General
-
Target
Debug.zip
-
Size
2.0MB
-
MD5
b4803c71383fe12fd14614f150d87675
-
SHA1
0280aa5b1a34338f458d5384715aeadd0831e48c
-
SHA256
83e512ed02d362e56a985d9a217c095e43f9bd43a554c0801fdd71ea939a4eb7
-
SHA512
57977bc5b2ba5fea89c95a53a05cfc7dfe9b8b6694f0e56e187ca41c540e21cf7f5420dc05303d779a2baa569ed11f3c64177585162600d7e48fac226fe16524
-
SSDEEP
49152:b0+WBXu421LIb4Wqt/lpVD6G2LdeD+kkHNpHfkoStRtRo2VGg+s:4ulL4z4tWFeCkWPHfERV+s
Malware Config
Signatures
-
AgentTesla payload 1 IoCs
resource yara_rule static1/unpack001/Debug/Guna.UI2.dll family_agenttesla -
Agenttesla family
-
Unsigned PE 6 IoCs
Checks for missing Authenticode signature.
resource unpack001/Debug/CrystalAPI.dll unpack001/Debug/Killua.exe unpack001/Debug/LunarAPI.dll unpack001/Debug/VisualStudioTabControl.dll unpack001/Debug/bin/Monaco/vs/MonacoNet.dll unpack001/Debug/c543dsa312sdjadA2123.exe
Files
-
Debug.zip.zip
Password: 123
-
Debug/CrystalAPI.dll.dll windows:4 windows x64 arch:x64
Password: 123
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Sections
vAkg I3 Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 912B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Debug/Guna.UI2.dll.dll windows:4 windows x86 arch:x86
Password: 123
dae02f32a21e03ce65412f6e56942daa
Code Sign
7a:98:1b:7d:3e:b4:86:bb:45:84:c4:3c:c9:a8:3f:dbCertificate
IssuerCN=Sobatdata Root CANot Before23-10-2019 05:22Not After22-10-2025 17:00SubjectCN=Sobatdata Software0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
47:b4:cf:f5:c2:a1:e0:36:e9:3f:b8:c2:44:a0:df:33:c2:26:10:62Signer
Actual PE Digest47:b4:cf:f5:c2:a1:e0:36:e9:3f:b8:c2:44:a0:df:33:c2:26:10:62Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Debug/Killua.exe.exe windows:4 windows x86 arch:x86
Password: 123
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
E:\repos\KilluaRemake2\KilluaRemake2\obj\Debug\Killua.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 112KB - Virtual size: 111KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Debug/Killua.exe.config
-
Debug/Killua.pdb
-
Debug/LunarAPI.dll.dll windows:4 windows x86 arch:x86
Password: 123
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\hunter\source\repos\Ro Astral API\Ro Astral API\obj\Debug\Ro Astral API.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 920B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Debug/Siticone.UI.dll.dll windows:4 windows x86 arch:x86
Password: 123
dae02f32a21e03ce65412f6e56942daa
Code Sign
3a:93:0b:19:8f:29:72:9a:49:b0:8b:f3:6d:f8:17:aeCertificate
IssuerCN=Siticone Root CANot Before05-02-2020 06:42Not After22-10-2030 17:00SubjectCN=Siticone Technology03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22-10-2014 00:00Not After22-10-2024 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10-11-2006 00:00Not After10-11-2021 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
34:8f:92:bf:68:07:1b:a4:18:d3:f6:b4:4e:02:5a:2c:51:c0:51:c0Signer
Actual PE Digest34:8f:92:bf:68:07:1b:a4:18:d3:f6:b4:4e:02:5a:2c:51:c0:51:c0Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\Ilham-PC\Documents\Visual Studio 2015\Projects\Siticone.UI\Build\Release\Siticone.UI.WinForms\Siticone.UI.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Debug/VisualStudioTabControl.dll.dll windows:4 windows x86 arch:x86
Password: 123
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\Alaa\Documents\Visual Studio 2015\Projects\VisualStudioTabControl\VisualStudioTabControl\obj\Debug\VisualStudioTabControl.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Debug/bin/Monaco/Monaco.html.js
-
Debug/bin/Monaco/debug.log
-
Debug/bin/Monaco/vs/MonacoNet.dll.dll windows:6 windows x86 arch:x86
Password: 123
785d680cbd472fae503fd72ce14d28cb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
C:\AxonWare\Release\AxonWare.pdb
Imports
kernel32
FreeLibrary
FormatMessageA
ReadFile
VirtualProtect
CreateNamedPipeA
SetConsoleTextAttribute
VirtualFree
SetConsoleTitleA
GetStdHandle
VirtualAlloc
GetModuleHandleA
DisconnectNamedPipe
Sleep
DisableThreadLibraryCalls
FreeConsole
CreateThread
AddVectoredExceptionHandler
GetConsoleWindow
IsBadReadPtr
AllocConsole
ConnectNamedPipe
GetProcAddress
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
UnhandledExceptionFilter
LoadLibraryA
GetLastError
SetUnhandledExceptionFilter
GetModuleFileNameA
user32
DispatchMessageA
GetMessageA
GetCursorPos
SetCursorPos
RegisterClassExA
LoadCursorA
SetWindowPos
CreatePopupMenu
ShowWindow
SetWindowLongA
GetWindowTextA
GetWindowLongA
DefWindowProcA
CreateWindowExA
TranslateMessage
SetDlgItemTextA
SendMessageA
LoadIconA
GetWindowTextLengthA
PostQuitMessage
CreateMenu
AppendMenuA
gdi32
CreateFontA
comdlg32
GetOpenFileNameA
msvcp140
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??Bid@locale@std@@QAEIXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
ws2_32
socket
connect
gethostbyname
send
WSACleanup
WSAStartup
recv
closesocket
gethostbyaddr
inet_addr
htons
vcruntime140
__std_exception_destroy
__std_exception_copy
__std_terminate
_except_handler4_common
memset
_CxxThrowException
__std_type_info_destroy_list
__CxxFrameHandler3
strrchr
longjmp
strstr
_setjmp3
memchr
memcpy
memmove
strchr
api-ms-win-crt-stdio-l1-1-0
_fseeki64
fsetpos
fgetpos
fputs
_get_stream_buffer_pointers
feof
fgets
ungetc
ftell
fputc
fflush
clearerr
fseek
_pclose
__stdio_common_vfprintf
getc
tmpfile
fclose
__acrt_iob_func
fopen
ferror
freopen
fwrite
tmpnam
fread
setvbuf
__stdio_common_vfscanf
_popen
__stdio_common_vsprintf
fgetc
api-ms-win-crt-heap-l1-1-0
free
realloc
_callnewh
malloc
api-ms-win-crt-runtime-l1-1-0
_errno
exit
strerror
_initterm_e
_invalid_parameter_noinfo_noreturn
_initterm
_cexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
system
api-ms-win-crt-convert-l1-1-0
strtoul
strtol
strtod
api-ms-win-crt-string-l1-1-0
isspace
strncpy
strcspn
strcoll
islower
strncat
iscntrl
isalnum
isalpha
tolower
isxdigit
isupper
isdigit
toupper
strpbrk
ispunct
api-ms-win-crt-locale-l1-1-0
localeconv
setlocale
api-ms-win-crt-math-l1-1-0
_CIatan2
_CIcosh
_CIfmod
_CIsinh
_CItanh
modf
_libm_sse2_asin_precise
_libm_sse2_atan_precise
_libm_sse2_cos_precise
_libm_sse2_exp_precise
_libm_sse2_log10_precise
_libm_sse2_log_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_acos_precise
_libm_sse2_sqrt_precise
frexp
_libm_sse2_tan_precise
ceil
floor
ldexp
api-ms-win-crt-utility-l1-1-0
rand
srand
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-time-l1-1-0
_gmtime64
_time64
_mktime64
clock
strftime
_localtime64
_difftime64
api-ms-win-crt-filesystem-l1-1-0
_lock_file
rename
remove
_unlock_file
Sections
.text Size: 187KB - Virtual size: 186KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Debug/bin/Monaco/vs/base/worker/workerMain.js.js
-
Debug/bin/Monaco/vs/basic-languages/lua/lua.js
-
Debug/bin/Monaco/vs/editor/contrib/suggest/media/String_16x.svg
-
Debug/bin/Monaco/vs/editor/contrib/suggest/media/String_inverse_16x.svg
-
Debug/bin/Monaco/vs/editor/editor.main.css
-
Debug/bin/Monaco/vs/editor/editor.main.js.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.de.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.es.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.fr.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.it.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.ja.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.ko.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.ru.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.zh-cn.js
-
Debug/bin/Monaco/vs/editor/editor.main.nls.zh-tw.js
-
Debug/bin/Monaco/vs/editor/standalone/browser/quickOpen/symbol-sprite.svg
-
Debug/bin/Monaco/vs/loader.js.js
-
Debug/c543dsa312sdjadA2123.exe.exe windows:4 windows x86 arch:x86
Password: 123
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
E:\repos\KilluaRemake2\KilluaRemake2\obj\Debug\Killua.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 112KB - Virtual size: 111KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ