| Architecture |
IMAGE_FILE_MACHINE_AMD64
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date |
1970-Jan-01 00:00:00
|
| Detected languages |
Chinese - Taiwan
|
| TLS Callbacks |
2 callback(s) detected.
|
| ProductName |
Folder Launcher
|
| FileDescription |
Lists folder launcher with sortable columns and export to text
|
| Comments |
Lists folder launcher with sortable columns and export to text
|
| CompanyName |
Yarrow Point Desktop Labs
|
| FileVersion |
5.3.2971.361
|
| ProductVersion |
5.3.2971.361
|
| Suspicious |
PEiD Signature: |
XWD graphics format
HQR data file
|
| Info |
Interesting strings found in the binary: |
Contains domain names:
|
| Info |
Cryptographic algorithms detected in the binary: |
Uses constants related to SHA256
Uses constants related to SHA512
Uses constants related to AES
|
| Suspicious |
The PE is possibly packed. |
Unusual section name found: .xdata
|
| Suspicious |
The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
- GetProcAddress
- LoadLibraryA
- LoadLibraryExW
Functions which can be used for anti-debugging purposes:
Memory manipulation functions often used by packers:
- VirtualAlloc
- VirtualProtect
|
| Info |
The PE is digitally signed. |
Signer: Folder Launcher
Issuer: Folder Launcher
|
| Malicious |
VirusTotal score: 7/70 (Scanned on 2026-06-12 03:04:18) |
Bkav:
W32.Malware.FB667BDD
ESET-NOD32:
Win64/Agent.JUM trojan
Elastic:
malicious (moderate confidence)
Kaspersky:
VHO:Trojan.Win64.DLLhijack.gen
Microsoft:
Trojan:Win32/Wacatac.B!ml
Rising:
Trojan.DLLhijack!8.1B50 (TFE:5:8E0C2eaMorT)
Trapmine:
malicious.high.ml.score
|
| MD5 |
42982b76aa2d7c96f081542547776dd2
|
| SHA1 |
b7ac00aec2a54f0f7139283d0c98f74ff4aeb155
|
| SHA256 |
2f2e6e45945ef45dc34f4b9d513a4739ef5427b0f32c7929513eaae552ac80cc
|
| SHA3 |
6a0846b0daedbc90db99733b8da3ea14b6d67191f454d098e00802f55fa3fe60
|
| SSDeep |
98304:Xy1G5EVhS4bvs4mNhCB/HwgPrFsPW0AyMT+CrP3jKr:X1uV04b+hCRPZwpMaCrPWr
|
| Imports Hash |
f604c1c3e882e6a725b213d7fdcb6bc5
|
| e_magic |
MZ
|
| e_cblp |
0x90
|
| e_cp |
0x3
|
| e_crlc |
0
|
| e_cparhdr |
0x4
|
| e_minalloc |
0
|
| e_maxalloc |
0xffff
|
| e_ss |
0
|
| e_sp |
0xb8
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x80
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_AMD64
|
| NumberofSections |
12
|
| TimeDateStamp |
1970-Jan-01 00:00:00
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xf0
|
| Characteristics |
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
|
| Magic |
PE32+
|
| LinkerVersion |
2.0
|
| SizeOfCode |
0xe1000
|
| SizeOfInitializedData |
0x4b3e00
|
| SizeOfUninitializedData |
0x204ae00
|
| AddressOfEntryPoint |
0x00000000000012EF (Section: .text)
|
| BaseOfCode |
0x1000
|
| ImageBase |
0x2ce800000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
6.1
|
| ImageVersion |
0.0
|
| SubsystemVersion |
6.1
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x25e6000
|
| SizeOfHeaders |
0x400
|
| Checksum |
0x5a4945
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve |
0x200000
|
| SizeofStackCommit |
0x1000
|
| SizeofHeapReserve |
0x100000
|
| SizeofHeapCommit |
0x1000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
eef1e31e91cbcfbbd938f94261fd5b73
|
| SHA1 |
31f3ee1ec209c93f5078526360607607a93185eb
|
| SHA256 |
4a9ba2c5a7f76ea1972b4808b8207e65d4a4da8b22336224aaf77568f7895d48
|
| SHA3 |
d51958d94e9db1828b4a82518d9cd4a441e23961697bd12e03e974d5ea3e30d1
|
| VirtualSize |
0xe0e30
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0xe1000
|
| PointerToRawData |
0x400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
6.29818
|
| MD5 |
53362f102152f084468a0755f2fac41e
|
| SHA1 |
79d846181dd4153a993dc51a82828707ec9b07eb
|
| SHA256 |
6f762682f50133d71ab160a21848b78ea1cfbe2379db49022da8a154877056d0
|
| SHA3 |
273fdb6593325b11e2389f7663b80b41aba220da8c5df0101b2f6fe6848b3594
|
| VirtualSize |
0x38bed0
|
| VirtualAddress |
0xe2000
|
| SizeOfRawData |
0x38c000
|
| PointerToRawData |
0xe1400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
7.98861
|
| MD5 |
82e94dcc7dde6a68af4b867e5b34ee82
|
| SHA1 |
60f5aeb94e5c67ba0a9e73cc8b65652c6038ddc4
|
| SHA256 |
449d6630eb433986ee0c68524eb4677cf5ff825cc006c314b4de934ddf9b704e
|
| SHA3 |
8c0cbb99db61ec0d58be9e90e6913d4ad774fe73dfe9116157246dffe301dc8e
|
| VirtualSize |
0x111600
|
| VirtualAddress |
0x46e000
|
| SizeOfRawData |
0x111600
|
| PointerToRawData |
0x46d400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
5.55887
|
| MD5 |
bf619eac0cdf3f68d496ea9344137e8b
|
| SHA1 |
5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5
|
| SHA256 |
076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560
|
| SHA3 |
622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59
|
| VirtualSize |
0x4
|
| VirtualAddress |
0x580000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x57ea00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0
|
| MD5 |
4b98e705bb08b640184c3c664b1a8d42
|
| SHA1 |
8b19627f657b1b7d5656c0d59e84b309ff687309
|
| SHA256 |
a79740969911e491fa1de93ce15d8796ab8a656128aa9bcab8cffe9686ddcbb7
|
| SHA3 |
c257df74293eb21080bb4c98fc2917ccd6915e70614bac402b55908f499f1b2e
|
| VirtualSize |
0x6240
|
| VirtualAddress |
0x581000
|
| SizeOfRawData |
0x6400
|
| PointerToRawData |
0x57ec00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
5.33558
|
| MD5 |
82e958f1db33d67d1ef887b4d7a330e6
|
| SHA1 |
862665290983925cebb6f5b78083b1b51762771c
|
| SHA256 |
5fa5aefc60599ebf274a7bb655072eae93aa36fd2be30bb4914f621f8dcc8291
|
| SHA3 |
75c855af66e102f83a5714c93a2c93895c14a173cbf43b649e276426e6cc1158
|
| VirtualSize |
0x364
|
| VirtualAddress |
0x588000
|
| SizeOfRawData |
0x400
|
| PointerToRawData |
0x585000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
3.51521
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0x204add0
|
| VirtualAddress |
0x589000
|
| SizeOfRawData |
0
|
| PointerToRawData |
0
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| MD5 |
dab8c0480a739fc21b488392e60e2454
|
| SHA1 |
2ca81111d066df9c21ec59370367a200eed594d8
|
| SHA256 |
cf6beb47e8fbbe1955b9116a9e1c185eeba41d827f4a228b79291a87cf0e891a
|
| SHA3 |
5b3edae7890d931bd0b7c20b458f659f66739aedab34d1091e66816999782b70
|
| VirtualSize |
0xf9
|
| VirtualAddress |
0x25d4000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x585400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
2.91312
|
| MD5 |
e300581d14511b356804d247a1eb6228
|
| SHA1 |
c170fc63c3339ba698a45dc8fa5f8efdbffade71
|
| SHA256 |
e444a2e328879e6dd76cbdaada68819b4a57fadadd86097730dde4cfd861b914
|
| SHA3 |
995f86ca7716043244588ca3b8891632d92210eb506b4b9e92856b38e0c391ed
|
| VirtualSize |
0xd48
|
| VirtualAddress |
0x25d5000
|
| SizeOfRawData |
0xe00
|
| PointerToRawData |
0x585600
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
4.6119
|
| MD5 |
bf619eac0cdf3f68d496ea9344137e8b
|
| SHA1 |
5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5
|
| SHA256 |
076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560
|
| SHA3 |
622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59
|
| VirtualSize |
0x10
|
| VirtualAddress |
0x25d6000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x586400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0
|
| MD5 |
69f21944268fd1bda4aa90185b0eba07
|
| SHA1 |
0efb42de4f07d1ca2a2a7e1194f3854420970ca4
|
| SHA256 |
cfba80b718be0fe8b65003cb33f23569bb3b1b7641c21430c44efbc5b34d728e
|
| SHA3 |
0c94fe656eaaf4b3a9bdb6784131888888cb4b0e77aa3ecc26e04087b396997c
|
| VirtualSize |
0x4ac8
|
| VirtualAddress |
0x25d7000
|
| SizeOfRawData |
0x4c00
|
| PointerToRawData |
0x586600
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
5.42125
|
| MD5 |
c59e2ea16f9e85597a1d47ec7ec98e49
|
| SHA1 |
fbbd4a8180fb2b49eae97dc245965b828a797a99
|
| SHA256 |
a2cebd1ba0c692b2ca4b738aa0a2fa78071ea5f1c5b06a02b21d12c59834e0ff
|
| SHA3 |
62854eb61528f4b7b193df0d21cbaf69e3e290f99c9b670f3d7ea5d6a92073f9
|
| VirtualSize |
0x9f09
|
| VirtualAddress |
0x25dc000
|
| SizeOfRawData |
0xa000
|
| PointerToRawData |
0x58b200
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
7.73483
|
| KERNEL32.dll |
AddVectoredContinueHandler
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateIoCompletionPort
CreateThread
CreateWaitableTimerExW
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsW
FreeLibrary
GetConsoleMode
GetCurrentThreadId
GetEnvironmentStringsW
GetErrorMode
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatusEx
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetThreadContext
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
PostQueuedCompletionStatus
QueryPerformanceCounter
RaiseFailFastException
ResumeThread
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetProcessPriorityBoost
SetThreadContext
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WerGetFlags
WerSetFlags
WriteConsoleW
WriteFile
|
| api-ms-win-crt-heap-l1-1-0.dll |
calloc
free
malloc
|
| api-ms-win-crt-private-l1-1-0.dll |
memcpy
|
| api-ms-win-crt-runtime-l1-1-0.dll |
_execute_onexit_table
_exit
_initialize_onexit_table
_initterm
_initterm_e
_register_onexit_function
abort
|
| api-ms-win-crt-stdio-l1-1-0.dll |
__acrt_iob_func
__stdio_common_vfprintf
fwrite
|
| api-ms-win-crt-string-l1-1-0.dll |
_stricmp
strcmp
strlen
strncmp
|
| Ordinal |
1
|
| Address |
0xe01e0
|
| Ordinal |
2
|
| Address |
0xe0210
|
| Ordinal |
3
|
| Address |
0xe00b0
|
| Ordinal |
4
|
| Address |
0xe0190
|
| Ordinal |
5
|
| Address |
0xe0120
|
| Ordinal |
6
|
| Address |
0xe0240
|
| Ordinal |
7
|
| Address |
0xdfca0
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x5536
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.94524
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
10124e48456aec768c13ba8a6ddd8e06
|
| SHA1 |
7fdb2b2737d9547fcaa36a9be17b992af827c0b2
|
| SHA256 |
030b29d82a2dc413b23223f03feb477684800b22e844153747282c9b12aeabf9
|
| SHA3 |
100b022b26115abe8398df5053d97dba8f285f8cd8507abb9fe40cbfda5b2f5b
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x1cc4
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.94897
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
17dd3ea5d85b24450679efce2eec46da
|
| SHA1 |
6c0b7f83eb29a14b09c98e0155af57f9afd15fc8
|
| SHA256 |
8b957d46da1d429e2a1375726aa9c4243cf57495881bcc1199ad5cd007608ff5
|
| SHA3 |
e7b1fa55949ada77ead0f2dab1de43cee9de9579b0789365e0622425a783766c
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0xa57
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.91053
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
a801f66caf7d024cbca9aff6c8563138
|
| SHA1 |
7c530824ec48a72fc895d79e242c510320e15183
|
| SHA256 |
3a7270ab70be7288d15c04acaca034a4e380eed593f65bda2aa60f151b065402
|
| SHA3 |
d6ca48d3d5378cc5fdd9fbf26063d54ac2a965e3489f61e2c6b847af2074826a
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x711
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.85932
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
930c7d0675b70b4f1d870a06f698ad14
|
| SHA1 |
41cb29ba623033d916c8e8881c7a9935baecfad5
|
| SHA256 |
8438b926470dcc57bf23bfa3604994c5820c46276a9c01b4a8d57b456509fd90
|
| SHA3 |
be795d48d61e43ea41d35a32dc8fcef63cce291e0c008ce55d4bf7bacf53df49
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x3ee
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.77069
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
9aba5ae38e2c66ecd412b04d1772808f
|
| SHA1 |
c7b634dcaf1921b2fd0c28a4d55bcadd2253b11d
|
| SHA256 |
b4d4f5a1f2bb719821bef499867ba98d0fea07403b0880218a76ad47bad7a803
|
| SHA3 |
610da9d4c82852c24c9db106b0fc3d477c6320d31e63a087be14849910224321
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x18e
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.23156
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
390f96cbf8f22a9dc6b9e40f301b370e
|
| SHA1 |
ed5c78acff84359c07d006fbc8ec2f0593092350
|
| SHA256 |
e43a374abb3619796ce6bdb9b673b58d47d49b2d908be81ce55c151d47cb65fc
|
| SHA3 |
c27361792e2fcfc86182fd75486b48910dfd0acc1a138693a68a0c3c205db1cf
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x178
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.29073
|
| MD5 |
853b9e94e2c1a83edd892e7e956e13fb
|
| SHA1 |
501ec98ed48783936f2e2a4dfe90121ead880e6e
|
| SHA256 |
92b1fa4a3d3e542435ef87a96eec54fb1ace768a681e2ad261c5ae627ce86c9f
|
| SHA3 |
f0eb2b71f0b792d7e432fc912488ebfb52e7dd31f8260b9a7ca61f59bbb32b58
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0xbc
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.92234
|
| MD5 |
9acd37c470c3fafad50bb70eddde004e
|
| SHA1 |
bd164991b3c3e5318e3f7d1d3579f770f1b7c32a
|
| SHA256 |
ab3bff5a9ed7ab7fafae43ee9b1c1389ac85c8673d4eee7999b4ce14388f37c3
|
| SHA3 |
ea0812fa56314137802f0ddd2d23bbf865c48aa39b958589ce0b3b8ca392ae5b
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x54
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.21566
|
| MD5 |
8479c0e56ce5b66a4dc5ac0acc810363
|
| SHA1 |
b8b16a63a7e9fe27b2c5f977923ec359654d1776
|
| SHA256 |
0429597f6cbc21217ee01dc4732ef5c6e6b560396d9c61fc934c6ae3eb3f4edd
|
| SHA3 |
c2b0e1e943d1800f5cec3c8a9372e1750c92a2dda5a06c7007f862ae9e61c5a1
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x188
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.00117
|
| MD5 |
1fa8df4aa7a33e1f75cfa9442d9ce8f9
|
| SHA1 |
2f2674c92ec7a05404c50c7715f016c00d04d410
|
| SHA256 |
98291197c538c219ade8dcd5746c75da2491f33b76baf75a104c6d1877e3b944
|
| SHA3 |
430c5f6c707afce74c26ac68d1e7efd265673bc37e419c963c6545763d7bcc01
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x114
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.09912
|
| MD5 |
0d522fbaaf1e194bfe9e805c003d8333
|
| SHA1 |
67090269e3bf5444692467fd99beb9a27089d945
|
| SHA256 |
0310d21e79f143d70c76cac2b3648bd612cc48dafbe2d4643050c1b84d35ae28
|
| SHA3 |
f14537ba6d70980958cf5fdfd9cc3cdb3790b4ac9a415a2bbf8ecec11cfd75e5
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x40
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
1.85835
|
| MD5 |
5a2447d61d25d8503d02dd0e06db8e09
|
| SHA1 |
331aa04e8dad5cf1000d1f1149b957e4e37ae2cc
|
| SHA256 |
0088438fbc7a88852a6eea2fe37c94c9e93474b024ba6d6961a5e83a13dc9183
|
| SHA3 |
93d0f323137b36a700ee36b2e4d5e2f8e8fd020cae5ad181d232aed2319a5866
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x90
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.79769
|
| MD5 |
e2ee4675ec9307b4efbea2e32c30fcf7
|
| SHA1 |
f9db55846ba0a1896be7a11c3955e5880c53eccd
|
| SHA256 |
1dd306ab86d9477445952199692600152e4c41681507c3441416af7a533f1e98
|
| SHA3 |
cf73246b1f39202eafa98a09b0fd96f5b5db8b5773f6a248e6694cc903d294ee
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x168
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.33249
|
| MD5 |
dba8571020ba2c7c7eb9f8ee9d6bf8c3
|
| SHA1 |
8b50c86f99a7729b347918dd91d251c8ef286ded
|
| SHA256 |
553969337e0c2db0dc5567b804cec31dbc4c5acc97f8ddfddf84faa06344f932
|
| SHA3 |
22207abf8bdc11dee8b3f03a2db179fccb2f03af0566b43afce14d96c856df80
|
| Type |
RT_STRING
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0xcc
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.90504
|
| MD5 |
24758283884268cee2600bf2e562ed1d
|
| SHA1 |
32da9f0aea6d8363189090016281f3a9fa6c4dab
|
| SHA256 |
98170c25a67e7716d319d8415f05f1a6d931e448fc4e1e5277806fdacf691d32
|
| SHA3 |
7e28a79856c10223831f41f1e2a8af3982d52f06d1efbf2cececf69954418986
|
| Type |
RT_GROUP_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x5a
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.79621
|
| Detected Filetype |
Icon file
|
| MD5 |
03792eff20f6083c97c9afdf24f8b6a8
|
| SHA1 |
473a59374ff22b47741b782538f0cf9237a362cc
|
| SHA256 |
bc8acb0dbb398f33d720a765f851ebf8ec1f74550d6972d6e17cb2744865190c
|
| SHA3 |
24fd2eadfe0eb08067d03b2ee7ce6a3fb5fb4ecc5d56254a592d4534008d1ab2
|
| Type |
RT_VERSION
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x32c
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.45032
|
| MD5 |
6d762b0d92d7f3150d471497fa666936
|
| SHA1 |
c08528b80f32e8339c515c7459e485abb9b7baf6
|
| SHA256 |
d5c88a7f26a241fe69adda9767da0acffbea91f2a379cfad4d0b29e9ae826483
|
| SHA3 |
c803d5786f5bb4e7fe86a9df1115afd54780bd36135dd06b1af51f1054d64cbb
|
| Type |
RT_MANIFEST
|
| Language |
Chinese - Taiwan
|
| Codepage |
UNKNOWN
|
| Size |
0x689
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.20901
|
| MD5 |
f8161df2740e4567c41d8477172c2e36
|
| SHA1 |
0dbd6562b1b325ca5d29ea71e5b757522a2afc6a
|
| SHA256 |
e2c5bcaf8ec812b0c5f012517807a623baec801d4d3ac88e57f15f2e0b2ddfdc
|
| SHA3 |
0a218ae202d47f96c7b261a51344c7a1e1827aafd2970663fdb722c22c28dc98
|
| Folder Launcher |
| Lists folder launcher with sortable columns and export to text |
| Yarrow Point Desktop Labs |
| Version 5.3.2971.361 |
| Copyright (c) 2012-2023 Yarrow Point Desktop Labs |
| Location services off. |
| Linting passed. |
| Restore point created. |
| Item 5726: pending. |
| Fan speed: 1200 RPM |
| Delete |
| Camera access denied |
| Build succeeded. 0 errors, 2 warnings. |
| The process cannot access the file because it is being used by another process. |
| Unable to write to the specified location. |
| Item 1243: ready. |
| In Progress |
| Item 1454: ready. |
| Item 3197: ready. |
| Item 9449: ready. |
| Completed |
| Item 4289: ready. |
| Item 5964: ready. |
| Item 548: ready. |
| Applying patches... |
| Item 861: updated. |
| Item 2629: updated. |
| SSL handshake completed. |
| USB device connected. |
| Proxy authentication required. |
| Packets sent: 8,412 |
| Packets received: 8,390 |
| Disconnected |
| Network unavailable. |
| Latency: 24 ms |
| Account verified. |
| Sign in to continue. |
| Subscription renewed. |
| Work or school account added |
| Signature |
0xfeef04bd
|
| StructVersion |
0x10000
|
| FileVersion |
5.3.2971.361
|
| ProductVersion |
5.3.2971.361
|
| FileFlags |
(EMPTY)
|
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
| FileType |
VFT_FONT
|
| FileSubtype |
UNKNOWN
|
| Language |
Chinese - Taiwan
|
| ProductName |
Folder Launcher
|
| FileDescription |
Lists folder launcher with sortable columns and export to text
|
| Comments |
Lists folder launcher with sortable columns and export to text
|
| CompanyName |
Yarrow Point Desktop Labs
|
| FileVersion (#2) |
5.3.2971.361
|
| ProductVersion (#2) |
5.3.2971.361
|
| Resource LangID |
Chinese - Taiwan
|
| StartAddressOfRawData |
0x2d0dd6000
|
| EndAddressOfRawData |
0x2d0dd6008
|
| AddressOfIndex |
0x2d0dd3d30
|
| AddressOfCallbacks |
0x2ced7f5d8
|
| SizeOfZeroFill |
0
|
| Characteristics |
IMAGE_SCN_TYPE_REG
|
| Callbacks |
0x00000002CE8E0900
0x00000002CE8E09B9
|
[*] Warning: Section .bss has a size of 0!
2f2e6e45945ef45dc34f4b9d513a4739ef5427b0f32c7929513eaae552ac80cc