Manalyze report for 414e17cbf174659ca4c29ad7e62fc737a8f5ca2d53a1201d4f0e36cc98ed0b9b

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Feb-27 06:04:30
Detected languages	Process Default Language

Plugin Output

Info	Interesting strings found in the binary:	`Contains domain names: http://java.com`
Info	The PE contains common functions which appear in legitimate applications.	`Can access the registry: RegCloseKey RegEnumKeyExA RegOpenKeyExA RegQueryValueExA` `Possibly launches other programs: CreateProcessA ShellExecuteA`
Malicious	The file contains overlay data.	`223270 bytes of data starting at offset 0xb800.` `The file contains a Zip Compressed Archive after the PE data.` `Overlay data amounts for 82.5782% of the executable.`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`f73d5f19dc5a6be6b21d9bb61bb066db`
SHA1	`ca4e34403b5e1cba7832dda0d7b38a2d5e048793`
SHA256	`414e17cbf174659ca4c29ad7e62fc737a8f5ca2d53a1201d4f0e36cc98ed0b9b`
SHA3	`33a98969ff4706caad0041f35fa0c58c63a67f5e5d7d511235ff42086f6e11d3`
SSDeep	`6144:8JM0Ho621+YpszQ8E461zSORDM2NdswAbc1726Z+FSOMY:8F2dO88veWFIqwq6zOMY`
Imports Hash	`6011984d7c1f1b97a34d7517a498bff8`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`6`
TimeDateStamp	2026-Feb-27 06:04:30
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_DEBUG_STRIPPED` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x5e00`
SizeOfInitializedData	`0x5600`
SizeOfUninitializedData	`0x8e00`
AddressOfEntryPoint	`0x00001290 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x7000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`1.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x18000`
SizeOfHeaders	`0x400`
Checksum	`0x1408e`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NO_SEH` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`fc6ec8fa32daba1a13b2c5d98c4ef55d`
SHA1	`a3398ed645ebbb9c18982e087255222814adaee0`
SHA256	`e56e5294c62032263d37d92b0b4bb92cb73437cdb821981fdba920db35748fc6`
SHA3	`7d37e5a35c77eb4619a106d5fb48ccba237b1c7930e53d93a06ae3a6c07ff718`
VirtualSize	`0x5d70`
VirtualAddress	`0x1000`
SizeOfRawData	`0x5e00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.99288`

.data

MD5	`df6c8045e36e60690935026f3b984b7c`
SHA1	`3b0f5300c67cdc31c047ddcc480f7472deb445c3`
SHA256	`da56ee0569599d618ed8f4c04f5c6ab7d64bc3b7731177e064d038e2527f2377`
SHA3	`167e480380c0cdc4ea6070bb083799bd98a092fd39aec3a2baded7ca488007ed`
VirtualSize	`0x40`
VirtualAddress	`0x7000`
SizeOfRawData	`0x200`
PointerToRawData	`0x6200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.163808`

.rdata

MD5	`15d02e4eabd3bd53908e8b2eed3b9ac7`
SHA1	`23386597402d05c353d2cbb3f94bc2bf37b1d9fd`
SHA256	`9c7e79c04b671cf0ebc78260cf8f77d99e67ae47def5200cdc8e216f8e792ced`
SHA3	`1cafc20b8dd21162558a75a4d2c6a87eac416cd8f9362813881ed50c5ccb6d2d`
VirtualSize	`0x510`
VirtualAddress	`0x8000`
SizeOfRawData	`0x600`
PointerToRawData	`0x6400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.01224`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x8c30`
VirtualAddress	`0x9000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`8d4f9f7717534cfac580e0ec0968d657`
SHA1	`4ebd454ef45c71dc2dcb2d56a4b935ae76b5c209`
SHA256	`373add59fbe96e311d5e8caf5970c3c7e89761445f6493b8accd794db608b171`
SHA3	`7feb084ac568d8c762e045a734e2f0f7872a50e18e31484f73b80b583e7eb0b5`
VirtualSize	`0xaa8`
VirtualAddress	`0x12000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x6a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.64392`

.rsrc

MD5	`eb2ccc6f39e2036d35d9823d25711ed6`
SHA1	`a418e61f04e4696b5b26715bd90d617bbdfd62bf`
SHA256	`ca6545a061d61015dd97b8d3b5e05e89531bae6c91c80427b2ce2fd1f0d21e60`
SHA3	`5197205cefa8bdbfb2c43c1e2821e651bd96e6f58f9d2053a59c174f6fc9c488`
VirtualSize	`0x4180`
VirtualAddress	`0x13000`
SizeOfRawData	`0x4200`
PointerToRawData	`0x7600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_ALIGN_1024BYTES` `IMAGE_SCN_ALIGN_16BYTES` `IMAGE_SCN_ALIGN_1BYTES` `IMAGE_SCN_ALIGN_256BYTES` `IMAGE_SCN_ALIGN_2BYTES` `IMAGE_SCN_ALIGN_32BYTES` `IMAGE_SCN_ALIGN_4096BYTES` `IMAGE_SCN_ALIGN_4BYTES` `IMAGE_SCN_ALIGN_512BYTES` `IMAGE_SCN_ALIGN_64BYTES` `IMAGE_SCN_ALIGN_8192BYTES` `IMAGE_SCN_ALIGN_MASK` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.64425`

Imports

ADVAPI32.DLL	`RegCloseKey` `RegEnumKeyExA` `RegOpenKeyExA` `RegQueryValueExA`
KERNEL32.dll	`CloseHandle` `CreateMutexA` `CreateProcessA` `ExitProcess` `FindResourceExA` `FormatMessageA` `GetCommandLineA` `GetCurrentDirectoryA` `GetCurrentProcess` `GetEnvironmentVariableA` `GetExitCodeProcess` `GetLastError` `GetModuleFileNameA` `GetModuleHandleA` `GetProcAddress` `GetStartupInfoA` `GlobalMemoryStatusEx` `LoadResource` `LocalFree` `LockResource` `SetEnvironmentVariableA` `SetLastError` `SetUnhandledExceptionFilter` `WaitForSingleObject`
msvcrt.dll	`__getmainargs` `__p__environ` `__p__fmode` `__set_app_type` `_cexit` `_chdir` `_close` `_findclose` `_findfirst` `_findnext` `_iob` `_itoa` `_onexit` `_open` `_read` `_setmode` `_stat` `atexit` `atoi` `fclose` `fopen` `fprintf` `fwrite` `memset` `printf` `puts` `signal` `strcat` `strchr` `strcmp` `strcpy` `strlen` `strncat` `strncpy` `strpbrk` `strrchr` `strstr` `strtok`
SHELL32.DLL	`ShellExecuteA`
USER32.dll	`CreateWindowExA` `DispatchMessageA` `EnumWindows` `FindWindowExA` `GetMessageA` `GetSystemMetrics` `GetWindowLongA` `GetWindowRect` `GetWindowTextA` `GetWindowThreadProcessId` `KillTimer` `LoadImageA` `MessageBoxA` `PostQuitMessage` `SendMessageA` `SetForegroundWindow` `SetTimer` `SetWindowPos` `ShowWindow` `TranslateMessage` `UpdateWindow`

Delayed Imports

1

Type	`RT_ICON`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`3.80145`
MD5	`738fa3de7999df31d69a6c30bd1b6f6a`
SHA1	`480bc8fd503bacb38e985e8ddfe27807853e1e50`
SHA256	`e76c2ebcc6aeb314c7f475366910a12a003abf7bd3b2b36913873271fc64bddf`
SHA3	`685ef3e7c002f0b0c9817df8b4a361d00123b7099acf6a88e211f94056aaaae1`

2

Type	`RT_ICON`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`3.47232`
MD5	`bbfc5869250ccbc9fa4cd2010af117a6`
SHA1	`4910dd28ce4b29c365e170d9da897a36f2741bf4`
SHA256	`fe60498c45be24505d5a21ca35f80e87bbe083e8f7785816dc9c5901ebc2134b`
SHA3	`8b108fddb4cd74ef45534a5ad2b92e3d80a9cb2007a9c722ddff21e4262b3cdf`

3

Type	`RT_ICON`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`2.75327`
MD5	`bdcd170fce8de9151841c57ea22a721d`
SHA1	`0aff30b55aab8b0dcd81553f8b6395d3d05d5527`
SHA256	`2a8493a60dc933637b537e8ad02778b9b7a6667a21def919c4a08ef2f88b21f4`
SHA3	`34160c75f780e23e6b91beb6d7c3ae86bb054713a26c5de790d11a55457659a6`

1 (#2)

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x4`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`2`
MD5	`f78a322a63aa3bd299305599a9826ee2`
SHA1	`3498eb2f285e0fc8d68226883412f4cdbbd5a55c`
SHA256	`35384b811749ec3f016ea678ffba8d54ba0580cc15cfbed0a2ebcd9c3ab6ab15`
SHA3	`e0940af06f45e4ffe7dc68ae340acee07242bd73198a959b6879851b4a9635ce`

8

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x2`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`1`
MD5	`5d0b26628424c6194136ac39aec25e55`
SHA1	`f3e84b722399601ad7e281754e917478aa9ad48d`
SHA256	`075d3ddf5a3a826e13a92288e853bc4b2cb17fb05367ae865f401a4bb11f05ce`
SHA3	`edd9a75065afa5bb8908de22e7dfa82223ae1d6c8bbb66aca0162116d631ac33`

15

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x16`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`3.97057`
MD5	`1534692ffa9ea418d8648d818102d8a4`
SHA1	`84a35dd993a368e068ecbef9d06d83fdaa2d3b66`
SHA256	`b60dabebca1accbb384e8929aebd9733146aa618c7b965ed16162240afde8318`
SHA3	`b3fbc3ad6d26a5146948c5e139b64c12db6d0313a7ed64a977e1ae3d2af2c5d4`

16

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0xed`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`4.49576`
MD5	`880d3a15064cf29bce37edf0f5ff94eb`
SHA1	`f7a85b6a3905050d7fd43f8e2c67f84cd96413e5`
SHA256	`d0250a4d339ab8bb45dc5848252506d97e096b96f2dff6051644aebb8bf713f2`
SHA3	`85b1a6a9680131267f0e2bc1b221bef1b67e18c503610ae4b809c68f4631ac0c`

17

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x5`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`2.32193`
MD5	`cc04a27b7e4921cad6340357dea87002`
SHA1	`6327dc7237d67e8099089dad4c84c2cca4992e06`
SHA256	`debc2f07db78d52d2def07b7bc620d7042367501d9439a62ba09b559a98e0957`
SHA3	`2dbccc2e90fcda82baad7a2059c60bb370e6c2e41815ec714c412cb32a3c61e8`

18

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x2`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`1`
MD5	`06d49632c9dc9bcb62aeaef99612ba6b`
SHA1	`e91fe173f59b063d620a934ce1a010f2b114c1f3`
SHA256	`e79e418e48623569d75e2a7b09ae88ed9b77b126a445b9ff9dc6989a08efa079`
SHA3	`7152cdb440cd72bbd4745d106c162de0c3d783a2b06a571256ee4ad66f1593f7`

19

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x56`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`4.956`
MD5	`10d28935d870968b6e3ad9c3f0724574`
SHA1	`1f1faa7eb4b3c09023bb90cd993d7c4919299f04`
SHA256	`18bca626f3c45b3b771dc705b79b54b98ce46a3540e8dca25153a36b42998b07`
SHA3	`dd6603908633462f0b82bc695019ca2b8fc7f5e616e6ddd2c133e84f8a38eaef`

20

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x3`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`1.58496`
MD5	`00ccbaa75e32b1a555509ae4aa03970d`
SHA1	`b8d2d275b8e18b128218e64a4d6494a97189c8ed`
SHA256	`91c2a5652b88665d5de623e946a59451f7527d2c704c30a5650cc10bb225ff02`
SHA3	`c624bb3c48d93e0c92d7168ea049495ea4f8f3917334ee727feb661a39811f48`

21

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x19`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`3.91327`
MD5	`40828d3ff7217c7a65861dc59f48eca9`
SHA1	`a470be8b8d8b3930cef57d07be5b6ccc158652e3`
SHA256	`2ef475f4ca5d04abd8ffcab4dab7afb4c6fad4b5a9e81956d3df612f34829841`
SHA3	`403b412d02be21161a191d0185c371377a597e0cab01375f50009a2694e19616`

30

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x2`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`1`
MD5	`6d5ababb65e9ff214b73e891b4afe6e8`
SHA1	`21ed4c7af50d987589a9029fc0422151be3a0fc2`
SHA256	`913da1f8df6f8fd47593840d533ba0458cc9873996bf310460abb495b34c232a`
SHA3	`61e11a19c7042bb4f5acbce11a6a1540fde023ffcfe584d31dfa2ae51b782e10`

101

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x32`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`4.04307`
MD5	`5543dda0068cad802d1a66943873faf3`
SHA1	`927138fcb8945141429e999e92f5cfbe50082cd8`
SHA256	`4ef9e51eb916d15bf8901e8ae324390cdedf728297a729d0fb823964730801fe`
SHA3	`b06418d850e2e0fcc623d3d85e663444a69583ac633d3fe67e836b2ac2390da5`

102

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x73`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`4.26779`
MD5	`4157a3879e12b81974d71bfe806af19c`
SHA1	`60db79ba441b6900047412fc68a0c543f19210ec`
SHA256	`42acb5929f9230609c7492b908b1e2651edc62eb762246f96c89a24da68aafe4`
SHA3	`7cd2c223212e273e120389f395e9c49c39174ae3a153456ddd693fc62f13459d`

103

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x35`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`4.14776`
MD5	`de13262b91fa9ac1a9a1119dcfa949af`
SHA1	`52b6eda6148a9802ccb4c7d8e35cd2a32c01aad3`
SHA256	`0bf65805e92c10fa89fbeaf313dedeaaf166f8f8cee5827f7478f2a7d4c3bd9d`
SHA3	`50cc4ec50a982a8afc58491e28132f174f86399f71f563d6857394e5632718e6`

104

Type	`RT_RCDATA`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`4.11008`
MD5	`0098ee1e5282941a123051f1d9056aae`
SHA1	`253ae65f8a2a8d7e3a4135985cc8814739204897`
SHA256	`a9c88a2082dfa1f26c8ee0d9f6f58ad42142baa0f111d239011830a847fea5c5`
SHA3	`6a7e8eefdc45dad04fa11e5ea59b3b0dfbeeda27c6b3d93d8bd862091949881b`

1 (#3)

Type	`RT_GROUP_ICON`
Language	Process Default Language
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	2026-Feb-27 06:04:30
Entropy	`2.45849`
Detected Filetype	Icon file
MD5	`409e1724611e0bc39356e2f58888db55`
SHA1	`c06c0e66cc2f7956256e2f018aa0294bfa914960`
SHA256	`6ab18c3b81a5d30c5a190a4504cae807d73b1a4d02d56ffddf641abbb62b7210`
SHA3	`315b2ad40793f4ef885ff4c878169b02c62f619b57780a98a76c8538cd0ee5c9`

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!

Leave a comment

No comments yet.