v0[.]1[.]6[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

v0.1.6.zip.zip
Size

2.7MB
MD5

d8663f53864f838cd7400a6fbdd9b8a0
SHA1

63d05dbee8c37a828133c67645eb0ec7851ade1c
SHA256

015af59d8f06edbafa4c357ebecbfc80bc745866dfa2602961106a6f1ef60d8d
SHA512

1e79e2b56f91b0d8d7e3a4b3d9112d4e989e761a7057710bfa917bba7befc9cf411a8193a5d382c2c472641c9b7e8ae239c84cb7df38265be7c8d8ec906fe136
SSDEEP

49152:Uc89sGF2n0H3a8Qs7IHR8JBkKY7Zb5MagC7XfqFVZ/bJ0eqWwCli4wcYyQfXSSVF:UaGFpa8Qskx8XgtngMXsTqeqWwCNKygD

Score

N/A

Malware Config

Signatures

Files

v0.1.6.zip.zip
.zip

Password: infected
v0.1.6.zip
.zip
github.com/tc-hib/[email protected]/.github/workflows/go.yml
github.com/tc-hib/[email protected]/.gitignore
github.com/tc-hib/[email protected]/LICENSE
github.com/tc-hib/[email protected]/README.md
github.com/tc-hib/[email protected]/coff.go
github.com/tc-hib/[email protected]/coff_test.go
github.com/tc-hib/[email protected]/cursor.go
.js
github.com/tc-hib/[email protected]/cursor_test.go
github.com/tc-hib/[email protected]/doc.go
github.com/tc-hib/[email protected]/errors.go
github.com/tc-hib/[email protected]/exe.go
github.com/tc-hib/[email protected]/go.mod
github.com/tc-hib/[email protected]/go.sum
github.com/tc-hib/[email protected]/helper_test.go
github.com/tc-hib/[email protected]/icon.go
.js
github.com/tc-hib/[email protected]/icon_test.go
github.com/tc-hib/[email protected]/id.go
github.com/tc-hib/[email protected]/manifest.go
.js
github.com/tc-hib/[email protected]/manifest_test.go
github.com/tc-hib/[email protected]/pesum.go
github.com/tc-hib/[email protected]/pesum_test.go
github.com/tc-hib/[email protected]/reader.go
github.com/tc-hib/[email protected]/rsrc.go
github.com/tc-hib/[email protected]/rsrc_test.go
github.com/tc-hib/[email protected]/testdata/TestCursor_SaveCUR.golden
github.com/tc-hib/[email protected]/testdata/TestData1.golden
github.com/tc-hib/[email protected]/testdata/TestEmpty.golden
github.com/tc-hib/[email protected]/testdata/TestIcon_SaveICO.golden
github.com/tc-hib/[email protected]/testdata/TestLoadFromEXESingleType.golden
github.com/tc-hib/[email protected]/testdata/TestNewCursorFromImages.golden
github.com/tc-hib/[email protected]/testdata/TestNewIconFromImages.golden
github.com/tc-hib/[email protected]/testdata/TestNewIconFromResizedImage.golden
github.com/tc-hib/[email protected]/testdata/TestNewIconFromResizedImage_Ratio1.golden
github.com/tc-hib/[email protected]/testdata/TestNewIconFromResizedImage_Ratio2.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_SetManifest.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_SetVersionInfo.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXEWithCheckSum_VS.golden
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXEWithCheckSum_VS32.golden
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_Delete.golden
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.png
Size: 512B - Virtual size: 441B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_End.golden
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_IgnoreSignature.golden
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Code Sign

52:e1:e9:f2:61:d2:1a:ba:47:06:2a:55:61:70:ad:c9
Certificate

Issuer

CN=My CA

Not Before

05/03/2021, 12:40

Not After

31/12/2039, 23:59

Subject

CN=My SPC

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

cf:5f:1c:b1:73:b0:68:08:84:cb:05:3b:79:18:22:2f:cf:ba:37:5c
Signer

Actual PE Digest

cf:5f:1c:b1:73:b0:68:08:84:cb:05:3b:79:18:22:2f:cf:ba:37:5c

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=My SPC

15/12/2022, 13:51
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_NotEnd.golden
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

old.rsrc
Size: 1024B - Virtual size: 557B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.png
Size: 512B - Virtual size: 441B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_RemoveSignature.golden
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_SFX.golden
.exe windows x86

e6f39b3587ab9278fb99290006fa6b09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
VariantClear
SysStringLen

ole32

CoCreateInstance
CoInitialize
CoUninitialize
OleInitialize

user32

CheckDlgButton
IsDlgButtonChecked
EndDialog
SetDlgItemTextW
GetFocus
SetFocus
GetKeyState
InvalidateRect
SetWindowTextW
EnableWindow
PostMessageW
MessageBoxW
SetTimer
DialogBoxParamW
SetWindowLongW
GetWindowLongW
ShowWindow
MoveWindow
ScreenToClient
GetDlgItem
GetWindowRect
MapDialogRect
SystemParametersInfoW
GetWindowTextLengthW
GetWindowTextW
SendMessageW
LoadStringW
CharUpperW
LoadIconW
GetParent
SetCursor
LoadCursorW
KillTimer

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHGetMalloc

msvcrt

memmove
memcpy
malloc
_CxxThrowException
free
wcsstr
wcscmp
wcslen
wcscat
_beginthreadex
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_purecall
memcmp
__CxxFrameHandler
memset

kernel32

GetStartupInfoA
InitializeCriticalSection
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
VirtualFree
VirtualAlloc
GetCurrentProcess
SetPriorityClass
DeleteCriticalSection
Sleep
EnterCriticalSection
LeaveCriticalSection
FileTimeToLocalFileTime
WaitForMultipleObjects
GetFileInformationByHandle
GetStdHandle
FileTimeToSystemTime
CompareFileTime
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
GetLogicalDriveStringsW
GetFileAttributesW
GetModuleHandleA
FindNextFileW
FindFirstFileW
FindClose
GetTickCount
GetCurrentDirectoryW
SetLastError
DeleteFileW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
SetFileAttributesW
CreateFileW
SetFileTime
CloseHandle
FormatMessageW
LocalFree
GetModuleFileNameW
MultiByteToWideChar
GetLastError
GetVersionExW
GetProcAddress
FreeLibrary
GetCommandLineW
LoadLibraryW

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_VS.golden
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_VS0.golden
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_VS032.golden
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_WriteToEXE_VS32.golden
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/TestResourceSet_read1.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_read_ICON.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_read_PNG.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_read_RT_CURSOR.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_read_RT_GROUP_CURSOR.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_read_RT_GROUP_ICON.golden
github.com/tc-hib/[email protected]/testdata/TestResourceSet_read_RT_ICON.golden
github.com/tc-hib/[email protected]/testdata/TestWinRes1.golden
github.com/tc-hib/[email protected]/testdata/TestWinRes2.golden
github.com/tc-hib/[email protected]/testdata/TestWinRes3.golden
github.com/tc-hib/[email protected]/testdata/TestWinRes4.golden
github.com/tc-hib/[email protected]/testdata/cur-16x32.png
.png
github.com/tc-hib/[email protected]/testdata/cur-16x8.png
.png
github.com/tc-hib/[email protected]/testdata/cur-32x64.png
.png
github.com/tc-hib/[email protected]/testdata/cur-64x128.png
.png
github.com/tc-hib/[email protected]/testdata/cursor.cur
github.com/tc-hib/[email protected]/testdata/en.cur
github.com/tc-hib/[email protected]/testdata/en.ico
github.com/tc-hib/[email protected]/testdata/end.exe
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 557B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/fr.cur
github.com/tc-hib/[email protected]/testdata/fr.ico
github.com/tc-hib/[email protected]/testdata/icon.ico
github.com/tc-hib/[email protected]/testdata/img.png
.png
github.com/tc-hib/[email protected]/testdata/invalid_rsrc.exe
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/notend.exe
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 557B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.png
Size: 512B - Virtual size: 441B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
github.com/tc-hib/[email protected]/testdata/png.cur
github.com/tc-hib/[email protected]/testdata/rh.exe
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 339KB - Virtual size: 338KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/rsrc1.bin
github.com/tc-hib/[email protected]/testdata/sfx.exe
.exe windows x86

e6f39b3587ab9278fb99290006fa6b09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
VariantClear
SysStringLen

ole32

CoCreateInstance
CoInitialize
CoUninitialize
OleInitialize

user32

CheckDlgButton
IsDlgButtonChecked
EndDialog
SetDlgItemTextW
GetFocus
SetFocus
GetKeyState
InvalidateRect
SetWindowTextW
EnableWindow
PostMessageW
MessageBoxW
SetTimer
DialogBoxParamW
SetWindowLongW
GetWindowLongW
ShowWindow
MoveWindow
ScreenToClient
GetDlgItem
GetWindowRect
MapDialogRect
SystemParametersInfoW
GetWindowTextLengthW
GetWindowTextW
SendMessageW
LoadStringW
CharUpperW
LoadIconW
GetParent
SetCursor
LoadCursorW
KillTimer

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHGetMalloc

msvcrt

memmove
memcpy
malloc
_CxxThrowException
free
wcsstr
wcscmp
wcslen
wcscat
_beginthreadex
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_purecall
memcmp
__CxxFrameHandler
memset

kernel32

GetStartupInfoA
InitializeCriticalSection
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
VirtualFree
VirtualAlloc
GetCurrentProcess
SetPriorityClass
DeleteCriticalSection
Sleep
EnterCriticalSection
LeaveCriticalSection
FileTimeToLocalFileTime
WaitForMultipleObjects
GetFileInformationByHandle
GetStdHandle
FileTimeToSystemTime
CompareFileTime
SetEndOfFile
WriteFile
ReadFile
SetFilePointer
GetFileSize
GetLogicalDriveStringsW
GetFileAttributesW
GetModuleHandleA
FindNextFileW
FindFirstFileW
FindClose
GetTickCount
GetCurrentDirectoryW
SetLastError
DeleteFileW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
SetFileAttributesW
CreateFileW
SetFileTime
CloseHandle
FormatMessageW
LocalFree
GetModuleFileNameW
MultiByteToWideChar
GetLastError
GetVersionExW
GetProcAddress
FreeLibrary
GetCommandLineW
LoadLibraryW

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/signed.exe
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Code Sign

52:e1:e9:f2:61:d2:1a:ba:47:06:2a:55:61:70:ad:c9
Certificate

Issuer

CN=My CA

Not Before

05/03/2021, 12:40

Not After

31/12/2039, 23:59

Subject

CN=My SPC

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

bd:40:2d:e4:fa:40:91:83:f4:6b:98:b4:3a:5b:b7:b9:9c:0e:7e:80
Signer

Actual PE Digest

bd:40:2d:e4:fa:40:91:83:f4:6b:98:b4:3a:5b:b7:b9:9c:0e:7e:80

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=My SPC

15/12/2022, 13:51
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/vi.json
github.com/tc-hib/[email protected]/testdata/vs.exe
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/vs0.exe
.exe windows x64

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__current_exception
memset
__C_specific_handler
__std_terminate

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_register_onexit_function
_initterm_e
_initialize_onexit_table
_register_thread_local_exe_atexit_callback
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_c_exit
_set_app_type
_seh_filter_exe
_cexit
__p___argv
_initterm
_exit
exit
terminate
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

GetModuleHandleW
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/vs032.exe
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/testdata/vs32.exe
.exe windows x86

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp140

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

vcruntime140

_except_handler4_common
__std_terminate
memset
__current_exception
__current_exception_context
__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment
__p___argv
_controlfp_s
terminate
_exit
exit
_register_thread_local_exe_atexit_callback
_c_exit
_configure_narrow_argv
_crt_atexit
_set_app_type
_seh_filter_exe
_cexit
_initterm_e
_initterm
_get_initial_narrow_environment
__p___argc

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
github.com/tc-hib/[email protected]/version/binary.go
github.com/tc-hib/[email protected]/version/binary_test.go
github.com/tc-hib/[email protected]/version/errors.go
github.com/tc-hib/[email protected]/version/json.go
github.com/tc-hib/[email protected]/version/json_test.go
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes1.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes2.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_DLL.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_Empty.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrCodePage.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrEOF1.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrEOF2.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrEOF3.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrInvalidLangID.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrInvalidSignature.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrLength1.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrLength2.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrStringLength.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_ErrTruncFixed.golden
github.com/tc-hib/[email protected]/version/testdata/TestFromBytes_OtherType.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_Bytes1.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_Bytes2.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_Bytes_DLL.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_Bytes_Empty.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_Bytes_OtherType.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_SetFileVersion.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_SetFileVersion_Empty.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_SetProductVersion.golden
github.com/tc-hib/[email protected]/version/testdata/TestInfo_SetProductVersion_Empty.golden
github.com/tc-hib/[email protected]/version/timestamp.go
github.com/tc-hib/[email protected]/version/version.go
github.com/tc-hib/[email protected]/version/version_test.go
github.com/tc-hib/[email protected]/winres.go
github.com/tc-hib/[email protected]/winres_test.go

Sharing

General

Malware Config

Signatures

Files

Password: infected

a320612352dab7d3fccf83af8cd2dbec

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 408B

.rsrc Size: 134KB - Virtual size: 134KB

.reloc Size: 512B - Virtual size: 44B

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 904B

.rsrc Size: 101KB - Virtual size: 100KB

.reloc Size: 512B - Virtual size: 412B

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 412B

.rsrc Size: 1024B - Virtual size: 1024B

.png Size: 512B - Virtual size: 441B

b13c46bd7de0bc18b0ce19ab846593f2

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Sections

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 408B

.rsrc
Size: 134KB - Virtual size: 134KB

.reloc
Size: 512B - Virtual size: 44B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 904B

.rsrc
Size: 101KB - Virtual size: 100KB

.reloc
Size: 512B - Virtual size: 412B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 412B

.rsrc
Size: 1024B - Virtual size: 1024B

.png
Size: 512B - Virtual size: 441B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 412B

.rsrc
Size: 101KB - Virtual size: 100KB

52:e1:e9:f2:61:d2:1a:ba:47:06:2a:55:61:70:ad:c9
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

cf:5f:1c:b1:73:b0:68:08:84:cb:05:3b:79:18:22:2f:cf:ba:37:5c
Signer

15/12/2022, 13:51
Valid: false

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 408B

.rsrc
Size: 101KB - Virtual size: 100KB

.reloc
Size: 512B - Virtual size: 44B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 412B

old.rsrc
Size: 1024B - Virtual size: 557B

.png
Size: 512B - Virtual size: 441B

.rsrc
Size: 101KB - Virtual size: 100KB