XiDRF.exe - XiDRF Framework

info
MZ
PE
resources
imports
foremost
version info
hexdump
disasm
log
discuss
donate

filename	XiDRF.exe
size	36888576 (0x232e000)
md5	c944e888f91cb4f8c5e80954acd0dc97

type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0x80

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x14c
NumberOfSections	3
TimeDateStamp	0x574c5a5a
PointerToSymbolTable	0
NumberOfSymbols	0
SizeOfOptionalHeader	0xe0
Characteristics	0x102
Magic	0x10b
LinkerVersion	80.0
SizeOfCode	0x2313800
SizeOfInitializedData	0x1a600
SizeOfUninitializedData	0
AddressOfEntryPoint	0x231579e
BaseOfCode	0x2000
BaseOfData	0x2316000
ImageBase	0x400000
SectionAlignment	0x2000
FileAlignment	0x200
OperatingSystemVersion	4.0
ImageVersion	0.0
SubsystemVersion	6.0
Reserved1	0
SizeOfImage	0x2334000
SizeOfHeaders	0x200
CheckSum	0
Subsystem	2
DllCharacteristics	0x8560
SizeOfStackReserve	0x100000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Sections

name	va	vsize	raw size	flags
.text	0x2000	0x23137fc	0x2313800	R-X CODE
.rsrc	0x2316000	0x1a2d0	0x1a400	R-- IDATA
.reloc	0x2332000	0xc	0x200	R-- IDATA DISCARDABLE

Data Directory

type	va	size
EXPORT	0	0
IMPORT	0x231574c	0x4f
RESOURCE	0x2316000	0x1a2d0
EXCEPTION	0	0
SECURITY	0	0
BASERELOC	0x2332000	0xc
DEBUG	0	0
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0	0
LOAD_CONFIG	0	0
Bound_IAT	0	0
IAT	0x2000	8
Delay_IAT	0	0
CLR_Header	0x2008	0x48

show previews

type	name	size
ICON	#1	4226
ICON	#2	16936
ICON	#3	4264
ICON	#4	9640
ICON	#5	67624
GROUP_ICON	#32512	76
VERSION	#1	784
MANIFEST	#1	3163

module_name	hint	ord	function_name
mscoree.dll			_CorExeMain

StringTable 000004b0

Comments
CompanyName
FileDescription	XiDRF Framework
FileVersion	1.0.4.0
InternalName	XiDRF.exe
LegalCopyright	Copyright © 2016
LegalTrademarks
OriginalFilename	XiDRF.exe
ProductName	XiDRF
ProductVersion	1.0.4.0
Assembly Version	1.0.0.0

VS_FIXEDFILEINFO

FileVersion	1.0.4.0
ProductVersion	1.0.4.0
StrucVersion	0x10000
FileFlagsMask	0x3f
FileFlags	0
FileOS	4
FileType	1
FileSubtype	0

show previews

offset	size	type	comment
15c1	15	HTM		#
3ee43	4226	PNG	(256 x 256)	#
58008	74517	PNG	(870 x 100)	#
6a814	285658	PNG	(532 x 425)	#
b0491	125309	PNG	(532 x 425)	#
ceeb1	285658	PNG	(532 x 425)	#
115171	639607	PNG	(1365 x 767)	#
1b153f	4226	PNG	(256 x 256)	#
1ca704	59544	PNG	(263 x 123)	#
1d903f	19855	PNG	(273 x 133)	#
1dde71	11129	GIF	(500 x 430)	#
233df1	11129	GIF	(500 x 430)	#
289d71	19855	PNG	(273 x 133)	#
28eba3	19855	PNG	(273 x 133)	#
2939d5	19855	PNG	(273 x 133)	#
298807	19855	PNG	(273 x 133)	#
29d639	19855	PNG	(273 x 133)	#
2a246b	19855	PNG	(273 x 133)	#
2a729d	19855	PNG	(273 x 133)	#
2ac0cf	19855	PNG	(273 x 133)	#
2b0f01	19855	PNG	(273 x 133)	#
2b5d33	19855	PNG	(273 x 133)	#
2bab65	19855	PNG	(273 x 133)	#
2bf997	19855	PNG	(273 x 133)	#
2c47c9	19855	PNG	(273 x 133)	#
2c95fb	19855	PNG	(273 x 133)	#
2ce42d	19855	PNG	(273 x 133)	#
2d3d0d	17889	PNG	(14 x 14)	#
2d8391	413	PNG	(16 x 16)	#
2d85d1	17767	PNG	(14 x 14)	#
2dcbdb	413	PNG	(16 x 16)	#
2dce1b	413	PNG	(16 x 16)	#
2dd05b	383	PNG	(16 x 16)	#
2dd369	17702	JPG		#
2e1932	19335	PNG	(275 x 358)	#
2e655c	17702	JPG		#
2eab25	16533	JPG		#
2eec5d	16533	JPG		#
2f2d95	130278	JPG		#
312b1e	10917	JPG		#
315666	10917	JPG		#
3181ae	137021	JPG		#
33998e	137021	JPG		#
35b16e	485	PNG	(20 x 19)	#
35b3f6	558	PNG	(16 x 16)	#
35b6c7	558	PNG	(16 x 16)	#
35b998	260	PNG	(16 x 16)	#
35bb3f	260	PNG	(16 x 16)	#
35bce6	557	PNG	(16 x 16)	#
35bfb6	275	PNG	(16 x 16)	#
35c16c	399	PNG	(16 x 16)	#
35c39e	774	PNG	(32 x 32)	#
35c747	364	PNG	(16 x 16)	#
35c956	389	PNG	(16 x 16)	#
35cb7e	260	PNG	(16 x 16)	#
35cd25	557	PNG	(16 x 16)	#
35cff5	943	PNG	(24 x 24)	#
35d447	399	PNG	(16 x 16)	#
35d679	199	PNG	(14 x 14)	#
35d7e3	485	PNG	(20 x 19)	#
35da6b	774	PNG	(32 x 32)	#
35de14	364	PNG	(16 x 16)	#
35e023	389	PNG	(16 x 16)	#
35e24b	363	PNG	(16 x 16)	#
35e459	244	PNG	(16 x 16)	#
35e5f0	363	PNG	(16 x 16)	#
35e7fe	244	PNG	(16 x 16)	#
35eae5	19899	PNG	(263 x 123)	#
363fab	16975	PNG	(256 x 256)	#
3805d8	4226	PNG	(256 x 256)	#
39979d	1019923	PNG	(1365 x 767)	#
492ab2	3729	PNG	(128 x 128)	#
493f5e	115004	JPG		#
4c9f2f	1104050	PNG	(1252 x 902)	#
5d7884	1153138	PNG	(1252 x 902)	#
711e97	6101987	PNG	(2439 x 1737)	#
ce3b1d	3276953	PNG	(2439 x 1737)	#
1003c59	954299	PNG	(601 x 1452)	#
10eccb7	768048	PNG	(601 x 1452)	#
11a858a	1041055	PNG	(601 x 1452)	#
12a68cc	2593004	PNG	(1252 x 902)	#
16dc304	620817	PNG	(799 x 595)	#
1773cb8	621259	PNG	(799 x 595)	#
180b826	590360	PNG	(615 x 437)	#
189bae1	590964	PNG	(615 x 437)	#
192bff8	2909293	PNG	(2439 x 1737)	#
1bf2508	2722828	PNG	(2439 x 1737)	#
1ee8301	462371	PNG	(2439 x 1737)	#
1f591c7	69004	PNG	(234 x 234)	#
1f69ff6	68799	PNG	(490 x 489)	#
1f897a1	2595333	PNG	(1252 x 902)	#
22033da	557671	PNG	(1022 x 606)	#
228b6e4	557671	PNG	(1022 x 606)	#
2313b80	4226	PNG	(256 x 256)	#
2314c02	103422	BIN	overlay data past EOF	#

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

[?] ignoring invalid PEdump::BITMAPINFOHEADER

XiDRF.exe- XiDRF Framework

MZ Header

DOS stub

PE Header

Sections

Data Directory

StringTable 000004b0

VS_FIXEDFILEINFO

XiDRF.exe
- XiDRF Framework