Manalyze report for 3c86144c7cdc84e102a6c390622f6140398374f678d73522703d7c3b8983d37c

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2023-Sep-17 18:45:05
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.
ProductName	SQLRay GUI
LegalCopyright	Vegetables Inc 2069
ProductVersion	`0.1.0`
FileVersion	`0.1.0`

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Info	Interesting strings found in the binary:	Contains domain names: 200ml.org birthpopuptypesapplyImagebeinguppernoteseveryshowsmeansextramatchtrackknownearlybegansuperpapernorthlearngivennamedendedTermspartsGroupbrandusingwomanfalsereadyaudiotakeswhile.com floatml.org genretrucklooksValueFrame.net github.com http://www.C http://www.a http://www.css http://www.hortcut http://www.icon http://www.interpretation http://www.language http://www.style http://www.text-decoration http://www.w3.org http://www.w3.org/shortcut http://www.wencodeURIComponent http://www.years https://docs.rs https://github.com https://tauri.app https://tauri.localhost https://www.World https://www.recent thing.org www.w3.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to RC5 or RC6`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExW GetProcAddress LoadLibraryW LoadLibraryA` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Can access the registry: RegGetValueW RegQueryValueExW RegCloseKey RegOpenKeyExW` `Uses Windows's Native API: NtCreateFile NtWriteFile NtReadFile NtCancelIoFileEx NtDeviceIoControlFile` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: GetAsyncKeyState GetForegroundWindow MapVirtualKeyW` `Leverages the raw socket API to access the Internet: bind setsockopt freeaddrinfo getpeername socket WSASocketW WSAIoctl WSAGetLastError connect shutdown getsockopt recv ioctlsocket send WSASend WSAStartup closesocket WSACleanup getsockname getaddrinfo` `Interacts with the certificate store: CertOpenStore CertAddCertificateContextToStore`
Safe	VirusTotal score: 0/71 (Scanned on 2026-05-15 16:04:32)	`All the AVs think this file is safe.`

Hashes

MD5	`cf6463e6b1d13c90ef82b33895f6448d`
SHA1	`293029fdb68adddc0f88a575995f22ca5d5bea1d`
SHA256	`3c86144c7cdc84e102a6c390622f6140398374f678d73522703d7c3b8983d37c`
SHA3	`97ed50df6791888534a1ed3777f55b617c71f16f8b9e2b6a09251ddb86fa7616`
SSDeep	`98304:B/t+8L5EXCQZHWV6shoPiI9JUAOu3vTEjMS5t:V5mHWV6LOuLg5t`
Imports Hash	`87542e2dcac1505969cd2922d54aeafe`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xe8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2023-Sep-17 18:45:05
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x411a00`
SizeOfInitializedData	`0x2b0e00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000003F42BC (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x6c7000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`acfb8e2736e8e0aacae9656cadc1560a`
SHA1	`33112fb421c88ef347d663409ae22eda2febd8dc`
SHA256	`008db53b5ab2e82e3c6629c2cd983434090e54c55cc2711aa5ce9b6b8cf18312`
SHA3	`e61763aaaa476e058b6f698b9e9f5e2974caeba5e120c1d904b98ff900d34d2c`
VirtualSize	`0x411890`
VirtualAddress	`0x1000`
SizeOfRawData	`0x411a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.26564`

.rdata

MD5	`69bf413deebc3eda7a260f098a60bb2c`
SHA1	`6378f611a83c056039572098acf34d95fb423089`
SHA256	`52d20e9ec6d0307d382284c043f106b7d591d31477cf18050b7ce0cb16df97e9`
SHA3	`ae48e8a654dc19eee532526c4ebee72ac40fac84671e0a3ac6e07d1cebe3476d`
VirtualSize	`0x22ba72`
VirtualAddress	`0x413000`
SizeOfRawData	`0x22bc00`
PointerToRawData	`0x411e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.45902`

.data

MD5	`f81addcb88c6f6f7516722e2e4c67f41`
SHA1	`8d5bc931c0e4eba5ca2fd41969c44e7fe69f920a`
SHA256	`fd676cd7c174e1e64f37f234b2b075ee531642a3ccd9955904d1a5855dbe716d`
SHA3	`b5ce18c4dd5efed1f13730c4f10a7860650e63d66c85fe60e87f3067fe023b6b`
VirtualSize	`0x3ae0`
VirtualAddress	`0x63f000`
SizeOfRawData	`0x2a00`
PointerToRawData	`0x63da00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.0993`

.pdata

MD5	`5ed5273ea4286a3e04a5bdb2ebd0bc39`
SHA1	`619bdfe537dc58d55e774585fc88730593886da2`
SHA256	`28c2ed75e5d3dc0d6d182c89877b1c26ab9a41f23d9c1660cbf53b60ba6c4815`
SHA3	`ee5b2dead7f0bae023e8af855cde7477ba61155f77d7d21521c4ff824b90666a`
VirtualSize	`0x2baf4`
VirtualAddress	`0x643000`
SizeOfRawData	`0x2bc00`
PointerToRawData	`0x640400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.42723`

_RDATA

MD5	`bf219a8218d834b392a7b92d9988125f`
SHA1	`d0a5395736608f374767fe2773bcee558c7d1e6d`
SHA256	`ba3506fc4af32c1eab4e4a296312e7193b9fa985291c106024e03cff29a72063`
SHA3	`27f7536613feaa4aca5bb26b02c3507e7c90f6167fcb07d9bcbc3cedce1c2364`
VirtualSize	`0xf4`
VirtualAddress	`0x66f000`
SizeOfRawData	`0x200`
PointerToRawData	`0x66c000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.42532`

.rsrc

MD5	`2acc449f4511e026d8286a01b47c2ed0`
SHA1	`af6851de8739beeaab687f5bb75d7f1a8f01e32e`
SHA256	`a2fb3dd61f1fccb65426c795634c5c331cd424fc15e219f0e24be4dc59b216bb`
SHA3	`a95d596f09c8be701a5d990a8f1084e2ee68aa1179305d9b36dcd8b87a302526`
VirtualSize	`0x4f158`
VirtualAddress	`0x670000`
SizeOfRawData	`0x4f200`
PointerToRawData	`0x66c200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.7724`

.reloc

MD5	`9f3851bfd878cce9582b361607dd1841`
SHA1	`5da20d9d8c75fa9d1b4fea9fe0c5faad1023f524`
SHA256	`b95d106e5ff1a5d8eed520af2b969773637defe45b63d0490feac5011a1d213e`
SHA3	`78821c96dbaeea4d776daf4254e22f7fbaee4b3645cc6b91e5b3d52aaa41ccfa`
VirtualSize	`0x65d4`
VirtualAddress	`0x6c0000`
SizeOfRawData	`0x6600`
PointerToRawData	`0x6bb400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.45934`

Imports

kernel32.dll	`lstrlenW` `EnterCriticalSection` `LeaveCriticalSection` `InitializeCriticalSectionAndSpinCount` `DeleteCriticalSection` `SetEvent` `QueryPerformanceFrequency` `ResetEvent` `CreateEventW` `InitializeSListHead` `RtlVirtualUnwind` `TryAcquireSRWLockExclusive` `PostQueuedCompletionStatus` `CreateIoCompletionPort` `IsDebuggerPresent` `GetQueuedCompletionStatusEx` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `SetFileCompletionNotificationModes` `GetCurrentThreadId` `IsProcessorFeaturePresent` `GetModuleHandleW` `TerminateProcess` `RtlUnwindEx` `RtlPcToFileHeader` `RaiseException` `LoadLibraryExW` `EncodePointer` `GetSystemInfo` `GetModuleHandleA` `GetProcAddress` `TlsAlloc` `TlsGetValue` `TlsSetValue` `Sleep` `GetLastError` `QueryPerformanceCounter` `CloseHandle` `SwitchToThread` `ReleaseSRWLockExclusive` `OutputDebugStringW` `AcquireSRWLockExclusive` `OutputDebugStringA` `GetFileAttributesW` `LCIDToLocaleName` `HeapReAlloc` `HeapFree` `GetUserDefaultUILanguage` `GetProcessHeap` `FreeLibrary` `HeapAlloc` `LoadLibraryW` `GetTempPathW` `ReleaseMutex` `ReleaseSRWLockShared` `AddVectoredExceptionHandler` `SetThreadStackGuarantee` `GetCurrentThread` `SetLastError` `GetCurrentDirectoryW` `GetEnvironmentVariableW` `SetEnvironmentVariableW` `GetCommandLineW` `SetFilePointerEx` `GetSystemTimeAsFileTime` `GetCurrentProcess` `RtlCaptureContext` `RtlLookupFunctionEntry` `AcquireSRWLockShared` `WaitForSingleObjectEx` `LoadLibraryA` `GetCurrentProcessId` `CreateMutexA` `CreateFileW` `GetFileInformationByHandle` `GetFileInformationByHandleEx` `CreateDirectoryW` `FindFirstFileW` `FindClose` `GetFinalPathNameByHandleW` `WaitForSingleObject` `SetHandleInformation` `FormatMessageW` `GetModuleFileNameW` `ExitProcess` `GetFullPathNameW` `GetStdHandle` `GetConsoleMode` `MultiByteToWideChar` `WriteConsoleW` `CreateThread` `TlsFree`
user32.dll	`ClipCursor` `GetClipCursor` `GetMessageA` `DispatchMessageA` `SetWindowLongW` `GetSystemMenu` `GetWindowTextW` `GetWindowTextLengthW` `SetWindowTextW` `EnumDisplayMonitors` `ToUnicodeEx` `GetKeyboardLayout` `EnumChildWindows` `MapVirtualKeyExW` `GetAsyncKeyState` `GetKeyboardState` `MsgWaitForMultipleObjectsEx` `SetMenu` `IsProcessDPIAware` `GetDC` `GetWindowLongPtrW` `GetMenu` `CheckMenuItem` `MonitorFromWindow` `IsWindowVisible` `IsIconic` `MonitorFromPoint` `SystemParametersInfoA` `ShowCursor` `SetWindowDisplayAffinity` `RegisterRawInputDevices` `GetMessageW` `RedrawWindow` `EnableMenuItem` `AdjustWindowRectEx` `GetAncestor` `PostQuitMessage` `RegisterWindowMessageA` `ShowWindow` `CreateAcceleratorTableW` `TranslateAcceleratorW` `GetClientRect` `TranslateMessage` `DispatchMessageW` `PeekMessageW` `PostMessageW` `PostThreadMessageW` `SetWindowLongPtrW` `GetKeyState` `VkKeyScanW` `AppendMenuW` `DestroyAcceleratorTable` `DestroyIcon` `GetForegroundWindow` `SetMenuItemInfoW` `CreateMenu` `SendInput` `SetForegroundWindow` `RegisterTouchWindow` `GetSystemMetrics` `IsWindow` `CreateWindowExW` `FlashWindowEx` `GetActiveWindow` `SetCursorPos` `SendMessageW` `LoadCursorW` `InvalidateRgn` `SetWindowPlacement` `ChangeDisplaySettingsExW` `MapVirtualKeyW` `GetUpdateRect` `ValidateRect` `GetRawInputData` `SetWindowPos` `GetMonitorInfoW` `GetCursorPos` `RegisterClassExW` `SetCursor` `CloseTouchInputHandle` `ScreenToClient` `GetTouchInputInfo` `ReleaseCapture` `DestroyWindow` `TrackMouseEvent` `SetCapture` `MonitorFromRect` `GetWindowPlacement` `GetWindowRect` `ClientToScreen` `GetWindowLongW` `CreateIcon` `DefWindowProcW`
bcrypt.dll	`BCryptGenRandom`
advapi32.dll	`EventWriteTransfer` `EventUnregister` `RegGetValueW` `SystemFunction036` `RegQueryValueExW` `EventRegister` `RegCloseKey` `RegOpenKeyExW` `EventSetInformation`
comctl32.dll	`SetWindowSubclass` `RemoveWindowSubclass` `DefSubclassProc`
ole32.dll	`OleInitialize` `RegisterDragDrop` `CoTaskMemAlloc` `CoTaskMemFree` `CoInitializeEx` `CoUninitialize` `CreateStreamOnHGlobal` `CoCreateInstance` `RevokeDragDrop`
shell32.dll	`DragQueryFileW` `SHAppBarMessage` `SHCreateItemFromParsingName` `SHGetKnownFolderPath` `DragFinish`
gdi32.dll	`GetDeviceCaps` `CreateRectRgn` `DeleteObject`
dwmapi.dll	`DwmEnableBlurBehindWindow`
crypt32.dll	`CertDuplicateCertificateContext` `CertOpenStore` `CertDuplicateCertificateChain` `CertAddCertificateContextToStore` `CertFreeCertificateContext` `CertVerifyCertificateChainPolicy` `CertCloseStore` `CertGetCertificateChain` `CertEnumCertificatesInStore` `CertFreeCertificateChain` `CertDuplicateStore`
ws2_32.dll	`bind` `setsockopt` `freeaddrinfo` `getpeername` `socket` `WSASocketW` `WSAIoctl` `WSAGetLastError` `connect` `shutdown` `getsockopt` `recv` `ioctlsocket` `send` `WSASend` `WSAStartup` `closesocket` `WSACleanup` `getsockname` `getaddrinfo`
ntdll.dll	`NtCreateFile` `NtWriteFile` `NtReadFile` `NtCancelIoFileEx` `NtDeviceIoControlFile` `RtlNtStatusToDosError`
secur32.dll	`ApplyControlToken` `DeleteSecurityContext` `FreeCredentialsHandle` `AcceptSecurityContext` `InitializeSecurityContextW` `EncryptMessage` `QueryContextAttributesW` `AcquireCredentialsHandleA` `FreeContextBuffer` `DecryptMessage`
uxtheme.dll	`SetWindowTheme`
oleaut32.dll	`SysStringLen` `SysFreeString` `GetErrorInfo` `SetErrorInfo`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr` `pow` `round` `floor` `trunc`
api-ms-win-crt-string-l1-1-0.dll	`strcpy_s` `wcsncmp` `_wcsicmp` `wcslen`
api-ms-win-crt-convert-l1-1-0.dll	`wcstol` `_ultow_s`
api-ms-win-crt-runtime-l1-1-0.dll	`_initialize_onexit_table` `_crt_atexit` `_register_thread_local_exe_atexit_callback` `_cexit` `_seh_filter_exe` `_set_app_type` `__p___argv` `_configure_narrow_argv` `terminate` `__p___argc` `_exit` `_initialize_narrow_environment` `exit` `_initterm_e` `_initterm` `abort` `_register_onexit_function` `_get_initial_narrow_environment` `_c_exit`
api-ms-win-crt-stdio-l1-1-0.dll	`__p__commode` `_set_fmode`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`
api-ms-win-crt-heap-l1-1-0.dll	`malloc` `calloc` `_set_new_mode` `_callnewh` `free`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.40222`
MD5	`8d57f5afecda69a343d6602663ca6334`
SHA1	`a0aea33a31abcb2d5d29604d2bde9bb69ee7c35c`
SHA256	`60376bc63e963cef161fffe1660d210ab43c09ea9006fb6f4a1c8128e83a2880`
SHA3	`76584369c60823d2051df1eed806e5ee9b2a6fcb8e5df7f1b026f3bc6ab055f8`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33215`
MD5	`f04919d881d75a87e0af482108082a83`
SHA1	`fc5cef67a1fb393eb9df82ee94d3e5a38b52138a`
SHA256	`9f1b9291774d8bd6ff77b8bc4fcfa0c947484213f9c665602b8a576edaaad5eb`
SHA3	`24beea5efb107dcf0bbaf5ca2184d0310e160422dd6d145f06854b28b0cb00a3`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.14224`
MD5	`b07cdd823a86a6e756ffe3b68a66dfc4`
SHA1	`16108ae029144ea30c6ea25c3f966f2dcffb543c`
SHA256	`df9847ef60eb76d9027884d067a7ffe133b86d288ad01c6b6092e5bc35567908`
SHA3	`230597f0b0184cd97fed0c4c219c5ae7c7560a81d5329c0ecfb06cb3577479cc`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.77642`
MD5	`05534e663d05f0d1f51794e2ae4885a5`
SHA1	`56f7cfbca92758fd89993ca9869cda1a08c17bef`
SHA256	`f8eaddc0039e95d2a8bfc14a074c03681292e7b218b95d0fc802a79d19756b99`
SHA3	`585c9a91a522b836eb7e05e05e47197481e1e16390aaaf026bad3b3573f73a0c`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.50527`
MD5	`2408361cf5804ee3c9923542954fe17e`
SHA1	`41b9cb63c47d1e1f3660539c587b2c3c7da6165a`
SHA256	`541f524d12e24eb5d9251f71a416031d07b9f876df764d7972c4e5ff626567fa`
SHA3	`f4d48920ce43d29dd240341d3e5d252cef5cd84ae2fefcc995d0a40daa6b291e`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.09128`
MD5	`00b567e276b70dda19b980ca58b7a4b6`
SHA1	`1260420262f2b8883e3376921ea194b33422e808`
SHA256	`a747f9828a943bc09609feb94de9f311e8a3612a3ccb06d680afdc7be7c34183`
SHA3	`15f29bcddedcd975692d9716b08bf1adf565099a62fa73e37f857f9a59a16358`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.9192`
MD5	`740e003d9470d1d28e44f83fe54987b8`
SHA1	`4f3e06266477653aff8604f14a24291781800004`
SHA256	`165654274efca4c06f9d486c1d00ffe6acb754f09bda7a8de17663d0863d0ba0`
SHA3	`3ae15c3cf2d053d6b15da8960949600c44d7e5c1af8487bd95d5cff50da23fac`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.57821`
MD5	`bf503435440181d49a002d010ae76bee`
SHA1	`cefadfc69509a6a3f78cfaee6bacd8ca848266cb`
SHA256	`1e11fc9a6cf4866e7308a76256214401ed0b490fb6b3163e8af1cd51d7181635`
SHA3	`7589d7679f6ad9a75c79c06402989f7a9235a4b0a6d93f8b72d3e471e14f49a4`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x75ae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.95998`
Detected Filetype	PNG graphic file
MD5	`fcb0b8c7823da870b2ef0905cbec363b`
SHA1	`325131f7a745fc8be92340f2981d49fb5731e508`
SHA256	`efc48e8a90486be0be38353fda07526f51c4adb829dc50febdd49106c8bc1cfd`
SHA3	`78f8d779ea6d0dbd24a667175132ac13af1602f71290a5212e022b01c6dda694`

32512

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.07075`
Detected Filetype	Icon file
MD5	`11713a7d9881f6a445fdac1a16bced2b`
SHA1	`31ef886ec3ddb8e415d6469a34e034d7837d46e0`
SHA256	`eecf374f76ec8ab368e4a103fa88dcd203ab8f6dacaed02f7fd35a70dfd27b10`
SHA3	`4d8de302dee0fae4f6cd002c65830f4d6cae4cef063fb2c56d039d512ea51c48`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1bc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.22005`
MD5	`e39e2666435ce6d2e8873fb2312d6dc1`
SHA1	`a62a23d65d481b5c26a458c42ded0f4859329117`
SHA256	`e62da5c70e9a8906e1000babb53349a97dd8b92d050dc37f5968f6f6ae5d00e2`
SHA3	`ca00290d35322e5d02953b7a7e9a15e7c98a1771fa32a57c4f8f854d9596995e`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96056`
MD5	`01e4c8c046a47771f13cd120b53303e7`
SHA1	`2a4224d31c916a5cff4f2636a3cb47fdd84a5cc9`
SHA256	`b1cb832f790c153aa0e9a66f76e75460263cf1d41971d2dbcc9a4d87ec18b7d8`
SHA3	`680120ec819e7ba66519d9a8a3e446973c4cb28aa0146c91cceaa8c8fadc90ae`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.1.0.0
ProductVersion	0.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
ProductName	SQLRay GUI
LegalCopyright	Vegetables Inc 2069
ProductVersion (#2)	0.1.0
FileVersion (#2)	0.1.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2023-Sep-17 18:45:05
Version	`0.0`
SizeofData	`1064`
AddressOfRawData	`0x59537c`
PointerToRawData	`0x59417c`

TLS Callbacks

StartAddressOfRawData	`0x1405957c8`
EndAddressOfRawData	`0x1405959b4`
AddressOfIndex	`0x140642324`
AddressOfCallbacks	`0x140413ac8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_8BYTES`
Callbacks	`0x00000001402F7BC0`

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1406418e0`

RICH Header

XOR Key	`0x5dbf7a9a`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`14`
C++ objects (30034)	`46`
C objects (30034)	`13`
ASM objects (30034)	`9`
Total imports	`316`
Imports (30148)	`31`
Unmarked objects (#2)	`215`
Resource objects (30148)	`1`
Linker (30148)	`1`

Errors

Leave a comment

No comments yet.