5116cc1703384aac88b8d7a3b57f172aea5da32b6df7355fb2f8247d23813c8f

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2025-Mar-08 23:05:20
Detected languages English - United States
CompanyName Ramen Software
FileDescription Windhawk
FileVersion 1.7.3
LegalCopyright https://windhawk.net/
ProductName Windhawk
ProductVersion 1.7.3

Plugin Output

Info Interesting strings found in the binary: Contains domain names:
  • http://nsis.sf.net
  • http://nsis.sf.net/NSIS_Error
  • https://windhawk.net
  • nsis.sf.net
  • windhawk.net
Suspicious The PE is an NSIS installer Unusual section name found: .ndata
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryExW
  • GetProcAddress
Can access the registry:
  • RegEnumValueW
  • RegEnumKeyW
  • RegQueryValueExW
  • RegSetValueExW
  • RegCloseKey
  • RegDeleteValueW
  • RegDeleteKeyW
  • RegOpenKeyExW
  • RegCreateKeyExW
Possibly launches other programs:
  • CreateProcessW
Can create temporary files:
  • GetTempPathW
  • CreateFileW
Functions related to the privilege level:
  • AdjustTokenPrivileges
  • OpenProcessToken
Can shut the system down or lock the screen:
  • ExitWindowsEx
Info The PE is digitally signed. Signer: Open Source Developer
Issuer: Certum Code Signing 2021 CA
Safe VirusTotal score: 0/67 (Scanned on 2026-07-04 18:54:55) All the AVs think this file is safe.

Hashes

MD5 a1a8fbcbde2d70638957f3e69a8e034b
SHA1 8185ffb95f72fc75f0fc4d964b2438b59a1fa653
SHA256 5116cc1703384aac88b8d7a3b57f172aea5da32b6df7355fb2f8247d23813c8f
SHA3 f49da3a11ff494d62e55ddc4faf082cc1542f5e7a80dec9e4a4d40954787c214
SSDeep 196608:xUDfxSCdVYdU5mqmm1o+79m8heSzXuF8hLzG5x6dHH+suqmIaS:xUFScYdUI5kZ9m8hN5c5x6dzuhS
Imports Hash 46ce5c12b293febbeb513b196aa7f843

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0xd8

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 5
TimeDateStamp 2025-Mar-08 23:05:20
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_RELOCS_STRIPPED

Image Optional Header

Magic PE32
LinkerVersion 6.0
SizeOfCode 0x6800
SizeOfInitializedData 0x22200
SizeOfUninitializedData 0x800
AddressOfEntryPoint 0x0000369F (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x8000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 4.0
ImageVersion 6.0
SubsystemVersion 4.0
Win32VersionValue 0
SizeOfImage 0x69000
SizeOfHeaders 0x400
Checksum 0xb09f47
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 afb6c5993570f82e85ec446bbb886505
SHA1 3d96eacb962ab3f739212dac5bffbc1b0ac88889
SHA256 89bbbfc4d2f459cc1a27370026ac5737eb822174462d5d5577d01e23e9065cc0
SHA3 4682faf433c5881bed1095ca4cf639c5f7a9d5d9dff55595f105ffec8f30c8ef
VirtualSize 0x6711
VirtualAddress 0x1000
SizeOfRawData 0x6800
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.45433

.rdata

MD5 e913094d8cceaca6b405bbbb52936387
SHA1 20df51227f19cb63323b43e74e506b2d2a09dce8
SHA256 512cb9ab76c260c6f4f8bb183a3e121f54906dcb42a74cded744aa6f6a330a19
SHA3 7f1ef0d8b4b6df73acc9b3d021673ec2f165f8688099c2a999d75994bfd54654
VirtualSize 0x1358
VirtualAddress 0x8000
SizeOfRawData 0x1400
PointerToRawData 0x6c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 5.0997

.data

MD5 9d011beba2fe64a93f62fbb227cc9c35
SHA1 b6c4c61822b7f6abcb36cbd339f9cca5a4f4d452
SHA256 bdc36db376855e354e892a994ecdad27b11262eb19e548501a68049b0692f3f8
SHA3 cd0027898b2b69e95ffbf04ff0b04a714d00dc112e94d0266e2d5cc90aa7cf4c
VirtualSize 0x1fb78
VirtualAddress 0xa000
SizeOfRawData 0x600
PointerToRawData 0x8000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.12305

.ndata

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA3 a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
VirtualSize 0x31000
VirtualAddress 0x2a000
SizeOfRawData 0
PointerToRawData 0
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc

MD5 6a96b9e18919bf7c3cc2401cc1bceb5b
SHA1 d19d9c0d2d93b9593ebc0e8974721b4d6a4c6d76
SHA256 fefbf98790e7915abc7f44e6a12a0ec12d8d32cd31c9ecd45252f9d63ff18895
SHA3 d4b4c8ef6b1f8c04368e2efa08a5f778dd3d2be51ce26bb8799502607a4e7a5b
VirtualSize 0xde98
VirtualAddress 0x5b000
SizeOfRawData 0xe000
PointerToRawData 0x8600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.52099

Imports

ADVAPI32.dll RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW
SHELL32.dll SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
ole32.dll CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree
COMCTL32.dll ImageList_Destroy
#17
ImageList_AddMasked
ImageList_Create
USER32.dll MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics
GDI32.dll GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
KERNEL32.dll RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
CreateProcessW
CreateDirectoryW
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
WriteFile
GetCurrentProcess
GetModuleFileNameW
GetLastError
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
ExitProcess

Delayed Imports

110

Type RT_BITMAP
Language English - United States
Codepage UNKNOWN
Size 0x666
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.82633
MD5 b6bf70baab40fe438feff063bfb9ff6f
SHA1 7d4659d43e08d368ddacd31945872461c0b06253
SHA256 0e90a9e4b8f3a5bf990e8aadfd8096ad7aeaf1a4e032ac7b6395ce191d61c142
SHA3 cab98fabaf20118d9a8a4d2bcff4383a7291a0e04ff11a8690e71eed619c75e7
Preview

1

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x4228
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.4948
MD5 c18449ba9f9cd20140a096f538708308
SHA1 44630d750a97cb705409e795e957ab2698408194
SHA256 b0a876f0be9821efa7a5f477e4e7d5ebd620c296fe035e1ec037c5271ab61461
SHA3 6018759ba476b2947cbaff84b577be562f9342e67f33aeef74b9d25d122b71ab

2

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x25a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.66012
MD5 22374497ae026667eb89c278bd7b9b5c
SHA1 fb0616a25a305d05c68c7983e4eb007fa43aed50
SHA256 a42161dbacc07b5c0dbb34f8d5911360dc46e49d819f05823534d4c18c53b62d
SHA3 d3eda329ffdac491079bc0a31534f487e75f2b273216175172e38c342bfcb622

3

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x1e7e
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 7.89829
Detected Filetype PNG graphic file
MD5 aa4a25e533351e688aeaee270db4eb2c
SHA1 88ab0fb1dd29a73c0400977c0d4c924a778380bd
SHA256 e00cd341641f110f45d2d6290f85c87ce281a9d6c216b6cfed10021460aa23e5
SHA3 5e9b80e8c6841ebf95115f7eac6e5d4387568ecf083a147ee91588adcb1d9584

4

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x10a8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.92455
MD5 2108a5336400088a251fcafea865dc76
SHA1 f83d09784f906d3e4ba9ec85b49c4649a416d89c
SHA256 86b2010328ca2d7c265c84ad3f33089cda041c415d3cf2c01b1827d45ca4ef15
SHA3 b91231da5859b2c1df699061b5b170808e181c90cf28625b447909da4fb6c75e

5

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x988
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.16807
MD5 4c1ae503cc3b3891584cce400e079b1d
SHA1 2236fe383fee0e64265e3768b790970a23f923be
SHA256 3d468769749863222efe7b2dd72ac5a57b470f5e9dc91bbd1a9dd666fa765ec8
SHA3 015117cb33b9cc0b64cc86d8f24261382e07e6a4a98f33568dbf7e30be29c728

6

Type RT_ICON
Language English - United States
Codepage UNKNOWN
Size 0x468
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.51727
MD5 7e42d607842bd3fdb490091b8f53f526
SHA1 ac41558ff8acdea1ef356faf8ffe0bc284993fda
SHA256 38a866b96ea9411ddd2636f0316b1684e41d0d757d978bdd16bff020a9392afe
SHA3 07e7997b032103b663d8e796f60c5ab5b2453d3765b27b2019aedf3f7330ee15

103

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x120
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.56193
MD5 db6dd0434da4d7cac564518725167e09
SHA1 a65a1367d7cd96450f089a8f8108239bbcea9f5b
SHA256 c50631fc1f8425a95fd1edcc8e730d339e193a38f18d42372c32847a5ad2c016
SHA3 4e3be5455c51e1cb04836e318cb69ecdffd2deadd0f338d4bc985d8f5ca653ff

104

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x118
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.65946
MD5 2000509765223fff4a8221925db89b0b
SHA1 a45e28aa820f8673bb42b668a32dcebe5378249d
SHA256 9dbe7e3450b80b2c3727d80f42af8c4066623f6320b74ce0efbc81c618c9a0b4
SHA3 45470481ab29e521fc06e9e3f41674bd9e62f11181ef475a6e46efee741a3351

105

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x200
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.67385
MD5 d1a92272fbd597e1aa19021483110d5a
SHA1 9f75072682b37c6c52361d8c988ebd06dd003f63
SHA256 15663576584c947d634dab9848defcc7d8f05eb0b7e7c6d52d81eca695fc7a6e
SHA3 704756797695ae34f6fae500852bca70e5066a1d1993348fe40ccf626235d0d6

106

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xf8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.91148
MD5 fa83652660409e90e0db9731ad2adb17
SHA1 0a8f0af67723c87fe26ccf676b8e19ec6357b4dc
SHA256 4a55bd714f5d50cd8eabba10e57f0618f1842717dcfa582d73a917b1933cd1d4
SHA3 5b3e1cb25be7a2dbae4f08f0d4794ed23dbd6ea37a3f9702be12dba588f42a7b

111

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.92767
MD5 1db3e4c32b9560257ddf3506fef9dd3f
SHA1 6666e0c8336456cfacec71d84415c6516e9e2673
SHA256 587a03198c39f990e77691056bb5705e21374281862ce06de94c68172f50f763
SHA3 30ca0affc3f1d2ef8b37f2103db7581caaf88548823fb3ae1d308fae9738dab4

203

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x120
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.84487
MD5 12402b54eddc39fa3dae283957b4eb4c
SHA1 beccbeac143c7c78d7271c20c73df7e797c6224b
SHA256 4017b96a65ef43c2d6781adc75b048ed8568f3068b81ee971154b90886766250
SHA3 d1f0eb13adc7d47e9aa7da0e3a996fd742075668a840e149a5f391955e438793

204

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x118
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.00092
MD5 703e421b6d0638bea1a6207854002c71
SHA1 41e55f58f99f46ee1f24cf835d92d69c6faad63c
SHA256 5e7114d97ed98662c2b61286c6a7e077a56f4c99f90933e086aecf658dc9d712
SHA3 98e582928f504e51ab25ac30f379d5c0239770c6569d595d72cfe6d50d0d3bf3

205

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x200
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.97219
MD5 8862e4aa98b1d5fc07fe6502e91d06d2
SHA1 729d8fc72945f0303e81dd04914b2721e90a035a
SHA256 ce653ba55bd5aaf5ac9e0929603095b8794a10190fa9ac917f204ae6fd697f95
SHA3 a95410994a75373358a9a7e88988f1d6b7585e93ea0b5deda9459bf0ecfed454

206

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xf8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.10966
MD5 1ffe62afd7fe045c34a23ea5c9c7eb22
SHA1 ac211007f1f7a65d868d6e9e658d5ff26dec9c8e
SHA256 184073a317c843cbe92b68cfacebcf5d73dedb538b3f79c048090f3ee5b614ff
SHA3 f34fe335d0a39aedd236cfe40879f6624bc468df8195f5360c1d7267f2bd0113

211

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xee
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.09105
MD5 5aa9a98258c88f84605b67648ea41b1e
SHA1 36a73ceb531c84a91ad653b0c9a73eaa1c5bc1ac
SHA256 46cd6070a212145392b82ee02f02d85f805ab2c5b3c6224c1b06065d905198a1
SHA3 038f8ca6e774a2071b1c1e2a7831ecc39bd3d63d683998baed71ef5bcb56609b

303

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x118
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.64541
MD5 44c009c9e1abc2355198b432965c61ef
SHA1 4c090f75f279e474a9ca4a07ac84935aa769b0dd
SHA256 85f659842e9aa525dc22d0ff4e18e14d4e4ccfc924d1fdfa03d50a0410e6c0d6
SHA3 f829f224ca0ee8e4f9b0c51c79cc819098ab16c3d55912e0c1aade1677d1a921

304

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x110
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.76092
MD5 4b77b4ff97f4f7e650683c639a4c7fcf
SHA1 22a88c50a7309fc131dba78761a3f662511329c8
SHA256 c260baf8fb5f594581bf312f6a140f890f582ab45081cdba3184afc1b202ecdb
SHA3 b50d91eddafba8b4dc1d77eebcb282b429eec2e4ed9b168a5ee8d7108d5b7fae

305

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1f8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.71643
MD5 cae4b9e0d6b26cd47ff08bf9caa17328
SHA1 9ac464bef48ffaa183c841c233b5191355cc0172
SHA256 cb1fbea7e1572cf89436c06cc6f9a8a80b2d373ab34168f507caf6096439059b
SHA3 617c1131b8dc21344105aea8affaa21aec2972b56b8aa95075595d8a95bc8a83

306

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xf0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.04696
MD5 c7239ce55362dabbe3887e5fc4bdf5fe
SHA1 a2908207ffb889a12da3cbdbe7446e04b254e7ed
SHA256 012557f58e68234d4a88df0b713c59800f798ecce19dfd589d326b458dddcbd8
SHA3 34f4adf15b3169820de0c298735a1ea7bc4e5c9737c5baac458a5fbfb356b1f6

311

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe6
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.12655
MD5 dfa579a6118dced788b606485a6f1884
SHA1 bbe189e4f9c250854ff219a65689c57e8240cb6e
SHA256 9ae364ac7c7e6d7563a266c58f8d47e83554d88f125a9d4f22677a9327ba0dbd
SHA3 17a64fe95dd06290ed81eddb5e65206d51d103b703e87b7c580e7c469ef4a434

403

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x10c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.484
MD5 b21b5bb94f7cb7111620ebfb32534430
SHA1 d4fa9452937d98ccb59bdc96660d588a5183bba9
SHA256 eb6f4dac693c6249bb157ef5cfe6057af4088d7bacfce7089e13a85f0661389a
SHA3 08dbbf11ee68c7b878492fecb06c7ac64f494ec1cde2b58149e4a6b1af9f3913

404

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x104
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.60821
MD5 4c6801ae01a238765ebc7c5335952ee0
SHA1 b720df68648578bb2747e474e867e816b2365656
SHA256 b89c944cec2b05f8028dffc0edbc27d185b251d927ac94eb2b4dd797ca3de394
SHA3 26f1c2c8c09f3cc63320b09b578f313542e81643f2211142a36db771d7d8b4aa

405

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1ec
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.61
MD5 6ce2e4ec1c8fd96d2c66f197c0734558
SHA1 709ce74d2bf4eec6a2c2010d8e5599ee481e4d3e
SHA256 a1082eddd56f0def44e4ce3c82b0a9a09cee9dbcb3097ab31d49ff98bcd6681c
SHA3 03ad5128d8a033a66344e19fc7594ff2503089df916d71240295ed66cd032ec3

406

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.86295
MD5 cc0021533c65b44747600689ff5fbd43
SHA1 b1d1e4594f5ad7b08d56a25cdbe6d9b9378e482b
SHA256 ab1e3ad5b5d87630cb0f6a6671c10fe49d9c33839be0d5daeba89ec053dda92c
SHA3 84d6def5cee15efe0091dd2b0c1f1293ccd14684a0736bd33e1c5aa70c3471f7

411

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xda
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.95838
MD5 9f37bba855db60cbddcdc0e9d88a03f2
SHA1 8a7f4fa8924db25494d2a75c75b703121027dae9
SHA256 959acc2fcf9ca7521fd783d32cd82186feee58ad1748c8f4f5debe287e2efddf
SHA3 5c53e66e96aa1ad5883173036a0cb8264659ac69d3652790f99492a37a127079

503

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x10c
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.47654
MD5 888fbcc92ebd6174786b32d45350005a
SHA1 ba4959d06247a07012fbca926691e2e709c7aa8f
SHA256 b98ac97ffc283bc465d34958c79f8a31480c0f98eb44c5e23977bee9ba52b703
SHA3 1ec3fb0c9114bc10f7c71e9bf1d15c48a5e39fd99193dfce3db02c097cbb626c

504

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x104
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.60052
MD5 2ac7a2303882039555ba28f516e8d978
SHA1 02ec3486072d0db4813b4aba8fb88396d689453d
SHA256 5c30f995410de79da0f688e4faa8c570fec75310b00ef9e145b0f756d96f2de3
SHA3 f7734f78091a32e8c4a5f5c25ad9e5723cf6a7e835eb7acc17417e0e86787f1b

505

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1ec
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.6156
MD5 928bbd8e7e4f5c1aebcc8d7aea0126f4
SHA1 254ea8c62c604bcf3be54284a1ee6b8d35864efd
SHA256 f77c0b2757f974432c964c850a53a5b98db6d90ce3862e167793811eed0d1347
SHA3 a27d85d5aa2a3cecbf2a5d9084ed440678e5689b85e4bb385aa74fdc8ec96ff9

506

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe4
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.86626
MD5 8c69d2c81dd2d9050d0fa94df90ff16b
SHA1 cd71d904da747d7141e5abdde9363f7e240b26bd
SHA256 1a39a3aabdee2aa68c507c55ff37c38722b05b7f8bde66185a2462792381d8cd
SHA3 b80b33ab6bf40b07bc32c7a6a11831084f7c97a27dff86d576769d0aab14b979

511

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xda
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.96184
MD5 105b6270da58ec2fde8a18c4d38f6e9c
SHA1 2c7f5a125ef4a2da5c10371fca6711f6a50fef5d
SHA256 f6d446610083806ccee5a86b83c5206339bebb34cf128100f778ce555f0d1592
SHA3 31dfc308051c9e46262913547d7a019d762dceab8c2078a39ddf1636786491bb

603

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x110
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.58011
MD5 088199de88ee4293982cec0b65748394
SHA1 ccce70fc022137c746dfb6bf52cd785b8675768d
SHA256 583b62d87b496612f7e10bf1da5113b8a4c83f0a2155184d03c0b2ec14fb5ed1
SHA3 855ba3bd893d691d7c7f704da34c23efd96142d6deefc65d3bdb0e2968f97d95

604

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x108
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.68954
MD5 a1ae173ce0f239aaa0461cd2aa65309a
SHA1 923fc6dcbae42f7a1c17c0976bc9a82e68ca1b1f
SHA256 bf92707348307413fc9b20ad584de30792f83bf332b4cda286a5f64f665b1a1f
SHA3 e53c8b87c652503e986bcc40bd17d05ddb0e1728fe3c8e5ece0eb7abd81117ca

605

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0x1f0
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.66995
MD5 327c4c7d72cfccbc825db2223fff0194
SHA1 ac964308ef6baa20aa381b269ecad756e98f5109
SHA256 c8908172569e23a001394e98e4dea3f5e1c57e8cb6f1703ec1c9983adbff35d0
SHA3 bd235e490c85fd86b25086046a00ea0d514984003ce377e6978dd87c040a780b

606

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xe8
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.96511
MD5 c33758ab32a791644973dfd60cbf6034
SHA1 ee7eb0a27279d39a959f5d35b6dfd4c18c7123fa
SHA256 6e7bca0054a1785929747807906d8527c2c2a231ca5975d8ebb3a3f98353f129
SHA3 8883e9e9fe2e8e33f0c0a0dcb5c13456e825a62100aa3e10099e225770ecc9ff

611

Type RT_DIALOG
Language English - United States
Codepage UNKNOWN
Size 0xde
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.06743
MD5 3d805e8b1db664350920fa54af00bffb
SHA1 9f35315a83ae85588061c505a0a6524d57aa6f64
SHA256 48fcd7489aebd54872d91bbc6ec188804e3cb27d28597d1879c442bfd6a1f093
SHA3 bf8de8797eb0cc6a2cc5b67a3077c52ee61efc50ec99a50aebb2d6d64d6181f3

103 (#2)

Type RT_GROUP_ICON
Language English - United States
Codepage UNKNOWN
Size 0x5a
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 2.79371
Detected Filetype Icon file
MD5 184305a532727dcaa926de44d2b3d1de
SHA1 a5842698a7a25c258cbce9dee6b049616de570b6
SHA256 0f0fd573b4ba85760bce3628adc1db83a6872514acca4c12db0ca47219281d90
SHA3 a50de12d9a834b1d038d32dad576563b608932fb1658b4cd052d765138716478

1 (#2)

Type RT_VERSION
Language English - United States
Codepage UNKNOWN
Size 0x238
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 3.30598
MD5 c0ec735f2850228fa64a59216f0429c7
SHA1 44523aa2e1da94febfb0f68058e4dc929ac4ed74
SHA256 49dd98adb21e0062acbe06834e8c31345c2140d897b29bc96edcb7915051ae82
SHA3 442d6cb5169883ecf68747410a3d9b223a958e7f7680b3e187cf622d3b028915

1 (#3)

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x4e1
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 5.28663
MD5 13b62e2e98598ecbc4d2fdf40dea724c
SHA1 a84a3df3ac1db8106d42e5fb7bb63020f5047849
SHA256 ff44d4aae84f6ba97316fb128ed8ef98864b761cbefb9ab97cd7142088f6e94c
SHA3 282b1f61c46de05ae3af817f8916e925cb09e2be20b872b2d969bef33e38bea4

Version Info

Signature 0xfeef04bd
StructVersion 0
FileVersion 1.7.3.0
ProductVersion 1.7.3.0
FileFlags (EMPTY)
FileOs VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
FileType VFT_APP
Language English - United States
CompanyName Ramen Software
FileDescription Windhawk
FileVersion (#2) 1.7.3
LegalCopyright https://windhawk.net/
ProductName Windhawk
ProductVersion (#2) 1.7.3
Resource LangID English - United States

TLS Callbacks

Load Configuration

RICH Header

XOR Key 0xd24e50e9
Unmarked objects 0
C objects (VS2003 (.NET) build 4035) 2
Total imports 163
Imports (VS2003 (.NET) build 4035) 15
48 (9044) 10
Resource objects (VS98 SP6 cvtres build 1736) 1

Errors

[*] Warning: Section .ndata has a size of 0!
Leave a comment

No comments yet.