PEFileInfo: 4af6611b41fe78624e630724a0ea2fd1

FileName: 103039_4af6611b41fe78624e630724a0ea2fd1.exe
Size : 103039
Md5 : 4af6611b41fe78624e630724a0ea2fd1
PEiD : None
Virus Total Result:
TheHacker -> Trojan/Agent.gen
NOD32 -> LNK/URL.B
Norman -> W32/Suspicious_Gen4.AGTZW
ClamAV -> PUA.IRC-Client.mIRC-37
Kaspersky -> not-a-virus:AdWare.WinLNK.Clicker.c
Emsisoft -> Riskware.AdWare.WinLNK!IK
Comodo -> Heur.Packed.Unknown
AntiVir -> Adware/WinLNK.Clicker.c.78
Antiy-AVL -> Trojan/win32.agent
Ikarus -> not-a-virus:AdWare.WinLNK
Fortinet -> Adware/WinLNK_Clicker

FileInfo:
----------DOS_HEADER----------

[IMAGE_DOS_HEADER]
0x0 0x0 e_magic: 0x5A4D
0x2 0x2 e_cblp: 0x50
0x4 0x4 e_cp: 0x2
0x6 0x6 e_crlc: 0x0
0x8 0x8 e_cparhdr: 0x4
0xA 0xA e_minalloc: 0xF
0xC 0xC e_maxalloc: 0xFFFF
0xE 0xE e_ss: 0x0
0x10 0x10 e_sp: 0xB8
0x12 0x12 e_csum: 0x0
0x14 0x14 e_ip: 0x0
0x16 0x16 e_cs: 0x0
0x18 0x18 e_lfarlc: 0x40
0x1A 0x1A e_ovno: 0x1A
0x1C 0x1C e_res:
0x24 0x24 e_oemid: 0x0
0x26 0x26 e_oeminfo: 0x0
0x28 0x28 e_res2:
0x3C 0x3C e_lfanew: 0x200

----------NT_HEADERS----------

[IMAGE_NT_HEADERS]
0x200 0x0 Signature: 0x4550

----------FILE_HEADER----------

[IMAGE_FILE_HEADER]
0x204 0x0 Machine: 0x14C
0x206 0x2 NumberOfSections: 0x4
0x208 0x4 TimeDateStamp: 0x45084BDE [Wed Sep 13 18:20:14 2006 UTC]
0x20C 0x8 PointerToSymbolTable: 0x0
0x210 0xC NumberOfSymbols: 0x0
0x214 0x10 SizeOfOptionalHeader: 0xE0
0x216 0x12 Characteristics: 0x10F
Flags: IMAGE_FILE_LOCAL_SYMS_STRIPPED, IMAGE_FILE_32BIT_MACHINE, IMAGE_FILE_EXECUTABLE_IMAGE, IMAGE_FILE_LINE_NUMS_STRIPPED, IMAGE_FILE_RELOCS_STRIPPED

----------OPTIONAL_HEADER----------

[IMAGE_OPTIONAL_HEADER]
0x218 0x0 Magic: 0x10B
0x21A 0x2 MajorLinkerVersion: 0x5
0x21B 0x3 MinorLinkerVersion: 0x0
0x21C 0x4 SizeOfCode: 0x13000
0x220 0x8 SizeOfInitializedData: 0x7000
0x224 0xC SizeOfUninitializedData: 0x0
0x228 0x10 AddressOfEntryPoint: 0x1000
0x22C 0x14 BaseOfCode: 0x1000
0x230 0x18 BaseOfData: 0x14000
0x234 0x1C ImageBase: 0x400000
0x238 0x20 SectionAlignment: 0x1000
0x23C 0x24 FileAlignment: 0x200
0x240 0x28 MajorOperatingSystemVersion: 0x4
0x242 0x2A MinorOperatingSystemVersion: 0x0
0x244 0x2C MajorImageVersion: 0x0
0x246 0x2E MinorImageVersion: 0x0
0x248 0x30 MajorSubsystemVersion: 0x4
0x24A 0x32 MinorSubsystemVersion: 0x0
0x24C 0x34 Reserved1: 0x0
0x250 0x38 SizeOfImage: 0x20000
0x254 0x3C SizeOfHeaders: 0x400
0x258 0x40 CheckSum: 0x0
0x25C 0x44 Subsystem: 0x2
0x25E 0x46 DllCharacteristics: 0x0
0x260 0x48 SizeOfStackReserve: 0x100000
0x264 0x4C SizeOfStackCommit: 0x2000
0x268 0x50 SizeOfHeapReserve: 0x100000
0x26C 0x54 SizeOfHeapCommit: 0x1000
0x270 0x58 LoaderFlags: 0x0
0x274 0x5C NumberOfRvaAndSizes: 0x10
DllCharacteristics:

----------PE Sections----------

[IMAGE_SECTION_HEADER]
0x2F8 0x0 Name: .text
0x300 0x8 Misc: 0x13000
0x300 0x8 Misc_PhysicalAddress: 0x13000
0x300 0x8 Misc_VirtualSize: 0x13000
0x304 0xC VirtualAddress: 0x1000
0x308 0x10 SizeOfRawData: 0x12E00
0x30C 0x14 PointerToRawData: 0x600
0x310 0x18 PointerToRelocations: 0x0
0x314 0x1C PointerToLinenumbers: 0x0
0x318 0x20 NumberOfRelocations: 0x0
0x31A 0x22 NumberOfLinenumbers: 0x0
0x31C 0x24 Characteristics: 0x60000020
Flags: IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Entropy: 6.467879 (Min=0.0, Max=8.0)
MD5 hash: 1d4618da7a4f5e7c206b4514d99c02cc
SHA-1 hash: 2e1d32bcb88cf11c72d027a1dd0498c32f5ff702
SHA-256 hash: 7afaa91ad34a9d6815a2204109235e7073556817b8f3288629a100d3ea1c1cc4
SHA-512 hash: 326a18bacb614b1610b2f76918f77880af481f10a90fd759df784f13ef069869cff2562ff39946f7febe52d3133a5577283be0bb0ba4536752b8dafbcb21353b

[IMAGE_SECTION_HEADER]
0x320 0x0 Name: .data
0x328 0x8 Misc: 0x7000
0x328 0x8 Misc_PhysicalAddress: 0x7000
0x328 0x8 Misc_VirtualSize: 0x7000
0x32C 0xC VirtualAddress: 0x14000
0x330 0x10 SizeOfRawData: 0xA00
0x334 0x14 PointerToRawData: 0x13400
0x338 0x18 PointerToRelocations: 0x0
0x33C 0x1C PointerToLinenumbers: 0x0
0x340 0x20 NumberOfRelocations: 0x0
0x342 0x22 NumberOfLinenumbers: 0x0
0x344 0x24 Characteristics: 0xC0000040
Flags: IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
Entropy: 4.756219 (Min=0.0, Max=8.0)
MD5 hash: 030369e9393240e022bc421ed04dc685
SHA-1 hash: e008cd506baa5ffeb9eedcf47c10de99523b5dbc
SHA-256 hash: a65bd22e2f6b9220dc30dd01c4544984352d26cc64f54340c90a64f28e09e810
SHA-512 hash: 0450e795b3c26a28e65c82946ae5001c015f3a612b9c539edd1d65ca770b73259a48f85bb4e7d8e08a847995c234b20e8b0f24db2daf6f9754fb51ff30fb2d28

[IMAGE_SECTION_HEADER]
0x348 0x0 Name: .idata
0x350 0x8 Misc: 0x1000
0x350 0x8 Misc_PhysicalAddress: 0x1000
0x350 0x8 Misc_VirtualSize: 0x1000
0x354 0xC VirtualAddress: 0x1B000
0x358 0x10 SizeOfRawData: 0x1000
0x35C 0x14 PointerToRawData: 0x13E00
0x360 0x18 PointerToRelocations: 0x0
0x364 0x1C PointerToLinenumbers: 0x0
0x368 0x20 NumberOfRelocations: 0x0
0x36A 0x22 NumberOfLinenumbers: 0x0
0x36C 0x24 Characteristics: 0x40000040
Flags: IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
Entropy: 5.053993 (Min=0.0, Max=8.0)
MD5 hash: c274ffd22986d8fbe298e4856812e616
SHA-1 hash: 214ff8bbfa09bc39defc91c7c660c11af551f794
SHA-256 hash: 47ea199be37258d17f6b291308a5c500449391182f29fde5d8ee900487f55d3d
SHA-512 hash: ea2bf5563ac7a83a0e611077e7e239d15b3e28b9189f8e1ca2a6a0c64df79ffd349f240ccc1a23e543043cede8eb19af3887e7c4bde1e23530eb92580b599cca

[IMAGE_SECTION_HEADER]
0x370 0x0 Name: .rsrc
0x378 0x8 Misc: 0x4000
0x378 0x8 Misc_PhysicalAddress: 0x4000
0x378 0x8 Misc_VirtualSize: 0x4000
0x37C 0xC VirtualAddress: 0x1C000
0x380 0x10 SizeOfRawData: 0x3C00
0x384 0x14 PointerToRawData: 0x14E00
0x388 0x18 PointerToRelocations: 0x0
0x38C 0x1C PointerToLinenumbers: 0x0
0x390 0x20 NumberOfRelocations: 0x0
0x392 0x22 NumberOfLinenumbers: 0x0
0x394 0x24 Characteristics: 0x40000040
Flags: IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
Entropy: 4.588117 (Min=0.0, Max=8.0)
MD5 hash: 9ad436b47cd2be62e6aaa82236e585ee
SHA-1 hash: b8653780b5f789bfa1f64ab2dd7685af2db9835c
SHA-256 hash: 0ad7c86e18d4147965b2bdc8fd3fdfdca43cc117bf145f25168346b4e6203738
SHA-512 hash: 3998148d0a06edc66f0d9675a22381af61b29079f43675998f0fd4d78ea26a186d2bd01cbbbac4032f19726ae93dbb8b04c8aff639c6e071bdfb17885a11a5c6

----------Directories----------

[IMAGE_DIRECTORY_ENTRY_EXPORT]
0x278 0x0 VirtualAddress: 0x0
0x27C 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_IMPORT]
0x280 0x0 VirtualAddress: 0x1B000
0x284 0x4 Size: 0xFB5
[IMAGE_DIRECTORY_ENTRY_RESOURCE]
0x288 0x0 VirtualAddress: 0x1C000
0x28C 0x4 Size: 0x3C00
[IMAGE_DIRECTORY_ENTRY_EXCEPTION]
0x290 0x0 VirtualAddress: 0x0
0x294 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_SECURITY]
0x298 0x0 VirtualAddress: 0x0
0x29C 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_BASERELOC]
0x2A0 0x0 VirtualAddress: 0x0
0x2A4 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_DEBUG]
0x2A8 0x0 VirtualAddress: 0x0
0x2AC 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_COPYRIGHT]
0x2B0 0x0 VirtualAddress: 0x0
0x2B4 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_GLOBALPTR]
0x2B8 0x0 VirtualAddress: 0x0
0x2BC 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_TLS]
0x2C0 0x0 VirtualAddress: 0x0
0x2C4 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG]
0x2C8 0x0 VirtualAddress: 0x0
0x2CC 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT]
0x2D0 0x0 VirtualAddress: 0x0
0x2D4 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_IAT]
0x2D8 0x0 VirtualAddress: 0x0
0x2DC 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT]
0x2E0 0x0 VirtualAddress: 0x0
0x2E4 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR]
0x2E8 0x0 VirtualAddress: 0x0
0x2EC 0x4 Size: 0x0
[IMAGE_DIRECTORY_ENTRY_RESERVED]
0x2F0 0x0 VirtualAddress: 0x0
0x2F4 0x4 Size: 0x0

----------Imported symbols----------

[IMAGE_IMPORT_DESCRIPTOR]
0x13E00 0x0 OriginalFirstThunk: 0x1B0B4
0x13E00 0x0 Characteristics: 0x1B0B4
0x13E04 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x13E08 0x8 ForwarderChain: 0x0
0x13E0C 0xC Name: 0x1B584
0x13E10 0x10 FirstThunk: 0x1B0E0

ADVAPI32.DLL.AdjustTokenPrivileges Hint[0]
ADVAPI32.DLL.LookupPrivilegeValueA Hint[0]
ADVAPI32.DLL.OpenProcessToken Hint[0]
ADVAPI32.DLL.RegCloseKey Hint[0]
ADVAPI32.DLL.RegCreateKeyExA Hint[0]
ADVAPI32.DLL.RegOpenKeyExA Hint[0]
ADVAPI32.DLL.RegQueryValueExA Hint[0]
ADVAPI32.DLL.RegSetValueExA Hint[0]
ADVAPI32.DLL.SetFileSecurityA Hint[0]
ADVAPI32.DLL.SetFileSecurityW Hint[0]

[IMAGE_IMPORT_DESCRIPTOR]
0x13E14 0x0 OriginalFirstThunk: 0x1B10C
0x13E14 0x0 Characteristics: 0x1B10C
0x13E18 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x13E1C 0x8 ForwarderChain: 0x0
0x13E20 0xC Name: 0x1B591
0x13E24 0x10 FirstThunk: 0x1B21C

KERNEL32.DLL.CloseHandle Hint[0]
KERNEL32.DLL.CompareStringA Hint[0]
KERNEL32.DLL.CreateDirectoryA Hint[0]
KERNEL32.DLL.CreateDirectoryW Hint[0]
KERNEL32.DLL.CreateFileA Hint[0]
KERNEL32.DLL.CreateFileW Hint[0]
KERNEL32.DLL.DeleteFileA Hint[0]
KERNEL32.DLL.DeleteFileW Hint[0]
KERNEL32.DLL.DosDateTimeToFileTime Hint[0]
KERNEL32.DLL.ExitProcess Hint[0]
KERNEL32.DLL.ExpandEnvironmentStringsA Hint[0]
KERNEL32.DLL.FileTimeToLocalFileTime Hint[0]
KERNEL32.DLL.FileTimeToSystemTime Hint[0]
KERNEL32.DLL.FindClose Hint[0]
KERNEL32.DLL.FindFirstFileA Hint[0]
KERNEL32.DLL.FindFirstFileW Hint[0]
KERNEL32.DLL.FindNextFileA Hint[0]
KERNEL32.DLL.FindNextFileW Hint[0]
KERNEL32.DLL.FindResourceA Hint[0]
KERNEL32.DLL.FreeLibrary Hint[0]
KERNEL32.DLL.GetCPInfo Hint[0]
KERNEL32.DLL.GetCommandLineA Hint[0]
KERNEL32.DLL.GetCurrentDirectoryA Hint[0]
KERNEL32.DLL.GetCurrentProcess Hint[0]
KERNEL32.DLL.GetDateFormatA Hint[0]
KERNEL32.DLL.GetFileAttributesA Hint[0]
KERNEL32.DLL.GetFileAttributesW Hint[0]
KERNEL32.DLL.GetFileType Hint[0]
KERNEL32.DLL.GetFullPathNameA Hint[0]
KERNEL32.DLL.GetLastError Hint[0]
KERNEL32.DLL.GetLocaleInfoA Hint[0]
KERNEL32.DLL.GetModuleFileNameA Hint[0]
KERNEL32.DLL.GetModuleHandleA Hint[0]
KERNEL32.DLL.GetNumberFormatA Hint[0]
KERNEL32.DLL.GetProcAddress Hint[0]
KERNEL32.DLL.GetProcessHeap Hint[0]
KERNEL32.DLL.GetStdHandle Hint[0]
KERNEL32.DLL.GetTempPathA Hint[0]
KERNEL32.DLL.GetTickCount Hint[0]
KERNEL32.DLL.GetTimeFormatA Hint[0]
KERNEL32.DLL.GetVersionExA Hint[0]
KERNEL32.DLL.GlobalAlloc Hint[0]
KERNEL32.DLL.HeapAlloc Hint[0]
KERNEL32.DLL.HeapFree Hint[0]
KERNEL32.DLL.HeapReAlloc Hint[0]
KERNEL32.DLL.IsDBCSLeadByte Hint[0]
KERNEL32.DLL.LoadLibraryA Hint[0]
KERNEL32.DLL.LocalFileTimeToFileTime Hint[0]
KERNEL32.DLL.MoveFileA Hint[0]
KERNEL32.DLL.MoveFileExA Hint[0]
KERNEL32.DLL.MultiByteToWideChar Hint[0]
KERNEL32.DLL.ReadFile Hint[0]
KERNEL32.DLL.SetCurrentDirectoryA Hint[0]
KERNEL32.DLL.SetEndOfFile Hint[0]
KERNEL32.DLL.SetEnvironmentVariableA Hint[0]
KERNEL32.DLL.SetFileAttributesA Hint[0]
KERNEL32.DLL.SetFileAttributesW Hint[0]
KERNEL32.DLL.SetFilePointer Hint[0]
KERNEL32.DLL.SetFileTime Hint[0]
KERNEL32.DLL.SetLastError Hint[0]
KERNEL32.DLL.Sleep Hint[0]
KERNEL32.DLL.SystemTimeToFileTime Hint[0]
KERNEL32.DLL.WaitForSingleObject Hint[0]
KERNEL32.DLL.WideCharToMultiByte Hint[0]
KERNEL32.DLL.WriteFile Hint[0]
KERNEL32.DLL.lstrcmpiA Hint[0]
KERNEL32.DLL.lstrlenA Hint[0]

[IMAGE_IMPORT_DESCRIPTOR]
0x13E28 0x0 OriginalFirstThunk: 0x1B32C
0x13E28 0x0 Characteristics: 0x1B32C
0x13E2C 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x13E30 0x8 ForwarderChain: 0x0
0x13E34 0xC Name: 0x1B59E
0x13E38 0x10 FirstThunk: 0x1B334

COMCTL32.DLL Ordinal[17] (Imported by Ordinal)

[IMAGE_IMPORT_DESCRIPTOR]
0x13E3C 0x0 OriginalFirstThunk: 0x1B33C
0x13E3C 0x0 Characteristics: 0x1B33C
0x13E40 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x13E44 0x8 ForwarderChain: 0x0
0x13E48 0xC Name: 0x1B5AB
0x13E4C 0x10 FirstThunk: 0x1B348

COMDLG32.DLL.CommDlgExtendedError Hint[0]
COMDLG32.DLL.GetOpenFileNameA Hint[0]

[IMAGE_IMPORT_DESCRIPTOR]
0x13E50 0x0 OriginalFirstThunk: 0x1B354
0x13E50 0x0 Characteristics: 0x1B354
0x13E54 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x13E58 0x8 ForwarderChain: 0x0
0x13E5C 0xC Name: 0x1B5B8
0x13E60 0x10 FirstThunk: 0x1B35C

GDI32.DLL.DeleteObject Hint[0]

[IMAGE_IMPORT_DESCRIPTOR]
0x13E64 0x0 OriginalFirstThunk: 0x1B364
0x13E64 0x0 Characteristics: 0x1B364
0x13E68 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x13E6C 0x8 ForwarderChain: 0x0
0x13E70 0xC Name: 0x1B5C2
0x13E74 0x10 FirstThunk: 0x1B388

SHELL32.DLL.SHBrowseForFolderA Hint[0]
SHELL32.DLL.SHChangeNotify Hint[0]
SHELL32.DLL.SHFileOperationA Hint[0]
SHELL32.DLL.SHGetFileInfoA Hint[0]
SHELL32.DLL.SHGetMalloc Hint[0]
SHELL32.DLL.SHGetSpecialFolderLocation Hint[0]
SHELL32.DLL.ShellExecuteExA Hint[0]
SHELL32.DLL.SHGetPathFromIDListA Hint[0]

[IMAGE_IMPORT_DESCRIPTOR]
0x13E78 0x0 OriginalFirstThunk: 0x1B3AC
0x13E78 0x0 Characteristics: 0x1B3AC
0x13E7C 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x13E80 0x8 ForwarderChain: 0x0
0x13E84 0xC Name: 0x1B5CE
0x13E88 0x10 FirstThunk: 0x1B480

USER32.DLL.CharToOemA Hint[0]
USER32.DLL.CharToOemBuffA Hint[0]
USER32.DLL.CharUpperA Hint[0]
USER32.DLL.CopyRect Hint[0]
USER32.DLL.CreateWindowExA Hint[0]
USER32.DLL.DefWindowProcA Hint[0]
USER32.DLL.DestroyIcon Hint[0]
USER32.DLL.DestroyWindow Hint[0]
USER32.DLL.DialogBoxParamA Hint[0]
USER32.DLL.DispatchMessageA Hint[0]
USER32.DLL.EnableWindow Hint[0]
USER32.DLL.EndDialog Hint[0]
USER32.DLL.FindWindowExA Hint[0]
USER32.DLL.GetClassNameA Hint[0]
USER32.DLL.GetClientRect Hint[0]
USER32.DLL.GetDlgItem Hint[0]
USER32.DLL.GetDlgItemTextA Hint[0]
USER32.DLL.GetMessageA Hint[0]
USER32.DLL.GetParent Hint[0]
USER32.DLL.GetSysColor Hint[0]
USER32.DLL.GetSystemMetrics Hint[0]
USER32.DLL.GetWindow Hint[0]
USER32.DLL.GetWindowLongA Hint[0]
USER32.DLL.GetWindowRect Hint[0]
USER32.DLL.GetWindowTextA Hint[0]
USER32.DLL.IsWindow Hint[0]
USER32.DLL.IsWindowVisible Hint[0]
USER32.DLL.LoadBitmapA Hint[0]
USER32.DLL.LoadCursorA Hint[0]
USER32.DLL.LoadIconA Hint[0]
USER32.DLL.LoadStringA Hint[0]
USER32.DLL.MapWindowPoints Hint[0]
USER32.DLL.MessageBoxA Hint[0]
USER32.DLL.OemToCharA Hint[0]
USER32.DLL.OemToCharBuffA Hint[0]
USER32.DLL.PeekMessageA Hint[0]
USER32.DLL.PostMessageA Hint[0]
USER32.DLL.RegisterClassExA Hint[0]
USER32.DLL.SendDlgItemMessageA Hint[0]
USER32.DLL.SendMessageA Hint[0]
USER32.DLL.SetDlgItemTextA Hint[0]
USER32.DLL.SetFocus Hint[0]
USER32.DLL.SetMenu Hint[0]
USER32.DLL.SetWindowLongA Hint[0]
USER32.DLL.SetWindowPos Hint[0]
USER32.DLL.SetWindowTextA Hint[0]
USER32.DLL.ShowWindow Hint[0]
USER32.DLL.TranslateMessage Hint[0]
USER32.DLL.UpdateWindow Hint[0]
USER32.DLL.WaitForInputIdle Hint[0]
USER32.DLL.wsprintfA Hint[0]
USER32.DLL.wvsprintfA Hint[0]

[IMAGE_IMPORT_DESCRIPTOR]
0x13E8C 0x0 OriginalFirstThunk: 0x1B554
0x13E8C 0x0 Characteristics: 0x1B554
0x13E90 0x4 TimeDateStamp: 0x0 [Thu Jan 01 00:00:00 1970 UTC]
0x13E94 0x8 ForwarderChain: 0x0
0x13E98 0xC Name: 0x1B5D9
0x13E9C 0x10 FirstThunk: 0x1B56C

OLE32.DLL.CLSIDFromString Hint[0]
OLE32.DLL.CoCreateInstance Hint[0]
OLE32.DLL.CreateStreamOnHGlobal Hint[0]
OLE32.DLL.OleInitialize Hint[0]
OLE32.DLL.OleUninitialize Hint[0]

----------Resource directory----------

[IMAGE_RESOURCE_DIRECTORY]
0x14E00 0x0 Characteristics: 0x0
0x14E04 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14E08 0x8 MajorVersion: 0x0
0x14E0A 0xA MinorVersion: 0x0
0x14E0C 0xC NumberOfNamedEntries: 0x0
0x14E0E 0xE NumberOfIdEntries: 0x7
Id: [0x2] (RT_BITMAP)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E10 0x0 Name: 0x2
0x14E14 0x4 OffsetToData: 0x80000048
[IMAGE_RESOURCE_DIRECTORY]
0x14E48 0x0 Characteristics: 0x0
0x14E4C 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14E50 0x8 MajorVersion: 0x0
0x14E52 0xA MinorVersion: 0x0
0x14E54 0xC NumberOfNamedEntries: 0x0
0x14E56 0xE NumberOfIdEntries: 0x1
Id: [0x65]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E58 0x0 Name: 0x65
0x14E5C 0x4 OffsetToData: 0x80000148
[IMAGE_RESOURCE_DIRECTORY]
0x14F48 0x0 Characteristics: 0x0
0x14F4C 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14F50 0x8 MajorVersion: 0x0
0x14F52 0xA MinorVersion: 0x0
0x14F54 0xC NumberOfNamedEntries: 0x0
0x14F56 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14F58 0x0 Name: 0x419
0x14F5C 0x4 OffsetToData: 0x2F8
[IMAGE_RESOURCE_DATA_ENTRY]
0x150F8 0x0 OffsetToData: 0x1C4B0
0x150FC 0x4 Size: 0xBB6
0x15100 0x8 CodePage: 0x0
0x15104 0xC Reserved: 0x0

Id: [0x3] (RT_ICON)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E18 0x0 Name: 0x3
0x14E1C 0x4 OffsetToData: 0x80000060
[IMAGE_RESOURCE_DIRECTORY]
0x14E60 0x0 Characteristics: 0x0
0x14E64 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14E68 0x8 MajorVersion: 0x0
0x14E6A 0xA MinorVersion: 0x0
0x14E6C 0xC NumberOfNamedEntries: 0x0
0x14E6E 0xE NumberOfIdEntries: 0x4
Id: [0x1]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E70 0x0 Name: 0x1
0x14E74 0x4 OffsetToData: 0x80000160
[IMAGE_RESOURCE_DIRECTORY]
0x14F60 0x0 Characteristics: 0x0
0x14F64 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14F68 0x8 MajorVersion: 0x0
0x14F6A 0xA MinorVersion: 0x0
0x14F6C 0xC NumberOfNamedEntries: 0x0
0x14F6E 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14F70 0x0 Name: 0x419
0x14F74 0x4 OffsetToData: 0x308
[IMAGE_RESOURCE_DATA_ENTRY]
0x15108 0x0 OffsetToData: 0x1D068
0x1510C 0x4 Size: 0x128
0x15110 0x8 CodePage: 0x0
0x15114 0xC Reserved: 0x0
Id: [0x2]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E78 0x0 Name: 0x2
0x14E7C 0x4 OffsetToData: 0x80000178
[IMAGE_RESOURCE_DIRECTORY]
0x14F78 0x0 Characteristics: 0x0
0x14F7C 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14F80 0x8 MajorVersion: 0x0
0x14F82 0xA MinorVersion: 0x0
0x14F84 0xC NumberOfNamedEntries: 0x0
0x14F86 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14F88 0x0 Name: 0x419
0x14F8C 0x4 OffsetToData: 0x318
[IMAGE_RESOURCE_DATA_ENTRY]
0x15118 0x0 OffsetToData: 0x1D190
0x1511C 0x4 Size: 0x568
0x15120 0x8 CodePage: 0x0
0x15124 0xC Reserved: 0x0
Id: [0x3]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E80 0x0 Name: 0x3
0x14E84 0x4 OffsetToData: 0x80000190
[IMAGE_RESOURCE_DIRECTORY]
0x14F90 0x0 Characteristics: 0x0
0x14F94 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14F98 0x8 MajorVersion: 0x0
0x14F9A 0xA MinorVersion: 0x0
0x14F9C 0xC NumberOfNamedEntries: 0x0
0x14F9E 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14FA0 0x0 Name: 0x419
0x14FA4 0x4 OffsetToData: 0x328
[IMAGE_RESOURCE_DATA_ENTRY]
0x15128 0x0 OffsetToData: 0x1D6F8
0x1512C 0x4 Size: 0x2E8
0x15130 0x8 CodePage: 0x0
0x15134 0xC Reserved: 0x0
Id: [0x4]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E88 0x0 Name: 0x4
0x14E8C 0x4 OffsetToData: 0x800001A8
[IMAGE_RESOURCE_DIRECTORY]
0x14FA8 0x0 Characteristics: 0x0
0x14FAC 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14FB0 0x8 MajorVersion: 0x0
0x14FB2 0xA MinorVersion: 0x0
0x14FB4 0xC NumberOfNamedEntries: 0x0
0x14FB6 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14FB8 0x0 Name: 0x419
0x14FBC 0x4 OffsetToData: 0x338
[IMAGE_RESOURCE_DATA_ENTRY]
0x15138 0x0 OffsetToData: 0x1D9E0
0x1513C 0x4 Size: 0x8A8
0x15140 0x8 CodePage: 0x0
0x15144 0xC Reserved: 0x0

Id: [0x5] (RT_DIALOG)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E20 0x0 Name: 0x5
0x14E24 0x4 OffsetToData: 0x80000090
[IMAGE_RESOURCE_DIRECTORY]
0x14E90 0x0 Characteristics: 0x0
0x14E94 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14E98 0x8 MajorVersion: 0x0
0x14E9A 0xA MinorVersion: 0x0
0x14E9C 0xC NumberOfNamedEntries: 0x6
0x14E9E 0xE NumberOfIdEntries: 0x0
Name: [ASKNEXTVOL]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EA0 0x0 Name: 0x80000418
0x14EA4 0x4 OffsetToData: 0x800001C0
[IMAGE_RESOURCE_DIRECTORY]
0x14FC0 0x0 Characteristics: 0x0
0x14FC4 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14FC8 0x8 MajorVersion: 0x0
0x14FCA 0xA MinorVersion: 0x0
0x14FCC 0xC NumberOfNamedEntries: 0x0
0x14FCE 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14FD0 0x0 Name: 0x419
0x14FD4 0x4 OffsetToData: 0x348
[IMAGE_RESOURCE_DATA_ENTRY]
0x15148 0x0 OffsetToData: 0x1E288
0x1514C 0x4 Size: 0x282
0x15150 0x8 CodePage: 0x0
0x15154 0xC Reserved: 0x0
Name: [GETPASSWORD1]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EA8 0x0 Name: 0x8000042E
0x14EAC 0x4 OffsetToData: 0x800001D8
[IMAGE_RESOURCE_DIRECTORY]
0x14FD8 0x0 Characteristics: 0x0
0x14FDC 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14FE0 0x8 MajorVersion: 0x0
0x14FE2 0xA MinorVersion: 0x0
0x14FE4 0xC NumberOfNamedEntries: 0x0
0x14FE6 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14FE8 0x0 Name: 0x419
0x14FEC 0x4 OffsetToData: 0x358
[IMAGE_RESOURCE_DATA_ENTRY]
0x15158 0x0 OffsetToData: 0x1E50C
0x1515C 0x4 Size: 0x13A
0x15160 0x8 CodePage: 0x0
0x15164 0xC Reserved: 0x0
Name: [LICENSEDLG]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EB0 0x0 Name: 0x80000448
0x14EB4 0x4 OffsetToData: 0x800001F0
[IMAGE_RESOURCE_DIRECTORY]
0x14FF0 0x0 Characteristics: 0x0
0x14FF4 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14FF8 0x8 MajorVersion: 0x0
0x14FFA 0xA MinorVersion: 0x0
0x14FFC 0xC NumberOfNamedEntries: 0x0
0x14FFE 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x15000 0x0 Name: 0x419
0x15004 0x4 OffsetToData: 0x368
[IMAGE_RESOURCE_DATA_ENTRY]
0x15168 0x0 OffsetToData: 0x1E648
0x1516C 0x4 Size: 0xE8
0x15170 0x8 CodePage: 0x0
0x15174 0xC Reserved: 0x0
Name: [RENAMEDLG]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EB8 0x0 Name: 0x8000045E
0x14EBC 0x4 OffsetToData: 0x80000208
[IMAGE_RESOURCE_DIRECTORY]
0x15008 0x0 Characteristics: 0x0
0x1500C 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x15010 0x8 MajorVersion: 0x0
0x15012 0xA MinorVersion: 0x0
0x15014 0xC NumberOfNamedEntries: 0x0
0x15016 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x15018 0x0 Name: 0x419
0x1501C 0x4 OffsetToData: 0x378
[IMAGE_RESOURCE_DATA_ENTRY]
0x15178 0x0 OffsetToData: 0x1E730
0x1517C 0x4 Size: 0x12E
0x15180 0x8 CodePage: 0x0
0x15184 0xC Reserved: 0x0
Name: [REPLACEFILEDLG]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EC0 0x0 Name: 0x80000472
0x14EC4 0x4 OffsetToData: 0x80000220
[IMAGE_RESOURCE_DIRECTORY]
0x15020 0x0 Characteristics: 0x0
0x15024 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x15028 0x8 MajorVersion: 0x0
0x1502A 0xA MinorVersion: 0x0
0x1502C 0xC NumberOfNamedEntries: 0x0
0x1502E 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x15030 0x0 Name: 0x419
0x15034 0x4 OffsetToData: 0x388
[IMAGE_RESOURCE_DATA_ENTRY]
0x15188 0x0 OffsetToData: 0x1E860
0x1518C 0x4 Size: 0x338
0x15190 0x8 CodePage: 0x0
0x15194 0xC Reserved: 0x0
Name: [STARTDLG]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EC8 0x0 Name: 0x80000490
0x14ECC 0x4 OffsetToData: 0x80000238
[IMAGE_RESOURCE_DIRECTORY]
0x15038 0x0 Characteristics: 0x0
0x1503C 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x15040 0x8 MajorVersion: 0x0
0x15042 0xA MinorVersion: 0x0
0x15044 0xC NumberOfNamedEntries: 0x0
0x15046 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x15048 0x0 Name: 0x419
0x1504C 0x4 OffsetToData: 0x398
[IMAGE_RESOURCE_DATA_ENTRY]
0x15198 0x0 OffsetToData: 0x1EB98
0x1519C 0x4 Size: 0x222
0x151A0 0x8 CodePage: 0x0
0x151A4 0xC Reserved: 0x0

Id: [0x6] (RT_STRING)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E28 0x0 Name: 0x6
0x14E2C 0x4 OffsetToData: 0x800000D0
[IMAGE_RESOURCE_DIRECTORY]
0x14ED0 0x0 Characteristics: 0x0
0x14ED4 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14ED8 0x8 MajorVersion: 0x0
0x14EDA 0xA MinorVersion: 0x0
0x14EDC 0xC NumberOfNamedEntries: 0x0
0x14EDE 0xE NumberOfIdEntries: 0x4
Id: [0x7]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EE0 0x0 Name: 0x7
0x14EE4 0x4 OffsetToData: 0x80000250
[IMAGE_RESOURCE_DIRECTORY]
0x15050 0x0 Characteristics: 0x0
0x15054 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x15058 0x8 MajorVersion: 0x0
0x1505A 0xA MinorVersion: 0x0
0x1505C 0xC NumberOfNamedEntries: 0x0
0x1505E 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x15060 0x0 Name: 0x419
0x15064 0x4 OffsetToData: 0x3A8
[IMAGE_RESOURCE_DATA_ENTRY]
0x151A8 0x0 OffsetToData: 0x1EDBC
0x151AC 0x4 Size: 0x22C
0x151B0 0x8 CodePage: 0x0
0x151B4 0xC Reserved: 0x0
Id: [0x8]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EE8 0x0 Name: 0x8
0x14EEC 0x4 OffsetToData: 0x80000268
[IMAGE_RESOURCE_DIRECTORY]
0x15068 0x0 Characteristics: 0x0
0x1506C 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x15070 0x8 MajorVersion: 0x0
0x15072 0xA MinorVersion: 0x0
0x15074 0xC NumberOfNamedEntries: 0x0
0x15076 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x15078 0x0 Name: 0x419
0x1507C 0x4 OffsetToData: 0x3B8
[IMAGE_RESOURCE_DATA_ENTRY]
0x151B8 0x0 OffsetToData: 0x1EFE8
0x151BC 0x4 Size: 0x3B2
0x151C0 0x8 CodePage: 0x0
0x151C4 0xC Reserved: 0x0
Id: [0x9]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EF0 0x0 Name: 0x9
0x14EF4 0x4 OffsetToData: 0x80000280
[IMAGE_RESOURCE_DIRECTORY]
0x15080 0x0 Characteristics: 0x0
0x15084 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x15088 0x8 MajorVersion: 0x0
0x1508A 0xA MinorVersion: 0x0
0x1508C 0xC NumberOfNamedEntries: 0x0
0x1508E 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x15090 0x0 Name: 0x419
0x15094 0x4 OffsetToData: 0x3C8
[IMAGE_RESOURCE_DATA_ENTRY]
0x151C8 0x0 OffsetToData: 0x1F39C
0x151CC 0x4 Size: 0x212
0x151D0 0x8 CodePage: 0x0
0x151D4 0xC Reserved: 0x0
Id: [0xA]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14EF8 0x0 Name: 0xA
0x14EFC 0x4 OffsetToData: 0x80000298
[IMAGE_RESOURCE_DIRECTORY]
0x15098 0x0 Characteristics: 0x0
0x1509C 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x150A0 0x8 MajorVersion: 0x0
0x150A2 0xA MinorVersion: 0x0
0x150A4 0xC NumberOfNamedEntries: 0x0
0x150A6 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x150A8 0x0 Name: 0x419
0x150AC 0x4 OffsetToData: 0x3D8
[IMAGE_RESOURCE_DATA_ENTRY]
0x151D8 0x0 OffsetToData: 0x1F5B0
0x151DC 0x4 Size: 0x27E
0x151E0 0x8 CodePage: 0x0
0x151E4 0xC Reserved: 0x0

Id: [0xA] (RT_RCDATA)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E30 0x0 Name: 0xA
0x14E34 0x4 OffsetToData: 0x80000100
[IMAGE_RESOURCE_DIRECTORY]
0x14F00 0x0 Characteristics: 0x0
0x14F04 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14F08 0x8 MajorVersion: 0x0
0x14F0A 0xA MinorVersion: 0x0
0x14F0C 0xC NumberOfNamedEntries: 0x1
0x14F0E 0xE NumberOfIdEntries: 0x0
Name: [DVCLAL]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14F10 0x0 Name: 0x800004A2
0x14F14 0x4 OffsetToData: 0x800002B0
[IMAGE_RESOURCE_DIRECTORY]
0x150B0 0x0 Characteristics: 0x0
0x150B4 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x150B8 0x8 MajorVersion: 0x0
0x150BA 0xA MinorVersion: 0x0
0x150BC 0xC NumberOfNamedEntries: 0x0
0x150BE 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x150C0 0x0 Name: 0x0
0x150C4 0x4 OffsetToData: 0x3E8
[IMAGE_RESOURCE_DATA_ENTRY]
0x151E8 0x0 OffsetToData: 0x1F830
0x151EC 0x4 Size: 0x10
0x151F0 0x8 CodePage: 0x0
0x151F4 0xC Reserved: 0x0

Id: [0xE] (RT_GROUP_ICON)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E38 0x0 Name: 0xE
0x14E3C 0x4 OffsetToData: 0x80000118
[IMAGE_RESOURCE_DIRECTORY]
0x14F18 0x0 Characteristics: 0x0
0x14F1C 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14F20 0x8 MajorVersion: 0x0
0x14F22 0xA MinorVersion: 0x0
0x14F24 0xC NumberOfNamedEntries: 0x0
0x14F26 0xE NumberOfIdEntries: 0x1
Id: [0x64]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14F28 0x0 Name: 0x64
0x14F2C 0x4 OffsetToData: 0x800002C8
[IMAGE_RESOURCE_DIRECTORY]
0x150C8 0x0 Characteristics: 0x0
0x150CC 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x150D0 0x8 MajorVersion: 0x0
0x150D2 0xA MinorVersion: 0x0
0x150D4 0xC NumberOfNamedEntries: 0x0
0x150D6 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x150D8 0x0 Name: 0x419
0x150DC 0x4 OffsetToData: 0x3F8
[IMAGE_RESOURCE_DATA_ENTRY]
0x151F8 0x0 OffsetToData: 0x1F840
0x151FC 0x4 Size: 0x3E
0x15200 0x8 CodePage: 0x0
0x15204 0xC Reserved: 0x0

Id: [0x18] (RT_MANIFEST)
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14E40 0x0 Name: 0x18
0x14E44 0x4 OffsetToData: 0x80000130
[IMAGE_RESOURCE_DIRECTORY]
0x14F30 0x0 Characteristics: 0x0
0x14F34 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x14F38 0x8 MajorVersion: 0x0
0x14F3A 0xA MinorVersion: 0x0
0x14F3C 0xC NumberOfNamedEntries: 0x0
0x14F3E 0xE NumberOfIdEntries: 0x1
Id: [0x1]
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x14F40 0x0 Name: 0x1
0x14F44 0x4 OffsetToData: 0x800002E0
[IMAGE_RESOURCE_DIRECTORY]
0x150E0 0x0 Characteristics: 0x0
0x150E4 0x4 TimeDateStamp: 0x352E0287 [Fri Apr 10 11:29:11 1998 UTC]
0x150E8 0x8 MajorVersion: 0x0
0x150EA 0xA MinorVersion: 0x0
0x150EC 0xC NumberOfNamedEntries: 0x0
0x150EE 0xE NumberOfIdEntries: 0x1
[IMAGE_RESOURCE_DIRECTORY_ENTRY]
0x150F0 0x0 Name: 0x419
0x150F4 0x4 OffsetToData: 0x408
[IMAGE_RESOURCE_DATA_ENTRY]
0x15208 0x0 OffsetToData: 0x1F880
0x1520C 0x4 Size: 0x213
0x15210 0x8 CodePage: 0x0
0x15214 0xC Reserved: 0x0

PEFileInfo

пятница, 25 мая 2012 г.

4af6611b41fe78624e630724a0ea2fd1

Комментариев нет:

Отправить комментарий

пятница, 25 мая 2012 г.

4af6611b41fe78624e630724a0ea2fd1

Комментариев нет:

Отправить комментарий

пятница, 25 мая 2012 г.