Manalyze report for f92c2241ed14773c41735d853590c6ed

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Oct-23 15:00:19
Detected languages	English - United States
Debug artifacts	D:\p4\compile_del07\del07\code\_out\x64\Release\Launcher.pdb
FileDescription	HITMAN 3 Launcher
FileVersion	`1.0.0.0`
LegalCopyright	© 2021 IO Interactive A/S
ProductName	HITMAN 3 Launcher
ProductVersion	`1.0.0.0`

Plugin Output

Info	Interesting strings found in the binary:	Contains domain names: 2-aia.verisign.com 2-crl.verisign.com 2009-2-aia.verisign.com 2009-2-crl.verisign.com adobe.com aia.verisign.com crl.verisign.com csc3-2009-2-aia.verisign.com csc3-2009-2-crl.verisign.com http://crl.verisign.com http://crl.verisign.com/ThawteTimestampingCA.crl0 http://crl.verisign.com/pca3.crl0 http://crl.verisign.com/tss-ca.crl0 http://csc3-2009-2-aia.verisign.com http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer0 http://csc3-2009-2-crl.verisign.com http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl0D http://iptc.org http://logo.verisign.com http://logo.verisign.com/vslogo.gif0 http://ns.adobe.com http://ns.adobe.com/tiff/1.0/ http://ns.adobe.com/xap/1.0/ http://ns.adobe.com/xap/1.0/mm/ http://ns.adobe.com/xap/1.0/sType/ResourceEvent# http://ns.adobe.com/xap/1.0/sType/ResourceRef# http://ns.useplus.org http://ns.useplus.org/ldf/xmp/1.0/ http://ocsp.verisign.com0 http://ocsp.verisign.com01 http://ocsp.verisign.com0? http://purl.org http://www.Linotype.com0 http://www.gimp.org http://www.gimp.org/xmp/ http://www.linotype.com http://www.linotype.com/fontdesignersNOTIFICATION http://www.linotype.com/licenseNeue http://www.linotype.comhttp http://www.w3.org http://www.w3.org/1999/02/22-rdf-syntax-ns# https://www.verisign.com https://www.verisign.com/cps0 https://www.verisign.com/rpa https://www.verisign.com/rpa0 linotype.com logo.verisign.com ns.adobe.com ns.useplus.org useplus.org verisign.com www.gimp.org www.linotype.com www.verisign.com www.w3.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA1`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryW GetProcAddress LoadLibraryExW` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot` `Can access the registry: RegCreateKeyExW RegSetValueExW RegQueryValueExW RegCloseKey RegQueryInfoKeyW RegEnumKeyExW RegOpenKeyExA RegGetValueW` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Uses functions commonly found in keyloggers: GetAsyncKeyState GetForegroundWindow` `Manipulates other processes: Process32FirstW Process32NextW OpenProcess` `Can take screenshots: GetDC BitBlt CreateCompatibleDC`
Malicious	The PE's digital signature is invalid.	`Signer: IO INTERACTIVE A\` `Issuer: GlobalSign GCC R45 CodeSigning CA 2020` `The file was modified after it was signed.`
Safe	VirusTotal score: 0/71 (Scanned on 2026-01-19 18:30:08)	`All the AVs think this file is safe.`

Hashes

MD5	`f92c2241ed14773c41735d853590c6ed`
SHA1	`14cf6d6e28111ab7fb1b1f5214f11987f609ced7`
SHA256	`8c7eb45fbaed6f9319eeb3b7e02132f6cfc318d213a4eb44a94fe2e779cbb558`
SHA3	`65a4e8eb18febbf57101ab1c9c1fe50bb491ea1eaef1e3111e2bebf094afd105`
SSDeep	`24576:N86tfl0gFnEGQe6gHkcsKb3Xrqk9aL/D+eg5kZE9VwG:iYfl0gFnEGQe6gHkcxnrPameAVj`
Imports Hash	`e8135d7021dd107ba48da383fafea21b`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x120`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2025-Oct-23 15:00:19
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x38600`
SizeOfInitializedData	`0xb7400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000001F924 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xf4000`
SizeOfHeaders	`0x400`
Checksum	`0xf1ad1`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`e22f4ae268589032050f89e041ddcbf2`
SHA1	`d85d70e4edc1202cf7abda9f62cbf976520d90c6`
SHA256	`1a7f89a764eba75482eb8d39bc037e000d958678c0a8c9352d36611f635a6ccc`
SHA3	`829d79558ec277fab4ece78a600110f4155cd663d28b97f187efbf11a954deb7`
VirtualSize	`0x3843f`
VirtualAddress	`0x1000`
SizeOfRawData	`0x38600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.45976`

.rdata

MD5	`5868c49787eaa6b413a338587ee483ec`
SHA1	`6546f93a7feecd5e1cc6f2450b4402ec9e2bc898`
SHA256	`8cd3255578bad1eaf8ba516e7ade15d7434ecba34a1a2f8db03708c290bcd7b5`
SHA3	`48bb6319820661ecd70a9cfa423b45dfab3455454ab64596dc8154868130da7f`
VirtualSize	`0x142f0`
VirtualAddress	`0x3a000`
SizeOfRawData	`0x14400`
PointerToRawData	`0x38a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.47654`

.data

MD5	`9c58009b95edb233238ff5a0c797ccde`
SHA1	`7b2950359a9f76faa32cac8b811606981810b387`
SHA256	`8dd7fb89536cc6719d79de559feac0f3840a3399e3eefdf84d5b41bcd868bcee`
SHA3	`7d07c6ef7d58929e2096664c1f61534ca5ffaa0ec14481ed7507b9fc5dcfc198`
VirtualSize	`0x10e80`
VirtualAddress	`0x4f000`
SizeOfRawData	`0x1600`
PointerToRawData	`0x4ce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.45931`

.pdata

MD5	`5e12d84be5cbe29613c33fd1bca271c7`
SHA1	`48220f427d6bd353669a3c61001d590b21dba630`
SHA256	`114d08b199a3606f94829bf152b7e957ea2417da3c6c922abdf2eb7c94fdcbe8`
SHA3	`d9b4f9005ab9f265a6605330ea924af30396db2bd030a72e8d6f8f7105fd3878`
VirtualSize	`0x23f4`
VirtualAddress	`0x60000`
SizeOfRawData	`0x2400`
PointerToRawData	`0x4e400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.61123`

_RDATA

MD5	`87eecf67cba0d4a98e16cc7951b39545`
SHA1	`3c17fc63f3f88bf906e01e86b6533329020a2392`
SHA256	`c6c392926ab8b69cafd1aebd730667ccaee1b8fb5e670eccaee18cb939689318`
SHA3	`81ee890f5e19c43ed40a9377c61b32e6a230f4b6adf56e6ede5372273ccbad29`
VirtualSize	`0xfc`
VirtualAddress	`0x63000`
SizeOfRawData	`0x200`
PointerToRawData	`0x50800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.45365`

.rsrc

MD5	`7a43512ac248ffb2f2a558e6c46a98a2`
SHA1	`51c15b192af9baa727777f986b0a05ce8d8f5567`
SHA256	`91c5e98c6ce2bcabffab66c6946a53b3a01e6164394f1cbde006b1a59c805695`
SHA3	`38fb9ee83788ac41bb9adef1331409de55ad1ab8491c1aa10a311dc55fc0ad52`
VirtualSize	`0x8ee88`
VirtualAddress	`0x64000`
SizeOfRawData	`0x8f000`
PointerToRawData	`0x50a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.08339`

.reloc

MD5	`7d64d4272eeeeb1201331d19429d4060`
SHA1	`1a3418ddf91164565eac303405fa47e708816825`
SHA256	`bb11f2138989a7023294148108bcfc5a0693034dfb67703e06b976a3edb58888`
SHA3	`4101ae6398dd5a7310d68336ca2ca27c1e84cc294ee848b3888ce8d6e0942f07`
VirtualSize	`0x818`
VirtualAddress	`0xf3000`
SizeOfRawData	`0xa00`
PointerToRawData	`0xdfa00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.94145`

Imports

WINMM.dll	`joyGetPosEx`
KERNEL32.dll	`LoadLibraryW` `ExitProcess` `GetCurrentProcessId` `GlobalMemoryStatusEx` `CreateProcessW` `GetModuleHandleW` `WideCharToMultiByte` `CreateRemoteThread` `SetThreadErrorMode` `SetDllDirectoryW` `GetExitCodeProcess` `SetEndOfFile` `HeapReAlloc` `HeapSize` `ReadConsoleW` `ReadFile` `FlushFileBuffers` `GetProcessHeap` `LCMapStringW` `GetStringTypeW` `SetStdHandle` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `GetCommandLineW` `GetCommandLineA` `GetCPInfo` `GetOEMCP` `GetACP` `GetSystemInfo` `FindNextFileW` `FindFirstFileExW` `FindClose` `SetFilePointerEx` `GetConsoleMode` `GetConsoleOutputCP` `GetFileType` `HeapAlloc` `HeapFree` `WriteFile` `GetStdHandle` `GetModuleHandleExW` `TlsFree` `TlsSetValue` `TlsGetValue` `TlsAlloc` `RtlUnwindEx` `RaiseException` `RtlPcToFileHeader` `TerminateProcess` `IsProcessorFeaturePresent` `GetStartupInfoW` `UnhandledExceptionFilter` `IsDebuggerPresent` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `RtlCaptureContext` `InitializeSListHead` `GetSystemTimeAsFileTime` `GetCurrentThreadId` `QueryPerformanceCounter` `CloseHandle` `Process32FirstW` `Process32NextW` `FormatMessageW` `Sleep` `MultiByteToWideChar` `CreateToolhelp32Snapshot` `OpenProcess` `GetFileAttributesW` `WaitForSingleObject` `SetErrorMode` `K32GetModuleFileNameExW` `GetCurrentProcess` `SetUnhandledExceptionFilter` `GetUserDefaultUILanguage` `SetEnvironmentVariableW` `GetLastError` `FreeLibrary` `GetProcAddress` `FindResourceW` `LoadResource` `LockResource` `SizeofResource` `WriteConsoleW` `IsValidCodePage` `CreateEventW` `WaitForSingleObjectEx` `ResetEvent` `SetEvent` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `GetFullPathNameW` `VerSetConditionMask` `VerifyVersionInfoW` `GetModuleFileNameA` `LoadLibraryExW` `GetModuleFileNameW` `LocalFree` `SetLastError` `CreateFileW` `EnterCriticalSection` `LeaveCriticalSection` `InitializeCriticalSection` `LocalAlloc` `GetSystemDirectoryW`
USER32.dll	`FillRect` `GetFocus` `EnableWindow` `InvalidateRect` `GetSysColor` `UpdateWindow` `ReleaseDC` `GetDC` `DrawTextW` `SetWindowTextW` `SendMessageW` `EndPaint` `TrackMouseEvent` `IsDialogMessageW` `MoveWindow` `GetWindowThreadProcessId` `CharUpperW` `IsWindowVisible` `PeekMessageW` `IsWindowEnabled` `EnumWindows` `SetCursor` `SetForegroundWindow` `CharUpperA` `GetActiveWindow` `MessageBoxW` `GetMessageW` `DefWindowProcW` `MonitorFromPoint` `GetWindowRect` `UnregisterClassW` `RegisterClassExW` `ShowWindow` `GetAsyncKeyState` `DispatchMessageW` `SetTimer` `RedrawWindow` `GetMonitorInfoW` `ClientToScreen` `GetTopWindow` `GetForegroundWindow` `AdjustWindowRect` `TranslateMessage` `LoadIconW` `LoadCursorW` `SetCapture` `PostQuitMessage` `ReleaseCapture` `GetCursorPos` `GetWindowLongW` `SetScrollInfo` `SetFocus` `SetScrollPos` `ScrollWindow` `SetWindowPos` `CallWindowProcW` `DestroyWindow` `SetWindowLongPtrW` `CreateWindowExW` `BeginPaint`
GDI32.dll	`CreateCompatibleBitmap` `SetBkColor` `BitBlt` `CreateCompatibleDC` `DeleteDC` `AddFontMemResourceEx` `AddFontResourceExW` `CreateFontW` `SetDCBrushColor` `SelectObject` `GetStockObject` `SetTextColor` `SetBkMode` `CreateDIBSection` `GetObjectW` `DeleteObject`
ADVAPI32.dll	`RegCreateKeyExW` `RegSetValueExW` `RegQueryValueExW` `RegCloseKey` `RegQueryInfoKeyW` `RegEnumKeyExW` `RegOpenKeyExA` `RegGetValueW`
SHELL32.dll	`ShellExecuteW`
ole32.dll	`CoInitializeEx` `CoUninitialize` `CoCreateInstance`
dxgi.dll	`CreateDXGIFactory`
MSIMG32.dll	`AlphaBlend`
UxTheme.dll	`DrawThemeBackground` `OpenThemeData`
VERSION.dll	`GetFileVersionInfoSizeW` `VerQueryValueW` `GetFileVersionInfoW`
d3d12.dll	`#101`

Delayed Imports

AmdPowerXpressRequestHighPerformance

Ordinal	`1`
Address	`0x4fd34`

NvOptimusEnablement

Ordinal	`2`
Address	`0x4fd30`

100

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4d0d4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.00238`
Detected Filetype	TrueType font file
MD5	`f7b5f616ce54bc6b29493ab4b8686ba9`
SHA1	`c4176c89f59e2cf3f0ee35bae7a4522197d311e4`
SHA256	`60f3162bf79c3cb6d54802144cd3ded773c4a437ad2d590daeebea73729e556e`
SHA3	`2e93e79025fdb13880acf6e46f54711d9adb00d5cd03aa652ff672b5a2bf1d0c`

120

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22843`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99253`
Detected Filetype	PNG graphic file
MD5	`94bbde16568df5bd48caac324a49409c`
SHA1	`7e0d0076a55e8a6ad1f0a86b7f3051dea4bcd7f4`
SHA256	`10f35aad55c093b1d5143a4740d3c92d51bea1e8af56d948c5ab97fa058c05de`
SHA3	`d4fea4560dda594d7062a3c656ca5733fd0ab3d49600c622d6f21a4018694e58`

121

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x29f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.48872`
Detected Filetype	PNG graphic file
MD5	`58b6670e8953414c20fedde22f5d0405`
SHA1	`124c5fa35cb62be2418997a778f5ec9f0c05d5d1`
SHA256	`1d7805a42c18165e6dc020ef046caa377e2859859acab08bd1827e88b7b04dfa`
SHA3	`b99a80b48f05c6298d7c95a3cfbb4d52d16fe588bf7638509a1857594d0062d6`

122

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3a1`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.51259`
Detected Filetype	PNG graphic file
MD5	`f183691060b3cf3203eb61b19e98d09a`
SHA1	`b1d85d4e856beba8734be95421aa4da466434b59`
SHA256	`8f5dbda8060a9679714695e72aaf5f7cb2cd4f5fffacfbdf28c8b977f348c2c0`
SHA3	`450171a58d147381b13130afa0edceb39c9be4bfef2b86262e528627ece6c172`

123

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x304`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.49078`
Detected Filetype	PNG graphic file
MD5	`3ea3dc659dea981e0ac0fb7a9502bcfc`
SHA1	`b1160e0011790938377569cd68b6e81653e52297`
SHA256	`dbe988d93edb619ebd25b4e889a8014add885db5a701c32544315c35a8e7dc50`
SHA3	`08cb39dafd1d2a19ee7b3db5c9e4e66839bdd8564707a78e10562a32eb002119`

124

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8ca5`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98944`
Detected Filetype	PNG graphic file
MD5	`c80d5a82d07a1d4c6e0cd05ea41bff0c`
SHA1	`a3b54bd417cfd621906380d27a817b8df63f71e3`
SHA256	`3b3e69f181e8a0a7a945cf7bd2134baf157b2e49d7536ba9363d90f037cbcd08`
SHA3	`03daa5fc80e8985b6c1352a43273c4fed31de78253edc6f20fda0294e8e8ca0b`

125

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0xa5d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.86151`
Detected Filetype	PNG graphic file
MD5	`4a0818c6524b3266bd9a2230359223e1`
SHA1	`4ca5547d48fbd989bc5711a713eb1dc6be1ca189`
SHA256	`06dd9de27c3094392b4925e81764d7d013d28b3922ef0bcf19a961c0994315c9`
SHA3	`8243a8e328c383ec871c8a77b54d75e8943644237e84cfb9f421906158deb397`

126

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1672`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.24954`
Detected Filetype	PNG graphic file
MD5	`07e93d9a6406315757dce48a24c571ec`
SHA1	`dc6789c28fa2f17d14fc85209aa7358971511c9e`
SHA256	`61206cca47eca06e96eaccad222d638431a8a584ad84ab3df83f3f9504cad203`
SHA3	`be6aa91722720869da69b7a102879c290489b506480d7728dde07f719051438a`

127

Type	`BINARY`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1642`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.22635`
Detected Filetype	PNG graphic file
MD5	`4f65336149804cdf6372de06394eaddc`
SHA1	`535774023d89b22f1c3c7a38d63ba0951161fb32`
SHA256	`827b4a5a40e3119dc4cfbb76170df09d821af254669be98c37250d5652cfe025`
SHA3	`3286d393f504fd8fdad6aedb5c6231baf194b9d495e7beffc8d6f907d8262862`

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xc532`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.98713`
Detected Filetype	PNG graphic file
MD5	`e0575d4cc0fac5807ad636d2ff3abb43`
SHA1	`9758c60dcfe84c67cf8d8855e5ef70210e4e1661`
SHA256	`9bd79361354acf40d7f84f40f586fbba453b87305ef398ad1515ff667dc86b48`
SHA3	`5f5c5ec30a6b00322abbd03a954245b8de5d67305385f56d9fe09d4f555ca56c`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.36244`
MD5	`5ea693593ca51f7ba67dca520025f0d5`
SHA1	`7cd32785c1d8703abb5a70a410f2d79e89c830cb`
SHA256	`eeb6189f224394f4307a4dd38d824db048ac5367daeaeffaad67b4d0ff0241c1`
SHA3	`fcbcadd5980aa136930f789f0b25630b5f86816105118b5cdf2d7ff7dfee0ac5`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.5765`
MD5	`b2b9d5d022017dfec01bf598a1e87ea3`
SHA1	`f90e377780b60f79e8d8b154da3e4019de5dcce4`
SHA256	`4e73eb968fd89807b4df7ed27c8d0b6300bbba7c3079235f887cb75ada0552d3`
SHA3	`c486b63f8a7c9fae20633a9e063c5fc8759d1ebab8a08f9b534e515109068721`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.51556`
MD5	`78d10409403b35788b99af69ce0a6acb`
SHA1	`593db9b7308f81e23fa3bcc5e3e52b5f5d5daa35`
SHA256	`039449b470d572c1401680f58768188668170038c337223b51fb6feee28cc451`
SHA3	`a326c4e5483d070a5059c2b8469eb4cbecd321ce7569aae16d9943ab103cc1b8`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.00992`
MD5	`be452d3e6d17bed23b5769e47287cfd0`
SHA1	`93ea6c0a75548bf44bfceabf731f3ba0308b959e`
SHA256	`8f44cc8ff2a8cde267cc8dda95911bf55b8c1e8a493482c63690eef294531e88`
SHA3	`6175c047b2171bad77b5ba9ac6190d5abaebc43265bd00e173e0622fd32e8d16`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.39995`
MD5	`7d3ef4e713f8a19cff633ed6757bf772`
SHA1	`065dea6a8a5b4f757934ee5c27708050d3efc564`
SHA256	`60ebabde771bdf857d501788325d5d37234f424b109f0a4207d0440c05c25044`
SHA3	`c5543c352a25a0a8a4cdbe675d08fe2afd9e2af5e91d25648d999905716a653b`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.43779`
MD5	`08e5cd8b54bebf731e102a4ec1fdc82a`
SHA1	`90aa6f8923aa65466ba462ddc075890b523086c3`
SHA256	`6b831b13292caf087c138de1d085af9e9521c5469bfba58e32658293b81a4d92`
SHA3	`59c3c972d8303df894b26d00b4fb310468e65618c19100734c28872764aa35d3`

140

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x68`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71858`
Detected Filetype	Icon file
MD5	`eb01cda929828b635d403aa0dd4e3b1f`
SHA1	`dcc7a708dbbf9bc2455a8612909680e9a8f6d49a`
SHA256	`8984780fbcf95e5411bd5ef010bc8de76a8d9339b6edc6dfab3825944585b6bd`
SHA3	`a76cd8fabdf608be2a736b27a1eee6e0953b39f00b3453331d07fe49566cb3d2`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.36033`
MD5	`e78e7a608671d1af946d314e9da21833`
SHA1	`f70cc1994b8d8fa52b229ccf8e0280831fe7f48f`
SHA256	`f613df6cc77d293621d5db8e47802b460475640b3e62e2efd34b688963b8e3b5`
SHA3	`de6ed26beab884b4d02b5f7989418535beefe0ea6abf47bdf02cefdc8e2215c1`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4e5`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.3302`
MD5	`db43a9f93c002a08368c9e31fdad03d8`
SHA1	`0701cc86a546ba7e85b2c886c5e7608f797a6d98`
SHA256	`8b8b835240ee378450a6defb1accb948f379ba391efc901b01f5034e3577b59d`
SHA3	`d1e96eecb9f34bb732d5fe27b2464490c8c922a0593627501e080fcf95b45b6e`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
FileDescription	HITMAN 3 Launcher
FileVersion (#2)	1.0.0.0
LegalCopyright	© 2021 IO Interactive A/S
ProductName	HITMAN 3 Launcher
ProductVersion (#2)	1.0.0.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2025-Oct-23 15:00:19
Version	`0.0`
SizeofData	`85`
AddressOfRawData	`0x493cc`
PointerToRawData	`0x47dcc`
Referenced File	D:\p4\compile_del07\del07\code\_out\x64\Release\Launcher.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2025-Oct-23 15:00:19
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x49424`
PointerToRawData	`0x47e24`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Oct-23 15:00:19
Version	`0.0`
SizeofData	`1000`
AddressOfRawData	`0x49438`
PointerToRawData	`0x47e38`

TLS Callbacks

StartAddressOfRawData	`0x140049840`
EndAddressOfRawData	`0x140049848`
AddressOfIndex	`0x140052810`
AddressOfCallbacks	`0x14003a7b0`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14004f078`

RICH Header

XOR Key	`0x7382daab`
Unmarked objects	`0`
ASM objects (27412)	`6`
C++ objects (27412)	`153`
C objects (30034)	`19`
ASM objects (30034)	`10`
C++ objects (30034)	`45`
C++ objects (VS2008 SP1 build 30729)	`1`
C objects (VS2008 SP1 build 30729)	`1`
C objects (27412)	`13`
Imports (27412)	`25`
Total imports	`220`
C++ objects (LTCG) (30154)	`20`
Exports (30154)	`1`
Resource objects (30154)	`1`
151	`1`
Linker (30154)	`1`

f92c2241ed14773c41735d853590c6ed

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

_RDATA

.rsrc

.reloc

Imports

Delayed Imports

AmdPowerXpressRequestHighPerformance

NvOptimusEnablement

100

120

121

122

123

124

125

126

127

1

2

3

4

5

6

7

140

1 (#2)

1 (#3)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

TLS Callbacks

Load Configuration

RICH Header

Errors