Architecture |
IMAGE_FILE_MACHINE_I386
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 2019-Sep-01 15:33:12 |
Detected languages |
Chinese - PRC
English - United States |
Debug artifacts |
c:\x64_dbg\bin\x32\x32dbg_exe.pdb
|
FileDescription | x64dbg |
FileVersion | 0.0.2.5 |
LegalCopyright | x64dbg.com |
ProductName | x64dbg |
ProductVersion | 0.0.2.5 |
Info | Matching compiler(s): | MASM/TASM - sig1(h) |
Info | The PE contains common functions which appear in legitimate applications. |
[!] The program may be hiding some of its imports:
|
Info | The PE is digitally signed. |
Signer: Open Source Developer
Issuer: Certum Code Signing CA SHA2 |
Safe | VirusTotal score: 0/70 (Scanned on 2019-09-27 16:40:37) | All the AVs think this file is safe. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x108 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections | 5 |
TimeDateStamp | 2019-Sep-01 15:33:12 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xe0 |
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32 |
---|---|
LinkerVersion | 12.0 |
SizeOfCode | 0x1c00 |
SizeOfInitializedData | 0xa200 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x00002274 (Section: .text) |
BaseOfCode | 0x1000 |
BaseOfData | 0x3000 |
ImageBase | 0x400000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 5.1 |
ImageVersion | 0.0 |
SubsystemVersion | 5.1 |
Win32VersionValue | 0 |
SizeOfImage | 0x10000 |
SizeOfHeaders | 0x400 |
Checksum | 0x13af2 |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
x32bridge.dll |
BridgeStart
BridgeInit |
---|---|
KERNEL32.dll |
GetSystemTimeAsFileTime
QueryPerformanceCounter IsProcessorFeaturePresent GetProcAddress GetCurrentProcess GetCurrentProcessId RaiseException SetUnhandledExceptionFilter GetCurrentThreadId GetLastError IsDebuggerPresent CloseHandle GetLocalTime LoadLibraryA GetModuleHandleA GetCurrentDirectoryW CreateDirectoryW CreateFileW DecodePointer EncodePointer |
USER32.dll |
LoadStringW
MessageBoxW MessageBoxA |
MSVCP120.dll |
?_Winerror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ ?_Xlength_error@std@@YAXPBD@Z ?_Xout_of_range@std@@YAXPBD@Z ?_Syserror_map@std@@YAPBDH@Z |
MSVCR120.dll |
_invoke_watson
_controlfp_s wcscat_s _set_purecall_handler _set_invalid_parameter_handler vswprintf_s ?set_terminate@@YAP6AXXZP6AXXZ@Z signal _purecall ??2@YAPAXI@Z ??3@YAXPAX@Z memmove _CxxThrowException __CxxFrameHandler3 memcpy _vsnprintf_s _lock _unlock _calloc_crt __dllonexit _onexit ??1type_info@@UAE@XZ _XcptFilter __crtGetShowWindowMode _amsg_exit __getmainargs __set_app_type exit _exit _cexit _ismbblead _configthreadlocale __setusermatherr _initterm_e _initterm _acmdln _fmode _commode _crt_debugger_hook __crtUnhandledException __crtTerminateProcess _except_handler4_common ?terminate@@YAXXZ __crtSetUnhandledExceptionFilter |
Setup |
Error |
Error getting module path! |
Question |
Do you want to register a shell extension? |
Do you want to create Desktop Shortcuts? |
Done! |
New configuration written! |
安装 |
错误 |
获取模块路径时出错! |
温馨提示 |
您想要为调试器注册右键菜单吗? |
您想要创建桌面快捷方式吗? |
完成! |
新的配置已经写入! |
Path to x32dbg not specified in launcher configuration... |
Path to x64dbg not specified in launcher configuration... |
Invalid PE File! |
File not found or in use! |
A Debugger for the future! |
Running as Admin? |
RegCreateKey failed! |
RegSetValueEx failed! |
RegOpenKeyEx Failed! |
BridgeInit Error |
Debug with x64dbg |
Do you want to register the database icon? |
BridgeStart Error |
启动器的配置文件中没有指定x32dbg的路径... |
启动器的配置文件中没有指定x64dbg的路径... |
无效的PE文件! |
文件没找到,或者已被占用! |
一个面向未来的调试器! |
您确定以管理员权限运行本程序了吗? |
RegCreateKey 失败! |
RegSetValueEx 失败! |
RegOpenKeyEx 失败! |
BridgeInit 发生错误 |
用x64dbg调试 |
您想为调试数据库设置图标吗? |
BridgeStart 发生错误 |
Signature | 0xfeef04bd |
---|---|
StructVersion | 0x10000 |
FileVersion | 0.0.2.5 |
ProductVersion | 0.0.2.5 |
FileFlags | (EMPTY) |
FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
FileType |
VFT_UNKNOWN
|
Language | English - United States |
FileDescription | x64dbg |
FileVersion (#2) | 0.0.2.5 |
LegalCopyright | x64dbg.com |
ProductName | x64dbg |
ProductVersion (#2) | 0.0.2.5 |
Resource LangID | UNKNOWN |
---|
Characteristics |
0
|
---|---|
TimeDateStamp | 2019-Sep-01 15:33:12 |
Version | 0.0 |
SizeofData | 58 |
AddressOfRawData | 0x3550 |
PointerToRawData | 0x2550 |
Referenced File | c:\x64_dbg\bin\x32\x32dbg_exe.pdb |
Characteristics |
0
|
---|---|
TimeDateStamp | 2019-Sep-01 15:33:12 |
Version | 0.0 |
SizeofData | 20 |
AddressOfRawData | 0x358c |
PointerToRawData | 0x258c |
Size | 0x48 |
---|---|
TimeDateStamp | 1970-Jan-01 00:00:00 |
Version | 0.0 |
GlobalFlagsClear | (EMPTY) |
GlobalFlagsSet | (EMPTY) |
CriticalSectionDefaultTimeout | 0 |
DeCommitFreeBlockThreshold | 0 |
DeCommitTotalFreeThreshold | 0 |
LockPrefixTable | 0 |
MaximumAllocationSize | 0 |
VirtualMemoryThreshold | 0 |
ProcessAffinityMask | 0 |
ProcessHeapFlags | (EMPTY) |
CSDVersion | 0 |
Reserved1 | 0 |
EditList | 0 |
SecurityCookie | 0x40500c |
SEHandlerTable | 0x403720 |
SEHandlerCount | 3 |
XOR Key | 0x5b28d8c3 |
---|---|
Unmarked objects | 0 |
199 (41118) | 1 |
ASM objects (VS2013 build 21005) | 2 |
C objects (VS2013 build 21005) | 19 |
C++ objects (VS2013 build 21005) | 4 |
221 (VS2013 build 21005) | 4 |
Imports (VS2008 SP1 build 30729) | 4 |
221 (VS2013 UPD5 build 40629) | 3 |
Total imports | 75 |
C++ objects (VS2013 UPD5 build 40629) | 2 |
Resource objects (VS2013 build 21005) | 1 |
151 | 2 |
Linker (VS2013 UPD5 build 40629) | 1 |