Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Siopel.exe

Overview

General Information

Sample name:Siopel.exe
Analysis ID:1559580
MD5:fdc8014d627b85ec211f282a696653b7
SHA1:49a850bff30eedbc04a34fd3f6479225726d0377
SHA256:73b1da090537fc3acb0aedce8231f95082433246a23a83c838a810a3d0c9f168
Infos:

Detection

Score:23
Range:0 - 100
Whitelisted:false
Confidence:80%

Signatures

Sigma detected: Potential Persistence Via COM Hijacking From Suspicious Locations
Creates files inside the system directory
Entry point lies outside standard sections
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries information about the installed CPU (vendor, model number etc)
Sample file is different than original file name gathered from version info
Uses 32bit PE files

Classification

  • System is w10x64_ra
  • Siopel.exe (PID: 7020 cmdline: "C:\Users\user\Desktop\Siopel.exe" MD5: FDC8014D627B85EC211F282A696653B7)
  • cleanup
No configs have been found
No yara matches

System Summary

barindex
Source: Registry Key setAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Details: C:\Users\user\Desktop\Siopel.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\Desktop\Siopel.exe, ProcessId: 7020, TargetObject: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{380BFC1D-3E4F-41DD-ACBD-CE03C2E4923D}\LocalServer32\(Default)
No Suricata rule has matched

Click to jump to signature section

Show All Signature Results
Source: Siopel.exeStatic PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://fastmm.sourceforge.net).
Source: Siopel.exe, 00000005.00000002.2388756843.00000000015C2000.00000004.00000001.01000000.00000004.sdmp, Siopel.exe, 00000005.00000003.1285763715.0000000004166000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.mae.com.ar
Source: Siopel.exe, 00000005.00000003.1285763715.0000000004707000.00000004.00001000.00020000.00000000.sdmp, Siopel.exe, 00000005.00000002.2388756843.0000000001B63000.00000004.00000001.01000000.00000004.sdmpString found in binary or memory: http://www.qusoft.com
Source: Siopel.exe, 00000005.00000002.2388263506.0000000000D34000.00000004.00000001.01000000.00000004.sdmp, Siopel.exe, 00000005.00000003.1284176551.0000000003980000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.winimage.com/zLibDll
Source: Siopel.exe, 00000005.00000002.2388263506.0000000000D34000.00000004.00000001.01000000.00000004.sdmp, Siopel.exe, 00000005.00000003.1284176551.0000000003980000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://www.winimage.com/zLibDll-1.2.3rbr
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/Jcl8087.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclAnsiStrings.
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclBase.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclCharsets.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclDateTime.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclFileUtils.pa
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclIniFiles.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclLogic.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclMath.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclMime.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclRTTI.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclResources.pa
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStreams.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStringConver
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStrings.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSynch.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSysInfo.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSysUtils.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclUnicode.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclUnitVersioni
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclWideStrings.
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclConsole.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclRegistry.pa
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclSecurity.pa
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclShell.pas
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclWin32.pas
Source: C:\Users\user\Desktop\Siopel.exeFile created: C:\Windows\SIOPEL.INIJump to behavior
Source: Siopel.exeStatic PE information: Number of sections : 11 > 10
Source: Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilename vs Siopel.exe
Source: Siopel.exeStatic PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
Source: Siopel.exeStatic PE information: Section: .reloc IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
Source: Siopel.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESERVED size: 0x100000 address: 0x0
Source: Siopel.exeStatic PE information: Section: DATA ZLIB complexity 0.9942132318773235
Source: Siopel.exeStatic PE information: Section: .idata ZLIB complexity 0.9939778645833334
Source: classification engineClassification label: sus23.winEXE@1/2@0/1
Source: C:\Users\user\Desktop\Siopel.exeFile created: C:\Users\user\Desktop\_PruebaAccesoJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeMutant created: \Sessions\1\BaseNamedObjects\MutexNPA_UnitVersioning_7020
Source: C:\Users\user\Desktop\Siopel.exeFile created: C:\Users\user\AppData\Local\Temp\TRADE_0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeFile read: C:\Windows\SIOPEL.INIJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeFile read: C:\Users\user\Desktop\Siopel.exeJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: wsock32.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: oledlg.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: winmm.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: avicap32.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: msvfw32.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: olepro32.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: msimg32.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: sxs.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: winmmbase.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: mmdevapi.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: devobj.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: ksuser.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: avrt.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: audioses.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: msacm32.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: midimap.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: napinsp.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: pnrpnsp.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: wshbth.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: winrnr.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeFile written: C:\Windows\SIOPEL.INIJump to behavior
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: Siopel.exeStatic file information: File size 7617536 > 1048576
Source: Siopel.exeStatic PE information: Raw size of CODE is bigger than: 0x100000 < 0x2e8400
Source: Siopel.exeStatic PE information: Raw size of .rsrc is bigger than: 0x100000 < 0x435e00
Source: initial sampleStatic PE information: section where entry point is pointing to: .aspack
Source: Siopel.exeStatic PE information: section name: .aspack
Source: Siopel.exeStatic PE information: section name: .adata
Source: C:\Users\user\Desktop\Siopel.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Siopel.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: Siopel.exe, 00000005.00000002.2407084724.0000000001D54000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
Source: C:\Users\user\Desktop\Siopel.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
DLL Side-Loading
1
DLL Side-Loading
11
Masquerading
OS Credential Dumping1
Security Software Discovery
Remote ServicesData from Local SystemData ObfuscationExfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
Software Packing
LSASS Memory2
File and Directory Discovery
Remote Desktop ProtocolData from Removable MediaJunk DataExfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
DLL Side-Loading
Security Account Manager11
System Information Discovery
SMB/Windows Admin SharesData from Network Shared DriveSteganographyAutomated ExfiltrationData Encrypted for Impact
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand
SourceDetectionScannerLabelLink
Siopel.exe3%ReversingLabs
No Antivirus matches
No Antivirus matches
No Antivirus matches
SourceDetectionScannerLabelLink
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclConsole.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStrings.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclIniFiles.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclBase.pas0%Avira URL Cloudsafe
http://www.qusoft.com0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclFileUtils.pa0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSynch.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclResources.pa0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclLogic.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclRegistry.pa0%Avira URL Cloudsafe
http://www.winimage.com/zLibDll-1.2.3rbr0%Avira URL Cloudsafe
http://fastmm.sourceforge.net).0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSysInfo.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclMime.pas0%Avira URL Cloudsafe
http://www.mae.com.ar0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclUnitVersioni0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclMath.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSysUtils.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStreams.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclWin32.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclCharsets.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclDateTime.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStringConver0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclRTTI.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/Jcl8087.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclUnicode.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclWideStrings.0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclAnsiStrings.0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclShell.pas0%Avira URL Cloudsafe
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclSecurity.pa0%Avira URL Cloudsafe
No contacted domains info
NameSourceMaliciousAntivirus DetectionReputation
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclFileUtils.paSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclIniFiles.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSynch.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
http://www.qusoft.comSiopel.exe, 00000005.00000003.1285763715.0000000004707000.00000004.00001000.00020000.00000000.sdmp, Siopel.exe, 00000005.00000002.2388756843.0000000001B63000.00000004.00000001.01000000.00000004.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclConsole.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclBase.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclResources.paSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclRegistry.paSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclLogic.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStrings.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSysInfo.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclMime.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
http://www.winimage.com/zLibDll-1.2.3rbrSiopel.exe, 00000005.00000002.2388263506.0000000000D34000.00000004.00000001.01000000.00000004.sdmp, Siopel.exe, 00000005.00000003.1284176551.0000000003980000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
http://www.mae.com.arSiopel.exe, 00000005.00000002.2388756843.00000000015C2000.00000004.00000001.01000000.00000004.sdmp, Siopel.exe, 00000005.00000003.1285763715.0000000004166000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclMath.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
http://fastmm.sourceforge.net).Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclUnitVersioniSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStreams.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclSysUtils.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclWin32.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclCharsets.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclDateTime.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclUnicode.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
  • Avira URL Cloud: safe
unknown
http://www.winimage.com/zLibDllSiopel.exe, 00000005.00000002.2388263506.0000000000D34000.00000004.00000001.01000000.00000004.sdmp, Siopel.exe, 00000005.00000003.1284176551.0000000003980000.00000004.00001000.00020000.00000000.sdmpfalse
    high
    https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclRTTI.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    unknown
    https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/Jcl8087.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    unknown
    https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclShell.pasSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    unknown
    https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclStringConverSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    unknown
    https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclWideStrings.Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    unknown
    https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/windows/JclSecurity.paSiopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    unknown
    https://jcl.svn.sourceforge.net/svnroot/jcl/tags/JCL-2.1-Build3536/jcl/source/common/JclAnsiStrings.Siopel.exe, 00000005.00000003.1280823541.0000000003A40000.00000004.00001000.00020000.00000000.sdmpfalse
    • Avira URL Cloud: safe
    unknown
    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs
    IPDomainCountryFlagASNASN NameMalicious
    IP
    127.0.0.1
    Joe Sandbox version:41.0.0 Charoite
    Analysis ID:1559580
    Start date and time:2024-11-20 17:26:05 +01:00
    Joe Sandbox product:CloudBasic
    Overall analysis duration:0h 4m 26s
    Hypervisor based Inspection enabled:false
    Report type:full
    Cookbook file name:defaultwindowsinteractivecookbook.jbs
    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
    Number of analysed new started processes analysed:15
    Number of new started drivers analysed:0
    Number of existing processes analysed:0
    Number of existing drivers analysed:0
    Number of injected processes analysed:0
    Technologies:
    • HCA enabled
    • EGA enabled
    • AMSI enabled
    Analysis Mode:default
    Analysis stop reason:Timeout
    Sample name:Siopel.exe
    Detection:SUS
    Classification:sus23.winEXE@1/2@0/1
    EGA Information:Failed
    HCA Information:
    • Successful, ratio: 100%
    • Number of executed functions: 2
    • Number of non-executed functions: 0
    Cookbook Comments:
    • Found application associated with file extension: .exe
    • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
    • Excluded domains from analysis (whitelisted): www.bing.com, fs.microsoft.com, slscr.update.microsoft.com, login.live.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
    • Execution Graph export aborted for target Siopel.exe, PID 7020 because it is empty
    • Not all processes where analyzed, report is missing behavior information
    • Reached maximum number of file to list during submission archive extraction
    • Report size getting too big, too many NtQueryValueKey calls found.
    • VT rate limit hit for: Siopel.exe
    No simulations
    No context
    No context
    No context
    No context
    No context
    Process:C:\Users\user\Desktop\Siopel.exe
    File Type:ASCII text, with CRLF line terminators
    Category:dropped
    Size (bytes):9
    Entropy (8bit):3.169925001442312
    Encrypted:false
    SSDEEP:3:rkn:rkn
    MD5:66DC17313BC3F7E4103E4703B9CF08B3
    SHA1:A4E04A957AEF009F30F84D92E281406FE5405141
    SHA-256:8CDF20CF398C7344AE888D7FACA0E5D83A2599CC9C50CB244CAEF0D4AA435D15
    SHA-512:FFA4F7D914FFB001322B4781844BB49D4B9CE3F54A76747F41CFB4F867F947090EC1F7F56CC72439D8694935ED13266F4B3D764ABF500799D66C862C84A66F70
    Malicious:false
    Reputation:low
    Preview:Prueba!..
    Process:C:\Users\user\Desktop\Siopel.exe
    File Type:Generic INItialization configuration [Negociacion]
    Category:dropped
    Size (bytes):124
    Entropy (8bit):4.900989004502707
    Encrypted:false
    SSDEEP:3:1MKfiAVLyxSiOcjbEGtRqVKHEBQovztsWfovkEEGTG/Y1ov:GXAVLy3q8oQydgr1y
    MD5:21359AF55419E998258C9904E0F2D1D6
    SHA1:0A60303B9F17D6C3936C03B638D0FE030E63892B
    SHA-256:C901D120662EB4F653458FEF929AE572554154320AB5E7E151242F42A38E8DBC
    SHA-512:550D014DA804AC8235FAF0F3607C58B282CCFF39C5C1DD7C713440F38999AE1E388246472A09F200E27A418EEC08DBF776E73C30F2BA489E449A1A3747CB09AF
    Malicious:false
    Reputation:low
    Preview:[ConfiguracionN]..SkinDefault=SiopelV830.skn..[Negociacion]..CarpetasTempBorradas=SI..Version=3846..Error actualizacion=Ok..
    File type:PE32 executable (GUI) Intel 80386, for MS Windows
    Entropy (8bit):7.98715649506092
    TrID:
    • Win32 Executable (generic) a (10002005/4) 99.53%
    • Win32 EXE PECompact compressed (generic) (41571/9) 0.41%
    • Win16/32 Executable Delphi generic (2074/23) 0.02%
    • Generic Win/DOS Executable (2004/3) 0.02%
    • DOS Executable Generic (2002/1) 0.02%
    File name:Siopel.exe
    File size:7'617'536 bytes
    MD5:fdc8014d627b85ec211f282a696653b7
    SHA1:49a850bff30eedbc04a34fd3f6479225726d0377
    SHA256:73b1da090537fc3acb0aedce8231f95082433246a23a83c838a810a3d0c9f168
    SHA512:68b9e68c626034ea70fda9ac892c1735deb654943db2e9d1c3a3ce8d3644b590c893e4428376d9ed01b86a20f7e3f2218ed62cf0a88f9b715460902e8091a6be
    SSDEEP:196608:PUK1TZW1q/9OQNgjrf5l+XMPPkgtq8vMqNW84U:RTZQq96l+XMPPkf8kqNWK
    TLSH:9776333372EAC025D004FA780F89C2545B5A70E984D646ABF15C7E9FCA73AECA1535BC
    File Content Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7.......................................................................................................................................
    Icon Hash:18030c3c136f4f41
    Entrypoint:0x1beb001
    Entrypoint Section:.aspack
    Digitally signed:false
    Imagebase:0x400000
    Subsystem:windows gui
    Image File Characteristics:EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI
    DLL Characteristics:
    Time Stamp:0x2A425E19 [Fri Jun 19 22:22:17 1992 UTC]
    TLS Callbacks:
    CLR (.Net) Version:
    OS Version Major:4
    OS Version Minor:0
    File Version Major:4
    File Version Minor:0
    Subsystem Version Major:4
    Subsystem Version Minor:0
    Import Hash:acad26d1ba90cd969f71bb50d80157e0
    Instruction
    pushad
    call 00007FEE288A4708h
    jmp 00007FEE6DE74BF0h
    push ebp
    ret
    call 00007FEE288A4706h
    jmp 00007FEE288A475Fh
    mov ebx, FFFFFFEDh
    add ebx, ebp
    sub ebx, 017EB000h
    cmp dword ptr [ebp+00000422h], 00000000h
    mov dword ptr [ebp+00000422h], ebx
    jne 00007FEE288A4A6Bh
    lea eax, dword ptr [ebp+0000042Eh]
    push eax
    call dword ptr [ebp+00000F4Dh]
    mov dword ptr [ebp+00000426h], eax
    mov edi, eax
    lea ebx, dword ptr [ebp+5Eh]
    push ebx
    push eax
    call dword ptr [ebp+00000F49h]
    mov dword ptr [ebp+0000054Dh], eax
    lea ebx, dword ptr [ebp+6Bh]
    push ebx
    push edi
    call dword ptr [ebp+00000F49h]
    mov dword ptr [ebp+00000551h], eax
    lea eax, dword ptr [ebp+77h]
    jmp eax
    push esi
    imul esi, dword ptr [edx+74h], 416C6175h
    insb
    insb
    outsd
    arpl word ptr [eax], ax
    push esi
    imul esi, dword ptr [edx+74h], 466C6175h
    jc 00007FEE288A4767h
    add byte ptr [ebx+0005319Dh], cl
    add byte ptr [ebx], cl
    NameVirtual AddressVirtual Size Is in Section
    IMAGE_DIRECTORY_ENTRY_EXPORT0x9840000x2ed.edata
    IMAGE_DIRECTORY_ENTRY_IMPORT0x17ebfac0x5f0.aspack
    IMAGE_DIRECTORY_ENTRY_RESOURCE0xa110000xdd9600.rsrc
    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
    IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
    IMAGE_DIRECTORY_ENTRY_BASERELOC0x17ebf540x8.aspack
    IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
    IMAGE_DIRECTORY_ENTRY_TLS0x17ebf3c0x18.aspack
    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
    IMAGE_DIRECTORY_ENTRY_IAT0x00x0
    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x100000
    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
    CODE0x10000x9330000x2e84005051058520f82920026455f2dcdf5c5dunknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    DATA0x9340000x3d0000x21a00675c5a025b3a6791403b9f4058533119False0.9942132318773235data7.996877231407539IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    BSS0x9710000xe0000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    .idata0x97f0000x50000x1800493fdf8562ab1ea37642bb0148366899False0.9939778645833334data7.947608021499819IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    .edata0x9840000x10000x4005a8f1ef15a7117f4e70693b3fbf787d2False0.3623046875data4.406973811340517IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    .tls0x9850000x10000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    .rdata0x9860000x10000x20035e26e811425f8a5bfec02f5fcd44cfdFalse0.0546875data0.2147325177871819IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    .reloc0x9870000x8a0000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    .rsrc0xa110000xdda0000x435e00140aae48851f4a2a1d01c36b5b4d0984unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    .aspack0x17eb0000x20000x1e00f748fd0fe3e898ec8f39827691ae5751False0.51015625data5.43042200597361IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    .adata0x17ed0000x10000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
    NameRVASizeTypeLanguageCountryZLIB Complexity
    AVI0xa250040x1b62RIFF (little-endian) data, AVI, 48 x 48, 5.00 fps, video: uncompressed RLE 8bpp0.20542082738944364
    GIF0xa26b680x18f93GIF image data, version 89a, 72 x 720.9460265321484783
    GIF0xa3fafc0x9b9bGIF image data, version 89a, 32 x 320.8268608008033137
    GIF0xa496980x1a820GIF image data, version 89a, 72 x 720.8147564839375184
    GIF0xa63eb80x10735GIF image data, version 89a, 32 x 320.5128745492052655
    GIF0xa745f00x996dGIF image data, version 89a, 75 x 750.5608371311454541
    GIF0xa7df600xa02bGIF image data, version 87a, 84 x 840.9769529058849352
    RTF0xa87f8c0xdfe4Rich Text Format data, version 1, ANSI, code page 1252, default language ID 112740.06120455021285505
    TYPELIB0xa95f700x6118data0.37085613131638234
    UNICODEDATA0xa9c0880xedc0dataFrenchFrance0.9768993165089379
    UNICODEDATA0xaaae480x7870dataFrenchFrance1.0005189413596263
    UNICODEDATA0xab26b80x8d8dataFrenchFrance1.0048586572438163
    UNICODEDATA0xab2f900x3e84dataFrenchFrance1.000687328167958
    UNICODEDATA0xab6e140x7498dataFrenchFrance1.0005360493165372
    UNICODEDATA0xabe2ac0x20a0dataFrenchFrance1.0013170498084292
    RT_CURSOR0xac034c0x134data1.0357142857142858
    RT_CURSOR0xac04800x134data1.0357142857142858
    RT_CURSOR0xac05b40x134data1.0357142857142858
    RT_CURSOR0xac06e80x134dataSpanishArgentina1.0357142857142858
    RT_CURSOR0xac081c0x134data1.0357142857142858
    RT_CURSOR0xac09500x134data1.0357142857142858
    RT_CURSOR0xac0a840x134data1.0357142857142858
    RT_CURSOR0xac0bb80x134dataGermanGermany1.0357142857142858
    RT_CURSOR0xac0cec0x134dataGermanGermany1.0357142857142858
    RT_CURSOR0xac0e200x134dataSpanishArgentina1.0357142857142858
    RT_CURSOR0xac0f540x134dataSpanishArgentina1.0357142857142858
    RT_CURSOR0xac10880x134dataSpanishArgentina1.0357142857142858
    RT_CURSOR0xac11bc0x134data1.0357142857142858
    RT_CURSOR0xac12f00x134data1.0357142857142858
    RT_CURSOR0xac14240x134dataSpanishArgentina1.0357142857142858
    RT_CURSOR0xac15580x134dataSpanishArgentina1.0357142857142858
    RT_CURSOR0xac168c0x134data1.0357142857142858
    RT_CURSOR0xac17c00x134data1.0357142857142858
    RT_BITMAP0xac18f40x1d0data1.0237068965517242
    RT_BITMAP0xac1ac40x1e4data1.0227272727272727
    RT_BITMAP0xac1ca80x1d0data1.0237068965517242
    RT_BITMAP0xac1e780x1d0data1.0237068965517242
    RT_BITMAP0xac20480x1d0data1.0237068965517242
    RT_BITMAP0xac22180x1d0data1.0237068965517242
    RT_BITMAP0xac23e80x1d0OpenPGP Public Key1.0237068965517242
    RT_BITMAP0xac25b80x1d0data1.0237068965517242
    RT_BITMAP0xac27880x1d0data1.0237068965517242
    RT_BITMAP0xac29580x1d0data1.0237068965517242
    RT_BITMAP0xac2b280x5cdata1.1195652173913044
    RT_BITMAP0xac2b840x5cdata1.1195652173913044
    RT_BITMAP0xac2be00x5cdata1.1195652173913044
    RT_BITMAP0xac2c3c0x5cdata1.1195652173913044
    RT_BITMAP0xac2c980x5cdata1.1195652173913044
    RT_BITMAP0xac2cf40x138data1.0352564102564104
    RT_BITMAP0xac2e2c0x628data1.006979695431472
    RT_BITMAP0xac34540x138data1.0352564102564104
    RT_BITMAP0xac358c0x628data1.006979695431472
    RT_BITMAP0xac3bb40x138data1.0352564102564104
    RT_BITMAP0xac3cec0x628data1.006979695431472
    RT_BITMAP0xac43140x138data1.0352564102564104
    RT_BITMAP0xac444c0x628data1.006979695431472
    RT_BITMAP0xac4a740x138data1.0352564102564104
    RT_BITMAP0xac4bac0x628data1.006979695431472
    RT_BITMAP0xac51d40x138data1.0352564102564104
    RT_BITMAP0xac530c0x628data1.006979695431472
    RT_BITMAP0xac59340x104data1.0423076923076924
    RT_BITMAP0xac5a380x628data1.006979695431472
    RT_BITMAP0xac60600x138Dyalog APL version 76.1011.0352564102564104
    RT_BITMAP0xac61980x628data1.006979695431472
    RT_BITMAP0xac67c00x104data1.0423076923076924
    RT_BITMAP0xac68c40x628data1.006979695431472
    RT_BITMAP0xac6eec0x138data1.0352564102564104
    RT_BITMAP0xac70240x628data1.006979695431472
    RT_BITMAP0xac764c0x528data1.0083333333333333
    RT_BITMAP0xac7b740xc0dataRussianRussia1.0572916666666667
    RT_BITMAP0xac7c340xc0dataRussianRussia1.0572916666666667
    RT_BITMAP0xac7cf40x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xac821c0x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xac87440x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xac8c6c0x568dataRussianRussia1.0079479768786128
    RT_BITMAP0xac91d40x668dataRussianRussia1.0067073170731706
    RT_BITMAP0xac983c0xe8dataRussianRussia1.0474137931034482
    RT_BITMAP0xac99240x528data1.0083333333333333
    RT_BITMAP0xac9e4c0x518data1.008435582822086
    RT_BITMAP0xaca3640x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xaca88c0x518data1.008435582822086
    RT_BITMAP0xacada40x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xacb2cc0x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xacb7f40x528data1.0083333333333333
    RT_BITMAP0xacbd1c0x528data1.0083333333333333
    RT_BITMAP0xacc2440xa8data1.0654761904761905
    RT_BITMAP0xacc2ec0x134data1.0357142857142858
    RT_BITMAP0xacc4200x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xacc9480x668dataRussianRussia1.0067073170731706
    RT_BITMAP0xaccfb00x528data1.0083333333333333
    RT_BITMAP0xacd4d80x528data1.0083333333333333
    RT_BITMAP0xacda000x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xacdf280x528data1.0083333333333333
    RT_BITMAP0xace4500x17edataRussianRussia1.0287958115183247
    RT_BITMAP0xace5d00x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xaceaf80x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xacf0200x518data1.008435582822086
    RT_BITMAP0xacf5380x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xacfa600x17edataRussianRussia1.0287958115183247
    RT_BITMAP0xacfbe00x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xad01080xc0data1.0572916666666667
    RT_BITMAP0xad01c80x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xad06f00x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xad0c180x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xad11400x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xad16680x528dataRussianRussia1.0083333333333333
    RT_BITMAP0xad1b900x90data1.0763888888888888
    RT_BITMAP0xad1c200x11cdata1.0387323943661972
    RT_BITMAP0xad1d3c0x2a4data1.0162721893491125
    RT_BITMAP0xad1fe00xc0data1.0572916666666667
    RT_BITMAP0xad20a00x128data1.037162162162162
    RT_BITMAP0xad21c80xe0dataSpanishArgentina1.0491071428571428
    RT_BITMAP0xad22a80x7b8data1.0055668016194332
    RT_BITMAP0xad2a600xe0data1.0491071428571428
    RT_BITMAP0xad2b400x128data1.037162162162162
    RT_BITMAP0xad2c680x128data1.037162162162162
    RT_BITMAP0xad2d900x128data1.037162162162162
    RT_BITMAP0xad2eb80xe8data1.0474137931034482
    RT_BITMAP0xad2fa00x128data1.037162162162162
    RT_BITMAP0xad30c80x128data1.037162162162162
    RT_BITMAP0xad31f00xd0OpenPGP Public Key1.0528846153846154
    RT_BITMAP0xad32c00x128data1.037162162162162
    RT_BITMAP0xad33e80x128data1.037162162162162
    RT_BITMAP0xad35100xe0data1.0491071428571428
    RT_BITMAP0xad35f00x5cdata1.1195652173913044
    RT_BITMAP0xad364c0x5cdata1.1195652173913044
    RT_BITMAP0xad36a80x5cdata1.1195652173913044
    RT_BITMAP0xad37040x5cdata1.1195652173913044
    RT_BITMAP0xad37600x5cdata1.1195652173913044
    RT_BITMAP0xad37bc0x138data1.0352564102564104
    RT_BITMAP0xad38f40x138data1.0352564102564104
    RT_BITMAP0xad3a2c0x138data1.0352564102564104
    RT_BITMAP0xad3b640x138data1.0352564102564104
    RT_BITMAP0xad3c9c0x138data1.0352564102564104
    RT_BITMAP0xad3dd40x138data1.0352564102564104
    RT_BITMAP0xad3f0c0x104data1.0423076923076924
    RT_BITMAP0xad40100x138data1.0352564102564104
    RT_BITMAP0xad41480x104data1.0423076923076924
    RT_BITMAP0xad424c0x138data1.0352564102564104
    RT_BITMAP0xad43840x128data1.037162162162162
    RT_BITMAP0xad44ac0xf8data1.0443548387096775
    RT_BITMAP0xad45a40x128data1.037162162162162
    RT_BITMAP0xad46cc0x128data1.037162162162162
    RT_BITMAP0xad47f40x128data1.037162162162162
    RT_BITMAP0xad491c0xe8data1.0474137931034482
    RT_BITMAP0xad4a040x128data1.037162162162162
    RT_BITMAP0xad4b2c0x128data1.037162162162162
    RT_BITMAP0xad4c540xd0data1.0528846153846154
    RT_BITMAP0xad4d240x128data1.037162162162162
    RT_BITMAP0xad4e4c0x128data1.037162162162162
    RT_BITMAP0xad4f740xe8data1.0474137931034482
    RT_BITMAP0xad505c0x528data1.0083333333333333
    RT_BITMAP0xad55840x852data1.0051643192488262
    RT_BITMAP0xad5dd80xf8data1.0443548387096775
    RT_BITMAP0xad5ed00x528data1.0083333333333333
    RT_BITMAP0xad63f80xe8data1.0474137931034482
    RT_BITMAP0xad64e00xf8data1.0443548387096775
    RT_BITMAP0xad65d80x828data1.0052681992337165
    RT_BITMAP0xad6e000xe8data1.0474137931034482
    RT_BITMAP0xad6ee80x128data1.037162162162162
    RT_BITMAP0xad70100x128data1.037162162162162
    RT_BITMAP0xad71380x128OpenPGP Public Key1.037162162162162
    RT_BITMAP0xad72600xe8data1.0474137931034482
    RT_BITMAP0xad73480x128data1.037162162162162
    RT_BITMAP0xad74700x128data1.037162162162162
    RT_BITMAP0xad75980xd0data1.0528846153846154
    RT_BITMAP0xad76680x128data1.037162162162162
    RT_BITMAP0xad77900x128data1.037162162162162
    RT_BITMAP0xad78b80xe0data1.0491071428571428
    RT_BITMAP0xad79980x88dataEnglishUnited States1.0808823529411764
    RT_BITMAP0xad7a200x90dataEnglishUnited States1.0763888888888888
    RT_BITMAP0xad7ab00x90dataEnglishUnited States1.0763888888888888
    RT_BITMAP0xad7b400x88dataEnglishUnited States1.0808823529411764
    RT_BITMAP0xad7bc80xb8dataEnglishUnited States1.059782608695652
    RT_BITMAP0xad7c800xc8dataEnglishUnited States1.055
    RT_BITMAP0xad7d480x7cdataEnglishUnited States1.0887096774193548
    RT_BITMAP0xad7dc40xc8dataEnglishUnited States1.055
    RT_BITMAP0xad7e8c0xc8dataEnglishUnited States1.055
    RT_BITMAP0xad7f540xc8dataEnglishUnited States1.055
    RT_BITMAP0xad801c0xc8data1.055
    RT_BITMAP0xad80e40xc0data1.0572916666666667
    RT_BITMAP0xad81a40xafcaadata1.0003138705797718
    RT_BITMAP0xb87e500xafca8data0.9970904394200322
    RT_BITMAP0xc37af80xafca8data0.9956099661129937
    RT_BITMAP0xce77a00xafca8data1.0000458307871785
    RT_BITMAP0xd974480xafca8data0.9963575090923247
    RT_BITMAP0xe470f00xafca8empty0
    RT_BITMAP0xef6d980xb8emptySpanishArgentina0
    RT_BITMAP0xef6e500xc0empty0
    RT_BITMAP0xef6f100xe0empty0
    RT_BITMAP0xef6ff00x4d5cempty0
    RT_BITMAP0xefbd4c0xaeempty0
    RT_BITMAP0xefbdfc0xaeempty0
    RT_BITMAP0xefbeac0xaeempty0
    RT_BITMAP0xefbf5c0x84emptySpanishArgentina0
    RT_BITMAP0xefbfe00x7cemptySpanishArgentina0
    RT_BITMAP0xefc05c0x84emptySpanishArgentina0
    RT_BITMAP0xefc0e00xaeempty0
    RT_BITMAP0xefc1900xaeempty0
    RT_BITMAP0xefc2400xaeempty0
    RT_BITMAP0xefc2f00x84emptySpanishArgentina0
    RT_BITMAP0xefc3740x7cemptySpanishArgentina0
    RT_BITMAP0xefc3f00xb8emptySpanishArgentina0
    RT_BITMAP0xefc4a80xc0empty0
    RT_BITMAP0xefc5680x48empty0
    RT_BITMAP0xefc5b00x48empty0
    RT_BITMAP0xefc5f80xe0empty0
    RT_BITMAP0xefc6d80x48empty0
    RT_BITMAP0xefc7200x48empty0
    RT_BITMAP0xefc7680xe8empty0
    RT_BITMAP0xefc8500x158empty0
    RT_BITMAP0xefc9a80x158empty0
    RT_BITMAP0xefcb000x158empty0
    RT_BITMAP0xefcc580x158empty0
    RT_BITMAP0xefcdb00x140empty0
    RT_BITMAP0xefcef00x140empty0
    RT_BITMAP0xefd0300x140empty0
    RT_BITMAP0xefd1700x158empty0
    RT_BITMAP0xefd2c80x140empty0
    RT_BITMAP0xefd4080x140empty0
    RT_BITMAP0xefd5480x140empty0
    RT_BITMAP0xefd6880x158empty0
    RT_BITMAP0xefd7e00x140empty0
    RT_BITMAP0xefd9200x140empty0
    RT_BITMAP0xefda600x158empty0
    RT_BITMAP0xefdbb80x140empty0
    RT_BITMAP0xefdcf80x140empty0
    RT_BITMAP0xefde380x158empty0
    RT_BITMAP0xefdf900x158empty0
    RT_BITMAP0xefe0e80x158empty0
    RT_BITMAP0xefe2400x158empty0
    RT_BITMAP0xefe3980x158empty0
    RT_BITMAP0xefe4f00x158empty0
    RT_BITMAP0xefe6480x158empty0
    RT_BITMAP0xefe7a00x158empty0
    RT_BITMAP0xefe8f80x158empty0
    RT_BITMAP0xefea500x158empty0
    RT_BITMAP0xefeba80x158empty0
    RT_BITMAP0xefed000x158empty0
    RT_BITMAP0xefee580x158empty0
    RT_BITMAP0xefefb00x140empty0
    RT_BITMAP0xeff0f00x158empty0
    RT_BITMAP0xeff2480x158empty0
    RT_BITMAP0xeff3a00x140empty0
    RT_BITMAP0xeff4e00x158empty0
    RT_BITMAP0xeff6380x140empty0
    RT_BITMAP0xeff7780x158empty0
    RT_BITMAP0xeff8d00x158empty0
    RT_BITMAP0xeffa280x158empty0
    RT_BITMAP0xeffb800x158empty0
    RT_BITMAP0xeffcd80x140empty0
    RT_BITMAP0xeffe180x140empty0
    RT_BITMAP0xefff580x140empty0
    RT_BITMAP0xf000980x158empty0
    RT_BITMAP0xf001f00x140empty0
    RT_BITMAP0xf003300x158empty0
    RT_BITMAP0xf004880x158empty0
    RT_BITMAP0xf005e00x158empty0
    RT_BITMAP0xf007380x140empty0
    RT_BITMAP0xf008780x140empty0
    RT_BITMAP0xf009b80x140empty0
    RT_BITMAP0xf00af80xc0empty0
    RT_BITMAP0xf00bb80x48empty0
    RT_BITMAP0xf00c000x48empty0
    RT_BITMAP0xf00c480xd0empty0
    RT_BITMAP0xf00d180xd0empty0
    RT_BITMAP0xf00de80xd0empty0
    RT_BITMAP0xf00eb80xd0empty0
    RT_BITMAP0xf00f880xd0empty0
    RT_BITMAP0xf010580xd0empty0
    RT_BITMAP0xf011280xc8empty0
    RT_BITMAP0xf011f00x88emptyEnglishUnited States0
    RT_BITMAP0xf012780x88emptyEnglishUnited States0
    RT_BITMAP0xf013000x468emptyEnglishUnited States0
    RT_BITMAP0xf017680x88emptyEnglishUnited States0
    RT_BITMAP0xf017f00x98empty0
    RT_BITMAP0xf018880x98empty0
    RT_BITMAP0xf019200x188empty0
    RT_BITMAP0xf01aa80x188emptyCatalanSpain0
    RT_BITMAP0xf01c300x188empty0
    RT_BITMAP0xf01db80x188empty0
    RT_BITMAP0xf01f400x110empty0
    RT_BITMAP0xf020500x110empty0
    RT_BITMAP0xf021600xf8empty0
    RT_BITMAP0xf022580x188empty0
    RT_BITMAP0xf023e00x188empty0
    RT_BITMAP0xf025680xe0emptySpanishArgentina0
    RT_BITMAP0xf026480xe0empty0
    RT_BITMAP0xf027280x84emptyEnglishUnited States0
    RT_BITMAP0xf027ac0x94empty0
    RT_BITMAP0xf028400x94empty0
    RT_BITMAP0xf028d40x94empty0
    RT_BITMAP0xf029680x94empty0
    RT_BITMAP0xf029fc0x94empty0
    RT_BITMAP0xf02a900x94empty0
    RT_BITMAP0xf02b240x94emptyEnglishUnited States0
    RT_BITMAP0xf02bb80x94emptyEnglishUnited States0
    RT_BITMAP0xf02c4c0x94emptyEnglishUnited States0
    RT_BITMAP0xf02ce00x94emptyEnglishUnited States0
    RT_BITMAP0xf02d740x40empty0
    RT_BITMAP0xf02db40x50emptyEnglishUnited States0
    RT_BITMAP0xf02e040x84emptyEnglishUnited States0
    RT_BITMAP0xf02e880xd8emptyEnglishUnited States0
    RT_BITMAP0xf02f600xd8emptyEnglishUnited States0
    RT_BITMAP0xf030380xc0empty0
    RT_BITMAP0xf030f80xc0empty0
    RT_BITMAP0xf031b80x140emptyEnglishUnited States0
    RT_BITMAP0xf032f80x140emptyEnglishUnited States0
    RT_BITMAP0xf034380x140emptyEnglishUnited States0
    RT_BITMAP0xf035780x140emptyEnglishUnited States0
    RT_BITMAP0xf036b80x140emptyEnglishUnited States0
    RT_BITMAP0xf037f80x140emptyEnglishUnited States0
    RT_BITMAP0xf039380x140emptyEnglishUnited States0
    RT_BITMAP0xf03a780x140emptyEnglishUnited States0
    RT_BITMAP0xf03bb80x140emptyEnglishUnited States0
    RT_BITMAP0xf03cf80x140emptyEnglishUnited States0
    RT_BITMAP0xf03e380x140emptyEnglishUnited States0
    RT_BITMAP0xf03f780x140emptyEnglishUnited States0
    RT_BITMAP0xf040b80x140emptyEnglishUnited States0
    RT_BITMAP0xf041f80x140emptyEnglishUnited States0
    RT_BITMAP0xf043380x140emptyEnglishUnited States0
    RT_BITMAP0xf044780x140emptyEnglishUnited States0
    RT_BITMAP0xf045b80x140emptyEnglishUnited States0
    RT_BITMAP0xf046f80x140emptyEnglishUnited States0
    RT_BITMAP0xf048380x140emptyEnglishUnited States0
    RT_BITMAP0xf049780x140emptyEnglishUnited States0
    RT_BITMAP0xf04ab80x140emptyEnglishUnited States0
    RT_BITMAP0xf04bf80x140emptyEnglishUnited States0
    RT_BITMAP0xf04d380x140emptyEnglishUnited States0
    RT_BITMAP0xf04e780x140emptyEnglishUnited States0
    RT_BITMAP0xf04fb80x140emptyEnglishUnited States0
    RT_BITMAP0xf050f80x140emptyEnglishUnited States0
    RT_BITMAP0xf052380x140emptyEnglishUnited States0
    RT_BITMAP0xf053780x140emptyEnglishUnited States0
    RT_BITMAP0xf054b80x140emptyEnglishUnited States0
    RT_BITMAP0xf055f80x140emptyEnglishUnited States0
    RT_BITMAP0xf057380x140emptyEnglishUnited States0
    RT_BITMAP0xf058780x140emptyEnglishUnited States0
    RT_BITMAP0xf059b80x140emptyEnglishUnited States0
    RT_BITMAP0xf05af80x140emptyEnglishUnited States0
    RT_BITMAP0xf05c380x140emptyEnglishUnited States0
    RT_BITMAP0xf05d780x140emptyEnglishUnited States0
    RT_ICON0x17ec9280x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 640SpanishArgentina0.29838709677419356
    RT_DIALOG0xf061a00x52empty0
    RT_DIALOG0xf061f40x268empty0
    RT_DIALOG0xf0645c0x540empty0
    RT_DIALOG0xf0699c0x114empty0
    RT_DIALOG0xf06ab00xb2empty0
    RT_DIALOG0xf06b640xbcempty0
    RT_DIALOG0xf06c200xc0empty0
    RT_DIALOG0xf06ce00xbcempty0
    RT_DIALOG0xf06d9c0xbcempty0
    RT_DIALOG0xf06e580xc0empty0
    RT_DIALOG0xf06f180xc0empty0
    RT_STRING0xf06fd80x4cemptyEnglishUnited States0
    RT_STRING0xf070240x10eemptyEnglishUnited States0
    RT_STRING0xf071340x6eemptyEnglishUnited States0
    RT_STRING0xf071a40xd6emptyEnglishUnited States0
    RT_STRING0xf0727c0x9cemptyEnglishUnited States0
    RT_STRING0xf073180xaeemptyEnglishUnited States0
    RT_STRING0xf073c80x98emptyEnglishUnited States0
    RT_STRING0xf074600xd0emptyEnglishUnited States0
    RT_STRING0xf075300x62emptyEnglishUnited States0
    RT_STRING0xf075940xc4emptyEnglishUnited States0
    RT_STRING0xf076580x58emptyEnglishUnited States0
    RT_STRING0xf076b00x64emptyEnglishUnited States0
    RT_STRING0xf077140x52emptyEnglishUnited States0
    RT_STRING0xf077680x328emptyEnglishUnited States0
    RT_STRING0xf07a900xaeemptyEnglishUnited States0
    RT_STRING0xf07b400x224empty0
    RT_STRING0xf07d640x336empty0
    RT_STRING0xf0809c0x27aempty0
    RT_STRING0xf083180x32eempty0
    RT_STRING0xf086480x1d8empty0
    RT_STRING0xf088200x2cempty0
    RT_STRING0xf0884c0x1acempty0
    RT_STRING0xf089f80x45cempty0
    RT_STRING0xf08e540x3d8empty0
    RT_STRING0xf0922c0x4b4empty0
    RT_STRING0xf096e00x3d0empty0
    RT_STRING0xf09ab00x414empty0
    RT_STRING0xf09ec40x364empty0
    RT_STRING0xf0a2280x2e4empty0
    RT_STRING0xf0a50c0x774empty0
    RT_STRING0xf0ac800x490empty0
    RT_STRING0xf0b1100x3d8empty0
    RT_STRING0xf0b4e80x468empty0
    RT_STRING0xf0b9500x378empty0
    RT_STRING0xf0bcc80x238empty0
    RT_STRING0xf0bf000x288empty0
    RT_STRING0xf0c1880x404empty0
    RT_STRING0xf0c58c0x3d0empty0
    RT_STRING0xf0c95c0x330empty0
    RT_STRING0xf0cc8c0x414empty0
    RT_STRING0xf0d0a00x1b4empty0
    RT_STRING0xf0d2540x288empty0
    RT_STRING0xf0d4dc0x470empty0
    RT_STRING0xf0d94c0x27cempty0
    RT_STRING0xf0dbc80x3a0empty0
    RT_STRING0xf0df680x360empty0
    RT_STRING0xf0e2c80x1acempty0
    RT_STRING0xf0e4740x2a8empty0
    RT_STRING0xf0e71c0x1f8empty0
    RT_STRING0xf0e9140x234empty0
    RT_STRING0xf0eb480x1a4empty0
    RT_STRING0xf0ecec0x278empty0
    RT_STRING0xf0ef640x1fcempty0
    RT_STRING0xf0f1600x350empty0
    RT_STRING0xf0f4b00x2e0empty0
    RT_STRING0xf0f7900x1bcempty0
    RT_STRING0xf0f94c0x320empty0
    RT_STRING0xf0fc6c0x398empty0
    RT_STRING0xf100040x510empty0
    RT_STRING0xf105140x26cempty0
    RT_STRING0xf107800x258empty0
    RT_STRING0xf109d80x3bcempty0
    RT_STRING0xf10d940x5e0empty0
    RT_STRING0xf113740x3e0empty0
    RT_STRING0xf117540x3d8empty0
    RT_STRING0xf11b2c0x360empty0
    RT_STRING0xf11e8c0x470empty0
    RT_STRING0xf122fc0x57cempty0
    RT_STRING0xf128780x480empty0
    RT_STRING0xf12cf80x4ccempty0
    RT_STRING0xf131c40x268empty0
    RT_STRING0xf1342c0x22cempty0
    RT_STRING0xf136580x1bcempty0
    RT_STRING0xf138140x268empty0
    RT_STRING0xf13a7c0x4a8empty0
    RT_STRING0xf13f240x3bcempty0
    RT_STRING0xf142e00x5fcempty0
    RT_STRING0xf148dc0x1acempty0
    RT_STRING0xf14a880x584empty0
    RT_STRING0xf1500c0x48cempty0
    RT_STRING0xf154980x2acempty0
    RT_STRING0xf157440x428empty0
    RT_STRING0xf15b6c0x268empty0
    RT_STRING0xf15dd40x330empty0
    RT_STRING0xf161040x204empty0
    RT_STRING0xf163080x1f0empty0
    RT_STRING0xf164f80x1e0empty0
    RT_STRING0xf166d80x720empty0
    RT_STRING0xf16df80xc4cempty0
    RT_STRING0xf17a440x750empty0
    RT_STRING0xf181940x398empty0
    RT_STRING0xf1852c0x450empty0
    RT_STRING0xf1897c0x260empty0
    RT_STRING0xf18bdc0x4acempty0
    RT_STRING0xf190880x150empty0
    RT_STRING0xf191d80x168empty0
    RT_STRING0xf193400x1bcempty0
    RT_STRING0xf194fc0x260empty0
    RT_STRING0xf1975c0x3b0empty0
    RT_STRING0xf19b0c0x348empty0
    RT_STRING0xf19e540x39cempty0
    RT_STRING0xf1a1f00x164empty0
    RT_STRING0xf1a3540x178empty0
    RT_STRING0xf1a4cc0x6a8empty0
    RT_STRING0xf1ab740x440empty0
    RT_STRING0xf1afb40x3d0empty0
    RT_STRING0xf1b3840x1f0empty0
    RT_STRING0xf1b5740x498empty0
    RT_STRING0xf1ba0c0x4a0empty0
    RT_STRING0xf1beac0x258empty0
    RT_STRING0xf1c1040x618empty0
    RT_STRING0xf1c71c0x380empty0
    RT_STRING0xf1ca9c0x574empty0
    RT_STRING0xf1d0100x398empty0
    RT_STRING0xf1d3a80x4bcempty0
    RT_STRING0xf1d8640x4d8empty0
    RT_STRING0xf1dd3c0x488empty0
    RT_STRING0xf1e1c40x424empty0
    RT_STRING0xf1e5e80x4c0empty0
    RT_STRING0xf1eaa80x2a0empty0
    RT_STRING0xf1ed480x11cempty0
    RT_STRING0xf1ee640x170empty0
    RT_STRING0xf1efd40x44cempty0
    RT_STRING0xf1f4200x238empty0
    RT_STRING0xf1f6580x3a0empty0
    RT_STRING0xf1f9f80x414empty0
    RT_STRING0xf1fe0c0x164empty0
    RT_STRING0xf1ff700x14cempty0
    RT_STRING0xf200bc0x374empty0
    RT_STRING0xf204300x41cempty0
    RT_STRING0xf2084c0x1d4empty0
    RT_STRING0xf20a200x520empty0
    RT_STRING0xf20f400x2e4empty0
    RT_STRING0xf212240x270empty0
    RT_STRING0xf214940x430empty0
    RT_STRING0xf218c40x2b0empty0
    RT_STRING0xf21b740x1acempty0
    RT_STRING0xf21d200x178empty0
    RT_STRING0xf21e980x280empty0
    RT_STRING0xf221180x2e8empty0
    RT_STRING0xf224000x5dcempty0
    RT_STRING0xf229dc0x3d4empty0
    RT_STRING0xf22db00x2dcempty0
    RT_STRING0xf2308c0x484empty0
    RT_STRING0xf235100x538empty0
    RT_STRING0xf23a480x454empty0
    RT_STRING0xf23e9c0x4f8empty0
    RT_STRING0xf243940x600empty0
    RT_STRING0xf249940x4e0empty0
    RT_STRING0xf24e740x458empty0
    RT_STRING0xf252cc0x554empty0
    RT_STRING0xf258200x460empty0
    RT_STRING0xf25c800x904empty0
    RT_STRING0xf265840x448empty0
    RT_STRING0xf269cc0x2fcempty0
    RT_STRING0xf26cc80x2bcempty0
    RT_STRING0xf26f840x498empty0
    RT_STRING0xf2741c0x27cempty0
    RT_STRING0xf276980x204empty0
    RT_STRING0xf2789c0x138empty0
    RT_STRING0xf279d40x134empty0
    RT_STRING0xf27b080x1f8empty0
    RT_STRING0xf27d000x40cempty0
    RT_STRING0xf2810c0x818empty0
    RT_STRING0xf289240x8d4empty0
    RT_STRING0xf291f80x7bcempty0
    RT_STRING0xf299b40x988empty0
    RT_STRING0xf2a33c0xa08empty0
    RT_STRING0xf2ad440x40cempty0
    RT_STRING0xf2b1500x164empty0
    RT_STRING0xf2b2b40x174empty0
    RT_STRING0xf2b4280x144empty0
    RT_STRING0xf2b56c0x138empty0
    RT_STRING0xf2b6a40x33cempty0
    RT_STRING0xf2b9e00x318empty0
    RT_STRING0xf2bcf80x524empty0
    RT_STRING0xf2c21c0x97cempty0
    RT_STRING0xf2cb980x3d8empty0
    RT_STRING0xf2cf700x36cempty0
    RT_STRING0xf2d2dc0x494empty0
    RT_STRING0xf2d7700x2ecempty0
    RT_STRING0xf2da5c0x2a0empty0
    RT_STRING0xf2dcfc0x2e8empty0
    RT_STRING0xf2dfe40x28cempty0
    RT_STRING0xf2e2700x348empty0
    RT_STRING0xf2e5b80x3bcempty0
    RT_STRING0xf2e9740x444empty0
    RT_STRING0xf2edb80x2bcempty0
    RT_STRING0xf2f0740x2bcempty0
    RT_STRING0xf2f3300x2e4empty0
    RT_STRING0xf2f6140x368empty0
    RT_STRING0xf2f97c0x2e0empty0
    RT_STRING0xf2fc5c0x2ecempty0
    RT_STRING0xf2ff480x26cempty0
    RT_STRING0xf301b40x300empty0
    RT_STRING0xf304b40x21cempty0
    RT_STRING0xf306d00x268empty0
    RT_STRING0xf309380x2b0empty0
    RT_STRING0xf30be80x270empty0
    RT_STRING0xf30e580x484empty0
    RT_STRING0xf312dc0x2e0empty0
    RT_STRING0xf315bc0x360empty0
    RT_STRING0xf3191c0x26cempty0
    RT_STRING0xf31b880x2d4empty0
    RT_STRING0xf31e5c0x2e4empty0
    RT_STRING0xf321400x220empty0
    RT_STRING0xf323600x2f8empty0
    RT_STRING0xf326580x5c4empty0
    RT_STRING0xf32c1c0x4f0empty0
    RT_STRING0xf3310c0x5f0empty0
    RT_STRING0xf336fc0x2c4empty0
    RT_STRING0xf339c00x1a8empty0
    RT_STRING0xf33b680x1acempty0
    RT_STRING0xf33d140x1dcempty0
    RT_STRING0xf33ef00x248empty0
    RT_STRING0xf341380x1a4empty0
    RT_STRING0xf342dc0x17cempty0
    RT_STRING0xf344580x140empty0
    RT_STRING0xf345980x180empty0
    RT_STRING0xf347180x158empty0
    RT_STRING0xf348700x158empty0
    RT_STRING0xf349c80x134empty0
    RT_STRING0xf34afc0x14cempty0
    RT_STRING0xf34c480x118empty0
    RT_STRING0xf34d600x208empty0
    RT_STRING0xf34f680x340empty0
    RT_STRING0xf352a80x3c0empty0
    RT_STRING0xf356680x3a4empty0
    RT_STRING0xf35a0c0x32cempty0
    RT_STRING0xf35d380x414empty0
    RT_STRING0xf3614c0x2d0empty0
    RT_STRING0xf3641c0x4ecempty0
    RT_STRING0xf369080x570empty0
    RT_STRING0xf36e780x5a4empty0
    RT_STRING0xf3741c0x5dcempty0
    RT_STRING0xf379f80x378empty0
    RT_STRING0xf37d700x488empty0
    RT_STRING0xf381f80x464empty0
    RT_STRING0xf3865c0x4d4empty0
    RT_STRING0xf38b300x598empty0
    RT_STRING0xf390c80x434empty0
    RT_STRING0xf394fc0x408empty0
    RT_STRING0xf399040x1e0empty0
    RT_STRING0xf39ae40x198empty0
    RT_STRING0xf39c7c0x158empty0
    RT_STRING0xf39dd40x444empty0
    RT_STRING0xf3a2180x1c4empty0
    RT_STRING0xf3a3dc0xe8empty0
    RT_STRING0xf3a4c40x2d8empty0
    RT_STRING0xf3a79c0x270empty0
    RT_STRING0xf3aa0c0x370empty0
    RT_STRING0xf3ad7c0x410empty0
    RT_STRING0xf3b18c0x3ccempty0
    RT_STRING0xf3b5580x270empty0
    RT_STRING0xf3b7c80x1fcempty0
    RT_STRING0xf3b9c40xf0empty0
    RT_STRING0xf3bab40xc0empty0
    RT_STRING0xf3bb740x318empty0
    RT_STRING0xf3be8c0x4fcempty0
    RT_STRING0xf3c3880x330empty0
    RT_STRING0xf3c6b80x2a0empty0
    RT_STRING0xf3c9580x3fcempty0
    RT_STRING0xf3cd540x358empty0
    RT_STRING0xf3d0ac0x3c0empty0
    RT_STRING0xf3d46c0x478empty0
    RT_RCDATA0xf3d8e40x10empty0
    RT_RCDATA0xf3d8f40x3ab8empty0
    RT_RCDATA0xf413ac0x1a60empty0
    RT_RCDATA0xf42e0c0xf6empty0
    RT_RCDATA0xf42f040xf6empty0
    RT_RCDATA0xf42ffc0xf6empty0
    RT_RCDATA0xf430f40x23cempty0
    RT_RCDATA0xf433300xf6empty0
    RT_RCDATA0xf434280xf6empty0
    RT_RCDATA0xf435200xf8empty0
    RT_RCDATA0xf436180x2d9empty0
    RT_RCDATA0xf438f40x14emptySpanishArgentina0
    RT_RCDATA0xf439080x79empty0
    RT_RCDATA0xf439840x227empty0
    RT_RCDATA0xf43bac0xc5empty0
    RT_RCDATA0xf43c740x8bempty0
    RT_RCDATA0xf43d000x7b17empty0
    RT_RCDATA0xf4b8180x275dempty0
    RT_RCDATA0xf4df780x488aempty0
    RT_RCDATA0xf528040x139bempty0
    RT_RCDATA0xf53ba00x4f38empty0
    RT_RCDATA0xf58ad80x3d0eempty0
    RT_RCDATA0xf5c7e80x12c0empty0
    RT_RCDATA0xf5daa80x1dd1empty0
    RT_RCDATA0xf5f87c0x2292empty0
    RT_RCDATA0xf61b100xc3empty0
    RT_RCDATA0xf61bd40x7fempty0
    RT_RCDATA0xf61c540x1c23empty0
    RT_RCDATA0xf638780x2ad1empty0
    RT_RCDATA0xf6634c0x6aa4empty0
    RT_RCDATA0xf6cdf00x5bempty0
    RT_RCDATA0xf6ce4c0x115empty0
    RT_RCDATA0xf6cf640x42empty0
    RT_RCDATA0xf6cfa80x3eempty0
    RT_RCDATA0xf6cfe80x40empty0
    RT_RCDATA0xf6d0280x40empty0
    RT_RCDATA0xf6d0680xb4empty0
    RT_RCDATA0xf6d11c0xb2empty0
    RT_RCDATA0xf6d1d00x88empty0
    RT_RCDATA0xf6d2580x57empty0
    RT_RCDATA0xf6d2b00x6aempty0
    RT_RCDATA0xf6d31c0xb0empty0
    RT_RCDATA0xf6d3cc0x5bempty0
    RT_RCDATA0xf6d4280x46empty0
    RT_RCDATA0xf6d4700x41empty0
    RT_RCDATA0xf6d4b40x4fempty0
    RT_RCDATA0xf6d5040xa6empty0
    RT_RCDATA0xf6d5ac0x42empty0
    RT_RCDATA0xf6d5f00x79empty0
    RT_RCDATA0xf6d66c0x52empty0
    RT_RCDATA0xf6d6c00x55empty0
    RT_RCDATA0xf6d7180x5eempty0
    RT_RCDATA0xf6d7780x124empty0
    RT_RCDATA0xf6d89c0x45empty0
    RT_RCDATA0xf6d8e40x76empty0
    RT_RCDATA0xf6d95c0x3aempty0
    RT_RCDATA0xf6d9980x1e10empty0
    RT_RCDATA0xf6f7a80x46empty0
    RT_RCDATA0xf6f7f00x36empty0
    RT_RCDATA0xf6f8280x1d61empty0
    RT_RCDATA0xf7158c0x1018empty0
    RT_RCDATA0xf725a40x57empty0
    RT_RCDATA0xf725fc0x229empty0
    RT_RCDATA0xf728280x3f85empty0
    RT_RCDATA0xf767b00x716eempty0
    RT_RCDATA0xf7d9200x1b5aempty0
    RT_RCDATA0xf7f47c0x1b87empty0
    RT_RCDATA0xf810040x3ac2empty0
    RT_RCDATA0xf84ac80x3c60empty0
    RT_RCDATA0xf887280x5879empty0
    RT_RCDATA0xf8dfa40x3f64empty0
    RT_RCDATA0xf91f080x1a5empty0
    RT_RCDATA0xf920b00x1332empty0
    RT_RCDATA0xf933e40x49f3empty0
    RT_RCDATA0xf97dd80x130empty0
    RT_RCDATA0xf97f080x1450empty0
    RT_RCDATA0xf993580x1334empty0
    RT_RCDATA0xf9a68c0x5389empty0
    RT_RCDATA0xf9fa180x294bempty0
    RT_RCDATA0xfa23640x219dempty0
    RT_RCDATA0xfa45040xc3cempty0
    RT_RCDATA0xfa51400x848empty0
    RT_RCDATA0xfa59880x2425empty0
    RT_RCDATA0xfa7db00x5c98empty0
    RT_RCDATA0xfada480x4a9eempty0
    RT_RCDATA0xfb24e80x252eempty0
    RT_RCDATA0xfb4a180x682empty0
    RT_RCDATA0xfb509c0x703empty0
    RT_RCDATA0xfb57a00x4bfempty0
    RT_RCDATA0xfb5c600x620empty0
    RT_RCDATA0xfb62800x5f6empty0
    RT_RCDATA0xfb68780x3efempty0
    RT_RCDATA0xfb6c680x646empty0
    RT_RCDATA0xfb72b00x1feeempty0
    RT_RCDATA0xfb92a00x1ffcempty0
    RT_RCDATA0xfbb29c0x2cb9empty0
    RT_RCDATA0xfbdf580x4a3dempty0
    RT_RCDATA0xfc29980x6d23empty0
    RT_RCDATA0xfc96bc0x2711empty0
    RT_RCDATA0xfcbdd00x93a8empty0
    RT_RCDATA0xfd51780x2304empty0
    RT_RCDATA0xfd747c0x67a3empty0
    RT_RCDATA0xfddc200x5a70empty0
    RT_RCDATA0xfe36900x25c8empty0
    RT_RCDATA0xfe5c580x2309empty0
    RT_RCDATA0xfe7f640x2a57empty0
    RT_RCDATA0xfea9bc0x238empty0
    RT_RCDATA0xfeabf40xe09empty0
    RT_RCDATA0xfeba000x1f68empty0
    RT_RCDATA0xfed9680xb5c1empty0
    RT_RCDATA0xff8f2c0x3550empty0
    RT_RCDATA0xffc47c0x3359empty0
    RT_RCDATA0xfff7d80x2d24empty0
    RT_RCDATA0x10024fc0x301fempty0
    RT_RCDATA0x100551c0x25ddempty0
    RT_RCDATA0x1007afc0x5b0dempty0
    RT_RCDATA0x100d60c0x4eb3empty0
    RT_RCDATA0x10124c00x5823empty0
    RT_RCDATA0x1017ce40x1e52empty0
    RT_RCDATA0x1019b380x1a9dempty0
    RT_RCDATA0x101b5d80x75a2empty0
    RT_RCDATA0x1022b7c0x3d8fempty0
    RT_RCDATA0x102690c0x81c7empty0
    RT_RCDATA0x102ead40x7196empty0
    RT_RCDATA0x1035c6c0xc067empty0
    RT_RCDATA0x1041cd40x6b5bempty0
    RT_RCDATA0x10488300x7c45empty0
    RT_RCDATA0x10504780x1c5empty0
    RT_RCDATA0x10506400x45cfempty0
    RT_RCDATA0x1054c100x4f9empty0
    RT_RCDATA0x105510c0x46bdempty0
    RT_RCDATA0x10597cc0x8c9empty0
    RT_RCDATA0x105a0980x6b4bempty0
    RT_RCDATA0x1060be40x13e8empty0
    RT_RCDATA0x1061fcc0x20e4empty0
    RT_RCDATA0x10640b00x2fe0empty0
    RT_RCDATA0x10670900x7b4empty0
    RT_RCDATA0x10678440x1a58empty0
    RT_RCDATA0x106929c0x3d65empty0
    RT_RCDATA0x106d0040x28b8empty0
    RT_RCDATA0x106f8bc0x2bd9empty0
    RT_RCDATA0x10724980x48e4empty0
    RT_RCDATA0x1076d7c0x1d2bempty0
    RT_RCDATA0x1078aa80x3387empty0
    RT_RCDATA0x107be300x333bempty0
    RT_RCDATA0x107f16c0x49d6empty0
    RT_RCDATA0x1083b440x1ff0empty0
    RT_RCDATA0x1085b340x431empty0
    RT_RCDATA0x1085f680x29beempty0
    RT_RCDATA0x10889280x96empty0
    RT_RCDATA0x10889c00x1c64empty0
    RT_RCDATA0x108a6240xbe2bempty0
    RT_RCDATA0x10964500x3dcfempty0
    RT_RCDATA0x109a2200x14eb2empty0
    RT_RCDATA0x10af0d40x7533empty0
    RT_RCDATA0x10b66080x1c4eempty0
    RT_RCDATA0x10b82580x16bcempty0
    RT_RCDATA0x10b99140x1c59empty0
    RT_RCDATA0x10bb5700x5e36empty0
    RT_RCDATA0x10c13a80x8deeempty0
    RT_RCDATA0x10ca1980x1b80empty0
    RT_RCDATA0x10cbd180x47d6empty0
    RT_RCDATA0x10d04f00xab6aempty0
    RT_RCDATA0x10db05c0x49b1empty0
    RT_RCDATA0x10dfa100x3418empty0
    RT_RCDATA0x10e2e280x4f17empty0
    RT_RCDATA0x10e7d400x761empty0
    RT_RCDATA0x10e84a40x37e5empty0
    RT_RCDATA0x10ebc8c0x2295empty0
    RT_RCDATA0x10edf240x2548empty0
    RT_RCDATA0x10f046c0x1addempty0
    RT_RCDATA0x10f1f4c0x3698empty0
    RT_RCDATA0x10f55e40x826dempty0
    RT_RCDATA0x10fd8540x1bbempty0
    RT_RCDATA0x10fda100x64aempty0
    RT_RCDATA0x10fe05c0x5df0empty0
    RT_RCDATA0x1103e4c0x251fempty0
    RT_RCDATA0x110636c0x12f3empty0
    RT_RCDATA0x11076600xaf3empty0
    RT_RCDATA0x11081540xdd0empty0
    RT_RCDATA0x1108f240xb175empty0
    RT_RCDATA0x111409c0x20b7empty0
    RT_RCDATA0x11161540x96aempty0
    RT_RCDATA0x1116ac00xf36empty0
    RT_RCDATA0x11179f80x13deempty0
    RT_RCDATA0x1118dd80xefaempty0
    RT_RCDATA0x1119cd40x4208empty0
    RT_RCDATA0x111dedc0x2dceempty0
    RT_RCDATA0x1120cac0x183eempty0
    RT_RCDATA0x11224ec0x5b4empty0
    RT_RCDATA0x1122aa00x1b7cempty0
    RT_RCDATA0x112461c0x669empty0
    RT_RCDATA0x1124c880x1024empty0
    RT_RCDATA0x1125cac0xe20empty0
    RT_RCDATA0x1126acc0x1addempty0
    RT_RCDATA0x11285ac0xe2ecempty0
    RT_RCDATA0x11368980x2ffdempty0
    RT_RCDATA0x11398980xf7cempty0
    RT_RCDATA0x113a8140x2276empty0
    RT_RCDATA0x113ca8c0x1c08empty0
    RT_RCDATA0x113e6940x307aempty0
    RT_RCDATA0x11417100x12e2empty0
    RT_RCDATA0x11429f40x14219empty0
    RT_RCDATA0x1156c100x16ebempty0
    RT_RCDATA0x11582fc0x55d9empty0
    RT_RCDATA0x115d8d80x3bb0empty0
    RT_RCDATA0x11614880x3601empty0
    RT_RCDATA0x1164a8c0x3cbeempty0
    RT_RCDATA0x116874c0xe02empty0
    RT_RCDATA0x11695500x5d27empty0
    RT_RCDATA0x116f2780x13ba7empty0
    RT_RCDATA0x1182e200x45aaempty0
    RT_RCDATA0x11873cc0x64ccempty0
    RT_RCDATA0x118d8980x2257empty0
    RT_RCDATA0x118faf00xf5aempty0
    RT_RCDATA0x1190a4c0xe5fempty0
    RT_RCDATA0x11918ac0x3c9empty0
    RT_RCDATA0x1191c780x42e1empty0
    RT_RCDATA0x1195f5c0x42e5empty0
    RT_RCDATA0x119a2440x2ee4empty0
    RT_RCDATA0x119d1280x1f36empty0
    RT_RCDATA0x119f0600x2113empty0
    RT_RCDATA0x11a11740x1ceeempty0
    RT_RCDATA0x11a2e640x651empty0
    RT_RCDATA0x11a34b80x7aempty0
    RT_RCDATA0x11a35340x9623dempty0
    RT_RCDATA0x12397740x11bempty0
    RT_RCDATA0x12398900x230a7empty0
    RT_RCDATA0x125c9380x12f72empty0
    RT_RCDATA0x126f8ac0x101cfempty0
    RT_RCDATA0x127fa7c0x7d3cempty0
    RT_RCDATA0x12877b80x21efempty0
    RT_RCDATA0x12899a80x1d95empty0
    RT_RCDATA0x128b7400xd24empty0
    RT_RCDATA0x128c4640x737empty0
    RT_RCDATA0x128cb9c0x424dempty0
    RT_RCDATA0x1290dec0x3232empty0
    RT_RCDATA0x12940200x3031empty0
    RT_RCDATA0x12970540xaee1empty0
    RT_RCDATA0x12a1f380x273bcempty0
    RT_RCDATA0x12c92f40xd7cempty0
    RT_RCDATA0x12ca0700x81f5empty0
    RT_RCDATA0x12d22680x1ab8empty0
    RT_RCDATA0x12d3d200x12f0empty0
    RT_RCDATA0x12d50100x2ba9empty0
    RT_RCDATA0x12d7bbc0x620empty0
    RT_RCDATA0x12d81dc0x26cempty0
    RT_RCDATA0x12d84480x221dempty0
    RT_RCDATA0x12da6680x97eempty0
    RT_RCDATA0x12dafe80x110fempty0
    RT_RCDATA0x12dc0f80x753cempty0
    RT_RCDATA0x12e36340x471eempty0
    RT_RCDATA0x12e7d540x2488empty0
    RT_RCDATA0x12ea1dc0x3234empty0
    RT_RCDATA0x12ed4100x74dempty0
    RT_RCDATA0x12edb600x3fb4empty0
    RT_RCDATA0x12f1b140x2b46empty0
    RT_RCDATA0x12f465c0x1d6bempty0
    RT_RCDATA0x12f63c80x121eempty0
    RT_RCDATA0x12f75e80xc35empty0
    RT_RCDATA0x12f82200x18176empty0
    RT_RCDATA0x13103980x1048empty0
    RT_RCDATA0x13113e00x2daempty0
    RT_RCDATA0x13116bc0x3bf6empty0
    RT_RCDATA0x13152b40x535empty0
    RT_RCDATA0x13157ec0x5209empty0
    RT_RCDATA0x131a9f80x147bempty0
    RT_RCDATA0x131be740x7051empty0
    RT_RCDATA0x1322ec80x7c5cempty0
    RT_RCDATA0x132ab240x79c5empty0
    RT_RCDATA0x13324ec0x8cbcempty0
    RT_RCDATA0x133b1a80x47c7empty0
    RT_RCDATA0x133f9700x34b6empty0
    RT_RCDATA0x1342e280x408empty0
    RT_RCDATA0x13432300x6b3empty0
    RT_RCDATA0x13438e40x1186empty0
    RT_RCDATA0x1344a6c0xe35empty0
    RT_RCDATA0x13458a40x1d22empty0
    RT_RCDATA0x13475c80x829empty0
    RT_RCDATA0x1347df40x1388empty0
    RT_RCDATA0x134917c0x3914empty0
    RT_RCDATA0x134ca900xc23empty0
    RT_RCDATA0x134d6b40xfd9empty0
    RT_RCDATA0x134e6900x17eempty0
    RT_RCDATA0x134e8100xa65empty0
    RT_RCDATA0x134f2780x191aempty0
    RT_RCDATA0x1350b940x1881empty0
    RT_RCDATA0x13524180x8a7empty0
    RT_RCDATA0x1352cc00xec2empty0
    RT_RCDATA0x1353b840xc2dempty0
    RT_RCDATA0x13547b40xbe1empty0
    RT_RCDATA0x13553980x31bempty0
    RT_RCDATA0x13556b40x7d2eempty0
    RT_RCDATA0x135d3e40x11e78empty0
    RT_RCDATA0x136f25c0x615fempty0
    RT_RCDATA0x13753bc0x2b20empty0
    RT_RCDATA0x1377edc0x78cempty0
    RT_RCDATA0x13786680x15bfempty0
    RT_RCDATA0x1379c280x16a4empty0
    RT_RCDATA0x137b2cc0xd25empty0
    RT_RCDATA0x137bff40x6c7empty0
    RT_RCDATA0x137c6bc0x2a44empty0
    RT_RCDATA0x137f1000x502dempty0
    RT_RCDATA0x13841300x4a19empty0
    RT_RCDATA0x1388b4c0x248eempty0
    RT_RCDATA0x138afdc0xcf47empty0
    RT_RCDATA0x1397f240xccbeempty0
    RT_RCDATA0x13a4be40x2875empty0
    RT_RCDATA0x13a745c0x2f0aempty0
    RT_RCDATA0x13aa3680xf865empty0
    RT_RCDATA0x13b9bd00x4454empty0
    RT_RCDATA0x13be0240xb29dempty0
    RT_RCDATA0x13c92c40x23b4empty0
    RT_RCDATA0x13cb6780x318dempty0
    RT_RCDATA0x13ce8080x30dfempty0
    RT_RCDATA0x13d18e80x36a8empty0
    RT_RCDATA0x13d4f900x251b5empty0
    RT_RCDATA0x13fa1480x23e2empty0
    RT_RCDATA0x13fc52c0x87b7empty0
    RT_RCDATA0x1404ce40x44b3empty0
    RT_RCDATA0x14091980x665cempty0
    RT_RCDATA0x140f7f40x1510empty0
    RT_RCDATA0x1410d040x7562empty0
    RT_RCDATA0x14182680xb7empty0
    RT_RCDATA0x14183200x4caempty0
    RT_RCDATA0x14187ec0xc16empty0
    RT_RCDATA0x14194040x12e9empty0
    RT_RCDATA0x141a6f00xde1empty0
    RT_RCDATA0x141b4d40x3e2aempty0
    RT_RCDATA0x141f3000x2825empty0
    RT_RCDATA0x1421b280xa7cempty0
    RT_RCDATA0x14225a40x2854empty0
    RT_RCDATA0x1424df80x25eempty0
    RT_RCDATA0x14250580x2902empty0
    RT_RCDATA0x142795c0x1595empty0
    RT_RCDATA0x1428ef40x40empty0
    RT_RCDATA0x1428f340x46empty0
    RT_RCDATA0x1428f7c0x12d1empty0
    RT_RCDATA0x142a2500x1499empty0
    RT_RCDATA0x142b6ec0x3aebempty0
    RT_RCDATA0x142f1d80x3cdcempty0
    RT_RCDATA0x1432eb40x60fempty0
    RT_RCDATA0x14334c40x1d04empty0
    RT_RCDATA0x14351c80x3f81empty0
    RT_RCDATA0x143914c0x3a17empty0
    RT_RCDATA0x143cb640x14bdempty0
    RT_RCDATA0x143e0240x3deaempty0
    RT_RCDATA0x1441e100x3182empty0
    RT_RCDATA0x1444f940x5818empty0
    RT_RCDATA0x144a7ac0x3c27empty0
    RT_RCDATA0x144e3d40x679eempty0
    RT_RCDATA0x1454b740x2bacempty0
    RT_RCDATA0x14577200x315cempty0
    RT_RCDATA0x145a87c0xcb9dempty0
    RT_RCDATA0x146741c0x3596empty0
    RT_RCDATA0x146a9b40xac8empty0
    RT_RCDATA0x146b47c0x74d4empty0
    RT_RCDATA0x14729500x19776empty0
    RT_RCDATA0x148c0c80x1d95empty0
    RT_RCDATA0x148de600x2eeempty0
    RT_RCDATA0x148e1500x144empty0
    RT_RCDATA0x148e2940x11410empty0
    RT_RCDATA0x149f6a40x43f8empty0
    RT_RCDATA0x14a3a9c0x1dd8empty0
    RT_RCDATA0x14a58740xf244empty0
    RT_RCDATA0x14b4ab80x2fd0empty0
    RT_RCDATA0x14b7a880x2457empty0
    RT_RCDATA0x14b9ee00x7e2fempty0
    RT_RCDATA0x14c1d100x1e68empty0
    RT_RCDATA0x14c3b780x53a6empty0
    RT_RCDATA0x14c8f200x34d8empty0
    RT_RCDATA0x14cc3f80x223fempty0
    RT_RCDATA0x14ce6380x609cempty0
    RT_RCDATA0x14d46d40x7e8eempty0
    RT_RCDATA0x14dc5640x3cb1empty0
    RT_RCDATA0x14e02180x36e7empty0
    RT_RCDATA0x14e39000x1756aempty0
    RT_RCDATA0x14fae6c0xb504empty0
    RT_RCDATA0x15063700x494empty0
    RT_RCDATA0x15068040x68154empty0
    RT_RCDATA0x156e9580x3408empty0
    RT_RCDATA0x1571d600xc1empty0
    RT_RCDATA0x1571e240x10cempty0
    RT_RCDATA0x1571f300x105empty0
    RT_RCDATA0x15720380xd7empty0
    RT_RCDATA0x15721100xb4empty0
    RT_RCDATA0x15721c40x3d0empty0
    RT_RCDATA0x15725940x88empty0
    RT_RCDATA0x157261c0xa7empty0
    RT_RCDATA0x15726c40x9bempty0
    RT_RCDATA0x15727600x95empty0
    RT_RCDATA0x15727f80xe0empty0
    RT_RCDATA0x15728d80x110empty0
    RT_RCDATA0x15729e80xd5empty0
    RT_RCDATA0x1572ac00xe9empty0
    RT_RCDATA0x1572bac0xa6aempty0
    RT_RCDATA0x15736180x131fempty0
    RT_RCDATA0x15749380x7cempty0
    RT_RCDATA0x15749b40x89empty0
    RT_RCDATA0x1574a400x9dempty0
    RT_RCDATA0x1574ae00x151empty0
    RT_RCDATA0x1574c340xa3empty0
    RT_RCDATA0x1574cd80x24cempty0
    RT_RCDATA0x1574f240x15aempty0
    RT_RCDATA0x15750800xf8empty0
    RT_RCDATA0x15751780x83empty0
    RT_RCDATA0x15751fc0x96empty0
    RT_RCDATA0x15752940xb5empty0
    RT_RCDATA0x157534c0xc843empty0
    RT_RCDATA0x1581b900x749empty0
    RT_RCDATA0x15822dc0x74empty0
    RT_RCDATA0x15823500x103dccempty0
    RT_RCDATA0x168611c0x7ccempty0
    RT_RCDATA0x16868e80x9d3dempty0
    RT_RCDATA0x16906280x69b6empty0
    RT_RCDATA0x1696fe00x6592empty0
    RT_RCDATA0x169d5740x550aempty0
    RT_RCDATA0x16a2a800x6d56empty0
    RT_RCDATA0x16a97d80x6062empty0
    RT_RCDATA0x16af83c0x4b43empty0
    RT_RCDATA0x16b43800x130cempty0
    RT_RCDATA0x16b568c0x3a9fempty0
    RT_RCDATA0x16b912c0x44e7empty0
    RT_RCDATA0x16bd6140x66673empty0
    RT_RCDATA0x1723c880x985empty0
    RT_RCDATA0x17246100x3ef7empty0
    RT_RCDATA0x17285080x1565bempty0
    RT_RCDATA0x173db640x3720empty0
    RT_RCDATA0x17412840x22cdempty0
    RT_RCDATA0x17435540x3c4empty0
    RT_RCDATA0x17439180x5f7empty0
    RT_RCDATA0x1743f100x2187empty0
    RT_RCDATA0x17460980x576bempty0
    RT_RCDATA0x174b8040x649eempty0
    RT_RCDATA0x1751ca40x56abempty0
    RT_RCDATA0x17573500x5249empty0
    RT_RCDATA0x175c59c0x17f2empty0
    RT_RCDATA0x175dd900x7790empty0
    RT_RCDATA0x17655200x559aempty0
    RT_RCDATA0x176aabc0x1ad4empty0
    RT_RCDATA0x176c5900x391eempty0
    RT_RCDATA0x176feb00x7d3empty0
    RT_RCDATA0x17706840x66cempty0
    RT_RCDATA0x1770cf00x1b23empty0
    RT_RCDATA0x17728140x562empty0
    RT_RCDATA0x1772d780x4ebdempty0
    RT_RCDATA0x1777c380x1dcempty0
    RT_RCDATA0x1777e140x3eb5empty0
    RT_RCDATA0x177bccc0x6a94empty0
    RT_RCDATA0x17827600x3d2bempty0
    RT_RCDATA0x178648c0x5780empty0
    RT_RCDATA0x178bc0c0x154c1empty0
    RT_RCDATA0x17a10d00x4634empty0
    RT_RCDATA0x17a57040x133bempty0
    RT_RCDATA0x17a6a400x36dempty0
    RT_RCDATA0x17a6db00x1beempty0
    RT_RCDATA0x17a6f700x5d28empty0
    RT_RCDATA0x17acc980xb6empty0
    RT_RCDATA0x17acd500x76f3empty0
    RT_RCDATA0x17b44440xda7aempty0
    RT_RCDATA0x17c1ec00xda8fempty0
    RT_RCDATA0x17cf9500x4a65empty0
    RT_RCDATA0x17d43b80x3aaempty0
    RT_RCDATA0x17d47640x163aempty0
    RT_RCDATA0x17d5da00x8d8empty0
    RT_RCDATA0x17d66780x815empty0
    RT_RCDATA0x17d6e900x3bcempty0
    RT_RCDATA0x17d724c0x144empty0
    RT_RCDATA0x17d73900x7a4bempty0
    RT_RCDATA0x17deddc0xafaempty0
    RT_RCDATA0x17df8d80x46dempty0
    RT_RCDATA0x17dfd480x175empty0
    RT_RCDATA0x17dfec00x10d6empty0
    RT_RCDATA0x17e0f980x1093empty0
    RT_RCDATA0x17e202c0x4970empty0
    RT_RCDATA0x17e699c0x566empty0
    RT_RCDATA0x17e6f040x566empty0
    RT_RCDATA0x17e746c0x566empty0
    RT_RCDATA0x17e79d40x1244empty0
    RT_RCDATA0x17e8c180x566empty0
    RT_RCDATA0x17e91800x566empty0
    RT_RCDATA0x17e96e80x588empty0
    RT_GROUP_CURSOR0x17e9c700x146emptySpanishArgentina0
    RT_GROUP_CURSOR0x17e9db80x14emptyGermanGermany0
    RT_GROUP_CURSOR0x17e9dcc0x14emptyGermanGermany0
    RT_GROUP_CURSOR0x17e9de00x14emptySpanishArgentina0
    RT_GROUP_CURSOR0x17e9df40x14emptySpanishArgentina0
    RT_GROUP_CURSOR0x17e9e080x146emptySpanishArgentina0
    RT_GROUP_CURSOR0x17e9f500x14empty0
    RT_GROUP_CURSOR0x17e9f640x14empty0
    RT_GROUP_CURSOR0x17e9f780x146emptySpanishArgentina0
    RT_GROUP_CURSOR0x17ea0c00x14emptySpanishArgentina0
    RT_GROUP_CURSOR0x17ea0d40x14empty0
    RT_GROUP_CURSOR0x17ea0e80x14empty0
    RT_GROUP_CURSOR0x17ea0fc0x14empty0
    RT_GROUP_CURSOR0x17ea1100x14empty0
    RT_GROUP_CURSOR0x17ea1240x14empty0
    RT_GROUP_CURSOR0x17ea1380x14empty0
    RT_GROUP_CURSOR0x17ea14c0x14empty0
    RT_GROUP_CURSOR0x17ea1600x14empty0
    RT_GROUP_ICON0x17ec9140x14dataSpanishArgentina1.2
    RT_VERSION0x17ec59c0x378dataSpanishArgentina0.42680180180180183
    DLLImport
    kernel32.dllGetProcAddress, GetModuleHandleA, LoadLibraryA
    user32.dllGetKeyboardType
    advapi32.dllRegQueryValueExA
    oleaut32.dllSysFreeString
    advapi32.dllReportEventA
    mpr.dllWNetGetConnectionA
    version.dllVerQueryValueA
    gdi32.dllWidenPath
    user32.dllCreateWindowExA
    ole32.dllCoTaskMemFree
    oleaut32.dllSafeArrayPtrOfIndex
    ole32.dllCreateStreamOnHGlobal
    oleaut32.dllCreateErrorInfo
    wsock32.dllWSACleanup
    shell32.dllShell_NotifyIconA
    gdi32.dllTranslateCharsetInfo
    comctl32.dllImageList_Destroy
    comctl32.dllImageList_SetIconSize
    shell32.dllSHGetSpecialFolderLocation
    comdlg32.dllPageSetupDlgA
    winspool.drvOpenPrinterA
    imm32.dllImmGetOpenStatus
    oledlg.dllOleUIObjectPropertiesA
    user32.dllDdeCmpStringHandles
    winmm.dllwaveOutGetNumDevs
    avicap32.dllcapGetDriverDescriptionA
    NameOrdinalAddress
    EurekaLog_AttachedFilesRequestEvent150x474f24
    EurekaLog_CallCreateThread20x48efb4
    EurekaLog_CallExceptObject50x48e734
    EurekaLog_CallExitThread40x48f0f8
    EurekaLog_CallGeneralRaise60x48e5b0
    EurekaLog_CallResumeThread30x48f054
    EurekaLog_CustomButtonClickEvent170x47506c
    EurekaLog_CustomDataRequestEventEx140x474e80
    EurekaLog_CustomWebFieldsRequestEvent160x474fc8
    EurekaLog_ExceptionActionNotifyEvent120x474d38
    EurekaLog_ExceptionErrorNotifyEvent130x474ddc
    EurekaLog_ExceptionNotifyEvent100x474bf0
    EurekaLog_HandledExceptionNotifyEvent110x474c94
    EurekaLog_LastDelphiException10x48efac
    EurekaLog_PasswordRequestEvent80x474adc
    EurekaLog_PasswordRequestEventEx90x474b20
    ExceptionManager70x4907b0
    Language of compilation systemCountry where language is spokenMap
    FrenchFrance
    SpanishArgentina
    GermanGermany
    RussianRussia
    EnglishUnited States
    CatalanSpain
    No network behavior found

    Click to jump to process

    Click to jump to process

    Click to dive into process behavior distribution

    Target ID:5
    Start time:11:26:39
    Start date:20/11/2024
    Path:C:\Users\user\Desktop\Siopel.exe
    Wow64 process (32bit):true
    Commandline:"C:\Users\user\Desktop\Siopel.exe"
    Imagebase:0x400000
    File size:7'617'536 bytes
    MD5 hash:FDC8014D627B85EC211F282A696653B7
    Has elevated privileges:true
    Has administrator privileges:true
    Programmed in:Borland Delphi
    Reputation:low
    Has exited:true

    Reset < >
      Strings
      Memory Dump Source
      • Source File: 00000005.00000002.2388217551.0000000000D33000.00000040.00000001.01000000.00000004.sdmp, Offset: 00D33000, based on PE: false
      Joe Sandbox IDA Plugin
      • Snapshot File: hcaresult_5_2_d33000_Siopel.jbxd
      Similarity
      • API ID:
      • String ID: NEGOCIA.INI$Negociacion$Negociacion.pdf$SIOPEL.INI$TRADE
      • API String ID: 0-164315787
      • Opcode ID: 86dcb0bbca1fd214d6f700ad13560867e3c3b491d77628eac61c88390b591903
      • Instruction ID: 53963cc1ce23a28cd287c7e3e90808ae95562d4312078dc17bb8676d033eac89
      • Opcode Fuzzy Hash: 86dcb0bbca1fd214d6f700ad13560867e3c3b491d77628eac61c88390b591903
      • Instruction Fuzzy Hash: 4DB1B838744650DFD744EB18F8E5E2637A2FB9A30071081A5E6018B37ACB75AC46CFB2
      Strings
      Memory Dump Source
      • Source File: 00000005.00000002.2388217551.0000000000D33000.00000040.00000001.01000000.00000004.sdmp, Offset: 00D33000, based on PE: false
      Joe Sandbox IDA Plugin
      • Snapshot File: hcaresult_5_2_d33000_Siopel.jbxd
      Similarity
      • API ID:
      • String ID: NEGOCIA.INI$Negociacion$Negociacion.pdf$SIOPEL.INI$TRADE
      • API String ID: 0-164315787
      • Opcode ID: 53b9d7d77f5f6af16ec0d824d053816351d486b01a5a998b2c730cc9558219a6
      • Instruction ID: f850b9ac4196d3fad935a57c3c81a72cdff606510310bd998e66ccf4515d5a8e
      • Opcode Fuzzy Hash: 53b9d7d77f5f6af16ec0d824d053816351d486b01a5a998b2c730cc9558219a6
      • Instruction Fuzzy Hash: 70B14638644650DFD744EB18F9E5E2633A2FB9A30471081A5E6058B37ACB75BC46CFB2