OK theres something fishy going on here.
The scan you gave shows a REALbasic made script.
The second show somthing completely different? (Delphi?)
Could be nothing but then again it could be somthing.
Yours:
Code:
File size: 578539 bytes
MD5...: edc4dc9fc3fa9176fc3f0bc0c6dd5f1c
SHA1..: eb70c338ec0009d1eec4e643a0a5c7c599d3cf6e
SHA256: b80a9a9666d8312cad9a878175fb008f58fd9823f77ae06dc164f7a2c07109ff
SHA512: 420bfe8c3e60edfdd656901ac31a24cb9410720dd2adf3c78530fe3a0209a35c
afec3bc566e204c045bbfbbe039925e5e53684ec25b86b5fa6bb912aaf00d3f5
ssdeep: 12288:2YvXQHBZmrMjQ4np14IzsvMqiJ15tiwLmul8jNKVBntCk:2YvXWHmr2Zp1
4c1qiD5trLmI8MVBtCk
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
packers (F-Prot): PecBundle, PECompact
Mine:
Code:
File size: 583680 bytes
MD5...: bee500f48d3cee79a3172b9e7a4c5232
SHA1..: cf2e883a68926f97326d5048c9d61b9d7b683592
SHA256: 99d1fa9b2482e97f86462cd1560114a87a1adfa34f4a22eaf0f666054064f3d2
SHA512: a0985179bd3d108d7ff3d3aace7a39b5d03c4236be380a26f5face194f015074
f61ae7b799f23988c48b26b2ec667d500ef10710ddc1124924118e0075ff9d34
ssdeep: 12288:X2dANCwQBzD0KuzG8ChQZXqCav1gh/SpUVBLyyPnNC:i7R1DN/lw4gpSpc
PnN
PEiD..: PECompact 2.xx --> BitSum Technologies
TrID..: File type identification
Win32 EXE PECompact compressed (v2.x) (48.0%)
Win32 EXE PECompact compressed (generic) (33.8%)
Win32 Executable Generic (6.9%)
Win32 Dynamic Link Library (generic) (6.1%)
Win16/32 Executable Delphi generic (1.6%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x401000
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
( 2 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x15c000 0x8aa00 8.00 15329c36bd89d2d20c60f0f82c2d95ad
.rsrc 0x15d000 0x4000 0x3a00 6.05 8544e10806ee4743f15df089f2804f3d
( 13 imports )
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
> user32.dll: GetKeyboardType
> advapi32.dll: RegQueryValueExA
> oleaut32.dll: SysFreeString
> version.dll: VerQueryValueA
> gdi32.dll: UnrealizeObject
> ole32.dll: CreateStreamOnHGlobal
> comctl32.dll: ImageList_SetIconSize
> winspool.drv: OpenPrinterA
> shell32.dll: Shell_NotifyIconA
> wsock32.dll: WSACleanup
> netapi32.dll: Netbios
> winmm.dll: PlaySoundA
( 0 exports )
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
packers (F-Prot): PecBundle, PECompact
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=bee500f48d3cee79a3172b9e7a4c5232' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=bee500f48d3cee79a3172b9e7a4c5232</a>