Manalyze report for 3151d6e0c621c866777317e4a91ac9a774f47d1d5bd2630fca9badd1c3a14d0a

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Jun-10 11:47:32
Detected languages	English - United States
TLS Callbacks	3 callback(s) detected.
CompanyName	Hectra Nonporation
FileDescription	Hectra Bootstrapper
FileVersion	`2.0.0.0`
InternalName	HectraBS
LegalCopyright	Copyright (C) 2026
OriginalFilename	HectraBootstrapper.exe
ProductName	Hectra
ProductVersion	`2.0.0.0`

Plugin Output

Info	Interesting strings found in the binary:	Contains domain names: acutedotcomb.cn breveacutecomb.cn brevegravecomb.cn brevetildecomb.cn circumflexacutecomb.cn circumflexgravecomb.cn circumflexhookcomb.cn circumflextildecomb.cn commaaccentright.cn commaaccentrotate.cn gcc.gnu.org github.com hectra.xyz https://gcc.gnu.org https://gcc.gnu.org/bugs/ https://github.com https://openfontlicense.orgThis https://openfontlicense.orghttps https://rsms.me macrondieresiscomb.cn tildecross.cn tonos.top uni02E5.cn uni02E6.cn uni02E7.cn uni02E8.cn uni02E9.cn
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: GetProcAddress LoadLibraryA LoadLibraryW` `Functions which can be used for anti-debugging purposes: FindWindowW` `Can access the registry: RegCloseKey RegCreateKeyExW RegDeleteKeyW RegSetValueExW` `Possibly launches other programs: CreateProcessW ShellExecuteW` `Can create temporary files: CreateFileW GetTempPathW` `Has Internet access capabilities: WinHttpCloseHandle WinHttpConnect WinHttpOpen WinHttpOpenRequest WinHttpQueryDataAvailable WinHttpQueryHeaders WinHttpReadData WinHttpReceiveResponse WinHttpSendRequest WinHttpSetTimeouts` `Manipulates other processes: OpenProcess` `Can take screenshots: BitBlt CreateCompatibleDC FindWindowW`
Info	The PE is digitally signed.	`Signer: Hectra Nonporation` `Issuer: Hectra Nonporation`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`b37e2e1fdbb4bb77ae9575fe966d927e`
SHA1	`192448842dbe5ef946a0d975676daf946a532522`
SHA256	`3151d6e0c621c866777317e4a91ac9a774f47d1d5bd2630fca9badd1c3a14d0a`
SHA3	`f8f641e5efb1dd03c335d17d09dd3dc67ec4da66b79d8752618da0800af7e261`
SSDeep	`24576:4+a9hzb0xxdTr5TuhGVlT7S+6rX5ecfJ5EW+pTpHg+Iap5PFuuuuPz2iKeRpJ6iU:QhzbeEC2dOpaapTL2iKeRpJ6iar9F5`
Imports Hash	`0a84f39f949bb389bfe3506c44044915`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`9`
TimeDateStamp	2026-Jun-10 11:47:32
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_DEBUG_STRIPPED` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`2.0`
SizeOfCode	`0x109a00`
SizeOfInitializedData	`0x24fc00`
SizeOfUninitializedData	`0xc00`
AddressOfEntryPoint	`0x00001450 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x10b000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x255000`
SizeOfHeaders	`0x400`
Checksum	`0x25ac67`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`15f41525bf13762852bd2f6e555af571`
SHA1	`d1508f39e903dfb5386ce855e63d683c48f46e60`
SHA256	`673731304a90a153d9990cfaf325ec2cdcdcd75b84bfe42d7828fb557681ccc7`
SHA3	`00ccaf5795a3f31d5f04179b158ddc00e165febcb20b0b5492e2cfabda9beeb2`
VirtualSize	`0x109924`
VirtualAddress	`0x1000`
SizeOfRawData	`0x109a00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.35877`

.data

MD5	`f9f3a68f233b8868c3b16caa6bf70e9b`
SHA1	`21840c5b00d6a554216db6e501d30f4216acaaa1`
SHA256	`c17aacebdf762934e4f0a2c68beaedc0272bda5fd704164af3578a22f6fe4e04`
SHA3	`635022cb38e4eb80ca3bfcfa0ac78e07ce58aa65fa0915758b8ea2530bcf0d04`
VirtualSize	`0x18f4`
VirtualAddress	`0x10b000`
SizeOfRawData	`0x1a00`
PointerToRawData	`0x109e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.50304`

.rdata

MD5	`510ce1746eae55552a28582685bf9ebc`
SHA1	`68598e606fe34b23d14495077087c4396241949f`
SHA256	`512b1ca0cd0150a421273b528ed2de51622c7f664ca2a8cdc6eac45b153b784c`
SHA3	`ac426bc0bf75c4e3684a038e3bc551beefbc7f0718f77810ee3373b35e927ec1`
VirtualSize	`0xd4ec`
VirtualAddress	`0x10d000`
SizeOfRawData	`0xd600`
PointerToRawData	`0x10b800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.54257`

.eh_fram

MD5	`9899c60fea31a5a3490019719716d356`
SHA1	`83ddc11e7a7c88f997867deb610f9f64b42e5f3d`
SHA256	`6a3bb9dea795ee6fb586c1e7e489bb66382a2dcbfac4ad8aeb14267d05a19cf8`
SHA3	`3d4ab59cf9f1cec48ed77bfad1b86a9268e2239e42f2183e096715f06d351567`
VirtualSize	`0x448f4`
VirtualAddress	`0x11b000`
SizeOfRawData	`0x44a00`
PointerToRawData	`0x118e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.00983`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0xae4`
VirtualAddress	`0x160000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`b64a739d396d202419286f18623f3378`
SHA1	`68abb1dd7c893437eaf9d20e178b1ddc368eb144`
SHA256	`d64c18cee3283984e87b2f9e4427db9f3e56fd41cd4cf8a0aa8e0a6dab6aa63a`
SHA3	`8be1d559dc4df991a5127494a80e0ddab37baae0711c4dc03a6de0d9ffd4d381`
VirtualSize	`0x1b9c`
VirtualAddress	`0x161000`
SizeOfRawData	`0x1c00`
PointerToRawData	`0x15d800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.4789`

.tls

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x10`
VirtualAddress	`0x163000`
SizeOfRawData	`0x200`
PointerToRawData	`0x15f400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.rsrc

MD5	`372d6fb61f895ff7cc2f149b869f4e6b`
SHA1	`d7e3285ae50428c9c0a8d1a540fa5e7afcfa731a`
SHA256	`c6c35cdb9b930f103eff48d9cf18b0ce231fecc58f05723faacf25705459e9e6`
SHA3	`053267c24e7af0a271d56d2c055554ac56cbfd5dc9b4a2b7c47d10f38272fbc6`
VirtualSize	`0xe8828`
VirtualAddress	`0x164000`
SizeOfRawData	`0xe8828`
PointerToRawData	`0x15f600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.52796`

.reloc

MD5	`ccfb6c5443658356c4e88c5dfb7a71e6`
SHA1	`24947d57b635bf22bb32b1885663bb1953003223`
SHA256	`b2bc0d2db513cfab925de79fb7b5a33e95679b79d5266e65f12a2f2f0d56e023`
SHA3	`23c8a0cc081502c73d3c233b239b9d4e3b00aec7a59f82c7572c6c1f28925175`
VirtualSize	`0x7e98`
VirtualAddress	`0x24d000`
SizeOfRawData	`0x8000`
PointerToRawData	`0x248000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.65896`

Imports

ADVAPI32.dll	`RegCloseKey` `RegCreateKeyExW` `RegDeleteKeyW` `RegDeleteTreeW` `RegSetValueExW`
GDI32.dll	`AddFontMemResourceEx` `BitBlt` `CreateCompatibleBitmap` `CreateCompatibleDC` `CreateFontW` `CreatePen` `CreateSolidBrush` `DeleteDC` `DeleteObject` `GetObjectW` `GetTextExtentPoint32W` `RemoveFontMemResourceEx` `RoundRect` `SelectObject` `SetBkMode` `SetStretchBltMode` `SetTextColor` `StretchBlt` `TextOutW`
KERNEL32.dll	`CloseHandle` `CreateEventA` `CreateFileW` `CreateHardLinkW` `CreateProcessW` `CreateSemaphoreA` `DeleteCriticalSection` `DeleteFileW` `DuplicateHandle` `EnterCriticalSection` `FindClose` `FindFirstFileW` `FindResourceW` `FormatMessageA` `FreeLibrary` `GetCPInfo` `GetCurrentProcess` `GetCurrentProcessId` `GetCurrentThread` `GetCurrentThreadId` `GetDiskFreeSpaceExW` `GetFileAttributesW` `GetFileInformationByHandle` `GetFileType` `GetFullPathNameW` `GetLastError` `GetModuleFileNameA` `GetModuleFileNameW` `GetModuleHandleA` `GetModuleHandleW` `GetProcAddress` `GetProcessAffinityMask` `GetStartupInfoW` `GetSystemTimeAsFileTime` `GetTempPathW` `GetThreadContext` `GetThreadPriority` `GetTickCount64` `GetTickCount` `InitializeCriticalSection` `IsProcessorFeaturePresent` `LeaveCriticalSection` `LoadLibraryA` `LoadLibraryW` `LoadResource` `LocalFree` `LockResource` `MoveFileExW` `MultiByteToWideChar` `OpenProcess` `OutputDebugStringA` `QueryPerformanceCounter` `QueryPerformanceFrequency` `RaiseException` `ReleaseSemaphore` `RemoveDirectoryW` `ResetEvent` `ResumeThread` `SetEndOfFile` `SetEvent` `SetFilePointer` `SetLastError` `SetProcessAffinityMask` `SetThreadContext` `SetThreadPriority` `SetUnhandledExceptionFilter` `SizeofResource` `Sleep` `SuspendThread` `TerminateProcess` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TryEnterCriticalSection` `VirtualProtect` `VirtualQuery` `WaitForMultipleObjects` `WaitForSingleObject` `WideCharToMultiByte`
msvcrt.dll	`__lc_codepage` `__p__iob` `__p___mb_cur_max` `__p___winitenv` `__p__commode` `__p__fmode` `__p__wcmdln` `__set_app_type` `__setusermatherr` `__wgetmainargs` `_amsg_exit` `_assert` `_beginthreadex` `_cexit` `_close` `_endthreadex` `_errno` `_filelengthi64` `_fdopen` `_fileno` `_fileno` `_findclose` `_fstati64` `_get_osfhandle` `_initterm` `_lseeki64` `_lseeki64` `_read` `_setjmp3` `_setmode` `_stat` `_strdup` `_telli64` `_utime` `_vsnprintf` `_wchdir` `_wchmod` `_wfindnext` `_wfindfirst` `_wfopen` `_wfullpath` `_wgetcwd` `_wmkdir` `_wopen` `_wstat` `_write` `_wutime` `abort` `atexit` `calloc` `exit` `fclose` `fflush` `fgetpos` `fopen` `fputc` `fputs` `free` `fprintf` `fread` `freopen` `fsetpos` `fwrite` `getenv` `localtime` `iswctype` `localeconv` `longjmp` `malloc` `memchr` `memcmp` `memcpy` `memmove` `memset` `mktime` `setlocale` `realloc` `remove` `setvbuf` `signal` `strchr` `strcmp` `strcoll` `strerror` `strftime` `strlen` `strncmp` `strtoul` `strxfrm` `time` `towlower` `towupper` `vfprintf` `wcscat` `wcscmp` `wcscoll` `wcscpy` `wcscpy_s` `wcsftime` `wcslen` `wcsxfrm`
SHELL32.dll	`CommandLineToArgvW` `SHChangeNotify` `SHGetFolderPathW` `ShellExecuteW`
USER32.dll	`BeginPaint` `CreateWindowExW` `DefWindowProcW` `DestroyIcon` `DestroyWindow` `DispatchMessageW` `DrawIconEx` `DrawTextW` `EnableWindow` `EndPaint` `FillRect` `FindWindowW` `GetClientRect` `GetMessageW` `GetSystemMetrics` `InvalidateRect` `IsWindow` `LoadCursorW` `LoadImageW` `MessageBeep` `PostQuitMessage` `PtInRect` `RegisterClassExW` `SetCursor` `SetForegroundWindow` `SetTimer` `SetWindowLongW` `ShowWindow` `TranslateMessage`
WINHTTP.dll	`WinHttpCloseHandle` `WinHttpConnect` `WinHttpOpen` `WinHttpOpenRequest` `WinHttpQueryDataAvailable` `WinHttpQueryHeaders` `WinHttpReadData` `WinHttpReceiveResponse` `WinHttpSendRequest` `WinHttpSetTimeouts`

Delayed Imports

102

Type	`RT_BITMAP`
Language	English - United States
Codepage	UNKNOWN
Size	`0xe52a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.26356`
MD5	`71246d564748d35895bc14e507400923`
SHA1	`00e3a8ca112b41e9fa22f5f646230b2d662c0d30`
SHA256	`f71a3c275510609d12005e7ad75bf315af722cf19db498f3312924a915b53600`
SHA3	`10b0893475f6079c536b57f9a15fcd25d53e179c70cb19ae91467fefc4faeb62`
Preview

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xdfe`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.88905`
Detected Filetype	PNG graphic file
MD5	`dadea5a2f2abd5ba6d73dd6a2df53ad1`
SHA1	`760d8b951a736b249975ae1d22de293f99271704`
SHA256	`6c7149857d20253ae7ffaa5be4e343c04b083c186080a789e972ca9b1ce107b2`
SHA3	`e43ed5659376342033148b79d833768f69f3a8ddf9178b4e06f3048556db896b`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2c45`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.85548`
Detected Filetype	PNG graphic file
MD5	`d5766998b67e1e98461c922211f943a3`
SHA1	`5b5bc15338ec0ed171cb26aade001afbf6334a76`
SHA256	`f9a33a5b78a69220377cc8628d620cfa38bcd29e97e05e0c98da096625bef635`
SHA3	`a4466676f345ad376a2d7c27a2d9976a1858ea8a15a9e09464178cdc9ce7d7b1`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x58c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`7.8262`
Detected Filetype	PNG graphic file
MD5	`8d636c843d63729dc325795dce1d4501`
SHA1	`f6a825d5a469231d0204d28eaf179c81439b39a4`
SHA256	`6eac4b895ceb056fc5bed1774e1658c1677f18d0352c2c47d4e8fe3cd06c0db4`
SHA3	`e170eff7c30658cc087e4bf6d05d8161a56c59e4b89ebf6b85c8920bf85cb136`

104

Type	`RT_RCDATA`
Language	English - United States
Codepage	UNKNOWN
Size	`0xd58d4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.41333`
Detected Filetype	TrueType font file
MD5	`0a77e23a8fdbe6caefd53cb04c26fabc`
SHA1	`ee5c2e22ffeddefc433c9aa4c76779bb73a5c682`
SHA256	`0be2399ea925f1f83ff974764761da9860ec50742ed29a5d4c1ffd0c5c7ac3a8`
SHA3	`a525897bcf2722791cb53c7691ecb2c0b268139c58b46d758f26755d9c10e3b5`

101

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`29329be3dd40e39bce7b68b3d96306bc`
SHA1	`bb29ffff935690644e467b9bf0b4a4781277446c`
SHA256	`75ab1349cebb37c1b2f71306e50118b9a59bb36c9054fb64ca01a8ed00046086`
SHA3	`2787af3454afec3844b0e6835276787ddbbd31212144755f22c8136923a86c39`

103

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.6789`
Detected Filetype	Icon file
MD5	`ce06ac79f5b852e836596e22e1c5c091`
SHA1	`3a89bcd1a46ab2739fb80028c09fd2a808fc8812`
SHA256	`dee6ac9bff3d67acca4c6743404f073bb512545a2da26d564ff17be1d98b1392`
SHA3	`f1cc5549ca813f82abbac69f90f92372e3fdbc574ebfd8aa1f1a470684d8789f`

105

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.94375`
Detected Filetype	Icon file
MD5	`fecfd8b7744aabfd9d2e60451ee590ab`
SHA1	`81a5766645300ee54451075778b8c29fac00025d`
SHA256	`aca8d619c075a59ab538bfb739817ff07b60254b66ae36018c8b81eea17d7e0d`
SHA3	`3193e7433b717623b5f312d03322aaa3f44eee20abb8e6d201420fa8f08a067e`

1 (#2)

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e0`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.28509`
MD5	`bfbb0672eff8740e2338710d48f33797`
SHA1	`b61834d9432ec7d6a84b7c6349e3aba00bc4c428`
SHA256	`192cd4cf47636989ea09e986ed24877d01c9374886ef3ea9f582629f09cc1081`
SHA3	`81caa1896192808823eedb0531753b4ca798bd524a34ff1a213fa3837ae1bbdd`

1 (#3)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x48f`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.13793`
MD5	`5aa04ce935e78505e230765e85c34355`
SHA1	`6c93b8c5fde8be4b2231dca6b8ec513cdc82c991`
SHA256	`a73f26a8d504043f785d7360e8febf2eeb8522ec873a0d4dd5d1d4bfd1e67d3d`
SHA3	`149467cafc03ba34b33cd8076fc2771413760822357952de205dbae2b5cb8059`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	2.0.0.0
ProductVersion	2.0.0.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Hectra Nonporation
FileDescription	Hectra Bootstrapper
FileVersion (#2)	2.0.0.0
InternalName	HectraBS
LegalCopyright	Copyright (C) 2026
OriginalFilename	HectraBootstrapper.exe
ProductName	Hectra
ProductVersion (#2)	2.0.0.0

Resource LangID	English - United States

TLS Callbacks

StartAddressOfRawData	`0x563000`
EndAddressOfRawData	`0x56300c`
AddressOfIndex	`0x560054`
AddressOfCallbacks	`0x51a4d4`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`0x0040DA60` `0x0040DA20` `0x004231D0`

Load Configuration

RICH Header

Errors

[*] Warning: Section .bss has a size of 0!

Leave a comment

No comments yet.