Manalyze report for 9093010f23d9e2f10bec34cb053fea040b903b5dd80d2c30ac910074237bfa0e

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2050-Nov-28 05:33:42
Detected languages	English - United States
CompanyName
FileDescription	The Everchanging Book of Names Executable
FileVersion	`2.1.0`
InternalName	EBoN
LegalCopyright	Â© 1997-1998 Sami PyÃ¶rre. All Rights Reserved.
LegalTrademarks
OriginalFilename	EBoN.exe
ProductName	The Everchanging Book of Names
ProductVersion	`2.1`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ v6.0 DLL` `Borland C / Borland Builder`
Suspicious	The PE is possibly packed.	`Unusual section name found: .INIT`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Possibly launches other programs: WinExec` `Enumerates local disk drives: GetVolumeInformationA` `Can take screenshots: GetDC CreateCompatibleDC BitBlt` `Reads the contents of the clipboard: GetClipboardData`
Suspicious	The PE header may have been manually modified.	`The resource timestamps differ from the PE header: 1998-May-19 18:09:36`
Suspicious	The file contains overlay data.	`2048 bytes of data starting at offset 0x5b800.`
Safe	VirusTotal score: 0/69 (Scanned on 2021-07-23 17:06:04)	`All the AVs think this file is safe.`

Hashes

MD5	`1fe56cb471f9c9d2f72f8671584b0be0`
SHA1	`31e2886e73718ead50a83c7bdfb879493b2c0c10`
SHA256	`9093010f23d9e2f10bec34cb053fea040b903b5dd80d2c30ac910074237bfa0e`
SHA3	`30b4401b08006d5e520f040948026462566324f3bcae6f5b5e0a1adebcd70871`
SSDeep	`6144:djn7jZIa+iHvMaJWKGEL73Wm4vGCCLFCcIIa:dj3ZIa+iH0aY1EL73WmoEs`
Imports Hash	`bf40cc901365166618506a4b15308641`

DOS Header

e_magic	`MZ`
e_cblp	`0x50`
e_cp	`0x2`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0xf`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0x1a`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`7`
TimeDateStamp	2050-Nov-28 05:33:42
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_BYTES_REVERSED_HI` `IMAGE_FILE_BYTES_REVERSED_LO` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x45200`
SizeOfInitializedData	`0x16000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00001000 (Section: CODE)`
BaseOfCode	`0x1000`
BaseOfData	`0x47000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`1.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x61000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x2000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

CODE

MD5	`39337ba97ffc763b9d12113e97f01276`
SHA1	`028eb942b9c86c268d9d95e18c69a35657088a63`
SHA256	`91700b38cedf2eef69255ca6b69fc4d4b510b0a66a4107559bcd9cae41cb96d7`
SHA3	`f074bed67622f18fc0c2a013805af5bc74295e3f2843591681c9818cf8f4c8d8`
VirtualSize	`0x46000`
VirtualAddress	`0x1000`
SizeOfRawData	`0x45200`
PointerToRawData	`0x600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.4166`

DATA

MD5	`09961f5b14b8785bf42e951aa7ce29fe`
SHA1	`c72e88c6ee5b3686f6f2c1772be79ebf0c0ce478`
SHA256	`a3fc3bfda552f0943bfced0d1a1323d9cca7238450b475206e2661e44851c64f`
SHA3	`15d116b8b68b656bfdecdb5a9acfab4007b1dbce503e4dc9eb559042c0323d48`
VirtualSize	`0xe000`
VirtualAddress	`0x47000`
SizeOfRawData	`0xd000`
PointerToRawData	`0x45800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.37622`

.INIT

MD5	`196bb4fea0d7e298e5ab0d7e31676753`
SHA1	`5afe753087a5a4759059ed4841015c5ec125a99c`
SHA256	`c16cccd6831b058f649e2d5a47ecc9c55d12df349be5eda8e7008c7f109a8106`
SHA3	`61bbd7efe089603d0527f1fa3e1c1440029b9eccde15dac0c7eb37c018743c08`
VirtualSize	`0x2000`
VirtualAddress	`0x55000`
SizeOfRawData	`0x1400`
PointerToRawData	`0x52800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.34074`

.idata

MD5	`929cc277b557976fb6173170ae170c1c`
SHA1	`29ff7e21beaa40691cea2183bde8a7c007094a88`
SHA256	`6227d760f07278eaaf6a8968227b74ddb884a2c4bc40e0da5bf6339951f95b36`
SHA3	`b45a5d92736058c925192fabed430c8ab8aa022a16acbf50e7e3bda53d0629c6`
VirtualSize	`0x1000`
VirtualAddress	`0x57000`
SizeOfRawData	`0xa00`
PointerToRawData	`0x53c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.28018`

.edata

MD5	`4222bc2a78a1067e6e50016c98acb1ef`
SHA1	`5c66acef809eb6fdf0c531a7d190bc9a9b654c5e`
SHA256	`8eca2a06a3e1f7da0c677648a605f8bbc2e726cec0ae1d32ffa6b738a9d4d9d6`
SHA3	`38722c2817fbffb8778007d8be38bac552d718c565fc695e87228739458723b3`
VirtualSize	`0x1000`
VirtualAddress	`0x58000`
SizeOfRawData	`0x200`
PointerToRawData	`0x54600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.116`

.reloc

MD5	`ab3685edecf55b58d911d00e157e0896`
SHA1	`6414ae1611a6717f9d2dfe3abecf18b89294a248`
SHA256	`36851266f7eae25500d73de7a3dc710bb140a768524e993abe314e9d3884a475`
SHA3	`823ac65a8d68a199fc43899ad2ba6c2dfecef2a3df85616dfac1c2e8129d917e`
VirtualSize	`0x5000`
VirtualAddress	`0x59000`
SizeOfRawData	`0x4400`
PointerToRawData	`0x54800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`6.64519`

.rsrc

MD5	`73c4e4a3626bf092f0855bdf92409764`
SHA1	`97a1ddbb4f84730a8ce94cb8696c391695d4362a`
SHA256	`de50ee05129ee49410343435fecc81dada4b186cc05f4d643599c1d1b76c5c31`
SHA3	`f7ab5cef7ea89bbb345101e4dbbfbd28e6cc103ff277c541fe2798bc9aa10214`
VirtualSize	`0x3000`
VirtualAddress	`0x5e000`
SizeOfRawData	`0x2c00`
PointerToRawData	`0x58c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_SHARED`
Entropy	`3.73778`

Imports

KERNEL32.dll	`ReadFile` `FileTimeToLocalFileTime` `GlobalFree` `GetLocalTime` `GetStartupInfoA` `GetSystemInfo` `LoadLibraryA` `GetCommandLineA` `FreeResource` `RaiseException` `GetProcAddress` `WideCharToMultiByte` `GetFileSize` `LeaveCriticalSection` `LocalHandle` `FindFirstFileA` `GlobalUnlock` `GetEnvironmentStrings` `FileTimeToDosDateTime` `WriteFile` `GetVersion` `FindResourceA` `GetModuleHandleA` `SetEndOfFile` `ExitThread` `FindNextFileA` `GetVolumeInformationA` `GetCurrentProcessId` `VirtualAlloc` `InitializeCriticalSection` `CreateThread` `SetFilePointer` `SetFileTime` `GetFileTime` `SetHandleCount` `EnterCriticalSection` `GlobalMemoryStatus` `GetFileAttributesA` `VirtualFree` `DosDateTimeToFileTime` `GetTimeZoneInformation` `lstrcmpiA` `lstrcmpA` `LocalReAlloc` `UnhandledExceptionFilter` `SetErrorMode` `FreeLibrary` `SetConsoleCtrlHandler` `GetModuleFileNameA` `LockResource` `MulDiv` `CreateFileA` `LocalUnlock` `GetFullPathNameA` `GetVersionExA` `WinExec` `GetCurrentThreadId` `GlobalAlloc` `GetStdHandle` `GlobalLock` `FindClose` `SetFileAttributesA` `GetLastError` `ExitProcess` `RtlUnwind` `LocalLock` `GetFileType` `LocalFileTimeToFileTime` `CloseHandle` `LoadResource`
USER32.dll	`GetWindowLongA` `SendMessageA` `ScreenToClient` `GetWindowTextLengthA` `PostQuitMessage` `PostMessageA` `GetWindow` `InsertMenuItemA` `MessageBeep` `LoadMenuIndirectA` `IsDialogMessageA` `LoadAcceleratorsA` `IsZoomed` `IsWindowVisible` `GrayStringA` `IsWindowEnabled` `IsChild` `InvalidateRect` `LoadBitmapA` `GetWindowRect` `GetWindowPlacement` `IsMenu` `LoadMenuA` `GetSubMenu` `MapWindowPoints` `GetParent` `GetMenuStringA` `GetMenuState` `GetSysColor` `GetSystemMenu` `GetUpdateRgn` `GetWindowDC` `GetMenuItemInfoA` `GetWindowTextA` `GetWindowThreadProcessId` `InsertMenuA` `GetMenuItemID` `IsClipboardFormatAvailable` `IsIconic` `IsWindow` `GetMenuItemCount` `GetMenuDefaultItem` `LoadCursorA` `LoadImageA` `LoadIconA` `GetSystemMetrics` `MessageBoxExA` `GetFocus` `GetDlgItem` `PostThreadMessageA` `RegisterWindowMessageA` `PeekMessageA` `GetDesktopWindow` `GetDC` `SetClipboardData` `GetCursorPos` `OpenClipboard` `GetClientRect` `GetClassInfoA` `RegisterClassA` `FrameRect` `FillRect` `EnumThreadWindows` `ModifyMenuA` `EndPaint` `EnableWindow` `RemoveMenu` `DrawTextA` `DrawMenuBar` `SendDlgItemMessageA` `ReleaseDC` `DrawFrameControl` `DrawEdge` `SetCapture` `DispatchMessageA` `DialogBoxParamA` `DestroyWindow` `DestroyMenu` `ReleaseCapture` `DestroyCursor` `DeleteMenu` `DefWindowProcA` `SetMenu` `CreateWindowExA` `CreatePopupMenu` `CreateMenu` `CreateDialogParamA` `DestroyIcon` `SetFocus` `CloseClipboard` `CheckMenuRadioItem` `CheckMenuItem` `CallWindowProcA` `DrawFocusRect` `BeginPaint` `DrawIcon` `AppendMenuA` `DrawStateA` `SetCursor` `EnableMenuItem` `TrackPopupMenu` `EndDialog` `TranslateMDISysAccel` `EnumClipboardFormats` `wsprintfA` `UnregisterClassA` `WinHelpA` `GetCapture` `WaitMessage` `GetClassNameA` `UpdateWindow` `GetClipboardData` `TranslateMessage` `TranslateAcceleratorA` `WindowFromPoint` `GetDlgCtrlID` `TabbedTextOutA` `GetDlgItemInt` `ShowWindow` `GetMenu` `ShowScrollBar` `SetWindowPos` `SetWindowPlacement` `SetWindowLongA` `SetScrollInfo` `SetParent` `SetMenuItemInfoA` `GetScrollInfo` `SetMenuDefaultItem` `SetWindowTextA` `MessageBoxA`
GDI32.dll	`RestoreDC` `ResetDCA` `Rectangle` `RealizePalette` `PlayMetaFile` `PlayEnhMetaFile` `PatBlt` `OffsetWindowOrgEx` `OffsetViewportOrgEx` `IntersectClipRect` `GetViewportOrgEx` `GetTextMetricsA` `GetTextExtentPointA` `GetSystemPaletteEntries` `GetStockObject` `GetPaletteEntries` `GetObjectA` `GetMetaFileBitsEx` `GetMetaFileA` `GetEnhMetaFileA` `GetDeviceCaps` `GetCurrentObject` `GetClipRgn` `ExtTextOutA` `ExtCreatePen` `DeleteObject` `DeleteMetaFile` `DeleteEnhMetaFile` `DeleteDC` `CreateSolidBrush` `CreateRoundRectRgn` `CreateRectRgnIndirect` `CreateRectRgn` `CreatePolygonRgn` `CreatePolyPolygonRgn` `CreatePenIndirect` `CreatePen` `CreatePatternBrush` `CreatePalette` `CreateICA` `CreateHatchBrush` `CreateFontIndirectA` `CreateFontA` `CreateEllipticRgnIndirect` `CreateDiscardableBitmap` `CreateDIBitmap` `CreateDIBPatternBrush` `CreateDCA` `CreateCompatibleDC` `CreateCompatibleBitmap` `CreateBrushIndirect` `CreateBitmapIndirect` `CreateBitmap` `CopyMetaFileA` `CopyEnhMetaFileA` `TextOutA` `SetWindowOrgEx` `CombineRgn` `SetWindowExtEx` `SetViewportOrgEx` `BitBlt` `SetViewportExtEx` `SetTextColor` `SetPixel` `SetMetaFileBitsEx` `SetMapMode` `SetEnhMetaFileBits` `SetBkMode` `SetBkColor` `SelectPalette` `SelectObject` `SelectClipRgn` `ScaleWindowExtEx` `ScaleViewportExtEx` `SaveDC`

Delayed Imports

__GetExceptDLLinfo

Ordinal	`1`
Address	`0x1074`

__DebuggerHookData

Ordinal	`2`
Address	`0x512a0`

@__lockDebuggerData$qv

Ordinal	`3`
Address	`0x3cbf8`

@__unlockDebuggerData$qv

Ordinal	`4`
Address	`0x3cc20`

150

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.38364`
MD5	`40e3311395d146bd130d5b4553479d99`
SHA1	`c9b764a5d1476e300a01cde1787ff5e06529cabc`
SHA256	`d3a09d8698ff6d93b06535b11e600da5347425f715d36db31dfd925743887951`
SHA3	`af4efb13e5ee6d31566b003fe69c43e6846837910bf53a8f5aee154a05951f66`
Preview

151

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.15403`
MD5	`a431a39582494a7a343894dcd62da77d`
SHA1	`421b924197400754c2e843ac4f41316ba01c2c6e`
SHA256	`7e6b3ca67f6c10fcf4efd99a8a314c1b96be8f2b5ffad513562f1ee04acc6048`
SHA3	`aae16d85ffa58a7798021835a6dd8c4e793e4493d62805a9acc0490d3258fa33`
Preview

152

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.2384`
MD5	`d324c83512d737010d714ae1e9a5d6f0`
SHA1	`9d98a63d0d58edd345744e3fec11667e780b71e7`
SHA256	`c33bbe6f259ded41c7e1f48fb35eaf052ec7823014a27cf2f616447970b5d99d`
SHA3	`59dd6ce0a2358f1a055a2766592a4dfcdbf473ade1968b1884d82e04ca46ec1c`
Preview

153

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.12138`
MD5	`f10a5c331a0c375fd1ea8633bb57329c`
SHA1	`8d9c36714d2ebb005a10b9cd998751d061dad609`
SHA256	`88ec2181047f868b3ea093f8e2c99b4e58187b5a183df94c0f9aee3efa72f5b3`
SHA3	`bd07cfdf4fb98771a19c82634117569c73e1efcf7ad84b3c87de9fdddee1307d`
Preview

154

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.42219`
MD5	`2446369ed8f84556399f0fd41727e0c1`
SHA1	`cffb1fbdaac62e46267036a36c59f106ea74d19b`
SHA256	`e884a307e5adce49e96d2a413f0a51e805017c45e9e6f5367aecd26ce066ca50`
SHA3	`08becfd5a7881efa663b109fe658fc070c1dee7fc479849eef6242e3410220c0`
Preview

155

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xd8`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.93695`
MD5	`d53c4bd2a898dcc4c912bde5a4f04fa0`
SHA1	`f4f4c9d7e5cb219c1700a2177fd0a19f4ca233b1`
SHA256	`08088b801474f9308a0b3e3c1c3128e0dc5571358f4f2ddfb22013a64a46bc86`
SHA3	`b90c074926d2ca9c4137e1b8f3c5e634cd360dcc78d7889b2b6c18b15f5c842c`
Preview

156

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc8`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.63356`
MD5	`8a12d16b37d2c79efc292fea88e5a661`
SHA1	`e3b3be07d23592c6ce6b13f1a0821b6d7c9cac32`
SHA256	`c03c12ab9c2c466218384428226b2ac64a2479f4a02cc08fcd3a9f5fcc275280`
SHA3	`b5d8f711b6cd2f6b6e33a6904d1d9e4f948fa64eb5f8bc071289f4fb53eb71a8`
Preview

157

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xc8`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.54916`
MD5	`9553dc3b497444c122a4147691745c78`
SHA1	`ef21a78655b3c57f2fd53f5b7a3e887c76ced783`
SHA256	`1015c7556aa7c40b045cb7c81d29603d25ecf9a5cbb5a83ebf4abfaeefaf4e4b`
SHA3	`5c3c0aee6e1bc5bdc8dc62fc2d2d9aaf003b2205433a9a09567d46ed546b4a99`
Preview

158

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe8`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.15988`
MD5	`ab786d10a732bfba7949d7722c9ed501`
SHA1	`e1cbdbb5cdd6d5eb623f340ba20eb54b77d41122`
SHA256	`ed324a4b74ed67acff0c14359223f88cf10704c6122fd03f53f43dd55524974e`
SHA3	`fa1ce0e3bae55dd6afe824d5fcf21a0dae060a5e9078f09921c91cd8282fe182`
Preview

160

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.8763`
MD5	`93a4cbef4ea0b517b5d4671fcb0df4d0`
SHA1	`24fd0496c2ebbef891b27bc79766b9c241e156c6`
SHA256	`736f3bac944bd4b8d02ec7e7edd3be18f576c5f2ca3d0f961bb8896768a330a5`
SHA3	`0edd48b9b67a8c98875c48454652eb4dbf9d33b2982aadbd8ffa4d815f90f22d`
Preview

161

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.39782`
MD5	`51bbaf21e7b68cf24c6075802c76ecc2`
SHA1	`f8f68fbb7c5dfa9fc138a0104c1ebf836fc77104`
SHA256	`307c06ca4c5fd70148df534704fe9eeef2dd31d822b9ebd812ac04508e0356d2`
SHA3	`ba355a7ddbfed5c073973fbbccad089346a695fcb4dbd4035216dd7e03e35a45`
Preview

162

Type	`RT_BITMAP`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.47459`
MD5	`6b052716103325ceda383b64e8f16407`
SHA1	`5fb0e15247553c52a3afebe5e301c269f07d5069`
SHA256	`d013a800c32c49e0e54f203162ac7dc8541348df7ab6e4e99287ffb0878e4bf4`
SHA3	`c6f493e8defe58811778bad44a9489e0261f8a6398ba0e652543910f88e8a028`
Preview

1

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.46319`
MD5	`4e84bad08c29090c52b1a2780627fda9`
SHA1	`c82e2997dba4109a82465f0a54d221ddcec08a21`
SHA256	`277b9c4cbe49e98a901219049ff0d368feaf9beeb73c368134440cedd7adaa41`
SHA3	`f744a56c5b9ae86d93955263a64e3476fab007c0aae2d31f850d4a2936dfd5fa`

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x130`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.96281`
MD5	`91e3a2b25a76fc8d33e223c3cdc8cef9`
SHA1	`45852ce2f64c5c2d9fe444af6323234c21540066`
SHA256	`8ef1b9757e4a2b6b04d6be4684a1877152a39e717a919fa8746f9fb1c2cae758`
SHA3	`55b8f8c0d0232bd52ea1090e96c824bee80e64f0d62db093b9aa012f1f4e85c5`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.93616`
MD5	`2843cf976cd4fb7964107b61b9babbbe`
SHA1	`9cd4fb55932692bbd1981cca85cdd7c15e45b0af`
SHA256	`2bf069a5d8670b3025a7d61e1092065f88b86e6e2da37317569904cc0a3be410`
SHA3	`bf366b2d83c98f24dcdf1b4c351520c96cfe744e6385ef212a0897aab3628682`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.23858`
MD5	`7dc065acc75905c0bd6cfc4400a8ed9c`
SHA1	`699d0feae30ec4681ee4b6e1309512c0a2764aee`
SHA256	`10b58f03faf2c541f48e744a2343a968b61f5684e0e402055302e7ac93c5c43c`
SHA3	`32778ab2d346847307ab375ad10ded219bb76da886dcc5659c16216a2251c63f`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.05505`
MD5	`f6d48518697bd87bd8615b3d11c34afe`
SHA1	`da51e67b0c7171f490d3ca0be043d686492a1b69`
SHA256	`7e200aa8d17fcdb5b4d87ac4f749e22f8f5dadc0136ff17afb7aa7c1120dd77c`
SHA3	`94088018dd216682c5cae0b653f18b909101c638cc600bf4b843fb245dabc414`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x130`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.86969`
MD5	`4dcda6ce7ef4151383e24f6b797606b5`
SHA1	`ae8f0c33549bbdd74ca31f7613c0e2cc62f511f7`
SHA256	`31f4e8dbc50b5d5ef1b16a8253dc327d7602dfd4317e94be4215c8dd6ae3999b`
SHA3	`d7e30ddf6dd423a48ad113ec193a74a70ec642dbd2e768a01c337f6f58ea902e`

2000

Type	`RT_DIALOG`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x5ea`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.37588`
MD5	`374c2df97607367a03e45278e2272d69`
SHA1	`0f1c66623abbfae41f18fa14521a4d0076817d8a`
SHA256	`4e49a1c07723c2233603bc409e683de8a0b9010b7030def6406faf6a90e7d787`
SHA3	`8b7a709a89fd8c75194ac5c88f642f3564ec635d80c45f4ccf451fc4e3c8550d`

2045

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xa0`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.61509`
MD5	`87e256cc9dd3619606a6fbdfeeefaf09`
SHA1	`8f2841c212e15a9275c4f64e7f03a6b8465c1f08`
SHA256	`9238981d79b68a805beb2e154d90069ac6d8563710787b303e00c393b174cfb2`
SHA3	`96f6b2bb3e660a910d8a547697257103d4ecf2bd52c61946a8c3198f421cac0c`

2046

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xe6`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.96175`
MD5	`694452d1f7844fd9efaca28a29cc896d`
SHA1	`0e73de3fac77889d3ba7758164ce38b820151ca8`
SHA256	`3a0d9fdf0b4406e371f458998f73bbf67a57a66b5405401532510d7695b72d2b`
SHA3	`eb1789f28db655c5b33234d4d9ee7d11e6103c83e1e88643ae4ed9dd335f2cef`

2047

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x35a`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.20264`
MD5	`017fb5cddc55c6360854496c8a5cb609`
SHA1	`c009e8d36b2d0dc3dad3c648f0651646055e9ffa`
SHA256	`e7cdf1cd40cdd7548de5fff6c592359735d9fdf08339a071cb7f55cd95b8aa1b`
SHA3	`a2e9270be8799bdb8ed5c6bd8b6b9f1e41c5741206086e9899947eb7f1c25794`

2048

Type	`RT_STRING`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1a8`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.32908`
MD5	`5849c233b91999bb9336b9e14732456d`
SHA1	`3166598f9ea1173c8a6401eceae59d49ea990f69`
SHA256	`20397b4132db133d9559b03e8d1461b09d1a58eaaef7f32a798f181efeeb0abc`
SHA3	`53ddfbfe28f9bc94aac5fa37811b61f2f5117be488c93e3246885b7442dd7131`

1 (#2)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.52533`
Detected Filetype	Icon file
MD5	`be9defd6a5908a0baeef04eed658a9e8`
SHA1	`76a5f5129f835e6c94a090956643b522717b5fc5`
SHA256	`a443abea8187bbca5cded9bfa49b072821f71f130ebb8f33144f57b08c415b76`
SHA3	`cac225f3fef58d9bb4b2abf47a08921bbbd95cf98fffe70447c57504f778b92d`

2 (#2)

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`2.65759`
Detected Filetype	Icon file
MD5	`732318523af6d7667b6851e8a008e85b`
SHA1	`4271de81e4a2a8ba7dfc38342e880c33a6f0f6a4`
SHA256	`fd23ec3db7df6dd906e98187cabe8693971de95bfaf8208091e88a1f14201e28`
SHA3	`5f53132608ae8d071d4be524a5babaa9e47aeb179bae641b2240413d73811eba`

1 (#3)

Type	`RT_VERSION`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x348`
TimeDateStamp	1998-May-19 18:09:36
Entropy	`3.39002`
MD5	`c99b191ecc88bcc30193fde69896ee08`
SHA1	`57910976c3aadeb60bdaa16f35c63f94bd21d477`
SHA256	`4a80326e2f70d0be49e4244614786d644eb6bcd5e11af94e32368fc77f2da66d`
SHA3	`631cda84280667734ed82fe4d054aabdac13adf8b3be525a8632747aa09a9453`

String Table contents

Invalid client window %s
Invalid child window %s
Invalid window %s
Invalid DIB handle %X
GDI object %X destroy failure
GDI object %X delete failure
GDI file read failure
GDI resource load failure
GDI creation failure
GDI allocate failure
GDI failure
Invalid relative window specified in layout constraint in window %s
Incomplete layout constraints specified in window %s
Printer error
Validator syntax error
Menu creation failure
Child create fail for window %s
Execute fail for window %s
Create fail for window %s
Child class registration fail for window %s
Class registration fail for window %s
VBX Library init failure
Invalid MainWindow
Invalid module specified for window
Out of memory
No application object
Unknown error
Unhandled Exception
OK to resume?
ObjectWindows Exception
Unknown exception

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.0.1.0
ProductVersion	2.0.1.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS16` `VOS_OS232_PM32` `VOS__PM32` `VOS__WINDOWS16`
FileType	`VFT_APP`
Language	English - United States
CompanyName
FileDescription	The Everchanging Book of Names Executable
FileVersion (#2)	2.1.0
InternalName	EBoN
LegalCopyright	Â© 1997-1998 Sami PyÃ¶rre. All Rights Reserved.
LegalTrademarks
OriginalFilename	EBoN.exe
ProductName	The Everchanging Book of Names
ProductVersion (#2)	2.1

Resource LangID	UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors

[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.
[*] Warning: Tried to convert an invalid DosDate: 895601376. Falling back to posix timestamp.

Leave a comment

No comments yet.