Manalyze report for c3a788fd4e10376e089267469a526d3e

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2021-Jan-01 23:59:42
Detected languages	English - United States

Plugin Output

Info	Libraries used to perform cryptographic operations:	`Microsoft's Cryptography API`
Suspicious	This PE is packed with VMProtect	`Unusual section name found: .vmp0` `Unusual section name found: .vmp1`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Can access the registry: SHDeleteKeyW` `Possibly launches other programs: ShellExecuteA` `Uses Microsoft's cryptographic API: CryptAcquireContextA` `Has Internet access capabilities: URLDownloadToFileA` `Leverages the raw socket API to access the Internet: #22`
Malicious	VirusTotal score: 39/71 (Scanned on 2021-01-07 12:03:37)	`Elastic: malicious (high confidence)` `MicroWorld-eScan: Gen:Variant.Bulz.222216` `FireEye: Generic.mg.c3a788fd4e10376e` `McAfee: Artemis!C3A788FD4E10` `Cylance: Unsafe` `Sangfor: Malware` `K7AntiVirus: Trojan ( 0055b8231 )` `Alibaba: Packed:Win64/VMProtect.6ad12b2a` `K7GW: Trojan ( 0055b8231 )` `Cybereason: malicious.d4e103` `Cyren: W64/Trojan.IAPV-1042` `Symantec: Trojan.Gen.MBT` `APEX: Malicious` `Avast: Win64:Trojan-gen` `BitDefender: Gen:Variant.Bulz.222216` `Paloalto: generic.ml` `AegisLab: Trojan.Win32.Bulz.4!c` `Ad-Aware: Gen:Variant.Bulz.222216` `Emsisoft: Gen:Variant.Bulz.222216 (B)` `F-Secure: Heuristic.HEUR/AGEN.1110460` `McAfee-GW-Edition: BehavesLike.Win64.Generic.tc` `Sophos: Generic PUA LG (PUA)` `Ikarus: Trojan.Win64.Vmprotect` `GData: Gen:Variant.Bulz.222216` `Avira: HEUR/AGEN.1110460` `Arcabit: Trojan.Bulz.D36408` `Microsoft: Trojan:Win32/Tiggre!rfn` `Cynet: Malicious (score: 100)` `AhnLab-V3: Malware/Gen.RL_Reputation.R361595` `ALYac: Gen:Variant.Bulz.222216` `MAX: malware (ai score=83)` `ESET-NOD32: a variant of Win64/Packed.VMProtect.IH` `TrendMicro-HouseCall: TROJ_GEN.R002H09A221` `SentinelOne: Static AI - Suspicious PE` `Fortinet: W32/PossibleThreat` `MaxSecure: Trojan.Malware.300983.susgen` `AVG: Win64:Trojan-gen` `CrowdStrike: win/malicious_confidence_80% (D)` `Qihoo-360: Generic/HEUR/QVM202.0.5444.Malware.Gen`

Hashes

MD5	`c3a788fd4e10376e089267469a526d3e`
SHA1	`b661aaaee3055cfc7f9912a6ab458cc5868e5541`
SHA256	`07656c9e45fe999b39c9df3120d931b47dec1d9878e9bcb7bbda3ff67cd41415`
SHA3	`ad480f6c91866e1a5fa914c587f71b40114d85c1c3621ffe9220bb91c3099b04`
SSDeep	`393216:nx/AN8aSb0FLubeT9mUv135PbXb3ET3T6BCdk:nx4N8ae0U0EGhLqTkCdk`
Imports Hash	`569aaed20474d732a1340fb447a4a69b`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`9`
TimeDateStamp	2021-Jan-01 23:59:42
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x29ec00`
SizeOfInitializedData	`0x109200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000DD776D (Section: .vmp1)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x1b1d000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x29ea9c`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`

.rdata

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0xd442c`
VirtualAddress	`0x2a0000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`

.data

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x112fc`
VirtualAddress	`0x375000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.pdata

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x1b12c`
VirtualAddress	`0x387000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`

_RDATA

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x94`
VirtualAddress	`0x3a3000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`

.vmp0

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0xa00c31`
VirtualAddress	`0x3a4000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_NOT_PAGED` `IMAGE_SCN_MEM_READ`

.vmp1

MD5	`c047792e73b8f62df415d0eaa1817b79`
SHA1	`110ddcd762f329920f01b225242e200e50c1e80d`
SHA256	`d735a1f5f59e0287d798c6eaa88b50a5ed893c873589b276600fb5d48c634073`
SHA3	`2f6829439afd40c2ad729f2dfbc1d5de92a1ea13be6d1273fd8acab5757160f3`
VirtualSize	`0xd7538c`
VirtualAddress	`0xda5000`
SizeOfRawData	`0xd75400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_NOT_PAGED` `IMAGE_SCN_MEM_READ`
Entropy	`7.97835`

.reloc

MD5	`4971cc249d1a6a51dd12b823870acd3e`
SHA1	`b5499c5c76338fbfcc99613833d759be8187dd12`
SHA256	`2d66c444fd75ef0564f11b8cc86772cc98e546bf5b5a180d05c0d315c627257d`
SHA3	`0e5278d1b563c032a90e7d6137fefa6337193259dafb9cb1d96b2011a8402f0c`
VirtualSize	`0xb0`
VirtualAddress	`0x1b1b000`
SizeOfRawData	`0x200`
PointerToRawData	`0xd75800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.95195`

.rsrc

MD5	`448e0a451a227eb51e3c4f84bac6b79e`
SHA1	`ada543617500b9b1a1db5c9c9cad42f3d625fe3a`
SHA256	`c92af268c89952c12ff58487ac0803803a9b37ac4f5ab13afc0911e0fb17776f`
SHA3	`8a34f4ca9ab35c6d37f483d0a65863c1265ac675d893166b0da5455f5ba2b7dd`
VirtualSize	`0x1e0`
VirtualAddress	`0x1b1c000`
SizeOfRawData	`0x200`
PointerToRawData	`0xd75a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.78028`

Imports

ole32.dll	`CoInitialize`
WS2_32.dll	`#22`
WLDAP32.dll	`#46`
CRYPT32.dll	`CertGetCertificateContextProperty`
ADVAPI32.dll	`CryptAcquireContextA`
KERNEL32.dll	`VirtualProtect`
USER32.dll	`MoveWindow`
SHELL32.dll	`ShellExecuteA`
OLEAUT32.dll	`#9`
SHLWAPI.dll	`SHDeleteKeyW`
USERENV.dll	`UnloadUserProfile`
RPCRT4.dll	`UuidCreate`
urlmon.dll	`URLDownloadToFileA`
bcrypt.dll	`BCryptGenRandom`
WTSAPI32.dll	`WTSSendMessageW`
KERNEL32.dll (#2)	`VirtualProtect`
USER32.dll (#2)	`MoveWindow`
KERNEL32.dll (#3)	`VirtualProtect`
USER32.dll (#3)	`MoveWindow`

Delayed Imports

??0Assembler@asmjit@@QEAA@PEAURuntime@1@@Z

Ordinal	`1`
Address	`0xa7990`

??0CodeGen@asmjit@@QEAA@PEAURuntime@1@@Z

Ordinal	`2`
Address	`0xb9040`

??0HostRuntime@asmjit@@QEAA@XZ

Ordinal	`3`
Address	`0xb14d0`

??0JitRuntime@asmjit@@QEAA@XZ

Ordinal	`4`
Address	`0xb1630`

??0Runtime@asmjit@@QEAA@XZ

Ordinal	`5`
Address	`0xb1490`

??0StaticRuntime@asmjit@@QEAA@PEAX_K@Z

Ordinal	`6`
Address	`0xb1510`

??0VMemMgr@asmjit@@QEAA@PEAX@Z

Ordinal	`7`
Address	`0xad780`

??0X86Assembler@asmjit@@QEAA@PEAURuntime@1@I@Z

Ordinal	`8`
Address	`0xb1960`

??0Zone@asmjit@@QEAA@_K@Z

Ordinal	`9`
Address	`0xb9380`

??1Assembler@asmjit@@UEAA@XZ

Ordinal	`10`
Address	`0xa7a10`

??1CodeGen@asmjit@@UEAA@XZ

Ordinal	`11`
Address	`0xb9090`

??1HostRuntime@asmjit@@UEAA@XZ

Ordinal	`12`
Address	`0xb14c0`

??1JitRuntime@asmjit@@UEAA@XZ

Ordinal	`13`
Address	`0xb16d0`

??1Runtime@asmjit@@UEAA@XZ

Ordinal	`14`
Address	`0xb14c0`

??1StaticRuntime@asmjit@@UEAA@XZ

Ordinal	`15`
Address	`0xb14c0`

??1VMemMgr@asmjit@@QEAA@XZ

Ordinal	`16`
Address	`0xad7f0`

??1X86Assembler@asmjit@@UEAA@XZ

Ordinal	`17`
Address	`0xb1a00`

??1Zone@asmjit@@QEAA@XZ

Ordinal	`18`
Address	`0xb93a0`

??_FVMemMgr@asmjit@@QEAAXXZ

Ordinal	`19`
Address	`0x909d0`

?_alloc@Zone@asmjit@@QEAAPEAX_K@Z

Ordinal	`20`
Address	`0xb94d0`

?_emit@X86Assembler@asmjit@@UEAAIIAEBUOperand@2@000@Z

Ordinal	`21`
Address	`0xb2140`

?_grow@Assembler@asmjit@@QEAAI_K@Z

Ordinal	`22`
Address	`0xa7bc0`

?_grow@PodVectorBase@asmjit@@IEAAI_K0@Z

Ordinal	`23`
Address	`0xb91c0`

?_newLabel@Assembler@asmjit@@QEAAIPEAULabel@2@@Z

Ordinal	`24`
Address	`0xa7e20`

?_newLabelLink@Assembler@asmjit@@QEAAPEAULabelLink@2@XZ

Ordinal	`25`
Address	`0xa7ef0`

?_nullData@PodVectorBase@asmjit@@2UPodVectorData@2@B

Ordinal	`26`
Address	`0x344260`

?_registerIndexedLabels@Assembler@asmjit@@QEAAI_K@Z

Ordinal	`27`
Address	`0xa7d40`

?_relocCode@X86Assembler@asmjit@@UEBA_KPEAX_K@Z

Ordinal	`28`
Address	`0xb1fe0`

?_reserve@Assembler@asmjit@@QEAAI_K@Z

Ordinal	`29`
Address	`0xa7ca0`

?_reserve@PodVectorBase@asmjit@@IEAAI_K0@Z

Ordinal	`30`
Address	`0xb92f0`

?_x86CondToCmovcc@asmjit@@3QBIB

Ordinal	`31`
Address	`0x347e60`

?_x86CondToJcc@asmjit@@3QBIB

Ordinal	`32`
Address	`0x347f00`

?_x86CondToSetcc@asmjit@@3QBIB

Ordinal	`33`
Address	`0x347eb0`

?_x86InstExtendedInfo@asmjit@@3QBUX86InstExtendedInfo@1@B

Ordinal	`34`
Address	`0x344270`

?_x86InstInfo@asmjit@@3QBUX86InstInfo@1@B

Ordinal	`35`
Address	`0x345ce0`

?_x86ReverseCond@asmjit@@3QBIB

Ordinal	`36`
Address	`0x347e10`

?add@JitRuntime@asmjit@@UEAAIPEAPEAXPEAUAssembler@2@@Z

Ordinal	`37`
Address	`0xb1740`

?add@StaticRuntime@asmjit@@UEAAIPEAPEAXPEAUAssembler@2@@Z

Ordinal	`38`
Address	`0xb1540`

?align@X86Assembler@asmjit@@UEAAIII@Z

Ordinal	`39`
Address	`0xb1c90`

?alloc@VMemMgr@asmjit@@QEAAPEAX_KI@Z

Ordinal	`40`
Address	`0xad8f0`

?alloc@VMemUtil@asmjit@@SAPEAX_KPEA_KI@Z

Ordinal	`41`
Address	`0xacb20`

?allocProcessMemory@VMemUtil@asmjit@@SAPEAXPEAX_KPEA_KI@Z

Ordinal	`42`
Address	`0xacbc0`

?allocZeroed@Zone@asmjit@@QEAAPEAX_K@Z

Ordinal	`43`
Address	`0xb95b0`

?bind@Assembler@asmjit@@UEAAIAEBULabel@2@@Z

Ordinal	`44`
Address	`0xa7f60`

?callCpuId@X86CpuUtil@asmjit@@SAXIIPEATX86CpuId@2@@Z

Ordinal	`45`
Address	`0xc11c0`

?detect@X86CpuUtil@asmjit@@SAXPEAUX86CpuInfo@2@@Z

Ordinal	`46`
Address	`0xc11e0`

?detectHwThreadsCount@CpuInfo@asmjit@@SAIXZ

Ordinal	`47`
Address	`0xbc730`

?dup@Zone@asmjit@@QEAAPEAXPEBX_K@Z

Ordinal	`48`
Address	`0xb9610`

?embed@Assembler@asmjit@@UEAAIPEBXI@Z

Ordinal	`49`
Address	`0xa8090`

?embedLabel@X86Assembler@asmjit@@QEAAIAEBULabel@2@@Z

Ordinal	`50`
Address	`0xb1b30`

?emit@Assembler@asmjit@@QEAAII@Z

Ordinal	`51`
Address	`0xa81f0`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00@Z

Ordinal	`52`
Address	`0xa8260`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00H@Z

Ordinal	`53`
Address	`0xa84d0`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00_K@Z

Ordinal	`54`
Address	`0xa8530`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0@Z

Ordinal	`55`
Address	`0xa8240`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0H@Z

Ordinal	`56`
Address	`0xa8410`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0_K@Z

Ordinal	`57`
Address	`0xa8470`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@@Z

Ordinal	`58`
Address	`0xa8220`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@H@Z

Ordinal	`59`
Address	`0xa8350`

?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@_K@Z

Ordinal	`60`
Address	`0xa83b0`

?emit@Assembler@asmjit@@QEAAIIH@Z

Ordinal	`61`
Address	`0xa8290`

?emit@Assembler@asmjit@@QEAAII_K@Z

Ordinal	`62`
Address	`0xa82f0`

?flush@HostRuntime@asmjit@@UEAAXPEAX_K@Z

Ordinal	`63`
Address	`0x5d930`

?getCpuInfo@HostRuntime@asmjit@@UEAAPEBUCpuInfo@2@XZ

Ordinal	`64`
Address	`0xb1500`

?getHost@CpuInfo@asmjit@@SAPEBU12@XZ

Ordinal	`65`
Address	`0xbc770`

?getPageGranularity@VMemUtil@asmjit@@SA_KXZ

Ordinal	`66`
Address	`0xacb00`

?getPageSize@VMemUtil@asmjit@@SA_KXZ

Ordinal	`67`
Address	`0xacae0`

?getStackAlignment@HostRuntime@asmjit@@UEAAIXZ

Ordinal	`68`
Address	`0x73db0`

?make@Assembler@asmjit@@UEAAPEAXXZ

Ordinal	`69`
Address	`0xa8150`

?noOperand@asmjit@@3UOperand@1@B

Ordinal	`70`
Address	`0x344250`

?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KAEBUX86Reg@2@IHI@Z

Ordinal	`71`
Address	`0xb1850`

?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KHI@Z

Ordinal	`72`
Address	`0xb1820`

?release@JitRuntime@asmjit@@UEAAIPEAX@Z

Ordinal	`73`
Address	`0xb1810`

?release@StaticRuntime@asmjit@@UEAAIPEAX@Z

Ordinal	`74`
Address	`0x5d6f0`

?release@VMemMgr@asmjit@@QEAAIPEAX@Z

Ordinal	`75`
Address	`0xada00`

?release@VMemUtil@asmjit@@SAIPEAX_K@Z

Ordinal	`76`
Address	`0xacc60`

?releaseProcessMemory@VMemUtil@asmjit@@SAIPEAX0_K@Z

Ordinal	`77`
Address	`0xacca0`

?relocCode@Assembler@asmjit@@QEBA_KPEAX_K@Z

Ordinal	`78`
Address	`0xa8120`

?reset@Assembler@asmjit@@QEAAX_N@Z

Ordinal	`79`
Address	`0xa7af0`

?reset@PodVectorBase@asmjit@@QEAAX_N@Z

Ordinal	`80`
Address	`0xb9170`

?reset@VMemMgr@asmjit@@QEAAXXZ

Ordinal	`81`
Address	`0xad840`

?reset@Zone@asmjit@@QEAAX_N@Z

Ordinal	`82`
Address	`0xb9420`

?sdup@Zone@asmjit@@QEAAPEADPEBD@Z

Ordinal	`83`
Address	`0xb9690`

?setArch@X86Assembler@asmjit@@QEAAII@Z

Ordinal	`84`
Address	`0xb1a10`

?setError@CodeGen@asmjit@@QEAAIIPEBD@Z

Ordinal	`85`
Address	`0xb90c0`

?setErrorHandler@CodeGen@asmjit@@QEAAIPEAUErrorHandler@2@@Z

Ordinal	`86`
Address	`0xb9120`

?sformat@Zone@asmjit@@QEAAPEADPEBDZZ

Ordinal	`87`
Address	`0xb9740`

?shrink@VMemMgr@asmjit@@QEAAIPEAX_K@Z

Ordinal	`88`
Address	`0xadbd0`

?x86RegData@asmjit@@3UX86RegData@1@B

Ordinal	`89`
Address	`0x343400`

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x188`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.89623`
MD5	`b8e76ddb52d0eb41e972599ff3ca431b`
SHA1	`fc12d7ad112ddabfcd8f82f290d84e637a4d62f8`
SHA256	`165c5c883fd4fd36758bcba6baf2faffb77d2f4872ffd5ee918a16f91de5a8a8`
SHA3	`37f83338b28cb102b1b14f27280ba1aa3fffb17f7bf165cb7b675b7e8eb7cddd`

Version Info

TLS Callbacks

Load Configuration

Size	`0x138`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14037a6d0`

RICH Header

Errors

[!] Error: Could not reach the TLS callback table.
[*] Warning: Section .text has a size of 0!
[*] Warning: Section .rdata has a size of 0!
[*] Warning: Section .data has a size of 0!
[*] Warning: Section .pdata has a size of 0!
[*] Warning: Section _RDATA has a size of 0!
[*] Warning: Section .vmp0 has a size of 0!