Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- readpe server.exe
- DOS Header
- Magic number: 0x5a4d (MZ)
- Bytes in last page: 80
- Pages in file: 2
- Relocations: 0
- Size of header in paragraphs: 4
- Minimum extra paragraphs: 15
- Maximum extra paragraphs: 65535
- Initial (relative) SS value: 0
- Initial SP value: 0xb8
- Initial IP value: 0
- Initial (relative) CS value: 0
- Address of relocation table: 0x40
- Overlay number: 0x1a
- OEM identifier: 0
- OEM information: 0
- PE header offset: 0x100
- COFF/File header
- Machine: 0x14c IMAGE_FILE_MACHINE_I386
- Number of sections: 8
- Date/time stamp: 708992537 (Fri, 19 Jun 1992 22:22:17 UTC)
- Symbol Table offset: 0
- Number of symbols: 0
- Size of optional header: 0xe0
- Characteristics: 0x818f
- Characteristics names
- IMAGE_FILE_RELOCS_STRIPPED
- IMAGE_FILE_EXECUTABLE_IMAGE
- IMAGE_FILE_LINE_NUMS_STRIPPED
- IMAGE_FILE_LOCAL_SYMS_STRIPPED
- IMAGE_FILE_BYTES_REVERSED_LO
- IMAGE_FILE_32BIT_MACHINE
- IMAGE_FILE_BYTES_REVERSED_HI
- Optional/Image header
- Magic number: 0x10b (PE32)
- Linker major version: 2
- Linker minor version: 25
- Size of .text section: 0x1e600
- Size of .data section: 0x3800
- Size of .bss section: 0
- Entrypoint: 0x1f560
- Address of .text section: 0x1000
- Address of .data section: 0x20000
- ImageBase: 0x400000
- Alignment of sections: 0x1000
- Alignment factor: 0x200
- Major version of required OS: 1
- Minor version of required OS: 0
- Major version of image: 0
- Minor version of image: 0
- Major version of subsystem: 4
- Minor version of subsystem: 0
- Size of image: 0x28000
- Size of headers: 0x1000
- Checksum: 0
- Subsystem required: 0x2 (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- DLL characteristics: 0
- DLL characteristics names
- Size of stack to reserve: 0x100000
- Size of stack to commit: 0x4000
- Size of heap space to reserve: 0x100000
- Size of heap space to commit: 0x1000
- Data directories
- Directory
- IMAGE_DIRECTORY_ENTRY_IMPORT: 0x22000 (3346 bytes)
- Directory
- IMAGE_DIRECTORY_ENTRY_RESOURCE: 0x27000 (1536 bytes)
- Directory
- IMAGE_DIRECTORY_ENTRY_TLS: 0x24000 (24 bytes)
- Imported functions
- Library
- Name: KERNEL32.DLL
- Functions
- Function
- Name: GetCurrentThreadId
- Function
- Name: DeleteCriticalSection
- Function
- Name: LeaveCriticalSection
- Function
- Name: EnterCriticalSection
- Function
- Name: InitializeCriticalSection
- Function
- Name: VirtualFree
- Function
- Name: VirtualAlloc
- Function
- Name: LocalFree
- Function
- Name: LocalAlloc
- Function
- Name: VirtualQuery
- Function
- Name: SetCurrentDirectoryA
- Function
- Name: lstrlenA
- Function
- Name: lstrcpynA
- Function
- Name: lstrcpyA
- Function
- Name: LoadLibraryExA
- Function
- Name: GetThreadLocale
- Function
- Name: GetStartupInfoA
- Function
- Name: GetProcAddress
- Function
- Name: GetModuleHandleA
- Function
- Name: GetModuleFileNameA
- Function
- Name: GetLocaleInfoA
- Function
- Name: GetLastError
- Function
- Name: GetCurrentDirectoryA
- Function
- Name: GetCommandLineA
- Function
- Name: FreeLibrary
- Function
- Name: FindFirstFileA
- Function
- Name: FindClose
- Function
- Name: CreateDirectoryA
- Function
- Name: ExitProcess
- Function
- Name: WriteFile
- Function
- Name: UnhandledExceptionFilter
- Function
- Name: SetFilePointer
- Function
- Name: SetEndOfFile
- Function
- Name: RtlUnwind
- Function
- Name: ReadFile
- Function
- Name: RaiseException
- Function
- Name: GetStdHandle
- Function
- Name: GetFileSize
- Function
- Name: GetSystemTime
- Function
- Name: GetFileType
- Function
- Name: CreateFileA
- Function
- Name: CloseHandle
- Library
- Name: KERNEL32.DLL
- Functions
- Function
- Name: TlsSetValue
- Function
- Name: TlsGetValue
- Function
- Name: LocalAlloc
- Function
- Name: GetModuleHandleA
- Function
- Name: GetModuleFileNameA
- Library
- Name: KERNEL32.DLL
- Functions
- Function
- Name: WriteFile
- Function
- Name: WaitForSingleObject
- Function
- Name: VirtualAlloc
- Function
- Name: Sleep
- Function
- Name: SetLocalTime
- Function
- Name: SetFilePointer
- Function
- Name: SetEndOfFile
- Function
- Name: SetConsoleCtrlHandler
- Function
- Name: RemoveDirectoryA
- Function
- Name: ReadFile
- Function
- Name: MoveFileA
- Function
- Name: LoadLibraryA
- Function
- Name: LeaveCriticalSection
- Function
- Name: IsBadWritePtr
- Function
- Name: InitializeCriticalSection
- Function
- Name: GetWindowsDirectoryA
- Function
- Name: GetVersionExA
- Function
- Name: GetVersion
- Function
- Name: GetTickCount
- Function
- Name: GetSystemDirectoryA
- Function
- Name: GetProcAddress
- Function
- Name: GetModuleHandleA
- Function
- Name: GetLogicalDrives
- Function
- Name: GetLocalTime
- Function
- Name: GetLastError
- Function
- Name: GetDriveTypeA
- Function
- Name: GetCurrentProcessId
- Function
- Name: GetComputerNameA
- Function
- Name: FreeLibrary
- Function
- Name: FindNextFileA
- Function
- Name: FindFirstFileA
- Function
- Name: FindClose
- Function
- Name: FileTimeToLocalFileTime
- Function
- Name: FileTimeToDosDateTime
- Function
- Name: EnterCriticalSection
- Function
- Name: DeleteFileA
- Function
- Name: DeleteCriticalSection
- Function
- Name: CreateProcessA
- Function
- Name: CreateMutexA
- Function
- Name: CreateFileA
- Function
- Name: CopyFileA
- Function
- Name: CloseHandle
- Library
- Name: advapi32.dll
- Functions
- Function
- Name: RegQueryValueExA
- Function
- Name: RegOpenKeyExA
- Function
- Name: RegCloseKey
- Library
- Name: advapi32.dll
- Functions
- Function
- Name: RegSetValueExA
- Function
- Name: RegQueryValueExA
- Function
- Name: RegOpenKeyExA
- Function
- Name: RegDeleteValueA
- Function
- Name: RegDeleteKeyA
- Function
- Name: RegCreateKeyExA
- Function
- Name: RegCloseKey
- Function
- Name: GetUserNameA
- Library
- Name: oleaut32.dll
- Functions
- Function
- Name: VariantClear
- Function
- Name: SysFreeString
- Library
- Name: shell32.dll
- Functions
- Function
- Name: ShellExecuteA
- Library
- Name: user32.dll
- Functions
- Function
- Name: TranslateMessage
- Function
- Name: SystemParametersInfoA
- Function
- Name: ShowWindow
- Function
- Name: SetWindowLongA
- Function
- Name: SetTimer
- Function
- Name: SetForegroundWindow
- Function
- Name: SendMessageA
- Function
- Name: RegisterClassA
- Function
- Name: PostMessageA
- Function
- Name: PeekMessageA
- Function
- Name: MessageBoxA
- Function
- Name: KillTimer
- Function
- Name: IsWindowVisible
- Function
- Name: IsWindowEnabled
- Function
- Name: GetWindowTextA
- Function
- Name: GetWindowLongA
- Function
- Name: GetSystemMenu
- Function
- Name: GetWindow
- Function
- Name: GetMessageA
- Function
- Name: GetDesktopWindow
- Function
- Name: GetClassInfoA
- Function
- Name: EnableWindow
- Function
- Name: DispatchMessageA
- Function
- Name: DestroyWindow
- Function
- Name: DeleteMenu
- Function
- Name: DefWindowProcA
- Function
- Name: CreateWindowExA
- Library
- Name: user32.dll
- Functions
- Function
- Name: GetKeyboardType
- Function
- Name: MessageBoxA
- Function
- Name: CharNextA
- Library
- Name: WININET.DLL
- Functions
- Function
- Name: InternetGetConnectedState
- Library
- Name: winmm.dll
- Functions
- Function
- Name: sndPlaySoundA
- Library
- Name: wsock32.dll
- Functions
- Function
- Name: htons
- export directory not found
- Sections
- Section
- Name: CODE
- Virtual Address: 0x1000
- Physical Address: 0x1e5a8
- Size: 0x1e600 (124416 bytes)
- Pointer To Data: 0x400
- Relocations: 0
- Characteristics: 0x60000020
- Characteristic Names
- IMAGE_SCN_CNT_CODE
- IMAGE_SCN_MEM_EXECUTE
- IMAGE_SCN_MEM_READ
- Section
- Name: DATA
- Virtual Address: 0x20000
- Physical Address: 0x250
- Size: 0x400 (1024 bytes)
- Pointer To Data: 0x1ea00
- Relocations: 0
- Characteristics: 0xc0000040
- Characteristic Names
- IMAGE_SCN_CNT_INITIALIZED_DATA
- IMAGE_SCN_MEM_READ
- IMAGE_SCN_MEM_WRITE
- Section
- Name: BSS
- Virtual Address: 0x21000
- Physical Address: 0xed9
- Size: 0 (0 bytes)
- Pointer To Data: 0x1ee00
- Relocations: 0
- Characteristics: 0xc0000000
- Characteristic Names
- IMAGE_SCN_MEM_READ
- IMAGE_SCN_MEM_WRITE
- Section
- Name: .idata
- Virtual Address: 0x22000
- Physical Address: 0xd12
- Size: 0xe00 (3584 bytes)
- Pointer To Data: 0x1ee00
- Relocations: 0
- Characteristics: 0xc0000040
- Characteristic Names
- IMAGE_SCN_CNT_INITIALIZED_DATA
- IMAGE_SCN_MEM_READ
- IMAGE_SCN_MEM_WRITE
- Section
- Name: .tls
- Virtual Address: 0x23000
- Physical Address: 0xc
- Size: 0 (0 bytes)
- Pointer To Data: 0x1fc00
- Relocations: 0
- Characteristics: 0xc0000000
- Characteristic Names
- IMAGE_SCN_MEM_READ
- IMAGE_SCN_MEM_WRITE
- Section
- Name: .rdata
- Virtual Address: 0x24000
- Physical Address: 0x18
- Size: 0x200 (512 bytes)
- Pointer To Data: 0x1fc00
- Relocations: 0
- Characteristics: 0x50000040
- Characteristic Names
- IMAGE_SCN_CNT_INITIALIZED_DATA
- IMAGE_SCN_MEM_SHARED
- IMAGE_SCN_MEM_READ
- Section
- Name: .reloc
- Virtual Address: 0x25000
- Physical Address: 0x1dc4
- Size: 0x1e00 (7680 bytes)
- Pointer To Data: 0x1fe00
- Relocations: 0
- Characteristics: 0x50000040
- Characteristic Names
- IMAGE_SCN_CNT_INITIALIZED_DATA
- IMAGE_SCN_MEM_SHARED
- IMAGE_SCN_MEM_READ
- Section
- Name: .rsrc
- Virtual Address: 0x27000
- Physical Address: 0x600
- Size: 0x600 (1536 bytes)
- Pointer To Data: 0x21c00
- Relocations: 0
- Characteristics: 0x50000040
- Characteristic Names
- IMAGE_SCN_CNT_INITIALIZED_DATA
- IMAGE_SCN_MEM_SHARED
- IMAGE_SCN_MEM_READ
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement