Manalyze report for af90245bc7c1428ac4c6725d40fafab2e9b60b729543c64ba72c135af5d543e5

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Dec-12 16:51:24
Detected languages	English - United States
Debug artifacts	D:\a\distribution\distribution\builds\aseprite-release-1.3.16.1\build-trial\bin\aseprite.pdb
Comments	https://www.aseprite.org/
CompanyName	Igara Studio S.A.
FileDescription	Aseprite
FileVersion	`1,3,16,1`
InternalName	aseprite
LegalCopyright	Copyright (C) 2001-2025 Igara Studio S.A.
OriginalFilename	aseprite.exe
ProductName	Aseprite
ProductVersion	`1,3,16,1`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Suspicious	PEiD Signature:	`Crunch 4`
Info	Interesting strings found in the binary:	`Contains domain names: Workaround.xyz adobe.com aseprite.org blog.aseprite.org example.com http://ns.adobe.com http://ns.adobe.com/xap/1.0/ https://blog.aseprite.org https://blog.aseprite.org/rss https://curl.se https://www.aseprite.org https://www.aseprite.org/ https://www.aseprite.org/contributors/ https://www.aseprite.org/download/ https://www.aseprite.org/update/?xml lightDirAndSpotCutoff.xyz lightPosAndSpotFalloff.xyz normalAndA.xyz ns.adobe.com www.aseprite.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to MD5` `Uses constants related to SHA1` `Microsoft's Cryptography API`
Suspicious	The PE is possibly packed.	`Unusual section name found: .fptable`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryExW LoadLibraryW LoadLibraryA GetProcAddress` `Functions which can be used for anti-debugging purposes: SwitchToThread` `Can access the registry: RegSetValueExW RegDeleteValueW RegCreateKeyExW RegOpenKeyExW RegQueryInfoKeyW RegCloseKey RegEnumKeyExW RegQueryValueExW` `Uses Microsoft's cryptographic API: CryptAcquireContextA CryptReleaseContext CryptGenRandom CryptGetHashParam CryptCreateHash CryptHashData CryptDestroyHash CryptDestroyKey CryptImportKey CryptEncrypt CryptDecodeObjectEx CryptQueryObject CryptStringToBinaryA` `Can create temporary files: CreateFileW GetTempPathW CreateFileA` `Leverages the raw socket API to access the Internet: gethostname ioctlsocket sendto recvfrom freeaddrinfo getaddrinfo listen htonl accept select __WSAFDIsSet htons send WSACloseEvent WSACreateEvent WSAEnumNetworkEvents WSAEventSelect WSACleanup WSASetEvent WSAWaitForMultipleEvents closesocket WSAGetLastError recv bind connect getpeername getsockname getsockopt WSAResetEvent ntohs setsockopt socket WSASetLastError WSAIoctl inet_pton WSAStartup` `Enumerates local disk drives: GetDriveTypeW` `Can take screenshots: GetDC CreateCompatibleDC` `Reads the contents of the clipboard: GetClipboardData` `Interacts with the certificate store: CertAddCertificateContextToStore CertOpenStore`
Info	The PE is digitally signed.	`Signer: Igara Studio S.A.` `Issuer: DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1`
Safe	VirusTotal score: 0/71 (Scanned on 2026-01-15 09:05:43)	`All the AVs think this file is safe.`

Hashes

MD5	`b8b18ea98d1e6e60637cd5a87dbe0070`
SHA1	`0debbee415bede1ac1570e47cd5f4e64cb752899`
SHA256	`af90245bc7c1428ac4c6725d40fafab2e9b60b729543c64ba72c135af5d543e5`
SHA3	`62a3357c9b3d06ec35a8cf5eab31df6d29436311492876e2a941cee98d48f4d4`
SSDeep	`196608:AMox/013XFe66mgPHFUPWUPTHXKxYjO3Pakj/K8mpA9c9brjmGVSR:tFf6muHnUPclmR3mPR`
Imports Hash	`41e3827e44c1486d15bf63e51b2668fc`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x128`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`6`
TimeDateStamp	2025-Dec-12 16:51:24
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0xcf2e00`
SizeOfInitializedData	`0x2b5c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00C14AB3 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0xcf4000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xfad000`
SizeOfHeaders	`0x400`
Checksum	`0xfb152e`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`304276eee1bedf31f1285a42325f6dbe`
SHA1	`9343997dfe17a99f366a11609fe86d0fc7845941`
SHA256	`09be2b7b0f261b9c320e49889b0a1a98d7b01c3924f5a6e2123fa9b1ab00599c`
SHA3	`bea483cd6b5a0e607cf1b1df9bad9b108f789cb2a415b73a37b1f6c3d395e019`
VirtualSize	`0xcf2c68`
VirtualAddress	`0x1000`
SizeOfRawData	`0xcf2e00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.58048`

.rdata

MD5	`88019c75f8cd4ac43a70ac76f5537d91`
SHA1	`4eeb145e00c05b89d9135a5af538fca8f071bf3c`
SHA256	`acb08f7dd8bfa5175f9c0d79956594c1701250ca8cb23cf85acb4750f6658105`
SHA3	`581ce5bf3fdbcdae47e1eb6a70948fae2433e397dbb96f3e31987c030889f9c3`
VirtualSize	`0x1dd8ca`
VirtualAddress	`0xcf4000`
SizeOfRawData	`0x1dda00`
PointerToRawData	`0xcf3200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.92132`

.data

MD5	`00762571c70c4d902be34c42a76fe45d`
SHA1	`3215f091da22de456577b3d69d5dea2684d68f39`
SHA256	`f16753010518b07d43b857fc0c4c9543fac540e22199f90ca4d6c860235f8a71`
SHA3	`66e4a03de59cd420906722a612c460ed48d433b3aee60329f55cfdd1d06d58de`
VirtualSize	`0x38150`
VirtualAddress	`0xed2000`
SizeOfRawData	`0x32e00`
PointerToRawData	`0xed0c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.30885`

.fptable

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x80`
VirtualAddress	`0xf0b000`
SizeOfRawData	`0x200`
PointerToRawData	`0xf03a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`bc8d8a52646ed1d9c8663e7fa48c2b43`
SHA1	`1176f1799d539d7ea610efeab161d4cccf587938`
SHA256	`0360bdd0b977bf6dde265eb5dce0f0836f9f08daba563315b5834ec614a58461`
SHA3	`fe2927cbf9e2fd2a28c835bec412cbf2b9aeb7e754d772ffb1df34fab7fd49e6`
VirtualSize	`0x2ab60`
VirtualAddress	`0xf0c000`
SizeOfRawData	`0x2ac00`
PointerToRawData	`0xf03c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.23256`

.reloc

MD5	`3c1ede8194a4de1c25f73ce8cf9171df`
SHA1	`df2823b994e669a5d8b24894f2429dbd7d9ef31d`
SHA256	`c9d8d3901549e1357817e7981ff208bd82bfd25223826883cec0457fd9976b25`
SHA3	`641443de03f407a9d5017fbf2d5b7e65df8357d554ad80ee058102ebc9cb13c4`
VirtualSize	`0x75060`
VirtualAddress	`0xf37000`
SizeOfRawData	`0x75200`
PointerToRawData	`0xf2e800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.5963`

Imports

KERNEL32.dll	`IsValidLocale` `GetLocaleInfoW` `LCMapStringW` `CompareStringW` `GetTimeFormatW` `GetDateFormatW` `VirtualProtect` `IsThreadAFiber` `FlsFree` `FlsSetValue` `FlsGetValue` `FlsAlloc` `GetConsoleOutputCP` `ReadConsoleW` `GetConsoleMode` `MoveFileExW` `GetTimeZoneInformation` `GetUserDefaultLCID` `SetStdHandle` `HeapSize` `SetFilePointerEx` `ExitProcess` `GetModuleHandleExW` `FreeLibraryAndExitThread` `ResumeThread` `ExitThread` `CreateThread` `LoadLibraryExW` `TlsFree` `TlsSetValue` `TlsGetValue` `TlsAlloc` `InitializeCriticalSectionAndSpinCount` `InterlockedFlushSList` `InterlockedPushEntrySList` `RtlUnwind` `EnumSystemLocalesW` `HeapAlloc` `HeapFree` `SetConsoleCtrlHandler` `HeapReAlloc` `GetProcessHeap` `HeapQueryInformation` `OutputDebugStringW` `GetCommandLineA` `GetCommandLineW` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetEnvironmentVariableW` `GlobalLock` `GlobalUnlock` `GlobalSize` `GetDriveTypeW` `GetStartupInfoW` `IsDebuggerPresent` `InitializeSListHead` `TerminateProcess` `UnhandledExceptionFilter` `IsProcessorFeaturePresent` `GetCPInfo` `CompareStringEx` `GetStringTypeW` `GetFileInformationByHandleEx` `CloseThreadpoolWait` `SetThreadpoolWait` `CreateThreadpoolWait` `CloseThreadpoolTimer` `WaitForThreadpoolTimerCallbacks` `SetThreadpoolTimer` `CreateThreadpoolTimer` `FreeLibraryWhenCallbackReturns` `GetCurrentProcessorNumber` `FlushProcessWriteBuffers` `CreateSemaphoreExW` `CreateEventExW` `SetFileInformationByHandle` `GetModuleFileNameW` `GetModuleHandleExA` `GetModuleHandleA` `GetNativeSystemInfo` `InitOnceExecuteOnce` `GetFileSize` `CreateFileW` `LoadLibraryW` `WaitForSingleObject` `LCMapStringEx` `DecodePointer` `EncodePointer` `InitOnceComplete` `InitOnceBeginInitialize` `RaiseException` `GetTickCount64` `TryAcquireSRWLockShared` `AcquireSRWLockShared` `ReleaseSRWLockShared` `SleepConditionVariableSRW` `WakeAllConditionVariable` `WakeConditionVariable` `TryAcquireSRWLockExclusive` `AcquireSRWLockExclusive` `ReleaseSRWLockExclusive` `GetExitCodeThread` `SwitchToThread` `FormatMessageA` `GetVersionExW` `GetLocalTime` `FlushFileBuffers` `FileTimeToSystemTime` `SystemTimeToTzSpecificLocalTime` `MoveFileW` `CopyFileW` `lstrcmpW` `RemoveDirectoryW` `GetFileAttributesExW` `FindFirstFileExW` `DeleteFileW` `SetCurrentDirectoryW` `GetCurrentThreadId` `GetCurrentProcess` `LocalFree` `AttachConsole` `FreeConsole` `AllocConsole` `GetCurrentProcessId` `VerifyVersionInfoA` `VerSetConditionMask` `WaitForMultipleObjects` `GetStdHandle` `GetEnvironmentVariableA` `WaitForSingleObjectEx` `MoveFileExA` `FormatMessageW` `SetLastError` `GetTickCount` `QueryPerformanceCounter` `GetSystemDirectoryA` `QueryPerformanceFrequency` `SleepEx` `DeleteCriticalSection` `InitializeCriticalSectionEx` `LeaveCriticalSection` `EnterCriticalSection` `WriteConsoleW` `GetExitCodeProcess` `PeekNamedPipe` `GetFullPathNameW` `GetFileAttributesA` `GetOEMCP` `IsValidCodePage` `GetTempPathW` `CreateSymbolicLinkW` `CreateHardLinkW` `DeviceIoControl` `WriteFile` `SetFileTime` `SetFilePointer` `SetFileAttributesW` `SetEndOfFile` `GetFileType` `GetFileAttributesW` `CreateDirectoryW` `ReleaseSemaphore` `WideCharToMultiByte` `MultiByteToWideChar` `GlobalFree` `GlobalAlloc` `GetCurrentThread` `Sleep` `GlobalGetAtomNameW` `GlobalGetAtomNameA` `GlobalAddAtomW` `GlobalAddAtomA` `GlobalDeleteAtom` `SetUnhandledExceptionFilter` `GetModuleHandleW` `GetCurrentDirectoryW` `GetGeoInfoW` `GetUserGeoID` `GetDynamicTimeZoneInformation` `CreateFileMappingW` `CreateFileA` `GetACP` `GetLocaleInfoEx` `GetSystemTimeAsFileTime` `CreateSemaphoreA` `FindFirstFileW` `FindNextFileW` `FindClose` `GetLastError` `ReadFile` `CloseHandle` `MapViewOfFile` `CreateFileMappingA` `GetFileSizeEx` `LocaleNameToLCID` `LoadLibraryA` `GetProcAddress` `FreeLibrary` `OutputDebugStringA` `GetFileInformationByHandle` `UnmapViewOfFile` `LCIDToLocaleName`
USER32.dll	`SystemParametersInfoW` `ShowWindow` `DestroyWindow` `IsWindow` `SetWindowPos` `GetWindowPlacement` `MessageBoxA` `MessageBoxW` `GetDC` `ReleaseDC` `SetCursorPos` `GetCursorPos` `DestroyIcon` `CreateIconIndirect` `MonitorFromWindow` `GetMonitorInfoA` `EnumDisplayMonitors` `RegisterClipboardFormatA` `RegisterClipboardFormatW` `GetMessageW` `TranslateMessage` `DispatchMessageW` `PeekMessageW` `MsgWaitForMultipleObjects` `GetMonitorInfoW` `GetKeyState` `GetAsyncKeyState` `SetWindowPlacement` `IsWindowVisible` `IsZoomed` `GetCapture` `SetCapture` `ReleaseCapture` `SetTimer` `KillTimer` `GetSystemMetrics` `UpdateWindow` `SetActiveWindow` `BeginPaint` `EndPaint` `InvalidateRect` `InvalidateRgn` `SetScrollPos` `GetScrollPos` `SetWindowTextW` `GetWindowTextW` `GetWindowTextLengthW` `GetClientRect` `GetWindowRect` `AdjustWindowRectEx` `SetCursor` `ClientToScreen` `ScreenToClient` `MapWindowPoints` `GetWindowLongW` `SetWindowLongW` `LoadCursorW` `LoadIconW` `SetScrollInfo` `GetAncestor` `PostMessageW` `IsWindowUnicode` `SetForegroundWindow` `PackDDElParam` `UnpackDDElParam` `FreeDDElParam` `ReuseDDElParam` `UpdateLayeredWindowIndirect` `OpenClipboard` `CloseClipboard` `SetClipboardData` `GetClipboardData` `EmptyClipboard` `IsClipboardFormatAvailable` `GetClassInfoExW` `RegisterClassExW` `DefWindowProcW` `SendMessageW` `CreateWindowExW` `ToUnicode` `GetKeyboardState`
GDI32.dll	`SwapBuffers` `StretchDIBits` `SetPixelFormat` `SelectObject` `CreateCompatibleDC` `CreateCompatibleBitmap` `ChoosePixelFormat` `CreateRectRgn` `CombineRgn` `GetICMProfileW` `DeleteDC` `CreateDCW` `CreateDIBSection` `GetPixel` `DeleteObject` `CreateBitmap`
COMDLG32.dll	`CommDlgExtendedError` `GetSaveFileNameW` `GetOpenFileNameW`
ole32.dll	`OleInitialize` `ReleaseStgMedium` `CoCreateInstance` `CoInitialize` `RegisterDragDrop` `RevokeDragDrop` `CreateStreamOnHGlobal` `GetHGlobalFromStream` `CoCreateGuid` `OleUninitialize` `CoTaskMemFree` `CoUninitialize`
COMCTL32.dll	`_TrackMouseEvent`
dwmapi.dll	`DwmGetWindowAttribute` `DwmIsCompositionEnabled` `DwmExtendFrameIntoClientArea` `DwmSetWindowAttribute`
MSIMG32.dll	`AlphaBlend`
OPENGL32.dll	`wglDeleteContext` `wglGetCurrentContext` `wglGetCurrentDC` `wglMakeCurrent` `wglGetProcAddress` `wglCreateContext`
WLDAP32.dll	`#60` `#46` `#211` `#301` `#200` `#30` `#79` `#35` `#33` `#32` `#27` `#26` `#143` `#22` `#41` `#45` `#50`
WS2_32.dll	`gethostname` `ioctlsocket` `sendto` `recvfrom` `freeaddrinfo` `getaddrinfo` `listen` `htonl` `accept` `select` `__WSAFDIsSet` `htons` `send` `WSACloseEvent` `WSACreateEvent` `WSAEnumNetworkEvents` `WSAEventSelect` `WSACleanup` `WSASetEvent` `WSAWaitForMultipleEvents` `closesocket` `WSAGetLastError` `recv` `bind` `connect` `getpeername` `getsockname` `getsockopt` `WSAResetEvent` `ntohs` `setsockopt` `socket` `WSASetLastError` `WSAIoctl` `inet_pton` `WSAStartup`
ADVAPI32.dll	`RegDeleteTreeW` `RegSetValueExW` `RegDeleteValueW` `RegCreateKeyExW` `ImpersonateAnonymousToken` `RevertToSelf` `RegOpenKeyExW` `RegQueryInfoKeyW` `RegCloseKey` `RegEnumKeyExW` `RegQueryValueExW` `CryptAcquireContextA` `CryptReleaseContext` `CryptGenRandom` `CryptGetHashParam` `CryptCreateHash` `CryptHashData` `CryptDestroyHash` `CryptDestroyKey` `CryptImportKey` `CryptEncrypt`
CRYPT32.dll	`PFXImportCertStore` `CryptDecodeObjectEx` `CertAddCertificateContextToStore` `CertFindExtension` `CertFreeCertificateContext` `CryptQueryObject` `CertCreateCertificateChainEngine` `CertFreeCertificateChainEngine` `CertGetCertificateChain` `CertFreeCertificateChain` `CertFindCertificateInStore` `CertEnumCertificatesInStore` `CryptStringToBinaryA` `CertCloseStore` `CertOpenStore` `CertGetNameStringA`
dbghelp.dll	`MiniDumpWriteDump`
SHLWAPI.dll	`#12` `StrRetToBufW`
VERSION.dll	`VerQueryValueW` `GetFileVersionInfoW` `GetFileVersionInfoSizeW`
SHELL32.dll	`DragFinish` `SHGetMalloc` `SHGetSpecialFolderLocation` `SHGetDesktopFolder` `SHGetFolderPathW` `SHChangeNotify` `SHCreateItemFromParsingName` `DragQueryFileW` `DragQueryPoint` `ShellExecuteExW`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.03082`
MD5	`ca4c1ef9d2863a4e3c4c9b5b82a36c35`
SHA1	`e244416d71a0d60fb0dde2f3a2ff5892a44b4579`
SHA256	`7fa28ee9684960ac6271192f6e0326794aa7100822f196fa38e8b1e2e951d017`
SHA3	`125df79c87c92b6566a87e5f6c3cfc13a61330e31826d86643c0c77c22d08943`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.48359`
MD5	`9556bd4298c7d94350ccf0de5057e8b9`
SHA1	`c23ae0ed0dcba1ff8d4648401c72a698c8d51a61`
SHA256	`d653b76a879cfd6bc7f603310976e945cfb2557b7c6a9f669c2e94f55c334b6f`
SHA3	`b982b7653886ebc51284422e874d57df02b824428f594b6b8739ea28d7c230c0`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67625`
MD5	`8cb361eec2a4f387188729597a370937`
SHA1	`aeb3943760f2c3a38a60d789d9d384d4ae20adce`
SHA256	`55aaa081c9250fcae459a58a381aa7de18f30c632ee94a6a1f5bf313ca7df125`
SHA3	`a0d58e0315f8b5c4bab9c15757ab8613c120df965538ea6f1721f4941742542a`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.18542`
MD5	`c1b5f048f232e30cc1b5feb2e269bba0`
SHA1	`308bce41344e2fd05eab6a54c18c38c993f25a85`
SHA256	`d4b39c3986854e69a299d3d3f9e5e17cc778f8c29799c9bdd501fac837dd6c70`
SHA3	`ba255cdab27e5e4d4c6df55ac39556ee8e0a40a7057848458f29d3999de13726`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2868`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.99307`
MD5	`fb9b50c593e48e8ba3496680a34e80ea`
SHA1	`d1f73907a30a8487bf0c15dd01c04239f17c4e83`
SHA256	`b22903d1f1dce4b0ea4d159d23aaa833fd2e46de650b8007d36433ef0428b86f`
SHA3	`d0cf3b352d3e7a3029c05090950d56d3d5c8588f68d6c30a0f97d570bd4ed7eb`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa068`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.98043`
MD5	`5a2724ee34660411412d218b46e9b496`
SHA1	`45b6bae1582a8bc78340400f623eda37e370e24e`
SHA256	`d3a1518416816d73b20a6a2e496547a7d9f9f2e04597b7a993ee05564f02e919`
SHA3	`1b4cae7896b09206c52bdf72140d621f8e2f4a07cf9b0013ee60af016b2d7014`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42256`
MD5	`2296c499cb4c96c1193dcc9ce5d0c29d`
SHA1	`0431446d563338578587a8a497d224408bf7cad9`
SHA256	`a0c90e4d44b4db2678cddb2f54d10f7913d76ca8b93e81ea5cb2437b52efb76f`
SHA3	`a395769a89629b4b9e911c5f88738dda4e0c4e17e6f155d2c47ec6db855c7248`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.6669`
MD5	`4cdcfb5948f91bc1744ec09427869890`
SHA1	`0e7384d4217219c1f0728ef62e0d9227ee996fc1`
SHA256	`b8a017ef7c0aaed9c7e0146140d66b4b481316d716649e567860530b04be1739`
SHA3	`e3badf17193b7ec416d3fb9472f336391e8b58594f88c0bbb00920f083bdc70e`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x298`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.67339`
MD5	`d089dfb18d89267efb9ec063c6a8b0b3`
SHA1	`02f4d4b5e04a473ac6127d7f534aeec6be287296`
SHA256	`ffe9d82c02a961b693f6af219fdfb7d3bb9f76cb835fda7d51b5796bf985a197`
SHA3	`d96a95bf1992b851b13d9a7c8d868d36db160dd9a190790f1760742430e94bbe`

10

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.87539`
MD5	`ff3c0dcb0a7c25466f6d28de8c926009`
SHA1	`d5b2b5d2149380e305ae70f7e6f33530c83a623a`
SHA256	`8c0bd26926dbaa273908694f5048e8918b9edcfcee6c61e0d401481df807ad09`
SHA3	`e7ff4a756731b25027b455c47d9474b28caefe4673b42f1d2f941794592e5764`

11

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.40315`
MD5	`7dc558f82dc20397c2317dcd1a1dffa9`
SHA1	`17c4179c0f9956f029c13860a9932fc40b8bee1c`
SHA256	`6aaed6f01f674414ea2b202db407683d2a4edb4ec7b89f678e10453ee63b9cae`
SHA3	`6c6432ec531b8b9a0e92c6f523226da9c4a862f8f0b568a6c28b5f8f0a82c8d3`

12

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.57201`
MD5	`0a3056e126cb236fdfe388a5dd6e7ce4`
SHA1	`4877828a2b64e6ccb045de492238a1d04f919b40`
SHA256	`85f2a4302287a25d2ff86dfda412f308e5111cd3cd069d61e25d781982d7a0fd`
SHA3	`b3c57859930d22fb59ade52822999a1144098df312f43f05e18d5d0926bd1faf`

13

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.07268`
MD5	`fbf1b8593bfb2b022845e7ef69a4d678`
SHA1	`ff38c2054eded48ef50dcc021a2de17731c09441`
SHA256	`becd48e78dfd6d84345e999b4a79987ab28842d418ff74cbebefc0d31b0f439e`
SHA3	`11ec23f093d0e125cf2da8eb47bf81dfcd30a58db26c6e580523249c20736867`

14

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2868`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.96786`
MD5	`12d795f4797fa6094a822f6cbc3da99f`
SHA1	`4c912a8eeee22ce679aeddf2d40abb25ebbb1f0d`
SHA256	`7ff5ffd9d57de005ba5cffc27c608ce8bc0d5885db8ccb407a2a4ba73c52fc4c`
SHA3	`7ba10d58bd15b0896ed268616f0ea5a837b3d506152daee8cc285ced07537f98`

15

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa068`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.95649`
MD5	`a16649437ae16a3657d36a8188910d63`
SHA1	`4e8d2a01efed1d75fde07eb4b23f76c8b2e70095`
SHA256	`c282d8bd14efb4f997c178dab6d9d2e4034026ef5b805a54a333155958581271`
SHA3	`c6f7dc53c3a939da90ce7dbf3ecce5c38e58c838c43159465d7e5c2f4ca21915`

16

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.79971`
MD5	`e302d1b6c1e12e2f9f66ecd448e0f9de`
SHA1	`5fc3ab8b728ac3e560cd9dfc3376c8fa1d0e1b43`
SHA256	`660ce19470d92b4a58bc22ec46697ec9f5ae452a9cc2b365b04f3fafa632f2a9`
SHA3	`af3599f7491aa34b7d2e62e6f99c8c6901d9b4479c3f4c53c2cecd56dd3339d9`

17

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.4298`
MD5	`003337b1fdfda9a9cfa6f2f61b120f51`
SHA1	`5a1f4a112e82f98a4d1146bcebab9915b5dc53ee`
SHA256	`47e56d163b6033c131686132dce5d324954ac1087a25f97a48c2dd5ddd4e5b80`
SHA3	`f818db2fb802ca260ba06e51ff5a312440c7deec8199ec25c85ae44eba7801d2`

18

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.68831`
MD5	`7f02142e85e8dc643fa134f952580b91`
SHA1	`6a5f7244c81d93470844c063fc915029a24baf79`
SHA256	`2c3869f7dfe0894c6f0f27e6301184c5a27617137fda2b2857f2c5b44b2c51dc`
SHA3	`21095c7d1d601abfedd8ff471537e6a92ac456bc1480d0fe2d01d77e99d48358`

19

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.0965`
MD5	`5c2da545975d3e9445f653264455fc90`
SHA1	`d968bfeffb3a34cbb97569413dd8aa9ef2e63c73`
SHA256	`5a9c6218f8029d04944f6bb02257efa318a2fbccdb2b9e904c5bee822c74f636`
SHA3	`e114813ae1f93bba1031aa5e040d24e29d7eb36360123c6cfbab770629a74517`

20

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2868`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.96159`
MD5	`bed115afe17d8eb3521677efb15c0f12`
SHA1	`7d277390c29e1fd5c75e7a758258b2c2d3d40a1c`
SHA256	`a0425e0ba57c3b74a1cb5a500036d8d97df5a72daa47cca1012e744c748d0c7d`
SHA3	`272df3375800d4ddecc6d881c666b9e06fcf16e9943492c2ed44d44a26246695`

21

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa068`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.95243`
MD5	`3c9c19c48a09f8d60ea61c030182ba53`
SHA1	`f664bf0b672b488f0fc9078f90c251d94c3002c1`
SHA256	`6a27907b84e16b20f64c0ee64f4431e9a66ba297974cec9afc2320bd6f8a7f36`
SHA3	`6be61836ad75703dfcbb942f5c562237eabeb5cafa669cfa0df43343dc58edfe`

0

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.15239`
Detected Filetype	Icon file
MD5	`2755ff3bbe62886b6cc8dc267149592c`
SHA1	`112750ffbef29cebf7f7525d687be1c053c53993`
SHA256	`851f153dffd16d95edfb074d47aa2c9950d563158d11de0906e3ab90d77877a8`
SHA3	`fe6af9ac1ecb172570e61431646d0986d660b352633d6c3547fc41caeac76fbe`

1 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.02533`
Detected Filetype	Icon file
MD5	`887eefe2443e752cb39ac079f0691bc0`
SHA1	`ef79530ddde29751034b254eef6fd62c1311c36b`
SHA256	`1c25ed7cffb27263402c06d5b6680c4187ce4795087c6dd93e491213189955a1`
SHA3	`17c471341c12274a23f5943b0d769b10054d37756332bcbcc1702dcbaf52de5b`

2 (#2)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.99723`
Detected Filetype	Icon file
MD5	`06d4a3d9e41205164416f142b16f16bf`
SHA1	`ce38bc51e65eb916305f3f94984cf2426ba3e689`
SHA256	`9aff48f7eb1772061cc895ce62764eb57ce709c872f713e25bd1915ed0f3e886`
SHA3	`77d99c46c12cf631977f0c94a566f512094a7acc436c77116a9e967120bfb02f`

1 (#3)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x338`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.42005`
MD5	`a8a9cfb734861536967b9ec5eb8320cd`
SHA1	`0786bea07309cc93c7c7c6fed25571170e8cc4d7`
SHA256	`0ffa4bdc4b89fa000ef3fa3c17edeaa6163e1f7c48df9a51b810a7f3c7a6eb7c`
SHA3	`63814652ec97c63cd9003ee903c4724a404f80f3f92a246944e04937df2189d9`

1 (#4)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x245`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.0696`
MD5	`479efaa605da08019a9eb5d669d9e979`
SHA1	`93dc246ddd97b527f363661390fbbb9f09444780`
SHA256	`21dfa47b1f0905e2d77f42ed80ef88876ac21f82e0cb50b57bda833724977ba4`
SHA3	`f2547b2355188c53a4c27176c9702c7b8f9a616ef9aa4775949bf9c319db0a7e`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.3.16.1
ProductVersion	1.3.16.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
Comments	https://www.aseprite.org/
CompanyName	Igara Studio S.A.
FileDescription	Aseprite
FileVersion (#2)	1,3,16,1
InternalName	aseprite
LegalCopyright	Copyright (C) 2001-2025 Igara Studio S.A.
OriginalFilename	aseprite.exe
ProductName	Aseprite
ProductVersion (#2)	1,3,16,1

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Dec-12 16:51:24
Version	`0.0`
SizeofData	`117`
AddressOfRawData	`0xe7a6fc`
PointerToRawData	`0xe798fc`
Referenced File	D:\a\distribution\distribution\builds\aseprite-release-1.3.16.1\build-trial\bin\aseprite.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Dec-12 16:51:24
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0xe7a774`
PointerToRawData	`0xe79974`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Dec-12 16:51:24
Version	`0.0`
SizeofData	`1072`
AddressOfRawData	`0xe7a788`
PointerToRawData	`0xe79988`

TLS Callbacks

StartAddressOfRawData	`0x127abc8`
EndAddressOfRawData	`0x127abe0`
AddressOfIndex	`0x1308e54`
AddressOfCallbacks	`0x10f4874`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0xc0`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x12d7a40`
SEHandlerTable	`0x1274a30`
SEHandlerCount	`5523`

RICH Header

XOR Key	`0x453890d6`
Unmarked objects	`0`
ASM objects (33145)	`69`
C++ objects (33145)	`218`
253 (35207)	`5`
ASM objects (35207)	`28`
C objects (35207)	`20`
C objects (33145)	`66`
C objects (CVTCIL) (33145)	`1`
C objects (35221)	`158`
Unmarked objects (#2)	`993`
Imports (33145)	`35`
Total imports	`432`
C++ objects (35221)	`747`
C++ objects (35207)	`100`
Resource objects (35221)	`1`
151	`1`
Linker (35221)	`1`

Errors

Leave a comment

No comments yet.