7900d6df05de19eb5dac71ab0f0b5aaa2287644548ad1e5fbacb3f5cb360fc3d

Summary

Architecture IMAGE_FILE_MACHINE_AMD64
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2026-Jan-20 08:45:36
Detected languages English - United States
Debug artifacts C:\Users\astro\Downloads\ts cheat\Delete hex C++ v1\ImGui_-_Picos_Museum\ImGui - Pico's Museum\examples\example_win32_directx11\Release\DEKKING STORE.pdb

Plugin Output

Info Matching compiler(s): MASM/TASM - sig1(h)
Suspicious PEiD Signature: UPolyX V0.1 -> Delikon
Suspicious Strings found in the binary may indicate undesirable behavior: Contains another PE executable:
  • This program cannot be run in DOS mode.
 Contains domain names:
  • Calligraphr.com
  • adobe.com
  • apache.org
  • attribution.com
  • casedieresis.cn
  • casetilde.cn
  • commaaccentright.cn
  • cyrillictail.cn
  • cyrillictic.cn
  • example.com
  • gifer.com
  • github.com
  • http://ns.adobe.com
  • http://ns.adobe.com/pdf/1.3/'
  • http://ns.adobe.com/xap/1.0/'
  • http://ns.attribution.com
  • http://ns.attribution.com/ads/1.0/'
  • http://purl.org
  • http://scripts.sil.org
  • http://scripts.sil.org/OFLThis
  • http://scripts.sil.org/OFLhttps
  • http://www.apache.org
  • http://www.apache.org/licenses/LICENSE-2.0
  • http://www.w3.org
  • http://www.w3.org/1999/02/22-rdf-syntax-ns#'
  • https://discord.gg
  • https://github.com
  • https://i.gifer.com
  • https://i.gifer.com/3OWpa.gif
  • https://i.ibb.co
  • https://i.ibb.co/qL3XJb2P/Chat-GPT-Image-May-5-2025-11-09-07-PM.png
  • https://indiantypefoundry.comNinad
  • https://instagram.com
  • https://prod.keyauth.com
  • https://prod.keyauth.com/api/1.3/?type
  • https://rsms.me
  • https://scripts.sil.org
  • https://scripts.sil.org/OFLThis
  • https://scripts.sil.org/OFLhttps
  • https://wingsart.studio
  • https://www.lexend.comBonnie
  • i.gifer.com
  • instagram.com
  • keyauth.com
  • koronisaccentleft.cn
  • ns.adobe.com
  • ns.attribution.com
  • prod.keyauth.com
  • scripts.sil.org
  • tildecross.cn
  • www.apache.org
  • www.example.com
  • www.w3.org
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Uses known Mersenne Twister constants
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • GetProcAddress
  • LoadLibraryA
 Functions which can be used for anti-debugging purposes:
  • CreateToolhelp32Snapshot
 Code injection capabilities:
  • WriteProcessMemory
  • VirtualAlloc
  • OpenProcess
  • VirtualAllocEx
  • CreateRemoteThread
 Code injection capabilities (mapping injection):
  • CreateRemoteThread
  • MapViewOfFile
  • CreateFileMappingA
 Can access the registry:
  • RegSetValueExW
  • RegCreateKeyExW
  • RegCloseKey
 Possibly launches other programs:
  • ShellExecuteA
 Uses functions commonly found in keyloggers:
  • GetForegroundWindow
  • GetAsyncKeyState
 Memory manipulation functions often used by packers:
  • VirtualAlloc
  • VirtualProtectEx
  • VirtualAllocEx
 Has Internet access capabilities:
  • InternetSetOptionA
  • InternetOpenA
  • InternetQueryOptionA
  • InternetSetCookieA
  • InternetCloseHandle
  • InternetConnectA
  • InternetReadFile
  • URLDownloadToFileA
 Functions related to the privilege level:
  • OpenProcessToken
 Manipulates other processes:
  • Process32First
  • WriteProcessMemory
  • OpenProcess
  • Process32NextW
  • Process32Next
  • Process32FirstW
  • ReadProcessMemory
 Reads the contents of the clipboard:
  • GetClipboardData
Malicious VirusTotal score: 26/71 (Scanned on 2026-01-23 13:23:33) ALYac: Gen:Variant.Application.Lazy.458736
APEX: Malicious
Arcabit: Trojan.Application.Lazy.D6FFF0
BitDefender: Gen:Variant.Application.Lazy.458736
Bkav: W64.AIDetectMalware
CTX: exe.unknown.lazy
ClamAV: Win.Malware.Lazy-10033364-0
CrowdStrike: win/malicious_confidence_100% (D)
Cylance: Unsafe
Cynet: Malicious (score: 100)
ESET-NOD32: Win64/GenKryptik_AGen.AKZ trojan
Elastic: malicious (high confidence)
Emsisoft: Gen:Variant.Application.Lazy.458736 (B)
GData: Gen:Variant.Application.Lazy.458736
Google: Detected
Ikarus: Trojan.Win64.Krypt
Malwarebytes: Malware.AI.3960043326
MaxSecure: Trojan.Malware.300983.susgen
McAfeeD: ti!7900D6DF05DE
MicroWorld-eScan: Gen:Variant.Application.Lazy.458736
Microsoft: Trojan:Win32/Wacatac.B!ml
Rising: Trojan.Kryptik@AI.100 (RDML:kZPAwXYPqLBCI7ElPfBD2g)
SentinelOne: Static AI - Malicious PE
Symantec: ML.Attribute.HighConfidence
Trapmine: suspicious.low.ml.score
VIPRE: Gen:Variant.Application.Lazy.458736

Hashes

MD5 a61d15739c4304973e1162fba6350a8d
SHA1 549745d13f702a85ff50d056ba1ac25466aafe13
SHA256 7900d6df05de19eb5dac71ab0f0b5aaa2287644548ad1e5fbacb3f5cb360fc3d
SHA3 d8fccecd1758265a7849c420a6ce6f61752e269be6782ccf33f82ec68402c508
SSDeep 98304:UQL5eE6ouOuP42YLD5cCCv4qy/JRGUBplJPdpl3:UQLyZP42YLDQ4PiUBD
Imports Hash a94edee28d8b0835162ed1641d08a9d6

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x120

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_AMD64
NumberofSections 6
TimeDateStamp 2026-Jan-20 08:45:36
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xf0
Characteristics IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32+
LinkerVersion 14.0
SizeOfCode 0xff600
SizeOfInitializedData 0x4f2000
SizeOfUninitializedData 0
AddressOfEntryPoint 0x00000000000FAB28 (Section: .text)
BaseOfCode 0x1000
ImageBase 0x140000000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x5f6000
SizeOfHeaders 0x400
Checksum 0
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 276b77a74c973552d9968882a2173e51
SHA1 2b2c698ac053472db595229dd6f667b45578510a
SHA256 4c3b1b055af72d2395866f901bf7b7c29343f542572b7ac2d11b0ff41483cf00
SHA3 ecd0c99dbdc1bffb7c88a40a9c800385c53d5b03a0cc6f1e8cc13f838b40c7c9
VirtualSize 0xff5cc
VirtualAddress 0x1000
SizeOfRawData 0xff600
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.51727

.rdata

MD5 83d36f76f1f4b339eaeb65c035f4a30e
SHA1 40b61481715c68cd76390ccbca4d537568d52bc5
SHA256 88a212690d9a4e4458694b2d6e273cb112e0d1612254aaf4b619fc53fa83ce12
SHA3 73aca134cd352aaadf95f498204f27d62e3739b293eb3d39218257253b6c95ab
VirtualSize 0xd8c86
VirtualAddress 0x101000
SizeOfRawData 0xd8e00
PointerToRawData 0xffa00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.86282

.data

MD5 eeb1a92d624d4a969a808c56514dc12a
SHA1 d8f07e3469ac02389e16b5677cf3e16bc25aa7f8
SHA256 bc1afc6ea835371bf90a3aaf71a1508005a89fd69e9a8b75ebdc20298d094a95
SHA3 7f42bd42a2141f7509f9b0606477ec001569c936185fe4a3769b685862d74cd8
VirtualSize 0x40c7f0
VirtualAddress 0x1da000
SizeOfRawData 0x3d3800
PointerToRawData 0x1d8800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 7.27075

.pdata

MD5 a05982abfb20e4583fc18727d217c53f
SHA1 faffcb6b2447bb291068710561d970ac4813e6b3
SHA256 6d5ee73c1797f7613385ddca01be001205e28dda4731a6ecd26de0fa46f82d6b
SHA3 9b650c3fa84c6ac288de0dd854aa7b08e7ceaac70291d45c2cbec55be594dda3
VirtualSize 0xb4b4
VirtualAddress 0x5e7000
SizeOfRawData 0xb600
PointerToRawData 0x5ac000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 6.11431

.rsrc

MD5 30953700c4a025e02306dc63411ac702
SHA1 aa960403cf6e17c31b987754dd48199898bf066b
SHA256 18583071ec57041134f962cb3a9cc12325672d269ff3e9305fdd8b73241dd5fd
SHA3 dae0776eb5bab9fdddea4a5690ac578afad91b2914c0524184babc7c964e6e21
VirtualSize 0x1e8
VirtualAddress 0x5f3000
SizeOfRawData 0x200
PointerToRawData 0x5b7600
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.7657

.reloc

MD5 ed147030977edbccec504b6070269d02
SHA1 011053b5b3fce320342cbc0d1eebad570f7cea9c
SHA256 7459db26e68d5531815a680a5e2be7faa6d1a1a279c75dc7ff63d7660a815c44
SHA3 064cd2d4ac6f7ada1d9d2add7e94b9c65039f041cfe8db4fe3962dbe36123183
VirtualSize 0x10d4
VirtualAddress 0x5f4000
SizeOfRawData 0x1200
PointerToRawData 0x5b7800
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 5.31339

Imports

d3dx11_43.dll D3DX11CreateShaderResourceViewFromMemory
SHELL32.dll ShellExecuteA
ole32.dll CoInitialize
CoCreateInstance
CoUninitialize
d3d11.dll D3D11CreateDeviceAndSwapChain
D3DCOMPILER_43.dll D3DCompile
KERNEL32.dll FreeLibrary
QueryPerformanceCounter
WaitForSingleObject
GetExitCodeThread
GetLastError
CloseHandle
CreateThread
ReadFile
WriteFile
PeekNamedPipe
CreateFileW
GetCurrentProcessId
WaitNamedPipeW
lstrlenW
GetModuleFileNameW
GetTickCount
SetNamedPipeHandleState
Process32First
WriteProcessMemory
WaitNamedPipeA
HeapFree
VirtualFree
GetCurrentProcess
VirtualAlloc
InitializeCriticalSectionEx
GetFileAttributesW
OpenProcess
HeapSize
CreateToolhelp32Snapshot
Sleep
Process32NextW
CreateFileA
Process32Next
Process32FirstW
HeapReAlloc
GetSystemInfo
HeapAlloc
VirtualProtectEx
HeapDestroy
Beep
VirtualAllocEx
LocalFree
DeleteCriticalSection
ReadProcessMemory
GetProcessHeap
GetModuleHandleW
CreateRemoteThread
VirtualFreeEx
VirtualQueryEx
MapViewOfFile
SleepConditionVariableSRW
GetCurrentThreadId
GetTickCount64
InitOnceComplete
InitOnceBeginInitialize
WakeAllConditionVariable
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
GetProcAddress
QueryPerformanceFrequency
LoadLibraryA
GetModuleHandleA
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CreateFileMappingA
UnmapViewOfFile
GetFileSizeEx
USER32.dll EmptyClipboard
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
GetClipboardData
IsWindowUnicode
GetClientRect
SetCursor
SetCapture
GetForegroundWindow
DispatchMessageA
GetWindowRect
DestroyWindow
SetClipboardData
ReleaseCapture
TrackMouseEvent
ClientToScreen
GetCapture
ScreenToClient
SetWindowPos
CreateWindowExW
GetSystemMetrics
UnregisterClassW
GetDC
LoadCursorA
GetKeyState
GetAsyncKeyState
UpdateWindow
PostQuitMessage
PeekMessageA
LoadIconA
TranslateMessage
DefWindowProcA
MoveWindow
SetWindowDisplayAffinity
ShowWindow
GetActiveWindow
RegisterClassExW
GDI32.dll GetPixel
ADVAPI32.dll GetLengthSid
RegSetValueExW
RegCreateKeyExW
RegCloseKey
ConvertSidToStringSidA
CopySid
IsValidSid
OpenProcessToken
GetTokenInformation
MSVCP140.dll ?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPEBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?good@ios_base@std@@QEBA_NXZ
_Xtime_get_ticks
_Query_perf_frequency
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_lock
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Query_perf_counter
_Thrd_join
_Mtx_unlock
_Cnd_broadcast
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
_Thrd_hardware_concurrency
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
_Cnd_unregister_at_thread_exit
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xbad_function_call@std@@YAXXZ
?_Syserror_map@std@@YAPEBDH@Z
?_Xlength_error@std@@YAXPEBD@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Cnd_register_at_thread_exit
_Cnd_wait
_Thrd_detach
?uncaught_exceptions@std@@YAHXZ
?__ExceptionPtrToBool@@YA_NPEBX@Z
IMM32.dll ImmGetContext
ImmSetCandidateWindow
ImmReleaseContext
ImmSetCompositionWindow
dwmapi.dll DwmExtendFrameIntoClientArea
WININET.dll HttpOpenRequestA
InternetSetOptionA
InternetOpenA
InternetQueryOptionA
HttpQueryInfoA
InternetSetCookieA
InternetCloseHandle
HttpSendRequestA
InternetConnectA
InternetReadFile
urlmon.dll URLDownloadToFileA
USERENV.dll UnloadUserProfile
WINMM.dll sndPlaySoundA
ntdll.dll RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
VCRUNTIME140_1.dll __CxxFrameHandler4
VCRUNTIME140.dll _CxxThrowException
__std_exception_destroy
__current_exception
memcmp
memchr
__intrinsic_setjmp
memmove
memcpy
longjmp
strrchr
_purecall
__C_specific_handler
strstr
memset
__std_terminate
__std_exception_copy
__current_exception_context
api-ms-win-crt-stdio-l1-1-0.dll fflush
_wfopen
__stdio_common_vsprintf
__acrt_iob_func
fclose
fread
ftell
__stdio_common_vsscanf
__stdio_common_vsprintf_s
fseek
__p__commode
_set_fmode
__stdio_common_vswprintf
fwrite
__stdio_common_vfprintf
fopen
api-ms-win-crt-runtime-l1-1-0.dll _get_narrow_winmain_command_line
_initterm
_initterm_e
_exit
_beginthreadex
_c_exit
_register_thread_local_exe_atexit_callback
_crt_atexit
_set_app_type
terminate
_resetstkoflw
exit
abort
_invalid_parameter_noinfo
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_invoke_watson
_seh_filter_exe
_configure_narrow_argv
_errno
_cexit
api-ms-win-crt-utility-l1-1-0.dll qsort
rand
api-ms-win-crt-string-l1-1-0.dll isalnum
strncmp
strcpy_s
isspace
tolower
_wcsicmp
strcmp
_stricmp
isdigit
strncpy
api-ms-win-crt-heap-l1-1-0.dll _set_new_mode
free
_msize
malloc
_callnewh
calloc
api-ms-win-crt-convert-l1-1-0.dll strtol
strtoull
atof
strtoll
strtod
api-ms-win-crt-time-l1-1-0.dll _time64
strftime
_localtime64
api-ms-win-crt-math-l1-1-0.dll ceilf
sqrtf
powf
sinf
fmodf
roundf
cosf
atan2f
acosf
_dclass
__setusermatherr
api-ms-win-crt-locale-l1-1-0.dll _configthreadlocale
localeconv
api-ms-win-crt-multibyte-l1-1-0.dll _mbsicmp

Delayed Imports

1

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x188
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.89623
MD5 b8e76ddb52d0eb41e972599ff3ca431b
SHA1 fc12d7ad112ddabfcd8f82f290d84e637a4d62f8
SHA256 165c5c883fd4fd36758bcba6baf2faffb77d2f4872ffd5ee918a16f91de5a8a8
SHA3 37f83338b28cb102b1b14f27280ba1aa3fffb17f7bf165cb7b675b7e8eb7cddd

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2026-Jan-20 08:45:36
Version 0.0
SizeofData 178
AddressOfRawData 0x1c4588
PointerToRawData 0x1c2f88
Referenced File C:\Users\astro\Downloads\ts cheat\Delete hex C++ v1\ImGui_-_Picos_Museum\ImGui - Pico's Museum\examples\example_win32_directx11\Release\DEKKING STORE.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2026-Jan-20 08:45:36
Version 0.0
SizeofData 20
AddressOfRawData 0x1c463c
PointerToRawData 0x1c303c

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2026-Jan-20 08:45:36
Version 0.0
SizeofData 912
AddressOfRawData 0x1c4650
PointerToRawData 0x1c3050

IMAGE_DEBUG_TYPE_ILTCG

Characteristics 0
TimeDateStamp 2026-Jan-20 08:45:36
Version 0.0
SizeofData 0
AddressOfRawData 0
PointerToRawData 0

TLS Callbacks

StartAddressOfRawData 0x1401c4a00
EndAddressOfRawData 0x1401c4a08
AddressOfIndex 0x1405adc28
AddressOfCallbacks 0x140101e88
SizeOfZeroFill 0
Characteristics IMAGE_SCN_ALIGN_4BYTES
Callbacks (EMPTY)

Load Configuration

Size 0x140
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x1401da040

RICH Header

XOR Key 0x48678897
Unmarked objects 0
Imports (VS2008 SP1 build 30729) 24
253 (35207) 1
C objects (35207) 10
C++ objects (35207) 41
ASM objects (35207) 6
Imports (35207) 6
C objects (VS2022 Update 1 (17.1.6) compiler 31107) 26
C objects (33145) 1
Imports (33145) 28
Imports (21202) 7
Total imports 464
C++ objects (LTCG) (35221) 18
Resource objects (35221) 1
Linker (35221) 1

Errors

Leave a comment

No comments yet.