Manalyze report for 14b137584b08621903385783b71c112f0254b183ed7da35a159b3a568cb67686

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Apr-21 17:19:38
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.
Debug artifacts	disactivity.pdb
CompanyName	holasoyender
FileDescription	Disactivity
FileVersion	`0.1.0`
LegalCopyright	Copyright Â© 2026 holasoyender
ProductName	Disactivity
ProductVersion	`0.1.0`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains another PE executable: This program cannot be run in DOS mode.` `Miscellaneous malware strings: cmd.exe` Contains domain names: GoDaddy.com birthpopuptypesapplyImagebeinguppernoteseveryshowsmeansextramatchtrackknownearlybegansuperpapernorthlearngivennamedendedTermspartsGroupbrandusingwomanfalsereadyaudiotakeswhile.com developer.microsoft.com discord.com genretrucklooksValueFrame.net github.com http://dummy.testC http://www.C http://www.a http://www.css http://www.hortcut http://www.icon http://www.interpretation http://www.language http://www.style http://www.text-decoration http://www.w3.org http://www.w3.org/shortcut http://www.wencodeURIComponent http://www.years https://developer.microsoft.com https://developer.microsoft.com/en-us/microsoft-edge/webview2 https://discord.com https://docs.rs https://github.com https://www.World https://www.recent microsoft.com openssl.org thing.org www.w3.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to RC5 or RC6`
Suspicious	The PE is possibly packed.	`Unusual section name found: .taubndl`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryA LoadLibraryW LoadLibraryExA LoadLibraryExW GetProcAddress` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Can access the registry: RegCreateKeyTransactedW RegCreateKeyExW RegOpenKeyTransactedW RegOpenKeyExW RegQueryValueExW RegGetValueW RegCloseKey` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Uses Windows's Native API: NtCancelIoFileEx NtReadFile NtCreateFile NtDeviceIoControlFile NtOpenFile NtWriteFile NtCreateNamedPipeFile` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: GetForegroundWindow MapVirtualKeyW GetAsyncKeyState` `Leverages the raw socket API to access the Internet: WSAStartup WSACleanup getpeername getsockname getsockopt WSASend freeaddrinfo connect recv send getaddrinfo WSASocketW bind shutdown setsockopt WSAIoctl ioctlsocket closesocket WSAGetLastError` `Can take screenshots: GetDC CreateCompatibleDC BitBlt` `Interacts with the certificate store: CertAddCertificateContextToStore CertOpenStore`
Suspicious	VirusTotal score: 1/57 (Scanned on 2026-05-10 04:29:14)	`Trapmine: malicious.moderate.ml.score`

Hashes

MD5	`77b4fc32af1d4a38b1d8dbe52eed1e72`
SHA1	`8c78fbec4dd2f376b9d36ec088cd9dd3e7624abf`
SHA256	`14b137584b08621903385783b71c112f0254b183ed7da35a159b3a568cb67686`
SHA3	`105bd0d26eb82e50a72e6127d569e2d62381aae441d608948e89808a4650bd84`
SSDeep	`98304:AgrFPjO+9LgxJgq6M28g0jT7VXsCD2yJ/mxKKKRKKKKKKKKK7FiLmVTYUp3tl/A:1jO+9EJJyW5DhCVTYUpYp4efpbh`
Imports Hash	`90456226162fa0be313a3e3213d95d4f`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2026-Apr-21 17:19:38
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x8f0400`
SizeOfInitializedData	`0x546600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000008C53EC (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xe3c000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`9cfbc52b1504412503b3dc948f85ff00`
SHA1	`00897951950b56df0b9c8c8d2e3b6f2d9109ca1c`
SHA256	`bbddbfdf35bb3b1a04e3dac9ff4ea7035d4643de2a67e6e9f1ce560141661a47`
SHA3	`a3c1ba9e21fdb9ef91a7ad71981c84604c96ecf0389adc4e304bdb75be8a9599`
VirtualSize	`0x8f0400`
VirtualAddress	`0x1000`
SizeOfRawData	`0x8f0400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.20531`

.rdata

MD5	`878c05c5baf62d02b33a4b73f4ba83bc`
SHA1	`ec478d3c959c0fbb382fe8bf920044fe073a3714`
SHA256	`24c5b89b98377c1aff14b17733866e0c2924618471d0f4a64abec7388850751d`
SHA3	`4067147afde4b70d278f33d71fac427cbc70bda87442982db968f85bf00b25b6`
VirtualSize	`0x4b4a0c`
VirtualAddress	`0x8f2000`
SizeOfRawData	`0x4b4c00`
PointerToRawData	`0x8f0800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.75523`

.data

MD5	`788df895c60914df649f832e88ef2cd4`
SHA1	`46e7f870a573e38c364e04b47c36aed69c3bab83`
SHA256	`c53eedf67a765d56ebb0e6a9bce9807e1b5a29781a90795034ee899bf4ef56c7`
SHA3	`f9108073ea4a7137001cefa6d6ab479edf9370d3d0883047801b15a03ed907b2`
VirtualSize	`0x5298`
VirtualAddress	`0xda7000`
SizeOfRawData	`0x2e00`
PointerToRawData	`0xda5400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.32406`

.pdata

MD5	`24280362a69aeafb6e6567b3b88331fd`
SHA1	`62c94ead491828556997ae1a0bfbfb8f138b6473`
SHA256	`bc805dd4b5d1ff673ab3072fdfb103e76df11c6aaad096cef11b24905e7a0959`
SHA3	`c25d1f3d67225f49c5c73059a916af6830e7db00b37996f3a11c1fd69d6343ae`
VirtualSize	`0x7bfd8`
VirtualAddress	`0xdad000`
SizeOfRawData	`0x7c000`
PointerToRawData	`0xda8200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.57669`

.taubndl

MD5	`d0fdb7fb6e64d1d960edbc36d5b2f464`
SHA1	`efec1708a2e53ab9ab295e962e8b0b716f49da6b`
SHA256	`f9054cd2deadadd5b8ec88f6b190599c1d3de1e19e980961ae83de04d51aa3d7`
SHA3	`e5b6c8d93670570df3b3d3eb9fafa92f1e41bae368086aa450be29a6bd2f3a1a`
VirtualSize	`0x10`
VirtualAddress	`0xe29000`
SizeOfRawData	`0x200`
PointerToRawData	`0xe24200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.122276`

.rsrc

MD5	`8c53e07e5c72dae801c6ae09dea95141`
SHA1	`2a4c693d79f573c6d6a514877ff99b2136dcf864`
SHA256	`0cc887b520a76100329922cc5dcc5102652c36ed476de8b1e497620e03414dc9`
SHA3	`b6055436ca77c438bbc5fe4b87e0b071db11ee11ba4e0fab44ae9ba0ba8fc2aa`
VirtualSize	`0x8088`
VirtualAddress	`0xe2a000`
SizeOfRawData	`0x8200`
PointerToRawData	`0xe24400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.85118`

.reloc

MD5	`212aff5306461b74609fabd7fccd0124`
SHA1	`6de802bd717dc62ff78c35134f0fb14bfffe4f72`
SHA256	`432ec3004a6c83fa5a42bc125cc53d65a7e6a4ca8a7c8625b5708368f5ac1735`
SHA3	`3dd0b0cc2f48b4251c23040134d397f73b7526b07ed6df9f8b14e80dd07fb08b`
VirtualSize	`0x8060`
VirtualAddress	`0xe33000`
SizeOfRawData	`0x8200`
PointerToRawData	`0xe2c600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.43944`

Imports

kernel32.dll	`LoadLibraryA` `GetCurrentThreadId` `ReleaseSRWLockExclusive` `AcquireSRWLockExclusive` `WakeAllConditionVariable` `SleepConditionVariableSRW` `LoadLibraryW` `GetSystemTimeAsFileTime` `FlsAlloc` `GetModuleHandleW` `FlsGetValue` `FlsSetValue` `FlsFree` `FindNextFileW` `GetTempPathW` `SetWaitableTimer` `CreateWaitableTimerExW` `GetConsoleOutputCP` `WriteConsoleW` `MultiByteToWideChar` `SetEnvironmentVariableW` `DeleteFileW` `DeviceIoControl` `CreateSymbolicLinkW` `GetFinalPathNameByHandleW` `ReleaseMutex` `CreateMutexA` `WaitForSingleObjectEx` `WideCharToMultiByte` `SwitchToThread` `GetSystemInfo` `ExitProcess` `FindClose` `FindFirstFileExW` `GetCommandLineW` `GetCurrentDirectoryW` `GetCurrentThread` `SetThreadStackGuarantee` `AddVectoredExceptionHandler` `CreateDirectoryW` `GetStdHandle` `TerminateProcess` `GetExitCodeProcess` `CreateProcessW` `GetWindowsDirectoryW` `GetSystemDirectoryW` `GetEnvironmentStringsW` `GetFileInformationByHandleEx` `RtlPcToFileHeader` `RaiseException` `GetSystemTimePreciseAsFileTime` `CreateFileW` `GetCurrentProcess` `DuplicateHandle` `RtlLookupFunctionEntry` `RtlCaptureContext` `ReadFileEx` `GetCurrentProcessId` `CreateThread` `QueryPerformanceCounter` `QueryPerformanceFrequency` `HeapReAlloc` `SetFileTime` `SetFileInformationByHandle` `GetFullPathNameW` `SetLastError` `SetHandleInformation` `SleepEx` `WriteFileEx` `WaitForSingleObject` `FreeEnvironmentStringsW` `CompareStringOrdinal` `PostQueuedCompletionStatus` `ReadFile` `GetOverlappedResult` `WriteFile` `CreateIoCompletionPort` `CancelIoEx` `GetConsoleMode` `GetQueuedCompletionStatusEx` `GetFileInformationByHandle` `GetEnvironmentVariableW` `EncodePointer` `SetFileCompletionNotificationModes` `FormatMessageW` `LoadLibraryExA` `SetNamedPipeHandleState` `GetLastError` `InitializeSListHead` `SetUnhandledExceptionFilter` `DeleteCriticalSection` `RtlUnwindEx` `GetFileAttributesW` `Sleep` `GetModuleHandleA` `RtlVirtualUnwind` `GetUserDefaultUILanguage` `LCIDToLocaleName` `HeapAlloc` `FreeLibrary` `InitializeCriticalSectionEx` `LoadLibraryExW` `GetModuleFileNameW` `OutputDebugStringW` `OutputDebugStringA` `GetProcAddress` `HeapFree` `GetProcessHeap` `CloseHandle` `lstrlenW`
advapi32.dll	`RegCreateKeyTransactedW` `RegCreateKeyExW` `RegOpenKeyTransactedW` `RegOpenKeyExW` `RegQueryValueExW` `SystemFunction036` `RegGetValueW` `EventUnregister` `EventWriteTransfer` `RegCloseKey` `EventSetInformation` `EventRegister`
oleaut32.dll	`SysStringLen` `SysFreeString` `SetErrorInfo` `GetErrorInfo`
bcryptprimitives.dll	`ProcessPrng`
ntdll.dll	`NtCancelIoFileEx` `NtReadFile` `NtCreateFile` `RtlNtStatusToDosError` `NtDeviceIoControlFile` `NtOpenFile` `RtlGetVersion` `NtWriteFile` `NtCreateNamedPipeFile`
api-ms-win-core-synch-l1-2-0.dll	`WaitOnAddress` `WakeByAddressAll` `WakeByAddressSingle`
user32.dll	`GetRawInputData` `AdjustWindowRect` `RedrawWindow` `RegisterClassExW` `CreateWindowExW` `SetWindowPos` `GetMessageA` `TranslateMessage` `DispatchMessageA` `EnumChildWindows` `IsIconic` `AdjustWindowRectEx` `IsWindow` `GetSystemMetrics` `DestroyWindow` `PostMessageW` `ClientToScreen` `InvalidateRgn` `DrawTextW` `RegisterTouchWindow` `GetWindowDC` `OffsetRect` `GetMenuBarInfo` `DestroyMenu` `TrackPopupMenu` `PostQuitMessage` `SetMenu` `SendInput` `AppendMenuW` `InsertMenuW` `DrawIconEx` `CheckMenuItem` `SetMenuItemInfoW` `CreateAcceleratorTableW` `DestroyAcceleratorTable` `DrawMenuBar` `GetMenuItemInfoW` `ReleaseCapture` `CreateMenu` `SetCursorPos` `InvalidateRect` `CreateIcon` `SystemParametersInfoA` `SetCapture` `GetMenu` `IsWindowVisible` `ClipCursor` `GetClipCursor` `ShowCursor` `SetWindowLongW` `EnableMenuItem` `GetSystemMenu` `SetForegroundWindow` `EnumDisplayMonitors` `MonitorFromPoint` `RemoveMenu` `SetWindowTextW` `GetWindowTextW` `GetWindowTextLengthW` `SetWindowDisplayAffinity` `DestroyIcon` `MsgWaitForMultipleObjectsEx` `RegisterRawInputDevices` `RegisterWindowMessageA` `GetWindow` `SetParent` `MapWindowPoints` `UpdateWindow` `GetForegroundWindow` `SetFocus` `CreatePopupMenu` `GetMessageW` `ShowWindow` `ReleaseDC` `IsProcessDPIAware` `DispatchMessageW` `GetActiveWindow` `GetDC` `GetWindowRect` `SetWindowLongPtrW` `GetParent` `GetWindowLongPtrW` `FindWindowExW` `SetWindowRgn` `IsWindowEnabled` `MapVirtualKeyW` `TrackMouseEvent` `GetTouchInputInfo` `CloseTouchInputHandle` `ToUnicodeEx` `MapVirtualKeyExW` `GetKeyState` `GetAsyncKeyState` `GetKeyboardState` `GetKeyboardLayout` `FlashWindowEx` `SetPropW` `SystemParametersInfoW` `FillRect` `GetMonitorInfoW` `MonitorFromRect` `MonitorFromWindow` `GetCursorPos` `GetClientRect` `GetWindowLongW` `ScreenToClient` `SendMessageW` `GetUpdateRect` `ValidateRect` `TranslateAcceleratorW` `SetCursor` `LoadCursorW` `GetWindowPlacement` `SetWindowPlacement` `PeekMessageW` `ChangeDisplaySettingsExW` `DefWindowProcW` `PostThreadMessageW` `EnableWindow`
gdi32.dll	`SelectObject` `CreateDIBSection` `CreateCompatibleDC` `SetBkMode` `CombineRgn` `BitBlt` `GetDeviceCaps` `CreateSolidBrush` `CreateRectRgn` `DeleteObject` `SetTextColor` `DeleteDC`
comctl32.dll	`DefSubclassProc` `RemoveWindowSubclass` `TaskDialogIndirect` `SetWindowSubclass`
shell32.dll	`DragQueryFileW` `ShellExecuteExW` `SHOpenFolderAndSelectItems` `SHGetKnownFolderPath` `DragFinish` `SHAppBarMessage` `ShellExecuteW` `ILFree` `ILCreateFromPathW`
ws2_32.dll	`WSAStartup` `WSACleanup` `getpeername` `getsockname` `getsockopt` `WSASend` `freeaddrinfo` `connect` `recv` `send` `getaddrinfo` `WSASocketW` `bind` `shutdown` `setsockopt` `WSAIoctl` `ioctlsocket` `closesocket` `WSAGetLastError`
secur32.dll	`FreeContextBuffer` `InitializeSecurityContextW` `AcceptSecurityContext` `ApplyControlToken` `EncryptMessage` `DecryptMessage` `QueryContextAttributesW` `DeleteSecurityContext` `AcquireCredentialsHandleA` `FreeCredentialsHandle`
crypt32.dll	`CertAddCertificateContextToStore` `CertOpenStore` `CertCloseStore` `CertGetCertificateChain` `CertVerifyCertificateChainPolicy` `CertEnumCertificatesInStore` `CertDuplicateCertificateChain` `CertFreeCertificateChain` `CertDuplicateStore` `CertFreeCertificateContext` `CertDuplicateCertificateContext`
bcrypt.dll	`BCryptGenRandom`
ole32.dll	`OleInitialize` `RegisterDragDrop` `CoCreateFreeThreadedMarshaler` `CoTaskMemFree` `CoTaskMemAlloc` `CoInitializeEx` `RevokeDragDrop` `CoInitialize` `CoUninitialize` `CoCreateInstance`
dwmapi.dll	`DwmGetWindowAttribute` `DwmSetWindowAttribute` `DwmEnableBlurBehindWindow`
shlwapi.dll	`SHCreateMemStream`
api-ms-win-crt-math-l1-1-0.dll	`roundf` `trunc` `__setusermatherr` `pow` `floor` `round`
api-ms-win-crt-string-l1-1-0.dll	`strcpy_s` `wcscmp` `_wcsicmp` `wcslen`
api-ms-win-crt-convert-l1-1-0.dll	`wcstol` `_ultow_s` `_wtoi`
api-ms-win-crt-runtime-l1-1-0.dll	`_exit` `_initialize_narrow_environment` `_c_exit` `__p___argv` `__p___argc` `_register_thread_local_exe_atexit_callback` `_configure_narrow_argv` `exit` `_initterm_e` `_seh_filter_exe` `_initterm` `abort` `_cexit` `_get_initial_narrow_environment` `_set_app_type` `_initialize_onexit_table` `_register_onexit_function` `terminate` `_crt_atexit`
api-ms-win-crt-stdio-l1-1-0.dll	`_set_fmode` `__p__commode`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`
api-ms-win-crt-heap-l1-1-0.dll	`_set_new_mode` `free` `malloc` `_callnewh` `calloc`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x911`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.80183`
Detected Filetype	PNG graphic file
MD5	`d26fabd1f2348f498256015e18f6e6c7`
SHA1	`1928c66d948d28ba84fd7ea26afa857bff359a41`
SHA256	`246d8da3c59fefc7fef4a2e373118181bab78ffd71902042399384fa9f5c46ba`
SHA3	`4c40b0ebd090e90639585746868b9b66b1b699ea26ca1ef4ec0d1f086dfb11d2`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x318`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.50269`
Detected Filetype	PNG graphic file
MD5	`a15351a2ffae3283798174d05fd284f3`
SHA1	`25e40fa81741c501771f7ea13c35ac070f0dad28`
SHA256	`a0c4463e4f8770a767bc3d223a706f5f0a7d095259194155c0970d7fb1000a7d`
SHA3	`0602065f8bacc8bc4e51a7e46fbfe2b1397711aee897fa02db44ac708a58f548`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5e6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.76928`
Detected Filetype	PNG graphic file
MD5	`7899f1b29bf04ef2f00452d71be7ebf3`
SHA1	`bdbf5c21d45707324040026f505afb4f7320b818`
SHA256	`70225643779cdc77c8611759f5291b2dd81f0f945e68b15254c563ff76baeb69`
SHA3	`3e6b06b026f501c564ee0d786be7cdfeba36ff777c6cb6e7b1a181cc57d67c2e`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd08`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.80117`
Detected Filetype	PNG graphic file
MD5	`bc65faa81ff359b74ab3de7ef08043ef`
SHA1	`8e2f16bb67a18a1924e326525ed9bf7e2869dbe0`
SHA256	`785020ae9abe7919ea3ed8814ed1bd56414a1c2ba2a3669124c6a6cec88f4917`
SHA3	`784bdcc979a726ccbc998ecd36cdcda8ea33664ad731abb2d2e8031dcc8ff469`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x139e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.85315`
Detected Filetype	PNG graphic file
MD5	`41a1f14a948f73a7e1d1b2f7da584784`
SHA1	`18c5b397cb3fb2c6fc3da498058699519caf4f29`
SHA256	`b92dcf61b1f44169ac1a1649eae805c24054fb139cd0a7821a55d7de4c1272bb`
SHA3	`c4192db5bc3e4ec52016108e58e49453f50db4daf593d1b00d8b6222345c6953`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x47a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96985`
Detected Filetype	PNG graphic file
MD5	`e2bb7bf337338e9e0140f7dfebb34828`
SHA1	`f8e174723291ea6887c7057c76cb70a093f09034`
SHA256	`6b579cd9938e6e953856b64d1bd2ac82e16ee52c3d17cd1818249974e7697251`
SHA3	`93896ab5312a547dc238f19d1f3ab62ced9ae0fa97735b5010f7feb7307ed402`

32512

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79371`
Detected Filetype	Icon file
MD5	`2b84c6450cf0adcfac4a3de811712975`
SHA1	`c7e838db3c17c7083a00e5f62f1af218193e3011`
SHA256	`b1ce40348b9049584c50b7fc4600ed0fd24fe6e51f09f901d318e5b332227e3c`
SHA3	`c395e6606c7ac8612cee6101ccbcc776e3c8955aa2e1ed2a591314a220e3dc93`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x24c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26992`
MD5	`b8ff42f7e2e35ddf0bf996d8b1fb5fe8`
SHA1	`a4655ad566e9824a384b648d4b6204949baf7ea1`
SHA256	`5320d334c53c08f09cf364d94162c7c9b1235687bd60251736a7177422252143`
SHA3	`d87414b38723487ce8d73779c79bb26784d2a3a0c79da14074f00915417c5e1b`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96056`
MD5	`01e4c8c046a47771f13cd120b53303e7`
SHA1	`2a4224d31c916a5cff4f2636a3cb47fdd84a5cc9`
SHA256	`b1cb832f790c153aa0e9a66f76e75460263cf1d41971d2dbcc9a4d87ec18b7d8`
SHA3	`680120ec819e7ba66519d9a8a3e446973c4cb28aa0146c91cceaa8c8fadc90ae`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.1.0.0
ProductVersion	0.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	holasoyender
FileDescription	Disactivity
FileVersion (#2)	0.1.0
LegalCopyright	Copyright Â© 2026 holasoyender
ProductName	Disactivity
ProductVersion (#2)	0.1.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Apr-21 17:19:38
Version	`0.0`
SizeofData	`40`
AddressOfRawData	`0xbb7acc`
PointerToRawData	`0xbb62cc`
Referenced File	disactivity.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Apr-21 17:19:38
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0xbb7af4`
PointerToRawData	`0xbb62f4`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Apr-21 17:19:38
Version	`0.0`
SizeofData	`1068`
AddressOfRawData	`0xbb7b08`
PointerToRawData	`0xbb6308`

TLS Callbacks

StartAddressOfRawData	`0x140bb7f80`
EndAddressOfRawData	`0x140bb8194`
AddressOfIndex	`0x140dac130`
AddressOfCallbacks	`0x1408f2d18`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_8BYTES`
Callbacks	`0x000000014089B1E0`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140da9bc0`

RICH Header

XOR Key	`0xadff5978`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`14`
ASM objects (35403)	`9`
C objects (35403)	`13`
C++ objects (35403)	`46`
Total imports	`503`
C objects (35728)	`12`
Unmarked objects (#2)	`741`
Resource objects (35728)	`1`
Linker (35728)	`1`

Errors

Leave a comment

No comments yet.