Manalyze report for 679781e262b0503bb4533d51a91eecfd224119ec943c439d98d005bbc7fc5c8f

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Jun-04 23:16:10
Detected languages	English - United States
TLS Callbacks	1 callback(s) detected.
Debug artifacts	nerv.pdb

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Info	Interesting strings found in the binary:	`Contains domain names: Z-google.golang.org github.com golang.org google.golang.org googleapis.com googleprod.com http://scripts.sil.org http://scripts.sil.org/OFL http://scripts.sil.org/OFLhttp https://github.com https://tonsky.meThis https://tonsky.mehttps scripts.sil.org type.googleapis.com type.googleprod.com`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to RC5 or RC6`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot` `Uses functions commonly found in keyloggers: MapVirtualKeyA GetAsyncKeyState GetForegroundWindow` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Reads the contents of the clipboard: GetClipboardData`
Malicious	VirusTotal score: 32/69 (Scanned on 2026-06-21 11:17:54)	`ALYac: Adware.GenericKD.61140152` `AhnLab-V3: Trojan/Win.Generic.C5898211` `Antiy-AVL: GrayWare[AdWare]/Win32.Puwaders` `Arcabit: Adware.Generic.D3A4ECB8` `BitDefender: Adware.GenericKD.61140152` `Bkav: W32.Malware.BCA3DE8A` `CTX: dll.trojan.generic` `Cylance: Unsafe` `Cynet: Malicious (score: 100)` `ESET-NOD32: Win64/GameHack.VU potentially unsafe application` `Elastic: malicious (moderate confidence)` `Emsisoft: Adware.GenericKD.61140152 (B)` `GData: Adware.GenericKD.61140152` `Google: Detected` `K7AntiVirus: Unwanted-Program ( 005cf5f01 )` `K7GW: Unwanted-Program ( 005cf5f01 )` `Lionic: Trojan.Win32.Generic.4!c` `Malwarebytes: Malware.AI.4175032888` `MaxSecure: Trojan.Malware.300983.susgen` `McAfeeD: ti!679781E262B0` `MicroWorld-eScan: Adware.GenericKD.61140152` `Microsoft: Trojan:Win32/Kepavll!rfn` `Panda: Trj/PhxIK.A` `Rising: Trojan.Kryptik@AI.86 (RDML:07YLErV2fiZT2e35otqiAg)` `Sophos: Generic Reputation PUA (PUA)` `Symantec: PUA.Gen.2` `TrellixENS: Artemis!6CE62B21A3E1` `TrendMicro: Trojan.Win32.ZYX.USBLFG26` `TrendMicro-HouseCall: Trojan.Win32.ZYX.USBLFG26` `VIPRE: Adware.GenericKD.61140152` `Varist: W64/GameCheat.B.gen!Eldorado` `Webroot: W32.Hack.Tool`

Hashes

MD5	`6ce62b21a3e1593012299abb2922e79c`
SHA1	`454577d9bf1af6560ec5fef4d47a16c41843a6d0`
SHA256	`679781e262b0503bb4533d51a91eecfd224119ec943c439d98d005bbc7fc5c8f`
SHA3	`7fdb6a3c8f191d2a4c042fe1793b81e728a173af886dc0ddbdf2e80c70a9f070`
SSDeep	`49152:3rBA38c+XXqpGiGnv52mXfA760+MZkkkgk7tySxh5G9V:tsGYvfGty`
Imports Hash	`364090409dd94f278b0b78b5f30b2c58`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-Jun-04 23:16:10
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_DLL` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x195800`
SizeOfInitializedData	`0xc7400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000018BB10 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x180000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x260000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a6337804ab805fab2b9cfa35936fc240`
SHA1	`68ea2df08712f27bd0c5d6c15938aa66803aa69d`
SHA256	`9988b295bea14b85bbec31d9469c3f26c4e52f7102070051648f26ce7261cb05`
SHA3	`6312a74298cb7839e72a39d369655a6a7391fedf6f8c9488ddf7e6452d20aa27`
VirtualSize	`0x1956b1`
VirtualAddress	`0x1000`
SizeOfRawData	`0x195800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.5104`

.rdata

MD5	`46cc77fdbc751385892ca0e51be4c473`
SHA1	`67338e839a6de9c69bfe21035acf1a5ab1c13f9d`
SHA256	`4a02bf4711ae2970c7073c25181f16de4dc82cfcfdd999dddc617e6b60b2b25c`
SHA3	`8258562260def131e4878cef2fe27b027f2223e206fc826fadc208ad3ca696f4`
VirtualSize	`0xa4818`
VirtualAddress	`0x197000`
SizeOfRawData	`0xa4a00`
PointerToRawData	`0x195c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.13651`

.data

MD5	`9f57e95b92be8089d9bbe1bf105f6bb6`
SHA1	`9005bd021fdec294198e0bbdd9cd88a96e45621a`
SHA256	`6171a5f48e5e7915c7890bbb84a443bc17b92a73030cb39e5db696d6729b7447`
SHA3	`5d5be4afdcf27f9d1301fa5c42149fcf3ff53df5db1f65a580fa6bae6c804aee`
VirtualSize	`0xbad8`
VirtualAddress	`0x23c000`
SizeOfRawData	`0x9e00`
PointerToRawData	`0x23a600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.748`

.pdata

MD5	`e3b8d3d55e39fdb84ef601da71584e3d`
SHA1	`b6ace726fff9427435ced9ba6f3039f3c263dd0d`
SHA256	`53c09e1476ff7012f2c1311a8af737b033dde57b0b04a3ca2871a29e728313c0`
SHA3	`51997f3bfdacc542008a6d0327a7572f5acdda74a2cdb39cefe4d5dcf715cba3`
VirtualSize	`0x12cb4`
VirtualAddress	`0x248000`
SizeOfRawData	`0x12e00`
PointerToRawData	`0x244400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.19074`

.rsrc

MD5	`ebad7d5a12a3dcba64bc14564abbcf4b`
SHA1	`95fd19c929783cb28ef96f1f57de1d9a951dc082`
SHA256	`8c7a5e04d9ff48369dc903d30aff23330d8c1effbd41373f63da5f50b51cec20`
SHA3	`52bcbe79565f9b516d6ff31169c97f82070cd33b0b341a8fa856b7d0b22af203`
VirtualSize	`0x1e0`
VirtualAddress	`0x25b000`
SizeOfRawData	`0x200`
PointerToRawData	`0x257200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.72473`

.reloc

MD5	`e8203f44c0d276ec9c96f37bcbbe2256`
SHA1	`21b848f138d489f7124e51d442bcb98afec8f83e`
SHA256	`a3f4cd7fcb24ecaef777eb43eb8f88955e17f8f9ae106661bb3e4984171debd1`
SHA3	`0db5aa3126cc8b9e081811f413290ac78a8501ca3f7b2f9b5b1fdb41a6aed064`
VirtualSize	`0x3c54`
VirtualAddress	`0x25c000`
SizeOfRawData	`0x3e00`
PointerToRawData	`0x257400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.42314`

Imports

d3d11.dll	`D3D11CreateDeviceAndSwapChain`
KERNEL32.dll	`UnmapViewOfFile` `CreateFileA` `GetProcAddress` `CreateFileMappingA` `MapViewOfFile` `MultiByteToWideChar` `GlobalAlloc` `GlobalFree` `GlobalLock` `WideCharToMultiByte` `GlobalUnlock` `LoadLibraryA` `QueryPerformanceFrequency` `FreeLibrary` `QueryPerformanceCounter` `VirtualFree` `VirtualAlloc` `GetSystemInfo` `VirtualQuery` `HeapCreate` `VirtualProtect` `HeapFree` `Thread32Next` `Thread32First` `GetCurrentThreadId` `SuspendThread` `ResumeThread` `CreateToolhelp32Snapshot` `HeapReAlloc` `HeapAlloc` `HeapDestroy` `GetThreadContext` `GetCurrentProcessId` `FlushInstructionCache` `SetThreadContext` `OpenThread` `OutputDebugStringA` `FindClose` `FindFirstFileW` `FindNextFileW` `GetLastError` `GetModuleHandleA` `GetSystemTimeAsFileTime` `SleepConditionVariableSRW` `WakeAllConditionVariable` `AcquireSRWLockExclusive` `ReleaseSRWLockExclusive` `InitOnceComplete` `InitOnceBeginInitialize` `GetFileInformationByHandleEx` `AreFileApisANSI` `CreateFile2` `SetFileInformationByHandle` `GetFileAttributesExW` `FindFirstFileExW` `CreateDirectoryW` `GetLocaleInfoEx` `FormatMessageA` `LocalFree` `GetCurrentProcess` `GetModuleFileNameA` `GetModuleFileNameW` `CreateThread` `CloseHandle` `DisableThreadLibraryCalls` `Sleep` `FreeLibraryAndExitThread` `InitializeSListHead`
USER32.dll	`InvalidateRect` `GetCapture` `GetKeyState` `ShowCursor` `ReleaseCapture` `RegisterClassExA` `SetWindowLongPtrA` `UnregisterClassA` `GetClientRect` `SetCursor` `ClientToScreen` `TrackMouseEvent` `SetCapture` `IsWindowUnicode` `SetCursorPos` `GetCursorPos` `OpenClipboard` `CloseClipboard` `EmptyClipboard` `GetClipboardData` `SetClipboardData` `GetKeyNameTextA` `MapVirtualKeyA` `GetAsyncKeyState` `MessageBoxA` `ScreenToClient` `LoadCursorA` `SendMessageA` `CreateWindowExA` `DefWindowProcA` `GetForegroundWindow` `CallWindowProcA` `DestroyWindow`
MSVCP140.dll	`_Query_perf_frequency` `_Query_perf_counter` `?_Xbad_alloc@std@@YAXXZ` `?_Throw_Cpp_error@std@@YAXH@Z` `?_Xout_of_range@std@@YAXPEBD@Z` `_Cnd_do_broadcast_at_thread_exit` `_Thrd_id` `_Thrd_join` `??1_Lockit@std@@QEAA@XZ` `??0_Lockit@std@@QEAA@H@Z` `?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ` `?_Id_cnt@id@locale@std@@0HA` `?_Xlength_error@std@@YAXPEBD@Z` `?_Xbad_function_call@std@@YAXXZ` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z` `?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z` `?_Syserror_map@std@@YAPEBDH@Z` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ` `?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ` `??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z` `?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z` `?width@ios_base@std@@QEAA_J_J@Z` `?width@ios_base@std@@QEBA_JXZ` `?always_noconv@codecvt_base@std@@QEBA_NXZ` `?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z` `?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `_Mtx_lock` `_Mtx_unlock` `?good@ios_base@std@@QEBA_NXZ` `?uncaught_exception@std@@YA_NXZ` `?flags@ios_base@std@@QEBAHXZ` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z` `??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z` `??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `_Thrd_hardware_concurrency` `?_Winerror_map@std@@YAHH@Z`
IMM32.dll	`ImmGetContext` `ImmReleaseContext` `ImmSetCandidateWindow` `ImmSetCompositionWindow`
D3DCOMPILER_47.dll	`D3DCompile`
ntdll.dll	`LdrLockLoaderLock` `LdrUnlockLoaderLock`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
VCRUNTIME140.dll	`__std_type_info_destroy_list` `__current_exception_context` `__current_exception` `memchr` `strchr` `memcmp` `memset` `memmove` `memcpy` `__std_exception_copy` `__C_specific_handler` `_CxxThrowException` `_purecall` `strstr` `__std_terminate` `__std_exception_destroy`
api-ms-win-crt-heap-l1-1-0.dll	`malloc` `free`
api-ms-win-crt-math-l1-1-0.dll	`ceilf` `atan2f` `_dsign` `sqrtf` `sinf` `lroundf` `logf` `acosf` `fmodf` `cosf` `fminf` `fmaxf` `pow` `log` `expf` `powf`
api-ms-win-crt-stdio-l1-1-0.dll	`ungetc` `setvbuf` `fgetpos` `fsetpos` `fgetc` `fclose` `fflush` `fputc` `__stdio_common_vsnprintf_s` `fread` `_fseeki64` `__stdio_common_vsprintf_s` `__stdio_common_vsscanf` `_get_stream_buffer_pointers` `__stdio_common_vsprintf` `_wfopen` `__stdio_common_vfprintf` `fseek` `__acrt_iob_func` `ftell` `fwrite`
api-ms-win-crt-runtime-l1-1-0.dll	`_initialize_onexit_table` `_register_onexit_function` `_execute_onexit_table` `_crt_atexit` `_configure_narrow_argv` `_initterm` `_initterm_e` `_seh_filter_dll` `_initialize_narrow_environment` `_beginthreadex` `terminate` `_invalid_parameter_noinfo_noreturn` `abort` `_cexit` `_errno`
api-ms-win-crt-string-l1-1-0.dll	`strcpy_s` `strcmp` `strlen` `strncmp` `wcslen` `strncpy` `strncpy_s`
api-ms-win-crt-convert-l1-1-0.dll	`strtod` `strtoll` `strtoull` `strtol` `strtoul` `atof`
api-ms-win-crt-environment-l1-1-0.dll	`getenv_s`
api-ms-win-crt-filesystem-l1-1-0.dll	`_lock_file` `_unlock_file`
api-ms-win-crt-locale-l1-1-0.dll	`localeconv` `___lc_codepage_func`
api-ms-win-crt-utility-l1-1-0.dll	`qsort`

Delayed Imports

2

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-Jun-04 23:16:10
Version	`0.0`
SizeofData	`33`
AddressOfRawData	`0x21d428`
PointerToRawData	`0x21c028`
Referenced File	nerv.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-Jun-04 23:16:10
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x21d44c`
PointerToRawData	`0x21c04c`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-Jun-04 23:16:10
Version	`0.0`
SizeofData	`912`
AddressOfRawData	`0x21d460`
PointerToRawData	`0x21c060`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2026-Jun-04 23:16:10
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x18021d810`
EndAddressOfRawData	`0x18021d835`
AddressOfIndex	`0x180245fdc`
AddressOfCallbacks	`0x180198398`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_8BYTES`
Callbacks	`0x000000018018BE30`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x18023cb80`

RICH Header

XOR Key	`0x9e9bbe6`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`20`
C objects (35721)	`8`
C++ objects (35721)	`27`
ASM objects (35721)	`6`
Imports (35721)	`6`
Imports (33145)	`17`
Total imports	`382`
C++ objects (33901)	`41`
C++ objects (LTCG) (36243)	`37`
Resource objects (36243)	`1`
Linker (36243)	`1`

Errors

Leave a comment

No comments yet.