hdlsim.dll

info
MZ
PE
imports
exports
foremost
hexdump
disasm
log
discuss
donate

filename	hdlsim.dll
size	322959 (0x4ed8f)
md5	2e7838f377a2777382182d000af7e479

type	PE32 executable (DLL) (console) Intel 80386, for MS Windows
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0x80

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x14c
NumberOfSections	0x11
TimeDateStamp	0x55427fbe
PointerToSymbolTable	0x45a00
NumberOfSymbols	0x6bf
SizeOfOptionalHeader	0xe0
Characteristics	0x2106
Magic	0x10b
LinkerVersion	2.22
SizeOfCode	0xa800
SizeOfInitializedData	0x15e00
SizeOfUninitializedData	0xe00
AddressOfEntryPoint	0x1440
BaseOfCode	0x1000
BaseOfData	0xc000
ImageBase	0x6c0c0000
SectionAlignment	0x1000
FileAlignment	0x200
OperatingSystemVersion	4.0
ImageVersion	1.0
SubsystemVersion	4.0
Reserved1	0
SizeOfImage	0x50000
SizeOfHeaders	0x600
CheckSum	0x5ae51
Subsystem	3
DllCharacteristics	0
SizeOfStackReserve	0x200000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Sections

name	va	vsize	raw size	flags
.text	0x1000	0xa6b4	0xa800	R-X CODE IDATA
.data	0xc000	0x8a64	0x8c00	RW- IDATA
.rdata	0x15000	0x724	0x800	R-- IDATA
.bss	0x16000	0xd90	0	RW- UDATA
.edata	0x17000	0x95d	0xa00	R-- IDATA
.idata	0x18000	0x784	0x800	RW- IDATA
.CRT	0x19000	0x2c	0x200	RW- IDATA
.tls	0x1a000	0x20	0x200	RW- IDATA
.reloc	0x1b000	0xb34	0xc00	R-- IDATA DISCARDABLE
/4	0x1c000	0x3c0	0x400	R-- IDATA DISCARDABLE
/19	0x1d000	0x17bf6	0x17c00	R-- IDATA DISCARDABLE
/31	0x35000	0x2db8	0x2e00	R-- IDATA DISCARDABLE
/45	0x38000	0x428a	0x4400	R-- IDATA DISCARDABLE
/57	0x3d000	0x2500	0x2600	R-- IDATA DISCARDABLE
/70	0x40000	0x1e1	0x200	R-- IDATA DISCARDABLE
/81	0x41000	0xd30e	0xd400	R-- IDATA DISCARDABLE
/92	0x4f000	0x6b8	0x800	R-- IDATA DISCARDABLE

Data Directory

type	va	size
EXPORT	0x17000	0x95d
IMPORT	0x18000	0x784
RESOURCE	0	0
EXCEPTION	0	0
SECURITY	0	0
BASERELOC	0x1b000	0xb34
DEBUG	0	0
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0x1a000	0x18
LOAD_CONFIG	0	0
Bound_IAT	0	0
IAT	0x18170	0x10c
Delay_IAT	0	0
CLR_Header	0	0

TLS

raw start	raw end	index	callbks	zero fill	flags
0x6c0da019	0x6c0da01c	0x6c0d601c	0x6c0d9018	0	0

module_name	hint	function_name
python27.dll	585	PyRun_SimpleStringFlags
python27.dll	642	PyString_FromString
python27.dll	322	PyImport_Import
python27.dll	156	PyErr_Print
python27.dll	835	Py_Finalize
python27.dll	856	Py_Initialize
KERNEL32.dll	196	DeleteCriticalSection
KERNEL32.dll	223	EnterCriticalSection
KERNEL32.dll	339	FreeLibrary
KERNEL32.dll	433	GetCurrentProcess
KERNEL32.dll	434	GetCurrentProcessId
KERNEL32.dll	437	GetCurrentThreadId
KERNEL32.dll	484	GetFullPathNameA
KERNEL32.dll	494	GetLastError
KERNEL32.dll	508	GetModuleFileNameA
KERNEL32.dll	510	GetModuleHandleA
KERNEL32.dll	553	GetProcAddress
KERNEL32.dll	603	GetSystemTimeAsFileTime
KERNEL32.dll	627	GetTickCount
KERNEL32.dll	710	InitializeCriticalSection
KERNEL32.dll	738	IsDBCSLeadByteEx
KERNEL32.dll	769	LeaveCriticalSection
KERNEL32.dll	771	LoadLibraryA
KERNEL32.dll	774	LoadLibraryW
KERNEL32.dll	813	MultiByteToWideChar
KERNEL32.dll	871	QueryPerformanceCounter
KERNEL32.dll	1073	SetUnhandledExceptionFilter
KERNEL32.dll	1085	Sleep
KERNEL32.dll	1097	TerminateProcess
KERNEL32.dll	1104	TlsGetValue
KERNEL32.dll	1117	UnhandledExceptionFilter
KERNEL32.dll	1149	VirtualProtect
KERNEL32.dll	1152	VirtualQuery
KERNEL32.dll	1183	WideCharToMultiByte
msvcrt.dll	56	__dllonexit
msvcrt.dll	70	__mb_cur_max
msvcrt.dll	143	_amsg_exit
msvcrt.dll	218	_errno
msvcrt.dll	317	_initterm
msvcrt.dll	321	_iob
msvcrt.dll	421	_lock
msvcrt.dll	583	_onexit
msvcrt.dll	643	_snprintf
msvcrt.dll	757	_unlock
msvcrt.dll	891	_winmajor
msvcrt.dll	957	abort
msvcrt.dll	967	atoi
msvcrt.dll	971	calloc
msvcrt.dll	987	fflush
msvcrt.dll	999	fputc
msvcrt.dll	1004	free
msvcrt.dll	1020	getenv
msvcrt.dll	1055	localeconv
msvcrt.dll	1060	malloc
msvcrt.dll	1068	memcpy
msvcrt.dll	1095	setlocale
msvcrt.dll	1108	strchr
msvcrt.dll	1109	strcmp
msvcrt.dll	1114	strerror
msvcrt.dll	1117	strlen
msvcrt.dll	1120	strncmp
msvcrt.dll	1121	strncpy
msvcrt.dll	1152	vfprintf
msvcrt.dll	1175	wcslen

ord	entry_va	function_name
1	0x4dd0	hook_0
2	0x4d60	hook_1
3	0x4970	hook_10
4	0x2210	hook_100
5	0x21a0	hook_101
6	0x2130	hook_102
7	0x20c0	hook_103
8	0x2050	hook_104
9	0x1fe0	hook_105
10	0x1f70	hook_106
11	0x1f00	hook_107
12	0x1e90	hook_108
13	0x1e20	hook_109
14	0x4900	hook_11
15	0x1db0	hook_110
16	0x1d40	hook_111
17	0x1cd0	hook_112
18	0x1c60	hook_113
19	0x1bf0	hook_114
20	0x1b80	hook_115
21	0x1b10	hook_116
22	0x1aa0	hook_117
23	0x1a30	hook_118
24	0x19c0	hook_119
25	0x4890	hook_12
26	0x1950	hook_120
27	0x18e0	hook_121
28	0x1870	hook_122
29	0x1800	hook_123
30	0x1790	hook_124
31	0x1720	hook_125
32	0x16b0	hook_126
33	0x1640	hook_127
34	0x4820	hook_13
35	0x47b0	hook_14
36	0x4740	hook_15
37	0x46d0	hook_16
38	0x4660	hook_17
39	0x45f0	hook_18
40	0x4580	hook_19
41	0x4cf0	hook_2
42	0x4510	hook_20
43	0x44a0	hook_21
44	0x4430	hook_22
45	0x43c0	hook_23
46	0x4350	hook_24
47	0x42e0	hook_25
48	0x4270	hook_26
49	0x4200	hook_27
50	0x4190	hook_28
51	0x4120	hook_29
52	0x4c80	hook_3
53	0x40b0	hook_30
54	0x4040	hook_31
55	0x3fd0	hook_32
56	0x3f60	hook_33
57	0x3ef0	hook_34
58	0x3e80	hook_35
59	0x3e10	hook_36
60	0x3da0	hook_37
61	0x3d30	hook_38
62	0x3cc0	hook_39
63	0x4c10	hook_4
64	0x3c50	hook_40
65	0x3be0	hook_41
66	0x3b70	hook_42
67	0x3b00	hook_43
68	0x3a90	hook_44
69	0x3a20	hook_45
70	0x39b0	hook_46
71	0x3940	hook_47
72	0x38d0	hook_48
73	0x3860	hook_49
74	0x4ba0	hook_5
75	0x37f0	hook_50
76	0x3780	hook_51
77	0x3710	hook_52
78	0x36a0	hook_53
79	0x3630	hook_54
80	0x35c0	hook_55
81	0x3550	hook_56
82	0x34e0	hook_57
83	0x3470	hook_58
84	0x3400	hook_59
85	0x4b30	hook_6
86	0x3390	hook_60
87	0x3320	hook_61
88	0x32b0	hook_62
89	0x3240	hook_63
90	0x31d0	hook_64
91	0x3160	hook_65
92	0x30f0	hook_66
93	0x3080	hook_67
94	0x3010	hook_68
95	0x2fa0	hook_69
96	0x4ac0	hook_7
97	0x2f30	hook_70
98	0x2ec0	hook_71
99	0x2e50	hook_72
100	0x2de0	hook_73
101	0x2d70	hook_74
102	0x2d00	hook_75
103	0x2c90	hook_76
104	0x2c20	hook_77
105	0x2bb0	hook_78
106	0x2b40	hook_79
107	0x4a50	hook_8
108	0x2ad0	hook_80
109	0x2a60	hook_81
110	0x29f0	hook_82
111	0x2980	hook_83
112	0x2910	hook_84
113	0x28a0	hook_85
114	0x2830	hook_86
115	0x27c0	hook_87
116	0x2750	hook_88
117	0x26e0	hook_89
118	0x49e0	hook_9
119	0x2670	hook_90
120	0x2600	hook_91
121	0x2590	hook_92
122	0x2520	hook_93
123	0x24b0	hook_94
124	0x2440	hook_95
125	0x23d0	hook_96
126	0x2360	hook_97
127	0x22f0	hook_98
128	0x2280	hook_99
129	0x51a0	register_hook

module_name	hdlsim.dll
flags	0
timestamp	2015-04-30 19:17:18
version	0.0
ordinal_base	1
nFunctions	129
nNames	129
Names(129)	0x1722c
Functions(129)	0x17028
NameOrdinals(129)	0x17430

show previews

offset	size	type	comment
0	285184	DLL	04/30/2015 19:17:18	#
15c1	15	HTM		#
45a00	37775	BIN	overlay data past EOF	#

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

[?] can't find file_offset of VA 0x1601c