adobe.exe

info
MZ
PE
resources
strings
imports
foremost
7zip
hexdump
disasm
log
discuss
donate

filename	adobe.exe
size	976930 (0xee822)
md5	69dcf0f8174e82def1c48c62836ba33e

type	PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0xf8

Rich Header

lib id	version	times used
10	8047	11
14	7299	1
4	8047	2
0	0	9
19	8034	11
1	0	124
49	9044	7
48	9044	5
6	1735	1

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x14c
NumberOfSections	3
TimeDateStamp	0x4024c51f
PointerToSymbolTable	0
NumberOfSymbols	0
SizeOfOptionalHeader	0xe0
Characteristics	0x10f
Magic	0x10b
LinkerVersion	6.0
SizeOfCode	0x5000
SizeOfInitializedData	0x2000
SizeOfUninitializedData	0xb000
AddressOfEntryPoint	0xfff0
BaseOfCode	0xc000
BaseOfData	0x11000
ImageBase	0x400000
SectionAlignment	0x1000
FileAlignment	0x200
OperatingSystemVersion	4.0
ImageVersion	0.0
SubsystemVersion	4.0
Reserved1	0
SizeOfImage	0x13000
SizeOfHeaders	0x1000
CheckSum	0
Subsystem	2
DllCharacteristics	0
SizeOfStackReserve	0x100000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Packer / Compiler

UPX v0.89.6 - v1.02 / v1.05 - v1.22

This file is packed with UPX. Analysis will be incomplete without unpacking.
We can unpack it for you.

»» Analyze unpacked file

Sections

name	va	vsize	raw size	flags
UPX0	0x1000	0xb000	0	RWX UDATA
UPX1	0xc000	0x5000	0x4200	RWX IDATA
.rsrc	0x11000	0x2000	0x1200	RW- IDATA

Data Directory

type	va	size
EXPORT	0	0
IMPORT	0x11fe4	0x1d8
RESOURCE	0x11000	0xfe4
EXCEPTION	0	0
SECURITY	0	0
BASERELOC	0	0
DEBUG	0	0
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0	0
LOAD_CONFIG	0	0
Bound_IAT	0	0
IAT	0	0
Delay_IAT	0	0
CLR_Header	0	0

show previews

type	name	size
ICON	#1	2216
DIALOG	#300	878
DIALOG	#301	1386
DIALOG	#302	352
DIALOG	#303	224
DIALOG	#304	788
DIALOG	#305	248
DIALOG	#306	176
DIALOG	#307	732
STRING	#7	114
STRING	#8	138
STRING	#13	1188
STRING	#14	802
STRING	#16	548
STRING	#17	560
STRING	#19	164
STRING	#20	138
STRING	#769	46
STRING	#771	74
GROUP_ICON	#310	20
MANIFEST	#1	674

id	lang	string
96	1033	08 68 a8 98 77 e7 83 c6 02 10 56 c0 de 6c e6 0c \|.h..w.....V..l..\| 09 55 2a 62 cd 7c c3 be 75 aa 5b 21 e9 a4 bd 6d \|.U*b.\|..u.[!...m\| 2d 7d 6b bc b4 8b 44 24 08 3b 16 1c 23 fb ba 77 \|-}k...D$.;..#..w\| df 09 0c 80 60 03 ef 07 04 a3 80 8c eb 10 0a 50 \|....`..........P\| 0b 9d ce 1e 16 f2 c2 0c ee 58 d6 30 d6 b8 bd ef \|.........X.0....\| 6a 34 5e 6f cc 56 22 6b 8c 3b 5d 30 bd 3a 08 68 \|j4^o.V"k.;]0.:.h\| 20 60 8d d4 a1 62 07 56 6e 9b 69 d8 c3 05 e8 7b \| `...b.Vn.i....{\| ac fe \|.. \|
112	1033	2f 1b cc c7 45 d0 28 85 08 00 06 4b 67 dc 7c e4 \|/...E.(....Kg.\|.\| 06 00 00 f0 23 14 25 8c 7b 18 be db 5c 78 3f 06 \|....#.%.{...\x?.\| 8d a8 be 36 52 6a 30 89 85 b4 fe fd 75 ef 3a 5b \|...6Rj0.....u.:[\| c7 85 b8 06 2d 12 04 89 9d 4d 5f 89 b5 bc 9b bb \|....-....M_.....\| dd ed 06 68 04 13 51 6a 70 5a bd b0 0e 27 c4 f6 \|...h..QjpZ...'..\| fb ed 36 ff 16 85 9d dc 7c bd e0 05 85 e4 1b 9b \|..6.....\|.......\| b1 5f 33 e8 2e a9 b5 ec 0f f4 06 18 db 6c 35 5f \|._3..........l5_\| 14 98 6a 0a 80 6a 03 08 d4 9d 85 52 15 cb a8 0f \|..j..j.....R....\| 80 64 c9 34 d2 5f dc 50 bb 5d \|.d.4._.P.] \|
192	1033	08 e4 83 7d 08 74 06 05 d8 b2 ef 2d 7c 07 83 a5 \|...}.t.....-\|...\| 62 00 c6 9f f9 fc ca 76 6f 3b 9d 8f 10 ff 14 ff \|b......vo;......\| cd d8 c8 f2 18 ff 2f 1c 0f 24 c3 1b 72 22 b0 19 \|....../..$..r"..\| 8f 18 ff 80 c3 67 6c 6c 3c 7a 44 05 74 45 a4 c7 \|.....gll..ntY=Z.\| b2 bc 24 30 be 31 d8 10 3a 98 f0 3b ec 6a 14 50 \|..$0.1..:..;.j.P\| 99 0d 2f d6 88 18 bf 18 1a 91 1d 4e 13 d8 18 50 \|../........N...P\| 56 05 53 8c c2 be 1f 92 3a 91 eb 64 be 4d 56 4e \|V.S.....:..d.MVN\| 4f ae ec 64 f8 56 4a 57 eb 2e 93 1c 19 0d 05 57 \|O..d.VJW.......W\| 09 57 eb 1e ca 86 b3 0e e4 51 da 06 91 f7 1a 78 \|.W.......Q.....x\| 30 92 47 12 68 2e 5d 68 3a dc 32 5c 1d c9 53 56 \|0.G.h.]h:.2\..SV\| 0b 91 83 dc ca 40 01 1d 01 11 ad 4b 68 4e 38 c4 \|.....@.....KhN8.\| 5d 57 c5 06 03 39 90 fc 6f 72 83 30 c8 c3 c0 cb \|]W...9..or.0....\| 14 d7 c7 db 83 4c 72 92 53 78 8c 53 78 b3 59 42 \|.....Lr.Sx.Sx.YB\| 9e 8c 53 13 6a 4f d2 12 de 53 50 0f c7 38 d7 a3 \|..S.jO...SP..8..\| 94 b7 b8 a1 33 f1 5f da 0b 52 8b bd 81 7e 1d c2 \|....3._..R...~..\| d9 87 08 d9 75 0e 31 56 14 db c9 91 3c c9 18 55 \|....u.1V....<..U\| 53 53 53 c8 03 29 72 7e 54 03 53 c9 0d 20 47 2f \|SSS..)r~T.S.. G/\| db 4d 54 6c 48 06 64 94 94 53 1f c4 24 56 d2 54 \|.MTlH.d..S..$V.T\| f5 3e fd d1 e1 38 99 7f 0f 53 55 57 15 03 b9 d1 \|.>...8...SUW....\| 73 fb 0c 09 08 ee 02 36 8d 26 01 46 6e e1 a6 c2 \|s......6.&.Fn...\| 74 4d 48 9b 2f 1f 94 b1 37 7a e2 bc 24 22 c3 98 \|tMH./...7z..$"..\| 32 68 a0 72 c3 bb 4b 99 68 95 a3 84 0c 74 1e be \|2h.r..K.h....t..\| c0 0c 3d b7 c7 ba c4 6c 15 74 0d 56 85 6c 8b a4 \|..=....l.t.V.l..\| 84 a7 6f 98 d5 3f 0e c0 8b ac 24 d0 55 e5 8d b5 \|..o..?....$.U...\| 0d 6f bf 84 e4 40 92 20 3e 57 c8 74 1b 6e 5e 08 \|.o...@. >W.t.n^.\| 91 db b0 80 04 a8 d1 8c 10 d9 27 d4 f1 13 55 e4 \|..........'...U.\| 96 6c 6b 37 63 a3 57 14 f7 01 dd 87 e3 42 16 a3 \|.lk7c.W......B..\| f4 a1 03 f1 b5 50 92 8e ec 0e 78 54 e8 8f d9 00 \|.....P....xT....\| 48 e9 8e fd 3d 89 2d c2 89 1d a4 05 a8 8c 5e 3a \|H...=.-.......^:\| 6c ae bb fb 89 35 ac 0b c7 05 b0 05 51 35 21 b4 \|l....5......Q5!.\| ee 24 8d 8d b8 05 bc 54 a3 7c 0a d2 08 e6 77 d1 \|.$.....T.\|....w.\| 0b cd 8b b4 24 24 fe 37 d4 99 05 77 37 46 0e 39 \|....$$.7...w7F.9\| 1d 04 c8 47 3a 35 93 30 8b e6 df 13 94 bd 1e 1d \|...G:5.0........\| 58 e1 f7 7f ed d8 58 46 0f 1d 16 9f 10 47 58 55 \|X.....XF.....GXU\| ea 32 f2 5d c2 8a 16 9c 28 98 d4 24 b6 72 03 78 \|.2.]....(..$.r.x\| 4b d9 ed 69 96 44 57 18 45 d2 18 24 66 ba 11 24 \|K..i.DW.E..$f..$\| be 50 56 57 e9 74 72 8f 25 75 dc da c8 8d 75 71 \|.PVW.tr.%u....uq\| 53 32 ef 6d e6 d7 68 f0 8a f7 01 d0 28 06 e7 6e \|S2.m..h.....(..n\| 6f 69 08 48 63 c4 25 32 ac 99 e4 56 11 e8 fb f8 \|oi.Hc.%2...V....\| 00 9d d1 1e bb d9 21 99 31 6a 05 2b 26 eb 22 c3 \|......!.1j.+&.".\| e1 ac 4a 0d a5 ca 50 18 ee 61 65 be 63 24 af 55 \|..J...P..ae.c$.U\| 53 74 76 10 4e 91 20 23 52 eb 03 d4 f4 0a 4f d3 \|Stv.N. #R.....O.\| 45 2f 31 06 b1 38 85 6c 24 87 63 1f 42 40 3a dd \|E/1..8.l$.c.B@:.\| 21 66 1c 15 18 6a c8 d3 8c 3f 8b c5 eb 5a 83 d5 \|!f...j...?...Z..\| 6d 30 00 32 20 53 7c 7c c3 1f 58 c9 7c 06 5d 5b \|m0.2 S\|\|..X.\|.][\| 81 c4 fb fe 80 23 81 0d 56 d8 57 74 7a 3b 5a f7 \|.....#..V.Wtz;Z.\| 8d bf 5b 2d f9 02 7c 07 2e 4c 10 92 bf 0d 03 5c \|..[-..\|..L.....\\| c5 db 29 10 \|..). \|
208	1033	34 bf 70 8c 64 4d 48 93 53 75 26 81 3d b0 00 c3 \|4.p.dMH.Su&.=...\| e3 84 37 e8 76 1a 6a 40 54 da db 08 04 ef 94 84 \|..7.v.j@T.......\| 4d 6b 4c 6e c1 2d d5 34 48 1f f0 54 75 84 20 4c \|MkLn.-.4H..Tu. L\| 16 93 04 36 dc 38 1d 08 9d 41 7a 49 83 bf ed c6 \|...6.8...AzI....\| e3 47 d2 57 87 d3 be 70 8b 88 96 3e 36 81 77 68 \|.G.W...p...>6.wh\| 2d 38 2e 50 68 d0 80 3e 98 2d 69 c0 1c ab 78 dc \|-8.Ph..>.-i...x.\| 1f 4d 67 06 7c a1 38 89 3d 6c 8a e2 2d b5 2d 86 \|.Mg.\|.8.=l..-.-.\| 08 96 6c 70 0a ee e9 e6 f6 bb 76 26 02 a3 64 96 \|..lp......v&..d.\| 67 68 05 e1 db 1e e6 c7 05 74 aa 31 78 bc d6 ba \|gh.......t.1x...\| 63 9b 95 5e 99 79 0c 0a 64 f5 a5 ba 11 b8 f6 68 \|c..^.y..d......h\| 01 df f0 59 46 f0 c1 3c e9 7d 3d 35 ea ff 68 e0 \|...YF..<.}=5..h.\| f2 60 b6 c3 5f 54 68 a1 35 ab bf d0 c6 27 bc bb \|.`.._Th.5....'..\| 57 a3 d8 19 75 2c 53 57 10 83 c8 ff 4e 17 c2 c3 \|W...u,SW....N...\| e1 05 d1 4f 54 50 50 53 1b 08 f0 43 97 9e 8b c6 \|...OTPPS...C....\| 36 8b 1e 06 93 90 a3 05 d8 e2 00 f0 e2 92 41 88 \|6.............A.\| 23 9d 12 96 5c 60 d7 72 07 77 53 43 68 15 b1 32 \|#...\`.r.wSCh..2\| 11 a3 dc a6 c2 7b 01 03 b2 0e da 7d 95 c1 7b 48 \|.....{.....}..{H\| b1 50 17 ba 3a 83 a7 a1 f3 8c 4c b3 35 06 a4 43 \|.P..:.....L.5..C\| 7a 0e 0c 32 c8 23 2b 1c a1 b1 33 73 b8 83 b4 e6 \|z..2.#+...3s....\| 8b d8 4e ba 37 58 5c 53 87 0b 6b 5b a6 e4 91 0f \|..N.7X\S..k[....\| 9d 57 4f 68 32 3b 32 20 9d 96 2d 6a 16 2e 8c ca \|.WOh2;2 ..-j....\| 60 f6 42 4d 15 9e 41 9a 97 c1 9d 7c 06 f8 c9 41 \|`.BM..A....\|...A\| 0e c2 25 04 5d fe 03 02 01 42 aa 7b 37 42 1c 8b \|..%.]....B.{7B..\| 9c 24 90 30 53 0a 1e 0f a9 e6 6d 53 08 bf f5 3b \|.$.0S.....mS...;\| 0e 7c 7c c9 0e 09 bf c4 bd 4e 1c 61 d7 8f 01 30 \|.\|\|......N.a...0\| 81 43 a3 e4 5f c4 70 21 18 dc 1e c1 a7 74 15 4e \|.C.._.p!.....t.N\| 78 30 87 9d 64 e4 eb 0c 0d c4 35 70 e0 77 6c 65 \|x0..d.....5p.wle\| a3 98 de 78 14 13 78 27 23 3f 50 24 54 ac 06 81 \|...x..x'#?P$T...\| 07 5a ca ae 55 a4 55 0b 7c 20 e0 58 a0 f8 55 57 \|.Z..U.U.\| .X..UW\| aa e0 db cb 20 37 57 8b e8 fd 08 85 ed e0 04 88 \|.... 7W.........\| 05 6b 70 f4 80 f4 cd 76 0e cb 35 3f 79 16 0f 9c \|.kp....v..5?y...\| f6 ea 1d b2 0e 93 6c 90 06 05 c1 eb 30 37 d2 c1 \|......l.....07..\| 9d 30 b4 b0 29 37 d2 d2 9b be b0 c0 8e a6 c8 8d \|.0..)7..........\| bb bb 43 ac 13 1e d1 84 24 84 80 56 bd ef 6c ba \|..C.....$..V..l.\| 7d cf 50 be 1c 81 e2 10 81 1b f3 2d e9 cc 88 04 \|}.P........-....\| 16 04 15 05 eb 06 12 a7 49 75 18 24 69 3b 92 18 \|........Iu.$i;..\| e1 68 1f cd 92 20 1f 05 31 68 a7 14 aa 76 3b e0 \|.h... ..1h...v;.\| 9a ce 50 7d 80 50 07 c4 15 f2 40 8e 2d 28 fc 80 \|..P}.P....@.-(..\| 84 04 1e 66 3c 52 69 ee 33 6a c9 26 24 f9 f6 94 \|...f......$.\| 80 7c 19 15 72 04 b6 18 6a 63 f5 c9 c3 46 d8 58 \|.\|..r...jc...F.X\| e8 7a 9c 80 55 b6 99 2e 29 7c 81 50 7d 0d ac 21 \|.z..U...)\|.P}..!\| b7 0a 88 13 ad 1d e0 9e 78 79 ad 98 8b 70 33 25 \|........xy...p3%\| 97 1c 21 98 98 4c 5e 21 71 98 ad 7c 06 1f 6c 44 \|..!..L^!q..\|..lD\| 13 e9 30 d5 fc bc 8d 83 05 3e e2 45 f0 57 7d d3 \|..0......>.E.W}.\| 49 f8 \|I. \|
240	1033	2b 52 2b 7d f4 15 e0 14 fb ff df cd 4c 1b 45 ec \|+R+}........L.E.\| 8b 4d e8 2b 45 e4 2b 4d e0 2b c7 2b ce d1 f8 03 \|.M.+E.+M.+.+....\| 0b 70 0b 7e 7b d1 f9 03 0d 89 45 f4 03 c7 12 89 \|.p.~{.....E.....\| 4d 43 b6 ed 0b d8 d0 03 ce 50 08 f8 36 d4 73 cd \|MC.......P..6.s.\| 95 da dc 39 1a 9c 1f 35 29 0f 7c b9 99 65 d8 f8 \|...9...5).\|..e..\| 04 2b c6 f0 33 c0 39 02 3c 9b bb 7d 03 09 07 f4 \|.+..3.9.<..}....\| f4 99 70 6c 5b 82 a4 f4 02 f0 7e d0 71 68 58 20 \|..pl[.....~.qhX \| 59 9e 38 48 46 53 60 80 13 ad e8 a5 4d 9d b8 29 \|Y.8HFS`.....M..)\| 6e 26 b8 fc 3b d6 8b 3d 88 45 53 9c 9e 0e 68 44 \|n&..;..=.ES...hD\| 62 9c bc fa b3 34 3b ac 23 fc ac d8 83 fb ff 74 \|b....4;.#......t\| 9a 5d 59 04 91 2c e8 fd 40 21 83 6d fa 1e a4 59 \|.]Y..,..@!.m...Y\| 1f 74 64 16 3c 76 16 39 76 4d 6c fc fe 22 50 0f \|.td.
256	1033	68 63 11 53 3f b0 37 14 26 7b e2 57 30 7c 8f 75 \|hc.S?.7.&{.W0\|.u\| a3 eb a4 b8 70 f6 04 83 65 f8 3b 92 61 f8 59 ff \|....p...e.;.a.Y.\| 12 4e cd b4 5d 59 81 19 3d 4a 8f 50 bc d8 85 db \|.N..]Y..=J.P....\| 35 28 96 a5 16 73 82 ca b0 17 ff 6e 03 c2 f7 e0 \|5(...s.....n....\| 25 0b 70 fe 68 21 10 22 9c d4 21 56 6c 50 27 93 \|%.p.h!."..!VlP'.\| 7a 7f 13 1c 4d 7e 22 57 63 6f 9b af 67 be 00 3d \|z...M~"Wco..g..=\| 64 77 b4 e0 eb 0b b4 7c db 61 d6 59 30 57 08 92 \|dw.....\|.a.Y0W..\| c3 50 87 83 80 14 aa db fa 4b e2 3d 30 73 5e af \|.P.......K.=0s^.\| 71 21 f1 06 52 be 68 8b ac 59 43 6c 1c 42 50 40 \|q!..R.h..YCl.BP@\| e9 c3 e3 1f e6 cc 6b 68 ae 2b 40 70 ff aa 17 67 \|......kh.+@p...g\| 65 0c 72 6d 0c 0a 5e ec c0 57 01 28 08 5b f2 e4 \|e.rm..^..W.(.[..\| 66 6e 6f c2 f5 be 8a 7b f4 fb fd ce 52 c2 23 3a \|fno....{....R.#:\| 00 20 50 cd 96 f0 90 cf 74 40 01 1a 2c 9a 0d a1 \|. P.....t@..,...\| 36 05 0f 1d 49 4b 88 96 9e e4 78 08 37 ea 28 5d \|6...IK....x.7.(]\| 40 5e 08 00 18 97 92 cd e7 00 01 00 ff ff 00 53 \|@^.............S\| 04 96 cd 3a 71 10 20 57 60 27 e4 91 1c 54 06 b0 \|...:q. W`'...T..\| fa b0 fa 91 1c 79 20 c0 fe b0 fa b2 a5 e4 c8 fa \|.....y .........\| ec fe 1a c9 ac c7 90 5c 3c ae 60 13 81 1f b1 e6 \|.......\<.`.....\| 58 f6 5f bf 74 4c 32 c8 43 3d 37 88 3a 57 bc ce \|X._.tL2.C=7.:W..\| 16 76 ac fa ac f9 1b 0f d7 6b 9e 58 f6 08 2b 48 \|.v.......k.X..+H\| 91 4b 4b f2 92 17 72 b4 fb b4 fb b8 fc ac cd ce \|.KK...r.........\| 16 0f d7 08 9d 2d 0b 39 f2 c0 c9 54 c0 fe 19 85 \|.....-.9...T....\| c6 92 06 ab 97 ad 3b 63 fd ac 08 56 83 cb ff 6c \|......;c...V...l\| e0 00 33 56 6a 50 6f 46 10 64 69 a0 45 4d 57 04 \|..3VjPoF.di.EMW.\| 30 7b 60 ff 56 b5 fe fe 8b c8 76 22 2c 57 31 8b \|0{`.V.....v",W1.\| d3 c1 ea 18 33 36 fe 86 ff d6 c1 e3 08 8b 14 95 \|....36..........\| e0 99 ef da 41 ff 45 08 39 7d 89 e1 d2 04 c6 ea \|....A.E.9}......\| 88 5c f5 fc 33 22 d0 8a 52 3b f7 d0 76 78 f6 6c \|.\..3"..R;..vx.l\| 4c e0 20 dc 57 57 db d4 24 a7 86 08 42 33 2c 10 \|L. .WW..$...B3,.\| cb 06 65 b0 ed 1d ea 59 85 56 3c c7 72 67 b0 0c \|..e....Y.V<.rg..\| 06 55 65 08 64 9c 2c 21 0c 4c 70 40 ae a9 b7 c9 \|.Ue.d.,!.Lp@....\| 9c 29 c7 05 28 61 02 76 1a a4 7a ea bb 20 91 f9 \|.)..(a.v..z.. ..\| 06 4c 08 6c 8b 16 ad 9c 23 2f 06 09 92 49 26 19 \|.L.l....#/...I&.\| f4 e4 e8 17 67 3b 64 ec 06 6e e0 67 9e 54 b0 06 \|....g;d..n.g.T..\| a9 36 0d 0a ff 36 ae 0d 52 5c 88 8c 35 53 0e d7 \|.6...6..R\..5S..\|
288	1033	21 b4 66 e1 1e 9a 59 ff 64 59 0e db 61 0f 35 e1 \|!.f...Y.dY..a.5.\| 68 fa cb aa 53 15 6f d9 7b e7 a4 fc 53 0a dd 24 \|h...S.o.{...S..$\| 9d 50 85 12 20 dc d9 7c 49 37 ec 49 b9 ec 70 1b \|.P.. ..\|I7.I..p.\| 7c b4 61 e3 7f a4 c8 8b 0e 8d 7c 08 01 80 3f 03 \|\|.a.......\|...?.\| 04 80 3d 2c f4 23 bc 47 53 89 3e 7e 8b 07 83 c7 \|..=,.#.GS.>~....\| 04 25 08 ac 41 2b d0 3e 3e c7 fc bb 68 9c 34 c0 \|.%..A+.>>...h.4.\| 22 40 83 07 ea f9 ba 03 76 85 0d 01 3e 6c 36 60 \|"@......v...>l6`\| 23 29 c6 48 cc db 1e d9 84 80 d5 78 47 0a 18 b2 \|#).H.......xG...\| 3d 55 b2 13 d0 32 41 c8 06 3b 21 52 6f 2d 23 34 \|=U...2A..;!Ro-#4\| 07 a9 03 c9 39 90 e9 74 0f b8 00 2e 08 c0 c1 8e \|....9..t........\| 21 53 1e c2 \|!S.. \|
304	1033	50 5f a4 fc 22 49 af 60 48 81 13 7f b1 b2 c1 51 \|P_.."I.`H......Q\| 04 e7 39 f8 53 51 96 68 e4 70 e9 4a 74 a3 74 4f \|..9.SQ.h.p.Jt.tO\| 86 06 46 ec 24 e4 8d f7 70 2c b6 39 33 79 01 eb \|..F.$...p,.93y..\| 2c 30 2d 37 2c de 00 e5 37 b0 8b 81 d0 6c 23 73 \|,0-7,...7....l#s\| 7c 83 ea 07 32 20 24 80 c0 08 c8 c3 36 db 75 28 \|\|...2 $.....6.u(\| 0d 6c 48 48 ff 00 81 23 0d f2 ec 23 c4 0e 08 80 \|.lHH...#...#....\| 50 39 3b 74 7a a8 54 09 22 27 c5 fe 37 96 9e 41 \|P9;tz.T."'..7..A\| 4d 0c f4 3b d3 0f 95 c0 48 83 e0 10 05 10 48 d2 \|M..;....H.....H.\| d8 eb 30 a3 39 35 53 fe 95 24 \|..0.95S..$ \|
12288	1033	痒⅟᛼긄뭠粅㫨䨐ﶨ뿿䟱븏嗀ឋ侍䠄ຉ౴畈謴
12320	1033	04 3a b0 c4 df da 65 eb 2b 39 03 7d 10 83 06 eb \|.:....e.+9.}....\| 3d 23 5c 16 8e c8 75 24 37 f8 52 57 26 74 39 6b \|=#\...u$7.RW&t9k\| f4 7f ab 3e 8a 07 3a c3 75 bb 2d dc 80 92 2d ac \|...>..:.u.-...-.\| 87 03 50 da 13 5a 12 1a 7a 47 7b 74 7d aa 11 2c \|..P..Z..zG{t}..,\| 09 73 65 c2 b1 7c 98 39 06 ad \|.se..\|.9.. \|

module_name	ord	function_name
KERNEL32.DLL		LoadLibraryA
KERNEL32.DLL		GetProcAddress
KERNEL32.DLL		ExitProcess
COMCTL32.dll	17
GDI32.dll		LineTo
IMAGEHLP.dll		MakeSureDirectoryPathExists
MSVCRT.dll		exit
SHELL32.dll		ShellExecuteA
SHLWAPI.dll		PathAppendA
USER32.dll		GetDC

show previews

offset	size	type	comment
0	22528	EXE	02/07/2004 10:59:43	#
15c1	15	HTM		#
5800	954402	BIN	overlay data past EOF	#

Scanning the drive for archives:
1 file, 976930 bytes (955 KiB)


--
Type = bzip2
ERRORS:
There are data after the end of archive
Offset = 22536
Physical Size = 15880
Tail Size = 938514
Streams = 1
Blocks = 1

   Date      Time    Attr         Size   Compressed  Name
------------------- ----- ------------ ------------  ------------------------
                    .....        75158        15880  data~
------------------- ----- ------------ ------------  ------------------------
                                 75158        15880  1 files

Warnings: 1

Errors: 1

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

[?] can't find file_offset of VA 0xb3d0

[?] can't find file_offset of VA 0xae60

[?] can't find file_offset of VA 0xa480

[?] can't find file_offset of VA 0xabd8

[?] can't find file_offset of VA 0xa5e0

[?] can't find file_offset of VA 0xad68

[?] can't find file_offset of VA 0xacb8

[?] can't find file_offset of VA 0xa8f8

[!] string size(53264) > stringtable size(114). truncated to 112

[!] cannot convert "\xA8\x98w\xE7\x83\xC6\x02\x10V\xC0\xDEl\xE6\f\tU"... to UTF-16

[!] string size(13918) > stringtable size(138). truncated to 136

[!] cannot convert "\xCC\xC7E\xD0(\x85\b\x00\x06Kg\xDC|\xE4\x06\x00"... to UTF-16

[!] string size(116752) > stringtable size(1188). truncated to 1186

[!] cannot convert "\x83}\bt\x06\x05\xD8\xB2\xEF-|\a\x83\xA5b\x00"... to UTF-16

[!] string size(97896) > stringtable size(802). truncated to 800

[!] cannot convert "p\x8CdMH\x93Su&\x81=\xB0\x00\xC3\xE3\x84"... to UTF-16

[!] string size(42070) > stringtable size(548). truncated to 546

[!] cannot convert "+}\xF4\x15\xE0\x14\xFB\xFF\xDF\xCDL\eE\xEC\x8BM"... to UTF-16

[!] string size(50896) > stringtable size(560). truncated to 558

[!] cannot convert "\x11S?\xB07\x14&{\xE2W0|\x8Fu\xA3\xEB"... to UTF-16

[!] string size(92226) > stringtable size(164). truncated to 162

[!] cannot convert "f\xE1\x1E\x9AY\xFFdY\x0E\xDBa\x0F5\xE1h\xFA"... to UTF-16

[!] string size(48800) > stringtable size(138). truncated to 136

[!] cannot convert "\xA4\xFC\"I\xAF`H\x81\x13\x7F\xB1\xB2\xC1Q\x04\xE7"... to UTF-16

[!] string size(45566) > stringtable size(46). truncated to 44

[!] string size(29704) > stringtable size(74). truncated to 72

[!] cannot convert "\xB0\xC4\xDF\xDAe\xEB+9\x03}\x10\x83\x06\xEB=#"... to UTF-16