Manalyze report for facf78d474b66ed821288db41fa6ad8a7b6f30650eb12127cb3e9a3cc6146116

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2022-Feb-25 17:30:48
Detected languages	English - United States
Debug artifacts	C:\j\msdk\build\Khronos-Tools\repo\build\vulkaninfo\RelWithDebInfo\vulkaninfo.pdb
FileDescription	Vulkan Loader
FileVersion	`1.3.204.1`
LegalCopyright	Copyright (C) 2015-2021
ProductName	Vulkan Runtime
ProductVersion	`1.3.204.1`

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Info	Interesting strings found in the binary:	`Contains domain names: https://schema.khronos.org https://schema.khronos.org/vulkan/devsim_1_0_0.json# https://schema.khronos.org/vulkan/devsim_VK_KHR_portability_subset-provisional-1.json# https://vulkan.lunarg.com https://vulkan.lunarg.com/img/bg-starfield.jpg khronos.org lunarg.com schema.khronos.org vulkan.lunarg.com`
Suspicious	The PE is possibly packed.	`Unusual section name found: .cfguard`
Info	The PE contains common functions which appear in legitimate applications.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryExA LoadLibraryA LoadLibraryExW`
Info	The PE is digitally signed.	`Signer: Intel Corporation` `Issuer: Sectigo RSA Code Signing CA`
Safe	VirusTotal score: 0/70 (Scanned on 2026-05-11 08:49:05)	`All the AVs think this file is safe.`

Hashes

MD5	`72a8eb805e026accc0a5805847db978f`
SHA1	`a1589326cc3fcd0c64a7c08ca78fe30b3f7ee5cf`
SHA256	`facf78d474b66ed821288db41fa6ad8a7b6f30650eb12127cb3e9a3cc6146116`
SHA3	`1a93f044f6eaa4634d4818f5b5e108a2a2676c6d56940f5040a23c7f39961b37`
SSDeep	`49152:8pojL/+cPZpJGmF+Ml7mbN6ZNjshcYpKkjsVc2ot4+Ej2ED+l3eFq8umM:jZpldnGMkjsVc2ot4+Ej2ED+l3eFqcM`
Imports Hash	`559cb907fe52b806b92168cb50dec34c`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x100`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`10`
TimeDateStamp	2022-Feb-25 17:30:48
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0x164400`
SizeOfInitializedData	`0x79200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0000000000007220 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x1e4000`
SizeOfHeaders	`0x400`
Checksum	`0x1e5223`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_GUARD_CF` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`f5e7b878cce8aff4ae01d4573a6648c3`
SHA1	`889068ef897557b597031c2e18667cd3eb241861`
SHA256	`8a9893db6de4d05a93a4ece6b9ed8c8ec08b5b7155d1c0dcbe63f6a90b1070bc`
SHA3	`9d763a89e47e43d39203a819423442302a7afe536162b91aee20e2a63904ec52`
VirtualSize	`0x1642d3`
VirtualAddress	`0x1000`
SizeOfRawData	`0x164400`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`5.51436`

.rdata

MD5	`3c44532233c788e5a10a067990a05c18`
SHA1	`6ab4840f46daff282b695547fa15b83111555025`
SHA256	`6c644659a783eee6e3b47bb19b8499cd0ef3387b87193cd2b2d0df426dea4c94`
SHA3	`009c5660c91d79902b7f131fbb0aa0da9d745cd6950c5fc0b424d2853699cd8a`
VirtualSize	`0x6085e`
VirtualAddress	`0x166000`
SizeOfRawData	`0x60a00`
PointerToRawData	`0x164800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.56553`

.data

MD5	`98327c5f6afb5347a829b204478b1c2d`
SHA1	`66680e990f711dc736f65497acfd436a921374b6`
SHA256	`e42d39fdf2f728e74e76e752c34cdc980b1fd9d4fa82ffad0b739c54d349880b`
SHA3	`6ef9df5b75a456edee2fe143995a688c25f999c32bf6a76ab4d7a0f5bed6967a`
VirtualSize	`0x5660`
VirtualAddress	`0x1c7000`
SizeOfRawData	`0x2a00`
PointerToRawData	`0x1c5200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.13153`

.pdata

MD5	`efb384f9825e6b3f9e4a104cb5b5c3d3`
SHA1	`67714e51c8b9baad86d186dee1d0e72baabdb760`
SHA256	`849fc42bc047e2378e50e2ae6a1522643b484705a34f1c2724264af5ccf9f0e1`
SHA3	`38947704de773f8cdf949970f116bcd1ce4f0d312728cd3badf6b4e7d3c440eb`
VirtualSize	`0xbf40`
VirtualAddress	`0x1cd000`
SizeOfRawData	`0xc000`
PointerToRawData	`0x1c7c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.79784`

.idata

MD5	`e32e30261c0dd062b717c20d0659a89d`
SHA1	`77ffb10cfe8d3b0fd65f341fde2e1cd4263c4cd9`
SHA256	`cdd3d67b95cddd0fbeaceb2720cf4f2d89216eefaaad1b92dbf4959dbd6251d9`
SHA3	`bf3514ffe8a35f18337dd81276d7b27f2f0ecd6dc32ccaa89a1ba5bce1b94c53`
VirtualSize	`0x1491`
VirtualAddress	`0x1d9000`
SizeOfRawData	`0x1600`
PointerToRawData	`0x1d3c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.68673`

.cfguard

MD5	`aab002a0c6102bebc05e2aaea9031205`
SHA1	`c853a66d0f109f965ec66d2483100cbe1bfae91a`
SHA256	`38cbc8e2f35b225e2cf455c5bb1f961e7fb67891eb5b993e45bc5630229ea351`
SHA3	`c6ad94f7cf90c393633fd6e078e0dbcb5bc23fbbb223317be1681f2ed456138c`
VirtualSize	`0x2218`
VirtualAddress	`0x1db000`
SizeOfRawData	`0x2400`
PointerToRawData	`0x1d5200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.11258`

.tls

MD5	`c573bd7cea296a9c5d230ca6b5aee1a6`
SHA1	`04a0b9fde89c71864acaf5e74689fe4c269bd7a8`
SHA256	`13bde09a110c13b533dc985f3e2c475b6f6bcf514d1a23fce5b784a653548e91`
SHA3	`3679da6860e8ab20485113de9ac22dfe22ddc29d53f14ddc33a648aa98196361`
VirtualSize	`0x309`
VirtualAddress	`0x1de000`
SizeOfRawData	`0x400`
PointerToRawData	`0x1d7600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.0111738`

.00cfg

MD5	`d1d05a97e824467117275fe3d6b32c24`
SHA1	`9125741d37d6e8095e56f5bb3c2489922b72824d`
SHA256	`3546333b505dce059856d1f8221cf5263637b888433b4b9c5d9873d305b25984`
SHA3	`49d8487ec5edb781afd4ad8f5edfa1616c96ad7bc1fdc750e85a69a629f9b0d1`
VirtualSize	`0x11b`
VirtualAddress	`0x1df000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1d7a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.170146`

.rsrc

MD5	`fd73b94518b73db0957ba975aac7ba76`
SHA1	`66ba7c4ba0cda49d63075aca4cdd97e17b28e80d`
SHA256	`f646342a424dcf5dc8bd1e9c6da29fdc30a6dfe283a992835d9403d3466ac8f1`
SHA3	`8f7b7024d5239ad8f2b17d149607182fa3cb2404f012b57ca18be070bcda1fac`
VirtualSize	`0x719`
VirtualAddress	`0x1e0000`
SizeOfRawData	`0x800`
PointerToRawData	`0x1d7c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.67446`

.reloc

MD5	`a3ea7fd0b1c6a840fd62a94c01c8f58b`
SHA1	`f242cc2f98ec5f0c504946200238450c43de5aaf`
SHA256	`3b7f1eb58845b2ee44ebeb0e65c281208bb63cb8d3ab3c2288bad0f4d3b5aa43`
SHA3	`5fd9274f0aa78ddd6d42eb7aae693087c9884d353197d3b9a6e5b0694d798e24`
VirtualSize	`0x27e9`
VirtualAddress	`0x1e1000`
SizeOfRawData	`0x2800`
PointerToRawData	`0x1d8400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`3.30743`

Imports

KERNEL32.dll	`Sleep` `FreeLibrary` `GetModuleHandleA` `GetProcAddress` `LoadLibraryExA` `LoadLibraryA` `GetConsoleScreenBufferInfo` `SetErrorMode` `SetConsoleWindowInfo` `SetConsoleTitleA` `GetConsoleProcessList` `HeapSize` `CreateFileW` `ReadConsoleW` `SetConsoleScreenBufferSize` `GetStdHandle` `WideCharToMultiByte` `FormatMessageW` `EnterCriticalSection` `LeaveCriticalSection` `DeleteCriticalSection` `MultiByteToWideChar` `EncodePointer` `DecodePointer` `SetLastError` `InitializeCriticalSectionAndSpinCount` `CreateEventW` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `GetSystemTimeAsFileTime` `GetTickCount` `GetModuleHandleW` `CompareStringW` `LCMapStringW` `GetLocaleInfoW` `GetStringTypeW` `GetCPInfo` `CloseHandle` `SetEvent` `ResetEvent` `WaitForSingleObjectEx` `RtlCaptureContext` `RtlLookupFunctionEntry` `RtlVirtualUnwind` `IsDebuggerPresent` `UnhandledExceptionFilter` `SetUnhandledExceptionFilter` `GetStartupInfoW` `IsProcessorFeaturePresent` `GetCurrentProcess` `TerminateProcess` `QueryPerformanceCounter` `GetCurrentProcessId` `GetCurrentThreadId` `InitializeSListHead` `RtlPcToFileHeader` `RaiseException` `RtlUnwindEx` `GetLastError` `LoadLibraryExW` `InterlockedPushEntrySList` `InterlockedFlushSList` `HeapAlloc` `HeapFree` `HeapReAlloc` `ExitProcess` `GetModuleHandleExW` `GetModuleFileNameA` `GetModuleFileNameW` `WriteFile` `GetCommandLineA` `GetCommandLineW` `GetACP` `GetCurrentThread` `SetConsoleCtrlHandler` `GetDateFormatW` `GetTimeFormatW` `IsValidLocale` `GetUserDefaultLCID` `EnumSystemLocalesW` `GetFileType` `FlushFileBuffers` `GetConsoleCP` `GetConsoleMode` `ReadFile` `SetFilePointerEx` `GetProcessHeap` `GetTimeZoneInformation` `FindClose` `FindFirstFileExA` `FindFirstFileExW` `FindNextFileA` `FindNextFileW` `IsValidCodePage` `GetOEMCP` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetEnvironmentVariableA` `SetEnvironmentVariableW` `OutputDebugStringA` `OutputDebugStringW` `SetStdHandle` `WriteConsoleW` `SetEndOfFile`
USER32.dll	`LoadCursorA` `MonitorFromWindow`
GDI32.dll	`GetStockObject`

Delayed Imports

1

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x220`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.38275`
MD5	`76cb2229f011c9c80fa9e58424c35800`
SHA1	`053fe6897ab4dc31e2eab3fcde1abb38cd558146`
SHA256	`b9b2e39074cfd3b7888201452ac83e33c76c75694e26c4b4dc20c3624c5d43fd`
SHA3	`c5a18bc09b583775a272868afbb5b8c79f05f0394afa9a3fa6a6b50c5af3507e`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	1.3.204.1
ProductVersion	1.3.204.1
FileFlags	`(EMPTY)`
FileOs	`(EMPTY)`
FileType	`VFT_DLL`
Language	English - United States
FileDescription	Vulkan Loader
FileVersion (#2)	1.3.204.1
LegalCopyright	Copyright (C) 2015-2021
ProductName	Vulkan Runtime
ProductVersion (#2)	1.3.204.1

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2022-Feb-25 17:30:48
Version	`0.0`
SizeofData	`106`
AddressOfRawData	`0x19af70`
PointerToRawData	`0x199770`
Referenced File	C:\j\msdk\build\Khronos-Tools\repo\build\vulkaninfo\RelWithDebInfo\vulkaninfo.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2022-Feb-25 17:30:48
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x19afdc`
PointerToRawData	`0x1997dc`

TLS Callbacks

StartAddressOfRawData	`0x1401de000`
EndAddressOfRawData	`0x1401de208`
AddressOfIndex	`0x1401ca528`
AddressOfCallbacks	`0x140166b70`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x94`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1401c70a0`
GuardCFCheckFunctionPointer	`5370671104`
GuardCFDispatchFunctionPointer	`0`
GuardCFFunctionTable	`0`
GuardCFFunctionCount	`0`
GuardFlags	`(EMPTY)`
CodeIntegrity.Flags	`0`
CodeIntegrity.Catalog	`0`
CodeIntegrity.CatalogOffset	`0`
CodeIntegrity.Reserved	`0`
GuardAddressTakenIatEntryTable	`0`
GuardAddressTakenIatEntryCount	`0`
GuardLongJumpTargetTable	`0`
GuardLongJumpTargetCount	`0`

RICH Header

XOR Key	`0x441c48ce`
Unmarked objects	`0`
C objects (23917)	`25`
ASM objects (23917)	`11`
C++ objects (23917)	`150`
ASM objects (VS2015 UPD3 build 24123)	`8`
C++ objects (VS2015 UPD3 build 24123)	`60`
C objects (VS2015 UPD3 build 24123)	`36`
Imports (23917)	`7`
Total imports	`109`
C++ objects (VS2015 UPD3.1 build 24215)	`1`
Resource objects (VS2015 UPD3 build 24210)	`1`
151	`1`
Linker (VS2015 UPD3.1 build 24215)	`1`

Errors

Leave a comment

No comments yet.