Manalyze report for 67e858aaa1a7fdb27f22acc3c3a80572

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Jan-05 16:18:52
Detected languages	English - United States
Comments	TLauncher
FileDescription	TLauncher
FileVersion	`1.9.5.6`
InternalName	TLauncher
OriginalFilename	suf_launch.exe
ProductName	TLauncher
ProductVersion	`2.9.0.0`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ v6.0 DLL` `Microsoft Visual C++ 6.0 - 8.0` `MASM/TASM - sig1(h)`
Suspicious	PEiD Signature:	`UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser` `UPX -> www.upx.sourceforge.net` `UPX V2.00-V2.90 -> Markus Oberhumer & Laszlo Molnar & John Reiser`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains a XORed PE executable: 53 6f 6e 74 27 77 75 68 60 75 66 6a 27 64 66 69 69 68 73 27 ...` `Contains another PE executable: This program cannot be run in DOS mode.` `Miscellaneous malware strings: cmd.exe` Contains domain names: Certera.crl.sectigo.com Certera.crt.sectigo.com comodoca.com crl.comodoca.com crl.sectigo.com crl.usertrust.com crt.sectigo.com crt.usertrust.com http://Certera.crl.sectigo.com http://Certera.crl.sectigo.com/CerteraCodeSigningCA.crl0 http://Certera.crt.sectigo.com http://Certera.crt.sectigo.com/CerteraCodeSigningCA.crt0+ http://Certera.ocsp.sectigo.com0 http://ccsca2021.crl.certum.pl http://ccsca2021.crl.certum.pl/ccsca2021.crl0s http://ccsca2021.ocsp-certum.com05 http://crl.certum.pl http://crl.certum.pl/ctnca.crl0k http://crl.certum.pl/ctnca2.crl0l http://crl.comodoca.com http://crl.comodoca.com/AAACertificateServices.crl04 http://crl.sectigo.com http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0 http://crl.usertrust.com http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl05 http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl0q http://crt.sectigo.com http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0# http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0# http://crt.usertrust.com http://crt.usertrust.com/USERTrustRSAAAACA.crt0% http://ocsp.comodoca.com0 http://ocsp.sectigo.com0 http://ocsp.usertrust.com0 http://repository.certum.pl http://repository.certum.pl/ccsca2021.cer0 http://repository.certum.pl/ctnca.cer09 http://repository.certum.pl/ctnca2.cer09 http://schemas.microsoft.com http://schemas.microsoft.com/SMI/2017/WindowsSettings http://subca.crl.certum.pl http://subca.crl.certum.pl/ctsca2021.crl0 http://subca.ocsp-certum.com0 http://subca.ocsp-certum.com01 http://subca.ocsp-certum.com02 http://subca.repository.certum.pl http://subca.repository.certum.pl/ctsca2021.cer0 http://www.certum.pl http://www.certum.pl/CPS0 https://sectigo.com https://www.certum.pl https://www.certum.pl/CPS0 https://www.indigorose.com0 indigorose.com microsoft.com schemas.microsoft.com sectigo.com usertrust.com www.indigorose.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA256`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryW` `Can access the registry: RegCreateKeyExW RegOpenKeyExW RegCloseKey RegDeleteValueW RegSetValueExW RegEnumKeyExW RegQueryValueExW RegDeleteKeyW` `Possibly launches other programs: ShellExecuteW` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: GetForegroundWindow CallNextHookEx MapVirtualKeyW GetAsyncKeyState` `Memory manipulation functions often used by packers: VirtualProtect VirtualAlloc` `Functions related to the privilege level: OpenProcessToken` `Enumerates local disk drives: GetVolumeInformationW` `Can take screenshots: GetDC CreateCompatibleDC BitBlt`
Info	The PE is digitally signed.	`Signer: TLauncher Inc.` `Issuer: Certum Code Signing 2021 CA`
Suspicious	VirusTotal score: 1/72 (Scanned on 2026-02-18 20:14:25)	`Zillya: Dropper.Sysn.Win32.9587`

Hashes

MD5	`67e858aaa1a7fdb27f22acc3c3a80572`
SHA1	`1258bf4e2c3cf7047954c1682c69e0aeca124a49`
SHA256	`9bc9092dfc5800e2d6f4cea5f58e2f20952a2b33a79f2b761ddfcf4455cd362d`
SHA3	`7fa7227139fc24f18a3bb80ce081dca07c004d2b56d3eed00ebe6968d3aae151`
SSDeep	`786432:jtp9fr3hKDpjsPrrKJBH5lFRqTzLSTlEM:jtp9r3SsPPKJBZlCTXSTt`
Imports Hash	`ca48ebe23fe9d3364cb54cd66c4507b1`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2026-Jan-05 16:18:52
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`10.0`
SizeOfCode	`0x112c00`
SizeOfInitializedData	`0x8c800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000F157B (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x114000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`5.1`
ImageVersion	`0.0`
SubsystemVersion	`5.1`
Win32VersionValue	`0`
SizeOfImage	`0x1a9000`
SizeOfHeaders	`0x400`
Checksum	`0x18f9c97`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`5aa82070ea00a500126929b1411fd13c`
SHA1	`5ccbfb7243182a79481727626958862e503dd710`
SHA256	`8e55f172030745ec791c91f9f7e60e8e14f04a1e1b9410b546e32c76989ec82d`
SHA3	`accd4bc909bef4b58f167e2adfc1bb8783dfc836cfc99ef45fe8b06d77d62ccd`
VirtualSize	`0x112b1e`
VirtualAddress	`0x1000`
SizeOfRawData	`0x112c00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.51713`

.rdata

MD5	`76ffcd05d3708fe2768a86d27048984c`
SHA1	`98ce77f6e4a17d0c8d0a6003e0d089adf65efa4e`
SHA256	`74b665c63938ec03a2380de5bd8e695eecc7361c7dc23ae39260133487a83f2c`
SHA3	`fbb1a3149b9752078bc5107039a5f8388726af227fa4298fd280ebce0076548d`
VirtualSize	`0x40af4`
VirtualAddress	`0x114000`
SizeOfRawData	`0x40c00`
PointerToRawData	`0x113000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.98849`

.data

MD5	`1566d992626b85138341858008031531`
SHA1	`d257c7479b3c93dcb5ffed52138e908a1d65aced`
SHA256	`82fefad55ee8d838d3f144a5239c577079d6e3bff65573d4df52f026a30a4b8f`
SHA3	`2c5592399caecc8c805457bd5a06427a7ffcae912e2446489fd047065f91aec1`
VirtualSize	`0xcd80`
VirtualAddress	`0x155000`
SizeOfRawData	`0x5800`
PointerToRawData	`0x153c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.69519`

.rsrc

MD5	`3fff713274475c1d852f478cf046633d`
SHA1	`805888343b25bced6a7ccc593491bcb0386e1c82`
SHA256	`2a4cf7faf4fe1a3c17532135bf77a4680a7f655c7706c9764fc0413213ed32c7`
SHA3	`91aa6886ee71ce57f2dc1c9bc44c4c62edc5fda57fa867bcfe66cd22ec4bc0ae`
VirtualSize	`0x1dde0`
VirtualAddress	`0x162000`
SizeOfRawData	`0x1de00`
PointerToRawData	`0x159400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.50866`

.reloc

MD5	`dcedd396069962a18d59efbf9c46f0cf`
SHA1	`6dbf9f8defa1cb9f2bec3429dbfa339f0e73982a`
SHA256	`401f278c8b8bc70022ba5887267a2dd577337e54c28873bad766de3d28328537`
SHA3	`82b98807299519b0fc16d3e85e1b3d912bdea5234bf1226dade5d8aae414f75e`
VirtualSize	`0x2852e`
VirtualAddress	`0x180000`
SizeOfRawData	`0x28600`
PointerToRawData	`0x177200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.90458`

Imports

KERNEL32.dll	`FindClose` `FindFirstFileW` `GetVolumeInformationW` `GetFullPathNameW` `InterlockedExchange` `LockFile` `GetLocaleInfoW` `GetUserDefaultUILanguage` `GetFileAttributesExW` `FileTimeToLocalFileTime` `GetFileSizeEx` `GetFileTime` `GetTempFileNameW` `GetWindowsDirectoryW` `GetNumberFormatW` `GetTickCount` `GetProfileIntW` `SearchPathW` `VirtualProtect` `FindResourceExW` `ExitProcess` `DecodePointer` `HeapFree` `HeapAlloc` `GetCommandLineA` `HeapSetInformation` `GetStartupInfoW` `RtlUnwind` `RaiseException` `EncodePointer` `HeapReAlloc` `ExitThread` `CreateThread` `HeapSize` `HeapQueryInformation` `GetSystemTimeAsFileTime` `VirtualAlloc` `GetSystemInfo` `VirtualQuery` `SetStdHandle` `GetFileType` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `IsDebuggerPresent` `TerminateProcess` `GetStdHandle` `IsProcessorFeaturePresent` `HeapCreate` `GetModuleFileNameA` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `SetHandleCount` `DuplicateHandle` `GetStringTypeW` `GetCPInfo` `GetACP` `GetOEMCP` `IsValidCodePage` `GetTimeZoneInformation` `LCMapStringW` `GetConsoleCP` `GetConsoleMode` `WriteConsoleW` `SetEnvironmentVariableA` `FlushFileBuffers` `WriteFile` `lstrcmpiW` `GlobalFlags` `FreeResource` `GlobalAddAtomW` `GlobalFindAtomW` `GlobalDeleteAtom` `GetVersionExW` `InitializeCriticalSectionAndSpinCount` `lstrcmpW` `FileTimeToSystemTime` `lstrcmpA` `GlobalGetAtomNameW` `InterlockedIncrement` `WaitForSingleObject` `GetCurrentThreadId` `ResumeThread` `SetThreadPriority` `CopyFileW` `GlobalSize` `FormatMessageW` `MulDiv` `GetCurrentProcessId` `FindResourceW` `LoadResource` `LockResource` `SizeofResource` `InterlockedDecrement` `ActivateActCtx` `ReleaseActCtx` `DeactivateActCtx` `TlsFree` `GlobalFree` `DeleteCriticalSection` `LocalReAlloc` `TlsSetValue` `TlsAlloc` `InitializeCriticalSection` `GlobalAlloc` `GlobalHandle` `GlobalUnlock` `GlobalReAlloc` `GlobalLock` `EnterCriticalSection` `TlsGetValue` `LeaveCriticalSection` `LocalAlloc` `SetLastError` `GetFileSize` `SetEndOfFile` `QueryPerformanceCounter` `UnlockFile` `MoveFileExW` `CreateSymbolicLinkW` `GetCurrentProcess` `LocalFree` `GetLastError` `GetExitCodeProcess` `GetCurrentDirectoryW` `GetTempPathW` `DeleteFileW` `RemoveDirectoryW` `GetFileAttributesW` `GetDiskFreeSpaceW` `_lopen` `CreateFileW` `SetCurrentDirectoryW` `CreateDirectoryW` `SetFilePointer` `ReadFile` `_lcreat` `_lwrite` `_lclose` `WideCharToMultiByte` `GetModuleFileNameW` `CloseHandle` `GetModuleHandleW` `GetProcAddress` `GetSystemDirectoryW` `lstrlenW` `lstrcatW` `lstrcpyW` `LoadLibraryW` `lstrlenA` `lstrcpyA` `CompareStringW` `Sleep` `FreeLibrary` `MultiByteToWideChar`
USER32.dll	`BringWindowToTop` `LockWindowUpdate` `GetMenuDefaultItem` `InvertRect` `HideCaret` `EnableScrollBar` `GetNextDlgTabItem` `GetIconInfo` `LoadImageW` `GetNextDlgGroupItem` `EndDialog` `CreateDialogIndirectParamW` `TranslateAcceleratorW` `InsertMenuItemW` `ReuseDDElParam` `UnpackDDElParam` `DefFrameProcW` `DefMDIChildProcW` `DrawMenuBar` `TranslateMDISysAccel` `MonitorFromPoint` `UnionRect` `UpdateLayeredWindow` `IsMenu` `CreateMenu` `PostThreadMessageW` `WaitMessage` `SetMenuDefaultItem` `IsClipboardFormatAvailable` `FrameRect` `GetUpdateRect` `OpenClipboard` `SetClipboardData` `CloseClipboard` `EmptyClipboard` `RegisterClipboardFormatW` `CopyIcon` `CharUpperBuffW` `GetDoubleClickTime` `IsCharLowerW` `GetKeyNameTextW` `MapVirtualKeyExW` `SubtractRect` `MapDialogRect` `DrawIcon` `DestroyCursor` `GetWindowRgn` `WindowFromPoint` `CreatePopupMenu` `DestroyAcceleratorTable` `SetParent` `SetWindowRgn` `IsZoomed` `OffsetRect` `IsRectEmpty` `KillTimer` `SetTimer` `DeleteMenu` `ShowOwnedPopups` `IntersectRect` `InvalidateRect` `IsIconic` `SetLayeredWindowAttributes` `EnumDisplayMonitors` `SetRectEmpty` `CopyImage` `EndPaint` `BeginPaint` `GetWindowDC` `GrayStringW` `DrawTextExW` `DrawTextW` `TabbedTextOutW` `FillRect` `SystemParametersInfoW` `DestroyMenu` `GetMenuItemInfoW` `InflateRect` `CharUpperW` `DestroyIcon` `GetDesktopWindow` `RealChildWindowFromPoint` `ClientToScreen` `ShowWindow` `MoveWindow` `SetWindowTextW` `IsDialogMessageW` `CheckDlgButton` `RegisterWindowMessageW` `LoadIconW` `SendDlgItemMessageW` `SetCursorPos` `WinHelpW` `IsChild` `GetCapture` `GetClassLongW` `GetClassNameW` `SetPropW` `GetPropW` `RemovePropW` `IsWindow` `SetFocus` `GetForegroundWindow` `SetActiveWindow` `BeginDeferWindowPos` `EndDeferWindowPos` `GetDlgItem` `GetTopWindow` `DestroyWindow` `GetMessageTime` `GetMessagePos` `MonitorFromWindow` `GetMonitorInfoW` `MapWindowPoints` `ScrollWindow` `TrackPopupMenu` `SetMenu` `SetScrollRange` `GetScrollRange` `SetScrollPos` `GetScrollPos` `SetForegroundWindow` `ShowScrollBar` `RedrawWindow` `UpdateWindow` `GetClientRect` `PostMessageW` `CreateWindowExW` `GetClassInfoExW` `GetClassInfoW` `RegisterClassW` `AdjustWindowRectEx` `GetWindowRect` `ScreenToClient` `EqualRect` `DeferWindowPos` `GetScrollInfo` `SetScrollInfo` `SetWindowPlacement` `GetWindowPlacement` `GetDlgCtrlID` `DefWindowProcW` `CallWindowProcW` `GetMenu` `SetWindowLongW` `SetWindowPos` `CopyRect` `PtInRect` `GetWindow` `SetMenuItemBitmaps` `GetMenuCheckMarkDimensions` `LoadBitmapW` `GetFocus` `ModifyMenuW` `EnableMenuItem` `CheckMenuItem` `GetWindowTextLengthW` `GetWindowTextW` `GetSystemMetrics` `GetDC` `ReleaseDC` `GetSysColor` `GetSysColorBrush` `SetWindowsHookExW` `CallNextHookEx` `GetMessageW` `GetActiveWindow` `IsWindowVisible` `GetKeyState` `GetCursorPos` `ValidateRect` `GetMenuState` `GetMenuStringW` `AppendMenuW` `GetMenuItemID` `InsertMenuW` `GetMenuItemCount` `GetSubMenu` `RemoveMenu` `MessageBoxW` `SetCursor` `LoadCursorW` `wsprintfW` `MsgWaitForMultipleObjects` `GetWindowThreadProcessId` `SendMessageW` `GetParent` `GetWindowLongW` `GetLastActivePopup` `IsWindowEnabled` `EnableWindow` `UnhookWindowsHookEx` `PeekMessageW` `DispatchMessageW` `TranslateMessage` `SetRect` `CreateAcceleratorTableW` `LoadAcceleratorsW` `GetKeyboardState` `GetKeyboardLayout` `MapVirtualKeyW` `ToUnicodeEx` `CopyAcceleratorTableW` `DrawFocusRect` `DrawFrameControl` `DrawEdge` `DrawIconEx` `DrawStateW` `MessageBeep` `ReleaseCapture` `SetCapture` `GetSystemMenu` `LoadMenuW` `SetClassLongW` `GetAsyncKeyState` `SendDlgItemMessageA` `NotifyWinEvent` `PostQuitMessage`
ADVAPI32.dll	`RegCreateKeyExW` `RegOpenKeyExW` `RegCloseKey` `RegDeleteValueW` `RegSetValueExW` `RegEnumKeyExW` `RegQueryValueExW` `RegDeleteKeyW` `OpenProcessToken` `GetTokenInformation`
SHELL32.dll	`ShellExecuteW` `ShellExecuteExW` `SHGetFileInfoW` `SHBrowseForFolderW` `SHAppBarMessage` `DragQueryFileW` `DragFinish` `SHGetFolderPathW` `SHGetSpecialFolderLocation` `SHGetPathFromIDListW` `SHGetDesktopFolder`
MSIMG32.dll	`TransparentBlt` `AlphaBlend`
COMCTL32.dll	`ImageList_GetIconSize`
SHLWAPI.dll	`PathStripToRootW` `PathIsUNCW` `PathFindExtensionW` `PathFindFileNameW` `PathRemoveFileSpecW`
OLEACC.dll	`CreateStdAccessibleObject` `AccessibleObjectFromWindow` `LresultFromObject`
gdiplus.dll	`GdipGetImageGraphicsContext` `GdipBitmapUnlockBits` `GdipFree` `GdipAlloc` `GdipDeleteGraphics` `GdipDisposeImage` `GdipCreateBitmapFromHBITMAP` `GdiplusStartup` `GdiplusShutdown` `GdipCreateFromHDC` `GdipSetInterpolationMode` `GdipDrawImageRectI` `GdipCloneImage` `GdipGetImageWidth` `GdipGetImageHeight` `GdipGetImagePixelFormat` `GdipGetImagePaletteSize` `GdipGetImagePalette` `GdipCreateBitmapFromStream` `GdipCreateBitmapFromScan0` `GdipBitmapLockBits` `GdipDrawImageI`
IMM32.dll	`ImmReleaseContext` `ImmGetContext` `ImmGetOpenStatus`
WINMM.dll	`PlaySoundW`
GDI32.dll	`CreateCompatibleBitmap` `CreateRectRgnIndirect` `GetTextMetricsW` `EnumFontFamiliesW` `GetTextCharsetInfo` `SetRectRgn` `CopyMetaFileW` `CreateDCW` `CreateBitmap` `SetTextColor` `SetBkColor` `GetObjectW` `DeleteObject` `CreateFontIndirectW` `CreateCompatibleDC` `DeleteDC` `ExtSelectClipRgn` `BitBlt` `ExtTextOutW` `GetTextExtentPoint32W` `SaveDC` `RestoreDC` `SetBkMode` `CreateDIBitmap` `CreateHatchBrush` `CreateSolidBrush` `CreatePen` `GetObjectType` `SelectPalette` `SetPolyFillMode` `SetROP2` `SetMapMode` `GetClipBox` `ExcludeClipRect` `IntersectClipRect` `LineTo` `MoveToEx` `SetTextAlign` `GetLayout` `SelectClipRgn` `GetStockObject` `GetViewportExtEx` `GetWindowExtEx` `GetPixel` `PtVisible` `RectVisible` `TextOutW` `Escape` `CombineRgn` `PatBlt` `DPtoLP` `ScaleWindowExtEx` `SetWindowExtEx` `OffsetWindowOrgEx` `SetWindowOrgEx` `CreateDIBSection` `CreateRoundRectRgn` `CreatePolygonRgn` `GetBkColor` `GetTextColor` `CreateEllipticRgn` `Polyline` `Ellipse` `Polygon` `CreatePalette` `GetPaletteEntries` `GetNearestPaletteIndex` `RealizePalette` `GetSystemPaletteEntries` `OffsetRgn` `GetRgnBox` `SetDIBColorTable` `StretchBlt` `SetPixel` `Rectangle` `EnumFontFamiliesExW` `LPtoDP` `GetWindowOrgEx` `GetViewportOrgEx` `PtInRegion` `FillRgn` `FrameRgn` `GetBoundsRect` `ExtFloodFill` `SetPaletteEntries` `GetTextFaceW` `SetPixelV` `CreateRectRgn` `CreatePatternBrush` `ScaleViewportExtEx` `SetViewportExtEx` `OffsetViewportOrgEx` `SetViewportOrgEx` `SetLayout` `GetDeviceCaps` `SelectObject`
WINSPOOL.DRV	`ClosePrinter` `DocumentPropertiesW` `OpenPrinterW`
COMDLG32.dll	`GetFileTitleW`
ole32.dll	`OleGetClipboard` `RegisterDragDrop` `CoLockObjectExternal` `DoDragDrop` `CreateStreamOnHGlobal` `OleLockRunning` `IsAccelerator` `OleTranslateAccelerator` `OleDestroyMenuDescriptor` `OleCreateMenuDescriptor` `CoInitializeEx` `CoUninitialize` `CoInitialize` `CoTaskMemFree` `CoCreateInstance` `OleDuplicateData` `CoTaskMemAlloc` `ReleaseStgMedium` `RevokeDragDrop`
OLEAUT32.dll	`VariantClear` `VariantChangeType` `VariantTimeToSystemTime` `SystemTimeToVariantTime` `SysStringLen` `SysAllocStringLen` `VarBstrFromDate` `VariantInit` `SysAllocString` `SysFreeString`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2214`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.92261`
Detected Filetype	PNG graphic file
MD5	`2210ca5e3b6a791d018321a1054b4f7e`
SHA1	`64ca01e4d8ea0a5adb1036bae801aeb07fa89020`
SHA256	`a2e988e11f1121dbceaba0c9f15bed7595e67cb4e6258c95c82e009f94fc3540`
SHA3	`caceb190f15de65dde58f1f095c3a2d4d399eb5e691504f4a18dbdb9fe5fba5b`

2

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.87454`
MD5	`28a1b81d763624a118ccfb98e0ce01a6`
SHA1	`f178d84237d1c82f9e305998aec85d19109d199a`
SHA256	`98a0bac50d7acea0fc3c79d6b060d072c33690b6de1e279ee3ef78c76d485c5f`
SHA3	`20f30032ee6f58d0f0605819aa598d68e6703da524b1cc405b8a07a5f8a9e141`

3

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.04321`
MD5	`740f77cf5df55a8545934f0849802f93`
SHA1	`3cea7437f1a81a72f01217427a413643154b491e`
SHA256	`cfc6206863b5fdae7fd2b489c2c30ce97b8501c8e8ed212dca6445ec1b99f67f`
SHA3	`51d618ba563c6caa31b0e1194616201697e0d79afe32fb59949e2a5ea6051510`

4

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.10433`
MD5	`07c75defbe99c950aa137669a1b066d0`
SHA1	`8a1d1be422693635ff3d9014f1293bdd7264c78e`
SHA256	`9648cb92fe5f2954b1cda59ca4f9a63936567de820c1dead332a17216a56ce6d`
SHA3	`c041139298687324e2fa2c2d07dc6a87d3bd183b00460c0bc86e83524d2551d1`

5

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x1a68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.15069`
MD5	`1c7b7303944ce1b1469ebf572ded9c42`
SHA1	`9a29b5c2c400225bf6ea063fbabb38f36cdd293a`
SHA256	`36bbba69354b98a39014e0a13256ad08a978cd4934a3331365af4804442d2184`
SHA3	`84ddc4a15206ade761b4f447106991d621019331fa1b57a874d01080654fd6ae`

6

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24063`
MD5	`d87a0d1aee829428a07b8a1326879286`
SHA1	`e30a138c96cb6ea1d0e14375653068ea86ddd6de`
SHA256	`e4104d291f0f919e4edcf0f1b9289458e69d5057be497f6475b431087dec7828`
SHA3	`3679f553fd3e5eed2c0526a6964019c77a6c393b6862be2b1362c4898399d26a`

7

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.45174`
MD5	`af420ff966dc858418e7ada345f08ad9`
SHA1	`56da104efbc4bc3c1f77f5a0a3f0ea83e25e0f79`
SHA256	`3e8675a01fa20affc5991a14a16d42667923bfa21bb65d21ed3a5d22134edd2c`
SHA3	`ef666271c409080a70e9452bf81b849f8c2f44fa3f5c00f34f7bbfcf79266543`

8

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x6b8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.39733`
MD5	`7726b8256001055ab9d274d62fa588bc`
SHA1	`e74bc7a6807d25aae6454c795451813684f17b0c`
SHA256	`3480fea578916245b1c131dc1a5cc2cecc0887c36303a5d0286f21b2328e1c8d`
SHA3	`f9178a9038e1f31468ac463eed610a4ef5a23eb47eb8ee200f322bce9b94b11b`

9

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.52276`
MD5	`4642cb48050f1c3a282581d014febe53`
SHA1	`e4c026ee4e1deb82cd1f66f91470bc69a6fc2295`
SHA256	`05602c1896ff6fdf6250d7bfa766bae23ab5b0ca18caf43c1dfb467ad854e0d6`
SHA3	`69a88a448e69f444e3e70e1e36c4d84daa11f5776b23ab43f568cf4ed60905de`

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.9892`
Detected Filetype	Icon file
MD5	`6aa5b18ae2462273a6e62cdf27de9cec`
SHA1	`6068faf72e86c78a04e35f4f97c9a17f7c5b57de`
SHA256	`462aec5a20b86eb1f8ec71b80bea843a493a58dadfdc2b6869804f61750cbafe`
SHA3	`aad532ead28123d477e3e83c22d1402bf70abed82e0aeb79973d4c413560d993`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x258`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.22535`
MD5	`7b01a0ada2927217a7cf118a02b9c486`
SHA1	`11a6f58d441ddd40173e90f8256722dbcad2c9f0`
SHA256	`417f2c7dd1197dbf3d0f15762866ca6b29fbee08896c730a31d6707a9893efb2`
SHA3	`6375ef6e181377f41437b15a3ec88cfe7499dc3207a0ebec2c1fa213b264f941`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x68f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3804`
MD5	`7edba31a9fcced4efe219d4f8b8d0f4e`
SHA1	`f7196f112d43ba0fe485a7a81ee3feb5a0718092`
SHA256	`449fc0652b7f11662bae64cd506199d03966f7d150889de244b935eb8fc02604`
SHA3	`457f07861dde46dcc38b057226053fc4c2b021d761463ea68fa56675e0685e18`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0`
FileVersion	1.9.5.6
ProductVersion	2.9.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
Comments	TLauncher
FileDescription	TLauncher
FileVersion (#2)	1.9.5.6
InternalName	TLauncher
OriginalFilename	suf_launch.exe
ProductName	TLauncher
ProductVersion (#2)	2.9.0.0

Resource LangID	English - United States

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x559300`
SEHandlerTable	`0x544cd0`
SEHandlerCount	`765`

RICH Header

XOR Key	`0x31ddf10f`
Unmarked objects	`0`
C++ objects (VS2008 SP1 build 30729)	`1`
ASM objects (VS2010 SP1 build 40219)	`43`
C objects (VS2010 SP1 build 40219)	`180`
C objects (VS2008 SP1 build 30729)	`12`
Imports (VS2008 SP1 build 30729)	`35`
Total imports	`764`
C++ objects (VS2010 SP1 build 40219)	`373`
Resource objects (VS2010 SP1 build 40219)	`1`
Linker (VS2010 SP1 build 40219)	`1`

67e858aaa1a7fdb27f22acc3c3a80572

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

7

8

9

101

1 (#2)

1 (#3)

Version Info

TLS Callbacks

Load Configuration

RICH Header

Errors