D:\a\AmongUsMenu\AmongUsMenu\Debug\AmongUsMenu.pdb
Static task
static1
1 signatures
General
-
Target
DeltaHack.rar
-
Size
5.7MB
-
MD5
263a4d83eb32643e1db834aacadca8cf
-
SHA1
2cdc10af9bfa44d5311ac9f28bd34b1d2459aa6b
-
SHA256
5e7da6a5c6ba86a3e78896609e4c46d5ac75ff93870608e99d4c4a49d9599133
-
SHA512
cf6c843072dcbf75e22d14e6d47a3e4c92b5944b15250c740263d09d02e3abd0af7257719a9919c6b3717d83046591b38a749adab912b55c0c50cc5194451e0c
-
SSDEEP
98304:vn9BbjYBuPICwtrebsfF7z/61pHpa+GMEB8ve7KeT9ThL4kLJcEOEaY24m:rbfICOicF7r61QMEuve2i99LHeEVaYq
Score
3/10
Malware Config
Signatures
-
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
resource unpack001/Data/AmongUsMenu.dll unpack003/AmongUsMenu.dll unpack001/ModMenu.exe unpack001/version.dll
Files
-
DeltaHack.rar.rar
Password: 1020
-
Accessible.tlb
-
Data/AmongUsMenu.dll.dll windows:6 windows x86 arch:x86
Password: 1020
87fd536117983d0fa09ec51cbaa80c04
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetCurrentThreadId
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
VirtualProtectEx
VirtualQueryEx
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryExA
LoadLibraryExW
CreateThread
DisableThreadLibraryCalls
GetModuleHandleA
K32GetModuleInformation
QueryPerformanceCounter
QueryPerformanceFrequency
LoadResource
LockResource
SizeofResource
FindResourceW
GetModuleFileNameW
AllocConsole
SetConsoleOutputCP
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryA
VerSetConditionMask
VerifyVersionInfoW
GetCurrentThread
FreeLibraryAndExitThread
FreeConsole
SetEndOfFile
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
OutputDebugStringW
WriteFile
HeapQueryInformation
HeapSize
HeapReAlloc
ExitThread
ReadFile
ExitProcess
WriteConsoleW
GetCurrentProcess
GetLastError
GetModuleHandleW
GetUserDefaultLocaleName
CreateSemaphoreW
CloseHandle
GetFileType
GetStdHandle
SetEvent
WaitForSingleObject
CreateEventW
ReleaseSemaphore
FormatMessageA
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
RaiseException
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
RtlCaptureStackBackTrace
IsProcessorFeaturePresent
LocalFree
GetLocaleInfoEx
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetFullPathNameW
SetFileAttributesW
SetFileInformationByHandle
SetFileTime
GetTempPathW
AreFileApisANSI
DeviceIoControl
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
SleepConditionVariableCS
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetSystemTimeAsFileTime
GetTickCount64
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
EncodePointer
DecodePointer
LCMapStringEx
WaitForSingleObjectEx
Sleep
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
CompareStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
InitializeCriticalSectionAndSpinCount
ResetEvent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
HeapAlloc
HeapFree
GetProcessHeap
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
HeapValidate
GetSystemInfo
user32
CallWindowProcW
GetDC
SetProcessDPIAware
MonitorFromWindow
LoadCursorW
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
GetKeyState
IsChild
EmptyClipboard
GetClipboardData
ReleaseDC
CloseClipboard
OpenClipboard
MessageBoxW
GetKeyboardState
DestroyWindow
CreateWindowExW
RegisterClassExW
UnregisterClassW
DefWindowProcW
SystemParametersInfoW
SetWindowLongW
GetWindowRect
SetClipboardData
gdi32
GetDeviceCaps
DeleteObject
GetFontData
SelectObject
CreateFontIndirectW
d3d11
D3D11CreateDeviceAndSwapChain
imm32
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ole32
CoGetObjectContext
CoGetApartmentType
Sections
.textbss Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 4.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 33KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.detourc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 1024B - Virtual size: 794B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 184KB - Virtual size: 183KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 150KB - Virtual size: 150KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Data/Data.rar.rar
Password: 1020
-
AmongUsMenu.dll.dll windows:6 windows x86 arch:x86
Password: 1020
87fd536117983d0fa09ec51cbaa80c04
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\a\AmongUsMenu\AmongUsMenu\Debug\AmongUsMenu.pdb
Imports
kernel32
GetCurrentThreadId
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
VirtualProtectEx
VirtualQueryEx
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryExA
LoadLibraryExW
CreateThread
DisableThreadLibraryCalls
GetModuleHandleA
K32GetModuleInformation
QueryPerformanceCounter
QueryPerformanceFrequency
LoadResource
LockResource
SizeofResource
FindResourceW
GetModuleFileNameW
AllocConsole
SetConsoleOutputCP
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryA
VerSetConditionMask
VerifyVersionInfoW
GetCurrentThread
FreeLibraryAndExitThread
FreeConsole
SetEndOfFile
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
OutputDebugStringW
WriteFile
HeapQueryInformation
HeapSize
HeapReAlloc
ExitThread
ReadFile
ExitProcess
WriteConsoleW
GetCurrentProcess
GetLastError
GetModuleHandleW
GetUserDefaultLocaleName
CreateSemaphoreW
CloseHandle
GetFileType
GetStdHandle
SetEvent
WaitForSingleObject
CreateEventW
ReleaseSemaphore
FormatMessageA
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
RaiseException
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
RtlCaptureStackBackTrace
IsProcessorFeaturePresent
LocalFree
GetLocaleInfoEx
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetFullPathNameW
SetFileAttributesW
SetFileInformationByHandle
SetFileTime
GetTempPathW
AreFileApisANSI
DeviceIoControl
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
SleepConditionVariableCS
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetSystemTimeAsFileTime
GetTickCount64
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
EncodePointer
DecodePointer
LCMapStringEx
WaitForSingleObjectEx
Sleep
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
CompareStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
InitializeCriticalSectionAndSpinCount
ResetEvent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
HeapAlloc
HeapFree
GetProcessHeap
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
HeapValidate
GetSystemInfo
user32
CallWindowProcW
GetDC
SetProcessDPIAware
MonitorFromWindow
LoadCursorW
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
GetKeyState
IsChild
EmptyClipboard
GetClipboardData
ReleaseDC
CloseClipboard
OpenClipboard
MessageBoxW
GetKeyboardState
DestroyWindow
CreateWindowExW
RegisterClassExW
UnregisterClassW
DefWindowProcW
SystemParametersInfoW
SetWindowLongW
GetWindowRect
SetClipboardData
gdi32
GetDeviceCaps
DeleteObject
GetFontData
SelectObject
CreateFontIndirectW
d3d11
D3D11CreateDeviceAndSwapChain
imm32
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ole32
CoGetObjectContext
CoGetApartmentType
Sections
.textbss Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 4.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 33KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.detourc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 1024B - Virtual size: 794B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 184KB - Virtual size: 183KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 150KB - Virtual size: 150KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Xenos64.exe.exe windows:6 windows x64 arch:x64
Password: 1020
1289da8dfbe89c00ffe29358269ce448
Code Sign
16:e9:b8:bb:70:0e:18:57:b2:b0:80:9d:3c:f1:51:35Certificate
IssuerCN=BlackBoneSPCNot Before12/09/2014, 10:21Not After31/12/2039, 23:59SubjectCN=BlackBoneSPC48:7f:63:93:88:59:b7:2c:b3:3c:ff:5b:30:87:ac:44:cb:45:9f:4aSigner
Actual PE Digest48:7f:63:93:88:59:b7:2c:b3:3c:ff:5b:30:87:ac:44:cb:45:9f:4aDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Ton\Documents\Visual Studio 2017\Projects\Xenos\build\x64\Release\Xenos64.pdb
Imports
shlwapi
SHDeleteKeyW
SHSetValueW
dbghelp
MiniDumpWriteDump
kernel32
DeleteFileW
CloseHandle
RaiseException
LoadResource
FindResourceW
DecodePointer
GetWindowsDirectoryW
DeleteCriticalSection
CreateProcessW
GetCurrentProcess
GetModuleFileNameW
WaitForSingleObject
GetCurrentThreadId
Sleep
CreateThread
GetLocalTime
ExitProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
FlushFileBuffers
GetFileAttributesW
ResumeThread
LockResource
GetNativeSystemInfo
GetModuleHandleW
GetLastError
Wow64RevertWow64FsRedirection
CreateFileW
InitializeCriticalSectionEx
Wow64DisableWow64FsRedirection
WriteFile
VirtualProtect
SetEndOfFile
WriteConsoleW
ReadConsoleW
HeapSize
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetProcessHeap
GetTimeZoneInformation
SetFilePointerEx
EnumSystemLocalesW
SizeofResource
GetCommandLineW
GetExitCodeThread
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FormatMessageW
LocalFree
WideCharToMultiByte
DeviceIoControl
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
VirtualAlloc
TerminateProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetExitCodeProcess
Thread32Next
Thread32First
CreateActCtxW
GetTempPathW
UnmapViewOfFile
GetTempFileNameW
CreateFileMappingW
ReleaseActCtx
MapViewOfFile
ResetEvent
GetTickCount
LoadLibraryW
GetProcAddress
FreeLibrary
GetSystemInfo
VirtualAllocEx
VirtualFreeEx
ActivateActCtx
GetEnvironmentVariableW
GetSystemDirectoryW
DeactivateActCtx
GetSystemWow64DirectoryW
Module32FirstW
GetCurrentDirectoryW
GetCurrentThread
ReadFile
TerminateThread
OpenProcess
IsWow64Process
SuspendThread
GetThreadTimes
OpenThread
WriteProcessMemory
VirtualProtectEx
GetThreadContext
ReadProcessMemory
CreateRemoteThread
SetThreadContext
VirtualQueryEx
GetStringTypeW
TryEnterCriticalSection
DuplicateHandle
WaitForSingleObjectEx
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
OutputDebugStringW
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
GetVersionExW
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwindEx
RtlPcToFileHeader
HeapAlloc
HeapFree
ExitThread
GetModuleHandleExW
HeapReAlloc
GetStdHandle
GetACP
GetFileType
GetConsoleCP
GetConsoleMode
GetDateFormatW
user32
DestroyIcon
LoadIconW
ChangeWindowMessageFilterEx
EnableMenuItem
wsprintfW
GetMessageW
CreateDialogParamW
CallWindowProcW
DestroyWindow
MessageBoxW
SetWindowLongPtrW
SendMessageW
EndDialog
SetWindowTextW
CreateWindowExW
ShowWindow
IsWindow
DispatchMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
SendMessageA
GetDlgItem
DialogBoxParamW
EnableWindow
GetWindowTextW
GetMenu
LoadAcceleratorsW
comdlg32
GetSaveFileNameW
GetOpenFileNameW
shell32
DragQueryFileW
CommandLineToArgvW
advapi32
RegOpenKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegEnumValueW
OpenThreadToken
RegCreateKeyW
RegSetValueExW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
ole32
CoCreateInstance
CoUninitialize
CoInitialize
Exports
Exports
??0Assembler@asmjit@@QEAA@PEAURuntime@1@@Z
??0CodeGen@asmjit@@QEAA@PEAURuntime@1@@Z
??0HostRuntime@asmjit@@QEAA@XZ
??0JitRuntime@asmjit@@QEAA@XZ
??0Runtime@asmjit@@QEAA@XZ
??0StaticRuntime@asmjit@@QEAA@PEAX_K@Z
??0VMemMgr@asmjit@@QEAA@PEAX@Z
??0X86Assembler@asmjit@@QEAA@PEAURuntime@1@I@Z
??0Zone@asmjit@@QEAA@_K@Z
??1Assembler@asmjit@@UEAA@XZ
??1CodeGen@asmjit@@UEAA@XZ
??1HostRuntime@asmjit@@UEAA@XZ
??1JitRuntime@asmjit@@UEAA@XZ
??1Runtime@asmjit@@UEAA@XZ
??1StaticRuntime@asmjit@@UEAA@XZ
??1VMemMgr@asmjit@@QEAA@XZ
??1X86Assembler@asmjit@@UEAA@XZ
??1Zone@asmjit@@QEAA@XZ
??_FVMemMgr@asmjit@@QEAAXXZ
?_alloc@Zone@asmjit@@QEAAPEAX_K@Z
?_emit@X86Assembler@asmjit@@UEAAIIAEBUOperand@2@000@Z
?_grow@Assembler@asmjit@@QEAAI_K@Z
?_grow@PodVectorBase@asmjit@@IEAAI_K0@Z
?_newLabel@Assembler@asmjit@@QEAAIPEAULabel@2@@Z
?_newLabelLink@Assembler@asmjit@@QEAAPEAULabelLink@2@XZ
?_nullData@PodVectorBase@asmjit@@2UPodVectorData@2@B
?_registerIndexedLabels@Assembler@asmjit@@QEAAI_K@Z
?_relocCode@X86Assembler@asmjit@@UEBA_KPEAX_K@Z
?_reserve@Assembler@asmjit@@QEAAI_K@Z
?_reserve@PodVectorBase@asmjit@@IEAAI_K0@Z
?_x86CondToCmovcc@asmjit@@3QBIB
?_x86CondToJcc@asmjit@@3QBIB
?_x86CondToSetcc@asmjit@@3QBIB
?_x86InstExtendedInfo@asmjit@@3QBUX86InstExtendedInfo@1@B
?_x86InstInfo@asmjit@@3QBUX86InstInfo@1@B
?_x86ReverseCond@asmjit@@3QBIB
?add@JitRuntime@asmjit@@UEAAIPEAPEAXPEAUAssembler@2@@Z
?add@StaticRuntime@asmjit@@UEAAIPEAPEAXPEAUAssembler@2@@Z
?align@X86Assembler@asmjit@@UEAAIII@Z
?alloc@VMemMgr@asmjit@@QEAAPEAX_KI@Z
?alloc@VMemUtil@asmjit@@SAPEAX_KPEA_KI@Z
?allocProcessMemory@VMemUtil@asmjit@@SAPEAXPEAX_KPEA_KI@Z
?allocZeroed@Zone@asmjit@@QEAAPEAX_K@Z
?bind@Assembler@asmjit@@UEAAIAEBULabel@2@@Z
?callCpuId@X86CpuUtil@asmjit@@SAXIIPEATX86CpuId@2@@Z
?detect@X86CpuUtil@asmjit@@SAXPEAUX86CpuInfo@2@@Z
?detectHwThreadsCount@CpuInfo@asmjit@@SAIXZ
?dup@Zone@asmjit@@QEAAPEAXPEBX_K@Z
?embed@Assembler@asmjit@@UEAAIPEBXI@Z
?embedLabel@X86Assembler@asmjit@@QEAAIAEBULabel@2@@Z
?emit@Assembler@asmjit@@QEAAII@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@00_K@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@0_K@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@H@Z
?emit@Assembler@asmjit@@QEAAIIAEBUOperand@2@_K@Z
?emit@Assembler@asmjit@@QEAAIIH@Z
?emit@Assembler@asmjit@@QEAAII_K@Z
?flush@HostRuntime@asmjit@@UEAAXPEAX_K@Z
?getCpuInfo@HostRuntime@asmjit@@UEAAPEBUCpuInfo@2@XZ
?getHost@CpuInfo@asmjit@@SAPEBU12@XZ
?getPageGranularity@VMemUtil@asmjit@@SA_KXZ
?getPageSize@VMemUtil@asmjit@@SA_KXZ
?getStackAlignment@HostRuntime@asmjit@@UEAAIXZ
?make@Assembler@asmjit@@UEAAPEAXXZ
?noOperand@asmjit@@3UOperand@1@B
?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KAEBUX86Reg@2@IHI@Z
?ptr_abs@x86@asmjit@@YA?AUX86Mem@2@_KHI@Z
?release@JitRuntime@asmjit@@UEAAIPEAX@Z
?release@StaticRuntime@asmjit@@UEAAIPEAX@Z
?release@VMemMgr@asmjit@@QEAAIPEAX@Z
?release@VMemUtil@asmjit@@SAIPEAX_K@Z
?releaseProcessMemory@VMemUtil@asmjit@@SAIPEAX0_K@Z
?relocCode@Assembler@asmjit@@QEBA_KPEAX_K@Z
?reset@Assembler@asmjit@@QEAAX_N@Z
?reset@PodVectorBase@asmjit@@QEAAX_N@Z
?reset@VMemMgr@asmjit@@QEAAXXZ
?reset@Zone@asmjit@@QEAAX_N@Z
?sdup@Zone@asmjit@@QEAAPEADPEBD@Z
?setArch@X86Assembler@asmjit@@QEAAII@Z
?setError@CodeGen@asmjit@@QEAAIIPEBD@Z
?setErrorHandler@CodeGen@asmjit@@QEAAIPEAUErrorHandler@2@@Z
?sformat@Zone@asmjit@@QEAAPEADPEBDZZ
?shrink@VMemMgr@asmjit@@QEAAIPEAX_K@Z
?x86RegData@asmjit@@3UX86RegData@1@B
Sections
.text Size: 745KB - Virtual size: 744KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 258KB - Virtual size: 257KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 35KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 321KB - Virtual size: 320KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Data/Debug/Addition.dll
-
Data/Debug/Autoupdater.ini
-
Data/Debug/Cracker.dll
-
Data/Debug/DebugPPF.tmp
-
Data/Debug/DebugPPT.tmp
-
Data/Debug/Management.log
-
Data/Debug/main.ini
-
Data/Language.pimx
-
Data/Packaged/Main.ini.xml
-
Data/Packaged/Utils.dll.xml
-
Data/Resource.dll
-
Debug/AAM/IPC/IPC.pima.zip
Password: 1020
-
AdobeIPCBroker.exe.exe windows:6 windows x86 arch:x86
Password: 1020
b78757e60c78fbd8d0549e7a1e0d29a1
Code Sign
0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before26/10/2018, 00:00Not After03/11/2021, 12:00SubjectSERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12/01/2016, 00:00Not After11/01/2031, 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before02/01/2017, 00:00Not After01/04/2028, 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43Signer
Actual PE Digestac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
AdobeIPCBroker.pdb
Imports
ws2_32
htonl
getsockopt
ioctlsocket
connect
closesocket
listen
getsockname
bind
WSAGetLastError
WSASetLastError
WSAStartup
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
send
select
recv
ntohs
inet_ntoa
inet_addr
htons
__WSAFDIsSet
kernel32
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetLastError
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
FindFirstFileW
FindNextFileW
InitializeCriticalSectionEx
FindClose
RaiseException
DecodePointer
ReleaseMutex
CreateMutexA
Sleep
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
CreateMutexW
FreeLibrary
CreateProcessW
GetProcAddress
CloseHandle
LoadLibraryA
MultiByteToWideChar
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
InitializeCriticalSection
GetThreadPriority
HeapSize
HeapFree
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
FindNextFileA
SwitchToThread
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentVariableW
GetCurrentProcessId
ReadFile
WriteFile
ConnectNamedPipe
GetOverlappedResult
OpenProcess
QueryFullProcessImageNameW
GetNamedPipeServerProcessId
GetLocalTime
GetCurrentThread
GetTickCount
GetEnvironmentStringsW
SetStdHandle
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
SetEndOfFile
SetFilePointerEx
UnlockFile
GetTempPathW
DuplicateHandle
PeekNamedPipe
CreateNamedPipeW
SetEvent
ResetEvent
CreateEventW
GetCurrentProcess
SetThreadPriority
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleHandleExW
LoadLibraryExW
WaitForMultipleObjects
GetNamedPipeInfo
LocalAlloc
LocalReAlloc
LocalFree
FormatMessageW
LCMapStringW
SetFilePointer
RtlCaptureStackBackTrace
TerminateProcess
GlobalAlloc
GlobalFree
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
QueryPerformanceCounter
IsDebuggerPresent
GetStartupInfoW
WideCharToMultiByte
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CompareStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedPushEntrySList
GetDriveTypeW
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetFullPathNameA
HeapAlloc
FindFirstFileExA
user32
SetWindowLongW
RegisterClassW
CreateWindowExW
SetTimer
KillTimer
TranslateMessage
DispatchMessageW
PostMessageW
PostQuitMessage
DestroyWindow
MsgWaitForMultipleObjectsEx
GetWindowLongW
GetShellWindow
EnumWindows
GetWindowThreadProcessId
DefWindowProcW
PeekMessageW
advapi32
GetUserNameW
RegCloseKey
CreateProcessWithTokenW
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
ole32
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
OleRun
CoUninitialize
oleaut32
SysFreeString
SysAllocString
VariantInit
VariantClear
shell32
ShellExecuteExW
SHCreateDirectoryExW
CommandLineToArgvW
Sections
.text Size: 748KB - Virtual size: 747KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 197KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 17KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 596B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
customhook/AdobeIPCBrokerCustomHook.exe.exe windows:6 windows x86 arch:x86
Password: 1020
85aa1a3ec9a324deb93be1db280c6b57
Code Sign
0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before26/10/2018, 00:00Not After03/11/2021, 12:00SubjectSERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12/01/2016, 00:00Not After11/01/2031, 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before02/01/2017, 00:00Not After01/04/2028, 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54Signer
Actual PE Digest45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
AdobeIPCBrokerCustomHook.pdb
Imports
shlwapi
PathAppendW
kernel32
RaiseException
HeapSize
TerminateProcess
GetTempPathW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CloseHandle
CreateFileW
ReadConsoleW
WriteConsoleW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
SetEndOfFile
GetLastError
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
SetFilePointerEx
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
user32
FindWindowExW
PostMessageW
Sections
.text Size: 118KB - Virtual size: 118KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Debug/AAM/IPC/IPC.pimx
-
Debug/AAM/IPC/IPC.sig.xml
-
Debug/resources/AdobePIM.dll.dll windows:5 windows x86 arch:x86
Password: 1020
dd6ba004004c70f4eb3bbd4c9ec97b28
Code Sign
06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29Certificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before31/01/2019, 00:00Not After03/02/2021, 12:00SubjectSERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/10/2019, 00:00Not After17/10/2030, 00:00SubjectCN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
54:9e:86:75:de:ec:b8:47:4c:ba:a5:7d:83:53:a2:3b:25:dc:dd:a5:31:88:42:96:16:ee:64:6e:89:81:6a:d4Signer
Actual PE Digest54:9e:86:75:de:ec:b8:47:4c:ba:a5:7d:83:53:a2:3b:25:dc:dd:a5:31:88:42:96:16:ee:64:6e:89:81:6a:d4Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
AdobePIM.pdb
Imports
msi
ord147
ord74
ord145
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
psapi
GetModuleFileNameExW
GetProcessImageFileNameW
EnumProcessModules
wtsapi32
WTSEnumerateSessionsW
WTSFreeMemory
shlwapi
PathIsFileSpecW
PathAddExtensionW
PathRemoveFileSpecA
PathIsDirectoryA
PathIsDirectoryEmptyW
PathIsSystemFolderW
PathIsRootW
PathRenameExtensionW
PathIsDirectoryW
PathAppendW
PathRemoveBackslashW
PathStripPathW
PathAppendA
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
PathRemoveExtensionW
shell32
ShellExecuteExW
SHCreateDirectoryExW
SHGetFolderLocation
SHGetSpecialFolderPathW
SHGetKnownFolderPath
SHGetPathFromIDListW
SHGetFolderPathW
ord680
CommandLineToArgvW
ord51
SHCreateItemFromParsingName
winhttp
WinHttpOpen
WinHttpReceiveResponse
WinHttpSetTimeouts
WinHttpQueryHeaders
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetCredentials
WinHttpSendRequest
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpConnect
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpSetOption
kernel32
TlsFree
TlsSetValue
TlsGetValue
CompareStringW
SwitchToThread
InitializeCriticalSectionAndSpinCount
GetStringTypeW
EncodePointer
TlsAlloc
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetTimeZoneInformation
ExitProcess
GetStdHandle
GetFileType
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
DeleteCriticalSection
ReleaseSemaphore
CreateMutexW
WaitForSingleObject
LocalAlloc
ReleaseMutex
Sleep
OpenSemaphoreW
CloseHandle
LocalFree
GetCurrentProcessId
CreateSemaphoreW
CreateDirectoryW
GetTempPathW
MultiByteToWideChar
SetEvent
ResetEvent
GetCommandLineW
CreateProcessW
GetLocalTime
GetTimeFormatW
GetDateFormatW
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
FindFirstFileW
FindNextFileW
TerminateProcess
RemoveDirectoryW
FindClose
SetEnvironmentVariableW
SetFileAttributesW
CreateEventW
GetDiskFreeSpaceExW
CreateThread
CopyFileW
lstrcmpiW
lstrcmpW
GetExitCodeProcess
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
GetCurrentProcess
GetFileSizeEx
lstrlenW
GetACP
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
FindResourceW
MoveFileExW
GlobalAlloc
GlobalFree
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetLastError
DuplicateHandle
ProcessIdToSessionId
TerminateThread
FindResourceExW
lstrcpyW
QueryFullProcessImageNameW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToSystemTime
OpenMutexW
GetUserDefaultLCID
LCMapStringW
GetUserDefaultLangID
GetUserDefaultUILanguage
SetFilePointerEx
ResumeThread
SetStdHandle
WriteConsoleW
QueryPerformanceFrequency
GetVersionExW
CreateFileMappingW
user32
wsprintfW
EnumWindows
GetWindowThreadProcessId
GetShellWindow
advapi32
InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegQueryValueExW
FreeSid
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyExW
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupAccountSidW
CreateWellKnownSid
EqualSid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW
ole32
CoUninitialize
CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoInitialize
CoCreateGuid
StringFromGUID2
CLSIDFromProgID
OleRun
CLSIDFromString
oleaut32
SysStringLen
VariantChangeType
VariantInit
SysFreeString
SysAllocString
VariantClear
VariantCopy
GetErrorInfo
crypt32
CertGetNameStringW
wintrust
WinVerifyTrust
WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
Exports
Exports
AAMIU_Uninstall
AAMIU_getDeploymentValidationStatus
AAMIU_preInstallPropertySet
pim_createLibraryRef
pim_freeLibraryRef
pim_freeLiraryRef
pim_freeString
pim_getAppletAndPackageInfo
pim_getAppletRegistrationInfo
pim_getAppletRelationshipInfo
pim_getCurrentCCVersion
pim_getCurrentPackagesVersion
pim_getInstallStatus
pim_getInstalledPackagesInfo
pim_launchACCCUninstallerExecutableAsAdmin
pim_selfUpdateCheck
pim_selfUpdateCheckWithData
pim_startWorkflow
pim_startWorkflowWithData
pim_syncFromPathToACF
pim_syncFromPathToPath
pim_syncUSFToACF
pim_uninstallAAMFromAAMCleanerTool
pim_uninstallAAMUsingAAMCleanerTool
pim_uninstallACCC64FromACCCCleanerTool
pim_uninstallACCCFromACCCCleanerTool
pim_uninstallADC64UsingADCCleanerTool
pim_uninstallADCUsingADCCleanerTool
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 356KB - Virtual size: 356KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 66KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Debug/resources/Config.xml.xml
-
EULAzoGC4F1Djp.cfg
-
Main.ini
-
ModMenu.exe.exe windows:6 windows x86 arch:x86
dcdd7fda4b828a13bab9a0dd63981aa0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
comdlg32
GetSaveFileNameA
GetOpenFileNameA
user32
GetDlgItemTextA
wsprintfA
MessageBoxA
LoadCursorA
GetClassInfoA
CheckDlgButton
SetWindowLongA
CallWindowProcA
GetActiveWindow
kernel32
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
VirtualProtect
VirtualAlloc
LoadLibraryA
GetProcAddress
lstrlenW
CreateThread
Sleep
WaitForSingleObject
FreeConsole
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
HeapReAlloc
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetFileType
GetStringTypeW
CompareStringW
LCMapStringW
GetProcessHeap
HeapSize
DecodePointer
Sections
.text Size: 66KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.jZRHo Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 616KB - Virtual size: 616KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
main Size: 4KB - Virtual size: 4KB
IMAGE_SCN_MEM_READ
-
Password 1020.txt
-
READ ME.txt
-
update-settings.ini
-
updater.ini
-
version.dll.dll windows:6 windows x86 arch:x86
41ffde01063f9b9a2c67bc121824ef45
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\a\AmongUsMenu\AmongUsMenu\Debug_Version\version.pdb
Imports
kernel32
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
VirtualProtectEx
VirtualQueryEx
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryExA
LoadLibraryExW
CreateThread
DisableThreadLibraryCalls
GetModuleHandleA
K32GetModuleInformation
QueryPerformanceCounter
QueryPerformanceFrequency
LoadResource
LockResource
SizeofResource
FindResourceW
GetModuleFileNameW
AllocConsole
SetConsoleOutputCP
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryA
VerSetConditionMask
VerifyVersionInfoW
CreateEventW
GetCurrentThreadId
FreeConsole
GetSystemDirectoryA
SetEndOfFile
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
OutputDebugStringW
WriteFile
HeapQueryInformation
HeapSize
HeapReAlloc
ExitThread
ReadFile
ExitProcess
WriteConsoleW
GetFileType
GetCurrentThread
GetCurrentProcess
GetLastError
GetModuleHandleW
GetUserDefaultLocaleName
CreateSemaphoreW
GetStdHandle
GetSystemInfo
CloseHandle
WaitForSingleObject
FreeLibraryAndExitThread
ReleaseSemaphore
FormatMessageA
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
RaiseException
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
RtlCaptureStackBackTrace
IsProcessorFeaturePresent
LocalFree
GetLocaleInfoEx
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetFullPathNameW
SetFileAttributesW
SetFileInformationByHandle
SetFileTime
GetTempPathW
AreFileApisANSI
DeviceIoControl
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
GetStringTypeW
WaitForSingleObjectEx
Sleep
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
SleepConditionVariableCS
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetSystemTimeAsFileTime
GetTickCount64
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
EncodePointer
DecodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
HeapAlloc
HeapFree
GetProcessHeap
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
HeapValidate
user32
CallWindowProcW
GetDC
MessageBoxA
SetProcessDPIAware
MonitorFromWindow
LoadCursorW
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
GetKeyState
IsChild
EmptyClipboard
ReleaseDC
SetClipboardData
CloseClipboard
OpenClipboard
MessageBoxW
GetKeyboardState
DestroyWindow
CreateWindowExW
RegisterClassExW
UnregisterClassW
DefWindowProcW
SystemParametersInfoW
SetWindowLongW
GetWindowRect
GetClipboardData
gdi32
GetDeviceCaps
DeleteObject
GetFontData
SelectObject
CreateFontIndirectW
d3d11
D3D11CreateDeviceAndSwapChain
imm32
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ole32
CoGetObjectContext
CoGetApartmentType
Exports
Exports
GetFileVersionInfoA
GetFileVersionInfoByHandle
GetFileVersionInfoExA
GetFileVersionInfoExW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeExA
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueW
Sections
.textbss Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 4.1MB - Virtual size: 4.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 33KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.detourc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 1024B - Virtual size: 794B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 184KB - Virtual size: 183KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 151KB - Virtual size: 150KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ