| Architecture |
IMAGE_FILE_MACHINE_AMD64
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date |
1970-Jan-01 00:00:00
|
| Detected languages |
Japanese - Japan
|
| TLS Callbacks |
2 callback(s) detected.
|
| OriginalFilename |
DeviceDriverHashChecker.exe
|
| ProductName |
Device Driver Hash Checker
|
| LegalCopyright |
Copyright (c) 2019-2022 MapleBridge Desktop Labs Group
|
| Comments |
Captures or records device driver hash checker and saves output to a folder
|
| InternalName |
DeviceDriverHashChecker.exe
|
| ProductVersion |
9.2.7519.94
|
| PrivateBuild |
Da5PH5xHP3Ym5
|
| FileDescription |
Captures or records device driver hash checker and saves output to a folder
|
| CompanyName |
MapleBridge Desktop Labs Group
|
| FileVersion |
9.2.7519.94
|
| SpecialBuild |
Final
|
| Suspicious |
PEiD Signature: |
HQR data file
|
| Info |
Interesting strings found in the binary: |
Contains domain names:
- golang.org
- https://go.dev
|
| Info |
Cryptographic algorithms detected in the binary: |
Uses constants related to SHA256
Uses constants related to SHA512
Uses constants related to AES
|
| Suspicious |
The PE is possibly packed. |
Unusual section name found: .xdata
|
| Suspicious |
The PE contains functions most legitimate programs don't use. |
[!] The program may be hiding some of its imports:
- GetProcAddress
- LoadLibraryA
- LoadLibraryExW
- LoadLibraryW
Functions which can be used for anti-debugging purposes:
Memory manipulation functions often used by packers:
- VirtualAlloc
- VirtualProtect
|
| Info |
The PE is digitally signed. |
Signer: Device Driver Hash Checker
Issuer: Device Driver Hash Checker
|
| Malicious |
VirusTotal score: 12/71 (Scanned on 2026-06-14 09:27:36) |
AVG:
Win64:MalwareX-gen [Trj]
AhnLab-V3:
Malware/Win.MalwareX-gen.R779336
Avast:
Win64:MalwareX-gen [Trj]
Avira:
TR/W64.MalwareX
Bkav:
W32.Malware.BF4397F6
DeepInstinct:
MALICIOUS
ESET-NOD32:
WinGo/Kryptik_AGen.BQ trojan
F-Secure:
Trojan.TR/W64.MalwareX
Kaspersky:
VHO:Trojan.Win64.DLLhijack.gen
Microsoft:
Trojan:Win32/Wacatac.B!ml
Rising:
Trojan.Kryptik!8.8 (TFE:6:MrOPQZBAArL)
Trapmine:
malicious.high.ml.score
|
| MD5 |
0a555eb6e82c55b5097524e8b550f49c
|
| SHA1 |
e4edf3e20f5f96c9024c7accaf5b0b784d19d7a3
|
| SHA256 |
abbcab2e42e67756315d1a263e2ded9303ac85f583cf087a91ff0ae643a290ec
|
| SHA3 |
595a2704bee0de424d6501908a3d5b460d520e893ddf02b9d37cbd5c236c8bb1
|
| SSDeep |
98304:n/04AyOoiydDao2ifc3/nXXX6UWRsvb8H9P4cu5Vsn0k39SZAw9:n8rk3fYHqUWReb8h4cuWhK
|
| Imports Hash |
fe9fea8fb19fd7848c8e645e3ea33785
|
| e_magic |
MZ
|
| e_cblp |
0x90
|
| e_cp |
0x3
|
| e_crlc |
0
|
| e_cparhdr |
0x4
|
| e_minalloc |
0
|
| e_maxalloc |
0xffff
|
| e_ss |
0
|
| e_sp |
0xb8
|
| e_csum |
0
|
| e_ip |
0
|
| e_cs |
0
|
| e_ovno |
0
|
| e_oemid |
0
|
| e_oeminfo |
0
|
| e_lfanew |
0x80
|
| Signature |
PE
|
| Machine |
IMAGE_FILE_MACHINE_AMD64
|
| NumberofSections |
12
|
| TimeDateStamp |
1970-Jan-01 00:00:00
|
| PointerToSymbolTable |
0
|
| NumberOfSymbols |
0
|
| SizeOfOptionalHeader |
0xf0
|
| Characteristics |
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
|
| Magic |
PE32+
|
| LinkerVersion |
2.0
|
| SizeOfCode |
0xdf600
|
| SizeOfInitializedData |
0x50d600
|
| SizeOfUninitializedData |
0x4a000
|
| AddressOfEntryPoint |
0x00000000000012EF (Section: .text)
|
| BaseOfCode |
0x1000
|
| ImageBase |
0x218f90000
|
| SectionAlignment |
0x1000
|
| FileAlignment |
0x200
|
| OperatingSystemVersion |
6.1
|
| ImageVersion |
0.0
|
| SubsystemVersion |
6.1
|
| Win32VersionValue |
0
|
| SizeOfImage |
0x63e000
|
| SizeOfHeaders |
0x400
|
| Checksum |
0x5f421e
|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve |
0x200000
|
| SizeofStackCommit |
0x1000
|
| SizeofHeapReserve |
0x100000
|
| SizeofHeapCommit |
0x1000
|
| LoaderFlags |
0
|
| NumberOfRvaAndSizes |
16
|
| MD5 |
3fdba28cf837b34ffe48c15558ee1c6b
|
| SHA1 |
bd702cc963969ae27dff5a746b90c9c0b52dfe33
|
| SHA256 |
b65bb67f3073b1939498e264f64c60eeae419de6157267dbcb3d84e6fa9b93e6
|
| SHA3 |
35601ea983041c9d295688b2c18b313637503ce255408c66a3f733ea1f4d2a90
|
| VirtualSize |
0xdf5c0
|
| VirtualAddress |
0x1000
|
| SizeOfRawData |
0xdf600
|
| PointerToRawData |
0x400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
|
| Entropy |
6.30045
|
| MD5 |
0c632d4879ca9cb819a6f62846d124e1
|
| SHA1 |
82ab06e7a1d6bfbc85316e173584bbefb3dab7a5
|
| SHA256 |
7786ece8357f6b2fd81c86c6ba74ceff05d8c0c17b0f4f675154e123762eb1b4
|
| SHA3 |
2c3877a7057ee76e97936f4d3f2268b0ee57d32d396c45d0caac9f95ecdfe442
|
| VirtualSize |
0x3a01d0
|
| VirtualAddress |
0xe1000
|
| SizeOfRawData |
0x3a0200
|
| PointerToRawData |
0xdfa00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
7.98855
|
| MD5 |
2d84116678b29099a05b8cade9e694f9
|
| SHA1 |
99288b8efdac4ac3fb092eb3942800a499d687bb
|
| SHA256 |
1d88617eb2fbbf1d37895f9ad1ece86a8e347b0cd7928dff9b38e0cc44d414a1
|
| SHA3 |
8156535a6ef259f67ee5b61dee731bd8d17c05122328b58eca4eeb0c76551221
|
| VirtualSize |
0x14e3a0
|
| VirtualAddress |
0x482000
|
| SizeOfRawData |
0x14e400
|
| PointerToRawData |
0x47fc00
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
6.35481
|
| MD5 |
bf619eac0cdf3f68d496ea9344137e8b
|
| SHA1 |
5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5
|
| SHA256 |
076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560
|
| SHA3 |
622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59
|
| VirtualSize |
0x4
|
| VirtualAddress |
0x5d1000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x5ce000
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0
|
| MD5 |
2b819adafb4c19131fa12bf20504c32a
|
| SHA1 |
bb30211262b8045d6c28bb61c65d4cd4d9d15888
|
| SHA256 |
bb518a030213aba2cbf62d597c62da3579e8c685c538bd14571e89dbc878f3f1
|
| SHA3 |
ca472fc41a443b634cd78f75b8db829f7eb35b83b88e9edfb758318582a554d1
|
| VirtualSize |
0x5e50
|
| VirtualAddress |
0x5d2000
|
| SizeOfRawData |
0x6000
|
| PointerToRawData |
0x5ce200
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
5.3165
|
| MD5 |
38252f86a8ab6ef2df490817b05563a1
|
| SHA1 |
0fe8bcd06fdd053dbf71776004af091bb97990a4
|
| SHA256 |
2d7a420879bbbd6c66f547e24aa327b346c911e9f50701a94ec283622ec895a7
|
| SHA3 |
e9fe4077bf0c40150fbd654382ae489a59b623900d6366fd3eb541c1db66e589
|
| VirtualSize |
0x340
|
| VirtualAddress |
0x5d8000
|
| SizeOfRawData |
0x400
|
| PointerToRawData |
0x5d4200
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
3.42914
|
| MD5 |
d41d8cd98f00b204e9800998ecf8427e
|
| SHA1 |
da39a3ee5e6b4b0d3255bfef95601890afd80709
|
| SHA256 |
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
| SHA3 |
a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a
|
| VirtualSize |
0x49e70
|
| VirtualAddress |
0x5d9000
|
| SizeOfRawData |
0
|
| PointerToRawData |
0
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| MD5 |
3ed554d3c3d23607aa3f7235db2fc444
|
| SHA1 |
755b19979e5914784588be7f5913d672caae4a14
|
| SHA256 |
df04c5ef6fffeda9ee66c2285258e77b411d54a01518994e01942007f797ee5f
|
| SHA3 |
a139aca24e2b6a50707f0a7c7ffab1ab1f9666154aa7921f693406a06e01f514
|
| VirtualSize |
0x113
|
| VirtualAddress |
0x623000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x5d4600
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
3.09073
|
| MD5 |
6347d851af1709de0d8c48206e39f024
|
| SHA1 |
f3826acababacab6cd77ceadecc2613268074d78
|
| SHA256 |
dfa27da5eb7760b0affc8ddbe52ec7e467ccf18974e93c448cf797479f045326
|
| SHA3 |
c109fd139ded3347fb16c7f2bda645d12315f619a7033d32c783c0fac555d996
|
| VirtualSize |
0xd80
|
| VirtualAddress |
0x624000
|
| SizeOfRawData |
0xe00
|
| PointerToRawData |
0x5d4800
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
4.36425
|
| MD5 |
bf619eac0cdf3f68d496ea9344137e8b
|
| SHA1 |
5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5
|
| SHA256 |
076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560
|
| SHA3 |
622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59
|
| VirtualSize |
0x10
|
| VirtualAddress |
0x625000
|
| SizeOfRawData |
0x200
|
| PointerToRawData |
0x5d5600
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
|
| Entropy |
0
|
| MD5 |
b0cc9b00699c95e54e28a40185470147
|
| SHA1 |
b6660efbf06ccec65a8b2234a95ec1f91ad21dbd
|
| SHA256 |
b75dc2f1180e9764f4dce22add1c5c1222f1b5c17d72aaa277712de2216d9967
|
| SHA3 |
9b12df6b1dee029ecd6c7cb73fb6d7373dd37457a3e6228364861dad7feecd75
|
| VirtualSize |
0x4a54
|
| VirtualAddress |
0x626000
|
| SizeOfRawData |
0x4c00
|
| PointerToRawData |
0x5d5800
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
|
| Entropy |
5.41202
|
| MD5 |
02c8417b4d788237dbf984fc0691bf31
|
| SHA1 |
258876a0feed8a7145da7908b4773f9260e2d3bb
|
| SHA256 |
f44aab667ea462b4918eecae8c2b2da0a54ad28434afa1229e46c46d96b4ad09
|
| SHA3 |
89d1bf34ee594a5f64d86967ac5ec172ad04e98515201f3afce8a3a9c2796c60
|
| VirtualSize |
0x12bda
|
| VirtualAddress |
0x62b000
|
| SizeOfRawData |
0x12c00
|
| PointerToRawData |
0x5da400
|
| PointerToRelocations |
0
|
| PointerToLineNumbers |
0
|
| NumberOfLineNumbers |
0
|
| NumberOfRelocations |
0
|
| Characteristics |
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
|
| Entropy |
7.86968
|
| KERNEL32.dll |
AddVectoredContinueHandler
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateIoCompletionPort
CreateThread
CreateWaitableTimerExW
DeleteCriticalSection
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeEnvironmentStringsW
FreeLibrary
GetConsoleMode
GetCurrentThreadId
GetEnvironmentStringsW
GetErrorMode
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatusEx
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetThreadContext
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
PostQueuedCompletionStatus
RaiseFailFastException
ResumeThread
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetProcessPriorityBoost
SetThreadContext
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WerGetFlags
WerSetFlags
WriteConsoleW
WriteFile
|
| api-ms-win-crt-heap-l1-1-0.dll |
calloc
free
malloc
|
| api-ms-win-crt-private-l1-1-0.dll |
memcpy
|
| api-ms-win-crt-runtime-l1-1-0.dll |
_beginthread
_errno
_execute_onexit_table
_exit
_initialize_onexit_table
_initterm
_initterm_e
_register_onexit_function
abort
|
| api-ms-win-crt-stdio-l1-1-0.dll |
__acrt_iob_func
__stdio_common_vfprintf
fwrite
|
| api-ms-win-crt-string-l1-1-0.dll |
_stricmp
strcmp
strlen
strncmp
|
| Ordinal |
1
|
| Address |
0x622d30
|
| Ordinal |
2
|
| Address |
0xdea20
|
| Ordinal |
3
|
| Address |
0xdea60
|
| Ordinal |
4
|
| Address |
0xde920
|
| Ordinal |
5
|
| Address |
0xde9e0
|
| Ordinal |
6
|
| Address |
0xde980
|
| Ordinal |
7
|
| Address |
0xdeaa0
|
| Ordinal |
8
|
| Address |
0xde380
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0xab19
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.98039
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
74b7f35e25e3dae1c70879860117860f
|
| SHA1 |
14152f7295e1593206151cf1e50613508240e7d8
|
| SHA256 |
cd6c3490dbff16684342d5cfe115888a3f5f8239939b1c48c0c51a8e86dce64f
|
| SHA3 |
fbb42ff54621c261b49d475f6d0ac84b1c1e2885e7756320645b4436b05b16c2
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x392b
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.97312
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
e4220e0572a841642ed6e43797c630ed
|
| SHA1 |
88dff83eb1af44e062ee17de8f5df69a34b37da2
|
| SHA256 |
b4c20d138467bfcf7420b077e4d112b3a79dbbe89faea8a001d6f90aa7c31d35
|
| SHA3 |
1742f78d4b39262c363002f578b89eaf5b9786aff37d07a478481e441f92e425
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x14fd
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.95721
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
25481fe5163d58fecc2c4ed91c0ad54b
|
| SHA1 |
1c9b1fca21ce5dadf4de9575d23aeea01282063a
|
| SHA256 |
a56b763ea06205f1241e7c87e91ffc18fe0efddc58178a773a67a31300288f98
|
| SHA3 |
b65b085338d2347b7dc82bc068a1bcdce818963c006c8bc8fdc3376b729e6ffa
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0xdf0
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.93381
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
8590256ab6712b2350193b019d17fdbf
|
| SHA1 |
5625dae153e3236089cf7eb134b3cd70a6eb1703
|
| SHA256 |
105a2f96cfa56133fd54aaa1df0492d222ba62ad7e6208910b97488965945bba
|
| SHA3 |
ffde45b7bdf3c0a983372dd220c08b5d52e4619c8bee259853aa98660dcefad5
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x7d9
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.89879
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
1198e133b6c3947c968c3f535a685d32
|
| SHA1 |
c7db7ea816553592b91a3fd784af763b2eeed441
|
| SHA256 |
3adab376cff2ecf50b7166cced0e1ce7d07c1f9e2d72409294ecd0f17d0ed8a2
|
| SHA3 |
d33f36cbe31d67e19a218244eab9cf907f1c9bb375d0545b40b1557b1971e9f6
|
| Type |
RT_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x2e0
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
7.6113
|
| Detected Filetype |
PNG graphic file
|
| MD5 |
aaf9df1a0590bc7019bda78029287907
|
| SHA1 |
41d13bfe08f4989efa6c12761db65d25cb891477
|
| SHA256 |
74175104f4824b58c36b17715489eca9e45ba9ed7e7105b41e4a451008a946f2
|
| SHA3 |
ef4e1a47a960960a4ccf4d27d3d7daecb94d44a454c99964976a5f903b88875f
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0x1b8
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.27739
|
| MD5 |
d7cc2851cf2120271e0e63148b680739
|
| SHA1 |
47d693c395cf10ece45955e43bb8209d75094dd4
|
| SHA256 |
36e475ea0ac941dae3a5e7c95f55113d48eb79b6145c4c9774562020bb5ffed3
|
| SHA3 |
d17fffa442c2ad9c4621f9bfa487f82e056b13660ddf11948ff754ae40d850f1
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0xb4
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.94011
|
| MD5 |
0570c77ea5b90153d330682da3aee6a6
|
| SHA1 |
03bdcf04caaf8c06bf1405d4b9a9079e967db7c7
|
| SHA256 |
24fdabc9e06ef1997a8b2cf4277997cba018ec0403c493e5701733a922bf2896
|
| SHA3 |
8dfb79bf5376ac13751d39ca22df2c7325cb328e92ec046ccc0c97acfe7fd731
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0x54
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.41328
|
| MD5 |
308bcb4d7bdb21dfdb53c001f6bd19e5
|
| SHA1 |
20ee10a75dd548403e08932f8b99c5f156039d36
|
| SHA256 |
eb7d0af2353ec007085ea37532701d5afdaebfb2564ef8a3ac64838dd46252f8
|
| SHA3 |
6b11627400c66a870c1a08a5d56509d8fa9a8ad8a36568af314350fb1db927c9
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0x220
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.30121
|
| MD5 |
3e5bf04173a183ec7f492989f4b5cd50
|
| SHA1 |
a9cde52a785893cf1bca91d098cff999a385854d
|
| SHA256 |
2c013215c49a4a6ac7a042c6332be9f6b4b188022fae3ce6d300e2a93e4c1677
|
| SHA3 |
8e324299c9e8ce51a3c3f5cfc098ac42e7e0be847f8af0ff031cfdf7f6544602
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0x138
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.23118
|
| MD5 |
a608d30caa35161f568f99089ebb867a
|
| SHA1 |
209023c7530a23fc8f6f513a5f44fdfac4a85036
|
| SHA256 |
2e3399f30a8480e5485c27099a468f9cfa5b0d89476696793379b7c2bd7b703b
|
| SHA3 |
79dee0a748e7baca51c22c8911abff5c28397a2262471645140dd73778dbc849
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0x104
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.16754
|
| MD5 |
a0a165c09ed2734f7b6822cc16bae857
|
| SHA1 |
9a4375e458b9393598a808f5c4296243787ff298
|
| SHA256 |
8e7d384fcd572960924b8e9e1551fe46ee8526b33757c5a34ab6e1f6671041eb
|
| SHA3 |
d38b7371e8074ca4c65b32e482825bb582e88e962702b695ac60666b0ae3e072
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0xf0
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.0207
|
| MD5 |
ab172c787f493ecb5da3fe0d029ecf74
|
| SHA1 |
4d4f41a4729699cf6961c756ee730e1b62e5ce50
|
| SHA256 |
10b8e85fcc2e906125c8bb4f8a7a10ce178c9582e778fdde435d81da9077f121
|
| SHA3 |
835575f6ebde7248fe420736bb47610cf9d4951180a13106596a2938ec79c554
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0x10c
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.00688
|
| MD5 |
870f89c9f3e6a3096f36299de4a87a0f
|
| SHA1 |
75fc3cdfdad4a87da6e82b24e6c18c76407a7afc
|
| SHA256 |
80de9e09ee21dc898151639ac279205b2414dc20fb1e49cb997cd725f8307d29
|
| SHA3 |
e937d782c41e4d8cce492525b7daba05a6ee1c336927a44702806db6df123aaf
|
| Type |
RT_STRING
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0xcc
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.88071
|
| MD5 |
c303936a6447173bfc0171a395a192c7
|
| SHA1 |
8d11f9933a0d2e91cbd9d70459cb57f16e744e25
|
| SHA256 |
9252b74fbf4451503c81c2ed3dcfaa15c41fc97ae9114498a9588b3b9fa8b6d9
|
| SHA3 |
b6deb697e5bc8447b8ff3ea1cd63229ce98e6ed4c30c38f87f000e4bd604ae9e
|
| Type |
RT_GROUP_ICON
|
| Language |
UNKNOWN
|
| Codepage |
UNKNOWN
|
| Size |
0x5a
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
2.84654
|
| Detected Filetype |
Icon file
|
| MD5 |
b0547f9267a382c7c9dfee1e9355b0c3
|
| SHA1 |
8f073d34f47963362b5b8023264ee38d88ef84d7
|
| SHA256 |
fa805afc75d7dd56db54c8405b074b7487ed5118c9d6c41315861a49121bbdc7
|
| SHA3 |
3dc8a622e34988a4b870541b2595d6fa4ac892ae1149a810af1072da273be040
|
| Type |
RT_VERSION
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0x52c
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
3.50495
|
| MD5 |
93f034c6d320af4de4c3fbb4cbed4186
|
| SHA1 |
0707bce6160c7aea18af9ec7897a8424581d5693
|
| SHA256 |
a8847bc8d10982e87b3fa2c32ddb3c4a2c48f79c64a29489286e255a553a8138
|
| SHA3 |
a3a936a548f23cd78239589b586d02cb13edbdb025e3f5d1364af458fc47f875
|
| Type |
RT_MANIFEST
|
| Language |
Japanese - Japan
|
| Codepage |
UNKNOWN
|
| Size |
0x692
|
| TimeDateStamp |
1980-Jan-01 00:00:00
|
| Entropy |
5.20612
|
| MD5 |
58ec1a7389a20ad73f645631b00205e6
|
| SHA1 |
59d9d1697e2f5905dd84282326b5ec41c4b1610b
|
| SHA256 |
ea1add395249f244c093be3623dc2ac57c2eed27f604edfc879fb2b44d74ec94
|
| SHA3 |
b3776063bc27b60b4491d5d112a533f06b48786386751691780a9d5c04287d85
|
| Device Driver Hash Checker |
| Captures or records device driver hash checker and saves output to a folder |
| MapleBridge Desktop Labs Group |
| Version 9.2.7519.94 |
| Copyright (c) 2019-2022 MapleBridge Desktop Labs Group |
| Advanced |
| Checksum mismatch detected. |
| Item 9894: pending. |
| Core isolation: on. |
| Reload |
| Full Screen |
| Copy Logs |
| Access is denied. |
| Schema validation failed. |
| The package signature is invalid. |
| The specified path is invalid. |
| Item 2663: failed. |
| Test run: 128 passed, 0 failed. |
| SSL handshake failed. |
| Item 8517: failed. |
| Database connection failed. |
| This action cannot be undone. |
| Failed |
| The operation could not be completed. |
| Printer ready. |
| Please wait |
| Item 6892: ready. |
| Windows Hello ready. |
| Ready |
| Rollback completed. |
| Item 764: ready. |
| Port already in use. |
| Item 216: ready. |
| Item 9317: ready. |
| Loading... |
| Item 1261: ready. |
| Item 3036: ready. |
| Backup completed. |
| Update channel: stable. |
| Update available: version 3.2.1. |
| Automatic updates enabled. |
| Checking for updates... |
| Disconnected from network. |
| WireGuard peer connected. |
| Connected to network. |
| Proxy server configured. |
| WebRTC peer connected. |
| Subscription expired. |
| Trial expires in 14 days. |
| License key accepted. |
| License activated. |
| Signature |
0xfeef04bd
|
| StructVersion |
0x10000
|
| FileVersion |
9.2.7519.94
|
| ProductVersion |
9.2.3465.0
|
| FileFlags |
(EMPTY)
|
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT_WINDOWS32
VOS__WINDOWS32
|
| FileType |
VFT_APP
|
| Language |
Japanese - Japan
|
| OriginalFilename |
DeviceDriverHashChecker.exe
|
| ProductName |
Device Driver Hash Checker
|
| LegalCopyright |
Copyright (c) 2019-2022 MapleBridge Desktop Labs Group
|
| Comments |
Captures or records device driver hash checker and saves output to a folder
|
| InternalName |
DeviceDriverHashChecker.exe
|
| ProductVersion (#2) |
9.2.7519.94
|
| PrivateBuild |
Da5PH5xHP3Ym5
|
| FileDescription |
Captures or records device driver hash checker and saves output to a folder
|
| CompanyName |
MapleBridge Desktop Labs Group
|
| FileVersion (#2) |
9.2.7519.94
|
| SpecialBuild |
Final
|
| Resource LangID |
Japanese - Japan
|
| StartAddressOfRawData |
0x2195b5000
|
| EndAddressOfRawData |
0x2195b5008
|
| AddressOfIndex |
0x2195b2dd0
|
| AddressOfCallbacks |
0x219560378
|
| SizeOfZeroFill |
0
|
| Characteristics |
IMAGE_SCN_TYPE_REG
|
| Callbacks |
0x000000021906F080
0x000000021906F139
|
[*] Warning: Section .bss has a size of 0!
abbcab2e42e67756315d1a263e2ded9303ac85f583cf087a91ff0ae643a290ec