f88f621fbdadbe657a021a694e217cef

Summary

Architecture IMAGE_FILE_MACHINE_I386
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Compilation Date 2023-Jan-09 14:32:56
Detected languages English - United States
TLS Callbacks 4 callback(s) detected.
Debug artifacts C:\devops\data\p-de29a525dbdc4491830d2e9993627fc7\win\out\MTRelease\WXWorkWeb.pdb

Plugin Output

Info Matching compiler(s): Microsoft Visual C++ 6.0 - 8.0
MASM/TASM - sig2(h)
MASM/TASM - sig1(h)
Info Interesting strings found in the binary: Contains domain names:
  • doc.weixin.qq.com
  • docs.qq.com
  • weixin.qq.com
  • work.weixin.qq.com
  • wxdocs.qq.com
Info Cryptographic algorithms detected in the binary: Uses constants related to CRC32
Uses constants related to MD5
Uses constants related to SHA1
Uses known Mersenne Twister constants
Suspicious The PE is possibly packed. Unusual section name found: malloc_h
Malicious The PE contains functions mostly used by malware. [!] The program may be hiding some of its imports:
  • LoadLibraryW
  • LoadLibraryA
  • LoadLibraryExW
  • GetProcAddress
 Functions which can be used for anti-debugging purposes:
  • CreateToolhelp32Snapshot
  • SwitchToThread
 Code injection capabilities:
  • VirtualAllocEx
  • WriteProcessMemory
  • VirtualAlloc
  • CreateRemoteThread
 Code injection capabilities (mapping injection):
  • CreateFileMappingW
  • MapViewOfFile
  • MapViewOfFileEx
  • CreateFileMappingA
  • CreateRemoteThread
 Can access the registry:
  • RegQueryValueExW
  • RegOpenKeyW
  • RegOpenKeyExW
  • RegCreateKeyExW
  • RegCloseKey
  • RegQueryValueExA
  • RegOpenKeyExA
 Possibly launches other programs:
  • CreateProcessW
  • CreateProcessAsUserW
  • ShellExecuteW
 Uses Windows's Native API:
  • NtQueryInformationThread
  • NtOpenKeyedEvent
  • NtReleaseKeyedEvent
  • NtWaitForKeyedEvent
 Can create temporary files:
  • GetTempPathW
  • CreateFileW
  • CreateFileA
 Memory manipulation functions often used by packers:
  • VirtualAllocEx
  • VirtualAlloc
  • VirtualProtectEx
 Leverages the raw socket API to access the Internet:
  • getsockname
  • listen
  • socket
  • connect
  • accept
  • recv
  • send
  • WSAGetLastError
  • select
  • WSASetLastError
  • htonl
  • WSAStartup
  • ioctlsocket
  • closesocket
  • WSACleanup
  • bind
 Functions related to the privilege level:
  • DuplicateTokenEx
  • DuplicateToken
  • AdjustTokenPrivileges
  • OpenProcessToken
 Enumerates local disk drives:
  • GetDriveTypeW
 Manipulates other processes:
  • ReadProcessMemory
  • WriteProcessMemory
 Changes object ACLs:
  • SetKernelObjectSecurity
  • SetSecurityInfo
Info The PE is digitally signed. Signer: Tencent Technology(Shenzhen) Company Limited
Issuer: DigiCert Assured ID Code Signing CA-1
Safe VirusTotal score: 0/58 (Scanned on 2023-01-24 07:24:40) All the AVs think this file is safe.

Hashes

MD5 f88f621fbdadbe657a021a694e217cef
SHA1 410245a578c4683c5b026c6ccf80698f700f45be
SHA256 669d55fed517f04b4beed47bd4553e853edb400b269561a47c46ecb73bbecc7b
SHA3 ac4d6cfb0b77ea50083df7d406233be2b707e6d83cc98211841de9ed752c5264
SSDeep 49152:TEivU/SdpBqqTpYz1daRJv2QlsHCFoSRfZe+KRNHonEoezVm4Q:TEQfbC4lsHUbSnHo+s
Imports Hash 57756f2d6808dd5e80e8485e05d295ea

DOS Header

e_magic MZ
e_cblp 0x90
e_cp 0x3
e_crlc 0
e_cparhdr 0x4
e_minalloc 0
e_maxalloc 0xffff
e_ss 0
e_sp 0xb8
e_csum 0
e_ip 0
e_cs 0
e_ovno 0
e_oemid 0
e_oeminfo 0
e_lfanew 0x158

PE Header

Signature PE
Machine IMAGE_FILE_MACHINE_I386
NumberofSections 6
TimeDateStamp 2023-Jan-09 14:32:56
PointerToSymbolTable 0
NumberOfSymbols 0
SizeOfOptionalHeader 0xe0
Characteristics IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Image Optional Header

Magic PE32
LinkerVersion 14.0
SizeOfCode 0x257a00
SizeOfInitializedData 0xabe00
SizeOfUninitializedData 0
AddressOfEntryPoint 0x001D6440 (Section: .text)
BaseOfCode 0x1000
BaseOfData 0x25a000
ImageBase 0x400000
SectionAlignment 0x1000
FileAlignment 0x200
OperatingSystemVersion 6.0
ImageVersion 0.0
SubsystemVersion 6.0
Win32VersionValue 0
SizeOfImage 0x309000
SizeOfHeaders 0x400
Checksum 0x308aca
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
DllCharacteristics IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
SizeofStackReserve 0x100000
SizeofStackCommit 0x1000
SizeofHeapReserve 0x100000
SizeofHeapCommit 0x1000
LoaderFlags 0
NumberOfRvaAndSizes 16

.text

MD5 57b2cf6163d288adbb386c2b70a4bdfc
SHA1 736b4aa69fa277b1115e87fa34fab88b9976e379
SHA256 6b0700ec5902489ebbf0cf830e2ac958f939d4d981315ffb8e73e8826e0fc285
SHA3 4f181bce55edaccdbbc01c2ea3c88d1cb4eaca79094f09349d085e72f5773f2d
VirtualSize 0x2577b8
VirtualAddress 0x1000
SizeOfRawData 0x257800
PointerToRawData 0x400
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 6.51215

malloc_h

MD5 e17684783d95d452fb3951563b9d104f
SHA1 0677bf7db737e78470d531d63089c3e0b6f61cf8
SHA256 8d426ce7d832b5b231f873734083f199641a6f72358c9e23508b9255e4337bb4
SHA3 709276ebd9c089308600b1ca0a9c0e67c66eb35bab036de98dda25702172f418
VirtualSize 0x101
VirtualAddress 0x259000
SizeOfRawData 0x200
PointerToRawData 0x257c00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Entropy 3.69518

.rdata

MD5 3101a2c755abcc370907911c4d4ce0f2
SHA1 9dfff8328df7329c316534681a05de79b01fa041
SHA256 1ff356c869c55cebb2359619acdaf1d271240dc9674457037ffc6c896547e4cd
SHA3 89e8be5388abbb92525cb4b46818dd6f5b81841e971d322f5d4acc140b804048
VirtualSize 0x7616a
VirtualAddress 0x25a000
SizeOfRawData 0x76200
PointerToRawData 0x257e00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.90823

.data

MD5 b1ea889180352ab17a19a2b98d90484b
SHA1 f15edba8b3ef63a3187db53bdb2b6f10bc253baf
SHA256 51cdfc4c2928e486ab0c05c75384f39884e190624dedded1a4cfc0abc5759cd4
SHA3 7e8bbc572dd223baab354e3aca5236023f2555d3bead00b416ec6f5864595fa2
VirtualSize 0x156cc
VirtualAddress 0x2d1000
SizeOfRawData 0xea00
PointerToRawData 0x2ce000
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Entropy 4.93167

.rsrc

MD5 983874b34a50514a71899e7082491d18
SHA1 156c2cfd74bccb61d04dc635bbc1ab890b470c62
SHA256 794cd73a41ecb7bf2f046659dc9748775320364efd9a4cb851d2ad3cf9a49e9e
SHA3 5a4a6afde52971ce58224fb572e9ea7a851b4ee4ebf519b3bc3a9e71f02d8ed8
VirtualSize 0x1e0
VirtualAddress 0x2e7000
SizeOfRawData 0x200
PointerToRawData 0x2dca00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Entropy 4.71063

.reloc

MD5 8be12ec9e5dd8cd1973e73bf4c4d8877
SHA1 9c05a940a40c4b9c111fb6e36229b44deadd305f
SHA256 4148cb61563c3fb43467b9db94414c6ab10109744b55f015dfcb582ea32c4626
SHA3 a457201b7a127bd6bee3c772f2ce5099f4d531d9e94849212beda3f1bc996976
VirtualSize 0x200fc
VirtualAddress 0x2e8000
SizeOfRawData 0x20200
PointerToRawData 0x2dcc00
PointerToRelocations 0
PointerToLineNumbers 0
NumberOfLineNumbers 0
NumberOfRelocations 0
Characteristics IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Entropy 6.61369

Imports

adj.dll ?GetStatusADJ@@YAHXZ
SHLWAPI.dll PathMatchSpecW
PathFileExistsW
libcef.dll cef_v8context_get_current_context
cef_v8value_create_array
cef_v8value_create_object
cef_v8value_create_string
cef_v8value_create_double
cef_v8value_create_int
cef_v8value_create_bool
cef_v8value_create_null
cef_string_multimap_free
cef_string_multimap_alloc
cef_zip_reader_create
cef_string_multimap_append
cef_string_multimap_value
cef_string_multimap_key
cef_string_multimap_size
cef_string_map_append
cef_string_map_value
cef_string_map_key
cef_string_map_size
cef_string_list_append
cef_string_list_value
cef_string_list_size
cef_dictionary_value_create
cef_browser_host_create_browser
cef_cookie_manager_get_global_manager
cef_get_min_log_level
cef_stream_reader_create_for_data
cef_stream_reader_create_for_file
cef_log
cef_value_create
cef_write_json
cef_parse_json
cef_get_mime_type
cef_quit_message_loop
cef_run_message_loop
cef_shutdown
cef_execute_process
cef_register_extension
cef_post_delayed_task
cef_post_task
cef_currently_on
cef_api_hash
cef_command_line_create
cef_string_map_free
cef_string_map_alloc
cef_string_list_free
cef_string_list_alloc
cef_process_message_create
cef_list_value_create
cef_string_userfree_utf16_free
cef_stream_reader_create_for_handler
cef_string_utf16_clear
cef_string_utf8_to_utf16
cef_string_utf16_set
cef_string_utf8_clear
cef_string_utf16_cmp
cef_string_utf16_to_utf8
cef_string_ascii_to_utf16
cef_time_from_doublet
cef_time_to_basetime
cef_initialize
KERNEL32.dll HeapFree
HeapSize
GetProcessHeap
PostQueuedCompletionStatus
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
TlsAlloc
TlsFree
GetModuleFileNameW
LoadLibraryW
SearchPathW
SetUnhandledExceptionFilter
SetErrorMode
InitializeCriticalSection
CreateEventW
TerminateProcess
GetCurrentThreadId
OpenThread
SuspendThread
CreateProcessW
VirtualQuery
VirtualAllocEx
ReadProcessMemory
WriteProcessMemory
CreateFileMappingW
MapViewOfFile
FindResourceExW
GetModuleHandleW
LoadResource
LockResource
SizeofResource
WaitForMultipleObjects
FindResourceW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
Module32FirstW
Module32NextW
GetNamedPipeServerProcessId
InterlockedExchange
SetWaitableTimer
WaitForSingleObjectEx
CreateEventA
CreateWaitableTimerW
InterlockedDecrement
SetEvent
InterlockedExchangeAdd
SleepEx
TlsGetValue
InterlockedIncrement
QueryPerformanceCounter
DeleteFileW
GetNativeSystemInfo
SetThreadPriority
GetCurrentThread
TlsSetValue
InterlockedCompareExchange
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
TerminateThread
QueueUserAPC
VerSetConditionMask
VerifyVersionInfoW
CreateIoCompletionPort
TryEnterCriticalSection
ReleaseSRWLockExclusive
RegisterWaitForSingleObject
UnregisterWaitEx
CreateNamedPipeW
ConnectNamedPipe
WaitNamedPipeW
CancelIo
OutputDebugStringA
GetLocalTime
GetCurrentDirectoryW
ResetEvent
GetThreadPriority
CreateThread
IsDebuggerPresent
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetDiskFreeSpaceExW
SetInformationJobObject
DecodePointer
CreateDirectoryW
QueryDosDeviceW
GetLongPathNameW
RemoveDirectoryW
GetTempPathW
GetFileAttributesW
SetFileAttributesW
GetFileAttributesExW
SetCurrentDirectoryW
MoveFileExW
LoadLibraryA
GetModuleHandleExW
GetThreadTimes
VirtualQueryEx
HeapAlloc
GetFileInformationByHandle
FlushFileBuffers
FindFirstFileExW
FindNextFileW
HeapSetInformation
GetUserDefaultLangID
ExpandEnvironmentStringsW
InitializeSListHead
IsProcessorFeaturePresent
GetLocaleInfoEx
GetCPInfo
CompareStringEx
LCMapStringEx
EncodePointer
GetCurrentProcessorNumber
GetCommandLineW
LoadLibraryExW
FreeLibrary
VirtualFree
VirtualAlloc
GetVersionExW
ReadFile
GetFileSize
CreateFileW
GetModuleHandleA
GetProcAddress
WriteFile
SetFilePointerEx
SetEndOfFile
RemoveDirectoryA
CreateDirectoryA
LocalFree
FormatMessageA
GetFileSizeEx
GetSystemInfo
CreateFileA
MapViewOfFileEx
CreateFileMappingA
ReleaseSemaphore
CreateSemaphoreA
HeapDestroy
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
UnmapViewOfFile
ReleaseMutex
WaitForSingleObject
WakeConditionVariable
InitializeConditionVariable
GetExitCodeThread
InitOnceExecuteOnce
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
AcquireSRWLockExclusive
InitializeSRWLock
GetFileTime
GetFullPathNameW
DeviceIoControl
GetWindowsDirectoryW
AreFileApisANSI
OutputDebugStringW
LCMapStringW
GetUserDefaultLCID
SetProcessDEPPolicy
UnregisterWait
CreateMutexA
FindClose
FindNextFileA
FindFirstFileA
DuplicateHandle
CloseHandle
SetLastError
GetLastError
TerminateJobObject
GetUserDefaultLocaleName
EnumSystemLocalesEx
GetProductInfo
IsWow64Process
TryAcquireSRWLockExclusive
GetThreadId
SwitchToThread
GetTickCount
Sleep
GetProcessTimes
GetSystemTimeAsFileTime
K32EmptyWorkingSet
ExitProcess
GetCurrentProcessId
GetCurrentProcess
UnhandledExceptionFilter
HeapReAlloc
QueryPerformanceFrequency
RaiseException
GetStartupInfoW
GetEnvironmentVariableW
RtlCaptureStackBackTrace
GetFileType
SetHandleInformation
AssignProcessToJobObject
SetThreadAffinityMask
GetProcessHeaps
CreateJobObjectW
QueryInformationJobObject
VirtualProtectEx
DeleteProcThreadAttributeList
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
CreateMutexW
VirtualFreeEx
GetProcessHandleCount
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
WriteConsoleW
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetACP
GetStdHandle
GetTimeZoneInformation
SetStdHandle
GetConsoleMode
GetConsoleCP
PeekNamedPipe
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
SetConsoleCtrlHandler
GetCommandLineA
InterlockedPushEntrySList
RtlUnwind
CreateWaitableTimerA
OpenEventA
WaitForMultipleObjectsEx
GetLogicalProcessorInformation
SetEnvironmentVariableW
CreateRemoteThread
GetSystemDirectoryW
DebugBreak
lstrlenW
FindFirstFileW
USER32.dll DefWindowProcW
CallWindowProcW
ClientToScreen
ScreenToClient
GetWindowLongW
SetWindowLongW
GetWindow
DestroyWindow
LoadCursorW
RegisterClassExW
CreateWindowExW
PostQuitMessage
KillTimer
SendMessageW
GetQueueStatus
UnregisterClassW
SystemParametersInfoW
CreateDesktopW
SetProcessWindowStation
GetThreadDesktop
CreateWindowStationW
MsgWaitForMultipleObjectsEx
PeekMessageW
SetTimer
GetProcessWindowStation
GetUserObjectInformationW
TranslateMessage
CloseWindowStation
CloseDesktop
PostMessageW
DispatchMessageW
ADVAPI32.dll RegQueryValueExW
RegDisablePredefinedCache
SetTokenInformation
GetSecurityDescriptorSacl
GetAce
SetKernelObjectSecurity
GetKernelObjectSecurity
DuplicateTokenEx
MapGenericMask
DuplicateToken
GetSecurityDescriptorDacl
GetNamedSecurityInfoW
ImpersonateLoggedOnUser
AccessCheck
InitializeSid
IsValidSid
GetLengthSid
CreateWellKnownSid
ConvertStringSidToSidW
ConvertSidToStringSidW
EqualSid
CreateProcessAsUserW
SetThreadToken
CreateRestrictedToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetSecurityInfo
SetSecurityInfo
BuildTrusteeWithSidW
SetEntriesInAclW
AddMandatoryAce
FreeSid
GetSidSubAuthority
OpenProcessToken
GetTokenInformation
InitializeAcl
SystemFunction036
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExW
ReadEventLogA
CloseEventLog
OpenEventLogA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RevertToSelf
SHELL32.dll ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
SHGetSpecialFolderPathW
ole32.dll CoUninitialize
CoInitializeEx
CoTaskMemFree
PSAPI.DLL QueryWorkingSetEx
WS2_32.dll getsockname
listen
socket
connect
accept
recv
send
WSAGetLastError
select
WSASetLastError
htonl
WSAStartup
ioctlsocket
closesocket
WSACleanup
bind
ntdll.dll RtlNtStatusToDosError
NtQueryInformationThread
NtOpenKeyedEvent
NtReleaseKeyedEvent
NtWaitForKeyedEvent
VERSION.dll VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
dbghelp.dll SymCleanup
SymFromAddr
SymSetOptions
SymGetSearchPathW
SymInitialize
SymGetLineFromAddr64
SymSetSearchPathW
WINMM.dll timeEndPeriod
timeBeginPeriod
timeGetTime

Delayed Imports

GetHandleVerifier

Ordinal 1
Address 0x27cb0

IsSandboxedProcess

Ordinal 2
Address 0x10c0

1

Type RT_MANIFEST
Language English - United States
Codepage UNKNOWN
Size 0x17d
TimeDateStamp 1980-Jan-01 00:00:00
Entropy 4.91161
MD5 1e4a89b11eae0fcf8bb5fdd5ec3b6f61
SHA1 4260284ce14278c397aaf6f389c1609b0ab0ce51
SHA256 4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df
SHA3 4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics 0
TimeDateStamp 2023-Jan-09 14:32:56
Version 0.0
SizeofData 106
AddressOfRawData 0x2a18f4
PointerToRawData 0x29f6f4
Referenced File C:\devops\data\p-de29a525dbdc4491830d2e9993627fc7\win\out\MTRelease\WXWorkWeb.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics 0
TimeDateStamp 2023-Jan-09 14:32:56
Version 0.0
SizeofData 20
AddressOfRawData 0x2a1960
PointerToRawData 0x29f760

IMAGE_DEBUG_TYPE_POGO

Characteristics 0
TimeDateStamp 2023-Jan-09 14:32:56
Version 0.0
SizeofData 1188
AddressOfRawData 0x2a1974
PointerToRawData 0x29f774

TLS Callbacks

StartAddressOfRawData 0x6a1e28
EndAddressOfRawData 0x6a1ed0
AddressOfIndex 0x6e08f8
AddressOfCallbacks 0x65ba74
SizeOfZeroFill 0
Characteristics IMAGE_SCN_ALIGN_8BYTES
Callbacks 0x0043DFC0
0x0051ECC0
0x005FFB60
0x0062C5B0

Load Configuration

Size 0xbc
TimeDateStamp 1970-Jan-01 00:00:00
Version 0.0
GlobalFlagsClear (EMPTY)
GlobalFlagsSet (EMPTY)
CriticalSectionDefaultTimeout 0
DeCommitFreeBlockThreshold 0
DeCommitTotalFreeThreshold 0
LockPrefixTable 0
MaximumAllocationSize 0
VirtualMemoryThreshold 0
ProcessAffinityMask 0
ProcessHeapFlags (EMPTY)
CSDVersion 0
Reserved1 0
EditList 0
SecurityCookie 0x6d1404
SEHandlerTable 0x69e9e4
SEHandlerCount 2075
GuardCFCheckFunctionPointer 6661900
GuardCFDispatchFunctionPointer 0
GuardCFFunctionTable 0
GuardCFFunctionCount 0
GuardFlags (EMPTY)
CodeIntegrity.Flags 0
CodeIntegrity.Catalog 0
CodeIntegrity.CatalogOffset 0
CodeIntegrity.Reserved 0
GuardAddressTakenIatEntryTable 0
GuardAddressTakenIatEntryCount 0
GuardLongJumpTargetTable 0
GuardLongJumpTargetCount 0

RICH Header

XOR Key 0xbb2b9fdc
Unmarked objects 0
241 (40116) 27
243 (40116) 181
242 (40116) 34
Imports (27412) 2
C++ objects (VS2015 UPD3.1 build 24215) 33
253 (28518) 2
C objects (30034) 20
ASM objects (30034) 27
C++ objects (30034) 100
C objects (65501) 1
208 (65501) 1
C++ objects (30146) 133
Unmarked objects (#2) 341
Imports (VS2015 UPD3.1 build 24215) 2
C++ objects (LTCG) (VS2019 Update 11 (16.11.10) compiler 30140) 329
Imports (65501) 28
Imports (27045) 3
Total imports 629
C++ objects (VS2019 Update 11 (16.11.10) compiler 30140) 27
Exports (VS2019 Update 11 (16.11.10) compiler 30140) 1
Resource objects (VS2019 Update 11 (16.11.10) compiler 30140) 1
Linker (VS2019 Update 11 (16.11.10) compiler 30140) 1

Errors

<-- -->