Manalyze report for 2dda7132aaf5734976920c4747ebc73abc748f69d5cfe1e29d38038f17eddb7b

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Jan-18 10:10:35
Detected languages	English - United States
CompanyName	MICROSOFT
FileVersion	`2,1,3,0`
ProductName	DLLHOST
InternalName	DLL
ProductVersion	`5.3.2.0`

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig2(h)`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Can create temporary files: CreateFileA GetTempPathA` `Can take screenshots: GetDC CreateCompatibleDC BitBlt`
Suspicious	The PE is possibly a dropper.	`Resource E2B430437C1E8650D5C6499E6FF4073D is possibly compressed or encrypted.` `Resource F12123178B2C18D38244FADB201A4C56 is possibly compressed or encrypted.` `Resources amount for 98.0705% of the executable.`
Malicious	VirusTotal score: 27/68 (Scanned on 2026-03-30 11:24:46)	`APEX: Malicious` `Antiy-AVL: Trojan[Downloader]/Win32.Betload` `Bkav: W32.AIDetectMalware` `CTX: exe.trojan.generic` `CrowdStrike: win/malicious_confidence_90% (W)` `Cynet: Malicious (score: 100)` `DeepInstinct: MALICIOUS` `Elastic: malicious (high confidence)` `Fortinet: W32/PossibleThreat` `Gridinsoft: Crack.Win32.AutoKMS.cc!s2` `Kingsoft: malware.kb.a.998` `Lionic: Trojan.BAT.Agent.tnKf` `Malwarebytes: Malware.AI.1173398321` `MaxSecure: Trojan.Malware.8328611.susgen` `McAfeeD: Real Protect-LS!74EDA110E0E3` `Paloalto: generic.ml` `Sangfor: Trojan.Win32.Save.a` `SentinelOne: Static AI - Malicious PE` `Skyhigh: BehavesLike.Win32.Dropper.wc` `Sophos: Generic ML PUA (PUA)` `Trapmine: malicious.high.ml.score` `TrellixENS: Artemis!74EDA110E0E3` `VBA32: BScope.Trojan.MulDrop` `Varist: W32/Trojan.ICI.gen!Eldorado` `Webroot: W32.Trojan.Gen` `Xcitium: Malware@#193s1civ49b7z` `Zoner: Trojan.Win32.61412`

Hashes

MD5	`74eda110e0e3468ba464c19515468ebf`
SHA1	`2bcf3a8b5719e1b183bf6aa8fe3a592b1a129bac`
SHA256	`2dda7132aaf5734976920c4747ebc73abc748f69d5cfe1e29d38038f17eddb7b`
SHA3	`76c73baded074692aff8cb121c92916ecd6b418629da0374d64d692505ac1648`
SSDeep	`49152:lwytz0CH4c6bwKuItvMhE4rCHM6x6xa9tPMqp35+I57aBcIqO6szzh7J8GyEu0:RZH4vNFUCUa3PT5+u7+jVzzdJs0`
Imports Hash	`47b0da2d13e0214f54c3bd05550e8319`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2017-Jan-18 10:10:35
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0xea00`
SizeOfInitializedData	`0x36da00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00001000 (Section: .code)`
BaseOfCode	`0x1000`
BaseOfData	`0x11000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x380000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.code

MD5	`fcac6494dcc5d68e347fb1645b3dc5e3`
SHA1	`1d7b2cd3363451b7edb3a4a619adda955924c2f5`
SHA256	`be20d4a567eb3a2a801b8554a621b42345d1df6af24d12069ed91ff879a99999`
SHA3	`72511c2b587a2b53b1351e25b4d7767705649a48365c7912b79793132a117d51`
VirtualSize	`0x3589`
VirtualAddress	`0x1000`
SizeOfRawData	`0x3600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.22964`

.text

MD5	`a166dd595c84d03f0a22b43db95f8672`
SHA1	`5da7f0fb9c39293e259e2e830385773396aeb73a`
SHA256	`508a251edf93920605bb7f58eca7d79ea638304704c28e12e795fe697b77a72a`
SHA3	`ccd2013d07adf1b57d1cf1e64f3651624c1012a09193d75d6bfdb8843ca3642d`
VirtualSize	`0xb3d1`
VirtualAddress	`0x5000`
SizeOfRawData	`0xb400`
PointerToRawData	`0x3a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.58985`

.rdata

MD5	`4770f66539d1d3273544f30fbf101075`
SHA1	`9a22e1444952e89be739524942c6e1ab502b64ed`
SHA256	`768ddd2fbf53545358b690b11a0398ddbd34207aa56105ad0ed3fb44c8b31874`
SHA3	`235cedcda656947316291434d1b0a55d767eedbf709524f870d17f47a01b07c0`
VirtualSize	`0x986`
VirtualAddress	`0x11000`
SizeOfRawData	`0xa00`
PointerToRawData	`0xee00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.61506`

.data

MD5	`8ce03d5eab8aecb7084d378d74d98a3a`
SHA1	`8372be432168ef3032c51b4ac8656d8e6eb66309`
SHA256	`15f8c4cc85c768e07b010fda15584b21529e744c2a90cd36e39971f8f91aaa12`
SHA3	`e0691d2741f4075f890d8d18bb26c495b144a5baabd1d23164b080a0aca48adc`
VirtualSize	`0x1bd8`
VirtualAddress	`0x12000`
SizeOfRawData	`0x1600`
PointerToRawData	`0xf800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.4382`

.rsrc

MD5	`a43fe956180c6d65555bb0d9b66ff48f`
SHA1	`07715e9a0edce86232eb5ca84c815d13a1fed973`
SHA256	`75f3d769b79e9404f485bbfa77cef2a41cee874b2b8512f57873a9d8a42b4486`
SHA3	`868d3d6e181a1ff34558ef2a1cf0dbee69fa3feb8ab11b6629d5ed207637f869`
VirtualSize	`0x36b9f4`
VirtualAddress	`0x14000`
SizeOfRawData	`0x36ba00`
PointerToRawData	`0x10e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.96556`

Imports

MSVCRT.dll	`memset` `strncmp` `memmove` `strncpy` `strstr` `_strnicmp` `_stricmp` `strlen` `strcmp` `memcpy` `sprintf` `fabs` `ceil` `malloc` `floor` `free` `fclose` `strcpy` `tolower`
KERNEL32.dll	`GetModuleHandleA` `HeapCreate` `HeapDestroy` `ExitProcess` `RemoveDirectoryA` `GetExitCodeProcess` `GetTempFileNameA` `GetCommandLineA` `GetNativeSystemInfo` `FindResourceA` `LoadResource` `SizeofResource` `GetShortPathNameA` `GetWindowsDirectoryA` `GetSystemDirectoryA` `HeapAlloc` `HeapFree` `Sleep` `LoadLibraryA` `GetProcAddress` `FreeLibrary` `GetCurrentThreadId` `GetCurrentProcessId` `CloseHandle` `InitializeCriticalSection` `GetModuleFileNameA` `GetEnvironmentVariableA` `SetEnvironmentVariableA` `CreateFileA` `ReadFile` `WriteFile` `SetFilePointer` `DeleteFileA` `GetFileSize` `HeapReAlloc` `GetCurrentProcess` `TerminateProcess` `SetUnhandledExceptionFilter` `EnterCriticalSection` `LeaveCriticalSection` `GetVersionExA` `SetLastError` `HeapSize` `TlsAlloc` `CreateDirectoryA` `GetTempPathA` `SetFileAttributesA` `GetCurrentDirectoryA` `SetCurrentDirectoryA` `DeleteCriticalSection` `MultiByteToWideChar` `WideCharToMultiByte`
USER32.DLL	`CharUpperA` `CharLowerA` `MessageBoxA` `SendMessageA` `PostMessageA` `GetWindowThreadProcessId` `IsWindowVisible` `GetWindowLongA` `GetForegroundWindow` `IsWindowEnabled` `EnableWindow` `EnumWindows` `SetWindowPos` `DestroyWindow` `GetDC` `GetWindowTextLengthA` `GetWindowTextA` `SetRect` `DrawTextA` `GetSystemMetrics` `ReleaseDC` `GetSysColor` `GetSysColorBrush` `CreateWindowExA` `CallWindowProcA` `SetWindowLongA` `SetFocus` `RedrawWindow` `RemovePropA` `DefWindowProcA` `SetPropA` `GetParent` `GetPropA` `GetWindow` `SetActiveWindow` `UnregisterClassA` `DestroyAcceleratorTable` `LoadIconA` `LoadCursorA` `RegisterClassA` `AdjustWindowRectEx` `ShowWindow` `CreateAcceleratorTableA` `PeekMessageA` `MsgWaitForMultipleObjects` `GetMessageA` `GetActiveWindow` `TranslateAcceleratorA` `TranslateMessage` `DispatchMessageA` `GetFocus` `GetClientRect` `FillRect` `EnumChildWindows` `DefFrameProcA` `GetWindowRect` `IsChild` `GetClassNameA` `GetKeyState` `DestroyIcon` `RegisterWindowMessageA`
GDI32.DLL	`GetStockObject` `SelectObject` `SetBkColor` `SetTextColor` `GetTextExtentPoint32A` `CreateSolidBrush` `DeleteObject` `GetObjectA` `CreateCompatibleDC` `GetDIBits` `DeleteDC` `GetObjectType` `CreateDIBSection` `BitBlt` `CreateBitmap` `SetPixel`
COMCTL32.DLL	`InitCommonControlsEx`
OLE32.DLL	`CoInitialize` `CoTaskMemFree` `RevokeDragDrop`
SHELL32.DLL	`ShellExecuteExA`
WINMM.DLL	`timeBeginPeriod`
SHLWAPI.DLL	`PathQuoteSpacesA` `PathAddBackslashA` `PathRemoveArgsA` `PathGetArgsA` `PathRenameExtensionA` `PathUnquoteSpacesA`

Delayed Imports

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.96121`
MD5	`1d2034eed09ea77e21c29e4f48e8c7c3`
SHA1	`8db48d72a60e9b23d119e30c386627b90d4c64e1`
SHA256	`8dc62d859ea6a4089fe072245fcd4f362100218b0f6da9b4c97d71309516ed93`
SHA3	`b6a85d611aa146c6af97343edd93556007d940f4a055372edb1e1767ead8e0ea`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.78947`
MD5	`1a0fe18075e9d8912f7a07c8a6cf9e1a`
SHA1	`09084e4f67166bc8fcc3768fd83057568720757c`
SHA256	`8c83948d308298904c48422a3aaa2a58d92c359d02f0870001294d36037c8fa7`
SHA3	`f25273bfb3969a952703cd8b3976d5a279d0f3d4ff71e3063fb22f247cc0d375`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.54878`
MD5	`9c2e869964d43927314a4744a2646b9b`
SHA1	`bc91f34704fb7e46198cb44ee86f6ea6dd574026`
SHA256	`c9a2ba2a9c65a348614217f10640df840c918f9315f8dd139e2a2a2b766c9576`
SHA3	`72b54da262838fb1f58022ca0a62a86a198877191279dd57dde448a466f60520`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.93813`
MD5	`1fef62f18aca6b6396597e2252d2b849`
SHA1	`4412b87c29547fde2f51a838ac07bf01b548d9c4`
SHA256	`b0c2c487ca9309e4b02b610e0350ead28053d4eacacfad724d1c310dd0790438`
SHA3	`89695f835ef5ee306e6c237af92666a38088dce034394e9ca870e2e7c7e6d2a1`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.67048`
MD5	`2f113890d584bbfecbd45a687c38f605`
SHA1	`27a594d58d1312f19b4a4c421bffde69c99c58a0`
SHA256	`6188bc4b79bde8068a677488dc10315e58e67a6540fa01e1cddc9d78b9d87f3f`
SHA3	`3eabf6645caf5c62f5fb117cff709741d416a5b1c8ff5e40380e89ccec4503bc`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x5488`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50262`
MD5	`41f323bf65ac5e1f4cd43e723a6b8f20`
SHA1	`4138135e633e5841fd50dc03e7eddd0c4fdb0c19`
SHA256	`be84dac4db067258ea722374040e9a36bd519beb81380ed89469cb58567b0b63`
SHA3	`c424953ee7111b97f51d49b680d3878d1403c47814c90d72a50c986780752563`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.24001`
MD5	`9a4cacd0a1aa078ec7ae51e556e7d46b`
SHA1	`d56214b06d8c681393438d6f51eee1b18b9eef98`
SHA256	`9f919aa0b14eab5d5f8299aa6c770d42e76cc3b7fc74bbf266c1c6bf41a2dde2`
SHA3	`875ec1d25b1a4917d1c8c0e12b8bad452c2163d3cebf49709242048e79dce9f2`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.94439`
MD5	`c1566e1bc5d4076658a2df5ffc1e1d4b`
SHA1	`bda3bf80b75be608399503694c65aafbe6889fa1`
SHA256	`234589c4789cf3651fa68d9f562c113806fadd8e3fe83ec2f0be39fa577d820b`
SHA3	`c86bb438e31914ae9a978576f12fe94ef19ff375d26850685cea9a588e358b99`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0xade9`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98862`
Detected Filetype	PNG graphic file
MD5	`b3ad150987efe65379c7a5df95853eac`
SHA1	`c797e32856e8fef9f6ec8fe9954872fd654efb79`
SHA256	`cd7cd17ea16347d437543620ee94e7658dad7a322f79d9d05afc05ce11282265`
SHA3	`ab456f286764cc1a3387cf64edeb3010030985632b6fdcbd8cb8a40a9cec90bc`

1AB012FC1A0106F884168361C7B1811D

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x18`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.50163`
MD5	`521d68b78ff98fe836a341f155c107a3`
SHA1	`b700b024f34980952b0bab2bb56d549e20fbc41c`
SHA256	`1e9d9ffcc16268095a785ec2c24a225a4fa53aa1742c4bb3a17db118747b60dc`
SHA3	`e993505b3ee0b35ef313594bef541e1d26ea23016cb7ada99e4bf55c33b43115`

461177063DA7869EFEABE28371D8BA93

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.918296`
MD5	`8871f7fbe3f06cd7e5f97a25697bf6fc`
SHA1	`0112a852da125aded6bebc5b6c6464e91bcd20b4`
SHA256	`413732deed5b11cae7c255ecb06978e123a8a120496ea079daf4bf48af4aab54`
SHA3	`b6b2ced55ff2b4823819ca79ed5b60d3ad38da9971d1f66ff8831a0bb2c0fd9c`

46E1B009B86983D180553F6AD1124ABD

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x20`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.54284`
MD5	`7868449b4b756563c08c743b20a921ff`
SHA1	`cd7481b57c0675568f73cba68bd9cb4a40b65c48`
SHA256	`85d0ba9ad7f117d418d6830c5765a78b007c257107e70df272413cd5efdef587`
SHA3	`413085a8dd262a312490536ab4d01091c34c530b618688845dfdf064e379819c`

98F56E433613C844FB30A555D398C070

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.5433`
MD5	`10fc43a7abf2a45286f01baff1bc9dea`
SHA1	`970b6458f00ecf31729a3f0e3ab5cd1ba5a02651`
SHA256	`02a9362d74e9a478ba13db94a08fc7a3ea6493b09ac04faedb2640eb75cb9522`
SHA3	`67bd22ec6f0790e7fff4e96a3248793e3c7fcdd6e0b9914d485e2075928e39c4`

E2B430437C1E8650D5C6499E6FF4073D

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x33773a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99995`
MD5	`c1292b4b82a895ce7c5a95cf0ab4a775`
SHA1	`cb9a34e0f8c84f74ff0bab3779daaf6c9465cc46`
SHA256	`7b4844e075f12ab2310d65b7316f369c7d5e0300488581d8c50db1aa31fedbab`
SHA3	`92d361a0e99156298dbb188d56adb93de2055548d9edb62a56e41128d2ac3235`

F12123178B2C18D38244FADB201A4C56

Type	`RT_RCDATA`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1235`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96051`
MD5	`2a7b6e60d01f5a010d090a79e1f269f9`
SHA1	`bac3a3cd2609fc56bbe5c4e98945f979068c9aa9`
SHA256	`8a45cd38eefe4ae8b03869e2e3d4a2feba66d807249fdd7c15631dfcf92a2011`
SHA3	`dced9e5988466b517034cd3d8adc42f0faf195f34aae9248dd6a425fef7cac4c`

1 (#2)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03466`
Detected Filetype	Icon file
MD5	`4f488d0d21bb1dca4701c99804d427f4`
SHA1	`7c2e26d4793e465b501d2236c3eaaa0b350871ae`
SHA256	`0b0ddbf5b2d65584c16780798b5de86c0e726482575d8ed1df895a82d8948a29`
SHA3	`c20649b46d3c5600142509d27852fd41a86013bbd5ede8514a2434e362ca55fd`

1 (#3)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x1cc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.30507`
MD5	`fd5240013aac10ae332700f47dd5093e`
SHA1	`87bda7d1a9d2ec40ed9219e71ebadef9e3fb07fb`
SHA256	`db62565c2ece9435a51154e2bec2d604c2a9cd40dc798077a0635104fdfb74f8`
SHA3	`703172d2be4a131e20af33f2a58bf34e6804ba4537ea2d7ba7134f0ab37ef055`

1 (#4)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	Latin 1 / Western European
Size	`0x2a0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.08821`
MD5	`ffd3b06250ba95d239365ef050b3627b`
SHA1	`16e3981245d8dbd44f33d93b203c02a44f3c2b95`
SHA256	`1c3703755b6e9a690e8eafaa0cc318f667cd5d4c06935b6e3cd07296df9e9dcd`
SHA3	`2c6baa84c172762978837565c2b2ed4f7716c0edaab79bda3a3ef74724426773`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.1.3.0
ProductVersion	5.3.2.0
FileFlags	`VS_FF_DEBUG` `VS_FF_PRERELEASE` `VS_FF_PRIVATEBUILD`
FileOs	`VOS_DOS` `VOS_DOS_WINDOWS16` `VOS_DOS_WINDOWS32` `VOS_OS232` `VOS_OS232_PM32` `VOS_WINCE` `VOS__PM32` `VOS__WINDOWS16`
FileType	`VFT_APP`
Language	English - United States
CompanyName	MICROSOFT
FileVersion (#2)	2,1,3,0
ProductName	DLLHOST
InternalName	DLL
ProductVersion (#2)	5.3.2.0

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors

Leave a comment

No comments yet.