Manalyze report for ef45c74071372cda72c07b7888eb12d7

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2020-Nov-21 04:52:40
Detected languages	English - United States
Debug artifacts	F:\Documents\GitHub\output\csgo-cheat\release\csgo-release.pdb

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Info	Interesting strings found in the binary:	`Contains domain names: gameshark.org`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32`
Malicious	The PE contains functions mostly used by malware.	`Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot FindWindowA` `Code injection capabilities (PowerLoader): GetWindowLongA FindWindowA` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Has Internet access capabilities: InternetCloseHandle InternetReadFile InternetOpenUrlA InternetOpenA` `Enumerates local disk drives: GetVolumeInformationA`
Malicious	VirusTotal score: 8/70 (Scanned on 2020-11-24 22:27:33)	`Bkav: W32.AIDetectVM.malware1` `Sangfor: Malware` `CrowdStrike: win/malicious_confidence_60% (D)` `APEX: Malicious` `Cynet: Malicious (score: 100)` `ESET-NOD32: a variant of Win32/GameHack.EPN potentially unsafe` `SentinelOne: Static AI - Suspicious PE` `Qihoo-360: Generic/HEUR/QVM30.2.6937.Malware.Gen`

Hashes

MD5	`ef45c74071372cda72c07b7888eb12d7`
SHA1	`d5e43ac54c946fb9a63d552ec8c7ce0a52e12271`
SHA256	`1f5b4c2c22d4aa00defc0abcf855b298f2ba172cb2a43c33e54d68561d5faf24`
SHA3	`ba62d0d9e83b85f0c9dfa0bf464168542ff967145eac62df3f2a81379232d21d`
SSDeep	`6144:TtNimp8ohHVSFJ4AvXGs8122id4NO0xnQqgj52+8CMPECBJDgWMJ:Ttyoh1S7fvv81FCp0pQf1u77`
Imports Hash	`99e19518a331f1ccd7d509b73a70ffc1`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2020-Nov-21 04:52:40
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_DLL` `IMAGE_FILE_EXECUTABLE_IMAGE`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x47600`
SizeOfInitializedData	`0xef800`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000445EF (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x49000`
ImageBase	`0x10000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x13a000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`6e5dcfa617f6a9a7a016f42f2dd6ba94`
SHA1	`51e78d424737a242060ea7bd161e56cf413d50fa`
SHA256	`b11f5937018164c878d8fe9e275f5d633786a3b85778c061cd730982a8dd9eba`
SHA3	`0165b479160b05d0c20a48070f4f202d1e5ca2576c17addd2734a14a35e45472`
VirtualSize	`0x47476`
VirtualAddress	`0x1000`
SizeOfRawData	`0x47600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.66499`

.rdata

MD5	`0a404781427c65b882c06b60a5ed0d05`
SHA1	`6c8fd668e16d8187cd5e5ebaf45941059a00d82a`
SHA256	`0e65cf89249a46683bccf76d5ab85ba9806fc05703f3312724baabbdffe016c8`
SHA3	`9b550a18f8ae610eda8c63e1c1cc1eaf491e8c38851c01fd1cb5e63460b36ccc`
VirtualSize	`0xee82`
VirtualAddress	`0x49000`
SizeOfRawData	`0xf000`
PointerToRawData	`0x47a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.29353`

.data

MD5	`7fc9045614d5f04bd8d5a3ce81d67a1c`
SHA1	`c857525da0c1dace15ab2702e60096c99e902655`
SHA256	`f79f841082271fb717ff2fc79df4f93b0d615cf049970f84c6f6dfa113d5e6d4`
SHA3	`7d46f908838e4ff3d9243653068d0b49a673863630c0969cad2cb8b56683318f`
VirtualSize	`0xc544`
VirtualAddress	`0x58000`
SizeOfRawData	`0x2800`
PointerToRawData	`0x56a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.94329`

.rsrc

MD5	`38166be8ff05909fbe3a131031e6d10a`
SHA1	`d28437d8ad2a1cb00f7ff1edee17283707508650`
SHA256	`073915270b8b536d3cae9b69c57183132ec810e3f9df5bdcf5def59d11489756`
SHA3	`bc8a7569a3b9ad1fc68e9e0fbc3b0926d3c8b6c2b0c76361f3ad999eed90351c`
VirtualSize	`0xcfc08`
VirtualAddress	`0x65000`
SizeOfRawData	`0xcfe00`
PointerToRawData	`0x59200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`1.13679`

.reloc

MD5	`96a226781b1f3a0620e42e794839ef9c`
SHA1	`f86da1f0d34143fe9d649c6dcf1c8ba38416644c`
SHA256	`8fffff813043ed7d4e73b1cc9923c5814c130b4f2d8f742ee1ad1d7c33b8f57a`
SHA3	`50f5afd4b9b8946aa4fba1d75acdb5c4838fbc92f520b968208cf85f7cbd2e42`
VirtualSize	`0x422c`
VirtualAddress	`0x135000`
SizeOfRawData	`0x4400`
PointerToRawData	`0x129000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.68114`

Imports

KERNEL32.dll	`GetModuleHandleA` `GetProcAddress` `GetTickCount64` `LoadResource` `LockResource` `SizeofResource` `FindResourceA` `VirtualAlloc` `VirtualFree` `VirtualQuery` `CloseHandle` `HeapCreate` `HeapDestroy` `HeapAlloc` `HeapReAlloc` `HeapFree` `Sleep` `GetCurrentProcess` `GetCurrentProcessId` `GetCurrentThreadId` `OpenThread` `SuspendThread` `ResumeThread` `GetThreadContext` `SetThreadContext` `FlushInstructionCache` `VirtualProtect` `GetModuleHandleW` `CreateToolhelp32Snapshot` `Thread32First` `Thread32Next` `AllocConsole` `FreeConsole` `SetConsoleTitleA` `MultiByteToWideChar` `GetStdHandle` `GetVolumeInformationA` `CreateThread` `GetSystemInfo` `DisableThreadLibraryCalls` `FreeLibraryAndExitThread` `GetConsoleScreenBufferInfo` `SetConsoleScreenBufferSize` `SetConsoleTextAttribute` `GetConsoleWindow` `GetSystemTimeAsFileTime` `QueryPerformanceCounter` `IsDebuggerPresent` `IsProcessorFeaturePresent` `TerminateProcess` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `CreateEventW` `WaitForSingleObjectEx` `ResetEvent` `SetEvent` `DeleteCriticalSection` `InitializeCriticalSectionAndSpinCount` `LeaveCriticalSection` `EnterCriticalSection` `WideCharToMultiByte` `SetLastError` `GetLastError` `AreFileApisANSI` `RemoveDirectoryW` `GetFileInformationByHandle` `GetFileAttributesExW` `FindNextFileW` `FindFirstFileExW` `FindClose` `DeleteFileW` `CreateFileW` `CreateDirectoryW` `FormatMessageA` `LocalFree` `InitializeSListHead`
USER32.dll	`SetWindowLongA` `GetWindowLongA` `MessageBoxA` `GetWindowRect` `MoveWindow` `FindWindowA` `GetAsyncKeyState` `GetCursorPos` `ScreenToClient` `GetKeyNameTextA`
SHELL32.dll	`SHGetKnownFolderPath`
ole32.dll	`CoTaskMemFree`
MSVCP140.dll	`?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ` `?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z` `?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ` `?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ` `??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ` `?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z` `?_Xbad_function_call@std@@YAXXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ` `?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ` `?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z` `??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z` `?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z` `_Xtime_get_ticks` `_Query_perf_counter` `_Query_perf_frequency` `_Thrd_sleep` `?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ` `?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z` `?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z` `?always_noconv@codecvt_base@std@@QBE_NXZ` `?_Winerror_map@std@@YAHH@Z` `?_Syserror_map@std@@YAPBDH@Z` `?uncaught_exception@std@@YA_NXZ` `?id@?$numpunct@D@std@@2V0locale@2@A` `?_Incref@facet@locale@std@@UAEXXZ` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z` `?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ` `?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ` `?_Init@locale@std@@CAPAV_Locimp@12@_N@Z` `??1facet@locale@std@@MAE@XZ` `??0facet@locale@std@@IAE@I@Z` `??Bid@locale@std@@QAEIXZ` `?c_str@?$_Yarn@D@std@@QBEPBDXZ` `?_Gettrue@_Locinfo@std@@QBEPBDXZ` `?_Getfalse@_Locinfo@std@@QBEPBDXZ` `??1_Locinfo@std@@QAE@XZ` `??0_Locinfo@std@@QAE@PBD@Z` `??1_Lockit@std@@QAE@XZ` `??0_Lockit@std@@QAE@H@Z` `?_Xout_of_range@std@@YAXPBD@Z` `?_Xlength_error@std@@YAXPBD@Z` `?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ` `?_Xbad_alloc@std@@YAXXZ`
WININET.dll	`InternetCloseHandle` `InternetReadFile` `InternetOpenUrlA` `InternetOpenA`
VCRUNTIME140.dll	`memchr` `memcmp` `__current_exception` `memmove` `__CxxFrameHandler3` `__std_type_info_compare` `__std_exception_destroy` `__std_exception_copy` `strstr` `_purecall` `_CxxThrowException` `__current_exception_context` `_except_handler4_common` `__std_type_info_destroy_list` `memset` `__std_terminate` `memcpy`
api-ms-win-crt-runtime-l1-1-0.dll	`_invalid_parameter_noinfo_noreturn` `_errno` `_initterm_e` `strerror_s` `terminate` `abort` `_seh_filter_dll` `_configure_narrow_argv` `_initialize_narrow_environment` `_initialize_onexit_table` `_wassert` `_initterm` `_cexit` `_crt_atexit` `_execute_onexit_table` `_register_onexit_function`
api-ms-win-crt-heap-l1-1-0.dll	`free` `realloc` `_callnewh` `malloc` `calloc`
api-ms-win-crt-math-l1-1-0.dll	`_fdclass` `_ldclass` `_dclass` `_fdsign` `remainderf` `ceil` `_libm_sse2_sqrt_precise` `_dsign` `_libm_sse2_atan_precise` `_CIatan2` `_libm_sse2_sin_precise` `_libm_sse2_cos_precise` `_hypotf` `_ldsign`
api-ms-win-crt-utility-l1-1-0.dll	`srand` `rand`
api-ms-win-crt-time-l1-1-0.dll	`_time64`
api-ms-win-crt-string-l1-1-0.dll	`toupper` `tolower`
api-ms-win-crt-stdio-l1-1-0.dll	`fclose` `__stdio_common_vsnprintf_s` `fwrite` `__acrt_iob_func` `fflush` `fgetc` `fputc` `fread` `fsetpos` `_fseeki64` `setvbuf` `freopen_s` `ftell` `fseek` `_get_stream_buffer_pointers` `fopen` `__stdio_common_vsprintf` `ungetc` `fgetpos`
api-ms-win-crt-locale-l1-1-0.dll	`localeconv` `___lc_codepage_func`
api-ms-win-crt-convert-l1-1-0.dll	`strtoull` `strtoll` `atoi` `strtoul` `mbstowcs_s` `strtod`
api-ms-win-crt-filesystem-l1-1-0.dll	`_lock_file` `remove` `_unlock_file`

Delayed Imports

101

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3585`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.92738`
Detected Filetype	PNG graphic file
MD5	`5e46c74c5de3b3275742daedd483f91e`
SHA1	`ac3167b53bacf2a889681c3c4dee7ef2ccd57f7c`
SHA256	`1f840f1075dcbebd68f04fc1daa5c1a2da8c53ddaa263ba25719312dfdd33815`
SHA3	`f0dc4edfef8fdcbcb77ce39c7b39731bee07c01db897b2bd451e805e9e21e682`

102

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0xcc26a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`0.897378`
Detected Filetype	PNG graphic file
MD5	`7e24791eb8ff84be9face221d44b7a3b`
SHA1	`0e61fa25dd696579a7ef482c5a9a3ba81b2c8261`
SHA256	`0cecd2a3f9c6d0d2236c38bd6554e9920d60d02ed891bb7483b7557e726029d4`
SHA3	`07d2f5044f8609776214bd503c9c5e725bb33a2512b0fddc1bfcf22f67c4e258`

103

Type	`PNG`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.63026`
Detected Filetype	PNG graphic file
MD5	`990f00361a3659b19a9b8f6fd81ec811`
SHA1	`680bc2caaefb16051e1b6e687b70041eeeaf73b8`
SHA256	`136c6db152cb86383261aed3d40c4f22bea81765ee6972392b25dce41beb2bbf`
SHA3	`ed2e1ac85044445d003232b19c0410b124141a66766309b8b9c64d1166634f54`

2

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2020-Nov-21 04:52:40
Version	`0.0`
SizeofData	`87`
AddressOfRawData	`0x523a0`
PointerToRawData	`0x50da0`
Referenced File	F:\Documents\GitHub\output\csgo-cheat\release\csgo-release.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2020-Nov-21 04:52:40
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x523f8`
PointerToRawData	`0x50df8`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2020-Nov-21 04:52:40
Version	`0.0`
SizeofData	`800`
AddressOfRawData	`0x5240c`
PointerToRawData	`0x50e0c`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2020-Nov-21 04:52:40
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x1005273c`
EndAddressOfRawData	`0x10052744`
AddressOfIndex	`0x100641ec`
AddressOfCallbacks	`0x100494d8`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0xb8`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x100598e4`
SEHandlerTable	`0x100520a8`
SEHandlerCount	`190`

RICH Header

XOR Key	`0xcef659ef`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`20`
C objects (28920)	`12`
ASM objects (28920)	`11`
C++ objects (28920)	`25`
Imports (28920)	`4`
262 (26715)	`1`
Imports (26715)	`11`
Total imports	`269`
C objects (29112)	`5`
C++ objects (29112)	`36`
Resource objects (29112)	`1`
151	`1`
Linker (29112)	`1`

ef45c74071372cda72c07b7888eb12d7

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.rdata

.data

.rsrc

.reloc

Imports

Delayed Imports

101

102

103

2

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

IMAGE_DEBUG_TYPE_VC_FEATURE

IMAGE_DEBUG_TYPE_POGO

IMAGE_DEBUG_TYPE_ILTCG

TLS Callbacks

Load Configuration

RICH Header

Errors