Manalyze report for b1fbf112041b845f55163c1df1af7fa97767ddd815d851112d60b55400319328

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2026-May-21 20:17:50
Detected languages	English - United States
Debug artifacts	C:\Users\Recso\Desktop\dcplus\bin\Release\x64\dcplus.pdb

Plugin Output

Info	Matching compiler(s):	`MASM/TASM - sig1(h)`
Info	Interesting strings found in the binary:	`Contains domain names: github.com https://github.com https://www.unknowncheats.me https://www.unknowncheats.me/forum/counter-strike-2-a/751313-dunecore-cs2-legit-hack.html`
Malicious	The PE contains functions mostly used by malware.	`[!] The program may be hiding some of its imports: LoadLibraryExW GetProcAddress LoadLibraryA` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot` `Possibly launches other programs: ShellExecuteA ShellExecuteW` `Uses functions commonly found in keyloggers: GetAsyncKeyState GetForegroundWindow` `Manipulates other processes: Process32FirstW Process32NextW OpenProcess ReadProcessMemory` `Reads the contents of the clipboard: GetClipboardData`
Malicious	VirusTotal score: 21/71 (Scanned on 2026-05-23 17:18:12)	`ALYac: Gen:Variant.Tedy.964076` `APEX: Malicious` `AhnLab-V3: Trojan/Win.Tedy.C5884610` `Arcabit: Trojan.Tedy.DEB5EC` `BitDefender: Gen:Variant.Tedy.964076` `Bkav: W32.Malware.6A8B3511` `CTX: exe.unknown.tedy` `ESET-NOD32: Win64/GameHack_AGen.AON potentially unsafe application` `Elastic: malicious (high confidence)` `Emsisoft: Gen:Variant.Tedy.964076 (B)` `GData: Gen:Variant.Tedy.964076` `Google: Detected` `Ikarus: Trojan.Win64.Krypt` `Malwarebytes: Malware.AI.1931240678` `MaxSecure: Trojan.Malware.300983.susgen` `McAfeeD: ti!B1FBF112041B` `MicroWorld-eScan: Gen:Variant.Tedy.964076` `Microsoft: Trojan:Win32/Wacatac.B!ml` `Rising: Trojan.Kryptik@AI.100 (RDML:OQ7drRWOH4etcDkUnBFSFw)` `Symantec: ML.Attribute.HighConfidence` `VIPRE: Gen:Variant.Tedy.964076`

Hashes

MD5	`c6edd487c494a8aed958a1c36836d195`
SHA1	`eb5867a70b5796ba98b3b25abf86515fdaefe85b`
SHA256	`b1fbf112041b845f55163c1df1af7fa97767ddd815d851112d60b55400319328`
SHA3	`243415dc683cec0b115d9c2d5cc5cc309b54641bfa0cf33a50eb15866533eb17`
SSDeep	`24576:5/A3Pdsd4iDIrjHd9+ph0lhSMXlDNEi6n2jigWg:dA/dsdCrz+wpx6n2bj`
Imports Hash	`fe9886e2dcb07071a41df25bcf4ff042`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x108`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`6`
TimeDateStamp	2026-May-21 20:17:50
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`14.0`
SizeOfCode	`0xa3600`
SizeOfInitializedData	`0x52200`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x00000000000A0BA4 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`6.0`
ImageVersion	`0.0`
SubsystemVersion	`6.0`
Win32VersionValue	`0`
SizeOfImage	`0xfa000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT` `IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`3fc895f3890a9966248c44098173cf8f`
SHA1	`cc5722a5c685c2d1a681a13c58b909ae713a6135`
SHA256	`335dfadf7471da709c802b0d4b4f7534db8a34d0228b50441df1aa2fe3deb815`
SHA3	`74787e7cf302bb930e1858fd2c5ffffa9a332feffcbfacb6013fa704d5bf7e81`
VirtualSize	`0xa35b7`
VirtualAddress	`0x1000`
SizeOfRawData	`0xa3600`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.52108`

.rdata

MD5	`7564a7ada39e70eadc2f1b91b16bc122`
SHA1	`425133597e14068b5e12cd6e4ea3be791b3d1b25`
SHA256	`ec32fbb0b29fe0fa9b0aac7ffadf0a3a429b1103a23cd899af05d5c31602da02`
SHA3	`1fdb7a8c1fd97b45a51855b2b82eb1766af4f61f1ca43d986db948e7047d81a1`
VirtualSize	`0x4481a`
VirtualAddress	`0xa5000`
SizeOfRawData	`0x44a00`
PointerToRawData	`0xa3a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`6.6386`

.data

MD5	`723779af29595fd630beb1fbcb4842f8`
SHA1	`ee67321ee6f84e5276a66c88c803638f4557989f`
SHA256	`ae21e3385f57c204d68cd5aed79feea3943b6a5e60f9b5753bedc52718b6c32a`
SHA3	`a2fd20e1b2daca36613b624c9012c88adf3cef39151f79174fcdbbc80299d19c`
VirtualSize	`0x1a78`
VirtualAddress	`0xea000`
SizeOfRawData	`0x1000`
PointerToRawData	`0xe8400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`4.12522`

.pdata

MD5	`4da47dc51752e53095ac5e7fbe55d81f`
SHA1	`494c2c6ca20a08c59dbd54d86886fdd7c8b1017a`
SHA256	`f18e876479a56fb3e199444c7f26531084b7fb09c9cc428e7428c5f50d623f22`
SHA3	`cd3110f1b0ebb36a1bbbd77dfd36bcaa3b4bd2c23e9bcd450d46460b7fcdef5c`
VirtualSize	`0x705c`
VirtualAddress	`0xec000`
SizeOfRawData	`0x7200`
PointerToRawData	`0xe9400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.97622`

.rsrc

MD5	`6ba997241dd11981dfae33ecb0185ec8`
SHA1	`441b9e271c26bc81dcde1b85e1ecac786948941e`
SHA256	`de5a0e2b56a29b0eab1bd8e56533f7b7487e3a41d7355e4ff8297cb35ca0e999`
SHA3	`383bf396c26492f6ad5a8702df920f5c987e17c221311860f04c5a9ee97250bd`
VirtualSize	`0x44c0`
VirtualAddress	`0xf4000`
SizeOfRawData	`0x4600`
PointerToRawData	`0xf0600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.89458`

.reloc

MD5	`22427c4f397564e5201126543837b18c`
SHA1	`74c17428e62baa2e4f4b798e24ed73f0c479d258`
SHA256	`1bb3c06d37344aeb10b6896524062416f6259795f312e21c47c260e691d69cb3`
SHA3	`b52ffde40922240cdfcb74e6af61d81419f3b70082ff0c8d888699a2f4ada0b4`
VirtualSize	`0x388`
VirtualAddress	`0xf9000`
SizeOfRawData	`0x400`
PointerToRawData	`0xf4c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.95039`

Imports

d3d11.dll	`D3D11CreateDeviceAndSwapChain`
dwmapi.dll	`DwmExtendFrameIntoClientArea`
KERNEL32.dll	`LoadLibraryExW` `GetLastError` `GetProcAddress` `OutputDebugStringA` `MultiByteToWideChar` `GlobalAlloc` `GlobalFree` `GlobalLock` `WideCharToMultiByte` `GlobalUnlock` `GetModuleHandleA` `GetLocaleInfoA` `LoadLibraryA` `QueryPerformanceFrequency` `IsDBCSLeadByte` `FreeLibrary` `QueryPerformanceCounter` `GetStdHandle` `GetConsoleMode` `SetConsoleMode` `GetCurrentConsoleFontEx` `SetCurrentConsoleFontEx` `GetConsoleScreenBufferInfoEx` `SetConsoleScreenBufferInfoEx` `GetConsoleWindow` `SetConsoleWindowInfo` `SetConsoleScreenBufferSize` `SetConsoleCursorInfo` `FlushConsoleInputBuffer` `SetConsoleTitleA` `CloseHandle` `GetExitCodeProcess` `CreateToolhelp32Snapshot` `Process32FirstW` `lstrcmpiW` `Process32NextW` `OpenProcess` `Module32FirstW` `ReadProcessMemory` `lstrcmpW` `Module32NextW` `CreateDirectoryA` `GetModuleHandleW` `GetCurrentProcess` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `RtlVirtualUnwind` `RtlLookupFunctionEntry` `RtlCaptureContext` `WakeAllConditionVariable` `GetCurrentThreadId` `Sleep` `SleepConditionVariableSRW` `AcquireSRWLockShared` `AcquireSRWLockExclusive` `ReleaseSRWLockShared` `ReleaseSRWLockExclusive` `SetConsoleCP` `SetConsoleOutputCP` `TerminateProcess` `IsProcessorFeaturePresent` `IsDebuggerPresent` `GetCurrentProcessId` `GetSystemTimeAsFileTime` `InitializeSListHead` `GetTickCount64`
USER32.dll	`SetClipboardData` `SetWindowLongW` `GetWindowLongW` `GetClipboardData` `RegisterClassExW` `GetKeyState` `PeekMessageW` `LoadCursorW` `TranslateMessage` `GetClassInfoExW` `DispatchMessageW` `UpdateWindow` `ShowWindow` `SetLayeredWindowAttributes` `GetMessageExtraInfo` `UnregisterClassW` `CreateWindowExW` `GetSystemMetrics` `DefWindowProcW` `ScreenToClient` `PostQuitMessage` `EmptyClipboard` `CloseClipboard` `OpenClipboard` `GetCursorPos` `SetCursorPos` `ReleaseCapture` `DestroyWindow` `IsWindowUnicode` `GetClientRect` `SetCursor` `SetCapture` `GetKeyboardLayout` `MessageBoxA` `GetAsyncKeyState` `TrackMouseEvent` `ClientToScreen` `GetCapture` `GetForegroundWindow` `GetWindowTextW`
GDI32.dll	`GetStockObject`
SHELL32.dll	`ShellExecuteA` `ShellExecuteW` `SHGetFolderPathA`
ole32.dll	`CoUninitialize` `CoInitializeEx`
MSVCP140.dll	`?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z` `?_Xlength_error@std@@YAXPEBD@Z` `_Query_perf_counter` `_Query_perf_frequency` `?_Incref@facet@locale@std@@UEAAXXZ` `??1_Locinfo@std@@QEAA@XZ` `??1_Lockit@std@@QEAA@XZ` `??0_Locinfo@std@@QEAA@PEBD@Z` `??0_Lockit@std@@QEAA@H@Z` `?_Gettrue@_Locinfo@std@@QEBAPEBDXZ` `?_Xbad_alloc@std@@YAXXZ` `?_Getfalse@_Locinfo@std@@QEBAPEBDXZ` `?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ` `?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ` `?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ` `??1facet@locale@std@@MEAA@XZ` `??0facet@locale@std@@IEAA@_K@Z` `?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ` `?id@?$numpunct@D@std@@2V0locale@2@A` `?_Id_cnt@id@locale@std@@0HA` `?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z` `?_Xout_of_range@std@@YAXPEBD@Z` `??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z` `?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z` `??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ` `?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z` `?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A` `?always_noconv@codecvt_base@std@@QEBA_NXZ` `?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z` `?_Xbad_function_call@std@@YAXXZ` `?uncaught_exceptions@std@@YAHXZ` `?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ` `?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ` `?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ` `?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ` `??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ` `?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ` `?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z` `?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ` `?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z` `?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z` `??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ` `??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z` `?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z` `_Xtime_get_ticks` `?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z` `?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z` `?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z` `?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ` `?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ` `?getloc@ios_base@std@@QEBA?AVlocale@2@XZ` `?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A`
IMM32.dll	`ImmSetCandidateWindow` `ImmGetContext` `ImmSetCompositionWindow` `ImmReleaseContext`
D3DCOMPILER_47.dll	`D3DCompile`
VCRUNTIME140_1.dll	`__CxxFrameHandler4`
VCRUNTIME140.dll	`memcpy` `__std_terminate` `__std_exception_copy` `__std_exception_destroy` `_CxxThrowException` `__current_exception_context` `__current_exception` `__C_specific_handler` `memset` `memmove` `memcmp` `memchr` `strchr`
api-ms-win-crt-runtime-l1-1-0.dll	`exit` `_register_thread_local_exe_atexit_callback` `_c_exit` `_errno` `__p___argv` `__p___argc` `_exit` `_initterm_e` `_initterm` `_get_initial_narrow_environment` `_set_app_type` `_seh_filter_exe` `terminate` `_cexit` `_crt_atexit` `_register_onexit_function` `_initialize_onexit_table` `_invoke_watson` `_initialize_narrow_environment` `_configure_narrow_argv`
api-ms-win-crt-heap-l1-1-0.dll	`free` `calloc` `_set_new_mode` `_callnewh` `malloc`
api-ms-win-crt-math-l1-1-0.dll	`__setusermatherr` `powf` `pow` `_dsign` `_fdsign` `roundf` `log` `sinf` `fminf` `fmaxf` `sqrtf` `fmodf` `cosf` `ceilf` `_dclass` `_ldclass` `_fdclass` `fmaf` `_ldsign` `logf` `atan2f` `acosf`
api-ms-win-crt-stdio-l1-1-0.dll	`__stdio_common_vsprintf` `__p__commode` `_set_fmode` `fflush` `getchar` `setvbuf` `__stdio_common_vsscanf` `_wfopen` `fsetpos` `__stdio_common_vfprintf` `fseek` `__acrt_iob_func` `ftell` `fgetpos` `fclose` `_get_stream_buffer_pointers` `fputc` `ungetc` `fgetc` `fread` `fwrite` `_fseeki64`
api-ms-win-crt-filesystem-l1-1-0.dll	`_lock_file` `_unlock_file`
api-ms-win-crt-locale-l1-1-0.dll	`_configthreadlocale` `localeconv`
api-ms-win-crt-convert-l1-1-0.dll	`strtoull` `strtoll` `atof` `strtod`
api-ms-win-crt-utility-l1-1-0.dll	`qsort`
api-ms-win-crt-string-l1-1-0.dll	`strncmp` `wcscpy_s` `strcmp` `strncpy`
api-ms-win-crt-time-l1-1-0.dll	`_localtime64_s`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x4228`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.71811`
MD5	`0352f5a79fad3bf02daa39b4f9272e13`
SHA1	`20dbc797a34b1d6a8f47b5646457f3636f302722`
SHA256	`7837dc76542747b623208b73b0ba9e9c977907ec1761ae56bb431818d5d45f5a`
SHA3	`343250d88ac61098966be8f7c304bd391fc0d17155a5c8a51948df10a6bf2366`

IDI_ICON1

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x14`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`1.91924`
Detected Filetype	Icon file
MD5	`3e1d980f0dc747eec9d946c155cb1498`
SHA1	`15414ced0202f709d400c957d441a8856dde8479`
SHA256	`027e12c81d53ebb492d0e1ce8166c0c004e135274105fb79465b6b97bc6c71cd`
SHA3	`11e83c27ff3b8cca2c537273338202138c94fb4b10a6b2daf0f7d23d177cc049`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x17d`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`4.91161`
MD5	`1e4a89b11eae0fcf8bb5fdd5ec3b6f61`
SHA1	`4260284ce14278c397aaf6f389c1609b0ab0ce51`
SHA256	`4bb79dcea0a901f7d9eac5aa05728ae92acb42e0cb22e5dd14134f4421a3d8df`
SHA3	`4bb9e8b5a714cae82782f3831cc2d45f4bf4a50a755fe584d2d1893129d68353`

Version Info

IMAGE_DEBUG_TYPE_CODEVIEW

Characteristics	`0`
TimeDateStamp	2026-May-21 20:17:50
Version	`0.0`
SizeofData	`81`
AddressOfRawData	`0xd9734`
PointerToRawData	`0xd8134`
Referenced File	C:\Users\Recso\Desktop\dcplus\bin\Release\x64\dcplus.pdb

IMAGE_DEBUG_TYPE_VC_FEATURE

Characteristics	`0`
TimeDateStamp	2026-May-21 20:17:50
Version	`0.0`
SizeofData	`20`
AddressOfRawData	`0xd9788`
PointerToRawData	`0xd8188`

IMAGE_DEBUG_TYPE_POGO

Characteristics	`0`
TimeDateStamp	2026-May-21 20:17:50
Version	`0.0`
SizeofData	`912`
AddressOfRawData	`0xd979c`
PointerToRawData	`0xd819c`

IMAGE_DEBUG_TYPE_ILTCG

Characteristics	`0`
TimeDateStamp	2026-May-21 20:17:50
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

StartAddressOfRawData	`0x1400d9b50`
EndAddressOfRawData	`0x1400d9b58`
AddressOfIndex	`0x1400eb57c`
AddressOfCallbacks	`0x1400a5a00`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_ALIGN_4BYTES`
Callbacks	`(EMPTY)`

Load Configuration

Size	`0x140`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x1400ea040`

RICH Header

XOR Key	`0x4d377cda`
Unmarked objects	`0`
Imports (VS2008 SP1 build 30729)	`20`
ASM objects (35207)	`4`
C objects (35207)	`10`
C++ objects (35207)	`36`
Imports (35207)	`6`
Imports (33145)	`19`
Total imports	`353`
C++ objects (LTCG) (35227)	`30`
Resource objects (35227)	`1`
151	`1`
Linker (35227)	`1`

Errors

Leave a comment

No comments yet.