Manalyze report for abfb033f52f1372d542d53c6f1fbee33

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Jan-20 13:12:03
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.
Debug artifacts	Monochrome.pdb
CompanyName	samidy
FileDescription	Monochrome
FileVersion	`0.1.0`
ProductName	Monochrome
ProductVersion	`0.1.0`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains references to security software: rshell.exe` `Miscellaneous malware strings: cmd.exe` Contains domain names: birthpopuptypesapplyImagebeinguppernoteseveryshowsmeansextramatchtrackknownearlybegansuperpapernorthlearngivennamedendedTermspartsGroupbrandusingwomanfalsereadyaudiotakeswhile.com database.firebaseapp.com developer.microsoft.com discord.com firebaseapp.com genretrucklooksValueFrame.net github.com google.com http://dummy.testC http://www.C http://www.a http://www.css http://www.hortcut http://www.icon http://www.interpretation http://www.language http://www.style http://www.text-decoration http://www.w3.org http://www.w3.org/shortcut http://www.wencodeURIComponent http://www.years https://developer.microsoft.com https://developer.microsoft.com/en-us/microsoft-edge/webview2 https://github.com https://monochrome.samidy.com https://monochrome.samidy.com/ https://monochrome.samidy.complugin https://tauri.localhost https://www.World https://www.recent microsoft.com monochrome-database.firebaseapp.com monochrome.samidy.com samidy.com spotify.com thing.org www.w3.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to RC5 or RC6`
Suspicious	The PE is possibly packed.	`Unusual section name found: .taubndl`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryW LoadLibraryA LoadLibraryExW GetProcAddress LoadLibraryExA` `Functions which can be used for anti-debugging purposes: SwitchToThread FindWindowW` `Code injection capabilities (PowerLoader): FindWindowW GetWindowLongW` `Can access the registry: RegQueryValueExW RegCloseKey RegOpenKeyExW RegGetValueW RegisterHotKey` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Uses Windows's Native API: NtOpenFile NtWriteFile NtReadFile NtCreateNamedPipeFile` `Can create temporary files: GetTempPathW CreateFileW` `Uses functions commonly found in keyloggers: GetAsyncKeyState GetForegroundWindow MapVirtualKeyW` `Can take screenshots: FindWindowW GetDC BitBlt CreateCompatibleDC`
Safe	VirusTotal score: 0/72 (Scanned on 2026-02-06 09:12:04)	`All the AVs think this file is safe.`

Hashes

MD5	`abfb033f52f1372d542d53c6f1fbee33`
SHA1	`70b44d3287ccc2c41c4b33d45980b01c03eb823e`
SHA256	`a8cc8c58ecb27505aa2131dfbe14eaaf30dd069f6b0eb72892f08f637f0bcb62`
SHA3	`95fc3c73e1c7629b1791f3e48e4cf0d78be8db466299e0184a64a2c0417cc890`
SSDeep	`98304:RTOvX/dT3LxXcmmBnOoqL//tNH5ZMtlWxSK5+YlT+Qcs20neC/m5YAHfmHcNHTO:RSvN7+nrqLPL8lWQfmHMgF`
Imports Hash	`f1bbaa85860a96b377e6ec5329f9134e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2026-Jan-20 13:12:03
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x8bc400`
SizeOfInitializedData	`0x400000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000894DD0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xcc2000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`16e6e635cb16acbfc65949c827b6b952`
SHA1	`f3ee758e7216749b02ea92523ccca228a91f6485`
SHA256	`aa655b911c088ad561cb744e492a21c77a9122a193d852a5342ca4ff8c53dd3e`
SHA3	`3f71111dfb188196c045b0be4b7cd0e4e5c929f825c2863e27266c0decc9cfa3`
VirtualSize	`0x8bc240`
VirtualAddress	`0x1000`
SizeOfRawData	`0x8bc400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.14542`

.rdata

MD5	`2f111c1ac46a1a072f0bc1af92b5189f`
SHA1	`4a614c80b9b7a867e7742a69023e16b315ed3c10`
SHA256	`84a762d5300f6e951110dd72c9c46fbe0086ac38e576d9da611c87c6f6baa992`
SHA3	`10c359e219e908de589ba1f1e99418af601e3c81284d4d43c252107734d2cc2b`
VirtualSize	`0x378132`
VirtualAddress	`0x8be000`
SizeOfRawData	`0x378200`
PointerToRawData	`0x8bc800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.6525`

.data

MD5	`b0f583ec079df4111eae134edaf7a475`
SHA1	`61d513cb4fe64ba64deeead0e4017f99efa79f3c`
SHA256	`f49701ded268e31ae24a8ee76c654f99e2d8ba42a9dd3f5b149aad369c6fd3c1`
SHA3	`39e8427397d862ccf617cbf39e569ae5d16fa8a2261d86f485c91d2b6cd7b0df`
VirtualSize	`0x30e8`
VirtualAddress	`0xc37000`
SizeOfRawData	`0xc00`
PointerToRawData	`0xc34a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.00499`

.pdata

MD5	`1b70498809d30fe3eebb90028f42c232`
SHA1	`15247a43f7c70c8a98831e43245aef91e65944bd`
SHA256	`e5d17f5d2b434639935ef3368942d6e9ed2fb554c2476543f785a55d0154ed9e`
SHA3	`cf3ffade33b011ffd580d2335e345a9d69faa48f7faed35dc7922294ebde7957`
VirtualSize	`0x77358`
VirtualAddress	`0xc3b000`
SizeOfRawData	`0x77400`
PointerToRawData	`0xc35600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.56354`

.taubndl

MD5	`8601eb32a5b2f1402e2b639b483706ac`
SHA1	`202a609ff7ed5f1282aaf563df5dae56f5f18614`
SHA256	`d6b99558065bcd4cecdb28fd0ecd6fda16e9bf068e6b91fc71131baaff48d111`
SHA3	`ccad7a28858b7057ca4a22cdf5a74261ea1c1e20c298b39c13a4f307e1395870`
VirtualSize	`0x10`
VirtualAddress	`0xcb3000`
SizeOfRawData	`0x200`
PointerToRawData	`0xcaca00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.122276`

.rsrc

MD5	`b79d6f1394cf02b021abc749ec5a6822`
SHA1	`51d9471db5699b1cf076e6ba689353d6968d3ab9`
SHA256	`f1f5e22ea612c14b6cf0e2290bb40f4e1bea6a7cb0a952f2e0517797a4e1a9ab`
SHA3	`404e5b83058cf5674e0026a584e348c4e60e4b29127f0ff011e7696c18aca1ae`
VirtualSize	`0x1e28`
VirtualAddress	`0xcb4000`
SizeOfRawData	`0x2000`
PointerToRawData	`0xcacc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.72645`

.reloc

MD5	`cb86b01cbaee891689a32621d48e5ecb`
SHA1	`d2860cf0c0ed228beb644aa1b3c53ae9f0da8a5f`
SHA256	`88534adfc77e1f6cb96cc73cf9162a3d87d992502812d5b50b01575335953c68`
SHA3	`bd01516c5fee1fc14f2390f09b541ed356300b04782bd930059ef6ffbefd0b2e`
VirtualSize	`0xb5e8`
VirtualAddress	`0xcb6000`
SizeOfRawData	`0xb600`
PointerToRawData	`0xcaec00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.46556`

Imports

bcryptprimitives.dll	`ProcessPrng`
advapi32.dll	`RegQueryValueExW` `EventSetInformation` `RegCloseKey` `EventUnregister` `EventWriteTransfer` `RegOpenKeyExW` `EventRegister` `RegGetValueW`
ntdll.dll	`RtlNtStatusToDosError` `NtOpenFile` `NtWriteFile` `NtReadFile` `NtCreateNamedPipeFile` `RtlGetVersion`
kernel32.dll	`RaiseException` `RtlPcToFileHeader` `FlsAlloc` `GetUserDefaultUILanguage` `FlsGetValue` `FlsSetValue` `FindNextFileW` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `RtlCaptureContext` `TerminateProcess` `GetProcessId` `GetExitCodeProcess` `GetSystemInfo` `QueryPerformanceCounter` `GetSystemTimePreciseAsFileTime` `WriteFileEx` `CreateProcessW` `GetWindowsDirectoryW` `GetSystemTimeAsFileTime` `SleepConditionVariableSRW` `WakeAllConditionVariable` `GetSystemDirectoryW` `CompareStringOrdinal` `FreeEnvironmentStringsW` `CreateThread` `SetWaitableTimer` `CreateWaitableTimerExW` `GetConsoleOutputCP` `GetStdHandle` `LoadLibraryW` `MultiByteToWideChar` `CancelIo` `QueryPerformanceFrequency` `ReadFile` `SleepEx` `ReadFileEx` `WaitForMultipleObjects` `ExitProcess` `GetTempPathW` `GetFullPathNameW` `LoadLibraryA` `FindClose` `FindFirstFileExW` `GetFinalPathNameByHandleW` `GetOverlappedResult` `CreateEventW` `SwitchToThread` `GetFileInformationByHandleEx` `CreateDirectoryW` `GetCommandLineW` `GetEnvironmentStringsW` `GetCurrentDirectoryW` `SetLastError` `GetCurrentThread` `SetThreadStackGuarantee` `AddVectoredExceptionHandler` `lstrlenW` `AcquireSRWLockExclusive` `OutputDebugStringA` `OutputDebugStringW` `GetModuleFileNameW` `GetProcessHeap` `HeapFree` `LoadLibraryExW` `FreeLibrary` `DuplicateHandle` `FlsFree` `ReleaseSRWLockExclusive` `LCIDToLocaleName` `SetFileInformationByHandle` `CreateMutexA` `GetCurrentProcessId` `WaitForSingleObjectEx` `WideCharToMultiByte` `GetCurrentProcess` `HeapReAlloc` `GetEnvironmentVariableW` `EncodePointer` `GetModuleHandleW` `InitializeSListHead` `SetUnhandledExceptionFilter` `ReleaseMutex` `RtlUnwindEx` `CreateMutexW` `GetModuleHandleA` `Sleep` `WaitForSingleObject` `GetProcAddress` `GetLastError` `SetEnvironmentVariableW` `CloseHandle` `InitializeCriticalSectionEx` `LoadLibraryExA` `HeapAlloc` `GetConsoleMode` `GetFileInformationByHandle` `FormatMessageW` `WriteConsoleW` `GetCurrentThreadId` `CreatePipe` `GetFileAttributesW` `CreateFileW` `DeleteCriticalSection`
user32.dll	`PostMessageW` `CreateMenu` `SetMenu` `DrawMenuBar` `SetMenuItemInfoW` `AppendMenuW` `InsertMenuW` `PostQuitMessage` `CreateAcceleratorTableW` `SendMessageW` `DestroyAcceleratorTable` `GetMenuItemInfoW` `SetTimer` `TrackPopupMenu` `KillTimer` `ChangeWindowMessageFilterEx` `DestroyWindow` `CreateIcon` `ToUnicodeEx` `GetKeyState` `FindWindowW` `RegisterClassExW` `CreateWindowExW` `DefWindowProcW` `ScreenToClient` `GetWindowLongW` `GetClientRect` `ClientToScreen` `MonitorFromRect` `GetKeyboardState` `MapVirtualKeyExW` `SetWindowLongW` `EnableMenuItem` `GetSystemMenu` `SystemParametersInfoA` `SetPropW` `GetKeyboardLayout` `GetMenu` `FillRect` `ShowCursor` `SystemParametersInfoW` `TrackMouseEvent` `ClipCursor` `GetClipCursor` `IsWindowVisible` `DestroyIcon` `RedrawWindow` `EnumDisplayMonitors` `MonitorFromPoint` `SetWindowTextW` `GetWindowTextW` `GetWindowTextLengthW` `SetWindowDisplayAffinity` `SendInput` `SetForegroundWindow` `GetTouchInputInfo` `RegisterRawInputDevices` `ReleaseCapture` `SetCapture` `MsgWaitForMultipleObjectsEx` `CloseTouchInputHandle` `GetSystemMetrics` `RegisterWindowMessageA` `SetParent` `MapWindowPoints` `SetCursor` `GetCursorPos` `MonitorFromWindow` `GetWindow` `SetFocus` `ShowWindow` `ReleaseDC` `EnableWindow` `IsWindowEnabled` `GetWindowRect` `GetRawInputData` `FindWindowExW` `SetWindowRgn` `CreatePopupMenu` `IsProcessDPIAware` `GetDC` `RemoveMenu` `CheckMenuItem` `RegisterHotKey` `RegisterClassW` `GetAsyncKeyState` `UnregisterHotKey` `DrawIconEx` `DestroyMenu` `GetMenuBarInfo` `OffsetRect` `SetWindowLongPtrW` `GetWindowLongPtrW` `GetParent` `GetForegroundWindow` `GetWindowDC` `DrawTextW` `RegisterTouchWindow` `IsWindow` `AdjustWindowRectEx` `FlashWindowEx` `GetActiveWindow` `UpdateWindow` `InvalidateRect` `SetCursorPos` `GetMonitorInfoW` `InvalidateRgn` `GetWindowPlacement` `SetWindowPlacement` `ChangeDisplaySettingsExW` `GetMessageW` `MapVirtualKeyW` `IsIconic` `EnumChildWindows` `DispatchMessageA` `GetMessageA` `ValidateRect` `AdjustWindowRect` `TranslateAcceleratorW` `SetWindowPos` `LoadCursorW` `DispatchMessageW` `TranslateMessage` `GetUpdateRect` `PeekMessageW` `PostThreadMessageW`
shell32.dll	`DragQueryFileW` `DragFinish` `SHAppBarMessage` `Shell_NotifyIconW` `SHCreateItemFromParsingName` `ShellExecuteW` `Shell_NotifyIconGetRect` `SHGetKnownFolderPath`
api-ms-win-core-synch-l1-2-0.dll	`WakeByAddressSingle` `WakeByAddressAll` `WaitOnAddress`
ole32.dll	`RevokeDragDrop` `CoCreateFreeThreadedMarshaler` `CoCreateInstance` `OleInitialize` `RegisterDragDrop` `CoInitialize` `CoTaskMemFree` `CoUninitialize` `CoTaskMemAlloc` `CoIncrementMTAUsage` `CoInitializeEx`
comctl32.dll	`TaskDialogIndirect` `SetWindowSubclass` `DefSubclassProc` `RemoveWindowSubclass`
gdi32.dll	`SetBkMode` `SetTextColor` `BitBlt` `SelectObject` `DeleteObject` `GetDeviceCaps` `DeleteDC` `CombineRgn` `CreateSolidBrush` `CreateCompatibleDC` `CreateRectRgn` `CreateDIBSection`
dwmapi.dll	`DwmGetWindowAttribute` `DwmEnableBlurBehindWindow` `DwmSetWindowAttribute`
shlwapi.dll	`SHCreateMemStream`
api-ms-win-core-winrt-l1-1-0.dll	`RoGetActivationFactory`
oleaut32.dll	`SysFreeString` `GetErrorInfo` `SysStringLen` `SetErrorInfo`
SHELL32.dll	`#155` `SHOpenFolderAndSelectItems` `#190` `ShellExecuteExW`
api-ms-win-crt-math-l1-1-0.dll	`pow` `__setusermatherr` `trunc` `floor` `fmod` `round` `roundf`
api-ms-win-crt-string-l1-1-0.dll	`wcslen` `strlen` `_wcsicmp` `wcscmp` `strcpy_s`
api-ms-win-crt-convert-l1-1-0.dll	`_wtoi` `_ultow_s` `wcstol`
api-ms-win-crt-runtime-l1-1-0.dll	`_seh_filter_exe` `abort` `terminate` `_crt_atexit` `_set_app_type` `_configure_narrow_argv` `_register_onexit_function` `_initialize_onexit_table` `_initialize_narrow_environment` `_get_initial_narrow_environment` `_initterm` `_register_thread_local_exe_atexit_callback` `_c_exit` `_cexit` `__p___argv` `_initterm_e` `exit` `_exit` `__p___argc`
api-ms-win-crt-stdio-l1-1-0.dll	`__p__commode` `_set_fmode`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`
api-ms-win-crt-heap-l1-1-0.dll	`calloc` `_set_new_mode` `malloc` `_callnewh` `free`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3bd`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.94995`
Detected Filetype	PNG graphic file
MD5	`a9bbef735cfc83f9c20d6d79ddc4755d`
SHA1	`4f03bd2f1e0535c65e5ca7caf07e2c30d99a0ce6`
SHA256	`813b2e644cdfd8635c3e666d2d6459a89bfb2b5098498003aa249eb24b52e8a7`
SHA3	`e09aef9e7b1078538cdbeeb88bdbce3aa7ce668ec51becedcd8fa45b20ac2b2c`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2b6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.71763`
Detected Filetype	PNG graphic file
MD5	`60892810c2ef8cc47d7daf0bffd7fa40`
SHA1	`d146677b8b6a4228b7c85a75685f8fd97f82515b`
SHA256	`c3e66ca3094688c1ccbbf89139fd81f8fd3098cb58699a01f148bf754894c636`
SHA3	`66d1c0c3b4738f44106543998447c086173889007eaab6f073dcd32f26521557`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x353`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.98102`
Detected Filetype	PNG graphic file
MD5	`4fe2a9c578725b5dd5d2fedf39acb9c8`
SHA1	`1b51cf20d611c20b734e5cd2c6a96f1435e623cb`
SHA256	`32fd9449bd22e31d0904666dc1a64b5fac00fa78699fc5b13b02306c5fe3a9f5`
SHA3	`620fc41a9e6ea6fe61a5813200446f137cef06f3e06ceeeb3f4b85bb73e03d02`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3ce`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.08477`
Detected Filetype	PNG graphic file
MD5	`7fa418fb97e5f2eb74f62bb8274c07ca`
SHA1	`4c341cd358da7530e78bc21a60060d0088c241c1`
SHA256	`73dbdc2f34a0792583fa7113eee7cb18ae046532267b956336b3043f1ee6dbb8`
SHA3	`7f332f2cc14c9e8b5087b29ecb5e64de7bc370494865cf449078680d8d03108a`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x42d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.00864`
Detected Filetype	PNG graphic file
MD5	`a10b9adde1c1e1f064c00b12c0212703`
SHA1	`047a1d7ce58a23dbba2f314483db002ef3c91b64`
SHA256	`8a984519a3ddb1da094aaedbe943fb111dfa735438a72e9685b7384960dc7b5b`
SHA3	`5d1747cd55ba0e380b390d945528bf813989d556164f0b1744a692dd9d01320c`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x6a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.79797`
Detected Filetype	PNG graphic file
MD5	`d2cc6ff712ec9178ec8e24726225ed9b`
SHA1	`e0840ea7cc29f7f259d1d2c6322b2695f2ce2c45`
SHA256	`521407f7977c5fe2887a791fbfe22b9a51adb823c1faaf50ac313fb33c8580f7`
SHA3	`ee6f5a6f468ae759feecd84e2741ee841fe7174ae6ebb794fb4056e9552a2b62`

32512

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.70482`
Detected Filetype	Icon file
MD5	`c2750529425dd9dfbe8dde719ad29ac4`
SHA1	`43e76ac31ed48ef9c57213e2832223ab6829fb0a`
SHA256	`508b7119f99bb527ccfd366791feb03250088b8eb38d9256eff1fd95f656c6b6`
SHA3	`2074e935ae0601114117d33a72374f42b99e4ab27a1baca128e61d4007d96def`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1e0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.11618`
MD5	`c8bf1a63434fd0453501fa55a5ff3223`
SHA1	`99442b7e35dd45ac13eefb01f0d21b1eb8594674`
SHA256	`362bee2ca243ad7070a117aa2e5c41be67c061599e1d675184e77caeeb6f5a13`
SHA3	`3cb90b90c15d1c5bf20bcf3024b09f0271e489b1c132a61a33cef8b19569d67a`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.96056`
MD5	`01e4c8c046a47771f13cd120b53303e7`
SHA1	`2a4224d31c916a5cff4f2636a3cb47fdd84a5cc9`
SHA256	`b1cb832f790c153aa0e9a66f76e75460263cf1d41971d2dbcc9a4d87ec18b7d8`
SHA3	`680120ec819e7ba66519d9a8a3e446973c4cb28aa0146c91cceaa8c8fadc90ae`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.1.0.0
ProductVersion	0.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	samidy
FileDescription	Monochrome
FileVersion (#2)	0.1.0
ProductName	Monochrome
ProductVersion (#2)	0.1.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Jan-20 13:12:03
Version	`0.0`
SizeofData	`39`
AddressOfRawData	`0xa4654c`
PointerToRawData	`0xa44d4c`
Referenced File	Monochrome.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Jan-20 13:12:03
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0xa46574`
PointerToRawData	`0xa44d74`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Jan-20 13:12:03
Version	`0.0`
SizeofData	`1068`
AddressOfRawData	`0xa46588`
PointerToRawData	`0xa44d88`

TLS Callbacks

StartAddressOfRawData	`0x140a46a00`
EndAddressOfRawData	`0x140a46bbc`
AddressOfIndex	`0x140c39f80`
AddressOfCallbacks	`0x1408bebc8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_8BYTES`
Callbacks	`0x00000001408605A0`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140c37940`

RICH Header

XOR Key	`0x6d528498`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`14`
ASM objects (35403)	`9`
C objects (35403)	`13`
C++ objects (35403)	`46`
Imports (33145)	`3`
Total imports	`445`
Unmarked objects (#2)	`621`
Resource objects (35722)	`1`
Linker (35722)	`1`

abfb033f52f1372d542d53c6f1fbee33

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

.taubndl

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

6

32512

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

TLS Callbacks

Load Configuration

RICH Header

Errors