| / Cracking 2
/ Cracking II..iso / Tools / icedump 6.018 and nticedump 1.9 / wnt / ntid.exe
| < prev |
| MS-DOS/Windows or OS/2 Executable | 2000-03-22 | 3.0 KB |
MacOS 8.1
|
Win98
|
DOS
view JSON data
|
view as text| Confidence | Program | Detection | Match Type | Support |
|---|---|---|---|---|
| 100% | dexvert | MS-DOS/Windows or OS/2 Executable (executable/exe) | magic | Supported |
| 1% | dexvert | Ady's GLUE Packed (archive/adysGLUEPacked) | ext | Unsupported |
| 1% | dexvert | BlacK FiST Packed (archive/blackFiSTPacked) | ext | Unsupported |
| 1% | dexvert | CauseWay Compressor Packed (archive/causeWayCompressorPacked) | ext | Unsupported |
| 1% | dexvert | CExe compressed Win32 executable (archive/cExeCompressedWin32Executable) | ext | Unsupported |
| 1% | dexvert | cIPHATOR Protected (archive/ciphatorProtected) | ext | Unsupported |
| 1% | dexvert | CRYPACK Protected (archive/crypackProtected) | ext | Unsupported |
| 1% | dexvert | CRYPTEXE Proterctd (archive/cryptexeProtected) | ext | Unsupported |
| 1% | dexvert | Crypt Light Show Protected (archive/cryptLightShowProtected) | ext | Unsupported |
| 1% | dexvert | DaRKSToP Proterctd (archive/darkstopProtected) | ext | Unsupported |
| 1% | dexvert | DiskImager SFX Image (archive/diskImagerSFXImage) | ext | Unsupported |
| 1% | dexvert | DJP Packed (archive/djpPacked) | ext | Unsupported |
| 1% | dexvert | .NETZ Packed (archive/dotNETZPacked) | ext | Unsupported |
| 1% | dexvert | Exe32Pack Packed (archive/exe32PackPacked) | ext | Unsupported |
| 1% | dexvert | EXE Manager Protected (archive/exeManagerProtected) | ext | Unsupported |
| 1% | dexvert | EXETOOLS Protected (archive/exetoolsProtected) | ext | Unsupported |
| 1% | dexvert | EZip Packed (archive/ezipPacked) | ext | Unsupported |
| 1% | dexvert | FSG Packed (archive/fsgPacked) | ext | Unsupported |
| 1% | dexvert | HackStop Protected (archive/hackStopProtected) | ext | Unsupported |
| 1% | dexvert | kkrunchy Packed (archive/kkcrunchPacked) | ext | Unsupported |
| 1% | dexvert | mbp SHRINK Packed (archive/mbpSHRINKPacked) | ext | Unsupported |
| 1% | dexvert | MEGALITE Packed (archive/megalitePacked) | ext | Unsupported |
| 1% | dexvert | Mess Protected (archive/messProtected) | ext | Unsupported |
| 1% | dexvert | Mew Packed (archive/mewPacked) | ext | Unsupported |
| 1% | dexvert | MPRESS Packed (archive/mpressPacked) | ext | Unsupported |
| 1% | dexvert | NOS Packer Packed (archive/nosPackerPacked) | ext | Unsupported |
| 1% | dexvert | NTShell Protected (archive/ntShellProtected) | ext | Unsupported |
| 1% | dexvert | Pack MasterPacked (archive/packMasterPacked) | ext | Unsupported |
| 1% | dexvert | PE Diminisher Packed (archive/peDiminisherPacked) | ext | Unsupported |
| 1% | dexvert | Petite Packed (archive/petitePacked) | ext | Unsupported |
| 1% | dexvert | PeX Packed (archive/pexPacked) | ext | Unsupported |
| 1% | dexvert | PKLITE32 Packed (archive/pklite32Packed) | ext | Unsupported |
| 1% | dexvert | PowerBatch Packed (archive/powerBatchPacked) | ext | Unsupported |
| 1% | dexvert | protector Protected (archive/protectorProtected) | ext | Unsupported |
| 1% | dexvert | py2exe Packed (archive/py2exePacked) | ext | Unsupported |
| 1% | dexvert | PyInstaller Packed (archive/pyInstallerPacked) | ext | Unsupported |
| 1% | dexvert | SECURE Protected (archive/secureProtected) | ext | Unsupported |
| 1% | dexvert | Spoon Studio Packed (archive/spoonStudioPacked) | ext | Unsupported |
| 1% | dexvert | tElock Packed (archive/telockPacked) | ext | Unsupported |
| 1% | dexvert | The Builder Packed (archive/theBuilderPacked) | ext | Unsupported |
| 1% | dexvert | The Patcher Packed (archive/thePatcherPacked) | ext | Unsupported |
| 1% | dexvert | 32Lite Packed (archive/thirtyTwoLitePacked) | ext | Unsupported |
| 1% | dexvert | TinyProt Protected (archive/tinyProtProtected) | ext | Unsupported |
| 1% | dexvert | (Win)Upack Packed (archive/winUpackPacked) | ext | Unsupported |
| 1% | dexvert | Yoda's Crypte Protected (archive/yodasCrypterProtected) | ext | Unsupported |
| 1% | dexvert | MS-DOS PMODE extender executable (executable/msdosPMODEExtenderExecutable) | ext | Unsupported |
| 1% | dexvert | Sony Playstation Executable (executable/sonyPlaystationExe) | ext | Unsupported |
| 1% | dexvert | Novell Netware Virtual Loadable Module (other/novellNetwareVirtualLoadableModule) | ext | Unsupported |
| 100% | file | PE32 executable (console) Intel 80386, for MS Windows, 2 sections | default | |
| 99% | file | data | default | |
| 27% | TrID | Win32 Dynamic Link Library (generic) | default | |
| 20% | TrID | Win16 NE executable (generic) | default | |
| 18% | TrID | Win32 Executable (generic) | default | |
| 8% | TrID | Windows Icons Library (generic) | default (weak) | |
| 8% | TrID | OS/2 Executable (generic) | default | |
| 100% | siegfried | fmt/899 Windows Portable Executable (32 bit) | default | |
| 100% | gt2 | Ist eine ausf�hrbare Win32 Datei | default | |
| 100% | binwalkID | Microsoft executable, portable (PE) | default | |
| 100% | xdgMime | application/vnd.microsoft.portable-executable | default (weak) |
+--------+-------------------------+-------------------------+--------+--------+
|00000000| 4d 5a 90 00 03 00 00 00 | 04 00 00 00 ff ff 00 00 |MZ......|........|
|00000010| b8 00 00 00 00 00 00 00 | 40 00 00 00 00 00 00 00 |........|@.......|
|00000020| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000030| 00 00 00 00 00 00 00 00 | 00 00 00 00 b0 00 00 00 |........|........|
|00000040| 0e 1f ba 0e 00 b4 09 cd | 21 b8 01 4c cd 21 54 68 |........|!..L.!Th|
|00000050| 69 73 20 70 72 6f 67 72 | 61 6d 20 63 61 6e 6e 6f |is progr|am canno|
|00000060| 74 20 62 65 20 72 75 6e | 20 69 6e 20 44 4f 53 20 |t be run| in DOS |
|00000070| 6d 6f 64 65 2e 0d 0d 0a | 24 00 00 00 00 00 00 00 |mode....|$.......|
|00000080| 7d 79 ae db 39 18 c0 88 | 39 18 c0 88 39 18 c0 88 |}y..9...|9...9...|
|00000090| 39 18 c0 88 28 18 c0 88 | ba 04 ce 88 3a 18 c0 88 |9...(...|....:...|
|000000a0| 52 69 63 68 39 18 c0 88 | 00 00 00 00 00 00 00 00 |Rich9...|........|
|000000b0| 50 45 00 00 4c 01 02 00 | 2b 71 d7 38 00 00 00 00 |PE..L...|+q.8....|
|000000c0| 00 00 00 00 e0 00 0f 01 | 0b 01 05 0c 00 0a 00 00 |........|........|
|000000d0| 00 02 00 00 00 00 00 00 | 2d 15 00 00 00 10 00 00 |........|-.......|
|000000e0| 00 20 00 00 00 00 40 00 | 00 10 00 00 00 02 00 00 |. ....@.|........|
|000000f0| 04 00 00 00 00 00 00 00 | 04 00 00 00 00 00 00 00 |........|........|
|00000100| 00 30 00 00 00 02 00 00 | 00 00 00 00 03 00 00 00 |.0......|........|
|00000110| 88 0d 01 00 00 10 00 00 | 88 0d 01 00 00 10 00 00 |........|........|
|00000120| 00 00 00 00 10 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000130| 38 20 00 00 3c 00 00 00 | 00 00 00 00 00 00 00 00 |8 ..<...|........|
|00000140| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000150| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000160| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000170| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000180| 00 00 00 00 00 00 00 00 | 00 20 00 00 38 00 00 00 |........|. ..8...|
|00000190| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000001a0| 00 00 00 00 00 00 00 00 | 2e 74 65 78 74 00 00 00 |........|.text...|
|000001b0| 64 08 00 00 00 10 00 00 | 00 08 00 00 00 02 00 00 |d.......|........|
|000001c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 20 00 00 e0 |........|.... ...|
|000001d0| 2e 72 64 61 74 61 00 00 | 78 01 00 00 00 20 00 00 |.rdata..|x.... ..|
|000001e0| 00 02 00 00 00 0a 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000001f0| 00 00 00 00 40 00 00 40 | 00 00 00 00 00 00 00 00 |....@..@|........|
|00000200| 69 63 65 64 75 6d 70 00 | 4e 54 49 43 45 2e 53 59 |icedump.|NTICE.SY|
|00000210| 53 00 4f 6b 2e 0d 0a 00 | 45 72 72 6f 72 2e 0d 0a |S.Ok....|Error...|
|00000220| 00 4e 54 2d 49 63 65 44 | 75 6d 70 20 50 61 74 63 |.NT-IceD|ump Patc|
|00000230| 68 65 72 20 28 43 29 20 | 47 2d 52 6f 4d 20 69 6e |her (C) |G-RoM in|
|00000240| 20 31 39 39 39 0a 0d 0a | 00 43 68 65 63 6b 69 6e | 1999...|.Checkin|
|00000250| 67 20 4e 54 49 43 45 20 | 20 20 20 3a 20 00 52 65 |g NTICE | : .Re|
|00000260| 61 64 69 6e 67 20 64 75 | 6d 70 20 69 6e 66 6f 20 |ading du|mp info |
|00000270| 3a 20 00 20 fe 20 53 69 | 67 6e 61 74 75 72 65 20 |: . . Si|gnature |
|00000280| 20 3a 20 49 44 4d 50 0d | 0a 00 20 fe 20 4c 65 6e | : IDMP.|.. . Len|
|00000290| 67 74 68 20 20 20 20 20 | 3a 20 00 20 fe 20 50 61 |gth |: . . Pa|
|000002a0| 74 63 68 65 72 20 20 20 | 20 3a 20 00 20 fe 20 56 |tcher | : . . V|
|000002b0| 65 72 73 69 6f 6e 20 20 | 20 20 3a 20 00 20 fe 20 |ersion | : . . |
|000002c0| 4e 54 49 63 65 20 20 20 | 20 20 20 3a 20 00 20 fe |NTIce | : . .|
|000002d0| 20 56 69 72 74 2e 20 41 | 64 64 72 2e 3a 20 00 52 | Virt. A|ddr.: .R|
|000002e0| 65 61 64 69 6e 67 20 44 | 75 6d 70 20 64 61 74 61 |eading D|ump data|
|000002f0| 20 3a 20 00 57 72 69 74 | 69 6e 67 20 50 61 74 63 | : .Writ|ing Patc|
|00000300| 68 20 20 20 20 20 3a 20 | 00 55 70 64 61 74 69 6e |h : |.Updatin|
|00000310| 67 20 48 65 61 64 65 72 | 20 20 20 3a 20 00 30 31 |g Header| : .01|
|00000320| 32 33 34 35 36 37 38 39 | 41 42 43 44 45 46 00 30 |23456789|ABCDEF.0|
|00000330| 30 30 30 30 30 30 30 00 | 57 51 53 8b 44 24 10 8b |0000000.|WQS.D$..|
|00000340| 7c 24 14 b9 04 00 00 00 | 33 db c1 c0 08 50 32 ff ||$......|3....P2.|
|00000350| 8a d8 8a d0 c0 eb 04 8a | 83 1e 11 40 00 aa 8a da |........|...@....|
|00000360| 80 e3 0f 8a 83 1e 11 40 | 00 aa 58 49 75 dc 5b 59 |.......@|..XIu.[Y|
|00000370| 5f c2 08 00 51 52 6a 04 | 68 00 10 00 00 ff 74 24 |_...QRj.|h.....t$|
|00000380| 14 6a 00 e8 26 06 00 00 | 5a 59 c2 04 00 51 52 68 |.j..&...|ZY...QRh|
|00000390| 00 80 00 00 6a 00 ff 74 | 24 14 e8 15 06 00 00 5a |....j..t|$......Z|
|000003a0| 59 c2 04 00 56 57 53 51 | 52 33 c0 50 50 6a 03 50 |Y...VWSQ|R3.PPj.P|
|000003b0| 6a 01 68 00 00 00 80 68 | 00 10 40 00 e8 f9 05 00 |j.h....h|..@.....|
|000003c0| 00 40 74 46 48 a3 0c 18 | 40 00 6a 00 50 e8 ee 05 |.@tFH...|@.j.P...|
|000003d0| 00 00 a3 18 18 40 00 6a | 00 68 24 18 40 00 6a 14 |.....@.j|.h$.@.j.|
|000003e0| 68 f8 17 40 00 ff 35 0c | 18 40 00 e8 d6 05 00 00 |h..@..5.|.@......|
|000003f0| ff 35 0c 18 40 00 e8 d7 | 05 00 00 33 c0 81 3d f8 |.5..@...|...3..=.|
|00000400| 17 40 00 49 44 4d 50 75 | 01 40 5a 59 5b 5f 5e c3 |.@.IDMPu|.@ZY[_^.|
|00000410| 60 68 15 10 40 00 e8 0c | 04 00 00 68 73 10 40 00 |`h..@...|...hs.@.|
|00000420| e8 02 04 00 00 68 8a 10 | 40 00 e8 f8 03 00 00 0f |.....h..|@.......|
|00000430| b7 05 fc 17 40 00 68 2f | 11 40 00 50 e8 f7 fe ff |....@.h/|.@.P....|
|00000440| ff 68 2f 11 40 00 e8 dc | 03 00 00 68 15 10 40 00 |.h/.@...|...h..@.|
|00000450| e8 d2 03 00 00 68 9b 10 | 40 00 e8 c8 03 00 00 0f |.....h..|@.......|
|00000460| b7 05 fe 17 40 00 68 2f | 11 40 00 50 e8 c7 fe ff |....@.h/|.@.P....|
|00000470| ff 68 2f 11 40 00 e8 ac | 03 00 00 68 15 10 40 00 |.h/.@...|...h..@.|
|00000480| e8 a2 03 00 00 68 ac 10 | 40 00 e8 98 03 00 00 a1 |.....h..|@.......|
|00000490| 00 18 40 00 68 2f 11 40 | 00 50 e8 99 fe ff ff 68 |..@.h/.@|.P.....h|
|000004a0| 2f 11 40 00 e8 7e 03 00 | 00 68 15 10 40 00 e8 74 |/.@..~..|.h..@..t|
|000004b0| 03 00 00 68 bd 10 40 00 | e8 6a 03 00 00 a1 04 18 |...h..@.|.j......|
|000004c0| 40 00 68 2f 11 40 00 50 | e8 6b fe ff ff 68 2f 11 |@.h/.@.P|.k...h/.|
|000004d0| 40 00 e8 50 03 00 00 68 | 15 10 40 00 e8 46 03 00 |@..P...h|..@..F..|
|000004e0| 00 68 ce 10 40 00 e8 3c | 03 00 00 a1 08 18 40 00 |.h..@..<|......@.|
|000004f0| 68 2f 11 40 00 50 e8 3d | fe ff ff 68 2f 11 40 00 |h/.@.P.=|...h/.@.|
|00000500| e8 22 03 00 00 68 15 10 | 40 00 e8 18 03 00 00 68 |."...h..|@......h|
|00000510| 15 10 40 00 e8 0e 03 00 | 00 61 c3 60 a1 18 18 40 |..@.....|.a.`...@|
|00000520| 00 0f b7 1d fc 17 40 00 | 2b c3 a3 18 18 40 00 50 |......@.|+....@.P|
|00000530| e8 3f fe ff ff a3 14 18 | 40 00 33 c0 50 50 6a 03 |.?......|@.3.PPj.|
|00000540| 50 6a 01 68 00 00 00 80 | 68 00 10 40 00 e8 68 04 |Pj.h....|h..@..h.|
|00000550| 00 00 40 74 5c 48 a3 0c | 18 40 00 52 51 6a 00 6a |..@t\H..|.@.RQj.j|
|00000560| 00 0f b7 15 fc 17 40 00 | 52 ff 35 0c 18 40 00 e8 |......@.|R.5..@..|
|00000570| 64 04 00 00 59 5a 40 74 | 2d 6a 00 68 24 18 40 00 |d...YZ@t|-j.h$.@.|
|00000580| ff 35 18 18 40 00 ff 35 | 14 18 40 00 ff 35 0c 18 |.5..@..5|..@..5..|
|00000590| 40 00 e8 2f 04 00 00 50 | ff 35 0c 18 40 00 e8 2f |@../...P|.5..@../|
|000005a0| 04 00 00 58 eb 18 ff 35 | 0c 18 40 00 e8 21 04 00 |...X...5|..@..!..|
|000005b0| 00 ff 35 14 18 40 00 e8 | d1 fd ff ff 33 c0 61 c3 |..5..@..|....3.a.|
|000005c0| 55 8b ec 60 33 c0 50 50 | 6a 03 50 6a 01 68 00 00 |U..`3.PP|j.Pj.h..|
|000005d0| 00 40 ff 75 08 e8 e0 03 | 00 00 40 74 5e 48 a3 0c |.@.u....|..@t^H..|
|000005e0| 18 40 00 52 51 6a 00 6a | 00 8b 15 08 18 40 00 2b |.@.RQj.j|.....@.+|
|000005f0| 15 38 18 40 00 52 ff 35 | 0c 18 40 00 e8 d7 03 00 |.8.@.R.5|..@.....|
|00000600| 00 59 5a 40 74 28 c7 05 | 24 18 40 00 00 00 00 00 |.YZ@t(..|$.@.....|
|00000610| 6a 00 68 24 18 40 00 ff | 35 18 18 40 00 ff 35 14 |j.h$.@..|5..@..5.|
|00000620| 18 40 00 ff 35 0c 18 40 | 00 e8 9e 03 00 00 50 ff |.@..5..@|......P.|
|00000630| 35 0c 18 40 00 e8 98 03 | 00 00 58 61 c9 c2 04 00 |5..@....|..Xa....|
|00000640| 55 8b ec 60 33 c0 50 50 | 6a 03 50 6a 01 68 00 00 |U..`3.PP|j.Pj.h..|
|00000650| 00 40 ff 75 08 e8 60 03 | 00 00 40 0f 84 c7 00 00 |.@.u..`.|..@.....|
|00000660| 00 48 a3 0c 18 40 00 52 | 51 6a 00 6a 00 8b 15 48 |.H...@.R|Qj.j...H|
|00000670| 18 40 00 83 c2 28 52 ff | 35 0c 18 40 00 e8 56 03 |.@...(R.|5..@..V.|
|00000680| 00 00 59 5a 40 0f 84 90 | 00 00 00 c7 05 24 18 40 |..YZ@...|.....$.@|
|00000690| 00 00 00 00 00 a1 08 18 | 40 00 2b 05 38 18 40 00 |........|@.+.8.@.|
|000006a0| a3 08 18 40 00 6a 00 68 | 24 18 40 00 6a 04 68 08 |...@.j.h|$.@.j.h.|
|000006b0| 18 40 00 ff 35 0c 18 40 | 00 e8 0e 03 00 00 85 c0 |.@..5..@|........|
|000006c0| 74 59 68 1c 18 40 00 68 | 20 18 40 00 ff 75 08 e8 |tYh..@.h| .@..u..|
|000006d0| 1c 03 00 00 85 c0 75 50 | 52 51 6a 00 6a 00 8b 15 |......uP|RQj.j...|
|000006e0| 48 18 40 00 83 c2 58 52 | ff 35 0c 18 40 00 e8 e5 |H.@...XR|.5..@...|
|000006f0| 02 00 00 59 5a 40 74 23 | c7 05 24 18 40 00 00 00 |...YZ@t#|..$.@...|
|00000700| 00 00 6a 00 68 24 18 40 | 00 6a 04 68 1c 18 40 00 |..j.h$.@|.j.h..@.|
|00000710| ff 35 0c 18 40 00 e8 b1 | 02 00 00 50 ff 35 0c 18 |.5..@...|...P.5..|
|00000720| 40 00 e8 ab 02 00 00 58 | 61 c9 c2 04 00 e8 e6 00 |@......X|a.......|
|00000730| 00 00 68 21 10 40 00 e8 | eb 00 00 00 68 5e 10 40 |..h!.@..|....h^.@|
|00000740| 00 e8 e1 00 00 00 e8 59 | fc ff ff 83 f8 01 0f 85 |.......Y|........|
|00000750| b8 00 00 00 68 12 10 40 | 00 e8 c9 00 00 00 e8 ad |....h..@|........|
|00000760| fc ff ff 68 df 10 40 00 | e8 ba 00 00 00 e8 a9 fd |...h..@.|........|
|00000770| ff ff 85 c0 0f 84 92 00 | 00 00 68 12 10 40 00 e8 |........|..h..@..|
|00000780| a3 00 00 00 68 49 10 40 | 00 e8 99 00 00 00 68 08 |....hI.@|......h.|
|00000790| 10 40 00 e8 d6 01 00 00 | 85 c0 74 65 68 12 10 40 |.@......|..teh..@|
|000007a0| 00 e8 81 00 00 00 68 f4 | 10 40 00 e8 77 00 00 00 |......h.|.@..w...|
|000007b0| 68 08 10 40 00 e8 06 fe | ff ff 85 c0 74 43 68 12 |h..@....|....tCh.|
|000007c0| 10 40 00 e8 5f 00 00 00 | 68 09 11 40 00 e8 55 00 |.@.._...|h..@..U.|
|000007d0| 00 00 68 08 10 40 00 e8 | 64 fe ff ff 85 c0 74 21 |..h..@..|d.....t!|
|000007e0| 68 12 10 40 00 e8 3d 00 | 00 00 ff 35 14 18 40 00 |h..@..=.|...5..@.|
|000007f0| e8 98 fb ff ff e8 5a 00 | 00 00 6a 00 e8 dd 01 00 |......Z.|..j.....|
|00000800| 00 ff 35 14 18 40 00 e8 | 81 fb ff ff 68 18 10 40 |..5..@..|....h..@|
|00000810| 00 e8 11 00 00 00 eb dd | 60 6a f5 e8 ca 01 00 00 |........|`j......|
|00000820| a3 28 18 40 00 61 c3 55 | 8b ec 60 9c ff 75 08 e8 |.(.@.a.U|..`..u..|
|00000830| b0 01 00 00 85 c0 74 16 | 6a 00 68 2c 18 40 00 50 |......t.|j.h,.@.P|
|00000840| ff 75 08 ff 35 28 18 40 | 00 e8 7e 01 00 00 9d 61 |.u..5(.@|..~....a|
|00000850| c9 c2 04 00 ff 35 28 18 | 40 00 e8 73 01 00 00 c3 |.....5(.|@..s....|
|00000860| 55 8b ec 83 c4 fc 6a 00 | 68 80 00 00 00 6a 03 6a |U.....j.|h....j.j|
|00000870| 00 6a 01 68 00 00 00 80 | ff 75 08 e8 3a 01 00 00 |.j.h....|.u..:...|
|00000880| 83 f8 ff 74 33 50 6a 00 | 68 30 18 40 00 68 00 04 |...t3Pj.|h0.@.h..|
|00000890| 00 00 ff 75 0c 50 e8 2b | 01 00 00 85 c0 58 74 18 |...u.P.+|.....Xt.|
|000008a0| 50 6a 00 50 e8 17 01 00 | 00 89 45 fc 58 50 e8 1f |Pj.P....|..E.XP..|
|000008b0| 01 00 00 8b 45 fc eb 02 | 33 c0 c9 c2 08 00 55 8b |....E...|3.....U.|
|000008c0| ec 56 8b 75 08 33 c0 66 | 81 3e 4d 5a 75 11 56 83 |.V.u.3.f|.>MZu.V.|
|000008d0| c6 3c ad 5e 81 3c 30 50 | 45 00 00 74 02 33 c0 5e |.<.^.<0P|E..t.3.^|
|000008e0| c9 c2 04 00 55 8b ec 56 | 57 52 51 53 ff 75 08 e8 |....U..V|WRQS.u..|
|000008f0| ca ff ff ff 85 c0 74 6d | a3 48 18 40 00 03 45 08 |......tm|.H.@..E.|
|00000900| 8b f8 0f b7 47 06 a3 5c | 18 40 00 8b 47 2c a3 4c |....G..\|.@..G,.L|
|00000910| 18 40 00 8b 47 1c a3 50 | 18 40 00 8b 47 34 a3 38 |.@..G..P|.@..G4.8|
|00000920| 18 40 00 8b 47 38 a3 58 | 18 40 00 8b 47 3c a3 54 |.@..G8.X|.@..G<.T|
|00000930| 18 40 00 8b 47 50 a3 3c | 18 40 00 8b 47 54 a3 44 |.@..GP.<|.@..GT.D|
|00000940| 18 40 00 8b 47 28 a3 34 | 18 40 00 33 c9 8b c7 83 |.@..G(.4|.@.3....|
|00000950| c0 14 66 8b 08 03 c1 83 | c0 04 2b 45 08 a3 60 18 |..f.....|..+E..`.|
|00000960| 40 00 33 c0 40 5b 59 5a | 5f 5e c9 c2 04 00 55 8b |@.3.@[YZ|_^....U.|
|00000970| ec 83 c4 fc 68 00 04 00 | 00 e8 f6 f9 ff ff 85 c0 |....h...|........|
|00000980| 74 27 89 45 fc 50 ff 75 | 08 e8 d2 fe ff ff 85 c0 |t'.E.P.u|........|
|00000990| 74 0d a3 40 18 40 00 ff | 75 fc e8 45 ff ff ff 50 |t..@.@..|u..E...P|
|000009a0| ff 75 fc e8 e5 f9 ff ff | 58 c9 c2 04 00 cc ff 25 |.u......|X......%|
|000009b0| 08 20 40 00 ff 25 18 20 | 40 00 ff 25 1c 20 40 00 |. @..%. |@..%. @.|
|000009c0| ff 25 0c 20 40 00 ff 25 | 10 20 40 00 ff 25 14 20 |.%. @..%|. @..%. |
|000009d0| 40 00 ff 25 2c 20 40 00 | ff 25 30 20 40 00 ff 25 |@..%, @.|.%0 @..%|
|000009e0| 20 20 40 00 ff 25 24 20 | 40 00 ff 25 28 20 40 00 | @..%$ |@..%( @.|
|000009f0| ff 25 00 20 40 00 00 00 | 00 00 00 00 00 00 00 00 |.%. @...|........|
|00000a00| 54 21 00 00 00 00 00 00 | ac 20 00 00 d8 20 00 00 |T!......|. ... ..|
|00000a10| e6 20 00 00 f2 20 00 00 | bc 20 00 00 ca 20 00 00 |. ... ..|. ... ..|
|00000a20| 1e 21 00 00 2c 21 00 00 | 36 21 00 00 fe 20 00 00 |.!..,!..|6!... ..|
|00000a30| 0c 21 00 00 00 00 00 00 | 7c 20 00 00 00 00 00 00 |.!......|| ......|
|00000a40| 00 00 00 00 46 21 00 00 | 08 20 00 00 74 20 00 00 |....F!..|. ..t ..|
|00000a50| 00 00 00 00 00 00 00 00 | 6a 21 00 00 00 20 00 00 |........|j!... ..|
|00000a60| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000a70| 00 00 00 00 54 21 00 00 | 00 00 00 00 ac 20 00 00 |....T!..|..... ..|
|00000a80| d8 20 00 00 e6 20 00 00 | f2 20 00 00 bc 20 00 00 |. ... ..|. ... ..|
|00000a90| ca 20 00 00 1e 21 00 00 | 2c 21 00 00 36 21 00 00 |. ...!..|,!..6!..|
|00000aa0| fe 20 00 00 0c 21 00 00 | 00 00 00 00 95 02 56 69 |. ...!..|......Vi|
|00000ab0| 72 74 75 61 6c 41 6c 6c | 6f 63 00 00 99 02 56 69 |rtualAll|oc....Vi|
|00000ac0| 72 74 75 61 6c 46 72 65 | 65 00 32 00 43 72 65 61 |rtualFre|e.2.Crea|
|00000ad0| 74 65 46 69 6c 65 41 00 | fe 00 47 65 74 46 69 6c |teFileA.|..GetFil|
|00000ae0| 65 53 69 7a 65 00 fd 01 | 52 65 61 64 46 69 6c 65 |eSize...|ReadFile|
|00000af0| 00 00 b9 02 57 72 69 74 | 65 46 69 6c 65 00 19 00 |....Writ|eFile...|
|00000b00| 43 6c 6f 73 65 48 61 6e | 64 6c 65 00 4b 02 53 65 |CloseHan|dle.K.Se|
|00000b10| 74 46 69 6c 65 50 6f 69 | 6e 74 65 72 00 00 75 00 |tFilePoi|nter..u.|
|00000b20| 45 78 69 74 50 72 6f 63 | 65 73 73 00 e1 02 6c 73 |ExitProc|ess...ls|
|00000b30| 74 72 6c 65 6e 00 3d 01 | 47 65 74 53 74 64 48 61 |trlen.=.|GetStdHa|
|00000b40| 6e 64 6c 65 00 00 4b 45 | 52 4e 45 4c 33 32 2e 64 |ndle..KE|RNEL32.d|
|00000b50| 6c 6c 00 00 1b 00 4d 61 | 70 46 69 6c 65 41 6e 64 |ll....Ma|pFileAnd|
|00000b60| 43 68 65 63 6b 53 75 6d | 41 00 49 4d 41 47 45 48 |CheckSum|A.IMAGEH|
|00000b70| 4c 50 2e 64 6c 6c 00 00 | 00 00 00 00 00 00 00 00 |LP.dll..|........|
|00000b80| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000b90| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000ba0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000bb0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000bc0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000bd0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000be0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000bf0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
+--------+-------------------------+-------------------------+--------+--------+