comments powered byDisqus

MZ Header

Rich Header

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Packer / Compiler

Sections

Data Directory

offsetsizetypecomment
0259072EXE08/14/2016 19:15:49#
3f40051207RAREncrypted Headers!#
4bc074238810BINoverlay data past EOF#
Type = Rar
Solid = -
Blocks = 2
Multivolume = -
Volumes = 1

   Date      Time    Attr         Size   Compressed  Name
------------------- ----- ------------ ------------  ------------------------
2017-07-19 09:19:00 ....A       562688       161540  PZD.exe
2017-07-19 09:23:10 ....A      4247476      4128174  Firefox_cl.exe
------------------- ----- ------------ ------------  ------------------------
                               4810164      4289714  2 files, 0 folders
offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

[?] can't find file_offset of VA 0x0