bel.moo0.com/best/#tools http://dan.moo0.com http://dan.moo0.com/best/#tools http://deu.moo0.com http://deu.moo0.com/best/#tools http://ell.moo0.com http://ell.moo0.com/best/#tools http://fra.moo0.com http://fra.moo0.com/best/#tools http://ita.moo0.com http://ita.moo0.com/best/#tools http://jpn.moo0.com http://jpn.moo0.com/best/#tools http://kor.moo0.com http://kor.moo0.com/best/#tools http://nld.moo0.com http://nld.moo0.com/best/#tools http://rus.moo0.com http://rus.moo0.com/best/#tools http://swe.moo0.com http://swe.moo0.com/best/#tools http://ukr.moo0.com http://ukr.moo0.com/best/#tools http://www.moo0.com http://www.moo0.com/best/#tools http://www.moo0.com/webapps/ip/ http://zhs.moo0.com http://zhs.moo0.com/best/#tools ita.moo0.com jpn.moo0.com kor.moo0.com nld.moo0.com rus.moo0.com swe.moo0.com ukr.moo0.com www.moo0.com zhs.moo0.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5`
Suspicious	The PE is possibly packed.	`Unusual section name found: .giats`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryW GetProcAddress LoadLibraryExW LoadLibraryA` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot` `Can access the registry: RegisterHotKey RegDeleteKeyW RegDeleteValueW RegSetValueExW RegEnumKeyW RegQueryValueW RegEnumValueW RegQueryValueExW RegOpenKeyExW RegCloseKey RegCreateKeyExW` `Possibly launches other programs: ShellExecuteW` `Can create temporary files: CreateFileW GetTempPathW` `Uses functions commonly found in keyloggers: CallNextHookEx GetForegroundWindow GetAsyncKeyState` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Has Internet access capabilities: URLDownloadToFileW URLDownloadToCacheFileW InternetGetConnectedState InternetOpenW InternetConnectW InternetReadFile InternetCloseHandle` `Functions related to the privilege level: AdjustTokenPrivileges OpenProcessToken` `Enumerates local disk drives: GetVolumeInformationW GetDriveTypeW` `Manipulates other processes: Process32FirstW OpenProcess Process32NextW` `Can take screenshots: GetDC BitBlt CreateCompatibleDC`
Suspicious	The PE is possibly a dropper.	`Resources amount for 92.6597% of the executable.`
Malicious	VirusTotal score: 4/72 (Scanned on 2024-07-30 05:18:34)	`Antiy-AVL: Trojan/Win32.Kryptik` `ClamAV: Win.Packed.Zusy-9798820-0` `Jiangmin: Downloader.Agent.lje` `MaxSecure: Trojan.Malware.300983.susgen`

Hashes

MD5	`0a66ff331ed3363930d16413b0ab6372`
SHA1	`274fb81f7a70bfe14f8b41906001d7d259695d2f`
SHA256	`644d082bd6ca7072225518fc93c66cb28a8a02985efff6b52b756a1b827a3827`
SHA3	`e64f88fd428a4e8c93c69decb762bab671f8b584b4d77e9321a2b001035e1354`
SSDeep	`393216:oxYEtoxD5FyDiPDydgRTo0+bz48lR7kovCIQ8VLGAsX7Y5j6awOokslGAD7s2Ol:elgOdg+/QoK2qYj6ROM1HCnBGN`
Imports Hash	`d2a6476cde9ef6bac15769d1dd1780d8`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x150`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`9`
TimeDateStamp	2019-Jul-07 21:21:44
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x12f000`
SizeOfInitializedData	`0x154d800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000D53A9 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x130000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x16a5000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`9f9ee5bb58c9025272eeb79a485a4288`
SHA1	`8ec6af57d971e3c5b694151af6797344e8d4c608`
SHA256	`9263c333acdbf28a6de880dbff52daf77157cab9f30a70d6507aab68773563a5`
SHA3	`9a9f3d319c6479efe726278b59c46dedc0bc73c94001ba6c36a8f316275bfa11`
VirtualSize	`0x12ef3d`
VirtualAddress	`0x1000`
SizeOfRawData	`0x12f000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.53816`

.rdata

MD5	`7c0fdf16074ec80c38b14e1508912f2a`
SHA1	`9b07eeb28e0039e0f15252c851ebb556d000b587`
SHA256	`44001afe1455124fe4ea30044caa49e2f1d41d591a0d0c00961261467558c6a6`
SHA3	`918650cd5612eff04d7e16c0fbde1bbc9847c4e51c33aed03b5d53cc8782a052`
VirtualSize	`0x571c4`
VirtualAddress	`0x130000`
SizeOfRawData	`0x57200`
PointerToRawData	`0x12f400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.42055`

.data

MD5	`fe37ee64daa898c58230293f472e6b49`
SHA1	`8d0fb94798534796223dca29faa8521107a4d861`
SHA256	`8ee2054d3cd6c9639717e94eeef3f1673c9ffca52b0c6c00932418bb6fabda87`
SHA3	`8d895f559fb2eac75ea494619d11fbd3bd8c6e19c409ddf35dcf6f8315dee655`
VirtualSize	`0x29634`
VirtualAddress	`0x188000`
SizeOfRawData	`0x7000`
PointerToRawData	`0x186600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.54801`

.gfids

MD5	`b109019d3bec456073411ed27f64cad7`
SHA1	`2761c28e734aeee1501724588bbced1c90f66f46`
SHA256	`d78d35ef875b78ceb734060982a4fbe6f0e1702b3ba958b4b9d71dc5c4382e9e`
SHA3	`7c22906bc0d903ef5ecfdf51afae7857b9986c06fa611e396c40a5ed7ce9f7d0`
VirtualSize	`0x2178`
VirtualAddress	`0x1b2000`
SizeOfRawData	`0x2200`
PointerToRawData	`0x18d600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.98441`

.giats

MD5	`4b8b78eab9c3a4560db5b80f4e394cd2`
SHA1	`9ca606b3f78fd426a75e186438ebbeafa05c7e86`
SHA256	`4d531ba1fe7c39dd64a1d73b30659c1101ed9d3a9e88d8fbdd6aee69226e24fa`
SHA3	`5983bc281cdc42ee0a01ccddca47c538652ad9e2a14abfb8887469284a5d14f2`
VirtualSize	`0x4`
VirtualAddress	`0x1b5000`
SizeOfRawData	`0x200`
PointerToRawData	`0x18f800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.0407808`

.tls

MD5	`1f354d76203061bfdd5a53dae48d5435`
SHA1	`aa0d33a0c854e073439067876e932688b65cb6a9`
SHA256	`4c6474903705cb450bb6434c29e8854f17d8324efca1fdb9ee9008599060883a`
SHA3	`991fbbd46bbd69198269fe6c247d440e0f8a7d38259b7a1e04b74790301d1d2b`
VirtualSize	`0x9`
VirtualAddress	`0x1b6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x18fa00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.0203931`

_RDATA

MD5	`7a9be3d49f3c5ee4989d70fcfbcc87a5`
SHA1	`79fdb6745c5866f1c61aa51c0609f368a7d256f9`
SHA256	`0e68f232eb9f6b0b8f58728abe83e7fcb40b0060805665e5f4da67146215fc33`
SHA3	`81a00a51e20276136549de4281d201b4880487a28025e750f9dc7e13e426fbe4`
VirtualSize	`0xfe0`
VirtualAddress	`0x1b7000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x18fc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.09129`

.rsrc

MD5	`433f716f6d54a0f1ccb5747820e7ff0a`
SHA1	`f2e8f7ac4e0553ec1800489bd1af8fb8dd31bb5c`
SHA256	`da628e748548de7178a596ba44b019f7dd9d96f08f4e4a6da800c74866699c72`
SHA3	`3202c4660285a51740afade53cf4d82d0c761761e477124f566619526f131fa5`
VirtualSize	`0x14d735c`
VirtualAddress	`0x1b8000`
SizeOfRawData	`0x14d7400`
PointerToRawData	`0x190c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.99691`

.reloc

MD5	`080e552d633841196997cf3d77dfbfe8`
SHA1	`c9e06bd78d09d99cb0093e00c6e4123d71b76d03`
SHA256	`67f6aba4132282c874f8fa2867e31c74a32f36b97d64864bdfb4fe4cc110cd57`
SHA3	`724ebaf6c81c063cf17f0a7cec54da067041c04345711110c4b516aaaf7a0308`
VirtualSize	`0x14bc8`
VirtualAddress	`0x1690000`
SizeOfRawData	`0x14c00`
PointerToRawData	`0x1668000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.61143`

Imports

ole32.dll	`OleFlushClipboard` `CoRevokeClassObject` `OleIsCurrentClipboard` `CoRegisterMessageFilter` `CoGetClassObject` `OleGetClipboard` `RevokeDragDrop` `RegisterDragDrop` `CoLockObjectExternal` `CoTaskMemAlloc` `CLSIDFromProgID` `CLSIDFromString` `OleUninitialize` `OleInitialize` `CoFreeUnusedLibraries` `CoCreateGuid` `StgCreateDocfileOnILockBytes` `StgOpenStorageOnILockBytes` `CreateILockBytesOnHGlobal` `CoTaskMemFree` `CoCreateInstance` `CoUninitialize` `CoInitialize` `CoInitializeSecurity`
USER32.dll	`IsDialogMessageW` `SetWindowTextW` `MoveWindow` `WinHelpW` `LoadIconW` `UnhookWindowsHookEx` `GetTopWindow` `GetClassNameW` `GetClassLongW` `EqualRect` `MapWindowPoints` `ScreenToClient` `AdjustWindowRectEx` `GetWindowTextLengthW` `GetWindowTextW` `RemovePropW` `GetPropW` `SetPropW` `GetScrollRange` `GetScrollPos` `SetScrollPos` `EndPaint` `BeginPaint` `SetActiveWindow` `GetMenuItemCount` `GetMenuItemID` `GetSubMenu` `SetMenu` `GetMenu` `GetDlgCtrlID` `GetDlgItem` `EndDeferWindowPos` `DeferWindowPos` `BeginDeferWindowPos` `DestroyWindow` `IsChild` `IsMenu` `GetClassInfoExW` `GetClassInfoW` `RegisterClassW` `CallWindowProcW` `GetMessageTime` `GetMessagePos` `RegisterWindowMessageW` `GetLastActivePopup` `IsWindowEnabled` `CallNextHookEx` `SetWindowsHookExW` `ValidateRect` `GetKeyState` `GetActiveWindow` `IsWindowVisible` `PeekMessageW` `DispatchMessageW` `TranslateMessage` `LoadBitmapW` `SetMenuItemInfoW` `GetMenuCheckMarkDimensions` `SetMenuItemBitmaps` `EnableMenuItem` `GetFocus` `MapDialogRect` `GetWindow` `SetWindowContextHelpId` `SetWindowPos` `PostQuitMessage` `SetRectEmpty` `SendDlgItemMessageA` `CharUpperW` `DestroyMenu` `IsRectEmpty` `GetWindowThreadProcessId` `CopyRect` `GetParent` `GetMenuInfo` `RegisterClassExW` `IntersectRect` `GetMonitorInfoW` `GetSysColorBrush` `CreateCursor` `TabbedTextOutW` `DrawTextW` `DrawTextExW` `GrayStringW` `PostThreadMessageW` `UpdateWindow` `UnregisterHotKey` `MessageBeep` `GetNextDlgGroupItem` `RegisterHotKey` `SetWindowLongW` `CreateWindowExW` `PostMessageW` `InvalidateRgn` `IsZoomed` `IsIconic` `SetWindowRgn` `WindowFromPoint` `GetForegroundWindow` `MonitorFromWindow` `MonitorFromRect` `GetSystemMetrics` `SetRect` `EnumDisplayMonitors` `PtInRect` `GetWindowLongW` `LoadCursorW` `SetCursor` `GetCursorPos` `GetAsyncKeyState` `OffsetRect` `SetTimer` `KillTimer` `ReleaseDC` `GetDC` `CopyAcceleratorTableW` `CharNextW` `ReleaseCapture` `GetCapture` `SystemParametersInfoW` `DefWindowProcW` `RedrawWindow` `ClientToScreen` `RegisterClipboardFormatW` `GetWindowRect` `RealChildWindowFromPoint` `DrawIconEx` `GetIconInfo` `GetDesktopWindow` `wsprintfW` `MessageBoxW` `DrawMenuBar` `GetClientRect` `SetCapture` `DestroyIcon` `SetClipboardViewer` `ChangeClipboardChain` `InvalidateRect` `GetNextDlgTabItem` `CreateIconFromResource` `CreateIconFromResourceEx` `EndDialog` `CreateDialogIndirectParamW` `InflateRect` `GetWindowDC` `SendMessageW` `SetFocus` `SetForegroundWindow` `ShowWindow` `IsWindow` `CheckMenuItem` `GetSysColor` `EnableWindow` `UnregisterClassW` `GetMessageW`
OLEAUT32.dll	`SystemTimeToVariantTime` `VariantTimeToSystemTime` `VariantCopy` `SysAllocStringLen` `VariantChangeType` `SysStringLen` `OleCreateFontIndirect` `SafeArrayDestroy` `VariantClear` `VariantInit` `SysFreeString` `SysAllocString`
SHELL32.dll	`#162` `SHGetDesktopFolder` `#155` `#716` `#190` `SHChangeNotify` `DragAcceptFiles` `SHFileOperationW` `SHGetFileInfoW` `SHGetSpecialFolderLocation` `ShellExecuteW` `SHGetPathFromIDListW` `SHGetMalloc` `DragQueryFileW` `DragFinish` `Shell_NotifyIconW` `SHBrowseForFolderW` `ShellExecuteExW`
ADVAPI32.dll	`RegDeleteKeyW` `RegDeleteValueW` `RegSetValueExW` `RegEnumKeyW` `RegQueryValueW` `GetUserNameW` `AdjustTokenPrivileges` `LookupPrivilegeValueW` `RegEnumValueW` `RegQueryValueExW` `RegOpenKeyExW` `RegCloseKey` `RegCreateKeyExW` `GetTokenInformation` `OpenProcessToken` `GetSidSubAuthority` `GetSidSubAuthorityCount` `GetSidIdentifierAuthority` `IsValidSid`
KERNEL32.dll	`GetLastError` `HeapReAlloc` `RaiseException` `HeapAlloc` `DecodePointer` `DeleteCriticalSection` `GetProcessHeap` `EnterCriticalSection` `LeaveCriticalSection` `WideCharToMultiByte` `MultiByteToWideChar` `GetOEMCP` `CloseHandle` `InterlockedDecrement` `GetModuleFileNameW` `GetCurrentProcessId` `SetProcessWorkingSetSize` `GetCurrentProcess` `SetPriorityClass` `CreateFileW` `WriteFile` `WaitForSingleObject` `EnumResourceTypesW` `EnumResourceNamesW` `FindResourceExW` `SizeofResource` `EnumResourceLanguagesW` `FreeLibrary` `BeginUpdateResourceW` `UpdateResourceW` `EndUpdateResourceW` `LoadLibraryW` `LoadResource` `LockResource` `FreeResource` `GetSystemTimeAsFileTime` `FindResourceW` `GetProcAddress` `FormatMessageW` `GetEnvironmentStringsW` `SetLastError` `lstrlenW` `ExpandEnvironmentStringsW` `SuspendThread` `CreateThread` `TerminateThread` `ResumeThread` `GetThreadPriority` `SetThreadPriority` `GetVolumeInformationW` `GetFileAttributesExW` `GetFileInformationByHandle` `GetFileAttributesW` `SetFileAttributesW` `FindFirstFileW` `FindNextFileW` `FindClose` `GetDiskFreeSpaceW` `SetFileTime` `MoveFileExW` `VirtualAlloc` `VirtualFree` `DeleteFileW` `RemoveDirectoryW` `CopyFileW` `GetTempPathW` `GetTempFileNameW` `EnumSystemCodePagesW` `GetCPInfoExW` `GetModuleHandleW` `GetVersionExW` `GetUserDefaultUILanguage` `GetSystemDefaultLangID` `GetTimeZoneInformation` `FileTimeToLocalFileTime` `FileTimeToSystemTime` `SystemTimeToTzSpecificLocalTime` `LocalFileTimeToFileTime` `lstrcpyW` `GlobalAddAtomW` `ReadFile` `CreateToolhelp32Snapshot` `Process32FirstW` `OpenProcess` `Process32NextW` `SetFilePointerEx` `FlushFileBuffers` `SetEndOfFile` `GlobalLock` `GlobalUnlock` `GetCurrentThreadId` `TerminateProcess` `GetFileSize` `SetFilePointer` `GetStdHandle` `CreateDirectoryW` `GetSystemDirectoryW` `HeapSize` `GetFullPathNameW` `GetCurrentDirectoryW` `GetSystemInfo` `CreateEventW` `SetEvent` `ResetEvent` `WaitForMultipleObjects` `GetACP` `OutputDebugStringA` `GetModuleHandleA` `GetCurrentThread` `LoadLibraryExW` `GlobalAlloc` `GlobalDeleteAtom` `lstrcmpA` `lstrcmpW` `CompareStringA` `GetTickCount` `GlobalFree` `GetPrivateProfileIntW` `GetPrivateProfileStringW` `WritePrivateProfileStringW` `EncodePointer` `LoadLibraryA` `GlobalFindAtomW` `MulDiv` `GetProfileIntW` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `GlobalReAlloc` `GlobalHandle` `LocalAlloc` `LocalReAlloc` `CompareStringW` `GetLocaleInfoW` `GetSystemDefaultUILanguage` `GlobalFlags` `GetThreadLocale` `LockFile` `UnlockFile` `DuplicateHandle` `VirtualProtect` `SetErrorMode` `GetFileSizeEx` `GetFileTime` `WaitForSingleObjectEx` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `IsProcessorFeaturePresent` `QueryPerformanceCounter` `InitializeSListHead` `IsDebuggerPresent` `GetStartupInfoW` `GetCPInfo` `IsValidCodePage` `FindFirstFileExW` `FreeEnvironmentStringsW` `ReadConsoleW` `GetConsoleMode` `GetConsoleCP` `SetStdHandle` `GetStringTypeW` `LCMapStringW` `ExitProcess` `HeapQueryInformation` `GetCommandLineW` `GetCommandLineA` `GetModuleHandleExW` `FreeLibraryAndExitThread` `ExitThread` `PeekNamedPipe` `GetFileType` `GetDriveTypeW` `QueryPerformanceFrequency` `VirtualQuery` `RtlUnwind` `OutputDebugStringW` `InitializeCriticalSectionAndSpinCount` `HeapFree` `Sleep` `InitializeCriticalSection` `SetEnvironmentVariableA` `LocalFree` `WriteConsoleW`
GDI32.dll	`EndDoc` `Escape` `ExtTextOutW` `TextOutW` `RectVisible` `PtVisible` `CreateDCW` `SetViewportOrgEx` `SetViewportExtEx` `GetBkColor` `GetWindowExtEx` `StartDocW` `GetDeviceCaps` `SetBkMode` `GetStockObject` `RestoreDC` `SaveDC` `SetBkColor` `EndPage` `SetMapMode` `CreateSolidBrush` `StretchBlt` `GetStretchBltMode` `GetTextExtentPoint32W` `SetStretchBltMode` `SetWindowExtEx` `ExtSelectClipRgn` `StartPage` `SetTextColor` `CreateFontIndirectW` `BitBlt` `GetPaletteEntries` `GetCurrentObject` `DeleteDC` `SetDIBColorTable` `GetDIBColorTable` `SelectObject` `CreateCompatibleDC` `CreateDIBSection` `GetObjectW` `OffsetViewportOrgEx` `CreateBitmap` `ScaleViewportExtEx` `ScaleWindowExtEx` `CreateRectRgnIndirect` `GetRgnBox` `ExcludeClipRect` `GetClipBox` `GetTextColor` `GetViewportExtEx` `DeleteObject` `DPtoLP` `GetMapMode`
WINSPOOL.DRV	`ClosePrinter` `DocumentPropertiesW` `OpenPrinterW`
COMCTL32.dll	`InitCommonControlsEx`
SHLWAPI.dll	`PathStripToRootW` `PathIsUNCW` `PathFindFileNameW` `PathFindExtensionW` `StrFormatByteSizeW`
oledlg.dll	`OleUIBusyW`
urlmon.dll	`URLDownloadToFileW` `URLDownloadToCacheFileW`
WININET.dll	`InternetGetConnectedState` `InternetOpenW` `InternetConnectW` `HttpOpenRequestW` `HttpSendRequestW` `HttpQueryInfoW` `InternetReadFile` `InternetCloseHandle`
OLEACC.dll	`CreateStdAccessibleObject` `LresultFromObject`

Delayed Imports

130

Type	`IDR_XML`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x27dd3`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.96318`
MD5	`facb097f3736fcd66809261e0b190968`
SHA1	`e09795a82bbddbae9680a00bc344ab8772b607b1`
SHA256	`0b2e476d3aae2408709bdeef5e777048564e88e4a62c2e3a906944531e2f07ac`
SHA3	`85a18b147e267b18fbc7a1806a63b9db84de50c9de61205a297f8ded097d02ec`

150

Type	`IDR_ZIP`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xafbe0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99645`
Detected Filetype	Zip Compressed Archive
MD5	`cec9d96dbb1711faa8afb40faaa2798b`
SHA1	`b4ecc769305290e230dec0d59f45498db3e99737`
SHA256	`d2e5703b2427f6faac46bf76c81357f2f757d4e79000243d564bad8f806c6d00`
SHA3	`0c3bbe2278c53d686f31fda2a722114f6dabd257f5ad69cd2bc22943d8fff8c3`

160

Type	`IDR_ZIP`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14be7`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99597`
Detected Filetype	Zip Compressed Archive
MD5	`880674b33ae78d1614d3e2a85af0957a`
SHA1	`7ce636e4ad381bd7408558e30beaeffdce45a9c3`
SHA256	`90a417b3bb334488cc745cfee743c3a50c17437e49e9e5cfa0c1cd13bb961ae7`
SHA3	`1c0f023590f6a301dca3b55056161045679b7d741766932e414ebd206dece9db`

170

Type	`IDR_ZIP`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x13a0c55`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99999`
Detected Filetype	7-Zip compressed file
MD5	`1f7d2217a65334df157a2830ec31fd90`
SHA1	`24721e033c1a82d24f59f3052d28e1cc037f0522`
SHA256	`d88abb3ae7705916fc050eb1cfa878f7df049f4c5b0fad67b423cacd6e090fb7`
SHA3	`c9678778869f00544e645e523e6386da2d5281fac88c5dc482be1f4e0c16401f`

26

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02695`
MD5	`cab67e9ca149fb79ab4473998412b951`
SHA1	`2e793d35537bfb5d3f042ed0626d3b119d50519a`
SHA256	`fbeb3be87e80cb8e1d2af3d8140796c1bb80c6c7056f60897088ff9e355c3867`
SHA3	`0e72f5537421764effb2ed98e536358bb7e86eed7b0936e606e8d45559685684`

27

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0xb4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.74274`
MD5	`9fa8a914823ac7e5370652146901f4f1`
SHA1	`eb3224109abb341b6e464d2606fdbed1a7160bc6`
SHA256	`f64ccc0582bc7c66af8b40049e485e8e241335261ec95ace909293ba50b2e4a3`
SHA3	`bb348af06514e27cd1fa21ad524dfd037edcd3b36ef4cc6ab24c4a8ec38995ff`

28

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.34038`
MD5	`d78a341fa7444ba9ccb74ad0c943d0ac`
SHA1	`a3fdcb001587c47b72f06441087455e8027baca1`
SHA256	`652988945185cf5d604d9b48de66288d82d8ed0acdd134398e90d002d2d9fc72`
SHA3	`2ddf8193c735adcec9a83d3a9032dc70796778b1d0c967a43789f1a6bb3da15f`

29

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.34004`
MD5	`07618c451f53db89991c3fb7c567a568`
SHA1	`0d5cd2bb85bb88024b832f68bdbadd1e69938138`
SHA256	`0b0e16c38a3d5a85566e67b1d9a7e720e4dee27e163b06099d3d7dfa5dbed9ee`
SHA3	`f4d98de638008ce348a7ef0cb3feb13207cf5b3eaea4f1ee1d71b3a22397fba4`

30

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.51649`
MD5	`9936fbf67a1d9f755c37852015d09527`
SHA1	`426016ba6a10cc2634ab7357e4223793c51aa304`
SHA256	`368f9cb089d206a8b61251f0c85eeda97ee08a56b33be8579246e964d3af6169`
SHA3	`6bdb1e7d667efe7812e162384a6341edec73311ee7dfcb122adf0cc0f08e7a8f`

31

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.45401`
MD5	`ffacff1dbee315221fd131e951d8e151`
SHA1	`d2eb9800a1f60d3ea7225fec706d809cf477885b`
SHA256	`6440c3a38dcfb81d45bc6be31b776fdae116dd7a2933b407b67132f6cfa0e6eb`
SHA3	`dbe125dd582d83c13a62c87798c900fdc43d97b581935e320c14f9cc761a3868`

32

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.34864`
MD5	`fa681900dd51c997aa67a2c5a4704099`
SHA1	`b48ebfd25835cb260b5e4f8e7085ea3da102c48a`
SHA256	`9882a8462ce9de3cc9a5d0ca48c8c4f7ca97f1f846f0c10e6655e33c9734b152`
SHA3	`157fb750ffc808227ced340c81ed1c1c1e15b05dd0e831678b871515870e0a8b`

33

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.34505`
MD5	`0a12283479aa8a8677dd27bb0f584a34`
SHA1	`63679153c4d14fc591d1286cc98ff5044a5b589d`
SHA256	`322e92d75b3fec9e16b81466f4cf111d298b80812d5b238f4ee032c025a02050`
SHA3	`d6fc5e08b9d51b2cc80c1a2a34ca495e28edd0ca1bc65f317958b773c675de7e`

34

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.34864`
MD5	`d0293b6f84ea96f2662fa2f8e2fd44de`
SHA1	`240ad776d40208f067dda60701affa3d162cb3bb`
SHA256	`8db6df648274a0fc3d28430367216e1c17c364ca613066cbb0e133637e92ba62`
SHA3	`d92c1c2bfba803073152e14d6846474d13ccef3f04aa8670540389efa7c7d995`

35

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.31114`
MD5	`49ca9d25ceb458297ddf84fff64c8d55`
SHA1	`fbd6d992b7e2a59c9e24372ea8d30a5dcdbd46f9`
SHA256	`f9c81ce9b4176b305c554a15f0ca2b98b11be76c1f13ef22169999aa07e9612f`
SHA3	`03f7002b636940864ef7d399ba60fb8de3f455da32f311ee39cdf6602c5d348b`

36

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33609`
MD5	`27fc5529ad790189bbf410c7e3a70fb7`
SHA1	`ea2456c9b26f884a7f7abb051f460ec98cb9451c`
SHA256	`601635482a9b1864ea0c61ce0282c5c9fe1d014aa95dbb4f60770f1c2b6df3da`
SHA3	`24ab306744896452b2a7f7055c97671ab0aad3965342b3d0cead7a6cb640238d`

37

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.81313`
MD5	`858a63dc597812b0885e8a8f9689227c`
SHA1	`0a816cd0e6f10038f43bde278eb613f1c7281b33`
SHA256	`2bf742d2beb4c56dd6eb68347dd8ee28da85bed9e6d165b36c6edb91da01d5d6`
SHA3	`6974d714fd124f0de87b6f088039e52bcf3123b5e6ae24c7c61864b70b894963`

38

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.81491`
MD5	`ff43eaab521694d0356618a92cd83b55`
SHA1	`f1ed8d456a5a3d87d1a8349e992c99e22bf3624e`
SHA256	`cfc4ff9e46fbb61f61b68f36adc6593b137233d1cbaa50fe37e5653f0cb20396`
SHA3	`7069692bfbe0c043b33390a40f8033c3d0aa3092c3b1ca1b01fc899dc760ec48`

39

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.10016`
MD5	`4bfaa5ad112338fc90bf84b1ba21859d`
SHA1	`f175fb276720b4f98bc75dd3edc8c53ed563bdf4`
SHA256	`c4a6e3a7a346baecb09a0c49268eb44f388382a7866a4e912b53d48fa3b34c26`
SHA3	`eb1f5efadebebc4b756ef49661343ee08641f53184ad8ee83e33d6665028a00d`

40

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.97052`
MD5	`654a61b5fd300aaf86c52a3c48035005`
SHA1	`e16bdc1b4309abd682e2d0b52aaf370a77ad6a86`
SHA256	`f273e554605a89aa0994c9d42bc2569be3db5b19b2900dacb30f3218ed1174a0`
SHA3	`50582dc2bd6d1a2632564b2d3c6fdc1877e401924754069bc2dfccf3e2896340`

41

Type	`RT_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.22699`
MD5	`b6946159ef4680b2b03d58bdf3dc83f6`
SHA1	`b949690a6e071a1fe43cb83a15d5104d1fa9fe0d`
SHA256	`ebaf4bcc0f0d7ca9a3458ea52520d2dd10811069241940b9b2e79ac1a4c3ca5c`
SHA3	`4b1152fe0fd4581cc8716682bff8f14d7c903ab6b5414d52876bd37fc58eb0c5`

30994

Type	`RT_BITMAP`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0xb8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.23666`
MD5	`8cf65be17e506ff24c2177078f88b56e`
SHA1	`3e397dc7597caeb844df0ea760b64231c8ce3dbf`
SHA256	`e7c0005285d1ab59732d5f99f77a9bdd6342b01cf44437ebd7a07611a227e272`
SHA3	`7da4c7aab356574679f0f9107740f01647864c846c04f699deef67577fd6aded`
Preview

30996

Type	`RT_BITMAP`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x144`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87621`
MD5	`5a9c81cdbf480cf01daa71ba0e233c5f`
SHA1	`28e04c01584654e1974347d1baa462b2784e9c47`
SHA256	`abdf36bde89a26349f5741c17c235dacea88d441d8662ba16a598dc50c3c4864`
SHA3	`99dec83590ac444359a5a6f8924dae5615d93f4df527e10a8a61319ce3a5beaf`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.76286`
MD5	`2b4c8991603c1fcbded0867d8209438c`
SHA1	`e493d81cf33adfc43cfd0cf5bf3d17bc47e4b3e0`
SHA256	`dfce3f6d70ba11dfa6f4983588322538e61960d3f0380339065d79b571bbf428`
SHA3	`785a37b6d86f3b2d21ea584d0ebca7ce706559229103feeeda3c18c7b38e3227`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.63903`
MD5	`6750aebe762e9e76b65ead3bbb862ff4`
SHA1	`a7f3ae359f730fd22f45f8b1d87a43cc4676bb9c`
SHA256	`70048471d45c18b120d2283660f9096be95f657793ca0c765504a7cfa69484af`
SHA3	`f1b4417aae17b4da52d884ab478fc6d6c4b24aca51feffa04eea6a978677ac86`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.69215`
MD5	`541bcefb0c6e4eec7288aa32bffa2680`
SHA1	`6779c265b3ad2faf37d7aa0ddb02a7efc3af72dc`
SHA256	`83220b3a33d9ca0307210a87452eec03f5d70c0c77fc37ff3bb9cb7a7727301e`
SHA3	`b20534f0a59c782ac12635405656d2ae913358fee33ff98891e81fc30eeaa2e5`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.89862`
MD5	`fa9f65e4633f80b5c0e31101e56b5225`
SHA1	`fa1772c043abfc60dd6fa2938526e76ce4a15c6a`
SHA256	`3cc397b6a422f361021b3d0c23215ba75f47097b98f5f47503565e8ca3ad85c2`
SHA3	`5bb203d9003986d41f64217431c6ca79d6b1bd154da6c2ea6fbecf55290bfa64`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x6c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.56673`
MD5	`4a0eefe27ec74b558a6504d0314494cc`
SHA1	`f48fd3519c51c52102d2d4ac5bd7bd9a510b9eae`
SHA256	`39367bda8376debcd97f8bc6753de8e4013c95bc000cdde4a403696c19d132d3`
SHA3	`aa0460c1a93ac9cbad575a976b18858aa471f709a8f0d7842ab6796d869a24b9`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.36225`
MD5	`bd208cdb6796da74b081bc2cb6a3a4ed`
SHA1	`c7ad052fdde6193cd9cc2521175170854ed86689`
SHA256	`824c40f27579d2f0ea57ddae10df244348d2b91145ef790793d05b6d1169434f`
SHA3	`f27c3c19da2bea0c4bc4ba891c846f193846b5f65a4971443a93ee6bdb820f28`

7

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.17524`
MD5	`4326028ab5593dc4846bef4d8e418132`
SHA1	`192a9782490423c7cfc368150e4aa25bbeb2c60c`
SHA256	`cf7f9bf7daa19c5ab2af17603e717586febcac2032e2b95889bb5ed62e21acfe`
SHA3	`b4365c7d777b7c9f9e48b88877bc78f0e3871b8c18d1dc1f83e9860b4a719a4d`

8

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.51227`
MD5	`b2ce748268b465a717b022d7c444aeec`
SHA1	`7e472200186541acc8c3972f9579b3952ad58f70`
SHA256	`384c4bfdb42e3717dd9182c39adbdbcbd05b9ae8f2bfdb6433816ac614a9df5e`
SHA3	`031e0b104f6088b2fbf2d9202d7aa28b023231dc77637ef4c7029e1a698c2907`

9

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.19752`
MD5	`71cc90b1caa9011606fc555ae5019c26`
SHA1	`f3cf4d6d3075ed365a8fbb94a03b7c46fa1307a9`
SHA256	`7cf7775207a540e9d90585af1f3265e18c8916e1adafbcf941ca1217cde66f77`
SHA3	`a9afd62a7f51e6613988a1028015b96db845ad5dae16ee7878a581d14f4759c6`

10

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.3855`
MD5	`f52fcdbc4f82bdd92bb3793b078f619c`
SHA1	`7760ad574a24ad17a58d158c6e946f7c518acb0f`
SHA256	`12b3a3849f6d4ad61ef72584188ef83c9a9f00e14a2a1a558ea58f15b7d49c24`
SHA3	`24f0f406da49f37ad2ab645bdd473d5060f7e0044746669bcbc8f84de83b2936`

11

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.86625`
MD5	`fc5ecdffcb4e67fdff634334ea9b30c9`
SHA1	`4137d1d10002c45e7c4cc8adff47acbe6e114ed7`
SHA256	`87b8c70cee7ce71cb428c05950b711217697c95a796d232b69ade4f4191da283`
SHA3	`9699c2505ce73161dfb6d6041e819a1f3b39d42bdab459a61755956627b78f99`

12

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.74091`
MD5	`03445f1bce564704c0258393e8acd958`
SHA1	`e34229284739698d0fe2b3af98c379132b2524a0`
SHA256	`3bf100020945334ca4f4b24b7cdf0ecc0708c30173af02b7bfe0bcf4f1b1bcd7`
SHA3	`a17e80b920a02d72460718c6ece10a63a2054031e10714b5e06092fdc553b78a`

13

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xa68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.45758`
MD5	`8399ab697e524d95d27598ea3ec538ba`
SHA1	`a5ce8b0b15012e06f8a7985191184c3907dfef0c`
SHA256	`f71b7a291518980497177e959d95398c3ffb4a04447697383a683e010cf044b7`
SHA3	`cd20927b08b42e3ff31870f99d2683f53b78adf3f1981cbc411470a032109d4b`

14

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1628`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.88624`
MD5	`f191c4d8e39b7c5b2990b812f0668679`
SHA1	`0ab7c94a06281f1da036f1c31120def0d96e21f8`
SHA256	`d17a48c403826cfe7e212454cb7ad740edb136957221dca78d95303abfb221bb`
SHA3	`867b7a58173eda48e05be14c91786cb5df8ea3a5849942c94eb588f4a1f480de`

15

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.07574`
MD5	`67478035973e352a61bddd545a57a474`
SHA1	`b55e0b6574f8f34a1cf4e91eaedb53e813a2b8c9`
SHA256	`704fb0db55e3372086f67d00fc163d503465b0e899d8c4adc9e2bacae1d50795`
SHA3	`94d34f4549ca196c5e61cf875db385857453b4e6024fee67a8ea3fa417a99c5d`

16

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.98325`
MD5	`528cfc510ce4264e17f9155a02960a7a`
SHA1	`953d9baa082f726fee769af059113d7a292489d8`
SHA256	`68684b151ebc89db8cdb5b1b7c4e2a4361ace74abda777f669de335a931aae80`
SHA3	`954e71233dcc5af8cef43e703841b569b986939a96a615f66e30f55ddd21395c`

17

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x20e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.58338`
MD5	`62a840f56974cdb56c4a6a7d1e377173`
SHA1	`6052ada83190d2451e1cc716a8330706a10febcb`
SHA256	`0729f4e156aa09e4cd0fe0bd31cfb85212f8f2b9947419f979ff9134d760b29e`
SHA3	`ccc9252349c9dd35842584104a38fbef7ac45cb772d798bc9e4d234fe6ac0b02`

18

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x67e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.09426`
MD5	`d9d10505e3fdd7ef2284b6693d1c38cd`
SHA1	`980ff46dffe52990ad365d9c9e42d3e196c799f7`
SHA256	`fcc871a7ff9bf45a4cce2b897087e6dd6771d75ce9f6520ee34fbba1fd0e4886`
SHA3	`da398084b12c23c8af3b1bc320c20dbf04e8213d69f2f5c08ebc60418bc9b4c3`

19

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x16e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.17378`
MD5	`bbf120efcfd49d5177acfd7edff90908`
SHA1	`4fe5f89d04d0777a19bacd9b76c6c291bbfe655d`
SHA256	`f9dc2098e20402ae59344e88c2489e8667b1ae7206ca42463238a04c105af566`
SHA3	`10cf03a14057dfe2f7d947e2200d9d93a1387b79845dba2c607f9a9dc90ca4bf`

20

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2ca8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.48367`
MD5	`c500c5a497aa4bebc677763cdd89ca56`
SHA1	`8a01ac700a4869a92aa2aa8b52eb181533d39d38`
SHA256	`54e74e11d8e8ec03021bf0dd993ed4cb665f7d4d224cd82dea9507da60b3e820`
SHA3	`f090b124cc8b0071d66f3d15f51b14e0d3e14447d42886f6efbdd93d3d756e44`

21

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.99552`
MD5	`4cf4d458f22264cbc56b7edb8e21cb25`
SHA1	`edec60c72ce132a39e4c0bd67e8e619759ea052e`
SHA256	`6e5023aa71e47006f475fedfbf53d46054cb0ca869347d072b75547429276e02`
SHA3	`6bcbc852d2d113a769bcca884930ccfb20b45e19c29494952bbe0cb2ddf22990`

22

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2868`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.73354`
MD5	`f7fec6d81234580fc1e4925c4fe6f63a`
SHA1	`c0356d51aa92f681e7ef9c993bf7c5d6edc2a68f`
SHA256	`7a25e5fc1694e1da6070d0e08dcb5df9ec7322a98fb518ffdf9a70d24483ec1d`
SHA3	`b1096c6027ca7e34ec934194c7ed84b663a038c15135270e49150ff97e0b0dc2`

23

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4c28`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.43081`
MD5	`91034c6733053d8c7dec2662eaf14232`
SHA1	`29edb4c2cd7f26e002f72c7154a3188654bd6c04`
SHA256	`58ff66fb9bc9891e580ef3006a9006a78d554ab8158133ba93f9689240cea49a`
SHA3	`1779d051597af01604a36d856a9378ed536d2d7e81c60ffa8845984b3fd8e906`

24

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.11745`
MD5	`991a9514174fa784ec77fe5cd54327ef`
SHA1	`12821ccbb212f9cbaa7b708641c370c2e04f4583`
SHA256	`97cde4b992b31acf2339b3ebff0c64d88250ff6d2e43fb8f4d04c863ea15e1ba`
SHA3	`d1440575820d58c8667475eb9a2af2f99619fe82c2d5c78fd842b1010a435015`

25

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x92b9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.95827`
Detected Filetype	PNG graphic file
MD5	`172cfbf75a4baae1fa19473bcb89b356`
SHA1	`262f3306b78527adae46af331a5f6c0fe97ce97d`
SHA256	`59dbc17e3cc5ff301d86eaffd6cb10c916b077c2423242b657396f045c824ed5`
SHA3	`27d8bcdbc077885b78c6d9bfaddeeee29e56d1d2521d798a0f38a574d3afb6d9`

30721

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0xe8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.06676`
MD5	`ad7b15160c8bf80910606d417f40fef5`
SHA1	`9752acb8e012635c4356f7f2a20191d656b53faf`
SHA256	`6e113fd8e9f3156ae68251c6076beb9b59fe29e589d06398e7019802521f69d3`
SHA3	`50c74f1eeba91cb4ecc237c0b18cd2f6c0e2b6064e8d13ce1a779160c03b5d48`

30734

Type	`RT_DIALOG`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x34`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.41669`
MD5	`72723d63b211c60717138184c1675b66`
SHA1	`ecd2be6587bb32a080e51b5c3f3a816e8b637c85`
SHA256	`4cf716efaf68e0cb2ec45ec55d291050b5712b05653cae68edbb999f803d2a98`
SHA3	`6031fa1100e39d04c89ed42890fe9833adb0503fe1857940533b7356aec9d306`

3841

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x82`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.81705`
MD5	`8bb814f43734537868736a6df5dcc012`
SHA1	`3ae7a8f8678bc2aed76f745960730097032389b6`
SHA256	`d91dc4e26fd86def5ee907c72f32457bea07d21fa618012245f641d08501548d`
SHA3	`73fabbc3aad03738eda288b6d45b076e7f94f1ff8de37df5ac4d6e7dc7a48f98`

3842

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x2a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.960953`
MD5	`0131ce1c2237957b6926d5097b0af63d`
SHA1	`2ce37b98065cc4de92e99eb0777e0e1159102068`
SHA256	`05e0d5787611ed4f643733e3e6e62d00f426422b5d3e443ceebac22e9d294bc4`
SHA3	`9ee7bcb02f48332a4fac72465297312ef9c765b03edf2ab24a4b3de0840bda6c`

3843

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x184`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.08634`
MD5	`58655591099de216feb4cc512012d318`
SHA1	`4001db00e1535b26b506e6d033e9759351ae6874`
SHA256	`9665348f07508c6c2a568fc90ec4c04736668adc3521e311a4c7659973d92313`
SHA3	`296c00546a67204c06806ff85a9e3e065559b2b85b22fec4166afc19cad4b6f9`

3857

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x4ee`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27024`
MD5	`8bb8d06e4cc7bf37b4af2a26f3a1d813`
SHA1	`a17d97834a5141a7094de1d27224e2b14b94b498`
SHA256	`fcb87f4b1b4178dae839137498027a0cfdf4247d1b49e741b5015313a2cd6a2d`
SHA3	`1d35bf4d5121f58b146895c17013001a95be7563b0a5f0267afa8c442c8bb300`

3858

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x264`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11275`
MD5	`3dbecd982474b9072ecd4aefe7406857`
SHA1	`ee81b0d03aebe1cde90de59031771f416d29eef2`
SHA256	`eaa0b4fe4704e193dd2ed1f8de1cb20e1001034fdb30307ee44aa664966d4ffc`
SHA3	`9053da012393a18a8a9012e2ab17735c7c864f0463086c9439c3a74a37ed7ee7`

3859

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x2da`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.16694`
MD5	`9e3221160c33e15054ff236daf2263d7`
SHA1	`cf41e0cdd3377698f819c4ef95ab56de40c57a5a`
SHA256	`cffcd4956911b3d50eef378cb051e598baba0db48246b07780af03b01c67c64d`
SHA3	`663e17de8922b049f83fdeca37a68d626bb83566bc377d85be42c653707a2b74`

3860

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x8a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71087`
MD5	`5988b72b85cd1c121906b20e7526fdf2`
SHA1	`45efa4995e9c25a32e3f47a15b63a813cc6e8fc4`
SHA256	`35b5abb90316b4017d5531e031cbf15bae6e8dd46f6dd221701693a22a7795be`
SHA3	`afa115b83c9f9b2f16ce1e14424b4e2cf6216cbcee84835e0b5cec4a23510a93`

3865

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0xac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.63903`
MD5	`5fbbd2a5f564e043553889eec9147920`
SHA1	`2ddafabdf2bf5b62090419f07f731c4d02f0d987`
SHA256	`1b8660b0c53b94f3e029de58e56d08c8097a080244e9dc65d4155a9b603820d8`
SHA3	`1a90cf149f1fc5cfa9cd3f82f9a079ec48c7f7ce76dc4be601e538ae5c052ab9`

3866

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0xde`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87807`
MD5	`a0838b75a6ffc345212d18178663bb7d`
SHA1	`a90a0eccdf4cc4c50f430195695a3b65adefe5e8`
SHA256	`31bff9afbf08a8869318cd946a1d73a4425afefc5693c6e06671bde1e86de1dc`
SHA3	`ad576d2bedb8e173fb207310f244bee3ad8c898a2101cb67da930fadf80ec7d0`

3867

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x4a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.24671`
MD5	`7e0e2d984d6d743b4d90b04758507505`
SHA1	`bec6af6197b875caf3064c7e053b64044904c1bb`
SHA256	`2b5551644093e58a4af74928fb744bd735fa2ef5f99824e6918ff9f6a33a3803`
SHA3	`08f040ebd50cc1809f91378999331d0d19e7364612041db3805a0ff1d37050e5`

3868

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.10695`
MD5	`cd11e247927c7360d3447bbb2e01d326`
SHA1	`0e6b76a1cf9824dac91fad3a346388589987cb9a`
SHA256	`e9212b16f2d3292d0b0eb67134a70778ff1b0aede4918831e5bdba3f950db2a7`
SHA3	`7a0a3e741ea89b752fca14451f1e9b9ac5600d99a7408d04c7835e30688f8fcf`

3869

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x2c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.07875`
MD5	`4b18eed800e2806db8e0aacb95fd54f2`
SHA1	`8b09634f818d6823f6466717f3863cbb466d97c1`
SHA256	`0714c554acd308b38c3d6319f7e470f76a16d712f696545eacac2bdc725dfb95`
SHA3	`067dea0fda55e331beab407da1e0e79a9d71fe8a8d0c965384d459ce0a8d499a`

3887

Type	`RT_STRING`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x53e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.18003`
MD5	`c260fc0560cc8c7d1a979db82f172142`
SHA1	`0cf7de555da00d9160b2311a25c459da7de598f9`
SHA256	`a5e23c6071b4faf115605493d1fd2e238c1d915b412f869aa6a7a77726f56082`
SHA3	`b5f76ff984cfc414e534d6bcd71dce53168b5371571326279bbae2c616c0abfe`

30977

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.25451`
Detected Filetype	Cursor file
MD5	`3d450f2094c84984837980f91f416db6`
SHA1	`e0bad6b2678b454397809a1ef24cd6195b4bd458`
SHA256	`ff202c8258ef06c3ed862e0bc1a014575384639fbd598da6229336d68b255ffd`
SHA3	`11ba017ef021dcf1bb23e4834b9de4bfd1864a18b2a5b9b8b8e77257559d2eee`
Preview

30998

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`ed8179c5f20ff874be1bd0098af76eca`
SHA1	`7aa6b6ba529c2710c7bea69fb18a2067852ef987`
SHA256	`64e17430676e2113178247a5c0d792ae704d00899cb60c56156fc7d9bf824b99`
SHA3	`37e8817122ee0379e2458e8b55132d062482ae553cf88b45725908a67012b190`
Preview

30999

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`d3d02cf14dbfe1523c1ef143cea3eb85`
SHA1	`af4b9b5a7c69ac8682ec367b7873e0ddbc5acf40`
SHA256	`a9453e1af624a62f80defdca32aacf5bb0e031e40db0bcaba38707b209354914`
SHA3	`71fc8dced4a4b7c0d8aee098303fa90f4832bb4092bf96393fbb47d267e2ea5b`
Preview

31000

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Cursor file
MD5	`4634b24e3e8ba5549e36c8ce0da4db72`
SHA1	`6f933990cefa2e67147e6d3b9132f74281bfa183`
SHA256	`1dfd89b18fd53004c4a6f623c36e459408b4788b4619d38b42e75c2847e2ed72`
SHA3	`c56c27c633699841e29005512e7c7fb0560eca864520aa59d859c1edc02d9c3f`
Preview

31001

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`a8e3d308634fed8be67e2407a0a5baf7`
SHA1	`573f5ca20167e20eb7e8d2fcba8ddda418fc4f55`
SHA256	`24bcf1184228f7899773ec8556b32250ddfe39b85fd4262886a2c7812f867e53`
SHA3	`1205719114281d8e4f7d38768e99d60dc728e005067fb30665fb453880e1ddbd`
Preview

31002

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`fa2fef17630a7a14788c2ac68afd6e0e`
SHA1	`9c2b9b48c29308063a3a369db18517052cb6bb43`
SHA256	`819b22e7771d48daa6f726a25aed712ace9594c1e0d40ec8c2cfac55e052ab6d`
SHA3	`cff6c790fd7f9694b3cc3251fa2d4dad106e3cad22918683d82640ea1bb11ebe`
Preview

31003

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`975596b334c3811a6899d17dc1083c83`
SHA1	`77adb688a202706cd60619067d29413db049e2c3`
SHA256	`749de8c6268f233434feebbff1f5f5539d32cb07e993e3683224a191a035362e`
SHA3	`f71229575da7bdbcc657ce7b3d0ea4a9395a2a1c748478c6d01ff7cc47ba620c`
Preview

31004

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`985701c173e621affcfdbfd1d59b2b26`
SHA1	`7de3c4ac09bbbfa31d41bfac6ad57680a97aebea`
SHA256	`dc8e11a16e6536d3d1a39cb67fc1d18e827632dcfc017c95bcbc09e1203361a3`
SHA3	`7acc7c6ce749cbf04d35b0fabfca7aeae76df38c8067de7942e4f432db00c493`
Preview

31005

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`c8872a05e76e0ef00f1eae141c9035b7`
SHA1	`dd2072409381c136906a4ec3e7a313d469061703`
SHA256	`6963da9b0f501c836ec1faa3291509c14f590e21c9dab60334935b82bf96ed2c`
SHA3	`f0a5677f68149eadaf661d29b05e710554d8701e3eb134487273b48b45995b69`
Preview

31006

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`ba8077ea6bf74dce56a20154e7e58eb5`
SHA1	`0d569abe9f308af49a8dcf78bc253db658f1e751`
SHA256	`740049b806166ae0d46fa3d93bdf27f54a98f4794207cf99dd4abb266a095745`
SHA3	`7b5b9cda4c14c5534f35ee36c81cafa2b0e874db5788c3c4a5d744445165691f`
Preview

31007

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`9f93d6a4c75476bea0138d8bbccbe9a7`
SHA1	`4c96b312ba45a7d458758cf5b3e771ecf9c65751`
SHA256	`13b71e0c02c3353ef505e62aeaeaf86ebb131316124c04268b6e30a83a043389`
SHA3	`b2e0ad01b666ed06fadef83ff5f619de4af523a6ca71c392b19ce1ad93ba0fff`
Preview

31008

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`fcc712334fd167783e1a44a73e0f6f09`
SHA1	`e2da7beb35505b7766650fa4884200f5317e4fc5`
SHA256	`ec04be8de75d3407283893c6a0321d916f442ee4ff2100f9ddb5cf54785d321f`
SHA3	`6656f036fe06c965dfc2cd228f1c68e87c466edceb168e49da9a5d58fb695f95`
Preview

31009

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`1e3bfd5bd834e8f630f5ef9b8ea5d3cb`
SHA1	`c0667c62a14e80fdbaeb7c9f23252828a071ced6`
SHA256	`8101394d3b55aaa3d0974d6d06632a5293b3f4862c7f1ebc14cb8306ae96788f`
SHA3	`2a4061f991f7c6b52be3064c5bf411887c6ea66715fab95ebd5c0864e14747a7`
Preview

31010

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`398e87be0e91cb871c9a96a221c53a60`
SHA1	`dd71a7afbe2ccfeea0bed382eb9b6912148e43bd`
SHA256	`9380046f0b83f607b4d7e66b0d76a6721e3447dfd2f92649d8ef67e99a658d68`
SHA3	`1e11f90f86b5194171029ecf056fdbf0de8e04a16a9d314070211c7dc8564034`
Preview

31011

Type	`RT_GROUP_CURSOR`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.01924`
Detected Filetype	Cursor file
MD5	`4bda6edeff5bf50041ad33c62f9f12d8`
SHA1	`1a23a6a6a82d09670b361e7ad4a595fe90a39532`
SHA256	`f7dcea395c702124404b91a17f916f903d05e35385980796314e220a266166d4`
SHA3	`8ad6063b218f44efe60c5eaade70abbad9839b9fe9b4c71457bdac3feb083b60`
Preview

128

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x164`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.40165`
Detected Filetype	Icon file
MD5	`0eebd32d223fd0b93f6f231745e009af`
SHA1	`47ac495bca0630671bc83bd046a05dc660095c4f`
SHA256	`5d878c14445d7d94113655ff4fba5d3c4693831dbe79327c37f09286da5b8188`
SHA3	`66c5b259e12c24551bdc04c51481d87f55a45a8908613471074d4290e295cc19`

1 (#2)

Type	`RT_VERSION`
Language	Japanese - Japan
Codepage	Latin 1 / Western European
Size	`0x2d8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26683`
MD5	`e1635318623fd60447132174cc079af0`
SHA1	`bf1978ebd3bb9b3c2fb2f25f4315f87181310ee9`
SHA256	`324f644e51cea0e57d29bce1eea3d50f7f0ae7a5a5790b491e2f4af95dd8565a`
SHA3	`4a65acfd70eab2099f1c7bf13de7afcae2b6b7e185d173bfb5ce4026418eb635`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x32a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.12227`
MD5	`fb3baa426c1d6faeeec533b5ae6d4496`
SHA1	`dc884ecf08d4d74abb1fd3036879301256c8398d`
SHA256	`0304204b266e269558f5f0b86fcf5aefe6919358c47e3e435e04471f3ffc16f7`
SHA3	`23df4008bae7c8d8df05380aa079a89f4e51f3c7b14d177edaf15e1041722369`

String Table contents

Open
Save As
All Files (.)
Untitled
an unnamed file
&Hide
No error message is available.
Attempted an unsupported operation.
A required resource was unavailable.
Out of memory.
An unknown error has occurred.
Encountered an improper argument.
Incorrect filename.
Failed to open document.
Failed to save document.
Save changes to %1?
Failed to create empty document.
The file is too large to open.
Could not start print job.
Failed to launch help.
Internal application error.
Command failed.
Insufficient memory to perform operation.
System registry entries have been removed and the INI file (if any) was deleted.
Not all of the system registry entries (or INI file) were removed.
This program requires the file %Ts, which was not found on this system.
This program is linked to the missing export %Ts in the file %Ts. This machine may have an incompatible version of %Ts.
Enter an integer.
Enter a number.
Enter an integer between %1 and %2.
Enter a number between %1 and %2.
Enter no more than %1 characters.
Select a button.
Enter an integer between 0 and 255.
Enter a positive integer.
Enter a date and/or time.
Enter a currency.
Enter a GUID.
Enter a time.
Enter a date.
Unexpected file format.
%1
Cannot find this file.
Verify that the correct path and file name are given.
Destination disk drive is full.
Unable to read from %1, it is opened by someone else.
Unable to write to %1, it is read-only or opened by someone else.
Encountered an unexpected error while reading %1.
Encountered an unexpected error while writing %1.
%1: %2
Continue running script?
Dispatch exception: %1
Unable to read write-only property.
Unable to write read-only property.
Unable to load mail system support.
Mail system DLL is invalid.
Send Mail failed to send message.
No error occurred.
An unknown error occurred while accessing %1.
%1 was not found.
%1 contains an incorrect path.
Could not open %1 because there are too many open files.
Access to %1 was denied.
An incorrect file handle was associated with %1.
Could not remove %1 because it is the current directory.
Could not create %1 because the directory is full.
Seek failed on %1
Encountered a hardware I/O error while accessing %1.
Encountered a sharing violation while accessing %1.
Encountered a locking violation while accessing %1.
Disk full while accessing %1.
Attempted to access %1 past its end.
No error occurred.
An unknown error occurred while accessing %1.
Attempted to write to the reading %1.
Attempted to access %1 past its end.
Attempted to read from the writing %1.
%1 has a bad format.
%1 contained an unexpected object.
%1 contains an incorrect schema.
pixels
Uncheck
Check
Mixed
One or more auto-saved documents were found.
These are more recently saved than the currently open documents and contain changes that were made before the application closed.
Do you want to recover these auto-saved documents?
Note that if you choose to recover the auto-saved documents, you must explicitly save them to overwrite the original documents. If you choose to not recover the auto-saved versions, they will be deleted.
Recover the auto-saved documents
Open the auto-saved versions instead of the explicitly saved versions
Don't recover the auto-saved documents
Use the last explicitly saved versions of the documents
%Ts [Recovered]

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Moo0
FileDescription	Moo0 Installer
FileVersion (#2)	1.0.0.0
InternalName	Installer.exe
LegalCopyright	(c) Moo0. All rights reserved.
OriginalFilename	Installer.exe
ProductName	Moo0 Installer
ProductVersion (#2)	1.0.0.0

Resource LangID	Japanese - Japan

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2019-Jul-07 21:21:44
Version	`0.0`
SizeofData	`89`
AddressOfRawData	`0x17986c`
PointerToRawData	`0x178c6c`
Referenced File	D:\Development\MyCode\VStudio\2005\WeKnows\Release\Installer.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2019-Jul-07 21:21:44
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x1798c8`
PointerToRawData	`0x178cc8`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2019-Jul-07 21:21:44
Version	`0.0`
SizeofData	`1028`
AddressOfRawData	`0x1798dc`
PointerToRawData	`0x178cdc`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2019-Jul-07 21:21:44
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x5b6000`
EndAddressOfRawData	`0x5b6008`
AddressOfIndex	`0x5914d4`
AddressOfCallbacks	`0x53090c`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x5c`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x5889e4`
SEHandlerTable	`0`
SEHandlerCount	`0`

RICH Header

XOR Key	`0x50769d59`
Unmarked objects	`0`
241 (40116)	`38`
243 (40116)	`177`
242 (40116)	`33`
C++ objects (VS2008 SP1 build 30729)	`1`
Imports (VS2008 SP1 build 30729)	`28`
ASM objects (VS2015 UPD3 build 24123)	`36`
C objects (VS2015 UPD3 build 24123)	`24`
C++ objects (VS2015 UPD3 build 24123)	`162`
C objects (VS2003 (.NET) build 4035)	`1`
Imports (VS2003 (.NET) build 4035)	`11`
Total imports	`727`
ASM objects (VS2012 build 50727 / VS2005 build 50727)	`1`
C objects (VS2012 build 50727 / VS2005 build 50727)	`10`
C++ objects (VS2012 build 50727 / VS2005 build 50727)	`56`
C objects (VS2008 SP1 build 30729)	`15`
C objects (24234)	`14`
C objects (VS2017 v15.4.* compiler 25547)	`74`
C++ objects (LTCG) (24234)	`273`
Resource objects (24234)	`1`
151	`1`
Linker (24234)	`1`

Errors

Leave a comment

No comments yet.