Manalyze report for 4558598b95e815e59a1325c36cdbd5f20be64d85a8757ec2b8b3277364718fe0

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2026-Feb-16 11:22:02
Detected languages	English - United States

Plugin Output

Suspicious	The PE is possibly packed.	`Unusual section name found: npdfhlts` `Unusual section name found: gltiqoga` `Unusual section name found: wknczixg` `Section wknczixg is both writable and executable.` `Unusual section name found: wipfjjpz` `Unusual section name found: ojolffne` `Unusual section name found: pbovxsys` `Unusual section name found: iwwidvbp`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress` `Possibly launches other programs: ShellExecuteA` `Leverages the raw socket API to access the Internet: closesocket`
Malicious	VirusTotal score: 41/69 (Scanned on 2026-06-17 13:56:14)	`APEX: Malicious` `AVG: Win32:MalwareX-gen [Misc]` `AhnLab-V3: Trojan/Win.Generic.R729604` `Alibaba: Packed:Win32/VMProtect.55f62a44` `Antiy-AVL: GrayWare/Win32.Wacapew` `Avast: Win32:MalwareX-gen [Misc]` `Avira: TR/W32.Agent` `Bkav: W32.Malware.B3E11445` `CAT-QuickHeal: Trojan.Multi` `CTX: exe.trojan.kepavll` `CrowdStrike: win/malicious_confidence_100% (D)` `Cylance: Unsafe` `Cynet: Malicious (score: 99)` `DeepInstinct: MALICIOUS` `ESET-NOD32: Win32/Packed.VMProtect.AU suspicious application` `Elastic: malicious (high confidence)` `F-Secure: Trojan.TR/W32.Agent` `Fortinet: Riskware/Application` `GData: Win32.Trojan.Agent.JJTUZ7` `Google: Detected` `K7AntiVirus: Unwanted-Program ( 005cf7031 )` `K7GW: Unwanted-Program ( 005cf7031 )` `Kaspersky: UDS:DangerousObject.Multi.Generic` `Kingsoft: Win32.Troj.Unknown.a` `Lionic: Trojan.Win32.Kepavll.4!c` `Malwarebytes: Malware.AI.4283120113` `MaxSecure: Trojan.Malware.585798656.susgen` `Microsoft: Trojan:Win32/Kepavll!rfn` `NANO-Antivirus: Virus.Win32.Gen.ccmw` `Paloalto: generic.ml` `Sangfor: Trojan.Win32.Save.a` `SentinelOne: Static AI - Malicious PE` `Skyhigh: Artemis` `Sophos: Mal/Generic-S` `TrellixENS: Artemis!7815F27B30F4` `TrendMicro: Trojan.Win32.ZYX.USBLEN26` `TrendMicro-HouseCall: Trojan.Win32.ZYX.USBLEN26` `VBA32: Trojan.Kepavll` `Varist: W32/ABTrojan.IIBZ-3334` `alibabacloud: Software:Win/Kepavll.Gen` `tehtris: Generic.Malware`

Hashes

MD5	`7815f27b30f49730a24e974d1ebb40c8`
SHA1	`83beaf51e1d72f3d955f915989afee52329c5a71`
SHA256	`4558598b95e815e59a1325c36cdbd5f20be64d85a8757ec2b8b3277364718fe0`
SHA3	`9f725f9059e4e3b25095c80cdc1cf361a68400eb5d0ae1ebe176b153950a42ee`
SSDeep	`393216:8WsOe0PnvOdyI22gDL6yL6HAa1karwbFAbLiCOZxeJv6:o2vJRBZaq1bFOo06`
Imports Hash	`52bfb3f91ccbd27bb1cd7e0e36514d45`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`7`
TimeDateStamp	2026-Feb-16 11:22:02
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0xfc800`
SizeOfInitializedData	`0x39ba00`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x026E6DA0 (Section: pbovxsys)`
BaseOfCode	`0x1000`
BaseOfData	`0xfe000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x2714000`
SizeOfHeaders	`0x400`
Checksum	`0x1384c56`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

npdfhlts

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0xfc74f`
VirtualAddress	`0x1000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`

gltiqoga

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x13ace8`
VirtualAddress	`0xfe000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`

wknczixg

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x2594d0`
VirtualAddress	`0x239000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

wipfjjpz

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0xf04ecc`
VirtualAddress	`0x493000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`

ojolffne

MD5	`e642778b0ad94318842de60913e2c8c3`
SHA1	`c0b8b0c99b900eabe5b369186ce93e37f43be19f`
SHA256	`9ae1e7de564219965f82717d7f445e8ae107c0c7e4d1a05a9cad5203dd3e2ed7`
SHA3	`664399b417f77ae24320a57e49010d863bf4991ab877fc4cc5add45d20ee266e`
VirtualSize	`0x7ac`
VirtualAddress	`0x1398000`
SizeOfRawData	`0x800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.59491`

pbovxsys

MD5	`29a97c10b972ce733f7e81a4893e574e`
SHA1	`1ea74f33c20617f2185ec979e861f770e5182baf`
SHA256	`a9b180b3c75322232fcd65e3f7c8eaed835757bcfa71f90486d7725be611d58b`
SHA3	`18d1ff088c03d851fe4c0020f1e7c9d6c166c38e6dd8a67fc579929c57d4448c`
VirtualSize	`0x13799b0`
VirtualAddress	`0x1399000`
SizeOfRawData	`0x1379a00`
PointerToRawData	`0xc00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.99655`

iwwidvbp

MD5	`68e249e137ec9d107662981bfdb9c821`
SHA1	`bf41843c15dd2c54e44e51045a96bddd0c1d8a48`
SHA256	`6d828c34478781bf48338bad35134a6f3f5d1803e1ac7d0b0bbcd281a8e0e2c5`
SHA3	`a1474e8bdc4c70f1238cbfc53d7250944f7b656e25a25fa3d130204de79c238b`
VirtualSize	`0x1e0`
VirtualAddress	`0x2713000`
SizeOfRawData	`0x200`
PointerToRawData	`0x137a600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.77451`

Imports

WS2_32.dll	`closesocket`
KERNEL32.dll	`ExitThread`
USER32.dll	`FindWindowExA`
ADVAPI32.dll	`CloseServiceHandle`
SHELL32.dll	`ShellExecuteA`
ole32.dll	`CoInitialize`
OLEAUT32.dll	`SysFreeString`
IPHLPAPI.DLL	`GetIpNetTable`
ntdll.dll	`RtlInitUnicodeString`
dxgi.dll	`CreateDXGIFactory`
snmpapi.dll	`SnmpUtilMemAlloc`
SETUPAPI.dll	`SetupDiGetClassDevsA`
d3d9.dll	`Direct3DCreate9`
d3dx9_43.dll	`D3DXCreateTextureFromFileInMemory`
IMM32.dll	`ImmSetCompositionWindow`
KERNEL32.dll (#2)	`ExitThread`
USER32.dll (#2)	`FindWindowExA`
KERNEL32.dll (#3)	`ExitThread`

Delayed Imports

??0Assembler@asmjit@@QAE@PAURuntime@1@@Z

Ordinal	`1`
Address	`0xa2e40`

??0CodeGen@asmjit@@QAE@PAURuntime@1@@Z

Ordinal	`2`
Address	`0xba870`

??0HostRuntime@asmjit@@QAE@XZ

Ordinal	`3`
Address	`0xbacd0`

??0JitRuntime@asmjit@@QAE@XZ

Ordinal	`4`
Address	`0xbad00`

??0Runtime@asmjit@@QAE@XZ

Ordinal	`5`
Address	`0xbad70`

??0StaticRuntime@asmjit@@QAE@PAXI@Z

Ordinal	`6`
Address	`0xbadd0`

??0VMemMgr@asmjit@@QAE@PAX@Z

Ordinal	`7`
Address	`0xb5490`

??0X86Assembler@asmjit@@QAE@PAURuntime@1@I@Z

Ordinal	`8`
Address	`0xcb480`

??0Zone@asmjit@@QAE@I@Z

Ordinal	`9`
Address	`0xba470`

??1Assembler@asmjit@@UAE@XZ

Ordinal	`10`
Address	`0xa2f80`

??1CodeGen@asmjit@@UAE@XZ

Ordinal	`11`
Address	`0xba910`

??1HostRuntime@asmjit@@UAE@XZ

Ordinal	`12`
Address	`0xbae10`

??1JitRuntime@asmjit@@UAE@XZ

Ordinal	`13`
Address	`0xbae30`

??1Runtime@asmjit@@UAE@XZ

Ordinal	`14`
Address	`0xbae60`

??1StaticRuntime@asmjit@@UAE@XZ

Ordinal	`15`
Address	`0xbae80`

??1VMemMgr@asmjit@@QAE@XZ

Ordinal	`16`
Address	`0xb5560`

??1X86Assembler@asmjit@@UAE@XZ

Ordinal	`17`
Address	`0xcb5e0`

??1Zone@asmjit@@QAE@XZ

Ordinal	`18`
Address	`0xba4a0`

??_FVMemMgr@asmjit@@QAEXXZ

Ordinal	`19`
Address	`0x90a30`

?_alloc@Zone@asmjit@@QAEPAXI@Z

Ordinal	`20`
Address	`0xba4e0`

?_emit@X86Assembler@asmjit@@UAEIIABUOperand@2@000@Z

Ordinal	`21`
Address	`0xcb6a0`

?_grow@Assembler@asmjit@@QAEII@Z

Ordinal	`22`
Address	`0xa3120`

?_grow@PodVectorBase@asmjit@@IAEIII@Z

Ordinal	`23`
Address	`0xbab00`

?_newLabel@Assembler@asmjit@@QAEIPAULabel@2@@Z

Ordinal	`24`
Address	`0xa31f0`

?_newLabelLink@Assembler@asmjit@@QAEPAULabelLink@2@XZ

Ordinal	`25`
Address	`0xa3270`

?_nullData@PodVectorBase@asmjit@@2UPodVectorData@2@B

Ordinal	`26`
Address	`0x107c60`

?_registerIndexedLabels@Assembler@asmjit@@QAEII@Z

Ordinal	`27`
Address	`0xa32f0`

?_relocCode@X86Assembler@asmjit@@UBEIPAX_K@Z

Ordinal	`28`
Address	`0xcb720`

?_reserve@Assembler@asmjit@@QAEII@Z

Ordinal	`29`
Address	`0xa3380`

?_reserve@PodVectorBase@asmjit@@IAEIII@Z

Ordinal	`30`
Address	`0xbabd0`

?_x86CondToCmovcc@asmjit@@3QBIB

Ordinal	`31`
Address	`0x10bd00`

?_x86CondToJcc@asmjit@@3QBIB

Ordinal	`32`
Address	`0x10bd50`

?_x86CondToSetcc@asmjit@@3QBIB

Ordinal	`33`
Address	`0x10bda0`

?_x86InstExtendedInfo@asmjit@@3QBUX86InstExtendedInfo@1@B

Ordinal	`34`
Address	`0x108110`

?_x86InstInfo@asmjit@@3QBUX86InstInfo@1@B

Ordinal	`35`
Address	`0x109b80`

?_x86ReverseCond@asmjit@@3QBIB

Ordinal	`36`
Address	`0x10bcb0`

?add@JitRuntime@asmjit@@UAEIPAPAXPAUAssembler@2@@Z

Ordinal	`37`
Address	`0xbb120`

?add@StaticRuntime@asmjit@@UAEIPAPAXPAUAssembler@2@@Z

Ordinal	`38`
Address	`0xbb1f0`

?align@X86Assembler@asmjit@@UAEIII@Z

Ordinal	`39`
Address	`0xcb980`

?alloc@VMemMgr@asmjit@@QAEPAXII@Z

Ordinal	`40`
Address	`0xb56a0`

?alloc@VMemUtil@asmjit@@SAPAXIPAII@Z

Ordinal	`41`
Address	`0xb56e0`

?allocProcessMemory@VMemUtil@asmjit@@SAPAXPAXIPAII@Z

Ordinal	`42`
Address	`0xb5700`

?allocZeroed@Zone@asmjit@@QAEPAXI@Z

Ordinal	`43`
Address	`0xba5f0`

?bind@Assembler@asmjit@@UAEIABULabel@2@@Z

Ordinal	`44`
Address	`0xa3500`

?callCpuId@X86CpuUtil@asmjit@@SAXIIPATX86CpuId@2@@Z

Ordinal	`45`
Address	`0xceb40`

?detect@X86CpuUtil@asmjit@@SAXPAUX86CpuInfo@2@@Z

Ordinal	`46`
Address	`0xceb80`

?detectHwThreadsCount@CpuInfo@asmjit@@SAIXZ

Ordinal	`47`
Address	`0xce140`

?dup@Zone@asmjit@@QAEPAXPBXI@Z

Ordinal	`48`
Address	`0xba630`

?embed@Assembler@asmjit@@UAEIPBXI@Z

Ordinal	`49`
Address	`0xa3690`

?embedLabel@X86Assembler@asmjit@@QAEIABULabel@2@@Z

Ordinal	`50`
Address	`0xcbdf0`

?emit@Assembler@asmjit@@QAEII@Z

Ordinal	`51`
Address	`0xa3710`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@00@Z

Ordinal	`52`
Address	`0xa3750`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@00H@Z

Ordinal	`53`
Address	`0xa3790`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@00_K@Z

Ordinal	`54`
Address	`0xa37e0`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@0@Z

Ordinal	`55`
Address	`0xa3830`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@0H@Z

Ordinal	`56`
Address	`0xa3870`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@0_K@Z

Ordinal	`57`
Address	`0xa38c0`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@@Z

Ordinal	`58`
Address	`0xa3910`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@H@Z

Ordinal	`59`
Address	`0xa3950`

?emit@Assembler@asmjit@@QAEIIABUOperand@2@_K@Z

Ordinal	`60`
Address	`0xa39a0`

?emit@Assembler@asmjit@@QAEIIH@Z

Ordinal	`61`
Address	`0xa39f0`

?emit@Assembler@asmjit@@QAEII_K@Z

Ordinal	`62`
Address	`0xa3a40`

?flush@HostRuntime@asmjit@@UAEXPAXI@Z

Ordinal	`63`
Address	`0x88190`

?getCpuInfo@HostRuntime@asmjit@@UAEPBUCpuInfo@2@XZ

Ordinal	`64`
Address	`0xbb300`

?getHost@CpuInfo@asmjit@@SAPBU12@XZ

Ordinal	`65`
Address	`0xce160`

?getPageGranularity@VMemUtil@asmjit@@SAIXZ

Ordinal	`66`
Address	`0xb5880`

?getPageSize@VMemUtil@asmjit@@SAIXZ

Ordinal	`67`
Address	`0xb58a0`

?getStackAlignment@HostRuntime@asmjit@@UAEIXZ

Ordinal	`68`
Address	`0xbb310`

?make@Assembler@asmjit@@UAEPAXXZ

Ordinal	`69`
Address	`0xa3bc0`

?noOperand@asmjit@@3UOperand@1@B

Ordinal	`70`
Address	`0x107c68`

?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KABUX86Reg@2@IHI@Z

Ordinal	`71`
Address	`0xbb420`

?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KHI@Z

Ordinal	`72`
Address	`0xbb4d0`

?release@JitRuntime@asmjit@@UAEIPAX@Z

Ordinal	`73`
Address	`0xbb330`

?release@StaticRuntime@asmjit@@UAEIPAX@Z

Ordinal	`74`
Address	`0xbb360`

?release@VMemMgr@asmjit@@QAEIPAX@Z

Ordinal	`75`
Address	`0xb5a40`

?release@VMemUtil@asmjit@@SAIPAXI@Z

Ordinal	`76`
Address	`0xb5ce0`

?releaseProcessMemory@VMemUtil@asmjit@@SAIPAX0I@Z

Ordinal	`77`
Address	`0xb5d00`

?relocCode@Assembler@asmjit@@QBEIPAX_K@Z

Ordinal	`78`
Address	`0xa3c30`

?reset@Assembler@asmjit@@QAEX_N@Z

Ordinal	`79`
Address	`0xa3cd0`

?reset@PodVectorBase@asmjit@@QAEX_N@Z

Ordinal	`80`
Address	`0xbac80`

?reset@VMemMgr@asmjit@@QAEXXZ

Ordinal	`81`
Address	`0xb5d50`

?reset@Zone@asmjit@@QAEX_N@Z

Ordinal	`82`
Address	`0xba6b0`

?sdup@Zone@asmjit@@QAEPADPBD@Z

Ordinal	`83`
Address	`0xba770`

?setArch@X86Assembler@asmjit@@QAEII@Z

Ordinal	`84`
Address	`0xcc5e0`

?setError@CodeGen@asmjit@@QAEIIPBD@Z

Ordinal	`85`
Address	`0xbaa40`

?setErrorHandler@CodeGen@asmjit@@QAEIPAUErrorHandler@2@@Z

Ordinal	`86`
Address	`0xbaab0`

?sformat@Zone@asmjit@@QAAPADPBDZZ

Ordinal	`87`
Address	`0xba800`

?shrink@VMemMgr@asmjit@@QAEIPAXI@Z

Ordinal	`88`
Address	`0xb5d70`

?x86RegData@asmjit@@3UX86RegData@1@B

Ordinal	`89`
Address	`0x1059a0`

1

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x188`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.89623`
MD5	`b8e76ddb52d0eb41e972599ff3ca431b`
SHA1	`fc12d7ad112ddabfcd8f82f290d84e637a4d62f8`
SHA256	`165c5c883fd4fd36758bcba6baf2faffb77d2f4872ffd5ee918a16f91de5a8a8`
SHA3	`37f83338b28cb102b1b14f27280ba1aa3fffb17f7bf165cb7b675b7e8eb7cddd`

Version Info

TLS Callbacks

Load Configuration

Size	`0xc0`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x639200`
SEHandlerTable	`0x2b124d0`
SEHandlerCount	`311`

RICH Header

Errors

[!] Error: Could not reach the TLS callback table.
[*] Warning: Section npdfhlts has a size of 0!
[*] Warning: Section gltiqoga has a size of 0!
[*] Warning: Section wknczixg has a size of 0!
[*] Warning: Section wipfjjpz has a size of 0!
[*] Warning: 1 invalid export(s) not shown.

Leave a comment

No comments yet.