Manalyze report for 8995548dfffcde7c49987029c764355612ba6850ee09a7b6f0fddc85bdc5c280

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2024-Mar-22 22:14:43
Detected languages	English - United States
Debug artifacts	C:\agent\_work\36\s\wix\build\ship\x86\burn.pdb
CompanyName	Microsoft Corporation
FileDescription	Microsoft Visual C++ v14 Redistributable (x64) - 14.50.35719
FileVersion	`14.50.35719.0`
InternalName	setup
LegalCopyright	Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename	VC_redist.x64.exe
ProductName	Microsoft Visual C++ v14 Redistributable (x64) - 14.50.35719
ProductVersion	`14.50.35719.0`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0`
Suspicious	Strings found in the binary may indicate undesirable behavior:	`May have dropper capabilities: CurrentVersion\Run` `References the BITS service` Contains domain names: appsyndication.org crl.microsoft.com http://appsyndication.org http://crl.microsoft.com http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl0 http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl0Z http://www.microsoft.com http://www.microsoft.com/pki/certs/MicRooCerAut2011_2011_03_22.crt0 http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt0 http://www.microsoft.com/pkiops/Docs/Repository.htm0 http://www.microsoft.com/pkiops/certs/MicCodSigPCA2011_2011-07-08.crt0 http://www.microsoft.com/pkiops/certs/Microsoft%20Time-Stamp%20PCA%202010 http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl0a http://www.microsoft.com/pkiops/crl/Microsoft%20Time-Stamp%20PCA%202010 http://www.microsoft.com/pkiops/docs/primarycps.htm0 http://www.microsoft.com0 microsoft.com www.microsoft.com
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA256` `Microsoft's Cryptography API`
Suspicious	The PE is possibly packed.	`Unusual section name found: .wixburn`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryW GetProcAddress LoadLibraryExW LoadLibraryExA` `Can access the registry: RegCloseKey RegOpenKeyExW RegCreateKeyExW RegDeleteKeyW RegDeleteValueW RegEnumKeyExW RegEnumValueW RegQueryInfoKeyW RegQueryValueExW RegSetValueExW` `Possibly launches other programs: CreateProcessW` `Uses Microsoft's cryptographic API: CryptDestroyHash CryptHashData CryptCreateHash CryptGetHashParam CryptReleaseContext CryptAcquireContextW` `Can create temporary files: CreateFileW CreateFileA GetTempPathW` `Memory manipulation functions often used by packers: VirtualAlloc VirtualProtect` `Functions related to the privilege level: OpenProcessToken AdjustTokenPrivileges CheckTokenMembership` `Interacts with services: ChangeServiceConfigW ControlService OpenSCManagerW OpenServiceW QueryServiceStatus QueryServiceConfigW` `Manipulates other processes: OpenProcess` `Changes object ACLs: SetNamedSecurityInfoW` `Can shut the system down or lock the screen: InitiateSystemShutdownExW`
Info	The PE is digitally signed.	`Signer: Microsoft Corporation` `Issuer: Microsoft Code Signing PCA 2011`
Safe	VirusTotal score: 0/72 (Scanned on 2026-03-02 18:41:25)	`All the AVs think this file is safe.`

Hashes

MD5	`23985a8a66ae306aedf0a9feb1a3d14b`
SHA1	`7ee9442ceaeef605ea66849f042b8410433c988d`
SHA256	`8995548dfffcde7c49987029c764355612ba6850ee09a7b6f0fddc85bdc5c280`
SHA3	`520b6ba83a9c0a641300a57a52d1a8aa0cfe9b48aad3d60fb6780a8048b2f702`
SSDeep	`393216:Sr3bJsxx3E2DiCLwmQQp5MTFarWznCY1LHRqLJ:S3mx3D585AI+WDCYZHRw`
Imports Hash	`33cab3b7853667471cd89d232111c989`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`6`
TimeDateStamp	2024-Mar-22 22:14:43
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_NET_RUN_FROM_SWAP` `IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP`

Image Optional Header

Magic	`PE32`
LinkerVersion	`14.0`
SizeOfCode	`0x4cc00`
SizeOfInitializedData	`0x28200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000302E5 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x4e000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0x79000`
SizeOfHeaders	`0x400`
Checksum	`0x11bdcb8`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`6815c282e1bc693149a4065a4b552600`
SHA1	`f72d17bd5f75e57814d3de919da7643e94bf4ed5`
SHA256	`019a361584a623ff0913076b7c1a18a7ea96a2accb9a4fc047d3ff125532f7c0`
SHA3	`27eb8678a6d7874fca97c14071d77786315a598b99c3c89c58cf01473fefa15c`
VirtualSize	`0x4ca3e`
VirtualAddress	`0x1000`
SizeOfRawData	`0x4cc00`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.57514`

.rdata

MD5	`b06ec0f7aec92ec457d68a2887bdc39f`
SHA1	`e1d148181afad663393a0c69efd9c6420457de35`
SHA256	`64898a41015afbc90489e9d64246597b6c79711af9b2bc62a516bda6f1e5e3e0`
SHA3	`6e8092213281f4b80f88a8a6a9dae1e4ff69313146854f97babff87bf8645f77`
VirtualSize	`0x1f626`
VirtualAddress	`0x4e000`
SizeOfRawData	`0x1f800`
PointerToRawData	`0x4d000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.0827`

.data

MD5	`350a688b66a5ddc1ea1d1a0cc2d04020`
SHA1	`57416af4f050b4afd2e25c9817dddbe7522bf80f`
SHA256	`f43f593f071be0b3792255d7181ab05b08d28b920e41393df35e7e1cf923c584`
SHA3	`b2417bc64a849abcee2c15d25a21803da79779d06f1db0cb1711759c5e2ef8da`
VirtualSize	`0x183c`
VirtualAddress	`0x6e000`
SizeOfRawData	`0xc00`
PointerToRawData	`0x6c800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.86904`

.wixburn

MD5	`9c57451105b68ed9ae1c4bc5c42407fc`
SHA1	`6d7787f677637812a7e30af82d72dcd2f9031cc3`
SHA256	`5c007a01f7b1fec751f8488f02577328fe6166cee7b368973cae8fe8b7c57a2e`
SHA3	`3a166ef2b08d286309e5bc2f322ddc7c358d456426939616240fcfaf732234ce`
VirtualSize	`0x38`
VirtualAddress	`0x70000`
SizeOfRawData	`0x200`
PointerToRawData	`0x6d400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`0.729781`

.rsrc

MD5	`ecaba06df3b4b23811f59bbcc49196b5`
SHA1	`f092d9a977460bd76bd1e48310eb20f43733076c`
SHA256	`ea6b3e19d0d44851a40abbd45ffcd2a08df2312c5739eff1ad053ac08dc74164`
SHA3	`7f1c463435a692759c4830335a61bf50f63540e003c7ff3948cc315507c3285a`
VirtualSize	`0x3b3c`
VirtualAddress	`0x71000`
SizeOfRawData	`0x3c00`
PointerToRawData	`0x6d600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.49679`

.reloc

MD5	`ac56ac7d93b473ebe9a2a079106f6056`
SHA1	`a8efbbdb68d9c02e7c1a9e34bead97a1589f4ef1`
SHA256	`3b52dfa9f7ed56492aed4916f521660ecb8152341c15afe3d19a0db2cc2e850c`
SHA3	`44a6b4b0823ac49423677d0387a9cbb7549befbbff511849315abafd87b8bb94`
VirtualSize	`0x3ebc`
VirtualAddress	`0x75000`
SizeOfRawData	`0x4000`
PointerToRawData	`0x71200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`6.74828`

Imports

ADVAPI32.dll	`RegCloseKey` `RegOpenKeyExW` `RegCreateKeyExW` `RegDeleteKeyW` `RegDeleteValueW` `RegEnumKeyExW` `RegEnumValueW` `RegQueryInfoKeyW` `RegQueryValueExW` `RegSetValueExW` `OpenProcessToken` `AdjustTokenPrivileges` `LookupPrivilegeValueW` `InitiateSystemShutdownExW` `GetUserNameW` `CloseEventLog` `OpenEventLogW` `ReportEventW` `ConvertStringSecurityDescriptorToSecurityDescriptorW` `CreateWellKnownSid` `InitializeAcl` `DecryptFileW` `SetEntriesInAclW` `ChangeServiceConfigW` `CloseServiceHandle` `ControlService` `OpenSCManagerW` `OpenServiceW` `QueryServiceStatus` `SetNamedSecurityInfoW` `CheckTokenMembership` `AllocateAndInitializeSid` `SetEntriesInAclA` `SetSecurityDescriptorOwner` `SetSecurityDescriptorGroup` `SetSecurityDescriptorDacl` `InitializeSecurityDescriptor` `GetTokenInformation` `CryptDestroyHash` `CryptHashData` `CryptCreateHash` `CryptGetHashParam` `CryptReleaseContext` `CryptAcquireContextW` `QueryServiceConfigW`
USER32.dll	`PeekMessageW` `PostMessageW` `IsWindow` `WaitForInputIdle` `PostQuitMessage` `GetMessageW` `TranslateMessage` `MsgWaitForMultipleObjects` `PostThreadMessageW` `GetMonitorInfoW` `MonitorFromPoint` `IsDialogMessageW` `LoadCursorW` `LoadBitmapW` `SetWindowLongW` `GetWindowLongW` `GetCursorPos` `MessageBoxW` `CreateWindowExW` `UnregisterClassW` `RegisterClassW` `DefWindowProcW` `DispatchMessageW`
OLEAUT32.dll	`VariantInit` `SysAllocString` `VariantClear` `SysFreeString`
GDI32.dll	`DeleteDC` `DeleteObject` `SelectObject` `StretchBlt` `GetObjectW` `CreateCompatibleDC`
SHELL32.dll	`CommandLineToArgvW` `SHGetFolderPathW` `ShellExecuteExW`
ole32.dll	`CoUninitialize` `CoInitializeEx` `CoInitialize` `StringFromGUID2` `CoCreateInstance` `CoTaskMemFree` `CoInitializeSecurity` `CLSIDFromProgID`
KERNEL32.dll	`GetFileType` `GetStdHandle` `EncodePointer` `InitializeCriticalSectionAndSpinCount` `SetLastError` `RtlUnwind` `CreateFileW` `CloseHandle` `ExitProcess` `CreateFileA` `SetFilePointer` `WriteFile` `GetLastError` `GetCurrentProcessId` `GetSystemDirectoryW` `LoadLibraryW` `lstrlenA` `HeapSetInformation` `GetModuleHandleW` `GetProcAddress` `LocalFree` `SetCurrentDirectoryW` `GetCurrentDirectoryW` `CreateDirectoryW` `DeleteFileW` `FindClose` `FindFirstFileW` `FindNextFileW` `GetFileAttributesW` `GetTempFileNameW` `RemoveDirectoryW` `SetFileAttributesW` `GetTempPathW` `MoveFileExW` `FormatMessageW` `lstrlenW` `MultiByteToWideChar` `IsValidCodePage` `LCMapStringW` `ExpandEnvironmentStringsW` `GetFileSizeEx` `GetFullPathNameW` `ReadFile` `SetFilePointerEx` `SetFileTime` `Sleep` `GlobalAlloc` `GlobalFree` `CopyFileW` `GetLocalTime` `GetModuleFileNameW` `CompareStringW` `HeapAlloc` `HeapReAlloc` `HeapFree` `HeapSize` `GetProcessHeap` `FreeLibrary` `InitializeCriticalSection` `DeleteCriticalSection` `ReleaseMutex` `GetCurrentProcess` `FindFirstFileExW` `TlsAlloc` `TlsGetValue` `TlsSetValue` `TlsFree` `CreateProcessW` `GetVersionExW` `VerSetConditionMask` `GetVolumePathNameW` `EnterCriticalSection` `LeaveCriticalSection` `GetSystemTime` `GetWindowsDirectoryW` `GetNativeSystemInfo` `GetSystemWow64DirectoryW` `GetModuleHandleExW` `GetComputerNameW` `VerifyVersionInfoW` `GetDateFormatW` `GetUserDefaultUILanguage` `GetUserDefaultLangID` `GetSystemDefaultLangID` `GetStringTypeW` `DuplicateHandle` `LoadLibraryExW` `CreateEventW` `ProcessIdToSessionId` `ConnectNamedPipe` `SetNamedPipeHandleState` `CreateNamedPipeW` `WaitForSingleObject` `GetProcessId` `OpenProcess` `CreateThread` `GetExitCodeThread` `SetEvent` `WaitForMultipleObjects` `LocalFileTimeToFileTime` `SetEndOfFile` `ResetEvent` `DosDateTimeToFileTime` `CompareStringA` `GetExitCodeProcess` `SetThreadExecutionState` `CopyFileExW` `CreateMutexW` `CreateFileMappingW` `MapViewOfFile` `UnmapViewOfFile` `GetThreadLocale` `GetStartupInfoW` `IsDebuggerPresent` `GetACP` `GetOEMCP` `GetCPInfo` `GetCommandLineA` `GetCommandLineW` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `SetStdHandle` `FlushFileBuffers` `GetConsoleOutputCP` `GetConsoleMode` `DecodePointer` `WriteConsoleW` `GetModuleHandleA` `VirtualAlloc` `VirtualFree` `SystemTimeToTzSpecificLocalTime` `SystemTimeToFileTime` `GetCurrentThreadId` `WideCharToMultiByte` `InitializeSListHead` `GetSystemTimeAsFileTime` `QueryPerformanceCounter` `IsProcessorFeaturePresent` `TerminateProcess` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `LoadLibraryExA` `VirtualQuery` `VirtualProtect` `GetSystemInfo` `RaiseException` `GetTimeZoneInformation`
RPCRT4.dll	`UuidCreate`
VERSION.dll (delay-loaded)	`GetFileVersionInfoSizeW` `VerQueryValueW` `GetFileVersionInfoW`

Delayed Imports

Attributes	`0x1`
Name	`VERSION.dll`
ModuleHandle	`0x6ebec`
DelayImportAddressTable	`0x6ea7c`
DelayImportNameTable	`0x6bc78`
BoundDelayImportTable	`0x6bf0c`
UnloadDelayImportTable	`0`
TimeStamp	`1970-Jan-01 00:00:00`

1

Type	`RT_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.27817`
MD5	`dd74ac90d0252284f1ce309880b60a82`
SHA1	`add64a2bb1668d419438ce849b4dee87ec84267f`
SHA256	`9e3bdf1cc1dcfd284924c25050c51cca0412ec699da8dc2046e6f76096bce5ee`
SHA3	`1d44a4f6d410b654acadbadd50c6e757bbf9802e022d732bcbdf1c1fb6cdfa63`

1 (#2)

Type	`RT_MESSAGETABLE`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x2840`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.06919`
MD5	`a99c9f2aba6eb725972156b7a4943e46`
SHA1	`9bfca5062deb9d067f118019fe748d110962a8d7`
SHA256	`e580ff987740c1e27979aaaa14ba001b06c86929cc321945cf1bdb614d257255`
SHA3	`4266b8855f8b84c8583e3f5c0ffccc59eece1761a21cfeff04601c9bfa9e6db4`

1 (#3)

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.81924`
Detected Filetype	Icon file
MD5	`cbee427fa121aba9b9b265ff05de5383`
SHA1	`24fcae33001c8e0f5ec795c6edf076a69d59589f`
SHA256	`494e4fd717fa1ee0c5c7bb3b4e28fdab4b7f6e95b4f9865f5ab86f03f62ae62c`
SHA3	`a3fa35d56632275ba55716a4964f02031270f61f06a903fc460ac2dd6bebde85`

1 (#4)

Type	`RT_VERSION`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x3f4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.49534`
MD5	`70afaa499d5e886db3d95153588739f2`
SHA1	`f7617828b49f398ca4d4a4a2cd206df27ea65f05`
SHA256	`ac557b4980b1d5faa5d65826c1713436642a5eecf1bbcecf1ebe810b26ee6a1e`
SHA3	`99a6c4733943577b5f1f7e7cba0ff5a4810a280348f9036be70814d5d9a897bc`

1 (#5)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	Latin 1 / Western European
Size	`0x4d2`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.30829`
MD5	`8ff25bb3faceb412f946beb4d4b70aba`
SHA1	`e77a0a3c8dcda8fca1bf8032ced5c633bd13695b`
SHA256	`409b7a72f95793e29fe6b03ef2c28effbc5b80ffe57fb7a974439022cc7a0e75`
SHA3	`3fe08b5bceae3a00c5e5c93835e5efd035482c03a6c9aae3749b8dba22bacd0b`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	14.50.35719.0
ProductVersion	14.50.35719.0
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT_WINDOWS32` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Microsoft Corporation
FileDescription	Microsoft Visual C++ v14 Redistributable (x64) - 14.50.35719
FileVersion (#2)	14.50.35719.0
InternalName	setup
LegalCopyright	Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename	VC_redist.x64.exe
ProductName	Microsoft Visual C++ v14 Redistributable (x64) - 14.50.35719
ProductVersion (#2)	14.50.35719.0

Resource LangID	English - United States

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2024-Mar-22 22:14:43
Version	`0.0`
SizeofData	`72`
AddressOfRawData	`0x6b0dc`
PointerToRawData	`0x6a0dc`
Referenced File	C:\agent\_work\36\s\wix\build\ship\x86\burn.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2024-Mar-22 22:14:43
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0x6b124`
PointerToRawData	`0x6a124`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2024-Mar-22 22:14:43
Version	`0.0`
SizeofData	`1000`
AddressOfRawData	`0x6b138`
PointerToRawData	`0x6a138`

TLS Callbacks

StartAddressOfRawData	`0x46b530`
EndAddressOfRawData	`0x46b538`
AddressOfIndex	`0x46ec0c`
AddressOfCallbacks	`0x44e434`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0xa0`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0x800`
EditList	`0`
SecurityCookie	`0x46e008`
SEHandlerTable	`0x46b0b0`
SEHandlerCount	`11`

RICH Header

XOR Key	`0x1d0f3cfb`
Unmarked objects	`0`
ASM objects (28900)	`10`
C++ objects (28900)	`145`
C objects (VS 2015/2017 runtime 26706)	`19`
ASM objects (VS 2015/2017 runtime 26706)	`19`
C++ objects (VS 2015/2017 runtime 26706)	`44`
C objects (28900)	`23`
C objects (CVTCIL) (28900)	`2`
Imports (28900)	`17`
Total imports	`334`
C++ objects (27051)	`75`
Resource objects (27051)	`1`
151	`2`
Linker (27051)	`1`

Errors

Leave a comment

No comments yet.