Manalyze report for aaa2a322414050c1ec2aeb2a4ea24a7573e121b176e941243264ec9037f0fb79

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Sep-30 19:52:23
Detected languages	Chinese - PRC English - United States
CompanyName	3DMGAME
FileDescription	Stellar Blade v1.1-v1.4.1 Plus 43 Trainer
FileVersion	`1.0.0.0`
InternalName	Stellar Blade v1.1-v1.4.1 Plus 43 Trainer
LegalCopyright	FLiNG Copyright (C) 2025
OriginalFilename	Stellar Blade v1.1-v1.4.1 Plus 43 Trainer.exe
ProductName	Stellar Blade v1.1-v1.4.1 Plus 43 Trainer
ProductVersion	`1.0.0.2`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`Contains another PE executable: This program cannot be run in DOS mode.` `Miscellaneous malware strings: virus` `Contains domain names: FLiNGTrainer.com`
Suspicious	The PE is possibly packed.	`Unusual section name found: .fptable`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryW GetProcAddress LoadLibraryA LoadLibraryExW` `Can create temporary files: GetTempPathW CreateFileW` `Changes object ACLs: SetNamedSecurityInfoW`
Malicious	The PE is possibly a dropper.	`Resource 117 is possibly compressed or encrypted.` `Resource 250 detected as a PE Executable.` `Resource 101 is possibly compressed or encrypted.`
Malicious	VirusTotal score: 20/63 (Scanned on 2026-05-15 19:29:20)	`Antiy-AVL: RiskWare/Win64.Gamehack` `Bkav: W32.Malware.B8C5B692` `CAT-QuickHeal: Trojan.Riskware` `CTX: exe.hacktool.generic` `ClamAV: Win.Dropper.GameHack-9917263-0` `CrowdStrike: win/grayware_confidence_90% (D)` `ESET-NOD32: Win64/GameHack.BT potentially unsafe application` `Elastic: malicious (high confidence)` `Fortinet: Riskware/GameHack` `Gridinsoft: Hack.Win64.GameHack.cl` `Ikarus: PUA.HackTool` `K7AntiVirus: Adware ( 006d9bef1 )` `K7GW: Adware ( 006d9bef1 )` `Lionic: Hacktool.Win32.GameHack.3!c` `Malwarebytes: GameHack.Riskware.Agent.DDS` `MaxSecure: Trojan.Malware.74402883.susgen` `Paloalto: generic.ml` `Rising: Malware.Undefined!8.C (TFE:5:sNq06oWhZcB)` `Sophos: Generic Reputation PUA (PUA)` `Varist: W64/ABApplication.AVVZ-9050`

Hashes

MD5	`6753cb5b43f441b83556daf990000b70`
SHA1	`245b4493f06a7b82c569c0bd536688ed2760b0d1`
SHA256	`aaa2a322414050c1ec2aeb2a4ea24a7573e121b176e941243264ec9037f0fb79`
SHA3	`042f817dd9a7cd8763a278e9fe874cf816e163c46dd5f5b3d52eee95432360d2`
SSDeep	`49152:YfJuFjqM+Ut7/hHbEpWgvbtEq6tdeFRs:ou2MJt7/hHbEpzweP`
Imports Hash	`b842c9d7c0fe31ad0e412f80fea55182`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`7`
TimeDateStamp	2025-Sep-30 19:52:23
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xce000`
SizeOfInitializedData	`0xda800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000000000009DF74 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x1ab000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`91a1a3c6cb3fa486d568030e27c4945f`
SHA1	`5d7190eb0d2372c0e5c044d7f567442f453d6ba1`
SHA256	`2a205c5aad3f6d2c1da3ae68d564b599683c6921638320c15b52bfb79b8445e6`
SHA3	`81dc2b4ac88353d561307a860acfc374ce44c1d122358f8ede674de95a72c52d`
VirtualSize	`0xcdfe0`
VirtualAddress	`0x1000`
SizeOfRawData	`0xce000`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.45211`

.rdata

MD5	`c3528511331bfb81b342cf1a2b2ed77f`
SHA1	`54ddefeeaf337c67ad3bdd5bf150c508ef23b34a`
SHA256	`d7b22f86f57e42c8badfea9648f340c7f6f867bffec8e1e88ebc5cce3e16766f`
SHA3	`efc172703d642270d61ff33b03abbba6f9769d05e162c05bc3f57c439129a4a6`
VirtualSize	`0x43f92`
VirtualAddress	`0xcf000`
SizeOfRawData	`0x44000`
PointerToRawData	`0xce400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.57946`

.data

MD5	`9728e08dae3126a8fb67d96f6d922566`
SHA1	`bbc688600c4f9d4d25b6bfcd3904e219bbde610e`
SHA256	`1b0dd569d4c9e830f41f0be8fb1194ad2cb7fdc8899f78f5c24ddf02b9d497cb`
SHA3	`d473f73c01022b6a80e396bd4346e765c562bb0dd33596cbb0ae16513028f7de`
VirtualSize	`0x5c04`
VirtualAddress	`0x113000`
SizeOfRawData	`0x2a00`
PointerToRawData	`0x112400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.26169`

.pdata

MD5	`97cad112df030f6b12b08335363c6e0c`
SHA1	`41b5205d93e5917d4e2ad22bcd6e49de099c59f4`
SHA256	`b7617960042d0e2eb6c8bc35983ed2e205b63a0eb67b409b90399bf966ca8cf6`
SHA3	`4e70185365d1a0228be44948a70e856d6b1b473c23b99bef149c561c09221272`
VirtualSize	`0x7eb4`
VirtualAddress	`0x119000`
SizeOfRawData	`0x8000`
PointerToRawData	`0x114e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.8982`

.fptable

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x100`
VirtualAddress	`0x121000`
SizeOfRawData	`0x200`
PointerToRawData	`0x11ce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`8117d8566b25e71857760ad65d016c09`
SHA1	`b1e21f445ffd5c4afb9052cf47ae0f3dd8dcfe3f`
SHA256	`8f58e29c1e4ce7ff320a5a2de6bbbfe1bee835fe6675f36e09162969969edb11`
SHA3	`87de69e20079fba1555b5c8b1f7b94ed6527bf6b209e6a1f78c31704acb22835`
VirtualSize	`0x87810`
VirtualAddress	`0x122000`
SizeOfRawData	`0x87a00`
PointerToRawData	`0x11d000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.59919`

.reloc

MD5	`ad2e8a971605d88d7d8eae707f2ef127`
SHA1	`2aa882dbea511af09601a6f7252c7c6a31167203`
SHA256	`324f1ba6daf3e584343a45b499063f248fa3b4496b77ced1407ec17aa0278647`
SHA3	`9aa0471b78e42241616293708d5c3f334da133bbd035007cebd790e0ff1f24a2`
VirtualSize	`0xdd4`
VirtualAddress	`0x1aa000`
SizeOfRawData	`0xe00`
PointerToRawData	`0x1a4a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.42417`

Imports

KERNEL32.dll	`WideCharToMultiByte` `MultiByteToWideChar` `UnmapViewOfFile` `CreateFileMappingW` `MapViewOfFile` `Sleep` `GetCurrentProcessId` `LoadLibraryW` `GetProcAddress` `GetModuleHandleA` `LoadLibraryA` `InitializeCriticalSectionEx` `DeleteCriticalSection` `GetModuleHandleW` `DecodePointer` `GetModuleFileNameW` `HeapAlloc` `HeapFree` `HeapReAlloc` `HeapSize` `GetProcessHeap` `GetTempPathW` `WaitNamedPipeW` `ReadFile` `WritePrivateProfileStringW` `GetCurrentProcess` `FindResourceW` `LoadResource` `SizeofResource` `LockResource` `LoadLibraryExW` `GetFileAttributesW` `FreeLibrary` `GetProcessTimes` `GetSystemTimeAsFileTime` `IsWow64Process` `SetLastError` `ResumeThread` `WaitForSingleObject` `GetFileSizeEx` `LocalFree` `CreateDirectoryW` `SetEndOfFile` `WriteConsoleW` `SetStdHandle` `FreeEnvironmentStringsW` `GetEnvironmentStringsW` `GetCommandLineW` `WriteFile` `CreateFileW` `GetLastError` `GetPrivateProfileStringW` `CloseHandle` `GetCommandLineA` `GetOEMCP` `GetACP` `IsValidCodePage` `EnumSystemLocalesW` `GetUserDefaultLCID` `IsValidLocale` `GetLocaleInfoW` `LCMapStringW` `VirtualProtect` `FlsFree` `FlsSetValue` `FlsGetValue` `FlsAlloc` `ReadConsoleW` `FormatMessageA` `GetLocaleInfoEx` `GetStringTypeW` `ReleaseSRWLockExclusive` `AcquireSRWLockExclusive` `TryAcquireSRWLockExclusive` `GetCurrentThreadId` `FindClose` `FindFirstFileW` `FindFirstFileExW` `FindNextFileW` `GetFileAttributesExW` `AreFileApisANSI` `GetFileInformationByHandleEx` `QueryPerformanceCounter` `QueryPerformanceFrequency` `WaitForSingleObjectEx` `GetExitCodeThread` `EnterCriticalSection` `LeaveCriticalSection` `EncodePointer` `CompareStringEx` `GetCPInfo` `LCMapStringEx` `WakeAllConditionVariable` `SleepConditionVariableSRW` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `TerminateProcess` `IsProcessorFeaturePresent` `IsDebuggerPresent` `GetStartupInfoW` `InitializeSListHead` `OutputDebugStringW` `RaiseException` `RtlUnwindEx` `RtlPcToFileHeader` `InitializeCriticalSectionAndSpinCount` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `CreateThread` `ExitThread` `FreeLibraryAndExitThread` `GetModuleHandleExW` `ExitProcess` `GetStdHandle` `GetFileType` `SetFilePointerEx` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `RtlUnwind`
USER32.dll	`MessageBoxA` `SetProcessDPIAware` `MessageBoxW`
ADVAPI32.dll	`SetEntriesInAclW` `ConvertStringSidToSidW` `GetNamedSecurityInfoW` `SetNamedSecurityInfoW`
SHELL32.dll	`SHGetFolderPathW`
ole32.dll	`CoInitializeEx` `CoUninitialize`
OLEAUT32.dll	`SysFreeString` `SysAllocString` `VariantInit` `SafeArrayUnaccessData` `SafeArrayAccessData` `SafeArrayCreate`
mscoree.dll	`CorBindToRuntime` `CLRCreateInstance`
VERSION.dll	`GetFileVersionInfoW` `VerQueryValueW` `GetFileVersionInfoSizeW`
WINMM.dll	`PlaySoundW`

Delayed Imports

117

Type	`COVER`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x170e6`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99047`
MD5	`ce498c77ac4eb858472e45971560424e`
SHA1	`d7c23b4e96c390fd866ca6e2a63d052430ab4a23`
SHA256	`2e3446a8fa21623fc83570fe8861b8b822bc54bb55fabba58f2e6e1323ae5e7b`
SHA3	`4b143a794b5191c8b5411632b245531e0219312c66375109287727dffb64fc68`

246

Type	`REMOTE`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0`
MD5	`a54f0041a9e15b050f25c463f1db7449`
SHA1	`d9be6524a5f5047db5866813acf3277892a7a30a`
SHA256	`ad95131bc0b799c0b1af477fb14fcf26a6a9f76079e48bf090acb7e8367bfd0e`
SHA3	`904200c7d454fe3e8e1dfaa21b4e667f250cabd8f5730bd361feacf77fab1686`

250

Type	`REMOTE`
Language	English - United States
Codepage	UNKNOWN
Size	`0x22e00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.04239`
Detected Filetype	PE Executable
MD5	`5ccc3e65b4fd118552ed2213bbf607cb`
SHA1	`7174575c2d96efcd0ed0f515a60521009b4cb078`
SHA256	`be24440e4bd3c07729e931533b9b097df945f57b876c28c0d8e0bbb743645324`
SHA3	`1cf44b784f41f54892b82299ade09851fec86fe3ea71d277f5b404e68793de9d`

101

Type	`UI`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x2fe00`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.86505`
MD5	`79883ec43503eb7e807f3d1f551ea356`
SHA1	`c8ac4e5e14dd6d5fec677ffe4fb6daf4142b66d8`
SHA256	`0c0ad41134dc4799f88646921210675bfc8fa8232aba46c6f9986afac473b1e0`
SHA3	`c69103b3f116f8e0ab7f38c92ede5625a37d0e82fa9f7cf541f6861760157349`

103

Type	`WAVE`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x2a02`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.75428`
Detected Filetype	WAV Resource Interchange File Format
Detected Filetype (#2)	Windows animated cursor
MD5	`66ef17cf7672a90b1e3e788965266560`
SHA1	`d14ec49c74a164cf823dd660bd626ac7b581bb57`
SHA256	`99886fcb79df75f95c19c3a9504bf8bdea593d3447c8c1b4eaf4f044e1138a05`
SHA3	`868c104cd77862f976e3d918120ab980049e2759eaa2f2564687deb0300d6ad3`

104

Type	`WAVE`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x2ccc`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.031`
Detected Filetype	WAV Resource Interchange File Format
Detected Filetype (#2)	Windows animated cursor
MD5	`358876c4000c1f391207c56c11ae9ed4`
SHA1	`1b7ce8967ba7f53d5e2a3d2a0c585753666272c4`
SHA256	`7a6a21f87454c38fb8a7ffd227680a74d9e0d7667fb08807200503e4f4866de9`
SHA3	`1fd6863bea4078d422e07dae0c31ae74b9ddc82e4006a1e301bc855ebabc5bcf`

1

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.24932`
MD5	`6570c8f740d19175845cf7d36d23fb80`
SHA1	`ab7f36e990b6f42f99d737a8fade7e1edc278630`
SHA256	`d28fa0b9f1644cc0ebc8c541af166efdf68285572069841e331e810080fea429`
SHA3	`f5ab3032e04fd697fa5483547ab6f54e81220010b4065cac95bda2ad4cb80ff5`

2

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.09318`
MD5	`e3a2d0b4f870159131d2b50c037615a0`
SHA1	`807f229178f68edf3a4cee57ef5d97141a2aa2c4`
SHA256	`af474603853c0345d0524286ceec2a783c5d6822085dee93a75b16e9c1246e14`
SHA3	`5d3c7aba88a070b9385da8d32e2816f8b94cbc67cc8fbac5d484db04eb75c2ba`

3

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.85839`
MD5	`362f508df3407155dd843bd8d24eb47a`
SHA1	`bb07d8b9ca6b1dd9bc23eca9d36d5793f565e2fe`
SHA256	`b5588260c13dad8676c532f32aeaf239a43a8b7cde370393612bfc3533738620`
SHA3	`a8bfedca207ec3b2b7afd83fe515ede7e270f2a008bd71e0479a15e78767bc9b`

4

Type	`RT_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x13f9b`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.94792`
Detected Filetype	PNG graphic file
MD5	`44a61ab7d712b6647788fb32f9925cd9`
SHA1	`e3211cb1ea0203f3a152ed6634f9188cc693fd3f`
SHA256	`f94a661f9f4fcb3dd67c4dfe20c7afcf9b7180556e738447954b4207ede407ca`
SHA3	`e9b5cbde142965d2cb3d89a22e71aa6ea6cb0c9da73b3cd8a67cce9a9b6801b1`

108

Type	`RT_GROUP_ICON`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x3e`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.48426`
Detected Filetype	Icon file
MD5	`f9519f8e22b934bc1e30363b4f7aeb17`
SHA1	`683dc07a8a0265381784bc431030623e19468b8f`
SHA256	`a0976f10340ad5f1821c8dd33f5a4daf430a7fdb189574d365a9a24e4b114587`
SHA3	`57583755d298a33daf34c957492c205ac58a5e0e2303e73d6238b99c277807a2`

1 (#2)

Type	`RT_VERSION`
Language	Chinese - PRC
Codepage	UNKNOWN
Size	`0x3b0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.40912`
MD5	`b6fe39ba4e4046b225e778b51806f5d6`
SHA1	`440997eff463cc3b5500aa38d5bbff66597cd619`
SHA256	`5aaca737738b1188a35819b8751a10cdd15352e7783162819e1b0ece4ebc3dbc`
SHA3	`058ae854d6b9a07c16a0e4986ce6a35bdc537d782bdc3bef8db7753c9a56438f`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x28d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.05755`
MD5	`93d5224d5a82a661e8067030cadda827`
SHA1	`80ae07b1d4ae5129d749dee8815fc3608dd307f6`
SHA256	`8ccd16f837dc37da3052b31c1b21490a6b16409797d50b1298e9980999a6fc42`
SHA3	`358623f5ee1d9680dfdec18d01c1365b5ad31f48af6346283ca93d2e3cded683`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.0.0.0
ProductVersion	1.0.0.1
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	3DMGAME
FileDescription	Stellar Blade v1.1-v1.4.1 Plus 43 Trainer
FileVersion (#2)	1.0.0.0
InternalName	Stellar Blade v1.1-v1.4.1 Plus 43 Trainer
LegalCopyright	FLiNG Copyright (C) 2025
OriginalFilename	Stellar Blade v1.1-v1.4.1 Plus 43 Trainer.exe
ProductName	Stellar Blade v1.1-v1.4.1 Plus 43 Trainer
ProductVersion (#2)	1.0.0.2

Resource LangID	Chinese - PRC

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Sep-30 19:52:23
Version	`0.0`
SizeofData	`1052`
AddressOfRawData	`0x102de8`
PointerToRawData	`0x1021e8`

TLS Callbacks

StartAddressOfRawData	`0x140103250`
EndAddressOfRawData	`0x140103258`
AddressOfIndex	`0x14011659c`
AddressOfCallbacks	`0x1400cf848`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x140113100`

RICH Header

XOR Key	`0x35c8d549`
Unmarked objects	`0`
C++ objects (33140)	`180`
C objects (33140)	`18`
ASM objects (33140)	`8`
ASM objects (35207)	`10`
C objects (35207)	`16`
C++ objects (35207)	`98`
Imports (VS2008 build 21022)	`2`
Imports (33140)	`17`
Total imports	`198`
C++ objects (33523)	`30`
C++ objects (LTCG) (35215)	`18`
Resource objects (35215)	`1`
151	`1`
Linker (35215)	`1`

Errors

Leave a comment

No comments yet.