Manalyze report for 25e100e593d4fa4580aacce91517acefa537b00078604efb45f04684366f152a

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2026-May-31 18:13:16
Detected languages	English - United States
TLS Callbacks	2 callback(s) detected.
Debug artifacts	C:\Users\Admin\Downloads\fnV2\fnV2\fnV2\fnV2\fnV2\fnV2\fnV2\fnV2\x64\Release\base.pdb

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: %TEMP%` `Miscellaneous malware strings: System32\drivers\etc\hosts` `Contains domain names: example.com github.com githubusercontent.com http://www.zkysky.com.ar http://www.zkysky.com.ar/Julieta https://curl.se https://github.com https://keyauth.win https://openfontlicense.orgThis https://openfontlicense.orghttp https://raw.githubusercontent.com https://raw.githubusercontent.com/fqwgqhgq/dwdqfghqdwqfq/refs/heads/main/Mapper.exe https://raw.githubusercontent.com/fqwgqhgq/dwqghdwqgqwq/refs/heads/main/driver.sys raw.githubusercontent.com www.zkysky.com zkysky.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to RC5 or RC6` `Uses known Mersenne Twister constants` `Microsoft's Cryptography API`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryW GetProcAddress LoadLibraryA` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot` `Can access the registry: RegDeleteKeyA RegCreateKeyExA` `Possibly launches other programs: ShellExecuteA system` `Uses Windows's Native API: ntohl ntohs` `Uses Microsoft's cryptographic API: CryptAcquireContextW CryptReleaseContext CryptGetHashParam CryptCreateHash CryptHashData CryptDestroyHash CryptEncrypt CryptImportKey CryptDestroyKey CryptStringToBinaryW CryptDecodeObjectEx CryptQueryObject` `Uses functions commonly found in keyloggers: GetForegroundWindow GetAsyncKeyState` `Leverages the raw socket API to access the Internet: gethostname ioctlsocket sendto inet_pton freeaddrinfo getaddrinfo ntohl recvfrom inet_ntop htonl accept select __WSAFDIsSet WSAIoctl socket setsockopt listen htons getsockname getpeername connect bind WSACleanup WSAStartup WSASetLastError ntohs WSAGetLastError closesocket WSAWaitForMultipleEvents WSAResetEvent WSAEventSelect WSAEnumNetworkEvents WSACreateEvent WSACloseEvent send getsockopt recv` `Functions related to the privilege level: OpenProcessToken` `Manipulates other processes: Process32NextW Process32FirstW` `Changes object ACLs: SetSecurityInfo` `Reads the contents of the clipboard: GetClipboardData` `Interacts with the certificate store: CertOpenStore CertAddCertificateContextToStore`
Malicious	VirusTotal score: 31/67 (Scanned on 2026-06-03 22:11:55)	`ALYac: Gen:Variant.Application.Tedy.58087` `APEX: Malicious` `AVG: Win64:MalwareX-gen [Misc]` `Alibaba: Trojan:Win64/GenKryptik.27b931e5` `Arcabit: Trojan.Application.Tedy.DE2E7` `Avast: Win64:MalwareX-gen [Misc]` `BitDefender: Gen:Variant.Application.Tedy.58087` `Bkav: W32.Malware.85E2E579` `CTX: exe.trojan.tedy` `CrowdStrike: win/malicious_confidence_100% (W)` `Cylance: Unsafe` `DeepInstinct: MALICIOUS` `ESET-NOD32: Win64/GenKryptik_AGen.DWF trojan` `Elastic: malicious (high confidence)` `Emsisoft: Gen:Variant.Application.Tedy.58087 (B)` `GData: Gen:Variant.Application.Tedy.58087` `Google: Detected` `Gridinsoft: Ransom.Win64.Sabsik.sa` `Lionic: Trojan.Win32.Generic.4!c` `Malwarebytes: Malware.AI.1307060608` `McAfeeD: ti!25E100E593D4` `MicroWorld-eScan: Gen:Variant.Application.Tedy.58087` `Microsoft: Trojan:Win32/Wacatac.B!ml` `Rising: Trojan.Kryptik@AI.100 (RDML:BBrFkdV9Z2+zyJblEucpjQ)` `SentinelOne: Static AI - Suspicious PE` `Sophos: Mal/Generic-S` `Symantec: ML.Attribute.HighConfidence` `TrellixENS: Artemis!2D74BE190A8B` `VIPRE: Gen:Variant.Application.Tedy.58087` `Varist: W64/ABApplication.LGRR-6139` `alibabacloud: Riskware:Win/GenKryptik_AGen.DI!`

Hashes

MD5	`2d74be190a8b914ae4b8e591217edf2e`
SHA1	`3e0cfed4529c6215736530f3e14b6de33a8aaf90`
SHA256	`25e100e593d4fa4580aacce91517acefa537b00078604efb45f04684366f152a`
SHA3	`dc317b9d6c8b5288442f1e6b43b3905477e9445e28919fb69cbab4faa003e313`
SSDeep	`49152:EEaS4BthPQfOfUITZKLBgTQBpZVjg9TXnKTOt:ErgOfUITZKLBgTQBbC9`
Imports Hash	`7266848236940f6faf73caa9c9faa95f`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x120`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-May-31 18:13:16
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x11b400`
SizeOfInitializedData	`0xa4c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000001186F0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x1c4000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`05d60ca32f5d7eb0967335beab8b03b1`
SHA1	`5a4d6d1c99e80a3193231716b7b9d6022df533e8`
SHA256	`62a149c67e372fbe3ae940712a17fd6aff7f4ceb21e7c6e82629c073197d9eb2`
SHA3	`6409f4aea7f88c541165354c0ddeb561a8940e1bae391b6ab0d6c324f9e6637b`
VirtualSize	`0x11b290`
VirtualAddress	`0x1000`
SizeOfRawData	`0x11b400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.54476`

.rdata

MD5	`7d402ec2f45b7bf53aa1d48cbeb085eb`
SHA1	`2c4d95da986eaf0928596e5f891f1d590a02c3c3`
SHA256	`68a90a19974d44ef3092e90fc4040ea945fb62adb752fba414da4c001c3277a0`
SHA3	`59ffd65d175466c2cbfb5e2ea7d2686a78d641aa2893eb8a83ec7f34049d4ae6`
VirtualSize	`0x95f16`
VirtualAddress	`0x11d000`
SizeOfRawData	`0x96000`
PointerToRawData	`0x11b800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.15009`

.data

MD5	`c35dc6443eb7dc59ba6c13b3f44a50d6`
SHA1	`0eb4701412f8625463f0873bf4dcf4396b41edc9`
SHA256	`8b057018a3f56bab2e24c458274a444b56c2389e355ced47d172e0b7d085aa7b`
SHA3	`b9f457c408785aad100ff040c4f43fcb2eeeb19bbea55bdaab96c7022e626261`
VirtualSize	`0x2098`
VirtualAddress	`0x1b3000`
SizeOfRawData	`0x1c00`
PointerToRawData	`0x1b1800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.78309`

.pdata

MD5	`7886559042159905e0e72e48a9fec4f2`
SHA1	`39a722881443cee306689bc43f66de10e3420fa7`
SHA256	`226790c4d68c5bd37b1ae03ccaee0c9d62a9ed9c7aa61d2e0b35edc98bb0411e`
SHA3	`a51de671da60f89357b21d81fac8c9f28fd79a77c8e7a1ecad87b3b6c43bb212`
VirtualSize	`0xb8bc`
VirtualAddress	`0x1b6000`
SizeOfRawData	`0xba00`
PointerToRawData	`0x1b3400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.11904`

.rsrc

MD5	`223c27758ecf2f09b8b2ca8ce18d8e71`
SHA1	`ae12df44c1f1733fb7eb0217ff65b8114e8d3ded`
SHA256	`c315ae9b5cfb4306e8e957bc1112953da56781b7bb7f66495fdf16eae5b68850`
SHA3	`99b8fa85494bdbbe838070137fc7fea605add7e274764274c07675ba2d22c107`
VirtualSize	`0x1e8`
VirtualAddress	`0x1c2000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1bee00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.75872`

.reloc

MD5	`c21094886f68eeac3c50b54c75e13bba`
SHA1	`400f37c30efe28c4420ffd1fe1269ac38b5b46d0`
SHA256	`e001aa6ed79e446c5342aff99932dd6ea687ce3db6c3de581a3650db0e545bac`
SHA3	`d7aa2aef59795249d0f384bc11159024f5f8d3b3de70173bc61f177bfa389d0b`
VirtualSize	`0xc30`
VirtualAddress	`0x1c3000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x1bf000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.08465`

Imports

d3d11.dll	`D3D11CreateDeviceAndSwapChain`
dwmapi.dll	`DwmExtendFrameIntoClientArea`
KERNEL32.dll	`ReleaseSRWLockExclusive` `AcquireSRWLockExclusive` `InitializeCriticalSection` `EnterCriticalSection` `LeaveCriticalSection` `LocalFree` `LoadLibraryW` `SleepEx` `GetSystemInfo` `GetTickCount` `MoveFileExW` `WaitForSingleObjectEx` `GetEnvironmentVariableA` `GetStdHandle` `GetFileType` `ReadFile` `PeekNamedPipe` `WaitForMultipleObjects` `VerifyVersionInfoW` `GetFileSizeEx` `SetLastError` `SleepConditionVariableSRW` `GetCurrentDirectoryW` `CreateDirectoryW` `FindClose` `FindFirstFileW` `GetFileAttributesExW` `SetFileInformationByHandle` `CreateFile2` `AreFileApisANSI` `SetDllDirectoryW` `GetFileInformationByHandleEx` `WakeAllConditionVariable` `GetSystemTimeAsFileTime` `InitializeSListHead` `SetUnhandledExceptionFilter` `IsDebuggerPresent` `OutputDebugStringW` `QueryFullProcessImageNameW` `SetDefaultDllDirectories` `AddDllDirectory` `GetModuleFileNameW` `GetModuleFileNameA` `UnmapViewOfFile` `MapViewOfFile` `CreateFileMappingW` `VirtualProtect` `GetSystemDirectoryW` `GetTickCount64` `GetCurrentThreadId` `CreateThread` `GetCurrentProcessId` `HeapReAlloc` `HeapAlloc` `HeapDestroy` `AddVectoredExceptionHandler` `GetLastError` `GetFileAttributesA` `QueryPerformanceCounter` `FreeLibrary` `VerSetConditionMask` `GetProcAddress` `QueryPerformanceFrequency` `LoadLibraryA` `GetLocaleInfoA` `GetModuleHandleA` `GlobalUnlock` `WideCharToMultiByte` `GlobalLock` `GlobalFree` `GlobalAlloc` `MultiByteToWideChar` `lstrcmpiW` `GetCurrentProcess` `DeleteCriticalSection` `InitializeCriticalSectionEx` `GetProcessHeap` `HeapSize` `HeapFree` `FormatMessageA` `GetLocaleInfoEx` `FormatMessageW` `DeviceIoControl` `CreateFileW` `CreateToolhelp32Snapshot` `Sleep` `Process32NextW` `Process32FirstW` `CloseHandle` `GetModuleHandleW` `CreateDirectoryA`
USER32.dll	`GetClientRect` `SetCursor` `SetCapture` `CloseClipboard` `EmptyClipboard` `LoadCursorW` `GetForegroundWindow` `GetKeyboardLayout` `TrackMouseEvent` `GetClipboardData` `SetClipboardData` `GetWindowLongW` `DefWindowProcW` `CreateWindowExW` `GetSystemMetrics` `OpenClipboard` `ShowWindow` `GetAsyncKeyState` `DispatchMessageW` `PeekMessageW` `SetLayeredWindowAttributes` `TranslateMessage` `SetWindowLongW` `PostQuitMessage` `ClientToScreen` `GetCapture` `SetForegroundWindow` `IsWindowUnicode` `UpdateWindow` `GetCursorPos` `ReleaseCapture` `SetCursorPos` `RegisterClassExW` `ScreenToClient` `GetMessageExtraInfo` `MessageBoxA` `GetKeyState`
ADVAPI32.dll	`RegDeleteKeyA` `AddAccessAllowedAce` `GetLengthSid` `GetTokenInformation` `InitializeAcl` `IsValidSid` `RegCreateKeyExA` `SetSecurityInfo` `CopySid` `ConvertSidToStringSidA` `CryptAcquireContextW` `CryptReleaseContext` `CryptGetHashParam` `CryptCreateHash` `CryptHashData` `CryptDestroyHash` `CryptEncrypt` `CryptImportKey` `CryptDestroyKey` `SystemFunction036` `OpenProcessToken`
SHELL32.dll	`ShellExecuteA`
MSVCP140.dll	`??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z` `?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z` `?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z` `?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?getloc@ios_base@std@@QEBA?AVlocale@2@XZ` `?good@ios_base@std@@QEBA_NXZ` `??7ios_base@std@@QEBA_NXZ` `??Bios_base@std@@QEBA_NXZ` `?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?always_noconv@codecvt_base@std@@QEBA_NXZ` `_Xtime_get_ticks` `_Query_perf_counter` `_Query_perf_frequency` `_Thrd_detach` `_Cnd_do_broadcast_at_thread_exit` `?_Throw_Cpp_error@std@@YAXH@Z` `?_Syserror_map@std@@YAPEBDH@Z` `?_Winerror_map@std@@YAHH@Z` `?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z` `?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z` `?_Xbad_function_call@std@@YAXXZ` `?_Random_device@std@@YAIXZ` `?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?_Xlength_error@std@@YAXPEBD@Z` `?id@?$ctype@D@std@@2V0locale@2@A` `?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `?_Xout_of_range@std@@YAXPEBD@Z` `?_Id_cnt@id@locale@std@@0HA` `?_Xinvalid_argument@std@@YAXPEBD@Z` `?_Xbad_alloc@std@@YAXXZ` `?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A` `?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ` `?uncaught_exceptions@std@@YAHXZ` `??0_Lockit@std@@QEAA@H@Z` `??1_Lockit@std@@QEAA@XZ` `?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z` `?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A`
CRYPT32.dll	`CertCloseStore` `CertEnumCertificatesInStore` `CertFindCertificateInStore` `CertFreeCertificateContext` `CryptStringToBinaryW` `PFXImportCertStore` `CryptDecodeObjectEx` `CertOpenStore` `CertAddCertificateContextToStore` `CertFindExtension` `CertGetNameStringW` `CertCreateCertificateChainEngine` `CertFreeCertificateChainEngine` `CertGetCertificateChain` `CertFreeCertificateChain` `CryptQueryObject`
WS2_32.dll	`gethostname` `ioctlsocket` `sendto` `inet_pton` `freeaddrinfo` `getaddrinfo` `ntohl` `recvfrom` `inet_ntop` `htonl` `accept` `select` `__WSAFDIsSet` `WSAIoctl` `socket` `setsockopt` `listen` `htons` `getsockname` `getpeername` `connect` `bind` `WSACleanup` `WSAStartup` `WSASetLastError` `ntohs` `WSAGetLastError` `closesocket` `WSAWaitForMultipleEvents` `WSAResetEvent` `WSAEventSelect` `WSAEnumNetworkEvents` `WSACreateEvent` `WSACloseEvent` `send` `getsockopt` `recv`
IMM32.dll	`ImmGetContext` `ImmReleaseContext` `ImmSetCandidateWindow` `ImmSetCompositionWindow`
D3DCOMPILER_47.dll	`D3DCompile`
SHLWAPI.dll	`PathFindFileNameW`
PSAPI.DLL	`GetModuleInformation`
WINTRUST.dll	`WinVerifyTrust`
DNSAPI.dll	`DnsFree` `DnsQuery_A`
USERENV.dll	`UnloadUserProfile`
bcrypt.dll	`BCryptGenRandom`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
VCRUNTIME140.dll	`__current_exception` `__C_specific_handler` `wcschr` `__current_exception_context` `memset` `memmove` `memcpy` `strrchr` `memcmp` `memchr` `_CxxThrowException` `__std_exception_destroy` `__std_exception_copy` `__std_terminate` `strstr` `strchr`
api-ms-win-crt-runtime-l1-1-0.dll	`terminate` `_errno` `_invoke_watson` `_seh_filter_exe` `_set_app_type` `_beginthreadex` `_configure_narrow_argv` `_initialize_narrow_environment` `_get_initial_narrow_environment` `_initterm` `_initterm_e` `_exit` `__sys_errlist` `__p___argc` `__p___argv` `_cexit` `_c_exit` `_register_thread_local_exe_atexit_callback` `__sys_nerr` `abort` `_invalid_parameter_noinfo` `_initialize_onexit_table` `_register_onexit_function` `_crt_atexit` `system` `exit` `_resetstkoflw`
api-ms-win-crt-stdio-l1-1-0.dll	`_fileno` `_close` `feof` `fseek` `fgetc` `fputs` `fwrite` `__stdio_common_vsprintf` `_write` `_read` `fgetpos` `ftell` `fputc` `__p__commode` `setvbuf` `ungetc` `_wopen` `_set_fmode` `fsetpos` `fread` `__stdio_common_vsscanf` `_fseeki64` `fflush` `fclose` `_lseeki64` `_popen` `_pclose` `fgets` `_get_stream_buffer_pointers` `__acrt_iob_func` `__stdio_common_vfprintf` `_wfopen`
api-ms-win-crt-heap-l1-1-0.dll	`calloc` `malloc` `realloc` `_set_new_mode` `_callnewh` `free`
api-ms-win-crt-convert-l1-1-0.dll	`strtol` `strtoull` `wcstombs` `strtof` `strtod` `strtoll` `atoi` `strtoul`
api-ms-win-crt-filesystem-l1-1-0.dll	`_unlink` `remove` `_unlock_file` `_lock_file` `_fstat64` `_wstat64`
api-ms-win-crt-math-l1-1-0.dll	`sinf` `_dclass` `sqrt` `sqrtf` `sin` `pow` `tanf` `floorf` `cosf` `cos` `ceilf` `_fdopen` `atan2f` `_dsign` `atan2` `asin` `acosf` `__setusermatherr` `roundf` `fmodf`
api-ms-win-crt-utility-l1-1-0.dll	`qsort`
api-ms-win-crt-environment-l1-1-0.dll	`_dupenv_s` `getenv`
api-ms-win-crt-string-l1-1-0.dll	`wcsncmp` `isxdigit` `isspace` `tolower` `_stricmp` `strncpy` `strcmp` `strlen` `wcslen` `_wcsdup` `strspn` `_strdup` `strcspn` `strpbrk` `strncmp` `wcsncpy` `towlower` `wcspbrk`
api-ms-win-crt-time-l1-1-0.dll	`strftime` `_gmtime64` `_localtime64` `_time64`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale` `localeconv` `___lc_codepage_func`

Delayed Imports

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x188`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.89623`
MD5	`b8e76ddb52d0eb41e972599ff3ca431b`
SHA1	`fc12d7ad112ddabfcd8f82f290d84e637a4d62f8`
SHA256	`165c5c883fd4fd36758bcba6baf2faffb77d2f4872ffd5ee918a16f91de5a8a8`
SHA3	`37f83338b28cb102b1b14f27280ba1aa3fffb17f7bf165cb7b675b7e8eb7cddd`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-May-31 18:13:16
Version	`0.0`
SizeofData	`110`
AddressOfRawData	`0x19cf4c`
PointerToRawData	`0x19b74c`
Referenced File	C:\Users\Admin\Downloads\fnV2\fnV2\fnV2\fnV2\fnV2\fnV2\fnV2\fnV2\x64\Release\base.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-May-31 18:13:16
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x19cfbc`
PointerToRawData	`0x19b7bc`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-May-31 18:13:16
Version	`0.0`
SizeofData	`1012`
AddressOfRawData	`0x19cfd0`
PointerToRawData	`0x19b7d0`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2026-May-31 18:13:16
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x14019d3f0`
EndAddressOfRawData	`0x14019d560`
AddressOfIndex	`0x1401b4de0`
AddressOfCallbacks	`0x14011dfc8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_16BYTES`
Callbacks	`0x0000000140118980` `0x0000000140118A60`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1401b3f40`

RICH Header

XOR Key	`0xe703eaa3`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`22`
253 (35721)	`7`
ASM objects (35721)	`4`
C objects (35721)	`10`
C++ objects (35721)	`41`
Imports (35721)	`6`
C objects (33523)	`43`
C objects (VS2022 Update 6 (17.6.4) compiler 32535)	`129`
C++ objects (35223)	`5`
Imports (35215)	`37`
Total imports	`527`
C++ objects (LTCG) (36246)	`7`
Resource objects (36246)	`1`
Linker (36246)	`1`

Errors

Leave a comment

No comments yet.