Manalyze report for 4028777264d4143d03269e31ae215e2a6212069f3d93bbcd2ec00c0c2fa7423d

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2001-Sep-05 17:02:57
Detected languages	English - United States
Comments
CompanyName	Google
FileDescription
InternalName	stub32
OriginalFilename	stub32i.exe
FileVersion	`3.3.8`
LegalCopyright	2008 Google
ProductName	Maestro
ProductVersion	`3.3.8`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++` `Microsoft Visual C++ v6.0` `Microsoft Visual C++ v5.0/v6.0 (MFC)`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Looks for Qemu presence: qeMU`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA` `Can access the registry: RegCloseKey RegQueryValueExA RegOpenKeyExA` `Possibly launches other programs: CreateProcessA ShellExecuteA` `Can create temporary files: CreateFileA GetTempPathA` `Can take screenshots: GetDC BitBlt CreateCompatibleDC`
Info	The PE's resources present abnormal characteristics.	`Resource 118 is possibly compressed or encrypted.` `Resource 4 is possibly compressed or encrypted.`
Suspicious	The file contains overlay data.	`8816835 bytes of data starting at offset 0x44000.` `The overlay data has an entropy of 7.99981 and is possibly compressed or encrypted.` `Overlay data amounts for 96.9377% of the executable.`
Malicious	The program tries to mislead users about its origins.	`The PE pretends to be from Google but is not signed!`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`8e146e2fa5a7e3856fa8370c6d6061e7`
SHA1	`173e4e309b6087cb8ddac8f045b3c58bb06c3551`
SHA256	`4028777264d4143d03269e31ae215e2a6212069f3d93bbcd2ec00c0c2fa7423d`
SHA3	`734f9cfd531696b01dd499c4e3f769dbe0f8b4da9679de21bb6be2a63c65d9f6`
SSDeep	`196608:g5EphgQuZoqOfOS+6OLie7p1/I4pVUTIDhSnpP3f3aokc:g5ShgQuZor2S+ViY/J3UTIDhSnpPPqor`
Imports Hash	`5a9b89741dd0eb9be8754b41c4d30c55`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf0`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2001-Sep-05 17:02:57
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x12000`
SizeOfInitializedData	`0x34000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00008947 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x13000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x47000`
SizeOfHeaders	`0x1000`
Checksum	`0x8b98de`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`e169cd9727498334799ce574858324b5`
SHA1	`89ac4159fc35c947f8c031213ec4dcb5a269c14b`
SHA256	`0160c4cdbcd9d6caed7abd3765f7358d9dfe3b184ba97ac82a1cb359037eb13a`
SHA3	`2e044855275e8dd692f6c78723a0ce482cc9f65a2bfd27a2dfd504ffb4b75c8a`
VirtualSize	`0x11b16`
VirtualAddress	`0x1000`
SizeOfRawData	`0x12000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.6021`

.rdata

MD5	`1d22aa58107cdb479897ec936f8bbe61`
SHA1	`14e9d626f8efbb51f1091004edc0b6f03c89ab79`
SHA256	`b4aad5e7675bef7fb0b918432ccf4425ac9c185290669a0dd3506f29979c2b17`
SHA3	`32b0b4602c6cd3f020d4150ae0fb7d1462ca469a0982f9a614d392e5e4af26a9`
VirtualSize	`0x1950`
VirtualAddress	`0x13000`
SizeOfRawData	`0x2000`
PointerToRawData	`0x13000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.78253`

.data

MD5	`7e0cfc2e100727b4ae39786ac23b9520`
SHA1	`dcd9c9e29d0f6446b556ce46f1e9fac106839e61`
SHA256	`892c7cbad4cdd178ad917db974e8655903f1954455de5cbfd1f4f30d37bc3033`
SHA3	`0b1836b097a3892e10cad6151afd5098e34c6dced30c7ba14b7d2c26d12ee3d8`
VirtualSize	`0x4e38`
VirtualAddress	`0x15000`
SizeOfRawData	`0x2000`
PointerToRawData	`0x15000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.42192`

.rsrc

MD5	`df073f6ee345854981e983bf6db60e3e`
SHA1	`e0cecefc6006fb50954fa67cff96ddd9eb5ab221`
SHA256	`3baa5f53864e5d18c39db99c553d961f0ee62336208b5bf595ef61ea6a96ec67`
SHA3	`a78b3516a722d7fd1045421edc8e6984ff7b24e064b90f40dc8fe945ffdc4ee5`
VirtualSize	`0x2c8a8`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x2d000`
PointerToRawData	`0x17000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.01962`

Imports

KERNEL32.dll	`GetProcAddress` `FormatMessageA` `DeleteFileA` `MulDiv` `IsDBCSLeadByte` `GetExitCodeProcess` `CreateProcessA` `GetTempFileNameA` `GetSystemDefaultLCID` `WaitForSingleObject` `CompareStringA` `Sleep` `SetFileTime` `LocalFileTimeToFileTime` `DosDateTimeToFileTime` `FreeLibrary` `RemoveDirectoryA` `FindNextFileA` `WritePrivateProfileSectionA` `GetStartupInfoA` `WriteFile` `ReadFile` `SetFileAttributesA` `LocalFree` `LocalAlloc` `LockResource` `LoadResource` `FindResourceA` `SizeofResource` `GetModuleHandleA` `GlobalFree` `GlobalUnlock` `GlobalLock` `GlobalAlloc` `MultiByteToWideChar` `lstrcmpiA` `GetDiskFreeSpaceA` `HeapAlloc` `GetProcessHeap` `HeapFree` `GetModuleFileNameA` `ExitProcess` `CreateFileA` `CreateFileMappingA` `MapViewOfFile` `UnmapViewOfFile` `lstrcpynA` `SetFilePointer` `GetFileSize` `FindFirstFileA` `CreateDirectoryA` `GetLastError` `GetPrivateProfileStringA` `FindClose` `GetFileAttributesA` `lstrcatA` `lstrlenA` `GetWindowsDirectoryA` `lstrcpyA` `GetSystemDirectoryA` `GetTempPathA` `GetPrivateProfileSectionA` `LoadLibraryA` `MoveFileExA` `WritePrivateProfileStringA` `GetShortPathNameA` `FlushFileBuffers` `CloseHandle` `IsBadCodePtr` `IsBadReadPtr` `SetStdHandle` `LCMapStringW` `LCMapStringA` `SetUnhandledExceptionFilter` `GetStdHandle` `SetHandleCount` `GetFileType` `GetEnvironmentStrings` `WideCharToMultiByte` `GetEnvironmentStringsW` `FreeEnvironmentStringsA` `UnhandledExceptionFilter` `FreeEnvironmentStringsW` `TerminateProcess` `GetStringTypeW` `GetCurrentProcess` `GetOEMCP` `GetACP` `GetStringTypeA` `IsBadWritePtr` `HeapReAlloc` `GetCPInfo` `VirtualFree` `HeapCreate` `VirtualAlloc` `GetVersion` `GetCommandLineA` `HeapDestroy` `RtlUnwind`
USER32.dll	`GetParent` `GetDlgItem` `SetFocus` `SendDlgItemMessageA` `EnableWindow` `CheckRadioButton` `GetWindowLongA` `LoadStringA` `LoadImageA` `MessageBoxA` `CharNextA` `IsDlgButtonChecked` `GetDlgItemTextA` `CheckDlgButton` `SetDlgItemTextA` `ReleaseDC` `GetDC` `GetWindow` `PostMessageA` `SetWindowTextA` `wsprintfA` `GetDesktopWindow` `GetWindowTextA` `DestroyWindow` `CreateDialogParamA` `FillRect` `GetSysColor` `GetSysColorBrush` `EndPaint` `BeginPaint` `DrawTextA` `MoveWindow` `GetClientRect` `ScreenToClient` `GetNextDlgTabItem` `SetParent` `MapDialogRect` `IsWindow` `GetWindowRect` `CreateDialogIndirectParamA` `ShowWindow` `InvalidateRect` `IsWindowEnabled` `SetWindowPos` `UpdateWindow` `IsDialogMessageA` `SetWindowLongA` `GetActiveWindow` `SetActiveWindow` `LoadIconA` `PeekMessageA` `SendMessageA` `DispatchMessageA` `TranslateMessage`
GDI32.dll	`CreateFontIndirectA` `RealizePalette` `SelectPalette` `CreatePalette` `GetObjectA` `GetStockObject` `CreateDIBitmap` `GetTextExtentPointA` `SelectObject` `EnumFontFamiliesExA` `DeleteDC` `BitBlt` `TextOutA` `SetBkMode` `SetBkColor` `CreateCompatibleDC` `CreateSolidBrush` `SetTextColor` `DeleteObject` `GetDeviceCaps`
ADVAPI32.dll	`RegCloseKey` `RegQueryValueExA` `RegOpenKeyExA`
SHELL32.dll	`ShellExecuteA` `SHBrowseForFolderA` `SHGetPathFromIDListA` `SHGetMalloc`
LZ32.dll	`LZOpenFileA` `LZCopy` `LZClose`
COMCTL32.dll	`#17`

Delayed Imports

118

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25ba2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.04133`
MD5	`99ee87e5cdfddd17bfe39555ba721f6b`
SHA1	`dfa6a232f5579454d8720aa19ae3da9b15d20f4e`
SHA256	`c84402d0df3233f2714be896b1a135f246b37ef1131a0f8f066146333051e81c`
SHA3	`1454988369f1850725ebdd91583dc0ee0b96f38744485605fd6b1358ead063f7`
Preview

132

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0x38e4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.04914`
MD5	`926a0661fdb3e11af48721d51d6b8520`
SHA1	`a6e9636391c379db0e1bee395880dfba1d0be0bd`
SHA256	`a4aea1cc31d0e35f42a2fc983dbb67d800f8626d0e8ed25313d18b9b5c4fab7e`
SHA3	`44392a341231627ce7ccb0fd30242d01cc2af26434a443e4df0af3eb6bd032fc`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.23544`
MD5	`2bd137f054e0e82ba03631c06ef2ef60`
SHA1	`068341a25e7d4cdcb85725208433b3b340b0376b`
SHA256	`857406baa52eab62e4e0efdc6c31809a4ce8f72dfaa514fad54c9f9a7cce86dc`
SHA3	`922a7e8f3cbbe779620852b152800882085e2bfea19056fafbc3602dfae5ed07`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.39652`
MD5	`28e18a5272acc21225e31f9846b424ad`
SHA1	`d14bd63c9e7912edb84c1fbbe564180ce8d32152`
SHA256	`a4731a327b7c37f5c3278f8d5d237841cfa159829187288f9e1c430901e42374`
SHA3	`ae4aca7f9b6422fab6ac670c404c87cb3167423680fb26d65110e98c1ac5d67c`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.9625`
MD5	`52bbd1393066e88c25341f06b69d80e8`
SHA1	`27505a5cc058fd4a9df92426216b6108edaab7be`
SHA256	`19bf6b3255d01b1c83440be261315ce69f6f3d5e98aec01bd629549d5c0c359c`
SHA3	`9b8265d4d796743d55d8dfa1c814d478f815c62a16f00a9f0f469e4ecd3f57e6`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.03874`
MD5	`1a6fe679bbb8a54c87ca6b20690d3a97`
SHA1	`3b2cfac4ac019339758a9e955fad5f7f0da73bde`
SHA256	`8587fc20a645b1e108ba29e760f290952c0b8ab10c3fee7f4e8c33163bb770d1`
SHA3	`b7a32b67eff85e0744ac316dd1289b3c70956f3e8e402f82cf1c1acfd6b36773`

IDD_WIZ97SHEET

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x19a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.98313`
MD5	`dd343f658e148cbc9ef8e1282ff2cd27`
SHA1	`12e919ea547c1ce8f197cc58e37c2cc8d4dda38d`
SHA256	`b59b4bc5ae24804d274c7d7159bbc833fcf2bcaa6720f32028a821ffe15af3ed`
SHA3	`3c2a2577af4a6c09a97986cb07b45c8131e958102487bf80e7feff0a104cdbf3`

1000

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x92`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.69732`
MD5	`e7e42dfd5f453c0772eed4566915b56d`
SHA1	`950ad8ef3da70fd9eae9e48fbed65833aba988df`
SHA256	`9e65e3c66f481a25244d5f592e19778022c59dc0bbafe86a732c3bd3a9d46d3e`
SHA3	`7b8423073fdba8a9da94fcdd9faf296e80e1a5033cad3d4cbe958eebaecb11bd`

1001

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xbe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.78999`
MD5	`b3358bcde4fa68edb2058218b172def0`
SHA1	`cf3d2e4eaa78f01e287bbd6461ad7a1518251f3c`
SHA256	`ac211279243e9b881f48b7f97964401875fb6566b80633695e1caf0ad226f244`
SHA3	`9fbebef41789fdeb7caf60ca5484562930ca37710c83d1d2dc7d4a8ca3d0d276`

1002

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.63109`
MD5	`dfd5aa72447c820df2aaae09856f157a`
SHA1	`0004b741ac024a28997d0ea9ddcfd3939ca179ea`
SHA256	`0aa0ddb932266f1536916b5758a32c387d4069660addc3b157a3ccac66d6bdb0`
SHA3	`486448c68bb24432741e3d33be29a58a3157946fcdaa8c0585232bde9f7356df`

1003

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.66875`
MD5	`7eb9b3ab15bbb3353ca37181d122064b`
SHA1	`75fb4f7eca3ab9fc51062290ea9cd5b266c81a71`
SHA256	`c03088894ab2a82a73e1c6dff6e05ec6e9221d1ac0eb03280bf56e600479f79c`
SHA3	`a58df07c966570fd902358614025f75d2f3a40c67136ed1daa5a1c02b1e037b5`

1004

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x272`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.13295`
MD5	`453727fdc4097ecb5ef17f6a6070f201`
SHA1	`65b96556faa9148031e9450e5e7fb3b6d75303c2`
SHA256	`03198f669529474f9673298908c14142984bf6c3a46b5b57e5bd3ac4fd1a0434`
SHA3	`08769927b2ea5b34e646fa97202867eeb38397279a9b93b20b31e2ac53139276`

1005

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.89504`
MD5	`30e11ca81c7a5ae2dc2a3d363265995d`
SHA1	`811a7baf0f6028af2d685eb3c6cd8b7f7a64d940`
SHA256	`7b57fcf1e518158db626787b4110a5529386b235ddbb6c9fc0546cec479c9bae`
SHA3	`bfb6e5ff8ccc42d16e86acb68e98032e41eb0efca360344cdd344e124587ca89`

1006

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x90`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.77962`
MD5	`119e987fef8607c16390bcd856917d69`
SHA1	`09dc1975eb49f39ebd460ab650767e86acbbaa19`
SHA256	`4541474774851758c9faaaf85c666a4365743fcbd676798956c770d015bf2a64`
SHA3	`dbc6818540163424b5ba59af07885e8db79988eb9abbf82af8390fed588354bb`

1007

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xf0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.15439`
MD5	`e5ff2e4a47e952e1c95ce779bb5afcbd`
SHA1	`cd797e64b47e18e646384848808b2396f0912b58`
SHA256	`e1ea7289069643e3f3198b8f53a57de65da311414b8e6da588c95378e73d659c`
SHA3	`8ff8ed146beeb8836ad57ef688fc501350f8a5a9612e4383d4b94c694d7e2a0b`

1009

Type	`RT_DIALOG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x62`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.64853`
MD5	`70df90308909c2672f8250dfb17cf07e`
SHA1	`8ee5ea93492f5ae89483fcd47f722f37f6fdb9bc`
SHA256	`d11ac6e244790f279fb5e9350293f79ec8d23a942aaf0221d5f5775ef7842f67`
SHA3	`4f0435702fc70599e7b44e9e52935e85d66fb90e960f0a14cea9731ad0607b59`

1 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x632`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.21552`
MD5	`5b61d634bb8d5ca9b52b73ea7487d7ac`
SHA1	`9b22360914fc316473ccb764a8f2bd1eefdcb96f`
SHA256	`acc9d1a39613e2ddee3faff692d9ab748f4b24f295276aa31ad410b733dd27a2`
SHA3	`c2f4f7522e84034a36603488741bc381df5e82f674bf06d1d6e0d766080abbaf`

4 (#2)

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.07096`
MD5	`3a50ca26990280e45eda06b935074907`
SHA1	`5a64b4f128cdaf90ec51f789808a403acfd3ff30`
SHA256	`4adf4b9fb315dde30845b2d6aa0606361fb63e43b512286167f585ecf5c3decf`
SHA3	`2f45d91b26f6a63d512bd77c9acb0bd9131b018dfb255ef72ad9bfc768d52a50`

19

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0xba`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86832`
MD5	`d4390738ff142458cea229b978c42b0a`
SHA1	`cd18c97ae994e236bc01570e3cdede45f6199102`
SHA256	`68a0db9341fac879faa81750ee349edb083d9d19e1df88f190c2f81bb6730de9`
SHA3	`79bb9e713dc1b1ad3f719def808a02234f609b3a8d17ff299c0f6bc62169b804`

20

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x366`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28952`
MD5	`03e7afc4bb8b7a0c71420c28ae6c75b6`
SHA1	`3604c1e70111bed16fd1f58325cbe17a32907ccb`
SHA256	`18d4d0a7ba97e3b656798dc708bb32e1f648e8e0ec014296ec2c3665b9096712`
SHA3	`dd65334ff85215b8737dad90fa8d1aaf9739f02718a88722e9a6f7cecd985d4b`

21

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x98`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.89596`
MD5	`592e52dfb375e7abe8694411c9cdef02`
SHA1	`46905877d69270739e357890020d2404fbaef644`
SHA256	`ef96ba1c364e54832e649da09d0ab64ede085a2de0eb58607bd900c98a3fc8b4`
SHA3	`da5e19b4d4501b3366e9338a567129ab80308099dff33eb3d8ac3527014e5780`

376

Type	`RT_STRING`
Language	English - United States
Codepage	UNKNOWN
Size	`0x58`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.05861`
MD5	`690d7d53e796088b86ec0a9a1cecaafc`
SHA1	`a0c805418f8fd130ba6bc8e2f57ac613d5b0563a`
SHA256	`043e0823d2b63a097187eaf44d1b3627db675dfe06d458216bf05b52379e8f05`
SHA3	`9a9f722785a73cc57c9a0495dfb0385acdf29e12ff1373c89b6e22941e304bf3`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.64576`
Detected Filetype	Icon file
MD5	`f6262f462f61a1af1cac10cf4b790e5a`
SHA1	`4aa3239c2c59fa5f246b0dd68da564e529b98ff4`
SHA256	`44b095a62d7e401671f57271e6cada367bb55cf7b300ef768b3487b841facd3c`
SHA3	`f2a1d165133c29eba349014fa5f8059ddebe1aba5b220fb89f1a474e95c482ca`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.35089`
MD5	`865df6e99103d58895af262890eff94b`
SHA1	`57ad643133d3216aeac50daffb10240cd0ee4d5c`
SHA256	`965dce4c21efb002def5ba5bd211fbb56c0c0e99c1fc585441ff4b8d847c2705`
SHA3	`724b95b4145dd2ee92b04826bc24f7efe40ac2aa8f5e3a737b2d4795e684a3fe`

String Table contents

PackageForTheWeb Error
This self extracting executable file appears to have been corrupted and cannot be executed. You should obtain a new copy of this file to insure that it will execute correctly.
Unable to open the self-extracting executable file. The file is locked or in use by another process. The installation will terminate.
PackageForTheWeb
Unable to access the source file!
Unable to create the cabinet file!
Unable to access the specified path.
Unable to create the specified output folder. Bad path name.
Unable to start the decompression process!
The EXE file has been corrupted. Unable to continue.
Unable to execute the specified command line!
This program is used internally by PackageFromTheWeb. It should not be executed directly.
Bad or missing header information!
Unable to initialize the extension DLL.
Error Executing the Specified Program
Unpacking %s...
The specified drive does not exist
No error
Missing cabinet file!
Input file is not a cabinet.
Bad cabinet version.
Corrupt cabinet file!
Memory allocation failure!
Invalid file compression type!
CRC failure.
System error during decompression
Incorrect cabinet file selected
The package decompression has been cancelled.
Unable to create the specified output folder!
Unable to compute required disk space
There is not enough space on drive %s to extract this package.
MB
KB
bytes
There is not enough space on drive %s to extract this package
version
Please free up %.2f %s and click Retry
12,MS Shell Dlg
&Finish
8,MS Shell Dlg
8,MS Shell Dlg

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	4.0.100.1190
ProductVersion	4.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
Comments
CompanyName	Google
FileDescription
InternalName	stub32
OriginalFilename	stub32i.exe
FileVersion (#2)	3.3.8
LegalCopyright	2008 Google
ProductName	Maestro
ProductVersion (#2)	3.3.8

Resource LangID	English - United States

TLS Callbacks

Load Configuration

RICH Header

XOR Key	`0xd7f777f0`
Unmarked objects	`0`
Unmarked objects (#2)	`21`
C++ objects (VS98 build 8168)	`8`
14 (7299)	`18`
C objects (VS98 build 8168)	`73`
19 (9049)	`15`
Total imports	`185`
C++ objects (VC++ 6.0 SP5 imp/exp build 8447)	`10`
Resource objects (VS98 SP6 cvtres build 1736)	`1`

Errors

Leave a comment

No comments yet.