| Architecture |
IMAGE_FILE_MACHINE_AMD64
|
|---|---|
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| Compilation Date | 2021-Aug-21 11:09:03 |
| Detected languages |
English - United States
|
| Debug artifacts |
C:\sources\notepad-plus-plus\PowerEditor\bin64\npp.pdb
|
| CompanyName | Don HO don.h@free.fr |
| FileDescription | Notepad++ : a free (GPL) source code editor |
| FileVersion | 8.14 |
| InternalName | notepad++.exe |
| LegalCopyright | Copyleft 1998-2021 by Don HO |
| OriginalFilename | notepad++.exe |
| ProductName | Notepad++ |
| ProductVersion | 8.14 |
| Suspicious | Strings found in the binary may indicate undesirable behavior: |
Contains references to internet browsers:
|
| Info | Cryptographic algorithms detected in the binary: |
Uses constants related to MD5
Uses constants related to SHA256 Uses known Mersenne Twister constants Microsoft's Cryptography API |
| Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
| Info | The PE is digitally signed. |
Signer: Notepad\+\+
Issuer: DigiCert SHA2 Assured ID Code Signing CA |
| Safe | VirusTotal score: 0/71 (Scanned on 2026-05-26 09:55:40) | All the AVs think this file is safe. |
| e_magic | MZ |
|---|---|
| e_cblp | 0x90 |
| e_cp | 0x3 |
| e_crlc | 0 |
| e_cparhdr | 0x4 |
| e_minalloc | 0 |
| e_maxalloc | 0xffff |
| e_ss | 0 |
| e_sp | 0xb8 |
| e_csum | 0 |
| e_ip | 0 |
| e_cs | 0 |
| e_ovno | 0 |
| e_oemid | 0 |
| e_oeminfo | 0 |
| e_lfanew | 0x128 |
| Signature | PE |
|---|---|
| Machine |
IMAGE_FILE_MACHINE_AMD64
|
| NumberofSections | 6 |
| TimeDateStamp | 2021-Aug-21 11:09:03 |
| PointerToSymbolTable | 0 |
| NumberOfSymbols | 0 |
| SizeOfOptionalHeader | 0xf0 |
| Characteristics |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
| Magic | PE32+ |
|---|---|
| LinkerVersion | 14.0 |
| SizeOfCode | 0x32c600 |
| SizeOfInitializedData | 0x29dc00 |
| SizeOfUninitializedData | 0 |
| AddressOfEntryPoint | 0x00000000002C6EB4 (Section: .text) |
| BaseOfCode | 0x1000 |
| ImageBase | 0x140000000 |
| SectionAlignment | 0x1000 |
| FileAlignment | 0x200 |
| OperatingSystemVersion | 5.2 |
| ImageVersion | 1.0 |
| SubsystemVersion | 5.2 |
| Win32VersionValue | 0 |
| SizeOfImage | 0x5cf000 |
| SizeOfHeaders | 0x400 |
| Checksum | 0x5c41a6 |
| Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
| DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
| SizeofStackReserve | 0x100000 |
| SizeofStackCommit | 0x1000 |
| SizeofHeapReserve | 0x100000 |
| SizeofHeapCommit | 0x1000 |
| LoaderFlags | 0 |
| NumberOfRvaAndSizes | 16 |
| COMCTL32.dll |
ImageList_BeginDrag
ImageList_EndDrag ImageList_SetIconSize ImageList_DragMove ImageList_DragShowNolock #17 ImageList_AddMasked ImageList_GetImageCount InitCommonControlsEx ImageList_ReplaceIcon ImageList_Destroy ImageList_Create _TrackMouseEvent ImageList_GetImageInfo ImageList_Draw #413 #412 ImageList_DragEnter #410 |
|---|---|
| SHLWAPI.dll |
PathIsRelativeW
ColorRGBToHLS PathStripPathW PathAppendW PathAddExtensionW PathRemoveExtensionW PathIsDirectoryW PathCombineW AssocQueryStringW PathMatchSpecW PathFindFileNameW PathGetDriveNumberW PathCompactPathExW PathFindExtensionW PathFileExistsW PathRemoveFileSpecW ColorHLSToRGB |
| SHELL32.dll |
SHFileOperationW
SHCreateItemFromParsingName DragQueryPoint DragFinish ShellExecuteW #165 SHGetFolderPathW DragQueryFileW Shell_NotifyIconW |
| dbghelp.dll |
ImageNtHeader
|
| VERSION.dll |
GetFileVersionInfoSizeW
GetFileVersionInfoW VerQueryValueW |
| CRYPT32.dll |
CryptQueryObject
CertGetNameStringW CertNameToStrW CertGetCertificateContextProperty CertFindCertificateInStore CertCloseStore CryptMsgGetParam CryptMsgClose |
| WINTRUST.dll |
WinVerifyTrust
|
| SensApi.dll |
IsDestinationReachableW
IsNetworkAlive |
| WININET.dll |
InternetCrackUrlW
|
| IMM32.dll |
ImmSetCompositionStringW
ImmEscapeW ImmGetCompositionStringW ImmSetCompositionWindow ImmSetCompositionFontW ImmReleaseContext ImmGetContext ImmNotifyIME ImmSetCandidateWindow |
| MSIMG32.dll |
AlphaBlend
|
| KERNEL32.dll |
GlobalLock
GetCurrentDirectoryW GlobalAlloc FormatMessageW LCMapStringW ExpandEnvironmentStringsW SetCurrentDirectoryW FreeLibrary LoadResource LockResource SizeofResource FindResourceW GetCurrentThreadId CloseHandle SetEvent ResetEvent WaitForSingleObject CreateEventW CreateThread CopyFileW CreateFileW GetCurrentProcess GetCurrentProcessId LoadLibraryW ReleaseMutex CreateMutexW Sleep GlobalSize lstrcpynW GetLocalTime GetTimeFormatEx GetDateFormatEx WaitForMultipleObjects CopyFileExW DeleteFileW GetVersionExW CreateFileMappingW MapViewOfFile UnmapViewOfFile GetTempPathW SetLastError CancelIo SleepEx WaitForSingleObjectEx QueueUserAPC ReadDirectoryChangesW GetLocaleInfoA GetTickCount LoadLibraryA GetStringTypeExW LCMapStringA GetStringTypeExA GetUserDefaultLCID DuplicateHandle VirtualFree VirtualAlloc GetModuleHandleA FreeLibraryAndExitThread GetThreadTimes GetCurrentThread UnregisterWait RegisterWaitForSingleObject GetTimeFormatW GetProcessAffinityMask GetNumaHighestNodeNumber DeleteTimerQueueTimer ChangeTimerQueueTimer CreateTimerQueueTimer GetLogicalProcessorInformation GetThreadPriority SetThreadPriority SignalObjectAndWait InitializeSListHead GetStartupInfoW IsDebuggerPresent IsProcessorFeaturePresent TerminateProcess SetUnhandledExceptionFilter UnhandledExceptionFilter RtlVirtualUnwind RtlLookupFunctionEntry RtlCaptureContext GetLocaleInfoW CompareStringW GetCPInfo GetSystemTimeAsFileTime TlsFree TlsSetValue TlsGetValue TlsAlloc SwitchToThread InitializeCriticalSectionAndSpinCount QueryPerformanceFrequency QueryPerformanceCounter RaiseException DecodePointer EncodePointer RtlPcToFileHeader GetStringTypeW DeleteCriticalSection TryEnterCriticalSection LeaveCriticalSection EnterCriticalSection CreateDirectoryW CompareFileTime lstrlenW lstrcmpW GetFileAttributesW FindNextFileW FindFirstFileW FindClose WideCharToMultiByte MultiByteToWideChar GetACP GlobalFree GetModuleFileNameW GetVersion MulDiv LocalFree LocalAlloc GetDateFormatW GetLastError OutputDebugStringW lstrcmpiW LoadLibraryExW GetProcAddress GetModuleHandleW VirtualProtect ReleaseSemaphore InterlockedPopEntrySList GlobalUnlock FileTimeToSystemTime SystemTimeToTzSpecificLocalTime MoveFileExW lstrcpyW SetFileAttributesW GetLongPathNameW GetFullPathNameW SetThreadAffinityMask GetFileAttributesExW InterlockedPushEntrySList InterlockedFlushSList QueryDepthSList UnregisterWaitEx CreateTimerQueue RtlUnwindEx ReadFile ExitProcess GetModuleHandleExW ExitThread GetStdHandle WriteFile HeapAlloc HeapFree GetFileType GetConsoleMode ReadConsoleW IsValidLocale EnumSystemLocalesW GetTimeZoneInformation FlushFileBuffers GetConsoleCP SetFilePointerEx GetFileSizeEx IsValidCodePage GetOEMCP HeapReAlloc FindFirstFileExW GetCommandLineA GetCommandLineW GetEnvironmentStringsW FreeEnvironmentStringsW SetEnvironmentVariableW RtlUnwind GetProcessHeap SetStdHandle HeapSize SetEndOfFile WriteConsoleW GetSystemInfo |
| USER32.dll |
ShowCursor
CreateDialogIndirectParamW MonitorFromRect TrackMouseEvent GetCapture SetRectEmpty AppendMenuW RegisterWindowMessageW CreateCursor DestroyCursor ScrollWindow GetPropW RemovePropW LoadStringW InsertMenuItemW BeginDeferWindowPos DeferWindowPos EndDeferWindowPos KillTimer GetCaretBlinkTime AppendMenuA GetMessageTime GetKeyboardLayout ValidateRect SetTimer MsgWaitForMultipleObjects NotifyWinEvent GetUpdateRgn SystemParametersInfoA GetDoubleClickTime DrawTextA CopyImage MonitorFromPoint AdjustWindowRectEx LoadStringA CreateAcceleratorTableW MessageBoxA GetWindowTextLengthW TrackPopupMenu FlashWindowEx RegisterClassExW UnregisterClassW PostQuitMessage TranslateMessage GetMessageW BringWindowToTop ReleaseCapture SetCapture GetActiveWindow CallNextHookEx UnhookWindowsHookEx SetWindowsHookExW SetParent RedrawWindow GetDlgCtrlID IsChild FindWindowExW IsWindowEnabled GetAsyncKeyState GetClassInfoExW SetMenuItemInfoW InsertMenuW GetMenuItemCount EnableMenuItem CheckMenuItem DestroyMenu CreatePopupMenu CreateMenu GetMenuState EmptyClipboard SetClipboardData IsWindow GetDlgItemInt FrameRect CreateDialogParamW InflateRect GetSysColor ClientToScreen IsWindowVisible ShowWindow IsClipboardFormatAvailable RegisterClipboardFormatW GetMenuStringW ChangeClipboardChain SetClipboardViewer CloseClipboard OpenClipboard LoadCursorW GetParent SetCaretPos ShowCaret GetClassNameA DestroyCaret CreateCaret SetCursor MessageBeep ShowScrollBar GetScrollRange SetScrollRange GetScrollPos SetScrollPos GetDC UpdateWindow DrawTextExW GetMenu GetSystemMetrics ToAscii GetKeyboardState GetFocus SetWindowPlacement GetWindowPlacement DestroyWindow CreateWindowExW RegisterClassW PostMessageW DrawFrameControl TranslateAcceleratorW DestroyAcceleratorTable IsZoomed IsIconic ModifyMenuW GetMenuItemID IsCharLowerW IsCharAlphaNumericW IsCharAlphaW CharLowerW CharUpperW DrawIcon GetSubMenu RemoveMenu GetIconInfo GetDlgItemTextA LoadMenuW IsDialogMessageW SetMenu GetMonitorInfoW MonitorFromWindow CheckMenuRadioItem ChildWindowFromPointEx SetForegroundWindow SetMenuItemBitmaps DeleteMenu CreateIconIndirect LoadIconW GetDesktopWindow WindowFromPoint LockWindowUpdate DrawEdge SetFocus MoveWindow DrawIconEx LoadImageW EnableWindow GetKeyState SendDlgItemMessageW EndDialog DialogBoxIndirectParamW DialogBoxParamW GetComboBoxInfo GetMenuBarInfo GetClassNameW EnumChildWindows GetWindowLongW PtInRect OffsetRect IntersectRect FillRect DrawFocusRect MapWindowPoints ScreenToClient GetCursorPos GetWindowRect GetClientRect GetWindowTextW InvalidateRect EndPaint BeginPaint ReleaseDC GetWindowDC DrawTextW GetMenuItemInfoW SetWindowPos DefWindowProcW SetWindowLongPtrW GetWindowLongPtrW SetWindowTextW GetDlgItemTextW SetDlgItemTextW SetDlgItemTextA GetDlgItem CallWindowProcW SendMessageW MessageBoxW wsprintfW GetAncestor SystemParametersInfoW SetPropW GetDCEx mouse_event SetDlgItemInt GetScrollInfo SetScrollInfo FindWindowW HideCaret DrawMenuBar LoadBitmapW DestroyIcon GetClipboardData GetSysColorBrush DispatchMessageW |
| GDI32.dll |
DeleteDC
GetPixel BitBlt RestoreDC CreateCompatibleDC GetObjectW GetDeviceCaps SelectObject CreateCompatibleBitmap MoveToEx LineTo CreateHatchBrush GetTextMetricsW SetROP2 GetROP2 CreateFontW ExtTextOutW SaveDC OffsetWindowOrgEx CreateBitmap CreatePatternBrush PatBlt SetBrushOrgEx GetDIBits SetDIBits EnumFontFamiliesExW SetTextAlign StartDocW EndDoc StartPage EndPage DPtoLP GetTextExtentPointW StretchBlt CombineRgn IntersectClipRect RoundRect Ellipse Polygon GetTextExtentExPointA GetTextExtentExPointW GetTextExtentPoint32A CreateDIBSection ExtTextOutA SetTextColor SetBkMode Polyline SelectClipRgn Rectangle GetTextExtentPoint32W GetStockObject GetClipRgn ExcludeClipRect DeleteObject CreateSolidBrush CreateRectRgnIndirect CreateRectRgn CreatePen CreateFontIndirectW SetBkColor SetWindowOrgEx CreateFontA |
| COMDLG32.dll |
ChooseColorW
PrintDlgW |
| ADVAPI32.dll |
RegCloseKey
RegOpenKeyExW RegQueryValueExW AllocateAndInitializeSid CheckTokenMembership FreeSid RegCreateKeyExW RegDeleteKeyW RegDeleteValueW RegEnumKeyExW RegQueryInfoKeyW RegSetValueExW IsTextUnicode |
| ole32.dll |
CLSIDFromProgID
RegisterDragDrop OleInitialize DoDragDrop OleUninitialize ReleaseStgMedium CoInitialize CoUninitialize CoTaskMemFree CoCreateInstance RevokeDragDrop |
| OLEAUT32.dll |
SysAllocString
SysFreeString |
| UxTheme.dll |
OpenThemeData
CloseThemeData DrawThemeBackground GetThemeBackgroundContentRect GetThemePartSize GetThemeFont SetWindowTheme EnableThemeDialogTexture DrawThemeParentBackground GetThemeTransitionDuration BufferedPaintRenderAnimation EndBufferedAnimation BeginBufferedAnimation BufferedPaintStopAllAnimations DrawThemeTextEx |
| &Window |
| Signature | 0xfeef04bd |
|---|---|
| StructVersion | 0x10000 |
| FileVersion | 8.1.4.0 |
| ProductVersion | 8.1.4.0 |
| FileFlags | (EMPTY) |
| FileOs |
VOS_DOS_WINDOWS32
VOS_NT
VOS_NT_WINDOWS32
VOS_WINCE
VOS__WINDOWS32
|
| FileType |
VFT_APP
|
| Language | English - United States |
| CompanyName | Don HO don.h@free.fr |
| FileDescription | Notepad++ : a free (GPL) source code editor |
| FileVersion (#2) | 8.14 |
| InternalName | notepad++.exe |
| LegalCopyright | Copyleft 1998-2021 by Don HO |
| OriginalFilename | notepad++.exe |
| ProductName | Notepad++ |
| ProductVersion (#2) | 8.14 |
| Resource LangID | English - United States |
|---|
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2021-Aug-21 11:09:03 |
| Version | 0.0 |
| SizeofData | 79 |
| AddressOfRawData | 0x3c8c94 |
| PointerToRawData | 0x3c7694 |
| Referenced File | C:\sources\notepad-plus-plus\PowerEditor\bin64\npp.pdb |
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2021-Aug-21 11:09:03 |
| Version | 0.0 |
| SizeofData | 20 |
| AddressOfRawData | 0x3c8ce4 |
| PointerToRawData | 0x3c76e4 |
| Characteristics |
0
|
|---|---|
| TimeDateStamp | 2021-Aug-21 11:09:03 |
| Version | 0.0 |
| SizeofData | 968 |
| AddressOfRawData | 0x3c8cf8 |
| PointerToRawData | 0x3c76f8 |
| StartAddressOfRawData | 0x1403c90e0 |
|---|---|
| EndAddressOfRawData | 0x1403c90e8 |
| AddressOfIndex | 0x140447910 |
| AddressOfCallbacks | 0x14032f498 |
| SizeOfZeroFill | 0 |
| Characteristics |
IMAGE_SCN_ALIGN_4BYTES
|
| Callbacks | (EMPTY) |
| Size | 0x100 |
|---|---|
| TimeDateStamp | 1970-Jan-01 00:00:00 |
| Version | 0.0 |
| GlobalFlagsClear | (EMPTY) |
| GlobalFlagsSet | (EMPTY) |
| CriticalSectionDefaultTimeout | 0 |
| DeCommitFreeBlockThreshold | 0 |
| DeCommitTotalFreeThreshold | 0 |
| LockPrefixTable | 0 |
| MaximumAllocationSize | 0 |
| VirtualMemoryThreshold | 0 |
| ProcessAffinityMask | 0 |
| ProcessHeapFlags | (EMPTY) |
| CSDVersion | 0 |
| Reserved1 | 0 |
| EditList | 0 |
| SecurityCookie | 0x14042a0b8 |
| XOR Key | 0x1171e05b |
|---|---|
| Unmarked objects | 0 |
| ASM objects (26213) | 13 |
| C++ objects (26213) | 189 |
| 199 (41118) | 5 |
| ASM objects (VS 2015/2017 runtime 26706) | 9 |
| C++ objects (VS 2015/2017 runtime 26706) | 133 |
| C objects (VS 2015/2017 runtime 26706) | 36 |
| C objects (26213) | 30 |
| C++ objects (LTCG) (VS2017 v15.9.11 compiler 27030) | 162 |
| C objects (CVTCIL) (26213) | 1 |
| Imports (26213) | 39 |
| Total imports | 582 |
| C++ objects (VS2017 v15.9.11 compiler 27030) | 124 |
| Resource objects (VS2017 v15.9.11 compiler 27030) | 1 |
| 151 | 26 |
| Linker (VS2017 v15.9.11 compiler 27030) | 1 |
No comments yet.