Manalyze report for 7b2045ebd848479f08be93f3f8092a6763ed789473a300034f1703eef696acdb

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Jan-29 22:29:32
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.
Debug artifacts	ytdesktop.pdb
CompanyName	ytdesktop
FileDescription	YouTube Desktop
FileVersion	`1.0.0`
ProductName	YouTube Desktop
ProductVersion	`1.0.0`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Miscellaneous malware strings: cmd.exe` Contains domain names: .ggpht.com .google.com .googlevideo.com .youtube.com .ytimg.com accounts.google.com birthpopuptypesapplyImagebeinguppernoteseveryshowsmeansextramatchtrackknownearlybegansuperpapernorthlearngivennamedendedTermspartsGroupbrandusingwomanfalsereadyaudiotakeswhile.com developer.microsoft.com genretrucklooksValueFrame.net ggpht.com github.com google.com googlevideo.com http://dummy.testC http://www.C http://www.a http://www.css http://www.hortcut http://www.icon http://www.interpretation http://www.language http://www.style http://www.text-decoration http://www.w3.org http://www.w3.org/shortcut http://www.wencodeURIComponent http://www.years https://accounts.google.com https://accounts.google.com../srcicons/128x128.pngicons/128x128 https://accounts.google.com/ https://developer.microsoft.com https://developer.microsoft.com/en-us/microsoft-edge/webview2 https://github.com https://www.World https://www.recent https://www.youtube.com https://www.youtube.com' https://www.youtube.com/ https://youtube.com microsoft.com thing.org www.w3.org www.youtube.com youtube.com ytimg.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to RC5 or RC6`
Suspicious	The PE is possibly packed.	`Unusual section name found: .taubndl`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA LoadLibraryW LoadLibraryExW LoadLibraryExA` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Can access the registry: RegOpenKeyExW RegQueryValueExW RegCloseKey RegGetValueW` `Possibly launches other programs: ShellExecuteW CreateProcessW` `Uses Windows's Native API: NtOpenFile NtReadFile NtCreateNamedPipeFile NtWriteFile` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: GetForegroundWindow MapVirtualKeyW GetAsyncKeyState` `Can take screenshots: GetDC BitBlt CreateCompatibleDC` `Reads the contents of the clipboard: GetClipboardData`
Safe	VirusTotal score: 0/71 (Scanned on 2026-06-08 01:10:28)	`All the AVs think this file is safe.`

Hashes

MD5	`84bb42d8eefeac05ba97dcdaf7ff4b48`
SHA1	`b27d868ac76fea177686fa5df01d3151af70c110`
SHA256	`7b2045ebd848479f08be93f3f8092a6763ed789473a300034f1703eef696acdb`
SHA3	`821fe58d28a6b441bfaedd75bd577dd835fdb0148f0b014c58fe72398002a308`
SSDeep	`98304:+Ek2iU/JgCeaNugBmeSXIq+MMaMKM84M:RIU/Jg1FD`
Imports Hash	`a052f388d12274c3d80c34f3ba3e1ed4`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2026-Jan-29 22:29:32
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x35d600`
SizeOfInitializedData	`0x13f600`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000034122C (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x4a2000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`98e92e71e1b261014ebcc3eaa7b6590f`
SHA1	`32f049a09605e8ec976d99e52c525dd252ad7e0c`
SHA256	`574564474f97a17f9faf347819f448b1e4b08bfe68a43cdb6a0c97b5cac2bf67`
SHA3	`af2ff28d2f3e6613701dd587aa68fda8c2b7c0a143ac9e42dfe98994b434a05c`
VirtualSize	`0x35d410`
VirtualAddress	`0x1000`
SizeOfRawData	`0x35d600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.26634`

.rdata

MD5	`42a58d596574adc46167935b1576ec34`
SHA1	`7ade69a4dc662413460a3b26a790562d52788751`
SHA256	`bac451655c737d0ce93ffd9757d7362f8b2f877084ed0ee76822461786ad8579`
SHA3	`ba3194465de4a5a92c896a38c5035bb67e5ea319abeb322a974747d52e96aecd`
VirtualSize	`0x122466`
VirtualAddress	`0x35f000`
SizeOfRawData	`0x122600`
PointerToRawData	`0x35da00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.65238`

.data

MD5	`6e922d9c35131c296ae492228c9b0682`
SHA1	`7748792234c2afa9fb0cdc06a280407c7b5e678d`
SHA256	`9b4228c26b6fb9c4cf666abf2e6ceb795706134b1abd3a66caf03775d0864106`
SHA3	`017605ee8e7aa4528e0bdf361f3bf73c26053d9798305195ffb027e60aade1de`
VirtualSize	`0x32d8`
VirtualAddress	`0x482000`
SizeOfRawData	`0xa00`
PointerToRawData	`0x480000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.39036`

.pdata

MD5	`be1988ab4a1f49c4da17c5420ed387a2`
SHA1	`dde1c8a2495b3a3d7555fa2129b5727be48f8d1a`
SHA256	`ca82b1855e6724edf571b88ff064df1d6e2acf7016b2cae6e64d3623264e14ca`
SHA3	`6f372d55d31a0a73d5827517878332aa2ab5e8e43baf804aaf62875822d6bb57`
VirtualSize	`0x11280`
VirtualAddress	`0x486000`
SizeOfRawData	`0x11400`
PointerToRawData	`0x480a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.21314`

.taubndl

MD5	`0b6500be965cd867fbb900f9971c8cc9`
SHA1	`9cf630ea9a73862cd81004b65f290498630e0d01`
SHA256	`b76cb9dd848d7cd728314c65d49c9523ab6fc873bfda062f66426b9ee467a261`
SHA3	`387a06ffec109c38c3e5981278afc433c2bb95ede209be1fc7712f467a2c8f0e`
VirtualSize	`0x10`
VirtualAddress	`0x498000`
SizeOfRawData	`0x200`
PointerToRawData	`0x491e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.122276`

.rsrc

MD5	`0bc9832f9de7b3167035f90d90149cd2`
SHA1	`5c7dc999a5ce001871265399666910dbff6723ee`
SHA256	`6e93a07ae877c4d037c67d1d66c4f5f76ab9c3b456b83bcd8607a47d6d2a8fc2`
SHA3	`53c6b93f19891c66e85ca3dcaf81e02db3a08ec69f6e2ec5d2f47870ad908492`
VirtualSize	`0x1598`
VirtualAddress	`0x499000`
SizeOfRawData	`0x1600`
PointerToRawData	`0x492000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.72741`

.reloc

MD5	`ca06266b321cabf00d9627d572eb165a`
SHA1	`62ffac2f22f0466004304d5a2ccf8465eda61879`
SHA256	`e852af67b5c4e5d3f72ea4e1f3508d5751bc5963766d8b1579fef800702635b9`
SHA3	`5e6d3c35d88ecef276952860de87b53653c802521126efc1044d417f9372e5a8`
VirtualSize	`0x6e38`
VirtualAddress	`0x49b000`
SizeOfRawData	`0x7000`
PointerToRawData	`0x493600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.43722`

Imports

bcryptprimitives.dll	`ProcessPrng`
ntdll.dll	`NtOpenFile` `NtReadFile` `RtlGetVersion` `RtlNtStatusToDosError` `NtCreateNamedPipeFile` `NtWriteFile`
kernel32.dll	`IsProcessorFeaturePresent` `RtlLookupFunctionEntry` `WaitForSingleObjectEx` `GetCurrentProcess` `GetCurrentProcessId` `ReleaseMutex` `WaitForSingleObject` `HeapAlloc` `IsDebuggerPresent` `GetModuleFileNameW` `SleepEx` `SetWaitableTimer` `ExitProcess` `CompareStringOrdinal` `GetSystemDirectoryW` `GetWindowsDirectoryW` `DuplicateHandle` `GetSystemTimeAsFileTime` `SleepConditionVariableSRW` `WakeAllConditionVariable` `AcquireSRWLockExclusive` `ReleaseSRWLockExclusive` `SwitchToThread` `GetProcessHeap` `HeapFree` `TerminateProcess` `GetCurrentThreadId` `GetModuleHandleW` `Sleep` `GetProcAddress` `LoadLibraryA` `CloseHandle` `RtlPcToFileHeader` `LCIDToLocaleName` `HeapReAlloc` `GlobalLock` `GlobalSize` `WideCharToMultiByte` `GlobalUnlock` `SetLastError` `GetLastError` `SetThreadStackGuarantee` `GetCurrentThread` `RaiseException` `GlobalAlloc` `MultiByteToWideChar` `GlobalFree` `lstrlenW` `GetSystemTimePreciseAsFileTime` `FormatMessageW` `EncodePointer` `GetFinalPathNameByHandleW` `GetFileAttributesW` `GetFileType` `GetTempPathW` `SetFileInformationByHandle` `GetFileInformationByHandleEx` `TlsAlloc` `GetFileInformationByHandle` `GetFullPathNameW` `WriteConsoleW` `GetConsoleOutputCP` `GetConsoleScreenBufferInfo` `SetConsoleTextAttribute` `SetConsoleMode` `GetConsoleMode` `GetStdHandle` `FindFirstFileExW` `FindClose` `FindNextFileW` `LoadLibraryW` `TlsGetValue` `TlsSetValue` `GetSystemInfo` `FreeLibrary` `LoadLibraryExW` `TlsFree` `OutputDebugStringW` `OutputDebugStringA` `GetUserDefaultUILanguage` `GetModuleHandleA` `LoadLibraryExA`
dwmapi.dll	`DwmEnableBlurBehindWindow` `DwmGetWindowAttribute` `DwmSetWindowAttribute`
oleaut32.dll	`SysStringLen` `SetErrorInfo` `GetErrorInfo` `SysFreeString`
api-ms-win-core-synch-l1-2-0.dll	`WakeByAddressAll` `WakeByAddressSingle` `WaitOnAddress`
user32.dll	`FlashWindowEx` `CloseTouchInputHandle` `GetWindowDC` `IsWindow` `IsWindowEnabled` `IsIconic` `IsWindowVisible` `EnableWindow` `GetWindowRect` `MapWindowPoints` `GetClientRect` `GetMenuBarInfo` `PostQuitMessage` `ShowWindow` `SystemParametersInfoA` `GetActiveWindow` `SetMenu` `RemoveMenu` `CreateIcon` `SetMenuItemInfoW` `DrawMenuBar` `CreatePopupMenu` `CreateMenu` `CreateAcceleratorTableW` `DestroyAcceleratorTable` `DestroyIcon` `DestroyMenu` `SetPropW` `GetKeyboardState` `SetWindowTextW` `GetWindowTextW` `DrawTextW` `GetForegroundWindow` `CloseClipboard` `GetWindowTextLengthW` `RegisterClipboardFormatW` `SetWindowDisplayAffinity` `OpenClipboard` `MonitorFromRect` `OffsetRect` `LoadCursorW` `TrackMouseEvent` `FindWindowExW` `ToUnicodeEx` `SetClipboardData` `MapVirtualKeyExW` `GetKeyboardLayout` `SetCursor` `GetSystemMetrics` `EmptyClipboard` `GetClipCursor` `ShowCursor` `SystemParametersInfoW` `SetCursorPos` `GetClipboardData` `SetCapture` `TranslateAcceleratorW` `GetMenuItemInfoW` `SetWindowLongW` `SendMessageW` `SetWindowRgn` `InvalidateRect` `UpdateWindow` `DestroyWindow` `EnumChildWindows` `GetSystemMenu` `GetMonitorInfoW` `DispatchMessageA` `GetMessageA` `SetWindowPos` `RegisterClassExW` `SetParent` `SetFocus` `MapVirtualKeyW` `GetUpdateRect` `ValidateRect` `GetWindowPlacement` `GetRawInputData` `MsgWaitForMultipleObjectsEx` `DispatchMessageW` `TranslateMessage` `PeekMessageW` `PostThreadMessageW` `PostMessageW` `GetWindowLongPtrW` `SetWindowPlacement` `RedrawWindow` `AdjustWindowRect` `EnumDisplayMonitors` `MonitorFromPoint` `ChangeDisplaySettingsExW` `GetMessageW` `SetWindowLongPtrW` `CreateWindowExW` `RegisterRawInputDevices` `AdjustWindowRectEx` `GetAsyncKeyState` `GetMenu` `GetWindowLongW` `InvalidateRgn` `ReleaseCapture` `GetWindow` `GetKeyState` `GetParent` `DefWindowProcW` `RegisterWindowMessageA` `FillRect` `GetTouchInputInfo` `ReleaseDC` `IsProcessDPIAware` `MonitorFromWindow` `TrackPopupMenu` `SetForegroundWindow` `ClientToScreen` `GetCursorPos` `EnableMenuItem` `DrawIconEx` `ScreenToClient` `GetDC` `AppendMenuW` `InsertMenuW` `SendInput` `CheckMenuItem` `IsClipboardFormatAvailable` `ClipCursor` `RegisterTouchWindow`
comctl32.dll	`RemoveWindowSubclass` `TaskDialogIndirect` `DefSubclassProc` `SetWindowSubclass`
ole32.dll	`RegisterDragDrop` `CoTaskMemAlloc` `CoUninitialize` `RevokeDragDrop` `CoCreateFreeThreadedMarshaler` `CoInitializeEx` `CoCreateInstance` `CoTaskMemFree` `OleInitialize`
shlwapi.dll	`SHCreateMemStream`
gdi32.dll	`SelectObject` `CombineRgn` `DeleteDC` `CreateDIBSection` `SetBkMode` `SetTextColor` `CreateRectRgn` `CreateSolidBrush` `DeleteObject` `BitBlt` `CreateCompatibleDC` `GetDeviceCaps`
shell32.dll	`DragFinish` `DragQueryFileW` `SHAppBarMessage` `ShellExecuteW` `SHGetKnownFolderPath`
KERNEL32.dll	`SetEnvironmentVariableW` `GetCommandLineW` `AddVectoredExceptionHandler` `RtlCaptureContext` `InitializeSListHead` `RtlVirtualUnwind` `GetCurrentDirectoryW` `CreateMutexA` `UnhandledExceptionFilter` `CreateDirectoryW` `CreateFileW` `QueryPerformanceFrequency` `CreateThread` `WriteFileEx` `ReadFileEx` `QueryPerformanceCounter` `CreateWaitableTimerExW` `CreateProcessW` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetUnhandledExceptionFilter` `RtlUnwindEx` `DeleteCriticalSection` `GetEnvironmentVariableW` `InitializeCriticalSectionAndSpinCount`
ADVAPI32.dll	`RegOpenKeyExW` `EventUnregister` `EventWriteTransfer` `EventSetInformation` `EventRegister` `RevertToSelf` `ImpersonateAnonymousToken` `RegQueryValueExW` `RegCloseKey` `RegGetValueW`
api-ms-win-crt-string-l1-1-0.dll	`strcpy_s` `wcslen` `strlen` `wcsncmp` `_wcsicmp` `wcscmp` `strcmp`
api-ms-win-crt-runtime-l1-1-0.dll	`_get_initial_narrow_environment` `strerror` `_set_app_type` `_cexit` `_c_exit` `_register_thread_local_exe_atexit_callback` `_initialize_narrow_environment` `__p___argv` `_initterm` `_configure_narrow_argv` `_initialize_onexit_table` `_register_onexit_function` `_crt_atexit` `terminate` `_initterm_e` `exit` `_exit` `abort` `_seh_filter_exe` `__p___argc`
api-ms-win-crt-math-l1-1-0.dll	`floor` `roundf` `__setusermatherr` `pow` `trunc` `round`
api-ms-win-crt-convert-l1-1-0.dll	`wcstol` `_ultow_s` `_wtoi`
api-ms-win-crt-stdio-l1-1-0.dll	`_set_fmode` `__p__commode`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`
api-ms-win-crt-heap-l1-1-0.dll	`_callnewh` `malloc` `free` `_set_new_mode` `calloc`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1af`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.00345`
Detected Filetype	PNG graphic file
MD5	`4646d813a503ab6653722a708cfc57a2`
SHA1	`3b324e64148584a8256377a382825e9758b9a688`
SHA256	`0447e4e561b9899b1627409951d987a63905c1b6cda9ad512f8cff65bc8bfdc8`
SHA3	`7a8b67b582818765dab69a3f2c16df87000594f514befe00e0fd777535c6170e`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x107`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.8308`
Detected Filetype	PNG graphic file
MD5	`c113408fc4537fb07488ffd138db9622`
SHA1	`7591a38e7e8c80a3482754c10454b0e41b99152e`
SHA256	`52a1d06bfe3ededc688b41ed11f9ad73481693ced3dce232fa890e5f8ba1a4fb`
SHA3	`a64cb1473292c31db9e6f0e202e6d63338c679b7c30a30ef571f092816c42d1c`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x15c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.96685`
Detected Filetype	PNG graphic file
MD5	`8ec7b6d398728a777613c1d72edb1af0`
SHA1	`e58307f29e7ff566b76dcbe2f844d5b71260eb44`
SHA256	`c5de97df3b6f713dc9f94092b2b85b14a8918ddcd2b94bf44366f11e34077b3c`
SHA3	`ddcfe9340b42f9c98270ab2e1427f7218abff55cb051581946a9e31ae71bc26e`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.11102`
Detected Filetype	PNG graphic file
MD5	`f11b896a290ae85fec6fe7707c690e1e`
SHA1	`d6819df866e7da37a7136cd410f919dff96b8b7c`
SHA256	`335c1d58d54af8c53f605cca0dbb6295a9669aacf54690c963fa669c65df2c0e`
SHA3	`2034610dfd8c8f2fa89d24eb18c4266d3a056050a6b2b4a351ee912a2413549c`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2f7`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.10504`
Detected Filetype	PNG graphic file
MD5	`b8a24e2a948ffd06f0ece2a05374b7d1`
SHA1	`240ccbc1cb9cd13c062b14db34aff464ec4fa293`
SHA256	`cb8cdc03d6927870d81c27b20039cb6282e2d770d5e709bc032d7747a9f5a2a5`
SHA3	`92ad14ae0ddb9afaf09864e0ec8e20356b756ce90de6e9ca7e70a33440d85703`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x660`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.01185`
Detected Filetype	PNG graphic file
MD5	`5b5044b58c9a8c9fab1e38a4d5dffb8a`
SHA1	`c927bf1a38ad84019ab0e29734a541abd4675f2a`
SHA256	`da5c322a1ae8e316021ee544594f3e9877abb01e79432b7fa204b6414f674d13`
SHA3	`022e256e1474e65bf5b82c3d0f44f5f4000a4f32da756218eb408ed8381d9af6`

32512

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.62917`
Detected Filetype	Icon file
MD5	`23f59955058f20638a4a2ef451072e1f`
SHA1	`4957f12ebc8ebd18ef4a94474d65ba6c092a0020`
SHA256	`e213133e703ec37076d8c8422ccd61ca5ac6f30bf4d458ff82c996281a2bf188`
SHA3	`85388b2b74c3cc7d67b0307f4c7adcd13437e2adb82e32728267990f07d02796`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1f4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.19166`
MD5	`f6f4f22fadaa59f608fda856bbd88890`
SHA1	`c7f91d5cd5a2ea19748e4930f3d69b16385c1352`
SHA256	`0fc09e69a5b843d840a183a75a7b9d20b9238429c06fdcb239f7774a4a8701e3`
SHA3	`4d6111ca986a1f1e93947ab1bea94b892e93708840a21860b623a8b6afc44983`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96056`
MD5	`01e4c8c046a47771f13cd120b53303e7`
SHA1	`2a4224d31c916a5cff4f2636a3cb47fdd84a5cc9`
SHA256	`b1cb832f790c153aa0e9a66f76e75460263cf1d41971d2dbcc9a4d87ec18b7d8`
SHA3	`680120ec819e7ba66519d9a8a3e446973c4cb28aa0146c91cceaa8c8fadc90ae`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	ytdesktop
FileDescription	YouTube Desktop
FileVersion (#2)	1.0.0
ProductName	YouTube Desktop
ProductVersion (#2)	1.0.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Jan-29 22:29:32
Version	`0.0`
SizeofData	`38`
AddressOfRawData	`0x474874`
PointerToRawData	`0x473274`
Referenced File	ytdesktop.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Jan-29 22:29:32
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x47489c`
PointerToRawData	`0x47329c`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Jan-29 22:29:32
Version	`0.0`
SizeofData	`1068`
AddressOfRawData	`0x4748b0`
PointerToRawData	`0x4732b0`

TLS Callbacks

StartAddressOfRawData	`0x140474d28`
EndAddressOfRawData	`0x140474ed4`
AddressOfIndex	`0x140484bbc`
AddressOfCallbacks	`0x14035fba8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_8BYTES`
Callbacks	`0x00000001402A1870`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1404826c0`

RICH Header

XOR Key	`0xe78d4061`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`14`
ASM objects (35207)	`9`
C objects (35207)	`13`
C++ objects (35207)	`47`
Imports (33145)	`5`
Total imports	`347`
Unmarked objects (#2)	`44`
Resource objects (35222)	`1`
Linker (35222)	`1`

Errors

Leave a comment

No comments yet.