Extracted

• e76544ebe31e986d7d0504e534dfcc19ccf38e9ef4563c61b29640fb7cd1447d

  .dll windows:6 windows x64 arch:x64

  946322953922d97766966f310f9d31d2

  
  

  Code Sign

  43:2d:c2:43:5b:09:8f:4c

  Certificate

  Issuer

  CN=dcd64d77-2c9f-4758-9d1d-03d19608247c

  Not Before

  08/12/2021, 18:53

  Not After

  09/12/2022, 06:53

  Subject

  CN=dcd64d77-2c9f-4758-9d1d-03d19608247c

  0a:4a:34:96:7e:72:56:15:61:57:43:e0:fe:ed:b9:59:b0:6d:58:33:9d:48:6b:fc:07:fe:06:64:85:e9:65:9b

  Signer

  Actual PE Digest

  0a:4a:34:96:7e:72:56:15:61:57:43:e0:fe:ed:b9:59:b0:6d:58:33:9d:48:6b:fc:07:fe:06:64:85:e9:65:9b

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  C:\Users\area51m\source\repos\Project1\x64\Release\ReflictiveDll.pdb

  Imports

  kernel32

  CreateTimerQueueTimer

  OutputDebugStringA

  DeleteFiber

  WaitForSingleObject

  SwitchToFiber

  CreateEventW

  CreateThread

  ConvertFiberToThread

  ConvertThreadToFiber

  CreateFiber

  CreateTimerQueue

  IsDebuggerPresent

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  user32

  MessageBoxA

  vcruntime140

  memset

  __std_type_info_destroy_list

  __C_specific_handler

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vsprintf

  api-ms-win-crt-runtime-l1-1-0

  _seh_filter_dll

  _initterm_e

  _initterm

  _cexit

  _initialize_onexit_table

  _execute_onexit_table

  _configure_narrow_argv

  _initialize_narrow_environment

  Exports

  Exports

  ReflectiveLoader

  Sections

  .text

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 1024B - Virtual size: 528B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 248B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 40B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ