Manalyze report for 529c76d2e4ba38a8c39fcc23150ce668bd140b28e391927018b32a9b4af8700a

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-May-01 17:18:02
Detected languages	English - United States
Debug artifacts	D:\Misc\HSource\ProjectFolder\ProjectFiles\HectraBootstrapperCPP\Release\HectraBootstrapper.pdb
CompanyName	Hectra Nonporation
FileDescription	Hectra Bootstrapper
FileVersion	`2.0.0.0`
InternalName	HectraBS
LegalCopyright	Copyright (C) 2026
OriginalFilename	HectraBootstrapper.exe
ProductName	Hectra
ProductVersion	`2.0.0.0`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Info	Interesting strings found in the binary:	`Contains domain names: acutedotcomb.cn breveacutecomb.cn brevegravecomb.cn brevetildecomb.cn circumflexacutecomb.cn circumflexgravecomb.cn circumflexhookcomb.cn circumflextildecomb.cn commaaccentright.cn commaaccentrotate.cn ehectra.xyz github.com https://github.com https://openfontlicense.orgThis https://openfontlicense.orghttps https://rsms.me macrondieresiscomb.cn tildecross.cn tonos.top uni02E5.cn uni02E6.cn uni02E7.cn uni02E8.cn uni02E9.cn`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryW GetProcAddress LoadLibraryExW` `Functions which can be used for anti-debugging purposes: SwitchToThread FindWindowW` `Can access the registry: RegDeleteKeyW RegCreateKeyExW RegSetValueExW RegCloseKey` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Can create temporary files: CreateFileW GetTempPathW` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Has Internet access capabilities: WinHttpQueryDataAvailable WinHttpConnect WinHttpSetTimeouts WinHttpSendRequest WinHttpCloseHandle WinHttpOpenRequest WinHttpReadData WinHttpQueryHeaders WinHttpOpen WinHttpReceiveResponse` `Enumerates local disk drives: GetDriveTypeW` `Can take screenshots: FindWindowW BitBlt CreateCompatibleDC`
Info	The PE is digitally signed.	`Signer: Hectra Nonporation` `Issuer: Hectra Nonporation`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`9ccf4046a39adea954b6b2f2194c9537`
SHA1	`854aabea62a303148bbe46415acb133497242d75`
SHA256	`529c76d2e4ba38a8c39fcc23150ce668bd140b28e391927018b32a9b4af8700a`
SHA3	`0d5f7c6a965e006449f5007a9bc46f5df76cdae05cde1c10cf6014f78710a732`
SSDeep	`49152:BQ+5ydHLN35/dmxFT4WapTL2iKeRpJ6iar9FJu:mJR35/dm3TStL2itpHaZFc`
Imports Hash	`748b797d3f28615ffafeb657af885f8e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2026-May-01 17:18:02
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0xb4e00`
SizeOfInitializedData	`0x118c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0003901D (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0xb6000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x1d1000`
SizeOfHeaders	`0x400`
Checksum	`0x1d13f2`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`81d59f95cf7e53d4a687f8c58dc9133c`
SHA1	`8102abfeede43efb6b234ea496b42af2dc82d0e7`
SHA256	`bf12f9ce4e864ce26b8d7f45986425bc85fadb42725094594c221805be28d7dc`
SHA3	`40460ab0049ad5f26c999ab31d1c8bc7a5c287a8df6df83e240aa2cc0f4c65bb`
VirtualSize	`0xb4c92`
VirtualAddress	`0x1000`
SizeOfRawData	`0xb4e00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.65691`

.rdata

MD5	`bbe2c591694399989002fd957ebecca2`
SHA1	`7410f4cd4d1f5c4f1dcc48c42105478e5bbbfd26`
SHA256	`539e253bbfd18719678af03afabe8af48a3ba33f80995bb02398b1db620da4bd`
SHA3	`44719a0541fbe75215833d51402cb3cf1a22a1ca0d711bf2e62e35153359ebfd`
VirtualSize	`0x226c2`
VirtualAddress	`0xb6000`
SizeOfRawData	`0x22800`
PointerToRawData	`0xb5200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.00146`

.data

MD5	`f8e22b30b2f9a9846d0538924d4e9976`
SHA1	`cb0f1ee735271dc26bf7755e9e2b2c33e049cc86`
SHA256	`018aa3952addb61640b060fc72295151baf850a46b212f51d248f44992f24346`
SHA3	`cdccc6a62a08ae4fca4aacaeacc0ea66f64235ad6f389259fbdd290016ff092d`
VirtualSize	`0x53c0`
VirtualAddress	`0xd9000`
SizeOfRawData	`0x3a00`
PointerToRawData	`0xd7a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.60464`

.rsrc

MD5	`d6d14202d2f506adfad8fdb74144c812`
SHA1	`a55f5df31eef614ce382192c7ec9e9cadaae2cc9`
SHA256	`4011b10e7caac1da612481d8c4db97b237efd456bc83ff629d03cd0c636ef1e4`
SHA3	`8a524380df63156a6c47e9f2ab21d5c4aa54fe06f2f39a9a781771f9624fd895`
VirtualSize	`0xe8508`
VirtualAddress	`0xdf000`
SizeOfRawData	`0xe8600`
PointerToRawData	`0xdb400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.52525`

.reloc

MD5	`5014bf760ffe6335de804cbf6787341e`
SHA1	`a4fff86eda4ea748dd46ed915c73e95dba30310a`
SHA256	`0836cc413e326c9734ef7b73d469657b63a1d9c66357eebf49ae9088deb9f1d5`
SHA3	`d577424864d28a789f4c643977fb355c727577d9e139066f93a62974e3217433`
VirtualSize	`0x88e0`
VirtualAddress	`0x1c8000`
SizeOfRawData	`0x8a00`
PointerToRawData	`0x1c3a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.64543`

Imports

KERNEL32.dll	`SetConsoleCtrlHandler` `ReadConsoleW` `SetStdHandle` `HeapReAlloc` `EnumSystemLocalesW` `GetUserDefaultLCID` `IsValidLocale` `GetTimeFormatW` `GetDateFormatW` `IsValidCodePage` `HeapFree` `GetConsoleMode` `GetConsoleOutputCP` `FlushFileBuffers` `GetTimeZoneInformation` `SetFilePointerEx` `GetFileSizeEx` `WriteFile` `GetStdHandle` `GetACP` `GetOEMCP` `GetCommandLineA` `GetCommandLineW` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetEnvironmentVariableW` `GetProcessHeap` `SetEndOfFile` `HeapSize` `WriteConsoleW` `GetModuleHandleW` `FindResourceW` `LoadResource` `LockResource` `GetTickCount64` `SizeofResource` `WideCharToMultiByte` `MoveFileExW` `CreateProcessW` `LocalFree` `GetLastError` `Sleep` `GetModuleFileNameW` `HeapAlloc` `GetModuleFileNameA` `ResumeThread` `ExitThread` `SystemTimeToFileTime` `TzSpecificLocalTimeToSystemTime` `ReadFile` `FileTimeToSystemTime` `SystemTimeToTzSpecificLocalTime` `PeekNamedPipe` `GetFileType` `GetDriveTypeW` `GetModuleHandleExW` `ExitProcess` `RaiseException` `RtlUnwind` `WaitForSingleObject` `LoadLibraryW` `SetCurrentDirectoryW` `GetCurrentDirectoryW` `CreateDirectoryW` `CreateFileW` `DeleteFileW` `FindClose` `FindFirstFileExW` `FindNextFileW` `GetDiskFreeSpaceExW` `GetFileAttributesW` `GetFileAttributesExW` `GetFileInformationByHandle` `GetFullPathNameW` `RemoveDirectoryW` `SetFileAttributesW` `SetFileTime` `GetTempPathW` `AreFileApisANSI` `CloseHandle` `SetLastError` `DeviceIoControl` `GetProcAddress` `CreateDirectoryExW` `CopyFileW` `CreateHardLinkW` `MultiByteToWideChar` `FormatMessageW` `EnterCriticalSection` `LeaveCriticalSection` `TryEnterCriticalSection` `DeleteCriticalSection` `GetCurrentThreadId` `DuplicateHandle` `WaitForSingleObjectEx` `GetCurrentProcess` `SwitchToThread` `GetCurrentThread` `GetExitCodeThread` `GetNativeSystemInfo` `GetStringTypeW` `QueryPerformanceCounter` `QueryPerformanceFrequency` `InitializeCriticalSectionAndSpinCount` `CreateEventW` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `GetSystemTimeAsFileTime` `GetTickCount` `EncodePointer` `DecodePointer` `CompareStringW` `LCMapStringW` `GetLocaleInfoW` `GetCPInfo` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `TerminateProcess` `IsProcessorFeaturePresent` `SetEvent` `ResetEvent` `IsDebuggerPresent` `GetStartupInfoW` `GetCurrentProcessId` `InitializeSListHead` `CreateTimerQueue` `SignalObjectAndWait` `CreateThread` `SetThreadPriority` `GetThreadPriority` `GetLogicalProcessorInformation` `CreateTimerQueueTimer` `ChangeTimerQueueTimer` `DeleteTimerQueueTimer` `GetNumaHighestNodeNumber` `GetProcessAffinityMask` `SetThreadAffinityMask` `RegisterWaitForSingleObject` `UnregisterWait` `OutputDebugStringW` `GetThreadTimes` `FreeLibrary` `FreeLibraryAndExitThread` `GetModuleHandleA` `LoadLibraryExW` `GetVersionExW` `VirtualAlloc` `VirtualProtect` `VirtualFree` `SetProcessAffinityMask` `ReleaseSemaphore` `InterlockedPopEntrySList` `InterlockedPushEntrySList` `InterlockedFlushSList` `QueryDepthSList` `UnregisterWaitEx` `WaitForMultipleObjectsEx` `RtlCaptureStackBackTrace`
USER32.dll	`LoadImageW` `BeginPaint` `PtInRect` `PostQuitMessage` `InvalidateRect` `EndPaint` `EnableWindow` `FindWindowW` `SetForegroundWindow` `DrawIconEx` `GetMessageW` `DefWindowProcW` `DestroyWindow` `FillRect` `CreateWindowExW` `GetSystemMetrics` `MessageBeep` `RegisterClassExW` `ShowWindow` `IsWindow` `DispatchMessageW` `SetTimer` `DestroyIcon` `TranslateMessage` `LoadCursorW` `SetCursor` `SetWindowLongW` `GetClientRect` `DrawTextW`
GDI32.dll	`BitBlt` `AddFontMemResourceEx` `CreateCompatibleBitmap` `SelectObject` `CreateCompatibleDC` `StretchBlt` `CreateFontW` `DeleteDC` `TextOutW` `GetTextExtentPoint32W` `SetTextColor` `SetBkMode` `CreatePen` `GetObjectW` `SetStretchBltMode` `DeleteObject` `CreateSolidBrush` `RemoveFontMemResourceEx` `RoundRect`
ADVAPI32.dll	`RegDeleteKeyW` `RegCreateKeyExW` `RegDeleteTreeW` `RegSetValueExW` `RegCloseKey`
SHELL32.dll	`SHGetFolderPathW` `ShellExecuteW` `SHChangeNotify` `CommandLineToArgvW`
WINHTTP.dll	`WinHttpQueryDataAvailable` `WinHttpConnect` `WinHttpSetTimeouts` `WinHttpSendRequest` `WinHttpCloseHandle` `WinHttpOpenRequest` `WinHttpReadData` `WinHttpQueryHeaders` `WinHttpOpen` `WinHttpReceiveResponse`

Delayed Imports

102

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe52a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.26356`
MD5	`71246d564748d35895bc14e507400923`
SHA1	`00e3a8ca112b41e9fa22f5f646230b2d662c0d30`
SHA256	`f71a3c275510609d12005e7ad75bf315af722cf19db498f3312924a915b53600`
SHA3	`10b0893475f6079c536b57f9a15fcd25d53e179c70cb19ae91467fefc4faeb62`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xdfe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.88905`
Detected Filetype	PNG graphic file
MD5	`dadea5a2f2abd5ba6d73dd6a2df53ad1`
SHA1	`760d8b951a736b249975ae1d22de293f99271704`
SHA256	`6c7149857d20253ae7ffaa5be4e343c04b083c186080a789e972ca9b1ce107b2`
SHA3	`e43ed5659376342033148b79d833768f69f3a8ddf9178b4e06f3048556db896b`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c45`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.85548`
Detected Filetype	PNG graphic file
MD5	`d5766998b67e1e98461c922211f943a3`
SHA1	`5b5bc15338ec0ed171cb26aade001afbf6334a76`
SHA256	`f9a33a5b78a69220377cc8628d620cfa38bcd29e97e05e0c98da096625bef635`
SHA3	`a4466676f345ad376a2d7c27a2d9976a1858ea8a15a9e09464178cdc9ce7d7b1`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x58c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.8262`
Detected Filetype	PNG graphic file
MD5	`8d636c843d63729dc325795dce1d4501`
SHA1	`f6a825d5a469231d0204d28eaf179c81439b39a4`
SHA256	`6eac4b895ceb056fc5bed1774e1658c1677f18d0352c2c47d4e8fe3cd06c0db4`
SHA3	`e170eff7c30658cc087e4bf6d05d8161a56c59e4b89ebf6b85c8920bf85cb136`

104

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd58d4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.41333`
Detected Filetype	TrueType font file
MD5	`0a77e23a8fdbe6caefd53cb04c26fabc`
SHA1	`ee5c2e22ffeddefc433c9aa4c76779bb73a5c682`
SHA256	`0be2399ea925f1f83ff974764761da9860ec50742ed29a5d4c1ffd0c5c7ac3a8`
SHA3	`a525897bcf2722791cb53c7691ecb2c0b268139c58b46d758f26755d9c10e3b5`

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`29329be3dd40e39bce7b68b3d96306bc`
SHA1	`bb29ffff935690644e467b9bf0b4a4781277446c`
SHA256	`75ab1349cebb37c1b2f71306e50118b9a59bb36c9054fb64ca01a8ed00046086`
SHA3	`2787af3454afec3844b0e6835276787ddbbd31212144755f22c8136923a86c39`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.6789`
Detected Filetype	Icon file
MD5	`ce06ac79f5b852e836596e22e1c5c091`
SHA1	`3a89bcd1a46ab2739fb80028c09fd2a808fc8812`
SHA256	`dee6ac9bff3d67acca4c6743404f073bb512545a2da26d564ff17be1d98b1392`
SHA3	`f1cc5549ca813f82abbac69f90f92372e3fdbc574ebfd8aa1f1a470684d8789f`

105

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.94375`
Detected Filetype	Icon file
MD5	`fecfd8b7744aabfd9d2e60451ee590ab`
SHA1	`81a5766645300ee54451075778b8c29fac00025d`
SHA256	`aca8d619c075a59ab538bfb739817ff07b60254b66ae36018c8b81eea17d7e0d`
SHA3	`3193e7433b717623b5f312d03322aaa3f44eee20abb8e6d201420fa8f08a067e`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28509`
MD5	`bfbb0672eff8740e2338710d48f33797`
SHA1	`b61834d9432ec7d6a84b7c6349e3aba00bc4c428`
SHA256	`192cd4cf47636989ea09e986ed24877d01c9374886ef3ea9f582629f09cc1081`
SHA3	`81caa1896192808823eedb0531753b4ca798bd524a34ff1a213fa3837ae1bbdd`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.0.0.0
ProductVersion	2.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Hectra Nonporation
FileDescription	Hectra Bootstrapper
FileVersion (#2)	2.0.0.0
InternalName	HectraBS
LegalCopyright	Copyright (C) 2026
OriginalFilename	HectraBootstrapper.exe
ProductName	Hectra
ProductVersion (#2)	2.0.0.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-May-01 17:18:02
Version	`0.0`
SizeofData	`120`
AddressOfRawData	`0xcda98`
PointerToRawData	`0xccc98`
Referenced File	D:\Misc\HSource\ProjectFolder\ProjectFiles\HectraBootstrapperCPP\Release\HectraBootstrapper.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-May-01 17:18:02
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0xcdb10`
PointerToRawData	`0xccd10`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-May-01 17:18:02
Version	`0.0`
SizeofData	`940`
AddressOfRawData	`0xcdb24`
PointerToRawData	`0xccd24`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2026-May-01 17:18:02
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x4cdee0`
EndAddressOfRawData	`0x4cdee8`
AddressOfIndex	`0x4dd09c`
AddressOfCallbacks	`0x4b641c`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0xa0`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x4d9074`
SEHandlerTable	`0x4cd1a0`
SEHandlerCount	`574`

RICH Header

XOR Key	`0x15c52413`
Unmarked objects	`0`
ASM objects (27412)	`21`
C++ objects (27412)	`187`
C objects (27412)	`24`
ASM objects (VS 2015/2017 runtime 26706)	`24`
C++ objects (VS 2015/2017 runtime 26706)	`123`
C objects (VS 2015/2017 runtime 26706)	`38`
Imports (27412)	`13`
Total imports	`227`
C++ objects (LTCG) (27054)	`5`
Resource objects (27054)	`1`
151	`1`
Linker (27054)	`1`

Errors

Leave a comment

No comments yet.