API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 23rd, 2019
106
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.17 KB | None | 0 0
raw download clone embed print report
  1. readpe server_asm.exe
  2. DOS Header
  3. Magic number: 0x5a4d (MZ)
  4. Bytes in last page: 80
  5. Pages in file: 2
  6. Relocations: 0
  7. Size of header in paragraphs: 4
  8. Minimum extra paragraphs: 15
  9. Maximum extra paragraphs: 65535
  10. Initial (relative) SS value: 0
  11. Initial SP value: 0xb8
  12. Initial IP value: 0
  13. Initial (relative) CS value: 0
  14. Address of relocation table: 0x40
  15. Overlay number: 0x1a
  16. OEM identifier: 0
  17. OEM information: 0
  18. PE header offset: 0x100
  19. COFF/File header
  20. Machine: 0x14c IMAGE_FILE_MACHINE_I386
  21. Number of sections: 8
  22. Date/time stamp: 708992537 (Fri, 19 Jun 1992 22:22:17 UTC)
  23. Symbol Table offset: 0
  24. Number of symbols: 0
  25. Size of optional header: 0xe0
  26. Characteristics: 0x818f
  27. Characteristics names
  28. IMAGE_FILE_RELOCS_STRIPPED
  29. IMAGE_FILE_EXECUTABLE_IMAGE
  30. IMAGE_FILE_LINE_NUMS_STRIPPED
  31. IMAGE_FILE_LOCAL_SYMS_STRIPPED
  32. IMAGE_FILE_BYTES_REVERSED_LO
  33. IMAGE_FILE_32BIT_MACHINE
  34. IMAGE_FILE_BYTES_REVERSED_HI
  35. Optional/Image header
  36. Magic number: 0x10b (PE32)
  37. Linker major version: 2
  38. Linker minor version: 25
  39. Size of .text section: 0x1e600
  40. Size of .data section: 0x3800
  41. Size of .bss section: 0
  42. Entrypoint: 0x1f560
  43. Address of .text section: 0x1000
  44. Address of .data section: 0x20000
  45. ImageBase: 0x400000
  46. Alignment of sections: 0x1000
  47. Alignment factor: 0x200
  48. Major version of required OS: 1
  49. Minor version of required OS: 0
  50. Major version of image: 0
  51. Minor version of image: 0
  52. Major version of subsystem: 4
  53. Minor version of subsystem: 0
  54. Size of image: 0x28000
  55. Size of headers: 0x1000
  56. Checksum: 0
  57. Subsystem required: 0x2 (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  58. DLL characteristics: 0
  59. DLL characteristics names
  60. Size of stack to reserve: 0x100000
  61. Size of stack to commit: 0x4000
  62. Size of heap space to reserve: 0x100000
  63. Size of heap space to commit: 0x1000
  64. Data directories
  65. Directory
  66. IMAGE_DIRECTORY_ENTRY_IMPORT: 0x22000 (3346 bytes)
  67. Directory
  68. IMAGE_DIRECTORY_ENTRY_RESOURCE: 0x27000 (1536 bytes)
  69. Directory
  70. IMAGE_DIRECTORY_ENTRY_TLS: 0x24000 (24 bytes)
  71. Imported functions
  72. Library
  73. Name: KERNEL32.DLL
  74. Functions
  75. Function
  76. Name: GetCurrentThreadId
  77. Function
  78. Name: DeleteCriticalSection
  79. Function
  80. Name: LeaveCriticalSection
  81. Function
  82. Name: EnterCriticalSection
  83. Function
  84. Name: InitializeCriticalSection
  85. Function
  86. Name: VirtualFree
  87. Function
  88. Name: VirtualAlloc
  89. Function
  90. Name: LocalFree
  91. Function
  92. Name: LocalAlloc
  93. Function
  94. Name: VirtualQuery
  95. Function
  96. Name: SetCurrentDirectoryA
  97. Function
  98. Name: lstrlenA
  99. Function
  100. Name: lstrcpynA
  101. Function
  102. Name: lstrcpyA
  103. Function
  104. Name: LoadLibraryExA
  105. Function
  106. Name: GetThreadLocale
  107. Function
  108. Name: GetStartupInfoA
  109. Function
  110. Name: GetProcAddress
  111. Function
  112. Name: GetModuleHandleA
  113. Function
  114. Name: GetModuleFileNameA
  115. Function
  116. Name: GetLocaleInfoA
  117. Function
  118. Name: GetLastError
  119. Function
  120. Name: GetCurrentDirectoryA
  121. Function
  122. Name: GetCommandLineA
  123. Function
  124. Name: FreeLibrary
  125. Function
  126. Name: FindFirstFileA
  127. Function
  128. Name: FindClose
  129. Function
  130. Name: CreateDirectoryA
  131. Function
  132. Name: ExitProcess
  133. Function
  134. Name: WriteFile
  135. Function
  136. Name: UnhandledExceptionFilter
  137. Function
  138. Name: SetFilePointer
  139. Function
  140. Name: SetEndOfFile
  141. Function
  142. Name: RtlUnwind
  143. Function
  144. Name: ReadFile
  145. Function
  146. Name: RaiseException
  147. Function
  148. Name: GetStdHandle
  149. Function
  150. Name: GetFileSize
  151. Function
  152. Name: GetSystemTime
  153. Function
  154. Name: GetFileType
  155. Function
  156. Name: CreateFileA
  157. Function
  158. Name: CloseHandle
  159. Library
  160. Name: KERNEL32.DLL
  161. Functions
  162. Function
  163. Name: TlsSetValue
  164. Function
  165. Name: TlsGetValue
  166. Function
  167. Name: LocalAlloc
  168. Function
  169. Name: GetModuleHandleA
  170. Function
  171. Name: GetModuleFileNameA
  172. Library
  173. Name: KERNEL32.DLL
  174. Functions
  175. Function
  176. Name: WriteFile
  177. Function
  178. Name: WaitForSingleObject
  179. Function
  180. Name: VirtualAlloc
  181. Function
  182. Name: Sleep
  183. Function
  184. Name: SetLocalTime
  185. Function
  186. Name: SetFilePointer
  187. Function
  188. Name: SetEndOfFile
  189. Function
  190. Name: SetConsoleCtrlHandler
  191. Function
  192. Name: RemoveDirectoryA
  193. Function
  194. Name: ReadFile
  195. Function
  196. Name: MoveFileA
  197. Function
  198. Name: LoadLibraryA
  199. Function
  200. Name: LeaveCriticalSection
  201. Function
  202. Name: IsBadWritePtr
  203. Function
  204. Name: InitializeCriticalSection
  205. Function
  206. Name: GetWindowsDirectoryA
  207. Function
  208. Name: GetVersionExA
  209. Function
  210. Name: GetVersion
  211. Function
  212. Name: GetTickCount
  213. Function
  214. Name: GetSystemDirectoryA
  215. Function
  216. Name: GetProcAddress
  217. Function
  218. Name: GetModuleHandleA
  219. Function
  220. Name: GetLogicalDrives
  221. Function
  222. Name: GetLocalTime
  223. Function
  224. Name: GetLastError
  225. Function
  226. Name: GetDriveTypeA
  227. Function
  228. Name: GetCurrentProcessId
  229. Function
  230. Name: GetComputerNameA
  231. Function
  232. Name: FreeLibrary
  233. Function
  234. Name: FindNextFileA
  235. Function
  236. Name: FindFirstFileA
  237. Function
  238. Name: FindClose
  239. Function
  240. Name: FileTimeToLocalFileTime
  241. Function
  242. Name: FileTimeToDosDateTime
  243. Function
  244. Name: EnterCriticalSection
  245. Function
  246. Name: DeleteFileA
  247. Function
  248. Name: DeleteCriticalSection
  249. Function
  250. Name: CreateProcessA
  251. Function
  252. Name: CreateMutexA
  253. Function
  254. Name: CreateFileA
  255. Function
  256. Name: CopyFileA
  257. Function
  258. Name: CloseHandle
  259. Library
  260. Name: advapi32.dll
  261. Functions
  262. Function
  263. Name: RegQueryValueExA
  264. Function
  265. Name: RegOpenKeyExA
  266. Function
  267. Name: RegCloseKey
  268. Library
  269. Name: advapi32.dll
  270. Functions
  271. Function
  272. Name: RegSetValueExA
  273. Function
  274. Name: RegQueryValueExA
  275. Function
  276. Name: RegOpenKeyExA
  277. Function
  278. Name: RegDeleteValueA
  279. Function
  280. Name: RegDeleteKeyA
  281. Function
  282. Name: RegCreateKeyExA
  283. Function
  284. Name: RegCloseKey
  285. Function
  286. Name: GetUserNameA
  287. Library
  288. Name: oleaut32.dll
  289. Functions
  290. Function
  291. Name: VariantClear
  292. Function
  293. Name: SysFreeString
  294. Library
  295. Name: shell32.dll
  296. Functions
  297. Function
  298. Name: ShellExecuteA
  299. Library
  300. Name: user32.dll
  301. Functions
  302. Function
  303. Name: TranslateMessage
  304. Function
  305. Name: SystemParametersInfoA
  306. Function
  307. Name: ShowWindow
  308. Function
  309. Name: SetWindowLongA
  310. Function
  311. Name: SetTimer
  312. Function
  313. Name: SetForegroundWindow
  314. Function
  315. Name: SendMessageA
  316. Function
  317. Name: RegisterClassA
  318. Function
  319. Name: PostMessageA
  320. Function
  321. Name: PeekMessageA
  322. Function
  323. Name: MessageBoxA
  324. Function
  325. Name: KillTimer
  326. Function
  327. Name: IsWindowVisible
  328. Function
  329. Name: IsWindowEnabled
  330. Function
  331. Name: GetWindowTextA
  332. Function
  333. Name: GetWindowLongA
  334. Function
  335. Name: GetSystemMenu
  336. Function
  337. Name: GetWindow
  338. Function
  339. Name: GetMessageA
  340. Function
  341. Name: GetDesktopWindow
  342. Function
  343. Name: GetClassInfoA
  344. Function
  345. Name: EnableWindow
  346. Function
  347. Name: DispatchMessageA
  348. Function
  349. Name: DestroyWindow
  350. Function
  351. Name: DeleteMenu
  352. Function
  353. Name: DefWindowProcA
  354. Function
  355. Name: CreateWindowExA
  356. Library
  357. Name: user32.dll
  358. Functions
  359. Function
  360. Name: GetKeyboardType
  361. Function
  362. Name: MessageBoxA
  363. Function
  364. Name: CharNextA
  365. Library
  366. Name: WININET.DLL
  367. Functions
  368. Function
  369. Name: InternetGetConnectedState
  370. Library
  371. Name: winmm.dll
  372. Functions
  373. Function
  374. Name: sndPlaySoundA
  375. Library
  376. Name: wsock32.dll
  377. Functions
  378. Function
  379. Name: htons
  380. export directory not found
  381. Sections
  382. Section
  383. Name: CODE
  384. Virtual Address: 0x1000
  385. Physical Address: 0x1e5a8
  386. Size: 0x1e600 (124416 bytes)
  387. Pointer To Data: 0x400
  388. Relocations: 0
  389. Characteristics: 0x60000020
  390. Characteristic Names
  391. IMAGE_SCN_CNT_CODE
  392. IMAGE_SCN_MEM_EXECUTE
  393. IMAGE_SCN_MEM_READ
  394. Section
  395. Name: DATA
  396. Virtual Address: 0x20000
  397. Physical Address: 0x250
  398. Size: 0x400 (1024 bytes)
  399. Pointer To Data: 0x1ea00
  400. Relocations: 0
  401. Characteristics: 0xc0000040
  402. Characteristic Names
  403. IMAGE_SCN_CNT_INITIALIZED_DATA
  404. IMAGE_SCN_MEM_READ
  405. IMAGE_SCN_MEM_WRITE
  406. Section
  407. Name: BSS
  408. Virtual Address: 0x21000
  409. Physical Address: 0xed9
  410. Size: 0 (0 bytes)
  411. Pointer To Data: 0x1ee00
  412. Relocations: 0
  413. Characteristics: 0xc0000000
  414. Characteristic Names
  415. IMAGE_SCN_MEM_READ
  416. IMAGE_SCN_MEM_WRITE
  417. Section
  418. Name: .idata
  419. Virtual Address: 0x22000
  420. Physical Address: 0xd12
  421. Size: 0xe00 (3584 bytes)
  422. Pointer To Data: 0x1ee00
  423. Relocations: 0
  424. Characteristics: 0xc0000040
  425. Characteristic Names
  426. IMAGE_SCN_CNT_INITIALIZED_DATA
  427. IMAGE_SCN_MEM_READ
  428. IMAGE_SCN_MEM_WRITE
  429. Section
  430. Name: .tls
  431. Virtual Address: 0x23000
  432. Physical Address: 0xc
  433. Size: 0 (0 bytes)
  434. Pointer To Data: 0x1fc00
  435. Relocations: 0
  436. Characteristics: 0xc0000000
  437. Characteristic Names
  438. IMAGE_SCN_MEM_READ
  439. IMAGE_SCN_MEM_WRITE
  440. Section
  441. Name: .rdata
  442. Virtual Address: 0x24000
  443. Physical Address: 0x18
  444. Size: 0x200 (512 bytes)
  445. Pointer To Data: 0x1fc00
  446. Relocations: 0
  447. Characteristics: 0x50000040
  448. Characteristic Names
  449. IMAGE_SCN_CNT_INITIALIZED_DATA
  450. IMAGE_SCN_MEM_SHARED
  451. IMAGE_SCN_MEM_READ
  452. Section
  453. Name: .reloc
  454. Virtual Address: 0x25000
  455. Physical Address: 0x1dc4
  456. Size: 0x1e00 (7680 bytes)
  457. Pointer To Data: 0x1fe00
  458. Relocations: 0
  459. Characteristics: 0x50000040
  460. Characteristic Names
  461. IMAGE_SCN_CNT_INITIALIZED_DATA
  462. IMAGE_SCN_MEM_SHARED
  463. IMAGE_SCN_MEM_READ
  464. Section
  465. Name: .rsrc
  466. Virtual Address: 0x27000
  467. Physical Address: 0x600
  468. Size: 0x600 (1536 bytes)
  469. Pointer To Data: 0x21c00
  470. Relocations: 0
  471. Characteristics: 0x50000040
  472. Characteristic Names
  473. IMAGE_SCN_CNT_INITIALIZED_DATA
  474. IMAGE_SCN_MEM_SHARED
  475. IMAGE_SCN_MEM_READ
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!