Manalyze report for 50a5c78ca2fb6a0147092efdb1952ec6eabfa7d95ee44fd796c547795ea4d614

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2017-Jun-08 02:02:58
Detected languages	English - United States

Plugin Output

Suspicious	PEiD Signature:	`UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser` `UPX -> www.upx.sourceforge.net` `UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser`
Suspicious	The PE is packed with UPX	`Unusual section name found: UPX0` `Section UPX0 is both writable and executable.` `Unusual section name found: UPX1` `Section UPX1 is both writable and executable.`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Memory manipulation functions often used by packers: VirtualProtect VirtualAlloc` `Leverages the raw socket API to access the Internet: getaddrinfo`
Info	The PE's resources present abnormal characteristics.	`Resource 1 is possibly compressed or encrypted.` `Resource 2 is possibly compressed or encrypted.` `Resource 3 is possibly compressed or encrypted.` `Resource 4 is possibly compressed or encrypted.` `Resource 5 is possibly compressed or encrypted.` `Resource 6 is possibly compressed or encrypted.` `Resource 7 is possibly compressed or encrypted.` `Resource 8 is possibly compressed or encrypted.` `Resource 9 is possibly compressed or encrypted.` `Resource 10 is possibly compressed or encrypted.` `Resource 11 is possibly compressed or encrypted.` `Resource 12 is possibly compressed or encrypted.` `Resource 13 is possibly compressed or encrypted.` `Resource 14 is possibly compressed or encrypted.` `Resource 15 is possibly compressed or encrypted.` `Resource 16 is possibly compressed or encrypted.` `Resource 17 is possibly compressed or encrypted.` `Resource 18 is possibly compressed or encrypted.` `Resource 19 is possibly compressed or encrypted.` `Resource 20 is possibly compressed or encrypted.` `Resource 21 is possibly compressed or encrypted.` `Resource 22 is possibly compressed or encrypted.` `Resource 23 is possibly compressed or encrypted.` `Resource 24 is possibly compressed or encrypted.` `Resource 25 is possibly compressed or encrypted.` `Resource 26 is possibly compressed or encrypted.` `Resource 27 is possibly compressed or encrypted.` `Resource 28 is possibly compressed or encrypted.`
Malicious	VirusTotal score: 3/71 (Scanned on 2026-05-11 09:34:29)	`APEX: Malicious` `MaxSecure: Trojan.Malware.300983.susgen` `Trapmine: malicious.moderate.ml.score`

Hashes

MD5	`8b4fcdc2456acd4125ccfe70ebddd904`
SHA1	`df3b60217067060c372dc8b40f878d6b1558c2ff`
SHA256	`50a5c78ca2fb6a0147092efdb1952ec6eabfa7d95ee44fd796c547795ea4d614`
SHA3	`8cbdc5876d7209f0f89b8da428c788aed5b135e0cb32adb9e472fea5d05378c7`
SSDeep	`24576:yK631WSOq/nxGoDz+CQ71lFL2BJr/DTh5BAqUj:yFzO2Rz+Ci1j4DDTOR`
Imports Hash	`36e54a9caca9717a202d5ab60d8f311e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`3`
TimeDateStamp	2017-Jun-08 02:02:58
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`10.0`
SizeOfCode	`0xce000`
SizeOfInitializedData	`0x5000`
SizeOfUninitializedData	`0x1a3000`
AddressOfEntryPoint	`0x00270660 (Section: UPX1)`
BaseOfCode	`0x1a4000`
BaseOfData	`0x272000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x277000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

UPX0

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x1a3000`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

UPX1

MD5	`7bf01785249fad691b49a40f80524752`
SHA1	`8fad2120126c9bf19415753a0f8dbc53260f283b`
SHA256	`ff475719df147575e8b4f431bf986376d6d7b23720026a0c8678bb767cc5a1fb`
SHA3	`363bea69c5032f7dba2a8ae8e56cebd7317cdf5a742f1ba07dba51a93f920a1c`
VirtualSize	`0xce000`
VirtualAddress	`0x1a4000`
SizeOfRawData	`0xcd400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`7.99961`

.rsrc

MD5	`aa1ce9f5f54667e8031464fe3df3f947`
SHA1	`00fcce1e0be5bc01c9dc126e7541469d012164ae`
SHA256	`0c2c815e6180d5118804232e272cb7c4938fe8edd837f47564e11a4419dc8dfb`
SHA3	`21d4de081b04301ccf051daee836247f095c09da23f41bfb0314a58e9f358f48`
VirtualSize	`0x5000`
VirtualAddress	`0x272000`
SizeOfRawData	`0x4800`
PointerToRawData	`0xcd800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.58159`

Imports

KERNEL32.DLL	`LoadLibraryA` `GetProcAddress` `VirtualProtect` `VirtualAlloc` `VirtualFree` `ExitProcess`
ADVAPI32.dll	`ReportEventA`
COMCTL32.dll	`#17`
GDI32.dll	`Pie`
ole32.dll	`OleInitialize`
RPCRT4.dll	`UuidToStringW`
SHELL32.dll	`DragFinish`
USER32.dll	`GetDC`
WS2_32.dll	`getaddrinfo`
WSOCK32.dll	`WSASetLastError`

Delayed Imports

1

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.34274`
MD5	`15182d84940df194d0b0364b2879d948`
SHA1	`a54841ebe4ca793502f00ed295204c165baacd48`
SHA256	`b3f8548cb6f01f3cbc9122e956a0740fec3c05976e1444d1a625ab5949c5c536`
SHA3	`85e30a9776471f115099aaff5f60c20cf631c5e2ec67234be20ee62702bdf75c`

2

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.25263`
MD5	`061e53d16fca8768473e6823785b01bc`
SHA1	`6d6545c2c066f1c55a6934d87650456e94e483d9`
SHA256	`82065dbdd86aa3279c07881f7bb26f674e0e0cadb72afce9c8f984d06013a86d`
SHA3	`3d2e759240aee9391bce3d324c416213f964fb7b821dd6406b279241bc3e8780`

3

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.32558`
MD5	`e105aa3bebf9c3c6a1d24272b8ca4b1b`
SHA1	`5f99c211776bdb7c084086866b1aefc1d485f604`
SHA256	`fca2edeb198a6ab76bd6faa4be88d6659c431e50991b5ee68233899cc1edf4d8`
SHA3	`6290b2b2092fd4d2aacb3cf6ecbfdec7d48a8467d631fbabef1a1d1daf311b19`

4

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.38423`
MD5	`65437af94b0eba19abd2f0e297dd2069`
SHA1	`ef3efb563ca3495d10faabf9ab7695a6ae176cc9`
SHA256	`24b486b0da35c7f6c53207cb8c7be6d8426480933add2335e7e8e61ffb88b633`
SHA3	`d1f0d286a480d0564067c47b99de128f7877a8bce97096440d437284184c39b6`

5

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.2816`
MD5	`11cf6fb8f1eb2c56f82983f49655d9c4`
SHA1	`c58d69fb4a518821161bcd2b4f8863aeb803066e`
SHA256	`269fe830c2dff91f06ddb7db584b42f692abe0766175637b8c1981143f5117f1`
SHA3	`49efc6bf707c8eb90f3596a05ce3784a8085ce90d1aa145b9eaf51d1da745cbe`

6

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.34155`
MD5	`58d88e9623b294622c8fab73b8a3d5ec`
SHA1	`40469afab0c5f376d004eced345df8a7b4d2dc59`
SHA256	`6932bda340cfcca3293055fcc6b22b27e423ab1c69051c09712fc8686a476bba`
SHA3	`b4295e8e4347ee3952d54d82947e68d40c42b03e99d75351c04f99eb256fffad`

7

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.40085`
MD5	`5e3b49a31770efc1d11a0fcfcad5a6fd`
SHA1	`6889832e15f1dbebd56a594209fa7fefdce66823`
SHA256	`f54ddd97f2ef534bccd063e85a63f76679730349a78300264c6ea0b8af39d8aa`
SHA3	`5fd6f64530984d1b86a4187357caf347cbffeb2265929fc8a1d1ab0c39c32e49`

8

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.34858`
MD5	`9e5bf6631f61700a9ffb6d82857c3bdc`
SHA1	`f52ac070f573ac0fe6f9c3343a4a2c51974f835a`
SHA256	`c9c68637a925dddeb7ee84ae0f2f08da94746a1eea1352ee6488f0ff78bc583a`
SHA3	`004b198942ac6fa28d95aece6b02b4fca27fb14d004b8dc2e53bb24ee1470703`

9

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.3173`
MD5	`0962e33cf75474f935d8a0599917191c`
SHA1	`2fc9d3ee4edf8fd1643fe2cfc279fcd7869a3c18`
SHA256	`aece131f3521df06cf11f6eabbf304a2f293cab62d8ac683c3529ae564994cb3`
SHA3	`06edffc82c275f2a89dc20f462df70da628d6a39a1f979e4cdcb566e7acd78c1`

10

Type	`RT_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x134`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.30014`
MD5	`aa015761dd294db60d61712ae5268c98`
SHA1	`cb2e4039afe22e91dfdb16ee738e636ed6f9bc20`
SHA256	`e3aa05f5889af890ab2538913c315f588aa5d4c1360f2f0897722a27b8fcad79`
SHA3	`1bc073f067a7b1d3c93a46245b1b375f3d427fafd683a73867c3dbde640cbcbe`

CSQUERY

Type	`RT_BITMAP`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xc0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.91023`
MD5	`475b99c7062d7f3e73512146d41c1c5b`
SHA1	`c2c92cd11bf37f6babf74230a1daaccc29d8b16f`
SHA256	`883fa342a059c1bd083b439ddc6d0f350546ae6c08090cb17a4173008cea09bc`
SHA3	`0873d47311cb152ef2c8d9c133f27e7110bd3481e8cb5574a057575008a8588c`
Preview

WXBITMAP_STD_COLOURS

Type	`RT_BITMAP`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x6c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.44461`
MD5	`6671cddc8a74cb9f6d318a6693564f91`
SHA1	`dc91edcc7378653fb84c7c9a9b57eca1c520ee4f`
SHA256	`34eb9461815a0bd1e387e42d42d2c84b202b6e440a586ded24c8f5e03cb22ab4`
SHA3	`f7d90384dd8c376bb90711cdac6c2e465e16832865205a54911b13b8a070e90f`
Preview

11

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.73686`
MD5	`51b0004868a559cc290c28f2e8ee6aa2`
SHA1	`a524e9af3f7c5c390043cf3630bee514570f418f`
SHA256	`4d67b867f3c519e10411540e883e077c75e98ac7177ab86004b8aa637ee619a8`
SHA3	`51286d020d2048b28d11cd937c830c21a6e57e8139dcb50e3a3578ca9370f1db`

12

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.26499`
MD5	`e38fe0c704ac47c8a51cccfb79b68942`
SHA1	`a3578368374e0b50c80de12359e2edc433fa3a21`
SHA256	`07304298853d171e2d3fd923ef0fb16113adeb53541c09346a690f7838d85a23`
SHA3	`15611c9119cff24fcab6d6c5eae580edcb15f225aa6d056c6c6c4a60f847ec7e`

13

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.88031`
MD5	`3f5392485a651f595fc9d5d49bafbcd1`
SHA1	`26f25f88d0d7fbcefadf4e46dcaedbe7cb88f5e3`
SHA256	`6c4a24f970f145cacf72519d08cca4059a893d477d1c4b83e6eb2368db81960d`
SHA3	`a043a1606262527d77e456e2e455b5cb419058796230780149a0617a90d51c14`

14

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.22232`
MD5	`a13af5ff474dd213992444fac32bc7dc`
SHA1	`1f9bdbbce749f804d0dfd4cd8dd1f3e7da7a78b6`
SHA256	`396369587e20b42fba4cb1927f3921be746eb08b9bf9a00ae0933cd44d39a7d0`
SHA3	`a615aba4fc2db1f3000b9b01eee1b33ec0a871ef7167a3e5711cc08784ec28c0`

15

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.86155`
MD5	`1822de376fb84b40f36efc686d94d7ec`
SHA1	`f55f99388e1922bb4ad9b3f7ef6dd92450094a05`
SHA256	`1b39ea3d3c32957a744ba370010138cbd383c492f149487e1eb61ae8ae651475`
SHA3	`7f28b9806f457bb09f55a76a14007636a2367237e8c90e0fff27c63d0fe2606f`

16

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.33068`
MD5	`f2d98e457ab90b0adaa545fcdf973185`
SHA1	`3aa0c4e4b1f1cd2da584b08a45d741e964d1929b`
SHA256	`e636907f880c17c8d1cff060cf5fcb747d7127d301716f3751fbe1f4b01081de`
SHA3	`3514af4d1174eff5c45e32d81dd34c1c20aebef91cc57910b10d438fbec51ae4`

17

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.87036`
MD5	`3deb7a63b935acb8d1b980f9ef3216fd`
SHA1	`3f6d8f769bde7d3c0a0cd0dd7645712d9f18d3f5`
SHA256	`6b6df9809ac3d222a1e42d6901bd43f1630f1690bf71e6d49625718bff5423e9`
SHA3	`c7ff9021b3eca4596d750821971517d437910bfdf0192ae85c64e905fdae36f9`

18

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.22223`
MD5	`72173e2b9657f2ce45fff761f391ba78`
SHA1	`da532b15afd722d6d2c9188edb38ac6ee204f219`
SHA256	`8ccfc4e2456383d5b3d77ccccf085c8dc2543a862cc214a2a4779885e3b0b682`
SHA3	`e7789b47e470f0b211ffbaf2abcbe2d777230c3f1a2fc340e03c2a6c0b996fab`

19

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.8667`
MD5	`7b8daad3de6f7be32b0906739e80ef24`
SHA1	`2ec6c3df73e6bab0d55b1a8e0f8d40ee96493d07`
SHA256	`a71c1aee30931a8055312f1770331a0db64eec35178d33b58fce2d31d790e43b`
SHA3	`70f6665cb04f8b6387b9a53d5f2a42a3f4a99b6d1e9349165be5eff39e4a6e00`

20

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.33591`
MD5	`d3611d38a7db33c7f3a23807c53e9d8f`
SHA1	`9bea3dcda782288feae4f0cad5bd77796d807867`
SHA256	`69d9cdb29926c93b29668973dab0fdcbaee63ce74b5eb0b25bc9699b2adec17d`
SHA3	`4e503e84609fb37426109169eb5c5afb7071507fe81764bca3ced3c6ddbf7142`

21

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.86688`
MD5	`9fbf3837e709f48c5db163a784ef211b`
SHA1	`9df05fbea00d68dbd41fdec63f8711ec0a6de04b`
SHA256	`0b85ce2b75899bb91e09b3b9cf9d0d9e8a4799f6600b8fd9709fcb0a5fb6ce90`
SHA3	`546b08cba6ffaa6a1faef2c63c320d31c0d41f5e8808d40c7431511293daf189`

22

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.27085`
MD5	`aa3ce619fd575f0dc0d9e169df38a58a`
SHA1	`ff78a46eed4a437b5548ea16fc3f360cb557e361`
SHA256	`a8f53e51df9dbdc3784a06432457e7626424c344ee98d943a050f6bcbf008460`
SHA3	`9f382c4681fe4b720efa2ffb5bd6a2b2605b9860c979ec0a69480dcaa59047b6`

23

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.85232`
MD5	`19ba93428aa20da41751d441d825b75b`
SHA1	`5eac691ee755c91567d0e6edce8ce8ab53422505`
SHA256	`94c6b7f1d16d9111d27ca48d56524a3dfa16225f4032021828d8ea360b19c50d`
SHA3	`1b9ac42b430e84baaa3a333626e29b25f88f726bba58b797beff0c7a6dd67c6c`

24

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.35605`
MD5	`5ca027a0a5ebc6eb885adc321a14ce61`
SHA1	`acac5776034cc4960e2da2fa6c6c8c922f31d5fb`
SHA256	`eb4c8a31368bac378b9c42454b43be896bdee0c2a710c537b97d69808311f36a`
SHA3	`eae90f7d0bea2c30b007731fe466895c7016f26a799a0ddc395372b545211508`

25

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.84462`
MD5	`e867dcbb4be836242ba48675c639f6b6`
SHA1	`01204a5f2e4517a1f01a5d5186da0190d772f252`
SHA256	`8ef512f19a57daebf5a869cb0ea07575885904332bfdaa873947508ad691f881`
SHA3	`aff7a028d1ff4089d990f09b5cbe059b5069b4ad13897f85318c92a7067dff2b`

26

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.3113`
MD5	`364369ffbc1269741afe613318ebd972`
SHA1	`d453a1b90a72545b7ffa16e63b2af9a90d2095c9`
SHA256	`f84e956acc9927c372be559afd2c7fa1b5413391a1a4bc2bd5ab7164824c7dcf`
SHA3	`6a0976ca305da2fbc80fc0ae0d26476d85f1c2ea3227162a1338917244d05894`

27

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.84973`
MD5	`1354e14f03187afe94d619d715f52312`
SHA1	`e4f64acdeb91c8e680a33ae9b49565325406ed37`
SHA256	`51b818442e8fa8b58fba6585fa36ebe4b8e90e66ac3f4cd3bf8209277851732e`
SHA3	`761b13e4fafd0d1df5af24f522c34d03b838cd6f6909ac96cb7bdfd29c469122`

28

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.2785`
MD5	`46b081b0fc54f70749af79427b45724e`
SHA1	`283d52103706b181bfc67d84f9d3a2db426c9371`
SHA256	`13c86518f1b16da49529e73f38f147514151a6f8520564a24e0f31695d996b79`
SHA3	`58aff26be96d9766f04869cc188531f68c61aafb67efbfd0419c64a7509f3055`

29

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.0033`
MD5	`f6dbf1e97ff79210ff93be7c31008d5f`
SHA1	`ed1d614cd786ed996aadb3658fb9bae46f93e1b7`
SHA256	`40134caa1a3044db5ddf95b222017572b254fbea2e3435a4808385817c14a248`
SHA3	`2da0e8af326d21447472a4e6fea3fd88d03cbae08d8b44544ffcdc5a45746efc`

30

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.27408`
MD5	`37bb73cc5230ee0bc413036717d04baf`
SHA1	`7bed36c4291f5221f2f079eba10b991859dc58d3`
SHA256	`c92179681abad2102589877b166f9b6c01731564d6827a6d40a76f1f32f6b10a`
SHA3	`b3dfe185139714bc7a5b4add8458ba1133053c176e59cc5edd9668f827a728a8`

31

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76521`
MD5	`f4166a273ebe7349387c101b17fd7609`
SHA1	`1cb68fe0b054e2bfd6c3ddab6deb3f53555c75fe`
SHA256	`843515878eab8fc26a96d5d27302cda26fcd6cc26dd52aecca560cbeeeb18966`
SHA3	`355ab5cf6ee9631d433aab14b4edd08885573926d86bc5eb05c0bc3345545ef3`

32

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1628`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.76819`
MD5	`1d78d5151c4a0e799a8b125113190204`
SHA1	`06657375b5754ff314ee8f95aa7eb964ea7f4b2f`
SHA256	`0599cec01eb1697f41ead855a68ab66aaa4a2636819b81c3ddf04b0a2096b3c6`
SHA3	`1813b852af866a2545ae58b347897fec50832341397e9932b493fbcb69b736aa`

WXWINDOWMENU

Type	`RT_MENU`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0xb4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.882`
MD5	`529f49be31f1e8bcfff0adb6706db6c6`
SHA1	`ba6d1ee3278ab24ab16a9fbc42b2b396766e4be4`
SHA256	`fa00cb2910c2bc1685e58da4644b35bf387813874f54467eb38a8435bb55a46b`
SHA3	`2019d68c5d8ea999471facadb84351385cf4eba7145f9f5db669d787c566bad5`

WXCURSOR_BLANK

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.22193`
MD5	`962d4d0ee0fc3a8db0a318bf9e4f0616`
SHA1	`907a757653bcaee463dff37056f5a65daddeea48`
SHA256	`674130167dcd03decedbf7b395c27da3f71e2d6ef5f1542e9617a5e12d84f47d`
SHA3	`5b32682c2397f6a22e5c620710a833bdafd3f84dc8afce26d3e6c0021cca6fc1`

WXCURSOR_BULLSEYE

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.22193`
MD5	`8d48517db32f8a857a9324ba59c1dc93`
SHA1	`f02cd95e9bac00bac6d76468f053fc86d587ffa4`
SHA256	`d7d8517bf91e74e781e5ce04974b34fe2fbd815d0bb093f41a333999efe2c5a4`
SHA3	`7562267d9b1aa20be64ae99eca490aaac6c32791d7f370689767f921ac22f01a`

WXCURSOR_CROSS

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32193`
MD5	`5637a74f5d20e1d5aba52d468612e4d6`
SHA1	`b182734cec6bb789c91455fcbca6d10f88b4309d`
SHA256	`1fb0252ab7a120e17efa4a8f1c21c8e2ddb0a67acae4755fac766a77d28f8082`
SHA3	`6de2622dc0171c886ec7c95319bcb1bce60652b88feb9634ebd83cb2c7b1a3d1`

WXCURSOR_HAND

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32193`
MD5	`eabdadc9e9215cb0b7754d4e31b81c3a`
SHA1	`19b2d9b863825e1d01b378e171dab2c686babcb7`
SHA256	`89cd684ce903a8c4b5b4469ce257af8f265262faa70d4308eed4fc8a9a60a2ec`
SHA3	`e6b160f74d429d830b7ca44695c71a41aaab5eb3584a4d3405a97018d7ef6abb`

WXCURSOR_MAGNIFIER

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.32193`
MD5	`ddf5b717b5808975b33da19dddf120f0`
SHA1	`870f07316874d714c063d34ad31bd4217ea9693a`
SHA256	`9b9ac180bbbeedc091c6e8154678f7d92c4868f3f24ff766464485bb1c864017`
SHA3	`678020622637302412021eb9a2636abc18d78a4e89ba4569c5f75b374d559de5`

WXCURSOR_PBRUSH

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.12193`
MD5	`becf4cead642df71dee436b164e6774b`
SHA1	`8a9e577a516a1b61acebf46de116a453e00de9a8`
SHA256	`c6f9d749cb5a3ebd8e3c877c64cfb9428659b5def33e7c0a55c7e093aecc72d0`
SHA3	`07dcb78e65582a40a2a8fa41dbf6830e401720b36276e8c384961a7e6e106986`

WXCURSOR_PENCIL

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.12193`
MD5	`9e8d49c6d95eb56184cd67691136a9f9`
SHA1	`68b6deb0d4f5f1319515f57deda0984d83c846c0`
SHA256	`2949c71a538e275a29e91027ccfd5085fb224d034ea1b7045879570f74c21eb9`
SHA3	`de4515697d09efedb2863ea76f39e617b7c2d3c19918e62b39deaf932a1f2b4a`

WXCURSOR_PLEFT

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.22193`
MD5	`fa60a030e3cdf4a8427b379eab0f9dd1`
SHA1	`356da7ad7e5ec77f7221475741ab0bc546cc85f6`
SHA256	`56a0e4711df9e3828e2675c620b55c7ae92002e46122482a4bcba2aa6fb29de7`
SHA3	`91567e25cbd2b10512e4e4d0d1542334657263b64443bda74fdbb162f4c2ac5f`

WXCURSOR_PRIGHT

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.22193`
MD5	`91272f5a6f39621bdfca7a051e7f3ad6`
SHA1	`ebd84a3545e3c6be33c5ffcb89741bb25ff9455d`
SHA256	`6b56a05742432364e5a16f083ee21cd8f963c15ce3b9a09eba71146a04f36e66`
SHA3	`fcc03b5b344c7d2d5a641af0a5a5b94e4ace2c7ef381c538a4f88689784f654c`

WXCURSOR_ROLLER

Type	`RT_GROUP_CURSOR`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.12193`
MD5	`dab38d587cd674eacc58b55d54faa024`
SHA1	`ddd1d9a5181a860a32b5f48d688cbe7fd06acdfa`
SHA256	`535e070591dab319f5c5458559c25de1cc2228cc5e904123927f0cf4a42b477d`
SHA3	`0a3c5e9e81f0d9348f09ad6d809ac82f067754d56532d849103f110ca8a566f5`

ICON_AA16_64

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79332`
Detected Filetype	Icon file
MD5	`4566cfaf78e8bc5e3b9ff37c9a9ded64`
SHA1	`2eea79082ed512513e3dace78863083d6e9f3bfd`
SHA256	`a9e4f442c7b2d362c749a7225c4e824171bf591c67c8f46cb53271c75ca9dfd0`
SHA3	`20b546ddec1a4378acc2839201c32d9deeffa2fe3fcea3b7975ef5cb9f70678c`

WXICON_AAA

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96982`
MD5	`02ef7685cdfe5aac24b16f3eff1b79d4`
SHA1	`affdd807cf85585cd052f27a78e562f22083fd86`
SHA256	`60e4d27701d93dacb666ef4a21e2e0118ee1d2b53d2997ea84b3e71c7504647e`
SHA3	`c1faad4266ca97c589a87f5d50e9ebf9625d2e633b704501d0b51340689a89b8`

WXICON_SMALL_CDROM

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96982`
MD5	`12c01e9124b46ca4e04960d5c2764bc2`
SHA1	`fe14707818d30fe2588c4c86db009bf761ad7b81`
SHA256	`73b4d5fdf4b2f7815f4ed50ff3dd01aa28e9fd1b3410c0bd5b6d2e3a2541f536`
SHA3	`cee8097f586fdbff95598128c0efaa0ddc490dfba9164664bbb734de1901a574`

WXICON_SMALL_CLOSED_FOLDER

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.02864`
MD5	`e708c29b9d37885585c8c09be5eff465`
SHA1	`a560fa33e2e547db7149fb223bb8066ad4278a35`
SHA256	`6b642bf10223cd67e10982888964a4fe610b92ef728db6280a2e375f1dbf1998`
SHA3	`89df47379969efb6739d37b28114c5a23efa5d482a5ba9c3a41a70ffe48f0063`

WXICON_SMALL_COMPUTER

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96982`
MD5	`4c1e40dab099a9db1d10a23120f64200`
SHA1	`aa880fbb9949013f1d1d75f33c6c3a7be63bdb1a`
SHA256	`e96b717a3c077df6b57d328f8e6996733e53342da366cb913dee00f3b4f74fa6`
SHA3	`54d29cdb3f3473241c184a0fdc33757f204898da135741b2615b8022c93a4ee3`

WXICON_SMALL_DRIVE

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91099`
MD5	`4bd0b03d167d31c5faeca6ebf4d7edd0`
SHA1	`0952c5cabba6628a20a6437a4d9237ae404520e5`
SHA256	`fe8e9998a2c47f8cb829af79c771a0724fd296b9a67684a60bffaa78d5870b4a`
SHA3	`83b3fe4111c1feacd07bb5f29a41a49776e87a7e804bc8bd68fa26eca6b94484`

WXICON_SMALL_FILE

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.02864`
MD5	`9a09be822dfdee02e63eb6c049c84aa8`
SHA1	`e6b355f0cd7076bea5b7e6054ff7e301cbda3533`
SHA256	`f769b1a97f9ec4f070e53e39bba6e25d8ffa95b87f3e69eab680ca4e04815d64`
SHA3	`8c1f9f261dba45c63585974b7667d4acf937c7811d9b747f4e9ebace24b2d10b`

WXICON_SMALL_FLOPPY

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96982`
MD5	`d61a6f00a7b79781fc66cb8d57635c31`
SHA1	`caa8439fc69e5d1c0f28654b93b4da6c3cc4de90`
SHA256	`2464f497e66580a0e07dc3aaaf3787732191474d09355915a01c1a5a8732c76a`
SHA3	`13fe77b8d7243482cbbf349aa62484e49c28d87848906fcd5a72ab0f7414bb4a`

WXICON_SMALL_OPEN_FOLDER

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.02864`
MD5	`691fe3ae5fdde0101804d024564d30ec`
SHA1	`9ceb6cb7375de6c89bbe329697251eabe91c61fd`
SHA256	`b35c78736b9d753dccb5da1db8e598e3f2c25ecd723f1a6163ecb90930081e20`
SHA3	`e892359bbbd596c9037f2896d2f914a890cbf5822cad1dd5d83bb3ddb381ccbf`

WXICON_SMALL_REMOVEABLE

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x22`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96982`
MD5	`69314d9785b3aa996f7452b68f202edb`
SHA1	`6d0e56912e96cca70747fe318456a0cce379e5fb`
SHA256	`0156eff4ea90796ffea29379971cc0d74bbda49be7977e6816d68bd6dad5951a`
SHA3	`5c0c37db9f044e406c04229124f0da04ce28e6b6b9327b5160c4a6692b2870b5`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x33b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.99749`
MD5	`b13f45566db033ce6fa13861a25f5d3a`
SHA1	`368eb25490d168567eacd4c5e04aa664d79b56d2`
SHA256	`c75330046a6ee67829e5d2deb873ec2e3360f528ab88f7ee5d9e4bd7dbe6e19b`
SHA3	`bbafe6e51025ecc148cb3a2eb917f1532f167409c9d22f3ccac89c93eb49eaf5`

Version Info

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x615938`
SEHandlerTable	`0x607f70`
SEHandlerCount	`97`

RICH Header

XOR Key	`0x8ff0079d`
Unmarked objects	`0`
C objects (VS2008 SP1 build 30729)	`8`
152 (20115)	`3`
ASM objects (VS2010 SP1 build 40219)	`48`
Unmarked objects (#2)	`16`
C objects (VS2010 SP1 build 40219)	`705`
Total imports	`521`
Imports (VS2008 SP1 build 30729)	`23`
C++ objects (VS2010 SP1 build 40219)	`283`
Resource objects (VS2010 SP1 build 40219)	`1`
Linker (VS2010 SP1 build 40219)	`1`

Errors

[*] Warning: Section UPX0 has a size of 0!
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 0 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[*] Warning: Resource 0 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 0 is empty!
[!] Error: The number of ICON_DIRECTORY_ENTRIES is bigger than the number of resources in the file.
[*] Warning: Resource 0 is empty!

Leave a comment

No comments yet.