Extracted

• bfe832dd29e58d5688614981f21252bc2860a387a11368ee25037a1f2da617a8

  .exe windows:6 windows x86 arch:x86

  ca94651b962107ca85cf026417b14897

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  D:\Network_security\项目\免杀学习\aaa\Debug\aaa.pdb

  Imports

  kernel32

  GetLastError

  VirtualAlloc

  GetCurrentProcess

  GetProcAddress

  FreeLibrary

  VirtualQuery

  GetProcessHeap

  HeapFree

  HeapAlloc

  GetModuleHandleW

  IsProcessorFeaturePresent

  GetStartupInfoW

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  QueryPerformanceCounter

  WideCharToMultiByte

  MultiByteToWideChar

  RaiseException

  IsDebuggerPresent

  GetCurrentThreadId

  TerminateProcess

  vcruntime140d

  __current_exception

  __current_exception_context

  memset

  _except_handler4_common

  __vcrt_GetModuleFileNameW

  __vcrt_GetModuleHandleW

  __vcrt_LoadLibraryExW

  memcpy

  __std_type_info_destroy_list

  ucrtbased

  __p__commode

  _initterm

  strcat_s

  __stdio_common_vsprintf_s

  _seh_filter_dll

  _initialize_onexit_table

  _register_onexit_function

  _execute_onexit_table

  _crt_atexit

  _crt_at_quick_exit

  _controlfp_s

  terminate

  _configthreadlocale

  _wsplitpath_s

  wcscpy_s

  _register_thread_local_exe_atexit_callback

  _get_initial_narrow_environment

  _initialize_narrow_environment

  _configure_narrow_argv

  __setusermatherr

  _set_app_type

  _seh_filter_exe

  _CrtDbgReportW

  _CrtDbgReport

  __stdio_common_vfprintf

  __acrt_iob_func

  _set_new_mode

  _c_exit

  _cexit

  __p___argv

  __p___argc

  _set_fmode

  _exit

  exit

  _wmakepath_s

  _initterm_e

  strcpy_s

  Sections

  .textbss

  Size: - Virtual size: 64KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .text

  Size: 23KB - Virtual size: 22KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .msvcjmc

  Size: 1024B - Virtual size: 550B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .00cfg

  Size: 512B - Virtual size: 270B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ