Manalyze report for f4269ab35f8fea51f43f0ea0ad872d1d

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2025-Aug-12 22:41:14
Detected languages	English - United States
CompanyName	Input Sense
FileDescription	Helios II Launcher
FileVersion	`0.2.1.0`
InternalName	Helios Launcher
LegalCopyright	Copyright (C) 2024
OriginalFilename	Helios.exe
ProductName	Helios II
ProductVersion	`0.2.1.0`

Plugin Output

Info	The PE contains common functions which appear in legitimate applications.	`Possibly launches other programs: CreateProcessW`

Hashes

MD5	`f4269ab35f8fea51f43f0ea0ad872d1d`
SHA1	`0650e1342c1f900f6b1357646b88662c22bd6717`
SHA256	`e6cbd6db76d935d47ca640570228bcaf54c7af4200683858add4a3772e9d1cff`
SHA3	`2f9cf46e12d0eb01ff8e55cd1ed31070caa9c8a64c78b89306888b78b54875a4`
SSDeep	`6144:NLMrJvgfYrYaDmdoDI4i9ELf34wcOLD+J7d9zSvr/MzCbA/H3k07D9QSq:SI3Bdv5AMvzSvgzCbUrDt`
Imports Hash	`5942ae6c84caf0bc1d02124399c69c8b`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0xf8`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2025-Aug-12 22:41:14
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x6200`
SizeOfInitializedData	`0x46c00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000005924 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x51000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`347f1f2adabc6f9c33fe2cae3a86560a`
SHA1	`c3aa9bbdaccd2c748b42c5bec5d0e61d24f0799f`
SHA256	`04eefbd4f431f806911c3abb34ffa77d13827254fd077a2b4149e2c95c81209f`
SHA3	`5eaae262c13e18bc73e72b87b38c7d4d6e43e9c56825d2967efdb056e72358e0`
VirtualSize	`0x61fb`
VirtualAddress	`0x1000`
SizeOfRawData	`0x6200`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.22338`

.rdata

MD5	`9e92697b5d85ffae8ad0247fc4ff2289`
SHA1	`2d0a8f6e5fa22f0fe4a08c47a9e77beb66ad61cf`
SHA256	`1d73b3614b1ee7854f662858bb2b55a83d420e6eed6da9bef00b8076da3e4f26`
SHA3	`ee89fc9351155cd118b37e7e92d64636cf63d34ca51ff7ad68df55a68df7303a`
VirtualSize	`0x5bde`
VirtualAddress	`0x8000`
SizeOfRawData	`0x5c00`
PointerToRawData	`0x6600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.15133`

.data

MD5	`b75571f7106af17029990512334d9c04`
SHA1	`1455f3437391bbf4f5c3e643b22ed9c2f4aae221`
SHA256	`ce6aba996ff0eb37bddfb12d54f95e2fdef8f93c9ede0600e536853697739f17`
SHA3	`06017f3e84cc68244bda9f98afe0c90880414ed7e07dfef6c8ff596c89304270`
VirtualSize	`0x930`
VirtualAddress	`0xe000`
SizeOfRawData	`0x400`
PointerToRawData	`0xc200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.13363`

.pdata

MD5	`9f6116e7f60ff300f8cd20cf0ca2b176`
SHA1	`3d60f7c1bd9947751647183bb17cf22a170401fc`
SHA256	`74edce8766f4d85696116f59f9dd80411b72685645d3610cb42438216578001f`
SHA3	`6bd4b9b3e4018fce48736b7eac207d8796a281909666349b197a5c4e00e5e937`
VirtualSize	`0x69c`
VirtualAddress	`0xf000`
SizeOfRawData	`0x800`
PointerToRawData	`0xc600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.76331`

.rsrc

MD5	`a1d44e9a9378963137df20e10f155e71`
SHA1	`060b5274551ea7be87ce72e826ef92c10b2ec26e`
SHA256	`97ec0eea3db137603b554ea729e297a0db239f8d1fd9320bdcba6b3e9e5a6114`
SHA3	`b9e7e40176d4016a30eedec7aba28e5fc4116cbc4b20982c520be2ea5b827899`
VirtualSize	`0x3fbf8`
VirtualAddress	`0x10000`
SizeOfRawData	`0x3fc00`
PointerToRawData	`0xce00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`7.19546`

.reloc

MD5	`b69735e807430c90660a05151e469bec`
SHA1	`287cfd67ab48668a533ea150fdf17998c1fdffe7`
SHA256	`c8794edaff640da6b47bb961dba9e0cd383344f6852bf9c8b156494aea5bf7d1`
SHA3	`47761e0fbf736f2a6834d209fcf87104a3fa7ba67ae7bec5354b04c17bc3dd2a`
VirtualSize	`0x9c`
VirtualAddress	`0x50000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4ca00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`2.04936`

Imports

KERNEL32.dll	`GetCommandLineW` `DeleteFileW` `FindClose` `FindFirstFileW` `FindNextFileW` `CloseHandle` `GetLastError` `WaitForSingleObject` `GetExitCodeProcess` `CreateProcessW` `GetModuleFileNameW` `LocalFree` `MoveFileExW` `MultiByteToWideChar` `Sleep` `GetModuleHandleW` `GetStartupInfoW` `IsDebuggerPresent` `InitializeSListHead` `GetSystemTimeAsFileTime` `GetCurrentThreadId` `GetCurrentProcessId` `QueryPerformanceCounter` `IsProcessorFeaturePresent` `TerminateProcess` `GetCurrentProcess` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `RtlCaptureContext`
USER32.dll	`MessageBoxW`
SHELL32.dll	`CommandLineToArgvW`
MSVCP140.dll	`?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z` `?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z` `?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ` `?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ` `?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z` `?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ` `?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ` `?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?_Id_cnt@id@locale@std@@0HA` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `??Bios_base@std@@QEBA_NXZ` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z` `?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?always_noconv@codecvt_base@std@@QEBA_NXZ` `?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ` `?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ` `_Query_perf_frequency` `_Query_perf_counter` `?_Xout_of_range@std@@YAXPEBD@Z` `?_Xlength_error@std@@YAXPEBD@Z` `?_Xbad_alloc@std@@YAXXZ` `??0_Lockit@std@@QEAA@H@Z` `??1_Lockit@std@@QEAA@XZ`
VCRUNTIME140.dll	`__C_specific_handler` `memset` `__current_exception` `__current_exception_context` `memcpy` `memcmp` `_CxxThrowException` `__std_exception_copy` `__std_terminate` `memmove` `__std_exception_destroy`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
api-ms-win-crt-runtime-l1-1-0.dll	`exit` `_initterm_e` `_register_onexit_function` `_cexit` `terminate` `_initterm` `_invoke_watson` `_get_narrow_winmain_command_line` `_register_thread_local_exe_atexit_callback` `_set_app_type` `_exit` `_crt_atexit` `_seh_filter_exe` `_initialize_narrow_environment` `_configure_narrow_argv` `_c_exit` `_initialize_onexit_table`
api-ms-win-crt-stdio-l1-1-0.dll	`__p__commode` `fgetpos` `ungetc` `setvbuf` `fwrite` `_fseeki64` `fsetpos` `fread` `fputc` `_get_stream_buffer_pointers` `fgetc` `fflush` `fclose` `_set_fmode`
api-ms-win-crt-filesystem-l1-1-0.dll	`_lock_file` `_unlock_file`
api-ms-win-crt-heap-l1-1-0.dll	`free` `_callnewh` `malloc` `_set_new_mode`
api-ms-win-crt-string-l1-1-0.dll	`wcscmp` `wcslen`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.33017`
MD5	`e61cc3ad843a2026a51482227d5cfa35`
SHA1	`5bddd3f451498bc034cec1589dd6014c069cd3b8`
SHA256	`d81c387ba35c3ff42ae86e5c7731b1d8265461e0f7e7faa8dfd69809ce3a20b8`
SHA3	`90cf6abb71e9eec844057109d9dd7d12618c00928e1195fda57ce1c5ce2090f9`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.40242`
MD5	`7cfcc3d42c365aec6ad06f69db06d72b`
SHA1	`b519a44772a42f55e3b1396a17000d0e489d7c4d`
SHA256	`42979b16c87d8a1ae1373ff025a82f4b8f71639b45736dcfe25441da82007a0b`
SHA3	`40cadb3c285ef9c9dd731a04722dd8db6c5d4aacd45940ee269b6864666e022d`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.39227`
MD5	`24fb3540ad8867c4d8c0aec0499b5a37`
SHA1	`10ccf70653122d8fe51a2416abe339761f55ae76`
SHA256	`53be384235f55f8cc1afc5b75faf2552f8ff77f87ababce39531dc111aac8675`
SHA3	`12d192f6f5fea1102084ffde6f3a334776f56a0dbb72a11c8844039f7e7b6868`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.37279`
MD5	`5b06f416ffc531cafc727a2f84d4a17f`
SHA1	`93dd5c4aeddc2c0c970e9bb5918888502ccb49ab`
SHA256	`de6ac0b2b8b1bcad0cdc66570371a0fa70d1bfa29b32914ce43b67e11418f9ab`
SHA3	`1068449e3cfd4338e7e84b735878b7115c7eaad2067cdc5b4da3a529b317eff8`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.31193`
MD5	`fd6752418ad4e13668c95da89dd12982`
SHA1	`97fc5f645c67caf8ca7d944868c4b63fae2adb2d`
SHA256	`1dec8298b4aea496bc3d8609a641807dee2956bfcbd52f2eae5edff5e2dbb439`
SHA3	`7cc86e20b6380c00a38bef091272e2919ae05f589cc5acaa9f81420eb51e5803`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5488`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.25566`
MD5	`2946f8ea4a00b0458e8dad42d6ee7d92`
SHA1	`22307d99aad767d48f66d7094c8521518cb6255b`
SHA256	`da2f4d651adcd1f61df869bf60a87a6114e940fb3ada7b8bf3cc560f5b7a04f8`
SHA3	`c2c5a2537725cc32464d76121457fe17f99bd297dd278c7221b7bee2684344ad`

7

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x94a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.27297`
MD5	`ad8833fff87474641e61208ae473c5ff`
SHA1	`23cdbefbb56256d384038780bc3760222f578458`
SHA256	`920928439628e1578ed59d20e6edb3eca6155b8d683870edb6a9af26cdf7f801`
SHA3	`9f62109373f271fa7b5aea1a9efa941350836698a7af3e257a0e96666a8ffd18`

8

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x10828`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.2109`
MD5	`7fae9962caecbc7b030469576f7a9c34`
SHA1	`a007ff8df02cbf7656ae4010121ed48d96c2c6e5`
SHA256	`650ee8d4ff77aba616569f4796e9f59968af164d5b4fa7a3fbd3dce28ff13dc8`
SHA3	`9f8ac8be803b7221a23aa03d370e705c8415b978600733b78ac1745bd462841d`

9

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17c92`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.99244`
MD5	`2b8f5cf14f5e326bde8c0fc233f06958`
SHA1	`ac995cb4acb67d3e816f1948cb135310cb298613`
SHA256	`7b30dca2e66322c0dd77c57a5ec27cef260d3a5e25db259e8f00a27117e9a809`
SHA3	`46317d5f1c9db16bc2efa428ba7339818f2bba2118f33d78b5586fafbae24f49`

IDI_ICON1

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x84`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.05309`
MD5	`3b6c3d84388e0fd06368ffe110e779f1`
SHA1	`70b1966e6fd0f0a2429f28fcb6ee9ed2326d3b9a`
SHA256	`5e1850479b3271b583ee884c21459e5ef7d6d436d799eb81d7d721046e5dd5ba`
SHA3	`8f4931d2e8fe4c541142d73a301612eb33df3b49e928cb391f7d0ad6738b740d`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.34229`
MD5	`8a31bdab43728da2039eda3d0c039891`
SHA1	`a85096674e904e7724c65ce4719c5af2b30fded2`
SHA256	`728f114f846fc8477e304313b508b3fc054b04c6238b16157f2b393aa53b6b2f`
SHA3	`d57d3c1987730c17042d2069d868fb13da35002a421b1b30a3b4d79fd80d6199`

1 (#3)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	0.2.1.0
ProductVersion	0.2.1.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Input Sense
FileDescription	Helios II Launcher
FileVersion (#2)	0.2.1.0
InternalName	Helios Launcher
LegalCopyright	Copyright (C) 2024
OriginalFilename	Helios.exe
ProductName	Helios II
ProductVersion (#2)	0.2.1.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2025-Aug-12 22:41:14
Version	`0.0`
SizeofData	`780`
AddressOfRawData	`0xb5e4`
PointerToRawData	`0x9be4`

TLS Callbacks

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x14000e000`

RICH Header

XOR Key	`0x2b1ff7d9`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`14`
Imports (35207)	`6`
ASM objects (35207)	`3`
C objects (35207)	`10`
C++ objects (35207)	`29`
Imports (33140)	`7`
Total imports	`153`
C++ objects (35213)	`2`
Resource objects (35213)	`1`
151	`1`
Linker (35213)	`1`

Errors

[*] Warning: Please edit the configuration file with your VirusTotal API key.
Could not load company_names.yara!
[!] Error: Could not load yara_rules/bitcoin.yara!
[!] Error: Could not load yara_rules/monero.yara!
[!] Error: Could not load yara_rules/compilers.yara!
[!] Error: Could not load yara_rules/findcrypt.yara!
[!] Error: Could not load yara_rules/suspicious_strings.yara!
[!] Error: Could not load yara_rules/domains.yara!
[!] Error: Could not load yara_rules/peid.yara!