Manalyze report for 97755103b345de99f1f7513158192308

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2023-Feb-20 18:06:23
Detected languages	English - United States
Debug artifacts	C:\Users\Corey\Downloads\HMDM-master (1)234\hmdm\x64\Release\HMDM-MSREXEC.pdb

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentControlSet\Services` `Contains another PE executable: This program cannot be run in DOS mode.` Contains domain names: crl.microsoft.com http://crl.microsoft.com http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z http://crl.microsoft.com/pki/crl/products/MicTimStaPCA_2010-07-01.crl0Z http://www.microsoft.com http://www.microsoft.com/PKI/docs/CPS/default.htm0 http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0 http://www.microsoft.com/pki/certs/MicTimStaPCA_2010-07-01.crt0 http://www.microsoft.com/pkiops/Docs/Repository.htm0 http://www.microsoft.com/pkiops/certs/Microsoft%20Windows%20Third%20Party%20Component%20CA%202014.crt0 http://www.microsoft.com/pkiops/crl/Microsoft%20Windows%20Third%20Party%20Component%20CA%202014.crl0 https://www.microsoft.com https://www.microsoft.com/en-us/windows microsoft.com www.microsoft.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA256`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress LoadLibraryExA` `Functions which can be used for anti-debugging purposes: NtQuerySystemInformation` `Can access the registry: RegCloseKey RegOpenKeyA RegDeleteKeyA RegSetValueExA RegCreateKeyA` `Uses Windows's Native API: NtLoadDriver NtUnloadDriver NtQuerySystemInformation` `Can create temporary files: CreateFileA CreateFileW GetTempPathW` `Functions related to the privilege level: AdjustTokenPrivileges OpenProcessToken`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`97755103b345de99f1f7513158192308`
SHA1	`118e6c6e4cc550fd5ce2d650497e14617e6a87d2`
SHA256	`ded44c03e54da0bd5480631814bf7284b47c069f256e2da013667b4bf04e69d3`
SHA3	`a697c7cd3fc2dda0aa331cb730cc5470b0c695be1a8144e2f7e81818418959a2`
SSDeep	`1536:R2g9LBAUKRc544MRGjfNBZBdJxVkXros8uy8RZ8QO8iGrv6QDR:k0QcYROFrBdJxVaAb8iGrvVDR`
Imports Hash	`031437b822ad178cac7299fa6363466e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2023-Feb-20 18:06:23
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xa600`
SizeOfInitializedData	`0x39e00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000000A408 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x48000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`a99b64d8a92fccd6c678a49258a1e54a`
SHA1	`8a292d9ebef5580dd47e4a4ee594aa2202b69491`
SHA256	`51628f250fa8b5b68b0ceddf9790dd9641259eaac25a22136ef9434a5927b563`
SHA3	`ae663a9ebf38a37be63e1d018e417888beeff09bb170976546292074e07f3cb4`
VirtualSize	`0xa4bf`
VirtualAddress	`0x1000`
SizeOfRawData	`0xa600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.15383`

.rdata

MD5	`fd6c7ba004fc23f17ef3d682716d9139`
SHA1	`d589901516d0c2c562b6eeb0a9f22a9eb6db0be2`
SHA256	`d5f2b2dbbb4d37692d76658b2c0864512a3d94a5dc9e092b90638c9d8ba302e6`
SHA3	`f37c84874631160c77335402324bfd662a1a28f3d0aaebc6ff02924f81dc4642`
VirtualSize	`0x5860`
VirtualAddress	`0xc000`
SizeOfRawData	`0x5a00`
PointerToRawData	`0xaa00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.60818`

.data

MD5	`b32675a37442781fd872362d4a9046b0`
SHA1	`41d67a61eef23bbc0322f2187583c8768ab4da2f`
SHA256	`1fd24d8ae03a2e137c6dd6a90546748c3362806057db5ad66aed7137a82d758a`
SHA3	`1b7219d19f4e0fe28666c78fe51f90ad7d2fa3f2efdaa3175cdf9ff7bc494aee`
VirtualSize	`0x6548`
VirtualAddress	`0x12000`
SizeOfRawData	`0x6000`
PointerToRawData	`0x10400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`6.13499`

.pdata

MD5	`71cf91a531f20919cc64edb875797022`
SHA1	`812f17356402ba7219a0d1cbde09dd49b4bc58a7`
SHA256	`0aed141b1f8423abceb2802d183597e91809f9d30c96bf01f68720710fca2b99`
SHA3	`43c96dd68cafdc665d1c17e803284078984fd85e024b79addd44225b79066bbc`
VirtualSize	`0xad4`
VirtualAddress	`0x19000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x16400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.19943`

.rsrc

MD5	`4fe5ff5407e5ead21c5226172019cd77`
SHA1	`ee07cd4559f2487af312b444114c395af0e3bb0f`
SHA256	`2b1365fb9f914bf95d3725e12b05bbd812665144d5f4f9289374d338acdb9d66`
SHA3	`2e253394eb09ff31877e703a9645b8b5f9839ea28c62e1f8d707cf64303b410a`
VirtualSize	`0x2cec8`
VirtualAddress	`0x1a000`
SizeOfRawData	`0x2d000`
PointerToRawData	`0x17000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.858537`

.reloc

MD5	`89d00c936e6a6f914011d256998c4f83`
SHA1	`0b3d07efebbca22d5471828c2a7da44abbb56ec7`
SHA256	`18fda2d3a0218ed6019ab56ce3f8652f82c51ef2f6efd32651f11f24a51772e4`
SHA3	`85617757b26e86aaae3d3ff31e3444eb302c1b4545f88728f95f7c248d0baab3`
VirtualSize	`0x19c`
VirtualAddress	`0x47000`
SizeOfRawData	`0x200`
PointerToRawData	`0x44000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.62621`

Imports

KERNEL32.dll	`SetThreadPriority` `GetCurrentThread` `LoadLibraryA` `SetPriorityClass` `GetPriorityClass` `IsProcessorFeaturePresent` `FormatMessageA` `GetProcAddress` `LoadLibraryExA` `VirtualAlloc` `VirtualFree` `CloseHandle` `CreateFileA` `DeviceIoControl` `GetThreadPriority` `GetCurrentProcess` `GetLocaleInfoEx` `InitializeSListHead` `GetSystemTimeAsFileTime` `GetCurrentThreadId` `CreateFileW` `GetFileAttributesW` `GetFullPathNameW` `SetFileInformationByHandle` `GetTempPathW` `AreFileApisANSI` `GetLastError` `GetFileInformationByHandleEx` `MultiByteToWideChar` `WideCharToMultiByte` `EnterCriticalSection` `LeaveCriticalSection` `InitializeCriticalSectionAndSpinCount` `DeleteCriticalSection` `SetEvent` `ResetEvent` `WaitForSingleObjectEx` `CreateEventW` `GetModuleHandleW` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `TerminateProcess` `IsDebuggerPresent` `QueryPerformanceCounter` `GetCurrentProcessId` `LocalFree`
ADVAPI32.dll	`LookupPrivilegeValueW` `AdjustTokenPrivileges` `RegCloseKey` `RegOpenKeyA` `RegDeleteKeyA` `RegSetValueExA` `OpenProcessToken` `RegCreateKeyA`
ntdll.dll	`NtLoadDriver` `RtlInitAnsiString` `NtUnloadDriver` `RtlAnsiStringToUnicodeString` `NtQuerySystemInformation`
MSVCP140.dll	`?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ` `?always_noconv@codecvt_base@std@@QEBA_NXZ` `??Bid@locale@std@@QEAA_KXZ` `?_Xbad_function_call@std@@YAXXZ` `?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z` `?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??1_Lockit@std@@QEAA@XZ` `??0_Lockit@std@@QEAA@H@Z` `?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ` `?_Xout_of_range@std@@YAXPEBD@Z` `?_Winerror_map@std@@YAHH@Z` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?_Xlength_error@std@@YAXPEBD@Z` `?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z` `??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ` `?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z` `?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?_Syserror_map@std@@YAPEBDH@Z` `??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ`
dbghelp.dll	`ImageDirectoryEntryToData`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
VCRUNTIME140.dll	`_CxxThrowException` `memset` `__current_exception_context` `__current_exception` `__C_specific_handler` `__std_exception_copy` `__std_exception_destroy` `memchr` `memcmp` `memcpy` `__std_terminate` `memmove`
api-ms-win-crt-stdio-l1-1-0.dll	`getchar` `__p__commode` `_get_stream_buffer_pointers` `_set_fmode` `_fseeki64` `fread` `fsetpos` `ungetc` `fputc` `setvbuf` `fgetpos` `fwrite` `__acrt_iob_func` `fclose` `fgetc` `fflush` `__stdio_common_vfprintf`
api-ms-win-crt-heap-l1-1-0.dll	`free` `_set_new_mode` `malloc` `_callnewh`
api-ms-win-crt-utility-l1-1-0.dll	`rand` `srand`
api-ms-win-crt-filesystem-l1-1-0.dll	`_lock_file` `_unlock_file`
api-ms-win-crt-time-l1-1-0.dll	`_time64`
api-ms-win-crt-runtime-l1-1-0.dll	`exit` `_initterm` `_get_initial_narrow_environment` `_exit` `_invalid_parameter_noinfo_noreturn` `_set_app_type` `_seh_filter_exe` `_cexit` `_crt_atexit` `_register_onexit_function` `_initialize_onexit_table` `_initialize_narrow_environment` `_configure_narrow_argv` `_register_thread_local_exe_atexit_callback` `_c_exit` `__p___argv` `terminate` `_initterm_e` `__p___argc`
api-ms-win-crt-string-l1-1-0.dll	`_stricmp` `strncmp`
api-ms-win-crt-environment-l1-1-0.dll	`getenv`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale` `___lc_codepage_func`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.05586`
MD5	`2bd6b3bee61d578ef0cfe25bbbf4f27d`
SHA1	`c8a56cb213bf69c2428a90fef2c4781cd9d3c0f8`
SHA256	`b54c94b2046001021f5ddb11a9c0bbaec311ecbd375c6b3dfef41cafbe4f1cb9`
SHA3	`a3f05c11d411af990f3c9c32332ced4ac304fefdfc9c9be61b8f35e6dfd11461`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.86683`
MD5	`00dc08ff78413dc59d78b397546c1b79`
SHA1	`3758b27fcec6a7f5c160a39df8d40b26302ab126`
SHA256	`8a7eb693c4f78c2e83b460be132cecb3a8e1bcdf9fc36948f23eeedb2302b6b1`
SHA3	`cf5fe5d4cd100452808573225f50e6f17afbc441a93000141df362271026b494`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.74121`
MD5	`c00c4403c21be47a2399cc6231b12ce1`
SHA1	`5806c689927c52e058ceb90133fab1780b83be4e`
SHA256	`d86cc16cef4f64e5689adfc25f705e6d9c1cde504d853dde8a9264d236b125ab`
SHA3	`64dd7d0dec4ab52f97832b5622dd889110299b4d43ed1c1a9485370658aab4c0`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.34111`
MD5	`25acb071994e17964323744c4d5ff728`
SHA1	`ac6c4775452a7c5670bb350f47101293c11c2075`
SHA256	`4433592aeceeba7cd663fe2b7caf93b5d5a728c722a3dfdc3056763f0a76ad10`
SHA3	`489e7ab8b8b474ca1e1da04f8831089af4207efb45d1d1e718e8d504727f5fdb`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x28708`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.680505`
MD5	`fb91063d508b366b43f1c8dc83a553bb`
SHA1	`d0d38b2af0de033a77d98b3a7fe49b47cfedfe14`
SHA256	`1763cff9ab2d8e5992d1d9aaecf3f337d649acd720bae62243d769bc0fdc7a88`
SHA3	`13aeacd00dab370e089841829bacdbc3602f6eb4aa775a86f94ddae517aa457e`

102

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86004`
Detected Filetype	Icon file
MD5	`81e49b7f753058a13e0a7a5ca29b5611`
SHA1	`4dbe8bb83fc6b83fa55da31e4ddcfd8a6e21ed68`
SHA256	`08a042de925abd31be8844b5c8c27bf0992f7f6b47b3d142808f026e3c23c8af`
SHA3	`37de85c274d6fa04989043584b01c497eafad5eda5779ca8710e0871608dc560`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2023-Feb-20 18:06:23
Version	`0.0`
SizeofData	`102`
AddressOfRawData	`0xe570`
PointerToRawData	`0xcf70`
Referenced File	C:\Users\Corey\Downloads\HMDM-master (1)234\hmdm\x64\Release\HMDM-MSREXEC.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2023-Feb-20 18:06:23
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0xe5d8`
PointerToRawData	`0xcfd8`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2023-Feb-20 18:06:23
Version	`0.0`
SizeofData	`912`
AddressOfRawData	`0xe5ec`
PointerToRawData	`0xcfec`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2023-Feb-20 18:06:23
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x14000e9a0`
EndAddressOfRawData	`0x14000e9a8`
AddressOfIndex	`0x1400184b4`
AddressOfCallbacks	`0x14000c628`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140012050`

RICH Header

XOR Key	`0x76400f70`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`20`
C objects (VS2022 Update 3 (17.3.0) compiler 31616)	`10`
ASM objects (VS2022 Update 3 (17.3.0) compiler 31616)	`3`
C++ objects (VS2022 Update 3 (17.3.0) compiler 31616)	`31`
Imports (VS2022 Update 3 (17.3.0) compiler 31616)	`6`
Imports (30795)	`9`
Total imports	`215`
C++ objects (LTCG) (31631)	`3`
ASM objects (31631)	`1`
Resource objects (31631)	`1`
151	`1`
Linker (31631)	`1`

97755103b345de99f1f7513158192308

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.pdata

.rsrc

.reloc

Imports

Delayed Imports

1

2

3

4

5

102

1 (#2)

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

IMAGE_DEBUG_TYPE_ILTCG

TLS Callbacks

Load Configuration

RICH Header

Errors