| filename | notepad.exe | |
|---|---|---|
| size | 352256 (0x56000) | |
| md5 | 3acd46e57d62c79da122ad9d4456915e | |
| type | PE32+ executable (GUI) x86-64, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | scan pending | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xf0 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 147 | 30729 | 44 |
| 260 | 29395 | 10 |
| 259 | 29395 | 4 |
| 261 | 29395 | 31 |
| 257 | 29395 | 9 |
| 1 | 0 | 1364 |
| 264 | 29395 | 27 |
| 253 | 29395 | 1 |
| 255 | 29395 | 1 |
| 258 | 29395 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
Data Directory
| module_name | hint | ord | function_name |
|---|---|---|---|
| KERNEL32.dll | 1340 | SetEvent | |
| KERNEL32.dll | 850 | GlobalFree | |
| KERNEL32.dll | 632 | GetLocaleInfoW | |
| KERNEL32.dll | 211 | CreateFileW | |
| KERNEL32.dll | 1164 | ReadFile | |
| KERNEL32.dll | 452 | GetACP | |
| KERNEL32.dll | 554 | GetCurrentProcess | |
| KERNEL32.dll | 489 | GetCommandLineW | |
| KERNEL32.dll | 875 | HeapSetInformation | |
| KERNEL32.dll | 1000 | LocalFree | |
| KERNEL32.dll | 995 | LocalAlloc | |
| KERNEL32.dll | 402 | FindFirstFileW | |
| KERNEL32.dll | 391 | FindClose | |
| KERNEL32.dll | 438 | FoldStringW | |
| KERNEL32.dll | 956 | K32GetModuleFileNameExW | |
| KERNEL32.dll | 648 | GetModuleFileNameW | |
| KERNEL32.dll | 819 | GetUserDefaultUILanguage | |
| KERNEL32.dll | 629 | GetLocalTime | |
| KERNEL32.dll | 565 | GetDateFormatW | |
| KERNEL32.dll | 808 | GetTimeFormatW | |
| KERNEL32.dll | 1577 | WideCharToMultiByte | |
| KERNEL32.dll | 1597 | WriteFile | |
| KERNEL32.dll | 601 | GetFileAttributesW | |
| KERNEL32.dll | 1002 | LocalLock | |
| KERNEL32.dll | 198 | CreateEventExW | |
| KERNEL32.dll | 288 | DeleteFileW | |
| KERNEL32.dll | 1334 | SetEndOfFile | |
| KERNEL32.dll | 598 | GetFileAttributesExW | |
| KERNEL32.dll | 603 | GetFileInformationByHandle | |
| KERNEL32.dll | 208 | CreateFileMappingW | |
| KERNEL32.dll | 1015 | MapViewOfFile | |
| KERNEL32.dll | 1032 | MultiByteToWideChar | |
| KERNEL32.dll | 1003 | LocalReAlloc | |
| KERNEL32.dll | 1499 | UnmapViewOfFile | |
| KERNEL32.dll | 621 | GetFullPathNameW | |
| KERNEL32.dll | 1005 | LocalSize | |
| KERNEL32.dll | 744 | GetStartupInfoW | |
| KERNEL32.dll | 1634 | lstrcmpiW | |
| KERNEL32.dll | 409 | FindNLSString | |
| KERNEL32.dll | 854 | GlobalLock | |
| KERNEL32.dll | 861 | GlobalUnlock | |
| KERNEL32.dll | 843 | GlobalAlloc | |
| KERNEL32.dll | 1327 | SetCurrentDirectoryW | |
| KERNEL32.dll | 572 | GetDiskFreeSpaceExW | |
| KERNEL32.dll | 194 | CreateDirectoryW | |
| KERNEL32.dll | 1212 | RegisterApplicationRestart | |
| KERNEL32.dll | 547 | GetCurrentDirectoryW | |
| KERNEL32.dll | 238 | CreateProcessW | |
| KERNEL32.dll | 1538 | WaitForSingleObject | |
| KERNEL32.dll | 1147 | RaiseException | |
| KERNEL32.dll | 1031 | MulDiv | |
| KERNEL32.dll | 919 | IsDebuggerPresent | |
| KERNEL32.dll | 273 | DebugBreak | |
| KERNEL32.dll | 652 | GetModuleHandleW | |
| KERNEL32.dll | 715 | GetProcessHeap | |
| KERNEL32.dll | 555 | GetCurrentProcessId | |
| KERNEL32.dll | 283 | DeleteCriticalSection | |
| KERNEL32.dll | 1 | AcquireSRWLockShared | |
| KERNEL32.dll | 225 | CreateMutexExW | |
| KERNEL32.dll | 708 | GetProcAddress | |
| KERNEL32.dll | 867 | HeapAlloc | |
| KERNEL32.dll | 255 | CreateThreadpoolTimer | |
| KERNEL32.dll | 1229 | ReleaseSRWLockShared | |
| KERNEL32.dll | 1424 | SetThreadpoolTimer | |
| KERNEL32.dll | 142 | CloseHandle | |
| KERNEL32.dll | 1064 | OpenSemaphoreW | |
| KERNEL32.dll | 1539 | WaitForSingleObjectEx | |
| KERNEL32.dll | AcquireSRWLockExclusive | ||
| KERNEL32.dll | 152 | CloseThreadpoolTimer | |
| KERNEL32.dll | 1072 | OutputDebugStringW | |
| KERNEL32.dll | 1228 | ReleaseSRWLockExclusive | |
| KERNEL32.dll | 628 | GetLastError | |
| KERNEL32.dll | 441 | FormatMessageW | |
| KERNEL32.dll | 559 | GetCurrentThreadId | |
| KERNEL32.dll | 1225 | ReleaseMutex | |
| KERNEL32.dll | 1541 | WaitForThreadpoolTimerCallbacks | |
| KERNEL32.dll | 894 | InitializeCriticalSectionEx | |
| KERNEL32.dll | 982 | LeaveCriticalSection | |
| KERNEL32.dll | 651 | GetModuleHandleExW | |
| KERNEL32.dll | 1230 | ReleaseSemaphore | |
| KERNEL32.dll | 321 | EnterCriticalSection | |
| KERNEL32.dll | 1367 | SetLastError | |
| KERNEL32.dll | 871 | HeapFree | |
| KERNEL32.dll | 647 | GetModuleFileNameA | |
| KERNEL32.dll | 244 | CreateSemaphoreExW | |
| KERNEL32.dll | 1007 | LocalUnlock | |
| KERNEL32.dll | 1251 | ResolveDelayLoadedAPI | |
| KERNEL32.dll | 280 | DelayLoadFailureHook | |
| GDI32.dll | 52 | CreateDCW | |
| GDI32.dll | 934 | StartPage | |
| GDI32.dll | 932 | StartDocW | |
| GDI32.dll | 877 | SetAbortProc | |
| GDI32.dll | 402 | EndDoc | |
| GDI32.dll | AbortDoc | ||
| GDI32.dll | 405 | EndPage | |
| GDI32.dll | 734 | GetTextMetricsW | |
| GDI32.dll | 883 | SetBkMode | |
| GDI32.dll | 750 | LPtoDP | |
| GDI32.dll | 928 | SetWindowExtEx | |
| GDI32.dll | 924 | SetViewportExtEx | |
| GDI32.dll | 904 | SetMapMode | |
| GDI32.dll | 941 | TextOutW | |
| GDI32.dll | 459 | EnumFontsW | |
| GDI32.dll | 732 | GetTextFaceW | |
| GDI32.dll | 642 | GetDeviceCaps | |
| GDI32.dll | 389 | DeleteDC | |
| GDI32.dll | 392 | DeleteObject | |
| GDI32.dll | 882 | SetBkColor | |
| GDI32.dll | 90 | CreateSolidBrush | |
| GDI32.dll | 726 | GetTextExtentPoint32W | |
| GDI32.dll | 875 | SelectObject | |
| GDI32.dll | 49 | CreateCompatibleDC | |
| GDI32.dll | 67 | CreateFontIndirectW | |
| USER32.dll | 272 | FillRect | |
| USER32.dll | 222 | DrawTextW | |
| USER32.dll | 210 | DrawFocusRect | |
| USER32.dll | 167 | DefWindowProcW | |
| USER32.dll | 939 | TrackMouseEvent | |
| USER32.dll | 547 | InvalidateRect | |
| USER32.dll | 177 | DestroyIcon | |
| USER32.dll | 875 | SetThreadDpiAwarenessContext | |
| USER32.dll | 186 | DialogBoxParamW | |
| USER32.dll | 602 | LoadIconW | |
| USER32.dll | 344 | GetFocus | |
| USER32.dll | 650 | MessageBoxW | |
| USER32.dll | 914 | ShowWindow | |
| USER32.dll | 808 | SetCursor | |
| USER32.dll | 795 | SetActiveWindow | |
| USER32.dll | 233 | EnableMenuItem | |
| USER32.dll | 566 | IsIconic | |
| USER32.dll | 823 | SetFocus | |
| USER32.dll | 642 | MessageBeep | |
| USER32.dll | 345 | GetForegroundWindow | |
| USER32.dll | 332 | GetDlgCtrlID | |
| USER32.dll | 894 | SetWindowPos | |
| USER32.dll | 730 | RedrawWindow | |
| USER32.dll | 362 | GetKeyboardLayout | |
| USER32.dll | 52 | CharNextW | |
| USER32.dll | 882 | SetWinEventHook | |
| USER32.dll | 394 | GetMessageW | |
| USER32.dll | 944 | TranslateAcceleratorW | |
| USER32.dll | 562 | IsDialogMessageW | |
| USER32.dll | 946 | TranslateMessage | |
| USER32.dll | 189 | DispatchMessageW | |
| USER32.dll | 949 | UnhookWinEvent | |
| USER32.dll | 899 | SetWindowTextW | |
| USER32.dll | 376 | GetMenu | |
| USER32.dll | 451 | GetSubMenu | |
| USER32.dll | 667 | OpenClipboard | |
| USER32.dll | 559 | IsClipboardFormatAvailable | |
| USER32.dll | 79 | CloseClipboard | |
| USER32.dll | 67 | CheckMenuItem | |
| USER32.dll | 820 | SetDlgItemTextW | |
| USER32.dll | 336 | GetDlgItemTextW | |
| USER32.dll | 242 | EndDialog | |
| USER32.dll | 783 | SendDlgItemMessageW | |
| USER32.dll | 863 | SetScrollPos | |
| USER32.dll | 972 | UpdateWindow | |
| USER32.dll | 495 | GetWindowPlacement | |
| USER32.dll | 893 | SetWindowPlacement | |
| USER32.dll | 63 | CharUpperW | |
| USER32.dll | 455 | GetSystemMenu | |
| USER32.dll | 594 | LoadAcceleratorsW | |
| USER32.dll | 892 | SetWindowLongW | |
| USER32.dll | 655 | MonitorFromWindow | |
| USER32.dll | 762 | RegisterWindowMessageW | |
| USER32.dll | 600 | LoadCursorW | |
| USER32.dll | 604 | LoadImageW | |
| USER32.dll | 503 | GetWindowTextLengthW | |
| USER32.dll | 490 | GetWindowLongW | |
| USER32.dll | 681 | PeekMessageW | |
| USER32.dll | 504 | GetWindowTextW | |
| USER32.dll | 239 | EnableWindow | |
| USER32.dll | 106 | CreateDialogParamW | |
| USER32.dll | 221 | DrawTextExW | |
| USER32.dll | 307 | GetClientRect | |
| USER32.dll | 181 | DestroyWindow | |
| USER32.dll | 341 | GetDpiForWindow | |
| USER32.dll | 17 | BeginPaint | |
| USER32.dll | 686 | PostQuitMessage | |
| USER32.dll | 118 | CreateWindowExW | |
| USER32.dll | 734 | RegisterClassExW | |
| USER32.dll | 615 | LoadStringW | |
| USER32.dll | 929 | SystemParametersInfoForDpi | |
| USER32.dll | 792 | SendMessageW | |
| USER32.dll | 656 | MoveWindow | |
| USER32.dll | 322 | GetDC | |
| USER32.dll | 764 | ReleaseDC | |
| USER32.dll | 244 | EndPaint | |
| USER32.dll | 685 | PostMessageW | |
| api-ms-win-crt-string-l1-1-0.dll | 131 | memset | |
| api-ms-win-crt-string-l1-1-0.dll | 158 | wcscmp | |
| api-ms-win-crt-string-l1-1-0.dll | 169 | wcsnlen | |
| api-ms-win-crt-runtime-l1-1-0.dll | 54 | _initterm | |
| api-ms-win-crt-runtime-l1-1-0.dll | 55 | _initterm_e | |
| api-ms-win-crt-runtime-l1-1-0.dll | 21 | _c_exit | |
| api-ms-win-crt-runtime-l1-1-0.dll | 61 | _register_thread_local_exe_atexit_callback | |
| api-ms-win-crt-private-l1-1-0.dll | 143 | _o__beginthreadex | |
| api-ms-win-crt-private-l1-1-0.dll | 145 | _o__callnewh | |
| api-ms-win-crt-private-l1-1-0.dll | 147 | _o__cexit | |
| api-ms-win-crt-private-l1-1-0.dll | 159 | _o__configthreadlocale | |
| api-ms-win-crt-private-l1-1-0.dll | 161 | _o__configure_wide_argv | |
| api-ms-win-crt-private-l1-1-0.dll | 167 | _o__crt_atexit | |
| api-ms-win-crt-private-l1-1-0.dll | 192 | _o__errno | |
| api-ms-win-crt-private-l1-1-0.dll | 199 | _o__exit | |
| api-ms-win-crt-private-l1-1-0.dll | 281 | _o__get_wide_winmain_command_line | |
| api-ms-win-crt-private-l1-1-0.dll | 317 | _o__initialize_onexit_table | |
| api-ms-win-crt-private-l1-1-0.dll | 318 | _o__initialize_wide_environment | |
| api-ms-win-crt-private-l1-1-0.dll | 319 | _o__invalid_parameter_noinfo | |
| api-ms-win-crt-private-l1-1-0.dll | 579 | _o__purecall | |
| api-ms-win-crt-private-l1-1-0.dll | 593 | _o__register_onexit_function | |
| api-ms-win-crt-private-l1-1-0.dll | 602 | _o__seh_filter_exe | |
| api-ms-win-crt-private-l1-1-0.dll | 604 | _o__set_app_type | |
| api-ms-win-crt-private-l1-1-0.dll | 607 | _o__set_fmode | |
| api-ms-win-crt-private-l1-1-0.dll | 610 | _o__set_new_mode | |
| api-ms-win-crt-private-l1-1-0.dll | 717 | _o__wcsicmp | |
| api-ms-win-crt-private-l1-1-0.dll | 823 | _o__wtol | |
| api-ms-win-crt-private-l1-1-0.dll | 877 | _o_exit | |
| api-ms-win-crt-private-l1-1-0.dll | 909 | _o_free | |
| api-ms-win-crt-private-l1-1-0.dll | 945 | _o_iswdigit | |
| api-ms-win-crt-private-l1-1-0.dll | 984 | _o_malloc | |
| api-ms-win-crt-private-l1-1-0.dll | 1078 | _o_terminate | |
| api-ms-win-crt-private-l1-1-0.dll | 18 | __CxxFrameHandler3 | |
| api-ms-win-crt-private-l1-1-0.dll | 32 | __current_exception | |
| api-ms-win-crt-private-l1-1-0.dll | 33 | __current_exception_context | |
| api-ms-win-crt-private-l1-1-0.dll | 1 | _CxxThrowException | |
| api-ms-win-crt-private-l1-1-0.dll | 112 | _o___stdio_common_vswprintf | |
| api-ms-win-crt-private-l1-1-0.dll | 1131 | wcschr | |
| api-ms-win-crt-private-l1-1-0.dll | 12 | __C_specific_handler | |
| api-ms-win-crt-private-l1-1-0.dll | 95 | _o___std_exception_destroy | |
| api-ms-win-crt-private-l1-1-0.dll | 94 | _o___std_exception_copy | |
| api-ms-win-crt-private-l1-1-0.dll | 83 | _o___p__commode | |
| api-ms-win-crt-private-l1-1-0.dll | 1122 | memcmp | |
| api-ms-win-crt-private-l1-1-0.dll | 1123 | memcpy | |
| api-ms-win-crt-private-l1-1-0.dll | 1124 | memmove | |
| api-ms-win-core-com-l1-1-0.dll | 66 | CoTaskMemAlloc | |
| api-ms-win-core-com-l1-1-0.dll | 73 | CoWaitForMultipleHandles | |
| api-ms-win-core-com-l1-1-0.dll | 7 | CoCreateFreeThreadedMarshaler | |
| api-ms-win-core-com-l1-1-0.dll | 9 | CoCreateInstance | |
| api-ms-win-core-com-l1-1-0.dll | 40 | CoInitializeEx | |
| api-ms-win-core-com-l1-1-0.dll | 70 | CoUninitialize | |
| api-ms-win-core-com-l1-1-0.dll | 8 | CoCreateGuid | |
| api-ms-win-core-com-l1-1-0.dll | 67 | CoTaskMemFree | |
| api-ms-win-core-com-l1-1-0.dll | 80 | PropVariantClear | |
| api-ms-win-core-shlwapi-legacy-l1-1-0.dll | 34 | PathIsFileSpecW | |
| api-ms-win-core-shlwapi-legacy-l1-1-0.dll | 22 | PathFindExtensionW | |
| api-ms-win-core-shlwapi-legacy-l1-1-0.dll | 20 | PathFileExistsW | |
| api-ms-win-core-winrt-string-l1-1-0.dll | 10 | WindowsCreateString | |
| api-ms-win-core-winrt-string-l1-1-0.dll | 12 | WindowsDeleteString | |
| api-ms-win-core-winrt-string-l1-1-0.dll | 11 | WindowsCreateStringReference | |
| api-ms-win-core-winrt-string-l1-1-0.dll | 16 | WindowsGetStringRawBuffer | |
| api-ms-win-core-winrt-l1-1-0.dll | 1 | RoGetActivationFactory | |
| api-ms-win-shcore-obsolete-l1-1-0.dll | 2 | SHStrDupW | |
| api-ms-win-shcore-path-l1-1-0.dll | 170 | ||
| api-ms-win-shcore-scaling-l1-1-1.dll | GetDpiForMonitor | ||
| api-ms-win-core-rtlsupport-l1-1-0.dll | 768 | RtlCaptureContext | |
| api-ms-win-core-rtlsupport-l1-1-0.dll | 1281 | RtlLookupFunctionEntry | |
| api-ms-win-core-rtlsupport-l1-1-0.dll | 1605 | RtlVirtualUnwind | |
| api-ms-win-core-errorhandling-l1-1-0.dll | 17 | UnhandledExceptionFilter | |
| api-ms-win-core-errorhandling-l1-1-0.dll | 15 | SetUnhandledExceptionFilter | |
| api-ms-win-core-processthreads-l1-1-0.dll | 85 | TerminateProcess | |
| api-ms-win-core-processthreads-l1-1-1.dll | 29 | GetProcessMitigationPolicy | |
| api-ms-win-core-processthreads-l1-1-1.dll | 50 | IsProcessorFeaturePresent | |
| api-ms-win-core-profile-l1-1-0.dll | QueryPerformanceCounter | ||
| api-ms-win-core-sysinfo-l1-1-0.dll | 22 | GetSystemTimeAsFileTime | |
| api-ms-win-core-interlocked-l1-1-0.dll | InitializeSListHead | ||
| api-ms-win-core-libraryloader-l1-2-0.dll | 13 | FreeLibrary | |
| api-ms-win-core-winrt-error-l1-1-0.dll | 18 | SetRestrictedErrorInfo | |
| api-ms-win-core-string-l1-1-0.dll | 1 | CompareStringOrdinal | |
| api-ms-win-core-winrt-error-l1-1-1.dll | 6 | RoGetMatchingRestrictedErrorInfo | |
| COMCTL32.dll | 114 | ImageList_SetBkColor | |
| COMCTL32.dll | 12 | CreateStatusWindowW | |
| COMCTL32.dll | 345 | ||
| COMCTL32.dll | 85 | ImageList_Destroy | |
| COMCTL32.dll | 413 | ||
| COMCTL32.dll | 100 | ImageList_GetIconSize | |
| COMCTL32.dll | 91 | ImageList_Draw | |
| COMCTL32.dll | 410 | ||
| COMCTL32.dll | 112 | ImageList_ReplaceIcon | |
| COMCTL32.dll | 381 | ||
| COMCTL32.dll | 84 | ImageList_Create |
StringTable 040904B0
| CompanyName | Microsoft Corporation |
| FileDescription | Notepad |
| FileVersion | 10.0.22000.2360 (WinBuild.160101.0800) |
| InternalName | Notepad |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | NOTEPAD.EXE |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion | 10.0.22000.2360 |
VS_FIXEDFILEINFO
| FileVersion | 10.0.22000.2360 |
| ProductVersion | 10.0.22000.2360 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x3f |
| FileFlags | 0 |
| FileOS | 0x40004 |
| FileType | 1 |
| FileSubtype | 0 |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] ignoring invalid PEdump::BITMAPINFOHEADER