Manalyze report for 135501ed1028d04a26b144a9f2c5761a222133b14b8057c62a476a560eac2534

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2003-Mar-07 12:42:17
Detected languages	English - United Kingdom English - United States

Plugin Output

Suspicious	The PE is possibly packed.	`Unusual section name found: .xlok` `Section .xlok is both writable and executable.`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA` `Can access the registry: RegEnumKeyExA RegCloseKey` `Possibly launches other programs: ShellExecuteA` `Memory manipulation functions often used by packers: VirtualProtect VirtualAlloc`
Info	The PE's resources present abnormal characteristics.	`Resource 105 is possibly compressed or encrypted.` `Resource 108 is possibly compressed or encrypted.` `Resource 109 is possibly compressed or encrypted.` `Resource 110 is possibly compressed or encrypted.` `Resource 112 is possibly compressed or encrypted.` `Resource 113 is possibly compressed or encrypted.` `Resource 114 is possibly compressed or encrypted.` `Resource 115 is possibly compressed or encrypted.` `Resource 118 is possibly compressed or encrypted.` `Resource 119 is possibly compressed or encrypted.` `Resource 120 is possibly compressed or encrypted.` `Resource 121 is possibly compressed or encrypted.` `Resource 124 is possibly compressed or encrypted.` `Resource 128 is possibly compressed or encrypted.` `Resource 130 is possibly compressed or encrypted.` `Resource 140 is possibly compressed or encrypted.`
Malicious	VirusTotal score: 5/73 (Scanned on 2025-03-29 12:59:25)	`APEX: Malicious` `Kingsoft: malware.kb.a.999` `SentinelOne: Static AI - Malicious PE` `Trapmine: malicious.high.ml.score` `Zoner: Probably Heur.ExeHeaderL`

Hashes

MD5	`f1139dfb474e96a9bb0c362c0d1a4e05`
SHA1	`4e07c4a09691e71ca2a4a3acd1372834acbe83a8`
SHA256	`135501ed1028d04a26b144a9f2c5761a222133b14b8057c62a476a560eac2534`
SHA3	`079bd920818ae664a0b96265da927ff4f13dba7c89b1a55d5878017140ea64df`
SSDeep	`6144:UGEbnL9D8cjtIEjYvVm96qXWFYuVdpAMS3rD5r2snBT7Wd4mA2Mae//m2M7VC1M:SRrtIEjYttqXuhzpaV20t7Vw+/m9j`
Imports Hash	`d268c391bbb4cbaa6ce9196f7dba91c6`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2003-Mar-07 12:42:17
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`7.0`
SizeOfCode	`0x2b000`
SizeOfInitializedData	`0x2d000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00059000 (Section: .xlok )`
BaseOfCode	`0x1000`
BaseOfData	`0x2c000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x6b000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`c39ae67c9df902ec197955f4a9a2215c`
SHA1	`363e25df103e55aa0619aabcb584815f6f24f270`
SHA256	`4757705b91e3df9d24f51fbe6035680a1d78a70435178bf75fcd66c4d9589e7f`
SHA3	`118c2c3078ac19d749a3b82e2b9c9cb12cb5ad93d40bb540f1be30adc6a60875`
VirtualSize	`0x2b000`
VirtualAddress	`0x1000`
SizeOfRawData	`0x2a0c0`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99884`

.rdata

MD5	`b381b9b8a54411e64ff6dc21c92ef00b`
SHA1	`57819076136996968169e13eb54a6e911bca8a86`
SHA256	`673040fb61f487ae5cb7d7357c3ec2a193650f49c3cc2703118678e993630f2b`
SHA3	`b527bc355d3938d29d3e40f251e1d0cb46f24dc0c92c4c74de896bb78a87f8a7`
VirtualSize	`0x14000`
VirtualAddress	`0x2c000`
SizeOfRawData	`0x12650`
PointerToRawData	`0x2c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99745`

.data

MD5	`b76fe6a5b1c819a1e65db7e47e091940`
SHA1	`002dd9d3d6142f59dc06ade14f17595ef3fa72e0`
SHA256	`806c769427df0097d755d1159e912dda9075a260112c20f7ecbf7cfb102dcc8c`
SHA3	`974e9506500a2552394bf4be587623715dc9ea2d2d8193b4539d3c3386eab3c7`
VirtualSize	`0x7000`
VirtualAddress	`0x40000`
SizeOfRawData	`0x36b0`
PointerToRawData	`0x3f000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.98418`

.rsrc

MD5	`4a069b104ecc7145ff201cd975a03f86`
SHA1	`db2d4baf5d10c3ca4947db0bcf314ca42c741ba7`
SHA256	`f29e264b0c7266aeeb5609dbfd23d9a7e5b9bcf8d0308263f5355dae21e78bc7`
SHA3	`e687be358bc7e02265dd81784cd2b53ddc4461b7f8ee0ef77c18a0e7c0728105`
VirtualSize	`0x12000`
VirtualAddress	`0x47000`
SizeOfRawData	`0x11d50`
PointerToRawData	`0x43000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.84548`

.xlok

MD5	`251f7cb639280e2cfda2e1d5ceb23c63`
SHA1	`f5e34afff6f580fddb99e6a44e7f816cc88a5ae9`
SHA256	`5316ac119274f964f812240b014c44abac920214c56f87e187beb2d7fc8b168d`
SHA3	`cab3b629b95084d3984a1a513611b1c12f2b52c692f967a6627bcd5ec10aedd5`
VirtualSize	`0x12000`
VirtualAddress	`0x59000`
SizeOfRawData	`0x12000`
PointerToRawData	`0x55000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.71288`

Imports

USER32.DLL	`MessageBoxA` `CreateWindowExA` `DestroyWindow` `ShowWindow` `UpdateWindow` `GetWindowRect` `MoveWindow` `GetDesktopWindow` `wsprintfA`
KERNEL32.DLL	`GetModuleHandleA` `VirtualProtect` `VirtualFree` `GetProcAddress` `LoadLibraryA` `VirtualAlloc` `FlushInstructionCache` `ExitProcess`
COMCTL32.DLL	`#17`
GDI32.DLL	`CreateFontA`
ADVAPI32.DLL	`RegEnumKeyExA`
KERNEL32.DLL (#2)	`GetModuleHandleA` `VirtualProtect` `VirtualFree` `GetProcAddress` `LoadLibraryA` `VirtualAlloc` `FlushInstructionCache` `ExitProcess`
SHELL32.DLL	`ShellExecuteA`
USER32.DLL (#2)	`MessageBoxA` `CreateWindowExA` `DestroyWindow` `ShowWindow` `UpdateWindow` `GetWindowRect` `MoveWindow` `GetDesktopWindow` `wsprintfA`
WSOCK32.DLL	`gethostbyname`
ADVAPI32.DLL (#2)	`RegEnumKeyExA`

Delayed Imports

14

Type	`RT_CURSOR`
Language	English - United Kingdom
Codepage	UNKNOWN
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.6716`
MD5	`f89a4c134bbc6653409a476dfaeb4cb2`
SHA1	`be5867cd688f15fae6b5be2ac01efa46b2c5eb7c`
SHA256	`1180762f99755fa0c5038c8c8e227752d0ffb3d7299742f57ad85dbabe461309`
SHA3	`b4871fb7292a891473b8491033638b77fa6eaf94800c15bb0c6e1b866d37e52d`

101

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2ac0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86997`
MD5	`a19a85bae69d83dbc86a650e2ad12429`
SHA1	`3cae71cf677ceb2bf3f01b039ec4d144c7ae7066`
SHA256	`dda5e9cfa59a354a87df55c7e260d0e495840e562998cda4ee198c8594b6c17f`
SHA3	`eda7c202989ec3860822353997ac3a5edd3921de236c4ec8893feb2689a29671`
Preview

140

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xa74`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67307`
MD5	`e7efdb91fe4fdc5fa3b33b2c38cefcef`
SHA1	`b71e94c27ae4f390441d1805fd4ac4eb70880c19`
SHA256	`6f91f47395803978f3e774391c12dccacc0f6dbbf84ec3e7b9a248907ac868d6`
SHA3	`18ac7f3d895798190a4be6f71cc0c1358a259d1f0283ebcc2bb4f80011c27d8f`
Preview

153

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2ac0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.84186`
MD5	`fa9714166ccebe564513154063cd00c5`
SHA1	`f4c91e136d77121838e9c4bbcc14596e46de7ad7`
SHA256	`f2ee8b17755978ff393bedba66307d557ce2e92bad22e5eedaa6dfc96b7276a2`
SHA3	`924885eb617d1b26ce02fdd0e741a2db7d6048007a98b59e15c0938ae8e06257`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.23702`
MD5	`ce6b391194c3e80c144d3646f681ed47`
SHA1	`f08419caa0e637f1657760d9623768dce431f2ff`
SHA256	`584750de40698589f48b4cbbb9e55750863ddd9aefa9cbf274e19c99384695e0`
SHA3	`d6823d94aa77ad80755d62e2379eb9315d57bc68ab3e151c7b428c3cca60ccad`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.3821`
MD5	`3b819510610fd835b1150a53599759c4`
SHA1	`b259e8e96702198c79601169d0a503428a8828d2`
SHA256	`5f0020ae83dfe3948d3b123471edaa90a1ee6dfd1dcda7d38aa9e9f1e6560abc`
SHA3	`efb60ef25782afccf57cc927b10042b9920d2e5c857cba394805d0e6698f729d`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.27546`
MD5	`971467fcecba2b210413ff60dfb71382`
SHA1	`be8f6628d80013bec6fc36f4756492e75ec38f68`
SHA256	`0f306a83e138c2b61482d48ef9e0cfbc20da1d80d89082e671dd19e086e1723f`
SHA3	`e381d7b027ccf06f00ec9dd2be6febc05ebc2c0678efd85303447ffa5b2c7238`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x130`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.264035`
MD5	`0a88f8a958cd085cf10c4b83207fff90`
SHA1	`53232bb47ac04c8e90169af8e7220ee8b09aec09`
SHA256	`01007be27c6dd1d14fb9eee8c5d4414a9ae682a28c36784e95e4aed858455043`
SHA3	`7b1b48b1f07c228a170075b4f0c319299eb39a962e54c5f196b1303ad246c21f`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.89144`
MD5	`89ce5167e984a35d474be831d28cc6fd`
SHA1	`41bd7b615f70817859eb03c7642659e9b1785c5f`
SHA256	`5939d625250e501036d1895d7e02dfee52df3ef7e6c3ed4c112818b40f6c8c2a`
SHA3	`8cc4d133ac621119933f9eda7ac6908e55e292b004d9c9249e097bb490e2c5d8`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x330`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.4117`
MD5	`fc96ddba690be3bd447520393642f382`
SHA1	`724ed8e67f080fa6f4eae627757b5da4638b63e7`
SHA256	`d1e04c902acbb37416530daacd48f38538daf1c4d17d2d189bcc694adcc3a1ca`
SHA3	`a3d6c798c4ec0a65d2ff8445121818c72e6fd2498c096af5de8e03e585833ffa`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.89685`
MD5	`8eb0af43243dacc441a674ca1fe4dbb9`
SHA1	`cab7f74b955a62d3db7cc4ffca1ec5ae90c1299a`
SHA256	`23af474ff563751857d0bcfd1fd6d1d8382727e61befbfe265e78afae0e51c4c`
SHA3	`9ae53f550aadd786f668c71ca9acfe7c273beaddbacaafd17ee525c1c2333bbe`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xb0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.2104`
MD5	`726199b04f9bae634969a13c67eba24f`
SHA1	`fdfb53c3d67100117c3985b981bd2bfcb71816f7`
SHA256	`6ae8d99d9490dd4eb8bfcb934a36b8ed39d0d0998535cab8bff2184d32597678`
SHA3	`1d3dca53c75cf9cab87626c138a660e7c01aab60d741276ed09383a54a7b8c21`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.27621`
MD5	`2c830e745ae889d816695d277959137e`
SHA1	`13f91d2c7acaf1af8ea5d6e4c6176c52d7168975`
SHA256	`7774dfd7db46f1e0f85968d8ab5f6631a3d757f5e58b2c5bcdf17e7cbba26c44`
SHA3	`aca4a7f77844f52df2210b47d177bd8b7da2217baab489adb27659caf784a4fd`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.65306`
MD5	`b3158a3164312d5cc0d32d123ab8ef26`
SHA1	`691bf8341974bfeb7aab2649dd75f6b953cfdf60`
SHA256	`6987e06de6c76be3031856cf0944fc21d318a6b6b2f6f52c968eb5de43aa0ac1`
SHA3	`18bc30d8215a7685e909b33266b875f3794d7ba09dee8b0985f9f78e9d41ac02`

11

Type	`RT_ICON`
Language	English - United Kingdom
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.7915`
MD5	`769c5c2e640a61beba4295ae9cf22013`
SHA1	`044a4b6c6afcdad7f188d81fb4b39b10cba2e7cc`
SHA256	`2b4e2e9623199e0d39d1d4afd7c590ceef5069896e3567238e71174af21e103e`
SHA3	`0aed1a5992a3100286c9752bb29b108f09c1c5887f257d8c702e76e0efa16315`

12

Type	`RT_ICON`
Language	English - United Kingdom
Codepage	UNKNOWN
Size	`0x1418`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.05717`
MD5	`8fa102dae203263337f0ddf7d77a1ee8`
SHA1	`fd37bbe2b919df55ff9f5ce682b639d5c28a4bf2`
SHA256	`edb3bcec4e64b313f19f6aeac38b743bfb7538fd50a641b925c10f6c13ad330b`
SHA3	`ca6173318cd1ffee170d2fbd630e584d85a1cb20428762e8df2fec787e04e806`

13

Type	`RT_ICON`
Language	English - United Kingdom
Codepage	UNKNOWN
Size	`0x1418`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.81868`
MD5	`4f861ff40e33646f3576f523236a0679`
SHA1	`6532a653cb8f6f0d4f5727639c2eae026a0aea81`
SHA256	`91d9657b0b2cc577606225cc2ce3e96b268c6714f07967de280f04c4461bffc1`
SHA3	`9dc7562e3620ba1adbb298fc9debad7cbc5557aa8a9781013470d1642670c99f`

105

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x346`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.03977`
MD5	`a36a3c856714ca445c8b3e6f1a75b2e9`
SHA1	`65b82b30b5ab3a74106402d0e32dc4307d1ef6b0`
SHA256	`917589ca11df04a958fb9b69d4b72a589ef1a5d8a25aa3504e37bd8343741751`
SHA3	`eba167e9a8f39886845d581c2f16b0ee1a624f1d91c1dad7856a191a96436f7f`

108

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4b8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.12201`
MD5	`7c8b391ea2e86d258483b3f050695bc1`
SHA1	`701ae65703b404b0d183ff4f9ac89d6ff96d9e8c`
SHA256	`3bf32ab79c25b28cbb081cc7892323eda1c73175b9d773d085a55e6ffb85c977`
SHA3	`268bf7674d3d40a315c8ba8ddb7ee9b3316f0355734bbbd98e1beb9c90da4de7`

109

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6f4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.22401`
MD5	`97386c0cdc56be699ca0535c1b5ac18f`
SHA1	`72ffb2d34b932d21f7b7198a82cfd04b12a6aeb4`
SHA256	`2705f178c66eaec28dfa23716894f4f46f7dc5bedb78c7447266f857728707ed`
SHA3	`6be39d405a66708529ac32f7245080cfbf64cc78942f754384b3c10fa96e3c15`

110

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x72a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.18987`
MD5	`9e9a6543b978a32d95910c65b1556061`
SHA1	`d2616bf4bc1b30f32bb0eb6263c3afd698d8fbbd`
SHA256	`0b963edbb52c3d2ad77db7c5f9ae99d5450fd2497d49ece96fe3ac23a8752e0c`
SHA3	`a54e90bf983aac7868286926335916a32f875a1f7d8e9a8dc89ffb10acfce065`

112

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x360`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.1036`
MD5	`0cea94d5940c8da0bbd2fbd0e99dd4f3`
SHA1	`dafd7c39a6e7fb2c6408f7dd2cc96ab943242a36`
SHA256	`94d8b661e115344db965bae535d2850baa671dc655d50c0e45974e4a1676bbc8`
SHA3	`e7b20e38310f8cd71d814aa01c967238ff049aa7245813627525af523ec117c7`

113

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x400`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.12366`
MD5	`baf5ccec144d27617b8e0ad8ded48b71`
SHA1	`dc3ab018d2798a6bc3491343076dc0d421be3216`
SHA256	`66a85baf7e47500e89ad9a3a7b739dab82893dbbf783b97c932ae517e79b4732`
SHA3	`af282990b7f7d8c8c837cb9fa46733676f8ca8a5c55ee3a0d374a075e61eaec5`

114

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4a2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.05011`
MD5	`3542be8effac9ccef58d16cf43375055`
SHA1	`f26e4a05794c968bca4cf8e45fa5c8b4cc4c09b2`
SHA256	`4eccab40486e57e1b4f22631145757fa39eaa842764da149077e8a9c949c3f29`
SHA3	`eb0b5f01a8baa24c21785034b21e6d28439d4a7905951cd1e20828aa34acd303`

115

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x40e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.03224`
MD5	`d83bb997dc8aa569b10ade6ae928535b`
SHA1	`48139625edf0af56ca30f71649e049948332d0af`
SHA256	`f1910ca634a8c290054f45bf7a9ab4d3f3b7da0f5e036eeca286b8b0d0ab74d5`
SHA3	`5af1464408678f5e85519404aa0ca1e1c11a1ee1b12fa7998255b1cb860a7ad7`

118

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x64a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.16604`
MD5	`4c3c1acf50cfeb3dfa4999a052b4a8a7`
SHA1	`3d88b1bbb7a836df9d207250c23cf20a7f449b31`
SHA256	`3a4ef298dcee7ad59b43c11f1d19bd49c50515dcfdfc8871ea271b33944bfefb`
SHA3	`53f30002386ee2c95d727f74ce5fe93f6dce5aacb9ee84dca45b6cd15781c4c8`

119

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7ca`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.19609`
MD5	`8593d69336a5e9365b26217f75aba244`
SHA1	`7ea04f1d7951c306936257a487b3e7677a80e6ef`
SHA256	`18b1c111aba83e2b1f4259a28d4a44c2e1a2c9d885402123e00a17085d10afbe`
SHA3	`ff85208efbee18b9d46b6f768a3d3711a6b642f4ac5c555f7fe29060b0196d7f`

120

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x78a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.16794`
MD5	`5cf05d72dc5d8ae24dbcc777c67e6f2b`
SHA1	`ffb272b0cc7bc5a038d1c6f237710cd8867ee935`
SHA256	`0eefe80da24534d9b45fda8d64143f5f0f4f9e484e1ca13794f3d0c9f6fb1c87`
SHA3	`c76ecdaba38f207741f67f922b02fb85e44d359f75a0c56aefe0c1e792f0d72c`

121

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6f2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.02797`
MD5	`9705d55fb7247e2eaf7d760928c66292`
SHA1	`49bc1c2d6af60d71e015fb0473e8dfa80eb02030`
SHA256	`4524c9bdb02f1a63121cda27e1ed3142aaac3faf2d52d145d7293ae3d47b84ef`
SHA3	`35bce0be9dc1c7b990911d7feebac2e450c24bb8a11ebbe04ddd75c2b8a98733`

124

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3dc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.11093`
MD5	`b323ed15c8007f427651f2c7abd721bd`
SHA1	`b9569d88721ccada9c6b092c266fc0572ecea9ff`
SHA256	`658f334b40cbad013286351dda6a01227807a36241dc7c2963d469bb1e6b8da5`
SHA3	`b3a83311bb3e077429595f037a8e2e3cc368daf5eb490735043a45f454888bce`

128

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x47a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.1673`
MD5	`643dab23b61a9c746754f0f82cdb6a73`
SHA1	`3f2273bfd97de822b3171a80b196f24899e7c795`
SHA256	`77f8d584cb4cb62c2c9b68c9cbfb2e6afba2aec018249b704fa4cf7cb1ee7187`
SHA3	`1d6b526a68a8d8754c827e964df1945b6b6395c56792555bf2b32cd142b1e936`

130

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4bc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.19229`
MD5	`f1813ee86b192430f30ad30eacb50f00`
SHA1	`a876dd70109da07f5c92fd1358acf6490a379c99`
SHA256	`134481a3e3ffc9095532306d923a28b8dcebe10f5921655b124b515e0f3c5c69`
SHA3	`67d5a032eec00c176c78e619f5a94711e32d08c579a51c8d30624fc11f35283f`

139

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x138`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.73302`
MD5	`21bac57a39159bd087ba153f9936fd38`
SHA1	`dd90c15196f9f1166bc1c179a62d8b0ad2b99c92`
SHA256	`c769da294197a1512b294389b290f577d7b796ccef00996eba86f7f06cfe0a7f`
SHA3	`885f090c93d817aa75190644fb99650e0377dc1e9bd6852233de84104d9b86bb`

140 (#2)

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x414`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.06199`
MD5	`a5eac1e953cff64b5bfde01037ad4100`
SHA1	`aea9a3c20db0b2ea589bf570e51eaea2eb08d28e`
SHA256	`57f93d7741d9e76e1740d5dc72c19f59e456360ea886875d4da86a084b447de4`
SHA3	`a5b60ff986ef2941a8e77a8e58fcca863c1c9011754f9199d4f750bd5a15b62b`

141

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xec`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.49453`
MD5	`c2a3d28648ed63d2c8dd33e3990532bd`
SHA1	`23ccd9fbed712037d5a200e714ee425778c52f63`
SHA256	`2576884b80e09f7c177bdeaf000a6538713f5c702446fbde004c487893c0bb1b`
SHA3	`775c053cfe7bb198e575c2349549eeb2289bcce7542880fa156a6d21021a3743`

144

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1ac`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.9087`
MD5	`c0cbccc8a1801daa39db1ff824fe722d`
SHA1	`0d57012b46931378ff1922ae87db976435c3ba92`
SHA256	`faeaad391b67b4770574df3fd8941661d86d96dee9627a3475a73c89959afa54`
SHA3	`d9578fede85b876b86001956beeb15a2b95cc5215f63fbe5fc9659d27e32441d`

162

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.74586`
MD5	`75ebbf736937616149020a20ff4a7eb3`
SHA1	`49b950140e73665e68054764cbec152a3e430c97`
SHA256	`b5f13d28fe10220a7daf15f9295fb8bfa53cfd08ab5164c80e3c3a96150f3ef0`
SHA3	`da4f0ed04743c46eb87d8d541d577d4d1c736b1ca05b9fd5c98789c6858806ea`

11 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.04926`
MD5	`0ff6589f0f28d1b7677b215e07608060`
SHA1	`037b4b43b0605b1e4b155fc299f888b25af6db4b`
SHA256	`00d263133cb4eafe84902ff043ea19e11651711cd5c9c2f89176899b7b3edb4c`
SHA3	`96112ceb1e16b80d9ce362f6e1adfc572634edb390de885bc573fc7dd1e91056`

1130

Type	`RT_GROUP_CURSOR`
Language	English - United Kingdom
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.60869`
MD5	`a0481297720e28da50f29e20b8a1d2c8`
SHA1	`543f55220ebe077db8b9344318018e3d4fa16af4`
SHA256	`893f9ddc9ae82914bfb66ee7b21a630de1b1aaad4f0720a17a88e55ef9e65b55`
SHA3	`fe18aea0050e51f1c99baac6912493ed36caeacfd816f4b957fceff1ad208c15`

116

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.92001`
Detected Filetype	Icon file
MD5	`a9764da318c8bae8718d5e986d87a82a`
SHA1	`33004fade69b6703d3b860227021467946a32e80`
SHA256	`23964df41c3508f93cca00806cc772d06263e5ea2c3befb5b8efc10cd371a7bb`
SHA3	`82e3401956ceb03bf242d36c472a0310996db64e200c60b30e218034c8b087eb`

148

Type	`RT_GROUP_ICON`
Language	English - United Kingdom
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.32322`
Detected Filetype	Icon file
MD5	`87e182c1614e266b343fa24b761602ee`
SHA1	`10327108dbfe50a33cc8452cf334f78078719bc3`
SHA256	`1a5a53db43e95ffd2fd95ed4778e2ae36cb517d5e4d476ab345bcf017e6818d7`
SHA3	`38017a80cc9501644fb199b7827bc520a33cc85c3766b695c846fc2bd1bfdf86`

159

Type	`RT_GROUP_ICON`
Language	English - United Kingdom
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`2d0848c1e45760f3d376cee903a0f3cf`
SHA1	`1c0815d670d0a1a6dad8a140c777ca9f67be9b56`
SHA256	`c1b8d17bf58c47a732475d46901762640d62d2098e3deeafb56ee2c3cf547db6`
SHA3	`a33049b8c9b74e03cef7a4114e60d577cf21dab36a63d1e99ee26a2b030a9f12`

160

Type	`RT_GROUP_ICON`
Language	English - United Kingdom
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0815`
Detected Filetype	Icon file
MD5	`f147b5f32bb7a5c915c284c2ad9681fa`
SHA1	`cb3dd52834caf0e45cc450b8a566033b7ed6166d`
SHA256	`61c19f492e1fdc37242b28da247d0a3fccc365ee424e3e4aab24551c9919c3cb`
SHA3	`07acb2384cfca0418e652f1da610fe1bc7b55317bb6be48db7d4dd7ff13eb33e`

167

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.02322`
Detected Filetype	Icon file
MD5	`5189e40d042e5439b247523ec91246d6`
SHA1	`869d1f32bae756d34c9db3a1db19bbd218772ebe`
SHA256	`8d7605e574e5fa516ec9667f8a955db2d6c24d68cbffd908b32414ed7832f074`
SHA3	`0fa3192278df6dbd89cf3ba1febf5452ebe06ba77a8c39c22d95b1616dd3f373`

Version Info

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0x2f0f7bfb`
Unmarked objects	`0`
39 (9162)	`3`
ASM objects (VS2002 (.NET) build 9466)	`35`
Imports (9210)	`15`
Total imports	`167`
C objects (VS2002 (.NET) build 9466)	`157`
C++ objects (VS2002 (.NET) build 9466)	`27`
Resource objects (VS2002 (.NET) build 9466)	`1`
Linker (VS2002 (.NET) build 9466)	`1`

Errors

[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Couldn't convert a string from a RT_STRING resource to UTF-8!
[*] Warning: Resource 1130 is empty!

Leave a comment

No comments yet.