Manalyze report for bb620f189fc5c2c85aa9027fd2b4c7c3

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Dec-16 14:40:10
Detected languages	English - United States
TLS Callbacks	3 callback(s) detected.
CompanyName	PacketRaft
FileDescription	PacketRaft
FileVersion	`0.1.0`
LegalCopyright	Copyright © 2025 PacketRaft
OriginalFilename	PacketRaft.exe
ProductName	PacketRaft
ProductVersion	`0.1.0`

Plugin Output

Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentControlSet\Services` `Miscellaneous malware strings: System32\drivers\etc\hosts cmd.exe` Contains domain names: 0www.entrust.net GoDaddy.com acutedotcomb.cn adobe.com breveacutecomb.cn brevegravecomb.cn brevetildecomb.cn circumflexacutecomb.cn circumflexgravecomb.cn circumflexhookcomb.cn circumflextildecomb.cn commaaccentright.cn commaaccentrotate.cn daltonmaag.com entrust.net fallbacks.packetraft.ir github.com google.com http://ns.adobe http://ns.adobe.com http://ns.adobe.com/xap/1.0/ http://www.daltonmaag.com http://www.daltonmaag.com/Dalton http://www.w3.org http://www.w3.org/2000/svg https://docs.rs https://github.com https://openfontlicense.orgThis https://openfontlicense.orghttps https://packetraft.ir https://rsms.me https://scripts.sil.org https://scripts.sil.org/OFLFarsi https://scripts.sil.org/OFLhttps https://www.google.com inkscape.org ipspacketraft.ir macrondieresiscomb.cn ns.adobe.com openssl.org packetraft.ir scripts.sil.org tildecross.cn tonos.top uni02E5.cn uni02E6.cn uni02E7.cn uni02E8.cn uni02E9.cn www.daltonmaag.com www.entrust.net www.google.com www.inkscape.org www.w3.org
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32` `Uses constants related to SHA256` `Uses constants related to SHA512` `Uses constants related to RC5 or RC6`
Suspicious	The PE is possibly packed.	`Unusual section name found: .xdata`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA LoadLibraryExA LoadLibraryExW LoadLibraryW` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot SwitchToThread` `Can access the registry: RegCloseKey RegOpenKeyExW RegQueryValueExW` `Possibly launches other programs: CreateProcessW ShellExecuteA` `Uses Windows's Native API: NtCancelIoFileEx NtCreateFile NtDeviceIoControlFile NtOpenFile NtReadFile NtWriteFile NtCreateNamedPipeFile` `Can create temporary files: CreateFileW GetTempPathW` `Leverages the raw socket API to access the Internet: WSACleanup WSAGetLastError WSAIoctl WSASend WSASocketW WSAStartup bind closesocket connect freeaddrinfo getaddrinfo getpeername getsockname getsockopt ioctlsocket recv recvfrom send sendto setsockopt shutdown socket` `Manipulates other processes: Process32First Process32Next` `Can take screenshots: CreateCompatibleDC GetDC` `Modifies the network configuration: SetIpForwardEntry2`
Safe	VirusTotal score: 0/71 (Scanned on 2026-01-07 03:28:25)	`All the AVs think this file is safe.`

Hashes

MD5	`bb620f189fc5c2c85aa9027fd2b4c7c3`
SHA1	`63fd024959364d191c9c38e04f7b9e5b32e6eea2`
SHA256	`8257e76d82e2ded116aa83a247b81028d4898b1489feb0943c066a91c98352ec`
SHA3	`12ebff0d0eef6d64d5aa0eea109dd8efaf9ee872551888fcfee449151b4b83b3`
SSDeep	`98304:M8WwFfgSdllRBjr9R7yDX9eJG+0EwR7V1QJi4j33hAuIeIiMj5EKIylELdtYV+s:I6G+0ATjHhOpj/VKLdtyQ7J`
Imports Hash	`f75d0105054e14d36cc0ed761db46b6e`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`10`
TimeDateStamp	2025-Dec-16 14:40:10
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_DEBUG_STRIPPED` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`2.0`
SizeOfCode	`0x478e00`
SizeOfInitializedData	`0x36ec00`
SizeOfUninitializedData	`0x2600`
AddressOfEntryPoint	`0x00000000000013E0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`5.2`
Win32VersionValue	`0`
SizeOfImage	`0x7f1000`
SizeOfHeaders	`0x400`
Checksum	`0x7f5684`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`010a2bfdcdfa0e6224b1dc07aa0d2ef8`
SHA1	`0e37ec14410ead116dc96adb54ea35bab171edb7`
SHA256	`20a8a5a5836fa9b4e611c5e8d1088696219358d9bb4a93fb0441da3a87c3dc61`
SHA3	`fef8439a7c11b668b2059e42e523206cd3ad2f1549213089a0e05f3d6da382b1`
VirtualSize	`0x478df0`
VirtualAddress	`0x1000`
SizeOfRawData	`0x478e00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.30128`

.data

MD5	`a9b35dc73bd51d0cbf7b37d28675bebe`
SHA1	`96612291f10102f8bcb90f623446abaa57ea871c`
SHA256	`c9980e574463ebe950a9e93b98eee961118391e4c3b65dac977cf882bda31cdc`
SHA3	`0dcc8cf49b6293d4fef8fe54b86813806b2ab72d18a1e60d4e45458326888ca2`
VirtualSize	`0x43e0`
VirtualAddress	`0x47a000`
SizeOfRawData	`0x4400`
PointerToRawData	`0x479200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.40466`

.rdata

MD5	`6ec3840cd9cf1f12450ad11604a3d3df`
SHA1	`c97d4d16e68b5895bc56e0bd7d360e355176c726`
SHA256	`5964f57564d3afded9c926806196525f9ceb4694950f709db87f3317fe3a9e41`
SHA3	`01b1fba2b02a3e5c2be71a9875870657f2e06acb533eccefbd166532335060c2`
VirtualSize	`0x2d20e0`
VirtualAddress	`0x47f000`
SizeOfRawData	`0x2d2200`
PointerToRawData	`0x47d600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.77312`

.pdata

MD5	`cd574e20d30870c0ac8d04ffc0639071`
SHA1	`70d0feb8b9558edea8aa6a564a22e15bff47d85e`
SHA256	`a9213df5bb530153f3c4f309935680f433c0daeeb7a00f0583a62dfe07b717d0`
SHA3	`014d8b95d9658303f6dd330a9806e3eb999fb4f847a518dfde3651fae7ff886f`
VirtualSize	`0x19458`
VirtualAddress	`0x752000`
SizeOfRawData	`0x19600`
PointerToRawData	`0x74f800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.51363`

.xdata

MD5	`57e850f48df44fa69b5342763737718e`
SHA1	`b4fa9a840eb670a2822bc91402be2cb19e59f4b8`
SHA256	`0125ef5edb36723037d06bec4a47fbacf75ae08ed70b1c326a3753a945dc5f78`
SHA3	`e0f15a4be7d07424505604a01d850f3c096e486f241373405bfdf3d691aff3f3`
VirtualSize	`0x58404`
VirtualAddress	`0x76c000`
SizeOfRawData	`0x58600`
PointerToRawData	`0x768e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.86559`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x2540`
VirtualAddress	`0x7c5000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`a8878f4527f445dfd804a0daef4cdf0d`
SHA1	`3aac427a5412959d15fcf90f6fab5f8a974a964a`
SHA256	`a1f740be199f26c3423a7cb9c4984de824bc7b786627110bc930c172ec026909`
SHA3	`5ae40c2fb9cea33284fc0e4496cd3316318279e1891878d5876c167781b9ec94`
VirtualSize	`0x5708`
VirtualAddress	`0x7c8000`
SizeOfRawData	`0x5800`
PointerToRawData	`0x7c1400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.68514`

.tls

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x10`
VirtualAddress	`0x7ce000`
SizeOfRawData	`0x200`
PointerToRawData	`0x7c6c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`e99cb1ab7f1cf425104dcc0b6375d26c`
SHA1	`6b341e5b46bc8afd3a049b0974442c2ed8aa7cd3`
SHA256	`9fa70fe2e2185ea389b8cbd17a2e46b14ef0f58e63fbc96f3a0e02c1b785d518`
SHA3	`40d8296cdf663e9645073755d84651c71e36563121cf0d2af19877b564d6ee4b`
VirtualSize	`0x16980`
VirtualAddress	`0x7cf000`
SizeOfRawData	`0x16a00`
PointerToRawData	`0x7c6e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.71828`

.reloc

MD5	`ba23fcdb8995674249dfe879d8135e9a`
SHA1	`89b5815401435c4e556bf5ab67d6a38169a3e1ca`
SHA256	`aa44d59fcb70bf6645366a76450c63f6c2ea994960f938d37e6da352596e0e33`
SHA3	`d339c6ba35be96f03a5063b46d3330ec4d6866dd8dc43306521e6a6e729b4348`
VirtualSize	`0xa460`
VirtualAddress	`0x7e6000`
SizeOfRawData	`0xa600`
PointerToRawData	`0x7dd800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.4607`

Imports

WinDivert.dll	`WinDivertOpen` `WinDivertRecv` `WinDivertSend`
advapi32.dll	`AddAce` `CopySid` `FreeSid` `GetAce` `GetAclInformation` `GetSecurityDescriptorControl` `GetSecurityDescriptorDacl` `GetSecurityDescriptorGroup` `GetSecurityDescriptorOwner` `GetSecurityDescriptorSacl` `GetSidLengthRequired` `GetSidSubAuthorityCount` `InitializeAcl` `InitializeSecurityDescriptor` `IsValidSid` `RegCloseKey` `RegOpenKeyExW` `RegQueryValueExW` `SetSecurityDescriptorControl` `SetSecurityDescriptorDacl` `SetSecurityDescriptorGroup` `SetSecurityDescriptorOwner` `SetSecurityDescriptorSacl` `SystemFunction036`
bcrypt.dll	`BCryptGenRandom`
comctl32.dll	`DefSubclassProc` `RemoveWindowSubclass` `SetWindowSubclass`
gdi32.dll	`CreateCompatibleDC` `CreateDIBSection` `CreateSolidBrush` `DeleteDC` `DeleteObject` `GetDeviceCaps` `SelectObject` `SetBkMode` `SetTextColor`
kernel32.dll	`AddVectoredExceptionHandler` `CancelIo` `CloseHandle` `CompareStringOrdinal` `ConnectNamedPipe` `CreateDirectoryW` `CreateEventW` `CreateFileMappingA` `CreateFileW` `CreateIoCompletionPort` `CreateNamedPipeW` `CreateProcessW` `CreateThread` `CreateToolhelp32Snapshot` `CreateWaitableTimerExW` `DeleteFileW` `DisconnectNamedPipe` `DuplicateHandle` `ExitProcess` `FindClose` `FindFirstFileExW` `FindNextFileW` `FlushFileBuffers` `FormatMessageW` `FreeEnvironmentStringsW` `FreeLibrary` `GetCommandLineW` `GetConsoleMode` `GetConsoleOutputCP` `GetCurrentDirectoryW` `GetCurrentProcess` `GetCurrentThread` `GetEnvironmentStringsW` `GetEnvironmentVariableW` `GetExitCodeProcess` `GetFileAttributesW` `GetFileInformationByHandle` `GetFileInformationByHandleEx` `GetFileType` `GetFinalPathNameByHandleW` `GetFullPathNameW` `GetLastError` `GetModuleFileNameW` `GetModuleHandleA` `GetModuleHandleW` `GetOverlappedResult` `GetProcAddress` `GetProcessHeap` `GetQueuedCompletionStatusEx` `GetStdHandle` `GetSystemDirectoryW` `GetSystemInfo` `GetSystemTimePreciseAsFileTime` `GetTempPathW` `GetWindowsDirectoryW` `HeapAlloc` `HeapFree` `HeapReAlloc` `InitOnceBeginInitialize` `InitOnceComplete` `LoadLibraryA` `LoadLibraryExA` `LoadLibraryExW` `LoadLibraryW` `LocalAlloc` `LocalFree` `MapViewOfFile` `Module32FirstW` `Module32NextW` `MoveFileExW` `MultiByteToWideChar` `PostQueuedCompletionStatus` `Process32First` `Process32Next` `QueryPerformanceCounter` `QueryPerformanceFrequency` `ReadFile` `ReadFileEx` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `SetConsoleMode` `SetFileCompletionNotificationModes` `SetFileInformationByHandle` `SetHandleInformation` `SetLastError` `SetNamedPipeHandleState` `SetThreadErrorMode` `SetThreadStackGuarantee` `SetUnhandledExceptionFilter` `SetWaitableTimer` `Sleep` `SleepEx` `SwitchToThread` `TerminateProcess` `TlsAlloc` `TlsFree` `TlsGetValue` `TlsSetValue` `UnmapViewOfFile` `WaitForMultipleObjects` `WaitForSingleObject` `WaitNamedPipeW` `WriteConsoleW` `WriteFile` `WriteFileEx` `lstrlenW`
ntdll.dll	`NtCancelIoFileEx` `NtCreateFile` `NtDeviceIoControlFile` `NtOpenFile` `NtReadFile` `NtWriteFile` `RtlNtStatusToDosError`
ole32.dll	`CoTaskMemFree`
oleaut32.dll	`GetErrorInfo` `SysFreeString` `SysStringLen`
shell32.dll	`SHGetKnownFolderPath` `ShellExecuteA` `Shell_NotifyIconGetRect` `Shell_NotifyIconW`
user32.dll	`AppendMenuW` `CheckMenuItem` `ClientToScreen` `CreateAcceleratorTableW` `CreateIcon` `CreateMenu` `CreatePopupMenu` `CreateWindowExW` `DefWindowProcW` `DestroyAcceleratorTable` `DestroyIcon` `DestroyMenu` `DestroyWindow` `DrawIconEx` `DrawMenuBar` `DrawTextW` `FillRect` `GetActiveWindow` `GetClientRect` `GetCursorPos` `GetDC` `GetMenuBarInfo` `GetMenuItemInfoW` `GetWindowDC` `GetWindowLongPtrW` `GetWindowRect` `IsProcessDPIAware` `KillTimer` `MapWindowPoints` `MessageBoxW` `MonitorFromWindow` `OffsetRect` `PostMessageW` `PostQuitMessage` `RegisterClassW` `RegisterWindowMessageA` `ReleaseDC` `RemoveMenu` `SendInput` `SendMessageW` `SetForegroundWindow` `SetMenu` `SetMenuItemInfoW` `SetTimer` `SetWindowLongPtrW` `ShowWindow` `SystemParametersInfoA` `TrackPopupMenu`
ws2_32.dll	`WSACleanup` `WSAGetLastError` `WSAIoctl` `WSASend` `WSASocketW` `WSAStartup` `bind` `closesocket` `connect` `freeaddrinfo` `getaddrinfo` `getpeername` `getsockname` `getsockopt` `ioctlsocket` `recv` `recvfrom` `send` `sendto` `setsockopt` `shutdown` `socket`
kernel32.dll (#2)	`AddVectoredExceptionHandler` `CancelIo` `CloseHandle` `CompareStringOrdinal` `ConnectNamedPipe` `CreateDirectoryW` `CreateEventW` `CreateFileMappingA` `CreateFileW` `CreateIoCompletionPort` `CreateNamedPipeW` `CreateProcessW` `CreateThread` `CreateToolhelp32Snapshot` `CreateWaitableTimerExW` `DeleteFileW` `DisconnectNamedPipe` `DuplicateHandle` `ExitProcess` `FindClose` `FindFirstFileExW` `FindNextFileW` `FlushFileBuffers` `FormatMessageW` `FreeEnvironmentStringsW` `FreeLibrary` `GetCommandLineW` `GetConsoleMode` `GetConsoleOutputCP` `GetCurrentDirectoryW` `GetCurrentProcess` `GetCurrentThread` `GetEnvironmentStringsW` `GetEnvironmentVariableW` `GetExitCodeProcess` `GetFileAttributesW` `GetFileInformationByHandle` `GetFileInformationByHandleEx` `GetFileType` `GetFinalPathNameByHandleW` `GetFullPathNameW` `GetLastError` `GetModuleFileNameW` `GetModuleHandleA` `GetModuleHandleW` `GetOverlappedResult` `GetProcAddress` `GetProcessHeap` `GetQueuedCompletionStatusEx` `GetStdHandle` `GetSystemDirectoryW` `GetSystemInfo` `GetSystemTimePreciseAsFileTime` `GetTempPathW` `GetWindowsDirectoryW` `HeapAlloc` `HeapFree` `HeapReAlloc` `InitOnceBeginInitialize` `InitOnceComplete` `LoadLibraryA` `LoadLibraryExA` `LoadLibraryExW` `LoadLibraryW` `LocalAlloc` `LocalFree` `MapViewOfFile` `Module32FirstW` `Module32NextW` `MoveFileExW` `MultiByteToWideChar` `PostQueuedCompletionStatus` `Process32First` `Process32Next` `QueryPerformanceCounter` `QueryPerformanceFrequency` `ReadFile` `ReadFileEx` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `SetConsoleMode` `SetFileCompletionNotificationModes` `SetFileInformationByHandle` `SetHandleInformation` `SetLastError` `SetNamedPipeHandleState` `SetThreadErrorMode` `SetThreadStackGuarantee` `SetUnhandledExceptionFilter` `SetWaitableTimer` `Sleep` `SleepEx` `SwitchToThread` `TerminateProcess` `TlsAlloc` `TlsFree` `TlsGetValue` `TlsSetValue` `UnmapViewOfFile` `WaitForMultipleObjects` `WaitForSingleObject` `WaitNamedPipeW` `WriteConsoleW` `WriteFile` `WriteFileEx` `lstrlenW`
bcryptprimitives.dll	`ProcessPrng`
api-ms-win-core-synch-l1-2-0.dll	`WaitOnAddress` `WakeByAddressAll` `WakeByAddressSingle`
libcairo-2.dll	`cairo_move_to` `cairo_rel_curve_to` `cairo_rel_line_to` `cairo_set_dash` `cairo_set_line_cap` `cairo_set_line_width` `cairo_set_source_rgb` `cairo_status` `cairo_stroke`
libfontconfig-1.dll	`FcConfigAppFontAddFile`
libgdk_pixbuf-2.0-0.dll	`gdk_pixbuf_new_from_resource_at_scale`
libgio-2.0-0.dll	`g_application_activate` `g_application_command_line_get_is_remote` `g_application_flags_get_type` `g_application_get_is_registered` `g_application_run` `g_async_initable_get_type` `g_bus_get_sync` `g_dbus_connection_call_sync` `g_initable_get_type` `g_resource_new_from_data` `g_resource_unref` `g_resources_lookup_data` `g_resources_register`
libglib-2.0-0.dll	`g_bytes_get_data` `g_bytes_new` `g_bytes_new_static` `g_bytes_ref` `g_bytes_unref` `g_bytes_unref_to_data` `g_error_free` `g_free` `g_getenv` `g_main_context_acquire` `g_main_context_default` `g_main_context_invoke_full` `g_main_context_is_owner` `g_main_context_iteration` `g_main_context_pop_thread_default` `g_main_context_push_thread_default` `g_main_context_ref` `g_main_context_ref_thread_default` `g_main_context_release` `g_main_context_unref` `g_quark_to_string` `g_realloc` `g_setenv` `g_source_add_child_source` `g_source_attach` `g_source_destroy` `g_source_get_context` `g_source_new` `g_source_ref` `g_source_set_callback` `g_source_set_priority` `g_source_set_ready_time` `g_source_unref` `g_strfreev` `g_strndup` `g_timeout_add_full` `g_timeout_source_new` `g_variant_unref`
libgobject-2.0-0.dll	`g_initially_unowned_get_type` `g_object_class_find_property` `g_object_get_type` `g_object_new_with_properties` `g_object_ref` `g_object_ref_sink` `g_object_set_property` `g_object_unref` `g_param_spec_get_name` `g_param_spec_ref_sink` `g_param_spec_unref` `g_param_value_validate` `g_signal_connect_data` `g_signal_emitv` `g_signal_handler_block` `g_signal_handler_disconnect` `g_signal_handler_unblock` `g_signal_lookup` `g_signal_query` `g_strv_get_type` `g_type_check_value_holds` `g_type_class_ref` `g_type_class_unref` `g_type_is_a` `g_type_name` `g_type_test_flags` `g_value_dup_object` `g_value_get_object` `g_value_init` `g_value_set_boolean` `g_value_set_enum` `g_value_set_flags` `g_value_set_float` `g_value_set_int` `g_value_set_object` `g_value_set_uint` `g_value_take_boxed` `g_value_take_object` `g_value_take_string` `g_value_unset`
libgtk-4-1.dll	`gdk_clipboard_set_text` `gdk_display_create_gl_context` `gdk_display_get_clipboard` `gdk_display_get_default` `gdk_display_prepare_gl` `gdk_gl_context_clear_current` `gdk_gl_context_make_current` `gdk_surface_destroy` `gdk_surface_new_toplevel` `gdk_texture_new_for_pixbuf` `gsk_renderer_new_for_surface` `gsk_renderer_unrealize` `gtk_align_get_type` `gtk_application_add_window` `gtk_application_get_active_window` `gtk_application_get_type` `gtk_application_window_get_type` `gtk_box_append` `gtk_box_get_type` `gtk_box_new` `gtk_box_set_homogeneous` `gtk_button_get_type` `gtk_button_set_child` `gtk_button_set_label` `gtk_css_provider_load_from_string` `gtk_css_provider_new` `gtk_drawing_area_get_type` `gtk_drawing_area_set_draw_func` `gtk_drop_down_get_model` `gtk_drop_down_get_selected` `gtk_drop_down_new` `gtk_drop_down_new_from_strings` `gtk_drop_down_set_model` `gtk_drop_down_set_selected` `gtk_editable_get_text` `gtk_editable_set_text` `gtk_entry_get_type` `gtk_entry_grab_focus_without_selecting` `gtk_event_controller_key_new` `gtk_fixed_get_type` `gtk_fixed_put` `gtk_flow_box_append` `gtk_flow_box_get_type` `gtk_flow_box_remove_all` `gtk_header_bar_new` `gtk_header_bar_pack_start` `gtk_header_bar_set_title_widget` `gtk_image_get_type` `gtk_image_new_from_resource` `gtk_is_initialized` `gtk_justification_get_type` `gtk_label_get_label` `gtk_label_get_type` `gtk_label_new` `gtk_label_set_label` `gtk_orientable_set_orientation` `gtk_orientation_get_type` `gtk_overflow_get_type` `gtk_overlay_add_overlay` `gtk_overlay_get_type` `gtk_overlay_new` `gtk_overlay_set_child` `gtk_picture_new_for_paintable` `gtk_picture_new_for_resource` `gtk_picture_set_content_fit` `gtk_policy_type_get_type` `gtk_progress_bar_get_type` `gtk_progress_bar_set_fraction` `gtk_scrollbar_get_adjustment` `gtk_scrollbar_get_type` `gtk_scrollbar_set_adjustment` `gtk_scrolled_window_get_type` `gtk_scrolled_window_get_vscrollbar` `gtk_selection_mode_get_type` `gtk_settings_get_default` `gtk_stack_add_child` `gtk_stack_new` `gtk_stack_remove` `gtk_stack_set_transition_type` `gtk_stack_set_visible_child` `gtk_style_context_add_provider_for_display` `gtk_switch_get_active` `gtk_switch_get_type` `gtk_switch_new` `gtk_switch_set_active` `gtk_tooltip_set_custom` `gtk_widget_add_controller` `gtk_widget_add_css_class` `gtk_widget_get_first_child` `gtk_widget_get_name` `gtk_widget_get_parent` `gtk_widget_get_type` `gtk_widget_grab_focus` `gtk_widget_queue_draw` `gtk_widget_remove_css_class` `gtk_widget_set_css_classes` `gtk_widget_set_default_direction` `gtk_widget_set_direction` `gtk_widget_set_halign` `gtk_widget_set_has_tooltip` `gtk_widget_set_hexpand` `gtk_widget_set_sensitive` `gtk_widget_set_tooltip_text` `gtk_widget_set_valign` `gtk_widget_set_visible` `gtk_window_close` `gtk_window_get_titlebar` `gtk_window_get_type` `gtk_window_present` `gtk_window_set_child` `gtk_window_set_titlebar` `gtk_window_set_transient_for`
IPHLPAPI.DLL	`CreateIpForwardEntry2` `CreateUnicastIpAddressEntry` `FreeMibTable` `GetAdaptersAddresses` `GetAdaptersInfo` `GetExtendedTcpTable` `GetExtendedUdpTable` `GetIpForwardTable2` `GetIpInterfaceEntry` `InitializeIpForwardEntry` `InitializeIpInterfaceEntry` `InitializeUnicastIpAddressEntry` `SetInterfaceDnsSettings` `SetIpForwardEntry2` `SetIpInterfaceEntry`
KERNEL32.dll	`DeleteCriticalSection` `EnterCriticalSection` `InitializeCriticalSection` `LeaveCriticalSection` `RaiseException` `RtlUnwindEx` `VirtualProtect` `VirtualQuery` `__C_specific_handler`
msvcrt.dll	`__getmainargs` `__initenv` `__iob_func` `__set_app_type` `__setusermatherr` `_amsg_exit` `_cexit` `_commode` `_errno` `_fmode` `_fpreset` `_initterm` `abort` `atexit` `calloc` `ceilf` `exit` `fprintf` `free` `ldexp` `malloc` `memcmp` `memcpy` `memmove` `memset` `signal` `strlen` `strncmp` `vfprintf` `wcslen`
ntdll.dll (#2)	`NtCancelIoFileEx` `NtCreateFile` `NtDeviceIoControlFile` `NtOpenFile` `NtReadFile` `NtWriteFile` `RtlNtStatusToDosError`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x1128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.60152`
MD5	`a61705aed56d672310c1f92f49d4122c`
SHA1	`9f67ef698f540af52f4e9daee76699e9fb105071`
SHA256	`8d663d6ebe014d1e531aeacc8dd5f521814b37a510665a08c97bc4e9ddd784d8`
SHA3	`8fb2a072ed352aeed6f2ab7cc0cbe9384ed49af875c657c587d7dd9f25b53932`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4428`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.96264`
MD5	`8c9c961ed1a56acd34e773fa6f891c55`
SHA1	`8557c605eaf818246855c11273c87d619d5254de`
SHA256	`1df448378f2c6669c1b9255125d0628b343af8dd46ab6ef834a313f98d4dde5a`
SHA3	`ea8f6877282be8d840d06a1f12dd07a6dab83e3f06c027d84b1a67684daee988`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x11028`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.5139`
MD5	`f6381983abea53d3b3923a31c63b54a6`
SHA1	`2428df73a81b4ed7e29e0405444c284a7bdd4d50`
SHA256	`4d16a43a5d0411927c72df34dc120d10cdbacaa5397609dcac85a9cbefa97aa8`
SHA3	`c1d78d637060fb2ac16173f18f029a3dac4d8244148a0813633959ff41779d83`

32512

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x30`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.50343`
Detected Filetype	Icon file
MD5	`e46a43fd6394ee7d5f43115f9c518ed8`
SHA1	`1131b8452be9c50b673e28c14c194249e8b0eab1`
SHA256	`ced437264fa60757d0f8a6fed936e8dc59ecab6267be8f69d762a1469150b240`
SHA3	`0d390eeddab619b286bbe69c0c735827e3cd6033b2b494ff74603af3c80eba68`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x28c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.26547`
MD5	`8aa0220263cc414ec0c6d0bdb36aa206`
SHA1	`a979e0462502886fb2a728766884bb336bf0c2af`
SHA256	`a5b5f1dcc8350d09e08cdbbfa1cd15364dcf717e8c27129e0f34cb7170f0eb93`
SHA3	`07b5aa52959c83a16b4e992ade0767009a7c4c097edaef032eaf800fc3878ab9`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.1.0.0
ProductVersion	0.1.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	UNKNOWN
CompanyName	PacketRaft
FileDescription	PacketRaft
FileVersion (#2)	0.1.0
LegalCopyright	Copyright © 2025 PacketRaft
OriginalFilename	PacketRaft.exe
ProductName	PacketRaft
ProductVersion (#2)	0.1.0

Resource LangID	English - United States

TLS Callbacks

StartAddressOfRawData	`0x1407ce000`
EndAddressOfRawData	`0x1407ce008`
AddressOfIndex	`0x1407c747c`
AddressOfCallbacks	`0x1407510b0`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`0x00000001403D6620` `0x0000000140470DC0` `0x0000000140470DA0`

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!