PESCAN.IO - Analysis Report Basic |
|||||||
| File Structure |
|
PE Chart Code
Header PE (light blue)
Executable sections (pink)
Non-executable sections (black)
External injected code (red)
File Structure in red = malformed or corrupted header
Chart Code For Other Files
Printable characters (blue)
Non-printable characters (black)
| Information |
Icon: Size: 2,03 MBSHA-256 Hash: 38576A3E633825EFA574D9441D447FEE641EFDD1BE1C18C2CCBAC077E9B726B7 SHA-1 Hash: C31F8DD248A17ACD6E08B88B162535676B3914F3 MD5 Hash: 5DCC3F921EBA0F72016BB057AEFADA4C Imphash: 88016FCDEF7F227C62171D0AFAD9AAE4 MajorOSVersion: 6 MinorOSVersion: 1 CheckSum: 0852471C EntryPoint (rva): B1E60 SizeOfHeaders: 400 SizeOfImage: DC000 ImageBase: 400000 Architecture: x86 ExportTable: C2000 ImportTable: BF000 IAT: BF2E4 Characteristics: 102 TimeDateStamp: 6957B243 Date: 02/01/2026 11:55:47 File Type: EXE Number Of Sections: 11 ASLR: Enabled Section Names: .text, .itext, .data, .bss, .idata, .didata, .edata, .tls, .rdata, .reloc, .rsrc Number Of Executable Sections: 2 Subsystem: Windows GUI UAC Execution Level Manifest: asInvoker |
| Sections Info |
| Section Name | Flags | ROffset | RSize | VOffset | VSize | Entropy | Chi2 |
|---|---|---|---|---|---|---|---|
| .text | 0x60000020 Code Executable Readable |
400 | AF800 | 1000 | AF7FC |
|
|
| .itext | 0x60000020 Code Executable Readable |
AFC00 | 1A00 | B1000 | 18CC |
|
|
| .data | 0xC0000040 Initialized Data Readable Writeable |
B1600 | 4000 | B3000 | 3F3C |
|
|
| .bss | 0xC0000000 Readable Writeable |
0 | 0 | B7000 | 734C |
|
|
| .idata | 0xC0000040 Initialized Data Readable Writeable |
B5600 | 1200 | BF000 | 1068 |
|
|
| .didata | 0xC0000040 Initialized Data Readable Writeable |
B6800 | 200 | C1000 | 1A4 |
|
|
| .edata | 0x40000040 Initialized Data Readable |
B6A00 | 200 | C2000 | 71 |
|
|
| .tls | 0xC0000000 Readable Writeable |
0 | 0 | C3000 | 18 |
|
|
| .rdata | 0x40000040 Initialized Data Readable |
B6C00 | 200 | C4000 | 5D |
|
|
| .reloc | 0x42000040 Initialized Data GP-Relative Readable |
B6E00 | 12000 | C5000 | 11FEC |
|
|
| .rsrc | 0x40000040 Initialized Data Readable |
C8E00 | 4400 | D7000 | 42D4 |
|
|
| Description |
| LegalCopyright: 2026 Softonic--International (SA) ProductName: Softonic--International (SA) FileVersion: 4.0.2.0 FileDescription: Softonic--International (SA) ProductVersion: 4.0.2.0 Comments: This installation was built with Inno Setup. Language: Unknown (ID=0x0) CodePage: Unicode (UTF-16 LE) (0x4B0) |
| Binder/Joiner/Crypter |
| Dropper code detected (EOF) - 1,17 MB |
| Entry Point |
The section number (2) - (.itext) have the Entry Point Information -> EntryPoint (calculated) - B0A60 Code -> 558BECB90F0000006A006A004975F951535657B868BA4A00E827C8F5FF33C05568C6264B0064FF3064892033D2556880264B Assembler |PUSH EBP |MOV EBP, ESP |MOV ECX, 0XF |PUSH 0 |PUSH 0 |DEC ECX |JNE 0X1008 |PUSH ECX |PUSH EBX |PUSH ESI |PUSH EDI |MOV EAX, 0X4ABA68 |CALL 0XFFF5D844 |XOR EAX, EAX |PUSH EBP |PUSH 0X4B26C6 |PUSH DWORD PTR FS:[EAX] |MOV DWORD PTR FS:[EAX], ESP |XOR EDX, EDX |PUSH EBP |
| Signatures |
| CheckSum Integrity Problem: • Header: 139609884 • Calculated: 2156557 Certificate - Digital Signature: • The file is signed and the signature is correct |
| Packer/Compiler |
| Detect It Easy (die) • PE: installer: Inno Setup Module(-)[-] • PE: protector: .NET Reactor(2.X-3.X)[-] • PE: compiler: Embarcadero Delphi(XE2-XE6)[-] • PE: linker: Turbo Linker(2.25*,Delphi)[-] • PE: overlay: Inno Setup Installer data(-)[-] • Entropy: 7.67513 |
| Suspicious Functions |
| Library | Function | Description |
|---|---|---|
| KERNEL32.DLL | VirtualAlloc | Reserve, commit, or both, a region of memory within the virtual address space of a process. |
| KERNEL32.DLL | WriteFile | Writes data to a specified file or input/output (I/O) device. |
| KERNEL32.DLL | LoadLibraryA | Loads the specified module into the address space of the calling process. |
| KERNEL32.DLL | LoadLibraryW | Loads the specified module into the address space of the calling process. |
| KERNEL32.DLL | GetProcAddress | Retrieves the address of an exported function or variable from the specified dynamic-link library (DLL). |
| Windows REG (UNICODE) |
| Software\Embarcadero\Locales Software\CodeGear\Locales Software\Borland\Locales Software\Borland\Delphi\Locales SOFTWARE\Microsoft\Windows NT\CurrentVersion |
| File Access |
| winhttp.dll version.dll textshaping.dll netutils.dll netapi32.dll mpr.dll comctl32.dll kernel32.dll user32.dll advapi32.dll oleaut32.dll System.Sys dSystem.Sys UnsignedFuncSystem.SysUtilsSystemSystem.Internal.ExcUtilsSystem.Sys UnsignedFuncSystem.Sys System.Sys ?System.Sys .dat Temp |
| File Access (UNICODE) |
| GetLogicalProcessorInformationkernel32.dll kernel32.dll Failed to load bcrypt.dll bcrypt.dll advapi32.dll oleaut32.dll NTDLL.DLL ntdll.dll Temp |
| Interest's Words |
| PADDINGX Encrypt Decrypt Encryption PassWord exec attrib start shutdown systeminfo ping expand |
| Interest's Words (UNICODE) |
| PassWord exec start shutdown ping expand |
| URLs |
| http://schemas.microsoft.com/SMI/2005/WindowsSettings http://crl.comodoca.com/AAACertificateServices.crl http://ocsp.comodoca.com http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0 http://ocsp.sectigo.com http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0 http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl http://ocsp.usertrust.com http://crl.sectigo.com/SectigoPublicCodeSigningCAEVR36.crl http://crt.sectigo.com/SectigoPublicCodeSigningCAEVR36.crt https://sectigo.com/CPS0 |
| URLs (UNICODE) |
| https://jrsoftware.org/ishelp/index.php?topic=setupcmdline |
| Strings/Hex Code Found With The File Rules |
| Rule Type | Encoding | Matched (Word) |
|---|---|---|
| Text | Unicode | WinAPI Sockets (accept) |
| Text | Ascii | Registry (RegOpenKeyEx) |
| Text | Ascii | File (GetTempPath) |
| Text | Unicode | File (GetTempPath) |
| Text | Ascii | File (CreateFile) |
| Text | Ascii | File (WriteFile) |
| Text | Ascii | File (ReadFile) |
| Text | Ascii | Anti-Analysis VM (GetSystemInfo) |
| Text | Ascii | Anti-Analysis VM (GetVersion) |
| Text | Ascii | Reconnaissance (FindFirstFileW) |
| Text | Ascii | Reconnaissance (FindClose) |
| Text | Ascii | Stealth (ExitThread) |
| Text | Ascii | Stealth (CloseHandle) |
| Text | Ascii | Stealth (VirtualAlloc) |
| Text | Ascii | Stealth (VirtualProtect) |
| Text | Ascii | Execution (CreateProcessW) |
| Text | Ascii | Execution (ResumeThread) |
| Text | Ascii | Execution (CreateEventW) |
| Text | Ascii | Antivirus Software (comodo) |
| Text | Unicode | Privileges (SeShutdownPrivilege) |
| Text | Ascii | Process of gathering information about network resources (Enumeration) |
| Text | Unicode | Malicious rerouting of traffic to an attacker-controlled site (Redirect) |
| Text | Ascii | Technique used to capture communications between systems (Intercept) |
| Resources |
| Path | DataRVA | Size | FileOffset | Code | Text |
|---|---|---|---|---|---|
| \ICON\100\1033 | D7468 | 9F5 | C9268 | 89504E470D0A1A0A0000000D4948445200000080000000800806000000C33E61CB000009BC49444154789CED9DBF8E5D3510 | .PNG........IHDR..............>a.....IDATx.....]5. |
| \STRING\4085\0 | D7E60 | 24C | C9C60 | 47004E006F002000730069006E0067006C0065002000630061007300740020006F0062007300650072007600650072002000 | G.N.o. .s.i.n.g.l.e. .c.a.s.t. .o.b.s.e.r.v.e.r. . |
| \STRING\4086\0 | D80AC | 2E4 | C9EAC | 0C00570069006E0064006F0077007300200032003000300030000A00570069006E0064006F00770073002000580050001300 | ..W.i.n.d.o.w.s. .2.0.0.0...W.i.n.d.o.w.s. .X.P... |
| \STRING\4087\0 | D8390 | 400 | CA190 | 350049006E00730075006600660069006300690065006E00740020005200540054004900200061007600610069006C006100 | 5.I.n.s.u.f.f.i.c.i.e.n.t. .R.T.T.I. .a.v.a.i.l.a. |
| \STRING\4088\0 | D8790 | 3D0 | CA590 | 18004500720072006F0072002000720065006100640069006E00670020002500730025007300250073003A00200025007300 | ..E.r.r.o.r. .r.e.a.d.i.n.g. .%.s.%.s.%.s.:. .%.s. |
| \STRING\4089\0 | D8B60 | 3FC | CA960 | 1A00430061006E006E006F0074002000610073007300690067006E0020006100200025007300200074006F00200061002000 | ..C.a.n.n.o.t. .a.s.s.i.g.n. .a. .%.s. .t.o. .a. . |
| \STRING\4090\0 | D8F5C | 2D4 | CAD5C | 06004D006F006E006400610079000700540075006500730064006100790009005700650064006E0065007300640061007900 | ..M.o.n.d.a.y...T.u.e.s.d.a.y...W.e.d.n.e.s.d.a.y. |
| \STRING\4091\0 | D9230 | B8 | CB030 | 03004D006100790004004A0075006E00650004004A0075006C00790006004100750067007500730074000900530065007000 | ..M.a.y...J.u.n.e...J.u.l.y...A.u.g.u.s.t...S.e.p. |
| \STRING\4092\0 | D92E8 | 9C | CB0E8 | 03004A0061006E00030046006500620003004D0061007200030041007000720003004D006100790003004A0075006E000300 | ..J.a.n...F.e.b...M.a.r...A.p.r...M.a.y...J.u.n... |
| \STRING\4093\0 | D9384 | 38C | CB184 | 140049006E00760061006C00690064002000760061007200690061006E0074002000740079007000650017004F0070006500 | ..I.n.v.a.l.i.d. .v.a.r.i.a.n.t. .t.y.p.e...O.p.e. |
| \STRING\4094\0 | D9710 | 398 | CB510 | 2200560061007200690061006E00740020006D006500740068006F0064002000630061006C006C00730020006E006F007400 | ".V.a.r.i.a.n.t. .m.e.t.h.o.d. .c.a.l.l.s. .n.o.t. |
| \STRING\4095\0 | D9AA8 | 368 | CB8A8 | 200049006E00760061006C0069006400200066006C006F006100740069006E006700200070006F0069006E00740020006F00 | .I.n.v.a.l.i.d. .f.l.o.a.t.i.n.g. .p.o.i.n.t. .o. |
| \STRING\4096\0 | D9E10 | 2A4 | CBC10 | 2100270025007300270020006900730020006E006F007400200061002000760061006C0069006400200069006E0074006500 | !.'.%.s.'. .i.s. .n.o.t. .a. .v.a.l.i.d. .i.n.t.e. |
| \RCDATA\DVCLAL\0 | DA0B4 | 10 | CBEB4 | 263D4F38C28237B8F3244203179B3A83 | &=O8..7..$B...:. |
| \RCDATA\PACKAGEINFO\0 | DA0C4 | 490 | CBEC4 | 000010CC000000003E000000010A53657475704C64720010A053797374656D2E576964655374725574696C73001025537973 | ........>.....SetupLdr...System.WideStrUtils..%Sys |
| \RCDATA\11111\1033 | DA554 | 40 | CC354 | 72446C507453CDE6D77B0B2A02000000D756200000000000908E0E0000000000003C4200F662EB7A77EF0C000000000000D20C00000000000000000037DE4452 | rDlPtS...{.*.....V ..............<B..b.zw...................7.DR |
| \GROUP_ICON\MAINICON\1033 | DA594 | 14 | CC394 | 0000010001008080000001002000F50900006400 | ............ .....d. |
| \VERSION\1\1033 | DA5A8 | 584 | CC3A8 | 840534000000560053005F00560045005200530049004F004E005F0049004E0046004F0000000000BD04EFFE000001000000 | ..4...V.S._.V.E.R.S.I.O.N._.I.N.F.O............... |
| \24\1\1033 | DAB2C | 7A8 | CC92C | 3C3F786D6C2076657273696F6E3D22312E302220656E636F64696E673D225554462D3822207374616E64616C6F6E653D2279 | <?xml version="1.0" encoding="UTF-8" standalone="y |
| Intelligent String |
| • user32.dll • kernel32.dll • oleaut32.dll • D:\Coding\Is\issrc-build\Components\ChaCha20.pas • .bss • @.tls • ntdll.dll • NTDLL.DLL • advapi32.dll • bcrypt.dll • /FORCECLOSEAPPLICATIONS, /FORCENOCLOSEAPPLICATIONS • x:\dirname" • For more detailed information, please visit https://jrsoftware.org/ishelp/index.php?topic=setupcmdline • .tmp • GetThreadLocalecomctl32.dll • VariantChangeTypeadvapi32.dll • MessageBoxAkernel32.dll • <dpiAware xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings">true</dpiAware> • +0U 00U 0g0KUD0B0@><:http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0{+o0m0F+0:http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0+0http://ocsp.sectigo.com0*H_6rZ-9JZBJ |
| Flow Anomalies |
| Offset | RVA | Section | Description |
|---|---|---|---|
| 2B70 | 4BF2EC | .text | JMP [static] | Indirect jump to absolute memory address |
| 2B78 | 4BF328 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2B80 | 4BF448 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2B88 | 4BF420 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2B90 | 4BF404 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2B98 | 4BF3BC | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BA0 | 4BF3A0 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BA8 | 4BF3E0 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BB0 | 4BF450 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BB8 | 4BF350 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BC0 | 4BF38C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BC8 | 4BF378 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BD0 | 4BF44C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BD8 | 4BF30C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BE0 | 4BF370 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BE8 | 4BF31C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BF0 | 4BF390 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2BF8 | 4BF340 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C00 | 4BF330 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C08 | 4BF4C8 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C10 | 4BF3D4 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C18 | 4BF344 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C20 | 4BF32C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C28 | 4BF3E4 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C30 | 4BF3B0 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C38 | 4BF384 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C40 | 4BF2E4 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C48 | 4BF424 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C50 | 4BF41C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C58 | 4BF434 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C60 | 4BF408 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C68 | 4BF468 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C70 | 4BF480 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C78 | 4BF45C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C80 | 4BF4C0 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C88 | 4BF354 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CB0 | 4C1094 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CB8 | 4BF548 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CC0 | 4BF528 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CC8 | 4BF53C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CD0 | 4BF368 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CD8 | 4BF3D8 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CE0 | 4BF3AC | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CE8 | 4BF394 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CF0 | 4BF4F8 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2CF8 | 4BF4EC | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D00 | 4BF4E4 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D08 | 4BF40C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D30 | 4C1090 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D38 | 4BF308 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D40 | 4BF310 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D48 | 4BF418 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D50 | 4BF3FC | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D58 | 4BF3F0 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D8C | 4BF3D0 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D94 | 4BF300 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2D9C | 4BF39C | .text | JMP [static] | Indirect jump to absolute memory address |
| 2DA4 | 4BF448 | .text | JMP [static] | Indirect jump to absolute memory address |
| 47A4 | 4B3768 | .text | CALL [static] | Indirect call to absolute memory address |
| 47BC | 4B375C | .text | CALL [static] | Indirect call to absolute memory address |
| 47D8 | 4B3760 | .text | CALL [static] | Indirect call to absolute memory address |
| 47F9 | 4B3764 | .text | CALL [static] | Indirect call to absolute memory address |
| 4814 | 4B3760 | .text | CALL [static] | Indirect call to absolute memory address |
| 4832 | 4B375C | .text | CALL [static] | Indirect call to absolute memory address |
| 4883 | 4B7028 | .text | CALL [static] | Indirect call to absolute memory address |
| 48C2 | 4B7010 | .text | CALL [static] | Indirect call to absolute memory address |
| 4EEC | 4B703C | .text | CALL [static] | Indirect call to absolute memory address |
| 5342 | FFC0 | .text | JMP [static] | Indirect jump to absolute memory address |
| 64EC | 4B701C | .text | CALL [static] | Indirect call to absolute memory address |
| 650A | 4B701C | .text | CALL [static] | Indirect call to absolute memory address |
| 6522 | 4B701C | .text | CALL [static] | Indirect call to absolute memory address |
| 6594 | 4B701C | .text | CALL [static] | Indirect call to absolute memory address |
| 65B4 | 4B701C | .text | CALL [static] | Indirect call to absolute memory address |
| 65D1 | 4B701C | .text | CALL [static] | Indirect call to absolute memory address |
| 66AE | 4B7020 | .text | CALL [static] | Indirect call to absolute memory address |
| 67B3 | 4B7018 | .text | CALL [static] | Indirect call to absolute memory address |
| 6836 | 4B7020 | .text | CALL [static] | Indirect call to absolute memory address |
| 69D6 | 4B701C | .text | JMP [static] | Indirect jump to absolute memory address |
| 6B5C | 4B7020 | .text | CALL [static] | Indirect call to absolute memory address |
| 6F43 | 4B7360 | .text | CALL [static] | Indirect call to absolute memory address |
| 70C0 | 4B7038 | .text | CALL [static] | Indirect call to absolute memory address |
| 7135 | 4B7034 | .text | CALL [static] | Indirect call to absolute memory address |
| 71A5 | 4B3034 | .text | CALL [static] | Indirect call to absolute memory address |
| 720A | 4B3038 | .text | CALL [static] | Indirect call to absolute memory address |
| 86E1 | 4B300C | .text | CALL [static] | Indirect call to absolute memory address |
| 8D99 | 4B3010 | .text | CALL [static] | Indirect call to absolute memory address |
| 8E80 | 4B3014 | .text | CALL [static] | Indirect call to absolute memory address |
| AC07 | FF | .text | JMP [static] | Indirect jump to absolute memory address |
| B043 | 4B9C04 | .text | CALL [static] | Indirect call to absolute memory address |
| B060 | 4B9C04 | .text | CALL [static] | Indirect call to absolute memory address |
| B081 | 4B9C0C | .text | CALL [static] | Indirect call to absolute memory address |
| B0DF | 4B9C08 | .text | CALL [static] | Indirect call to absolute memory address |
| B13C | 4B9C08 | .text | CALL [static] | Indirect call to absolute memory address |
| B16F | 4B9C08 | .text | CALL [static] | Indirect call to absolute memory address |
| D2C5 | 4B3044 | .text | CALL [static] | Indirect call to absolute memory address |
| D444 | 4BF330 | .text | JMP [static] | Indirect jump to absolute memory address |
| D44C | 4BF32C | .text | JMP [static] | Indirect jump to absolute memory address |
| D454 | 4BF470 | .text | JMP [static] | Indirect jump to absolute memory address |
| D45C | 4BF2F0 | .text | JMP [static] | Indirect jump to absolute memory address |
| D464 | 4BF454 | .text | JMP [static] | Indirect jump to absolute memory address |
| CD200 | N/A | *Overlay* | 7A6C621A89504E470D0A1A0A0000000D49484452 | zlb..PNG........IHDR |
| Extra Analysis |
| Metric | Value | Percentage |
|---|---|---|
| Ascii Code | 1418957 | 66,5957% |
| Null Byte Code | 154453 | 7,2489% |
© 2026 All rights reserved.