Manalyze report for 7ea8bed627ba7223e448831a4446f3e8

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2099-May-21 01:57:38
Detected languages	English - United States
Debug artifacts	SecurityHealthSetup.pdb
CompanyName	Microsoft Corporation
FileDescription	Windows Security app undocked setup
FileVersion	`10.0.29510.1001`
InternalName	SecurityHealthSetup
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	SecurityHealthSetup.exe
ProductName	Microsoft® Windows® Operating System
ProductVersion	`10.0.29510.1001`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 8.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentControlSet\Services` `Accesses the WMI: ROOT\CIMV2 root\Microsoft root\cimv2` `Contains another PE executable: This program cannot be run in DOS mode.` `Miscellaneous malware strings: Exploit Virus virus` Contains domain names: cp.wd.microsoft.com crl.microsoft.com func.cp.wd.microsoft.com go.microsoft.com graph.microsoft.com graph.ppe.windows.net http://crl.microsoft.com http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z http://schemas.microsoft.com http://schemas.microsoft.com/windows/2004/02/mit/task http://www.microsoft.com http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0 http://www.microsoft.com/pkiops/Docs/Repository.htm0 http://www.microsoft.com/pkiops/certs/MicWinProPCA2011_2011-10-19.crt0 http://www.microsoft.com/pkiops/certs/Microsoft%20Time-Stamp%20PCA%202010 http://www.microsoft.com/pkiops/crl/MicWinProPCA2011_2011-10-19.crl%200a http://www.microsoft.com/pkiops/crl/Microsoft%20Time-Stamp%20PCA%202010 http://www.microsoft.com/windows0 https://go.microsoft.com https://go.microsoft.com/fwlink/?LinkId https://graph.microsoft.com https://graph.ppe.windows.net https://login.microsoft.com https://mam-us.func.cp.wd.microsoft.com https://mam-us.func.cp.wd.microsoft.com/api/ https://mam-us.ppe.func.cp.wd.microsoft.com https://mam-us.ppe.func.cp.wd.microsoft.com/api/ login.microsoft.com mam-us.func.cp.wd.microsoft.com mam-us.ppe.func.cp.wd.microsoft.com microsoft.com ppe.func.cp.wd.microsoft.com ppe.windows.net schemas.microsoft.com spaces.microsoft.com us.func.cp.wd.microsoft.com us.ppe.func.cp.wd.microsoft.com wd.microsoft.com windows.net www.microsoft.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA256`
Suspicious	The PE is possibly packed.	`Unusual section name found: fothk`
Malicious	The PE contains functions mostly used by malware.	`Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot` `Can access the registry: RegOpenKeyExW RegSetValueExW RegCreateKeyExW RegCloseKey` `Possibly launches other programs: CreateProcessWithTokenW` `Functions related to the privilege level: DuplicateTokenEx OpenProcessToken AdjustTokenPrivileges` `Interacts with services: QueryServiceStatusEx OpenServiceW ControlService OpenSCManagerW` `Manipulates other processes: OpenProcess Process32NextW Process32FirstW`
Malicious	The PE is possibly a dropper.	`Resource SECURITYHEALTHAGENT.DLL detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(AR-SA) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(BG-BG) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(CA-ES) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(CS-CZ) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(DA-DK) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(DE-DE) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(EL-GR) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(EN-GB) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(EN-US) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(ES-ES) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(ES-MX) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(ET-EE) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(FI-FI) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(FR-CA) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(FR-FR) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(HE-IL) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(HR-HR) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(HU-HU) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(ID-ID) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(IT-IT) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(JA-JP) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(KO-KR) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(LT-LT) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(LV-LV) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(NB-NO) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(NL-NL) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(PL-PL) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(PT-BR) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(PT-PT) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(RO-RO) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(RU-RU) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(SK-SK) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(SL-SI) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(SR-LATN-RS) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(SV-SE) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(TH-TH) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(TR-TR) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(UK-UA) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(VI-VN) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(ZH-CN) detected as a PE Executable.` `Resource SECURITYHEALTHAGENT.DLL.MUI(ZH-TW) detected as a PE Executable.` `Resource SECURITYHEALTHCORE.DLL detected as a PE Executable.` `Resource SECURITYHEALTHHOST.EXE detected as a PE Executable.` `Resource SECURITYHEALTHPROXYSTUB.DLL detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(AR-SA) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(BG-BG) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(CA-ES) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(CS-CZ) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(DA-DK) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(DE-DE) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(EL-GR) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(EN-GB) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(EN-US) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(ES-ES) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(ES-MX) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(ET-EE) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(FI-FI) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(FR-CA) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(FR-FR) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(HE-IL) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(HR-HR) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(HU-HU) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(ID-ID) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(IT-IT) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(JA-JP) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(KO-KR) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(LT-LT) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(LV-LV) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(NB-NO) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(NL-NL) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(PL-PL) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(PT-BR) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(PT-PT) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(RO-RO) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(RU-RU) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(SK-SK) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(SL-SI) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(SR-LATN-RS) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(SV-SE) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(TH-TH) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(TR-TR) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(UK-UA) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(VI-VN) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(ZH-CN) detected as a PE Executable.` `Resource SECURITYHEALTHSSO.DLL.MUI(ZH-TW) detected as a PE Executable.` `Resources amount for 99.6155% of the executable.`
Info	The PE is digitally signed.	`Signer: Microsoft Windows` `Issuer: Microsoft Windows Production PCA 2011`
Safe	VirusTotal score: 0/72 (Scanned on 2026-02-13 04:35:57)	`All the AVs think this file is safe.`

Hashes

MD5	`7ea8bed627ba7223e448831a4446f3e8`
SHA1	`b0f4702a05e43a3f7389ee3ff73a37084bd8267c`
SHA256	`9b2c6944dc5e24ab53a9c96500965733d523fbc82626e6603019ed0051217d30`
SHA3	`4e8534edef1316631a34c1493bf5614ef4921eae54a9d1e5a5019f5cc8d4ce3a`
SSDeep	`393216:I1+rQ5QFQ432iwEPoF1fGrfiFXxEgSUNCa5/j9ll9f+b:+xPF1fwOXyUNCUTTs`
Imports Hash	`343217982bd9092e4db0e0d3f93871f9`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2099-May-21 01:57:38
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x6000`
SizeOfInitializedData	`0x1531000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000001500 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`A.0`
ImageVersion	`A.0`
SubsystemVersion	`A.0`
Win32VersionValue	`0`
SizeOfImage	`0x1538000`
SizeOfHeaders	`0x1000`
Checksum	`0x154769a`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x80000`
SizeofStackCommit	`0x2000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`b8e2b866696a6078a24cf60f357f96f1`
SHA1	`3d56432ab69c06c7e003f031beaec61599cecadf`
SHA256	`b059d25575ec0c5c75c3f8876efa15e33aab2c3c5763254b8fda554d49d97eb7`
SHA3	`45c5910cdb8fe7c045761e18b28eb119947466db939a992da0a09d3b55d39fd8`
VirtualSize	`0x4cf9`
VirtualAddress	`0x1000`
SizeOfRawData	`0x5000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.91528`

fothk

MD5	`470fec943f83bb6a3b1e6edeb875aa02`
SHA1	`8490f0827ac1f1c3c1ed51a8954735e141592de9`
SHA256	`c6255594a2fc3f821fa49ce62d321b8b168cc7055d5003526e875142de091e9e`
SHA3	`ac565ebf8f16b0ee0aeace53ab50ad931157fd868423be8094105e8e402893ef`
VirtualSize	`0x1000`
VirtualAddress	`0x6000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x6000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0159202`

.rdata

MD5	`0192359779283c52cae2d0b078bb189f`
SHA1	`061c26d30585a9fc9725ab597941c250c58e5be2`
SHA256	`ba47f6c92d2e790adaad9870f4d3de70a900e6e078e2b35c7896491f0ad94443`
SHA3	`16d1c4f185f8ed7ece021ef2529e211011432a39232f05dd5f922560cef6b338`
VirtualSize	`0x462e`
VirtualAddress	`0x7000`
SizeOfRawData	`0x5000`
PointerToRawData	`0x7000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.47877`

.data

MD5	`311a7dadb73d4d4286a97677c4977a2f`
SHA1	`96a2ec7f77706c86a95a80bf5779c800718b0849`
SHA256	`7b0fb5c4745cdb4270684ce183a24a35f1f69cdd331175857f838353f7cf5d04`
SHA3	`72f66b7f3d6f5772977800b0afe9383a161495fffa700def724e11bc47af087f`
VirtualSize	`0x9c0`
VirtualAddress	`0xc000`
SizeOfRawData	`0x1000`
PointerToRawData	`0xc000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.07122`

.pdata

MD5	`f6532af33ae6f47e9621c31eb91dc019`
SHA1	`544c2ea8da41082d4816c8b8072cc00f3eed29b4`
SHA256	`5f54b67c7c16d26081f8fad3edbf8ddb1d69d93e4fb3cfffd052e74ee5b7d5ed`
SHA3	`c9ee1b2f67d46438f67c6b0b400967f1a6ee81f5cbbe9bfc0091d4c2dfc5d69f`
VirtualSize	`0x420`
VirtualAddress	`0xd000`
SizeOfRawData	`0x1000`
PointerToRawData	`0xd000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.39035`

.rsrc

MD5	`65ebf8e8b682949e598df3d49d3cec2e`
SHA1	`a2e5a33f3318d14ce286be26568741ad95511b3b`
SHA256	`9011213b75b9a29db53727ec4696df662b560370f0051db835a28dfaaca2dc30`
SHA3	`3c5dce79b0a4b1349d2e83cf902616ef3e291dc6ee7f3bf9c137fcad4d150616`
VirtualSize	`0x1528088`
VirtualAddress	`0xe000`
SizeOfRawData	`0x1529000`
PointerToRawData	`0xe000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.64564`

.reloc

MD5	`51b2951b3be3a04750658470f774ff42`
SHA1	`98ce4243ad196326d175535dcc9075e5982cff85`
SHA256	`4749eb408adeadfde6848ba07771d87d4032f728420729d98610ec307cd067d0`
SHA3	`cdfcd9d09fc8921de7821832e30625f11b1c73facb74b444e178514022ed9f1a`
VirtualSize	`0x154`
VirtualAddress	`0x1537000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x1537000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.625522`

Imports

ADVAPI32.dll	`QueryServiceStatusEx` `DuplicateTokenEx` `OpenServiceW` `RegOpenKeyExW` `StartServiceW` `OpenProcessToken` `RegSetValueExW` `ImpersonateLoggedOnUser` `CreateProcessWithTokenW` `ControlService` `RegCreateKeyExW` `OpenSCManagerW` `CloseServiceHandle` `RegCloseKey` `AdjustTokenPrivileges` `LookupPrivilegeValueW`
KERNEL32.dll	`SizeofResource` `GetCurrentProcess` `lstrlenW` `GetModuleFileNameW` `GetSystemDirectoryW` `OpenProcess` `CreateToolhelp32Snapshot` `Sleep` `GetLastError` `Process32NextW` `LockResource` `Process32FirstW` `CloseHandle` `LoadResource` `FindResourceW` `GetCurrentDirectoryW` `VerSetConditionMask` `GetModuleHandleW` `CopyFileW` `VerifyVersionInfoW` `lstrcmpW` `GetCurrentProcessId` `GetCurrentThreadId` `GetSystemTimeAsFileTime` `InitializeSListHead` `RtlCaptureContext` `RtlLookupFunctionEntry` `TerminateProcess` `IsProcessorFeaturePresent` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `IsDebuggerPresent` `RtlVirtualUnwind` `QueryPerformanceCounter`
msvcp_win.dll	`?_Incref@facet@locale@std@@UEAAXXZ` `??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z` `?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z` `?out@?$codecvt@GDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBG1AEAPEBGPEAD3AEAPEAD@Z` `??0?$codecvt@GDU_Mbstatet@@@std@@QEAA@_K@Z` `??1?$codecvt@GDU_Mbstatet@@@std@@MEAA@XZ` `?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ` `?id@?$codecvt@GDU_Mbstatet@@@std@@2V0locale@2@A` `?_Xlength_error@std@@YAXPEBD@Z` `?_Id_cnt@id@locale@std@@0HA` `?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z` `?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z` `??0_Lockit@std@@QEAA@H@Z` `??1_Lockit@std@@QEAA@XZ`
api-ms-win-crt-runtime-l1-1-0.dll	`_c_exit` `_initterm_e` `_initterm` `_invoke_watson` `_register_thread_local_exe_atexit_callback`
api-ms-win-crt-private-l1-1-0.dll	`_CxxThrowException` `__current_exception_context` `__current_exception` `__C_specific_handler` `memcpy` `__CxxFrameHandler4` `__std_terminate` `_o___p___argc` `_o___p___wargv` `_o___p__commode` `_o___std_exception_copy` `_o___std_exception_destroy` `_o__callnewh` `_o__cexit` `_o__configthreadlocale` `_o__configure_wide_argv` `_o__crt_atexit` `_o__errno` `_o__exit` `_o__get_errno` `_o__get_initial_wide_environment` `_o__initialize_onexit_table` `_o__initialize_wide_environment` `_o__register_onexit_function` `_o__seh_filter_exe` `_o__set_app_type` `_o__set_fmode` `_o__set_new_mode` `_o__wfopen_s` `_o__wmkdir` `_o_exit` `_o_fclose` `_o_free` `_o_fwrite` `_o_malloc` `_o_terminate` `memmove`
api-ms-win-crt-string-l1-1-0.dll	`memset`
api-ms-win-core-version-l1-1-1.dll	`GetFileVersionInfoW` `GetFileVersionInfoSizeW`
api-ms-win-core-version-l1-1-0.dll	`VerQueryValueW`

Delayed Imports

MICROSOFT.SECHEALTHUI_8WEKYB3D8BBWE.APPX

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x9c09bf`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.96821`
Detected Filetype	Zip Compressed Archive
MD5	`83e18896e076397744d9a63011de99b0`
SHA1	`ce2c09721258cc0a3a9e4024b0a5d6a0eb0f3836`
SHA256	`78dabc691a08b2b7c61cee208b40c3190c4230b6baab03969a8f2c35d19dda3a`
SHA3	`a9cc673177250b7f12a40ae330761a97f03b894f9a72608afb2e3d7b54df0a66`

MICROSOFT.UI.XAML.APPX

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4e2479`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99513`
Detected Filetype	Zip Compressed Archive
MD5	`2d1c278a665a52f2498a442b0b1848bd`
SHA1	`a5fa9d96fe72d5cd885dab0b6f50a44ca82949a6`
SHA256	`249d2afb41cc009494841372bd6dd2df46f87386d535ddf8d9f32c97226d2e46`
SHA3	`d87392115750459d952b8b1b742078eee7ba980962c3d7ab1723420324742c2e`

MICROSOFT.VCLIBS.APPX

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xdae45`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99589`
Detected Filetype	Zip Compressed Archive
MD5	`38c974b0d873031e25b196982d4f1b08`
SHA1	`00c5a18b3243c99296724d4c02975ba8fc3ff353`
SHA256	`9c17b521f9d690a1f504da5108ed6eec5669eb3a8fd1331eef43e40d84e74283`
SHA3	`32d89b06ab256b7b484954d1cf1c8af5913e8ba82eff885f925a9a8e7fd3f70e`

SECURITYHEALTHAGENT.DLL

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x15e5e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.09557`
Detected Filetype	PE Executable
MD5	`fed31f25f610ccbef6b2f6c6eb2f6e3b`
SHA1	`f41fdce5f5593cfd90fc9b589787f8f0e5493e7e`
SHA256	`933a266eb16bc28536e08c61824a05c4a3a365399b661bfe2fe2cbd5a7b33687`
SHA3	`719979ece4d2ecd4553019e85664ff654fd1dde6651b9c74157dff157aa4f24c`

SECURITYHEALTHAGENT.DLL.MUI(AR-SA)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6c00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.0848`
Detected Filetype	PE Executable
MD5	`239a1463ba4943f10712585a3e4fb2a1`
SHA1	`fde821fa136857762d9e824af60ca898cdf8cdaa`
SHA256	`879ce4b14b8b299181e7a81bcc11082c8c058a7c1fdc4ba2c0a20e8111f14408`
SHA3	`c70ec6982d545e13bcbd4b01e33010e49db2d70b4cc49fc72cb771c395747e47`

SECURITYHEALTHAGENT.DLL.MUI(BG-BG)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8000`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.99527`
Detected Filetype	PE Executable
MD5	`930bd3fe19b64ca8d47d2bfdaa3e6509`
SHA1	`50d4012feaf0b79dc5afb0655e9562bd2b190db9`
SHA256	`3d5e20bb09476b979bb30fd3c53510f756d45d4d9ab1ce70455d56f8bc985a97`
SHA3	`e293f6fe4e0db43e7401848fb3ed6dad317f017e224c69a277929d18e8428b8e`

SECURITYHEALTHAGENT.DLL.MUI(CA-ES)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8600`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42757`
Detected Filetype	PE Executable
MD5	`86eab642ef78a524435d9029981a6754`
SHA1	`ca40cd83c4cd9992f56a2144287cf8258e575407`
SHA256	`644c3957d4f5c2d892480ee12967bdfb76c5266ab0e30d598cce464fbb621336`
SHA3	`5fb0a991295ce1333008661d22efff705ef6ce46078fa94d3ed4b4bbec164173`

SECURITYHEALTHAGENT.DLL.MUI(CS-CZ)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7c00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.62362`
Detected Filetype	PE Executable
MD5	`e53f093ccaadb701f49621497d980288`
SHA1	`c53429776c89e3cd200095ca901b1ed5934f5511`
SHA256	`fef82b59c3798fc0a2ea8e9615fa1e964d847e35f42a59fe1fe9a6a4473b984d`
SHA3	`a349a0ca553f08819939153648f20254752665efffa1f6c790dd8b836670ab06`

SECURITYHEALTHAGENT.DLL.MUI(DA-DK)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7800`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34488`
Detected Filetype	PE Executable
MD5	`68dc809db092d30d1990478a68116469`
SHA1	`eeb1746e558637379143328d1f971ac2e605292c`
SHA256	`ae952cec38c58953259646cf49cc1f1fff8a828d5739781c88b433fc3d3b4a76`
SHA3	`8f7de499433914208125277de503a4a36438fec501c8d5c338b2569ac87a8229`

SECURITYHEALTHAGENT.DLL.MUI(DE-DE)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.38179`
Detected Filetype	PE Executable
MD5	`49c92b69c2dc5885cc6c21066d950aac`
SHA1	`b4ec75b3af6239f95282e8fe0f672e2e34d8f652`
SHA256	`c5f77e012bada3008eefd6b412bbdf8cbb5c7940a52bca535917fe4a5e16c948`
SHA3	`d4eb7cdd4356254e788d6699cf175c6f0a322eea1d8ec31ec57948ffd8204d1e`

SECURITYHEALTHAGENT.DLL.MUI(EL-GR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8c00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.07496`
Detected Filetype	PE Executable
MD5	`f24e9ab26f294941fc2f7bbb84891821`
SHA1	`25926ef84c6abb97308d4b8edeb1cfcc167c2099`
SHA256	`acc6a3e50950788461e7eb5239fc1ba17f665e1fbe7ae7cfc5028da6a91e900f`
SHA3	`bdda4dc14772e55272dc97de21c937912dda1ac3a37bcf315e15a33bec8b0ebb`

SECURITYHEALTHAGENT.DLL.MUI(EN-GB)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42306`
Detected Filetype	PE Executable
MD5	`17ebdf28aa7a7a2f5feda5d17072bfce`
SHA1	`c9a88fd803ebf9c68cbcc30b2703581df282f90d`
SHA256	`4f674a477f60df89178c68f8ccb93b67dfd7dca5e09eb57e037ff6ba3b11606e`
SHA3	`e0b5a1e24e67ed95ceb3338f9135ee26fe532aad0933ceec30ac65928fbdad0e`

SECURITYHEALTHAGENT.DLL.MUI(EN-US)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42268`
Detected Filetype	PE Executable
MD5	`4d6193b74fa08c29671decc14decb164`
SHA1	`6a22950a90528a2939892db9ec73275302d8fa16`
SHA256	`1dddbcfa82a01a009c5a07c272b5de8eb297d93c24d3d9241d33157e9d3e9543`
SHA3	`16085072fd2ce9858b3728b53eb5dbf31aa7c9069e2ce2beaf6e5b14ae771119`

SECURITYHEALTHAGENT.DLL.MUI(ES-ES)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8400`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.32441`
Detected Filetype	PE Executable
MD5	`c5b89d8cf6032672c46e2bd47f697a41`
SHA1	`052ca372e819d8155c35bb677b6dce61b820bbf4`
SHA256	`ef73df60c6c1872117c4a97cd6a4d2f4b93e91c4a64bdefbe21b2c863e9003c7`
SHA3	`7989fc60acf73c4957bac5144feae86a722c06a7d46a419d375cdb8147196a6a`

SECURITYHEALTHAGENT.DLL.MUI(ES-MX)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8800`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.3516`
Detected Filetype	PE Executable
MD5	`c497a13a38190ef33be13595bf2f580e`
SHA1	`8383927eefaf2e23ba5712da01774f768e9e58ef`
SHA256	`bb85179993d283a4780beb9756e4dd37b1822197311ea4861149be6115feea73`
SHA3	`cad5bee0f1b28268316c9e8f426191c49d6934496ecce0c45d21022ef747bf8e`

SECURITYHEALTHAGENT.DLL.MUI(ET-EE)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7600`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33112`
Detected Filetype	PE Executable
MD5	`d05649a403d8adcf7a9930631d7149bb`
SHA1	`972eb7dd19f9542bc14beca2f3d8f455d2da869b`
SHA256	`a15923ab6d863ad3fbc27423e8c24196a9aa10157b8dd96e71ca1574ca4e716d`
SHA3	`b798f4b74c533f058b4ae947344180740453d9b72103c6aff156174fd74839db`

SECURITYHEALTHAGENT.DLL.MUI(FI-FI)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8000`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.33941`
Detected Filetype	PE Executable
MD5	`4a2c4a25617a8b78d7cda71fbb4824a3`
SHA1	`2a99fe0f331d4fb773f57c3aa5aba3b54160eec3`
SHA256	`0cd26604e92b80406a899ce05f86eaf57032ebfae910e2e7b78408fd34a40591`
SHA3	`ba2aff92fed918a631014f20514f13bd92b128da552dfe4e5df84a39984fb651`

SECURITYHEALTHAGENT.DLL.MUI(FR-CA)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41598`
Detected Filetype	PE Executable
MD5	`2d3044e02dc0b5aec5fccee1f84180a8`
SHA1	`1e464385ef73e9760678424b93f4c3d1b92455db`
SHA256	`4f18b09b2f61f67529c9bdaa3dccd86718323fdbd7e69431789ae6d1fcf1e8fa`
SHA3	`82177064308d7b0bee10d0c0f15d037a649ec8203d877c4c3f1f1f593142c3c0`

SECURITYHEALTHAGENT.DLL.MUI(FR-FR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.39946`
Detected Filetype	PE Executable
MD5	`008a445243d7cf7460fea08da6fca73b`
SHA1	`754aed088137c14a74881c0b60c8c0f999dc0974`
SHA256	`18c5e0e2074a2f615f2d0641b133fa76c0bac5c98f738e111cd47ab63c8b43f4`
SHA3	`f7e1016f08e53cf1315791268624cd283ab157ae1db906eebf9682835bc1cffa`

SECURITYHEALTHAGENT.DLL.MUI(HE-IL)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.10217`
Detected Filetype	PE Executable
MD5	`84461142fd90c1380e757b888e06a4a5`
SHA1	`e06fc353ea49b63380f89d0b9a92fe732b784f74`
SHA256	`b52bc1a403b2943f79c434d80562c39e4b813a1fbcc8dfd0b04f499e051c7ee2`
SHA3	`f774dc5e2864a37efaefacbab49b6a28579c7c55b43009e6ed17c8f79951b0eb`

SECURITYHEALTHAGENT.DLL.MUI(HR-HR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7c00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42177`
Detected Filetype	PE Executable
MD5	`0dc2861dc2fcc0246a7a8311df1c8273`
SHA1	`1d2b9aa7fd0e6353f8616d8de367df235f485d0a`
SHA256	`8fb06d783d60b5460ad1592f1d1bcdf0520858a0a4a0a0866688ab5218caefbe`
SHA3	`bd109cdd441291213916f0aac350a3155a3def265c93e10d3e9fe49dfd5cb85a`

SECURITYHEALTHAGENT.DLL.MUI(HU-HU)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8600`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.57068`
Detected Filetype	PE Executable
MD5	`ffa83cdcd3bb8a44cd90cb3ea747160a`
SHA1	`a686e8af49a866296c0a8f7a2da792994704b0d4`
SHA256	`d52cc1dbb602dd3afac3e1ac42b5e25610e2fa691d4d69435142d9689b776a90`
SHA3	`0e3041167ad9a5d7bbf331f5af843b3c7130ad4389ed7461805fc8b1c5e48991`

SECURITYHEALTHAGENT.DLL.MUI(ID-ID)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7e00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35368`
Detected Filetype	PE Executable
MD5	`067ba7d263a9afd142c22633d57dbf16`
SHA1	`dff5941cd586ac7cabf23adb64e5793307fe0292`
SHA256	`1126ed83ca825a6bba290685237e508574cbbcf496c52685a36e857e3739d678`
SHA3	`3b6845cd43ef7ccc046cc128d7e460979e764f0be91319d2a58daf7a54b8c363`

SECURITYHEALTHAGENT.DLL.MUI(IT-IT)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8000`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.35588`
Detected Filetype	PE Executable
MD5	`b4308b0b8afd9f3460ffdd8e5821d5fa`
SHA1	`08925e392f1f48e55e08363e6458023ee606acb0`
SHA256	`bd4d19d118f8189fe7c7e5ff3ddd874fbbc8d7ef040fab6ba2151c79604b9f85`
SHA3	`bdb6e03c436c39b5c0f9430f7430c655bf3ff0e6124e921395a5ec7c3cbf69d1`

SECURITYHEALTHAGENT.DLL.MUI(JA-JP)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.19098`
Detected Filetype	PE Executable
MD5	`6b48b04455e935729b82f307487dfbbb`
SHA1	`29b135c957e07b4cd3f0e76d89fcb2a5d158c15b`
SHA256	`d8ddb3eab80d249cea493c2899918336575161130db793a0dd781c9d8d9252bd`
SHA3	`3c040b60389a583c1b56390e2bc5695d3725424922fc06c82ee6dd10719c6f65`

SECURITYHEALTHAGENT.DLL.MUI(KO-KR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4800`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24682`
Detected Filetype	PE Executable
MD5	`f33a3a1d7bcf0777308a850a59710072`
SHA1	`45e56111e0ee3d734deb377914df4fab9f5bd25f`
SHA256	`d934be3ebb47aac4aae3faf3b3db1d7544ef903c94a24eed7738a2bb9f42d72a`
SHA3	`3cc42452fd013a627325cb583c72f8f1d2ad44ee3c39ec6bb383a844ca603e52`

SECURITYHEALTHAGENT.DLL.MUI(LT-LT)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7a00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.59094`
Detected Filetype	PE Executable
MD5	`03516f035248832053926f8746fca172`
SHA1	`189c0235d26cea4d645d0c5fd79a58f361275300`
SHA256	`61f0cf673988bb0b4409276b1b40da94fc8d63cdbb87c666206ee31d24678da2`
SHA3	`f9571851db9cd88a72f79080acd07b17bc2c15d26dd95cf4fbb8a690b47d999b`

SECURITYHEALTHAGENT.DLL.MUI(LV-LV)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7a00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.59073`
Detected Filetype	PE Executable
MD5	`5e66acde5382042ca4a3000932a951f0`
SHA1	`7c8a57ce157e691b3df6fbda8acac7e63f530791`
SHA256	`2b00361a793c0da23e205a1b687f68fb7f7fc7f34b4ef90f8ceb54b908b197a2`
SHA3	`1cb799b37febf37fa24da68febd70d762b04a86e15c591ae4c27c97bb1100dff`

SECURITYHEALTHAGENT.DLL.MUI(NB-NO)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7600`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37035`
Detected Filetype	PE Executable
MD5	`b255bf3e64bf0ae19f904d4140803413`
SHA1	`202628fec88a14eca03401d29efb9fefd5a2168c`
SHA256	`809cf04f692340e5adf8fba3c0c811f49b4ee67ae302a769aaec7b990360fc9a`
SHA3	`20027d93709b628a4aad094f64e8b191686e895a4d8a4f7e1ef16b7523c2fb76`

SECURITYHEALTHAGENT.DLL.MUI(NL-NL)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8600`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.32447`
Detected Filetype	PE Executable
MD5	`f5895f5ea1459c4fb3dfdebd2fb90d3a`
SHA1	`f4e84a2bcc1daecb2f60c59708bb187e84427a2e`
SHA256	`0d6cda5130f39e67a8aaf196d8b8c5771b2495e6a7e85ae2184cf22f6c03854e`
SHA3	`707020625667bb8ede2bd54d8ef2bde7993e35519bbacbcac79a88b32ff4bdce`

SECURITYHEALTHAGENT.DLL.MUI(PL-PL)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8800`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.58203`
Detected Filetype	PE Executable
MD5	`b5594d033178ef1650dc5fcf752bd4bc`
SHA1	`90e0b8e09fab6faf920e19e43bb8099843a53071`
SHA256	`1e52ca44beba8c10ef3147256e58c6a3dc38ccd8ba51268e751fed9df74aaa99`
SHA3	`e3c43d2ffc6dc7f1ba7a9991cd071475ae092af7fa95bd4699236faa7cc4d871`

SECURITYHEALTHAGENT.DLL.MUI(PT-BR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8000`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42006`
Detected Filetype	PE Executable
MD5	`a91a3acc73a2e2307263219334a209a2`
SHA1	`46035d890fba1628e3aed3ef4e84ca9d9d61e62e`
SHA256	`53df98ad6dd80c57cd17bab2f871bb6d8cb391bbe3d586773ba604160ce6f19e`
SHA3	`ee39bbda465b3b4c6c19cd4330d4b4c0afe918dbf3d13878116e687a80bbd698`

SECURITYHEALTHAGENT.DLL.MUI(PT-PT)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8000`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.39828`
Detected Filetype	PE Executable
MD5	`4c7e83e82b25123e7f97559e860630a3`
SHA1	`ac89e5f4bd09eb423941c3ad4ec17687b06709bb`
SHA256	`4ced15e156a9dba596799bf07d4f2a3a9c52734ee4c1511f65928aed64736736`
SHA3	`ae4d67a5777c494239a0079eae465373588aaae0a09b61f3fb545f2623f62243`

SECURITYHEALTHAGENT.DLL.MUI(RO-RO)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8400`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.54993`
Detected Filetype	PE Executable
MD5	`f509a86dd82861e76a034a27b76f28d3`
SHA1	`330af795c155b9eb5380eca922f428a514397a6e`
SHA256	`8ae6cc4188e8e77c3a1357450a7119f440f46615399dee0cbc7b197adc147051`
SHA3	`b60115608dc8de390f97a1aa290b023d32eee76dcff7165afefc7e209f176c7e`

SECURITYHEALTHAGENT.DLL.MUI(RU-RU)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8600`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.05553`
Detected Filetype	PE Executable
MD5	`3ed9e5fda44be3b0c7a1edf37bba717c`
SHA1	`2b591480664ff069b8df4297a4777935c8d8a5fc`
SHA256	`6e33df60853c1932ddb139ceae1a96d590989968954ca96f0114428d4d8155e1`
SHA3	`bf2658a3dd4cce1b15f31b4ceb65a83329990562968abb7e09895ee10a27d925`

SECURITYHEALTHAGENT.DLL.MUI(SK-SK)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7a00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.5565`
Detected Filetype	PE Executable
MD5	`41487b4cd9d623b4ac7d73de85fefb1c`
SHA1	`a4b52c51ab7c290211bf3f711ee8c776f117353a`
SHA256	`dae9376241c46f84d1f660896161b9ccee68bde4689cc3536fa58e697aa85ecd`
SHA3	`86207354d342daac32f269ac6de3ab28f0c835f5292409b917f029d5487aac46`

SECURITYHEALTHAGENT.DLL.MUI(SL-SI)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8000`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.49662`
Detected Filetype	PE Executable
MD5	`e3e94d215a967e633dbf9e5b460c1e8a`
SHA1	`ec6d7d32b0ed5e47a1b85d5bb7886d9b6a6a77d8`
SHA256	`248763db15435ef864ee32de907cf9f7f44da421c54c16eab27610fcbc71315c`
SHA3	`4d5cafb66465da95b3ee3c2d593a001274091467616fb5310d2dd709fa9a3d72`

SECURITYHEALTHAGENT.DLL.MUI(SR-LATN-RS)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8000`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.45233`
Detected Filetype	PE Executable
MD5	`0c28394ec41d643427f46de6a30bf83d`
SHA1	`38579089dcffa0f2524f421cdc7dca993f04553d`
SHA256	`60fd4aec91b13cd940b97ddd23383eed39e2813d5cc84e0e52f7816778d0ccf7`
SHA3	`fd7a3514631582642bfde0c3dec5ec4323c20d99368307c5b36d4fe8352f67fc`

SECURITYHEALTHAGENT.DLL.MUI(SV-SE)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7800`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.40289`
Detected Filetype	PE Executable
MD5	`5bb877dff31299ccfceb150ea8a5662e`
SHA1	`be3aa54b04acf87868eb66051574fd1947a71fb3`
SHA256	`2617898e0616d5c0f3b2c90f66f91d0e078c1304301603f9e397144fe9980a34`
SHA3	`ec978b58521e4a4ecae95772c9522cedd8c95afff7ad459acff9d70be631052e`

SECURITYHEALTHAGENT.DLL.MUI(TH-TH)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7200`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.24166`
Detected Filetype	PE Executable
MD5	`77e447441d83bfb179e174af44d70c3e`
SHA1	`a2eb36d91ae2546ee05adb4f05eae5733c4152e2`
SHA256	`13b65a09796456d31fdc273dbcfa82be1f207bf22ff2e8742be457b5d6035648`
SHA3	`c63896173052c58dd26e90a8ced18b68142ef3fbfbeb31e07f23cfd6c555398a`

SECURITYHEALTHAGENT.DLL.MUI(TR-TR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7800`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.5506`
Detected Filetype	PE Executable
MD5	`a2e0490defeac17f30fffc2739927a1d`
SHA1	`15bd9b12df581e69c69a83090ca29ab08589e478`
SHA256	`59c1136e6cbdeb6d366dc8c642d6097fac3c14ac361443cb39dad8beaeb2f943`
SHA3	`0e5a9d6049103fe78e7fa89aa45a499884be7d16e7b8fb884f57eaf2efd22e52`

SECURITYHEALTHAGENT.DLL.MUI(UK-UA)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7a00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.09142`
Detected Filetype	PE Executable
MD5	`ea726312e6b38180a2dd847ccef6bd3a`
SHA1	`23071acf9f1af47f59e425049ded4840232893e7`
SHA256	`3e6879cf8dad8122a78bc5890daa11eef5a159423d38b5a15096fd91959ff31f`
SHA3	`9ada186ea0d68789207360a5d89eae87c3ce6b441b2ab61bda1eebe7b667bc53`

SECURITYHEALTHAGENT.DLL.MUI(VI-VN)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x7600`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.98344`
Detected Filetype	PE Executable
MD5	`b9bfcf1faa2d72125df93536386bf84c`
SHA1	`9b0141b48aa5494b701eec37dbc77e5b1f15babf`
SHA256	`65d841b1e8489cfada2244329d529176bcb95782c40b9106d73a40c00251396a`
SHA3	`8eaa9d0598ad8490cc4122b6b32e48c8082649ad7eb73d795d23ac0790cd6d86`

SECURITYHEALTHAGENT.DLL.MUI(ZH-CN)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3600`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.78664`
Detected Filetype	PE Executable
MD5	`8761457ce36c7891273ed4cbcbd87195`
SHA1	`280665a336a64b02374be662f279cdfbc31a0f89`
SHA256	`a34f934e86a33c4f186bb7aed0bc28148770e3dafee71aba47d5c5d85e518cfa`
SHA3	`44fa31a3688557296e1d327439ad064ece8bd23ef9f6a17fca5a518f9f59c346`

SECURITYHEALTHAGENT.DLL.MUI(ZH-TW)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3800`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.90742`
Detected Filetype	PE Executable
MD5	`66d5c8dd42c6615c75320b37a420c148`
SHA1	`12a550122564e86fafeca7737994b4f74c215edc`
SHA256	`33ccca0759e0b1dc36689bba0bcd13a3591e8fe49e1614d26c1f998acfbdcb2c`
SHA3	`49f3f8e4f0287cc358986a5c05f7a3a1454c6dd8d70edc079affbf0878e3a247`

SECURITYHEALTHCORE.DLL

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14e5f8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.20328`
Detected Filetype	PE Executable
MD5	`df869a516408fe1f012a21cb403b2a8c`
SHA1	`18fa364010e69c4e9ba1936ff94e49c6a3e8d9fe`
SHA256	`23f9870cc17e6ce0d73cc6e3709a4c514162244aae8e0ffdb2ce0dd9f7a275b2`
SHA3	`3c9a679d36f50942452a2ec143dacb93012e1bb896b86549d06093e8b7bcee7c`

SECURITYHEALTHHOST.EXE

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1e5d0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.69181`
Detected Filetype	PE Executable
MD5	`a0e67bb35ef411c3c748b68b529995f5`
SHA1	`0d2ce316b04966feb4163e9415dbafc59e99a045`
SHA256	`f7252a7d2c6a0e16b067e937bf5428f14d84e3f9f74ecb2d46a7304fceeba1a5`
SHA3	`1012a018fbc552b66b1ec2ffb0f79ba6407092d4e0c99742f85e6fd04bd8db0a`

SECURITYHEALTHPROXYSTUB.DLL

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2f5e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.38497`
Detected Filetype	PE Executable
MD5	`58a2a8e32d50c08148eb00fb0a48b165`
SHA1	`e99e378384608b434b6ed239ec66d8df47c09f49`
SHA256	`7ccccbbcf3f078f0443744575c465b9d32faa3ab06000c814c54b21b69b2b4c7`
SHA3	`816f293e69e8be27c888029fa65cc543b94122fc834e706250759f6f99e44a09`

SECURITYHEALTHSSO.DLL

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0x15a5f0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.35595`
Detected Filetype	PE Executable
MD5	`91138c2c90687ada2db6bce1309e5702`
SHA1	`07d18a668b09981608de587158821f070bd1f7f6`
SHA256	`0089a409717102685ab8c85a30020df4ebd5a35f9965582b74bd68781a964449`
SHA3	`f5906bc19c091d889723fd1eb6bfc636f29d37d728a53a9dc4a67dc114dcc829`

SECURITYHEALTHSSO.DLL.MUI(AR-SA)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.78474`
Detected Filetype	PE Executable
MD5	`18c73cd1d9da63d89cde86c75601b291`
SHA1	`bfe430691305c57e13a3d3037367edf4489f983f`
SHA256	`d1bd3799ad32d26ea8d1a1e485c213840159e61a8d9fed917e5ddd0ffd05ee96`
SHA3	`35ed68d5fcec62075ded6ed5bc4beafe0ee3eefc90813f2ce1e8acdd6c440972`

SECURITYHEALTHSSO.DLL.MUI(BG-BG)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.08777`
Detected Filetype	PE Executable
MD5	`0fd8c8914ac27b9df60cae00532a8fd3`
SHA1	`c16fa63cc91e005c04dd5250ba95f05285ad01b5`
SHA256	`5603ef31b60bc29fbda1e36633c1a40f018fff1b106f3d1a8cab959ee9b95747`
SHA3	`d69e99f250f08649107dfe29476198c8416893212bf266e0b8e918f42e3040c8`

SECURITYHEALTHSSO.DLL.MUI(CA-ES)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74806`
Detected Filetype	PE Executable
MD5	`7806fd0ed7923aadf7c7143a420e373c`
SHA1	`e0336d3662f8fc614e75331ef2c648777493ccae`
SHA256	`448c0e6d33c9aa3d3dc3cfae5bbb0054590baea690ee34ff549336fe5bb10c49`
SHA3	`fad5320b33a73c502bccd95969cff46708d671e9786f5397270eab5f3c281f57`

SECURITYHEALTHSSO.DLL.MUI(CS-CZ)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.38635`
Detected Filetype	PE Executable
MD5	`e6480014cb40452d3a53178b11240d1f`
SHA1	`ae48d0e476476eb6452e7118a55d5b6bdbb62b00`
SHA256	`a2d6db2539a59e7962344a6e09bf4e5ea7f66b4b889d47418eca62ad0abb3327`
SHA3	`bbc0f387d25041ce391bc61af9e2dcf4b7419755136fa5ac96702ff8d7dbbe52`

SECURITYHEALTHSSO.DLL.MUI(DA-DK)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.39946`
Detected Filetype	PE Executable
MD5	`fac7efd2a69256593991de8b9d3f1f8c`
SHA1	`ce30426308716e709a071692420b6b7df6d38b3d`
SHA256	`fe904c09900d9b0ca79702a735f21f11275ae617f53cee1f4ec8c8e67284c0e5`
SHA3	`447575bdb9e3d3d56d86583fc3d946730c1f4c05f3a1f45339e1492c13accc30`

SECURITYHEALTHSSO.DLL.MUI(DE-DE)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.2964`
Detected Filetype	PE Executable
MD5	`889a9e776d4d3d099ed7b321a331593d`
SHA1	`a53ca1b143a0af0db2af6d39def04804fd2ef09b`
SHA256	`290e4247637befdb5c37bc4e3d5a60e1ea57328d2845da720c1285712f198321`
SHA3	`60f945874ac1104e3239c575ed4fa8890c47271bc09b82106625eea4fa514415`

SECURITYHEALTHSSO.DLL.MUI(EL-GR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.21719`
Detected Filetype	PE Executable
MD5	`961cd927e538f850f4b9aa2770ba0d40`
SHA1	`cc8b4237dc0df1a4c03345a70f1a4f7cd6075477`
SHA256	`eba0005aea7804b7910444a27929fdadd19b8f802aafb3f76581e0320baff51d`
SHA3	`9601c76768b92bec40bb27cdf0c4afa6915ddba1c24daa8a511055dc2c57a748`

SECURITYHEALTHSSO.DLL.MUI(EN-GB)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50687`
Detected Filetype	PE Executable
MD5	`36d7f61472cd9840151cc7d1fe3b9fd2`
SHA1	`4b798a3d43077f3b75b3d3ac49cd66bf1d9dbf62`
SHA256	`567b16906a6e68e8ada6328ef027e2413e3302d98c91000d13b6846c43926c2c`
SHA3	`d606a050f080e94ca631f6e169e5cf6607513a9d16139f3a2cb3d46e7434a8e2`

SECURITYHEALTHSSO.DLL.MUI(EN-US)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.502`
Detected Filetype	PE Executable
MD5	`154edbd86dc5e8712fdc7a0d4396a5b4`
SHA1	`6865b27831dbd5842b31334e400d373b641cb3a6`
SHA256	`e52b9cddc5b39c2fb24ad2d1560c36bcffa7c767b4216b9012966f4353556e6d`
SHA3	`b85460263e31b7e7dd43a129b4290ad742439b8dfdae0555186bd049226580aa`

SECURITYHEALTHSSO.DLL.MUI(ES-ES)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36332`
Detected Filetype	PE Executable
MD5	`d42cb0dbe456ba744b35d38fda5b0633`
SHA1	`8b4a4e91b68fcd7924daa0f4ade579f0783f3279`
SHA256	`3630488330801793f1483c36424db7e34f859629f2b80a359c972d9378bcb496`
SHA3	`81b4da8d981951dcc5eb25421e6a06e356e8da8ef4780311dd220ad5cc561e44`

SECURITYHEALTHSSO.DLL.MUI(ES-MX)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36383`
Detected Filetype	PE Executable
MD5	`764d3f4611119cd3ab91f7df5442f837`
SHA1	`96576559a25299c6e8b11044d39e4165366d7b74`
SHA256	`d6a605d2cc34a7cd5cd1d73b045e7a9c2b331a7d045974ba4c888f365b2cc1e1`
SHA3	`6af348ac7b05f9ecce7ee4f9cd3e18a367b78d903386078be66dbec1a8dc7e75`

SECURITYHEALTHSSO.DLL.MUI(ET-EE)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4839`
Detected Filetype	PE Executable
MD5	`7e44823204e72f7138743af15bcc81f6`
SHA1	`535a802f6f4b7ede67d84c27bbcd2207f62c2b4b`
SHA256	`476e6a72147aff6f2ddca7c56f961c37ffaedae80051630e3e7ae5905e9d9217`
SHA3	`48faa2910bccb25dfd01b5f9d2cbc42797d49c6a5d64061471d3435de91222b7`

SECURITYHEALTHSSO.DLL.MUI(FI-FI)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.46807`
Detected Filetype	PE Executable
MD5	`0d91bcd50259c667c83c581788d4b01d`
SHA1	`6f0c907229b51725b6234573b20dcabae0e2ad7a`
SHA256	`cf316062e911e386ee21731a20e4d7f1484a8036631a299f024500009737fbee`
SHA3	`24d704848371e1e92c46a600869ae31327f16e34c6c3dcc89d39541065af97e5`

SECURITYHEALTHSSO.DLL.MUI(FR-CA)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74558`
Detected Filetype	PE Executable
MD5	`f29860864d7f4b0f84206dcb8bac93e9`
SHA1	`05315667d952edc6a453bb9d3e2956403cd233e5`
SHA256	`c84b7681f90fdd0a4a107b4b6ba9ead69d2338d98d82e3f32c75827f328bd4c5`
SHA3	`8981a7de48a5cb55753459b68b9436bee69d21134df50826f194210d07a7235d`

SECURITYHEALTHSSO.DLL.MUI(FR-FR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28515`
Detected Filetype	PE Executable
MD5	`207485b6ed230b5bb1530b2bf35fac88`
SHA1	`5924d2a9c386f34f481f520f36f5fec739289799`
SHA256	`25bafdf9daf759019fc45b42e5177154a70d29891371c7654d04cc33aa2805b6`
SHA3	`223b65b8f1463742166e7a5199a0f0b894e5c459e2a5b514b590ba9796c70601`

SECURITYHEALTHSSO.DLL.MUI(HE-IL)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.85701`
Detected Filetype	PE Executable
MD5	`bc1fb3a47ffda8cb38ed8dc216b6f304`
SHA1	`62b62b5b2a953de87e42663a6528ed2cd4a6188e`
SHA256	`243bc792b7e95a1d10c7c172866c474cd1459143c064c80126ad9e4cb2f7ccb6`
SHA3	`344a663e23016c08d8b5598b92a7e2b1f6f53432f0f98ddc08a6ae09c809baae`

SECURITYHEALTHSSO.DLL.MUI(HR-HR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41624`
Detected Filetype	PE Executable
MD5	`ef203d285c5968a4a690ca82106d424c`
SHA1	`f5e47d7a700de178296a4b4b7810bd3027649ed4`
SHA256	`3bc0254e83daff23cf991737d40734fceea7654eb6aea405c29a0fd2952ee3ad`
SHA3	`4b44f52747f63717b2c226d3b5dd1b8e3f316b1d3f162c013591835e80e112ff`

SECURITYHEALTHSSO.DLL.MUI(HU-HU)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37817`
Detected Filetype	PE Executable
MD5	`1ff963a35d996725b56a1eedee2cf0d6`
SHA1	`0ddbed2bceba4ba4d12fe790f64186dc64841a44`
SHA256	`835bd28d2a33d70f6c6966f5507bacefb59529ebed1e727c4ae171a79c1d9280`
SHA3	`680a3794b839a6d254cf2561f8c368ddc1f81a6a47c3a28731f7d16102971c81`

SECURITYHEALTHSSO.DLL.MUI(ID-ID)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.37162`
Detected Filetype	PE Executable
MD5	`7cfe2430fe09bfc1ab58131632722d54`
SHA1	`aa3f25b2e8abe0fe4a1a36923f72346c33de503f`
SHA256	`74ddb757142f047df80473402ce4d25d181e996ee0003b4d14a7829dfbfd1737`
SHA3	`a5e5a6ca1e85d7bd8fd7cc134a7ad4a6cb2b4baf140291f15826e3becd51ad8e`

SECURITYHEALTHSSO.DLL.MUI(IT-IT)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.73439`
Detected Filetype	PE Executable
MD5	`76515d2337cb6fc4f3c2ba043a398429`
SHA1	`b07839d791bc5d2f2b2e6a164f31d8f403ec0076`
SHA256	`7b01d1e796b98b57a0ffe9d81e8d093f39e92f0db9fec182e96db058b221f183`
SHA3	`d29e2dd69e8f36ff724e36eb4759c569de26ee8260b4eabe96486be6e801252e`

SECURITYHEALTHSSO.DLL.MUI(JA-JP)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.91196`
Detected Filetype	PE Executable
MD5	`83a54d979d1a6a2cb8c0d3995e91cb18`
SHA1	`783b69bed2ca057469395a80aa2d23ab14176c3e`
SHA256	`b7230e2826bae48023e14f0dd67d9cc9557a7244413c090d621ea0186211053e`
SHA3	`653fc81324ab32533e8f37b94c7750c6101a310576db97fae50e0226f75ec4fb`

SECURITYHEALTHSSO.DLL.MUI(KO-KR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.87029`
Detected Filetype	PE Executable
MD5	`abff3e9d7d0df50564f6358f4984a660`
SHA1	`d8e486b83587856d49aa738c5c13656e88f59a83`
SHA256	`4c8ef9ac9d61671347ced4d1be62539243d8850203a35d1a91f38c59cbf11739`
SHA3	`2ba49eb3b677e5c6a0f81941f040ff04d5aea5a680f77e303e34ae461ac6002b`

SECURITYHEALTHSSO.DLL.MUI(LT-LT)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.408`
Detected Filetype	PE Executable
MD5	`bf8d9a2ee0b92fde10c89a9000a60c23`
SHA1	`44c51ce6f847d2bbd089b05194cabd3502a64d49`
SHA256	`cbaa999fc1748b03675baa29563ebc56f53f30dd62be1550a961bf6783018e36`
SHA3	`cc9b7674cff379e09b55ca4c0790a2fcd0cb125f1b3891c39c0a145df645cd38`

SECURITYHEALTHSSO.DLL.MUI(LV-LV)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.44903`
Detected Filetype	PE Executable
MD5	`69e22a063b78dc152ca758e4b749315e`
SHA1	`db096ed4d0d83b6d3381362ce7e664563a223db0`
SHA256	`0111285a7425044fac7b1db9bae494ae9031ada82e17effe43b7a77b19c0ad4e`
SHA3	`df2257571c5919201c69c59042b5494126ae18fa083dc7adedcd212efc748740`

SECURITYHEALTHSSO.DLL.MUI(NB-NO)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.4206`
Detected Filetype	PE Executable
MD5	`425487bfddd0961e4f53774f0947c8ec`
SHA1	`492c8e31ff527437fe5430ee699f15c5ae6c45c4`
SHA256	`a6b0dcb394b3015edba5b47e5e6b85c7b8bd36bb74b4ba0f47f12d8c7cfe987c`
SHA3	`ec9001bb497b45626356be6e6abbb8895c6d5c0fe9b0fa48a3a0a882afccdc17`

SECURITYHEALTHSSO.DLL.MUI(NL-NL)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.41902`
Detected Filetype	PE Executable
MD5	`8c10002f62133a0edadde0e4ca16b86c`
SHA1	`b05350c27d73ac5081069280d32e0416e6454c16`
SHA256	`e18dd1baec7db77a7ef2fa791d7b92b648aaf2987c78b68f672f640c09517c7c`
SHA3	`b6ab8a5fc8cf68368ae6a110fb66f875a0ab5831d8e09e7b125fc07f3f4f16df`

SECURITYHEALTHSSO.DLL.MUI(PL-PL)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.74589`
Detected Filetype	PE Executable
MD5	`ed854535a90a3287b959d7669051ba88`
SHA1	`4da77b22b83eddfc09a8f36cb3716f5312dd474d`
SHA256	`9722a993b28a90b4f5bd34ad37c6afbcb88637a49a0cac2a6f2f7cc27dc2763e`
SHA3	`d816040b48b611f4bb144a14a0713c0b84a97c4ecca522a8e6346c21ab78fbdb`

SECURITYHEALTHSSO.DLL.MUI(PT-BR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34769`
Detected Filetype	PE Executable
MD5	`165c70d67079c1595e3e5ee43a9b078e`
SHA1	`06c23443eaaf5c43e1eaaa3b5827fd5111460503`
SHA256	`0669e1ecec8157c1a1b82e597a429e0e10903a372b7ac275dd13fa3b10b203ba`
SHA3	`92836ad7fe694e42e4cea2a48d8dbe48c695411d4891d21640dd8ca1080cfdc8`

SECURITYHEALTHSSO.DLL.MUI(PT-PT)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.32953`
Detected Filetype	PE Executable
MD5	`f019c87202d65de2c206a5ac7e886944`
SHA1	`85c07a5ee610e74cd87716fe6757f89aa31bcb14`
SHA256	`e70f49c6df3c29da307f3de463882f09390951a324d94803bbf8b8b982bf9fad`
SHA3	`73c77844fde233a88981d07a22ab06aa5dc182c7108e9df10d432dcd6ebc20b3`

SECURITYHEALTHSSO.DLL.MUI(RO-RO)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.75328`
Detected Filetype	PE Executable
MD5	`bc450f95cfd222263cca3c58f12aff25`
SHA1	`dfd225c617a2f41a6bbaab161c12b9b9ea563edb`
SHA256	`779943d8f8b5887ba2f930cf7db9499ac3b14c5d3c8bc84935c0a3e99c2a783b`
SHA3	`20594bc4edfe09b732881f8b7fcfe14c7216745bd33c328d78f5bfa962c7194c`

SECURITYHEALTHSSO.DLL.MUI(RU-RU)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.12867`
Detected Filetype	PE Executable
MD5	`aa501c8e7dec7a9fdf907104b3059b79`
SHA1	`097c37186f0a3cac02dd22a00337bb1f68ed9fed`
SHA256	`c7c77924067464a69c283f7c934de85285fbf933c03d82b7a4384929e771dbd8`
SHA3	`4b6ba4acf3cbdbf91b1a94439edaa9a731f7ef7e68018c0f6a150344339b34f0`

SECURITYHEALTHSSO.DLL.MUI(SK-SK)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42461`
Detected Filetype	PE Executable
MD5	`ccb686845c6e51c6fbf9272c1ba20612`
SHA1	`6d176404755b8cb636254ae7a467254745ee8a31`
SHA256	`f430bb9280d3cbf4e4ecbe6578edf8dba262517d4cbb1183ef451ca96e29cc42`
SHA3	`9b7b07e4ffb350ffbde7213b39291cb104f1c5d75b4c19ae41ac717b74b34172`

SECURITYHEALTHSSO.DLL.MUI(SL-SI)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.77708`
Detected Filetype	PE Executable
MD5	`52f133e225554f1b8ec3c2a25cfa16f3`
SHA1	`a36820b6523c3d13b580a4f22039bcf40bd5a872`
SHA256	`d0aac6f928dd51f3349be10464588da043664a28e4f8c18645b8330d1e908f30`
SHA3	`ebe6462836c7bb341b466a724b71d08f5b87e0d94855d0d13699dc733954a0be`

SECURITYHEALTHSSO.DLL.MUI(SR-LATN-RS)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.77389`
Detected Filetype	PE Executable
MD5	`ed519fbca2d66960d5644ff3ec7093b0`
SHA1	`af6ad9f46a323804c8a351cfe3445eabb126db0e`
SHA256	`03730637d0262278db4a1b005957132448ecd81e6e08642249db99ea3b4c45b1`
SHA3	`dcd0a059d2e937859f13d0bee669e76b93414903fb2c8c635cc444f0fe1b0642`

SECURITYHEALTHSSO.DLL.MUI(SV-SE)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.5114`
Detected Filetype	PE Executable
MD5	`7f76c306d7c14b2ce836dfce390b4ce2`
SHA1	`0552c3dab467a176ede8caaaee804e7ffae41555`
SHA256	`21b9e850e22b7e63344268aa335ab80909b6bd40710ab510c2aac899196a31c9`
SHA3	`b3a98a0853f493698c63b4e2062602e8c5670f78c9971ffc1b894e2635e26321`

SECURITYHEALTHSSO.DLL.MUI(TH-TH)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.86406`
Detected Filetype	PE Executable
MD5	`30b4dbae6d4a7c8cabcd01923edaefad`
SHA1	`1bf0856d33e8edceacea6516aa1a1501c0c52e87`
SHA256	`d48ccad6eccdf672e1ad9c90dad7aaa0916d6f101730d0506fde953cdb7c997a`
SHA3	`23d334aed2478d5c001bf75926e41f0f3e391897269128a797e62cf466d73881`

SECURITYHEALTHSSO.DLL.MUI(TR-TR)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.49173`
Detected Filetype	PE Executable
MD5	`cfe12fc80d07de2ab2a889d4eb8f84f5`
SHA1	`12f7e0530817f227c1c358c7b70e8bbf59254862`
SHA256	`ef0fee4e29912234e7c194dd9b46ac1d086ceb4eeebae228fe513fc6507f4005`
SHA3	`58001875b143b8ce3750490f21eacf4a51fde3bb0b77d567eac56f477a22e134`

SECURITYHEALTHSSO.DLL.MUI(UK-UA)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.10406`
Detected Filetype	PE Executable
MD5	`70600489bca37a041f1a1bef9a46dd23`
SHA1	`fc2c3608368edc2d3191a13b33e575e8b2d06ccb`
SHA256	`b015c852c7212d18874afceccd94f4ced0b43a98301b6bd0b68128386b07162a`
SHA3	`c07655ed264f0e047908e12b3dcaf4186aa466762636aac834ad9e87783a6849`

SECURITYHEALTHSSO.DLL.MUI(VI-VN)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.63401`
Detected Filetype	PE Executable
MD5	`9c855f6c0dec992136c6a2a541d58fbc`
SHA1	`7ab0a23cd5fe41bf67f2a42344c0e22caf74cf81`
SHA256	`9e98a2de3f961f6aba795fd92c97711b51a035b8a380164c9e9b02febceca93f`
SHA3	`50cdab5db4b98c8b6248de0dc17e5649632dc02bbdde2fc7fb5f6280d81f9abb`

SECURITYHEALTHSSO.DLL.MUI(ZH-CN)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.86492`
Detected Filetype	PE Executable
MD5	`5ea84fba32a77960b2fc153060977f15`
SHA1	`4f7a61cfa9b960b36d5d3dd0fc7f0714a1dfe155`
SHA256	`d9ba30c3c3b583e97ba24ba3549db5dc5498df546b32ef67aa0cd34f7a56bb61`
SHA3	`f2f07c36adcd18ec142eab80379bf6bd3b9a86c6241fc43015f71d97bb1780b0`

SECURITYHEALTHSSO.DLL.MUI(ZH-TW)

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.88347`
Detected Filetype	PE Executable
MD5	`3728ae6007181299b74cfaa4c33ec1e2`
SHA1	`6fc3337b3bcbf5ccc17a2ad8721b5d377c4be959`
SHA256	`82d1312028aebbb456e02bc660fa2486c39f9f521c9791987ee2f850dc47c396`
SHA3	`043a04ede24a513e6bee398daaa75220852ab7e5b3671c66d605dba792da5e5a`

1

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.50387`
MD5	`7f363543508166ef0563e8b88eea7de7`
SHA1	`56d99d094ab40a91e595a3c348bcc840294b00fa`
SHA256	`238697b4b6a552801c3363f1666769b92b60b0f44095970d385ebb62ccbdc6cf`
SHA3	`ab9be4141725135e632264637e2436d1f12a6522d1bf0e3d1d705d62319a0377`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	10.0.29510.1001
ProductVersion	10.0.29510.1001
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Microsoft Corporation
FileDescription	Windows Security app undocked setup
FileVersion (#2)	10.0.29510.1001
InternalName	SecurityHealthSetup
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	SecurityHealthSetup.exe
ProductName	Microsoft® Windows® Operating System
ProductVersion (#2)	10.0.29510.1001

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2099-May-21 01:57:38
Version	`0.0`
SizeofData	`48`
AddressOfRawData	`0x9c0c`
PointerToRawData	`0x9c0c`
Referenced File	SecurityHealthSetup.pdb

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2099-May-21 01:57:38
Version	`0.0`
SizeofData	`820`
AddressOfRawData	`0x9c3c`
PointerToRawData	`0x9c3c`

UNKNOWN

Characteristics	`0`
TimeDateStamp	2099-May-21 01:57:38
Version	`0.0`
SizeofData	`36`
AddressOfRawData	`0x9f98`
PointerToRawData	`0x9f98`

UNKNOWN (#2)

Characteristics	`0`
TimeDateStamp	2099-May-21 01:57:38
Version	`0.0`
SizeofData	`4`
AddressOfRawData	`0x9fbc`
PointerToRawData	`0x9fbc`

TLS Callbacks

Load Configuration

Size	`0x148`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14000c2c0`
GuardCFCheckFunctionPointer	`5368739736`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

XOR Key	`0xfcab0079`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`10`
Unmarked objects (#2)	`1`
C objects (35215)	`10`
ASM objects (35215)	`4`
C++ objects (35215)	`27`
Imports (35215)	`7`
Total imports	`1151`
C objects (LTCG) (35215)	`2`
253 (35215)	`1`
Resource objects (35215)	`1`
151	`1`
Linker (35215)	`1`