L2Server.exe

info
MZ
PE
resources
strings
imports
foremost
hexdump
disasm
log
discuss
donate

filename	L2Server.exe
size	9332736 (0x8e6800)
md5	6d737205a9f246f5dddd9c8f8e050202

type	PE32+ executable (GUI) x86-64, for MS Windows
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0xe8

Rich Header

lib id	version	times used
125	50215	12
1	0	234
123	40310	19
109	50215	222
110	50215	357
124	50215	1
120	50215	1

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x8664
NumberOfSections	7
TimeDateStamp	0x43a2bbc4
PointerToSymbolTable	0
NumberOfSymbols	0
SizeOfOptionalHeader	0xf0
Characteristics	0x23
Magic	0x20b
LinkerVersion	8.0
SizeOfCode	0x571a00
SizeOfInitializedData	0x374a00
SizeOfUninitializedData	0
AddressOfEntryPoint	0x51d6b0
BaseOfCode	0x1000
ImageBase	0x400000
SectionAlignment	0x1000
FileAlignment	0x200
OperatingSystemVersion	4.0
ImageVersion	0.0
SubsystemVersion	5.2
Reserved1	0
SizeOfImage	0x1a2fd000
SizeOfHeaders	0x400
CheckSum	0x8ebca0
Subsystem	2
DllCharacteristics	0x8000
SizeOfStackReserve	0x100000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Sections

name	va	vsize	raw size	flags
.text	0x1000	0x57133a	0x571400	R-X CODE
TEXT	0x573000	0x5ee	0x600	R-X CODE
.rdata	0x574000	0x277a20	0x277c00	R-- IDATA
.data	0x7ec000	0x19a27338	0x15a00	RW- IDATA
.pdata	0x1a214000	0x4c5fc	0x4c600	R-- IDATA
.tls	0x1a261000	0x99701	0x99800	RW- IDATA
.rsrc	0x1a2fb000	0x1538	0x1600	R-- IDATA

Data Directory

type	va	size
EXPORT	0	0
IMPORT	0x7ea3c4	0xb4
RESOURCE	0x1a2fb000	0x1538
EXCEPTION	0x1a214000	0x4c5fc
SECURITY	0	0
BASERELOC	0	0
DEBUG	0x576a80	0x1c
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0x711460	0x28
LOAD_CONFIG	0	0
Bound_IAT	0	0
IAT	0x574000	0x708
Delay_IAT	0	0
CLR_Header	0	0

TLS

raw start	raw end	index	callbks	zero fill	flags
0x1a661000	0x1a6fa700	0x1a6116ec	0x976a40	0	0

show previews

type	name	size	cp
ICON	#1	744	1252
ICON	#2	296	1252
ICON	#3	296	1252
MENU	#109	1794	1252
DIALOG	#103	242	1252
DIALOG	#131	162	1252
DIALOG	#133	154	1252
DIALOG	#134	392	1252
DIALOG	#159	240	1252
STRING	#7	88	1252
ACCELERATORS	#109	16	1252
GROUP_ICON	#107	34	1252
GROUP_ICON	#108	20	1252
MANIFEST	#1	86	1252

id	lang	string
103	1033	L2Server
106	1033	Hello World!
109	1033	L2SERVER

module_name	hint	ord	function_name
WS2_32.dll		1
WS2_32.dll		9
WS2_32.dll		2
WS2_32.dll		23
WS2_32.dll		11
WS2_32.dll		19
WS2_32.dll		3
WS2_32.dll		6
WS2_32.dll		16
WS2_32.dll		12
WS2_32.dll		52
WS2_32.dll		21
WS2_32.dll		116
WS2_32.dll		115
WS2_32.dll		8
WS2_32.dll		13
WS2_32.dll	20		WSACreateEvent
WS2_32.dll	28		WSAEventSelect
WS2_32.dll		4
WS2_32.dll		111
WS2_32.dll	57		WSASend
WS2_32.dll	52		WSARecv
WS2_32.dll	56		WSAResetEvent
WS2_32.dll	18		WSACloseEvent
pdh.dll	75		PdhMakeCounterPathW
pdh.dll	121		PdhRemoveCounter
pdh.dll	59		PdhGetFormattedCounterValue
pdh.dll	14		PdhCollectQueryData
pdh.dll	4		PdhAddCounterW
pdh.dll	13		PdhCloseQuery
pdh.dll	81		PdhOpenQueryW
PSAPI.DLL	20		GetProcessMemoryInfo
iphlpapi.dll	28		GetAdaptersInfo
KERNEL32.dll	323		GetCurrentDirectoryA
KERNEL32.dll	365		GetFullPathNameW
KERNEL32.dll	383		GetModuleFileNameA
KERNEL32.dll	541		HeapSize
KERNEL32.dll	531		HeapCreate
KERNEL32.dll	540		HeapSetInformation
KERNEL32.dll	443		GetStdHandle
KERNEL32.dll	809		SetHandleCount
KERNEL32.dll	310		GetConsoleMode
KERNEL32.dll	873		TlsGetValue
KERNEL32.dll	874		TlsSetValue
KERNEL32.dll	293		GetConsoleCP
KERNEL32.dll	405		GetOEMCP
KERNEL32.dll	611		MapViewOfFile
KERNEL32.dll	88		CreateFileMappingW
KERNEL32.dll	858		Sleep
KERNEL32.dll	480		GetTickCount
KERNEL32.dll	952		__C_specific_handler
KERNEL32.dll	653		PostQueuedCompletionStatus
KERNEL32.dll	54		CloseHandle
KERNEL32.dll	241		FlushFileBuffers
KERNEL32.dll	936		WriteFile
KERNEL32.dll	801		SetFilePointer
KERNEL32.dll	89		CreateFileW
KERNEL32.dll	371		GetLastError
KERNEL32.dll	282		GetComputerNameW
KERNEL32.dll	920		WideCharToMultiByte
KERNEL32.dll	459		GetSystemTimeAsFileTime
KERNEL32.dll	373		GetLocalTime
KERNEL32.dll	975		lstrcpyW
KERNEL32.dll	717		ResumeThread
KERNEL32.dll	132		DeleteCriticalSection
KERNEL32.dll	548		InitializeCriticalSection
KERNEL32.dll	409		GetPrivateProfileIntW
KERNEL32.dll	415		GetPrivateProfileStringW
KERNEL32.dll	83		CreateEventW
KERNEL32.dll	916		WaitForSingleObject
KERNEL32.dll	796		SetEvent
KERNEL32.dll	155		EnterCriticalSection
KERNEL32.dll	588		LeaveCriticalSection
KERNEL32.dll	688		ReadFile
KERNEL32.dll	384		GetModuleFileNameW
KERNEL32.dll	908		VirtualQuery
KERNEL32.dll	846		SetUnhandledExceptionFilter
KERNEL32.dll	279		GetComputerNameA
KERNEL32.dll	860		SuspendThread
KERNEL32.dll	329		GetCurrentThreadId
KERNEL32.dll	790		SetEndOfFile
KERNEL32.dll	649		OutputDebugStringW
KERNEL32.dll	188		ExitProcess
KERNEL32.dll	325		GetCurrentProcess
KERNEL32.dll	358		GetFileSize
KERNEL32.dll	247		FormatMessageW
KERNEL32.dll	92		CreateIoCompletionPort
KERNEL32.dll	224		FindNextFileW
KERNEL32.dll	216		FindFirstFileW
KERNEL32.dll	346		GetEnvironmentStringsW
KERNEL32.dll	862		SwitchToThread
KERNEL32.dll	914		WaitForMultipleObjects
KERNEL32.dll	438		GetQueuedCompletionStatus
KERNEL32.dll	835		SetThreadAffinityMask
KERNEL32.dll	549		InitializeCriticalSectionAndSpinCount
KERNEL32.dll	100		CreateMutexW
KERNEL32.dll	81		CreateDirectoryW
KERNEL32.dll	135		DeleteFileW
KERNEL32.dll	418		GetProcAddress
KERNEL32.dll	592		LoadLibraryW
KERNEL32.dll	388		GetModuleHandleW
KERNEL32.dll	326		GetCurrentProcessId
KERNEL32.dll	813		SetLastError
KERNEL32.dll	558		IsBadReadPtr
KERNEL32.dll	560		IsBadStringPtrW
KERNEL32.dll	641		OpenProcess
KERNEL32.dll	518		GlobalMemoryStatusEx
KERNEL32.dll	111		CreateSemaphoreW
KERNEL32.dll	702		ReleaseSemaphore
KERNEL32.dll	200		FileTimeToSystemTime
KERNEL32.dll	199		FileTimeToLocalFileTime
KERNEL32.dll	624		MultiByteToWideChar
KERNEL32.dll	942		WritePrivateProfileStringW
KERNEL32.dll	251		FreeLibrary
KERNEL32.dll	589		LoadLibraryA
KERNEL32.dll	872		TlsFree
KERNEL32.dll	871		TlsAlloc
KERNEL32.dll	483		GetTimeZoneInformation
KERNEL32.dll	447		GetStringTypeW
KERNEL32.dll	444		GetStringTypeA
KERNEL32.dll	576		LCMapStringW
KERNEL32.dll	575		LCMapStringA
KERNEL32.dll	441		GetStartupInfoA
KERNEL32.dll	421		GetProcessHeap
KERNEL32.dll	490		GetVersionExA
KERNEL32.dll	275		GetCommandLineA
KERNEL32.dll	361		GetFileType
KERNEL32.dll	343		GetDriveTypeW
KERNEL32.dll	209		FindClose
KERNEL32.dll	620		MoveFileW
KERNEL32.dll	356		GetFileAttributesW
KERNEL32.dll	113		CreateThread
KERNEL32.dll	189		ExitThread
KERNEL32.dll	529		HeapAlloc
KERNEL32.dll	535		HeapFree
KERNEL32.dll	263		GetCPInfo
KERNEL32.dll	728		RtlPcToFileHeader
KERNEL32.dll	674		RaiseException
KERNEL32.dll	732		RtlUnwindEx
KERNEL32.dll	726		RtlLookupFunctionEntry
KERNEL32.dll	719		RtlCaptureContext
KERNEL32.dll	882		UnhandledExceptionFilter
KERNEL32.dll	385		GetModuleHandleA
KERNEL32.dll	330		GetDateFormatA
KERNEL32.dll	481		GetTimeFormatA
KERNEL32.dll	828		SetStdHandle
KERNEL32.dll	249		FreeEnvironmentStringsA
KERNEL32.dll	344		GetEnvironmentStrings
KERNEL32.dll	454		GetSystemInfo
KERNEL32.dll	250		FreeEnvironmentStringsW
KERNEL32.dll	670		QueryPerformanceCounter
KERNEL32.dll	866		TerminateProcess
KERNEL32.dll	374		GetLocaleInfoA
KERNEL32.dll	539		HeapReAlloc
KERNEL32.dll	484		GetUserDefaultLCID
KERNEL32.dll	178		EnumSystemLocalesA
KERNEL32.dll	572		IsValidLocale
KERNEL32.dll	570		IsValidCodePage
KERNEL32.dll	925		WriteConsoleA
KERNEL32.dll	312		GetConsoleOutputCP
KERNEL32.dll	935		WriteConsoleW
KERNEL32.dll	375		GetLocaleInfoW
KERNEL32.dll	86		CreateFileA
KERNEL32.dll	342		GetDriveTypeA
KERNEL32.dll	60		CompareStringA
KERNEL32.dll	61		CompareStringW
KERNEL32.dll	885		UnmapViewOfFile
KERNEL32.dll	793		SetEnvironmentVariableA
KERNEL32.dll	256		GetACP
USER32.dll	737		wvsprintfW
USER32.dll	406		InvalidateRect
USER32.dll	257		GetClientRect
USER32.dll	13		BeginPaint
USER32.dll	226		FillRect
USER32.dll	200		EndPaint
USER32.dll	442		LoadAcceleratorsW
USER32.dll	97		CreateWindowExW
USER32.dll	665		ShowWindow
USER32.dll	707		UpdateWindow
USER32.dll	450		LoadIconW
USER32.dll	448		LoadCursorW
USER32.dll	539		RegisterClassExW
USER32.dll	495		MoveWindow
USER32.dll	367		GetWindowInfo
USER32.dll	519		PostQuitMessage
USER32.dll	159		DialogBoxParamW
USER32.dll	143		DefWindowProcW
USER32.dll	320		GetMessageW
USER32.dll	687		TranslateAcceleratorW
USER32.dll	689		TranslateMessage
USER32.dll	162		DispatchMessageW
USER32.dll	570		SendDlgItemMessageW
USER32.dll	198		EndDialog
USER32.dll	489		MessageBoxW
USER32.dll	302		GetMenu
USER32.dll	57		CheckMenuItem
USER32.dll	735		wsprintfW
USER32.dll	639		SetTimer
USER32.dll	463		LoadStringW
GDI32.dll	526		SelectObject
GDI32.dll	437		GetTextExtentPoint32W
GDI32.dll	445		GetTextMetricsW
GDI32.dll	572		SetTextColor
GDI32.dll	591		TextOutW
GDI32.dll	421		GetStockObject
ADVAPI32.dll	467		RegCreateKeyW
ADVAPI32.dll	466		RegCreateKeyExW
ADVAPI32.dll	514		RegSetValueExW
ADVAPI32.dll	491		RegOpenKeyExW
ADVAPI32.dll	501		RegQueryValueExW
ADVAPI32.dll	459		RegCloseKey
ADVAPI32.dll	157		CryptHashData
ADVAPI32.dll	153		CryptGetHashParam
ADVAPI32.dll	139		CryptDestroyHash
ADVAPI32.dll	136		CryptCreateHash
ADVAPI32.dll	160		CryptReleaseContext
ADVAPI32.dll	134		CryptAcquireContextW

show previews

offset	size	type	comment
15c1	15	HTM		#
15d0	9327152	BIN	overlay data past EOF	#

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

[?] can't find file_offset of VA 0x1a2116ec