filenamedump.bin
size66048 (0x10200)
md5e7c61a1bef8532784a2dd3e74c5178e6
typePE32 executable (GUI) Intel 80386, for MS Windows
mimetypeapplication/x-dosexec
clamavWin.Trojan.CryptoTorLocker2015 FOUND
virustotal→ scan with virustotal.com
histogram

MZ Header

signatureMZ
bytes_in_last_block0x90
blocks_in_file3
num_relocs0
header_paragraphs4
min_extra_paragraphs0
max_extra_paragraphs0xffff
ss0
sp0xb8
checksum0
ip0
cs0
reloc_table_offset0x40
overlay_number0
reserved00
oem_id0
oem_info0
reserved20
reserved30
reserved40
reserved50
reserved60
lfanew0x80

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

SignaturePE
Machine0x14c
NumberOfSections4
TimeDateStamp0x4f25949f
PointerToSymbolTable0
NumberOfSymbols0
SizeOfOptionalHeader0xe0
Characteristics0x10f
Magic0x10b
LinkerVersion5.12
SizeOfCode0x1800
SizeOfInitializedData0xfaa00
SizeOfUninitializedData0
AddressOfEntryPoint0x21d1
BaseOfCode0x1000
BaseOfData0x3000
ImageBase0x400000
SectionAlignment0x1000
FileAlignment0x200
OperatingSystemVersion4.0
ImageVersion0.0
SubsystemVersion4.0
Reserved10
SizeOfImage0x102000
SizeOfHeaders0x400
CheckSum0
Subsystem2
DllCharacteristics0
SizeOfStackReserve0x100000
SizeOfStackCommit0x1000
SizeOfHeapReserve0x100000
SizeOfHeapCommit0x1000
LoaderFlags0
NumberOfRvaAndSizes0x10

Packer / Compiler

MASM/TASM - sig1(h)

Sections

namevavsizeraw sizeflags
.text0x10000x16880x1800R-X CODE
.rdata0x30000x8200xa00R-- IDATA
.data0x40000x38bb0x600RW- IDATA
.rsrc0x80000xf98a40xf9a00RW- IDATA

Data Directory

typevasize
EXPORT00
IMPORT0x31380xa0
RESOURCE0x80000xf98a4
EXCEPTION00
SECURITY00
BASERELOC00
DEBUG00
ARCHITECTURE00
GLOBALPTR00
TLS00
LOAD_CONFIG00
Bound_IAT00
IAT0x30000x138
Delay_IAT00
CLR_Header00
module_namehintordfunction_name
471752858
571891618
621894303
572154276
688742055
487808674
993490869
62209662
1433770182
1173065387
1037103533
1857932523
1289602000
1221977791
1909579505
1475138014
1188292810
1892209900
1560005848
1121844161
1891950327
1508623063
1441199811
1809509113
1676988638
1541666011
1977345012
1676991716
1960567796
1676991459
1943724787
1676991202
1660148962
1541534682
1943790067
1643371489
1541534683
1926947058
1626528480
1524691674
1609685728
1507848665
1910104047
1592711647
1491005144
1859706606
1559025886
1457319126
1809177579
1542182363
1440476117
1792334570
1542182106
1423633109
1792269290
1525273818
1390078418
1775426281
1508430554
1356392401
1741740263
1474744536
1339549391
1708120038
1458032342
1322706894
1724765670
1424346581
1288955596
1707791334
1441188306
1272309451
1707857382
1424345812
1238623434
1690948580
1407502545
1238623433
1674105571
1373817042
1204937415
1657262562
1390659537
1221780424
1204872135
1674039523
1373947856
1221715144
1690882532
1357105361
1373882320
1205003462
1390659793
1238623432
1407502803
1707725796
1255466442
1707791589
1724634598
1441188821
1272244171
1741411559
1424477140
1758254568
1441320149
1305930188
1775031784
1441189334
1741411814
1441189078
1305863883
1424215509
1289020364
1674368227
1424215252
1272177356
1657525218
1373686739
1221648329
1606996191
1323223503
1221517000
1573375453
1272694733
1170987973
1522846426
1222165706
1120458946
1472317399
1188348359
1086772416
1405076947
1154662341
1053086398
1371390929
1104133571
1002557371
1337704911
1104133057
1120975809
1019400380
1354547920
1120976066
1036243388
1171504579
1069929407
1421854163
1188348102
1103615424
1455540181
1255850696
1154144964
1539623642
1272694219
1187830981
1573309660
1323222989
1238360008
1623838687
1356909264
1272046026
1640747489
1390595025
1288889036
1674367714
1407438291
1305732045
1674433507
1691276516
1424281300
1322575054
1674499300
1657656291
1390595282
1356909521
1255203018
1607127264
1340066255
1238360009
1590218462
1323223246
1306380237
1204673991
1556532444
1272694476
1539689433
1272563147
1154144453
1489291992
1255720138
1154144452
1472448983
1238877129
1137301443
1120458435
1455605974
1222034120
1120458434
1472383190
1539623640
1539689435
1289537228
1204673990
1607061471
1255203017
1623904480
1390594768
1424281043
1708119525
1441124309
1339418063
1724962534
1474810070
1389947089
1758648552
1508496088
1406790099
1525339354
1440476116
1592710619
1876483822
1609554399
1910104049
1609685471
1643305696
1541534681
1660148450
1524823002
1660148707
1541666010
1693833954
1541994967
1910039541
1693701601
1609037530
1859772910
1693637089
1760098534
2112548350
1559291113
1171384785
2026165230
1356713182
615629512
1838657479
937600969
402933378
57032
ce c8 dd cd c7 dd cd c7  db cb c5 db cb c5 da ca  |................|
c4 da ca c4 da ca c4 d9  c9 c3 d7 c9 c3 d8 c8 c2  |................|
d6 c8 c2 d5 c7 c1 d5 c7  c1 d5 c7 c1 d5 c7 c1 d5  |................|
c7 c1 d5 c7 c1 d4 c6 c0  d4 c6 c0 d4 c6 c0 d4 c6  |................|
c0 d4 c6 c0 d4 c6 c0 d4  c6 c0 d4 c6 c0 d4 c6 c0  |................|
d4 c6 c0 d5 c7 c1 d5 c7  c1 d5 c7 c1 d6 c8 c2 d7  |................|
c9 c3 d7 c9 c3 d7 c9 c3  d8 ca c4 d9 cb c5 db cb  |................|
c5 db cb c5 dd cd c7 dd  cd c7 dd cd c7 de ce c8  |................|
de ce c8 df cf c9 df cf  c9 e0 d0 ca e1 d1 cb e1  |................|
d1 cb e1 d1 cb e2 d2 cc  e2 d2 cc e3 d3 cd e3 d3  |................|
cd e4 d4 ce e4 d4 ce e4  d4 ce e4 d4 ce e5 d5 cf  |................|
e5 d5 cf e5 d5 cf e5 d5  cf e5 d5 cf e6 d6 d0 e6  |................|
d6 d0 e6 d6 d0 e6 d6 d0  e6 d6 d0 e6 d6 d0 e6 d6  |................|
d0 e6 d6 d0 e7 d7 d1 e6  d6 d0 e6 d6 d0 e6 d6 d0  |................|
e6 d6 d0 e6 d6 d0 e5 d5  cf e5 d5 cf e4 d4 ce e4  |................|
d4 ce e4 d4 ce e4 d4 ce  e3 d3 cd e3 d3 cd e3 d3  |................|
cd e3 d3 cd e1 d1 cb e1  d1 cb e1 d1 cb e1 d1 cb  |................|
e0 d0 ca e0 d0 ca e0 d0  ca e0 d0 ca df cf c9 df  |................|
cf c9 df cf c9 df cf c9  df cf c9 de ce c8 de ce  |................|
c8 de ce c8 dc ce c8 dc  ce c8 db cd c7 db cd c7  |................|
db cd c7 db cd c7 db cd  c7 db cd c7 db cd c7 db  |................|
cd c7 db cd c7 da cc c6  da cc c6 db cd c7 db cd  |................|
c7 db cd c7 db cd c7 db  cd c7 db cd c7 db cd c7  |................|
db cd c7 dc ce c8 dc ce  c8 dc ce c8 de ce c8 de  |................|
ce c8 de ce c8 df cf c9  df cf c9 df cf c9 df cf  |................|
c9 df cf c9 e0 d0 ca e1  d1 cb e1 d1 cb e1 d1 cb  |................|
e1 d1 cb e2 d2 cc e2 d2  cc e2 d2 cc e3 d3 cd e3  |................|
d3 cd e3 d3 cd e3 d3 cd  e4 d4 ce e4 d4 ce e4 d4  |................|
ce e4 d4 ce e5 d5 cf e5  d5 cf e5 d5 cf e6 d6 d0  |................|
e6 d6 d0 e7 d7 d1 e7 d7  d1 e7 d7 d1 e8 d8 d2 e9  |................|
d9 d3 e9 d9 d3 ea da d4  ea da d4 eb db d5 eb db  |................|
d5 eb db d5 ec dc d6 ec  dc d6 ec dc d6 ec dc d6  |................|
ec dc d6 ed dd d7 ed dd  d7 ed dd d7 ed dd d7 ed  |................|
dd d7 ed dd d7 ee de d8  ee de d8 f0 de d8 f0 de  |................|
d8 f0 de d8 f1 df d9 f1  df d9 f1 df d9 f2 e0 da  |................|
f2 e1 d9 f2 e0 da f2 e1  d9 f2 e1 d9 f2 e0 da f2  |................|
e0 da f2 e0 da f3 e1 db  f2 e1 d9 f3 e1 db f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f3 e2 da  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e2 da f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f3 e2 da  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e2 da f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f4 e3 db  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e1 db f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f2 e1  |................|
d9 f2 e1 d9 f7 e4 e1 f3  e0 dd ee dc d6 f0 dc d7  |................|
f2 de d9 f2 de d9 f1 dd  d8 f2 de d9 e1 da dd eb  |................|
e4 e2 f8 ec e8 ff f0 e5  ff f0 dd ff e6 cc f0 d1  |................|
b2 df be 9d b0 83 5e 80  57 36 52 2f 13 32 19 05  |......^.W6R/.2..|
15 09                                             |..              |
1541666011
1960567796
1676991459
1643371491
1524823003
1660148707
1524823002
1926947571
1643239905
1491136475
1993990642
1795021539
1626341341
2061430015
1307169763
162055339
1440476117
1809177579
1559025115
1457319126
1826020588
1575868124
1491005143
1859706606
1609554142
1507848665
1910104049
1609685471
1926947058
1643305696
1541534681
1943724787
1643305698
1524823001
1660148450
1524823002
1960567796
1676991459
1541666011
1660148707
1592842978
1491334611
1876418803
1660146910
1541665498
1960567281
1559551716
1390277584
1943396083
1643174881
1608642270
1910760688
1744169190
1743321325
2146039295
1459479036
68113800
54243
cd e3 d3 cd e1 d1 cb e1  d1 cb e1 d1 cb e1 d1 cb  |................|
e0 d0 ca e0 d0 ca e0 d0  ca e0 d0 ca df cf c9 df  |................|
cf c9 df cf c9 df cf c9  df cf c9 de ce c8 de ce  |................|
c8 de ce c8 dc ce c8 dc  ce c8 db cd c7 db cd c7  |................|
db cd c7 db cd c7 db cd  c7 db cd c7 db cd c7 db  |................|
cd c7 db cd c7 da cc c6  da cc c6 db cd c7 db cd  |................|
c7 db cd c7 db cd c7 db  cd c7 db cd c7 db cd c7  |................|
db cd c7 dc ce c8 dc ce  c8 dc ce c8 de ce c8 de  |................|
ce c8 de ce c8 df cf c9  df cf c9 df cf c9 df cf  |................|
c9 df cf c9 e0 d0 ca e1  d1 cb e1 d1 cb e1 d1 cb  |................|
e1 d1 cb e2 d2 cc e2 d2  cc e2 d2 cc e3 d3 cd e3  |................|
d3 cd e3 d3 cd e3 d3 cd  e4 d4 ce e4 d4 ce e4 d4  |................|
ce e4 d4 ce e5 d5 cf e5  d5 cf e5 d5 cf e6 d6 d0  |................|
e6 d6 d0 e7 d7 d1 e7 d7  d1 e7 d7 d1 e8 d8 d2 e9  |................|
d9 d3 e9 d9 d3 ea da d4  ea da d4 eb db d5 eb db  |................|
d5 eb db d5 ec dc d6 ec  dc d6 ec dc d6 ec dc d6  |................|
ec dc d6 ed dd d7 ed dd  d7 ed dd d7 ed dd d7 ed  |................|
dd d7 ed dd d7 ee de d8  ee de d8 f0 de d8 f0 de  |................|
d8 f0 de d8 f1 df d9 f1  df d9 f1 df d9 f2 e0 da  |................|
f2 e1 d9 f2 e0 da f2 e1  d9 f2 e1 d9 f2 e0 da f2  |................|
e0 da f2 e0 da f3 e1 db  f2 e1 d9 f3 e1 db f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f3 e2 da  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e2 da f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f3 e2 da  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e2 da f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f4 e3 db  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e1 db f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f2 e1  |................|
d9 f2 e1 d9 f7 e4 e1 f3  e0 dd ee dc d6 f0 dc d7  |................|
f2 de d9 f2 de d9 f1 dd  d8 f2 de d9 e1 da dd eb  |................|
e4 e2 f8 ec e8 ff f0 e5  ff f0 dd ff e6 cc f0 d1  |................|
b2 df be 9d b0 83 5e 80  57 36 52 2f 13 32 19 05  |......^.W6R/.2..|
15 09                                             |..              |
57032
ce c8 dd cd c7 dd cd c7  db cb c5 db cb c5 da ca  |................|
c4 da ca c4 da ca c4 d9  c9 c3 d7 c9 c3 d8 c8 c2  |................|
d6 c8 c2 d5 c7 c1 d5 c7  c1 d5 c7 c1 d5 c7 c1 d5  |................|
c7 c1 d5 c7 c1 d4 c6 c0  d4 c6 c0 d4 c6 c0 d4 c6  |................|
c0 d4 c6 c0 d4 c6 c0 d4  c6 c0 d4 c6 c0 d4 c6 c0  |................|
d4 c6 c0 d5 c7 c1 d5 c7  c1 d5 c7 c1 d6 c8 c2 d7  |................|
c9 c3 d7 c9 c3 d7 c9 c3  d8 ca c4 d9 cb c5 db cb  |................|
c5 db cb c5 dd cd c7 dd  cd c7 dd cd c7 de ce c8  |................|
de ce c8 df cf c9 df cf  c9 e0 d0 ca e1 d1 cb e1  |................|
d1 cb e1 d1 cb e2 d2 cc  e2 d2 cc e3 d3 cd e3 d3  |................|
cd e4 d4 ce e4 d4 ce e4  d4 ce e4 d4 ce e5 d5 cf  |................|
e5 d5 cf e5 d5 cf e5 d5  cf e5 d5 cf e6 d6 d0 e6  |................|
d6 d0 e6 d6 d0 e6 d6 d0  e6 d6 d0 e6 d6 d0 e6 d6  |................|
d0 e6 d6 d0 e7 d7 d1 e6  d6 d0 e6 d6 d0 e6 d6 d0  |................|
e6 d6 d0 e6 d6 d0 e5 d5  cf e5 d5 cf e4 d4 ce e4  |................|
d4 ce e4 d4 ce e4 d4 ce  e3 d3 cd e3 d3 cd e3 d3  |................|
cd e3 d3 cd e1 d1 cb e1  d1 cb e1 d1 cb e1 d1 cb  |................|
e0 d0 ca e0 d0 ca e0 d0  ca e0 d0 ca df cf c9 df  |................|
cf c9 df cf c9 df cf c9  df cf c9 de ce c8 de ce  |................|
c8 de ce c8 dc ce c8 dc  ce c8 db cd c7 db cd c7  |................|
db cd c7 db cd c7 db cd  c7 db cd c7 db cd c7 db  |................|
cd c7 db cd c7 da cc c6  da cc c6 db cd c7 db cd  |................|
c7 db cd c7 db cd c7 db  cd c7 db cd c7 db cd c7  |................|
db cd c7 dc ce c8 dc ce  c8 dc ce c8 de ce c8 de  |................|
ce c8 de ce c8 df cf c9  df cf c9 df cf c9 df cf  |................|
c9 df cf c9 e0 d0 ca e1  d1 cb e1 d1 cb e1 d1 cb  |................|
e1 d1 cb e2 d2 cc e2 d2  cc e2 d2 cc e3 d3 cd e3  |................|
d3 cd e3 d3 cd e3 d3 cd  e4 d4 ce e4 d4 ce e4 d4  |................|
ce e4 d4 ce e5 d5 cf e5  d5 cf e5 d5 cf e6 d6 d0  |................|
e6 d6 d0 e7 d7 d1 e7 d7  d1 e7 d7 d1 e8 d8 d2 e9  |................|
d9 d3 e9 d9 d3 ea da d4  ea da d4 eb db d5 eb db  |................|
d5 eb db d5 ec dc d6 ec  dc d6 ec dc d6 ec dc d6  |................|
ec dc d6 ed dd d7 ed dd  d7 ed dd d7 ed dd d7 ed  |................|
dd d7 ed dd d7 ee de d8  ee de d8 f0 de d8 f0 de  |................|
d8 f0 de d8 f1 df d9 f1  df d9 f1 df d9 f2 e0 da  |................|
f2 e1 d9 f2 e0 da f2 e1  d9 f2 e1 d9 f2 e0 da f2  |................|
e0 da f2 e0 da f3 e1 db  f2 e1 d9 f3 e1 db f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f3 e2 da  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e2 da f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f3 e2 da  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e2 da f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f3 e2  |................|
da f3 e2 da f3 e2 da f3  e2 da f3 e2 da f4 e3 db  |................|
f3 e2 da f3 e2 da f3 e2  da f3 e2 da f3 e1 db f3  |................|
e2 da f3 e2 da f3 e2 da  f3 e2 da f3 e2 da f2 e1  |................|
d9 f2 e1 d9 f7 e4 e1 f3  e0 dd ee dc d6 f0 dc d7  |................|
f2 de d9 f2 de d9 f1 dd  d8 f2 de d9 e1 da dd eb  |................|
e4 e2 f8 ec e8 ff f0 e5  ff f0 dd ff e6 cc f0 d1  |................|
b2 df be 9d b0 83 5e 80  57 36 52 2f 13 32 19 05  |......^.W6R/.2..|
15 09                                             |..              |
2130722864
1680211712
1814429440
12292

@

offsetsizetypecomment
066048EXE01/29/2012 18:49:03#
15c115HTM#
offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable







[?] non-empty last IMAGE_IMPORT_DESCRIPTOR: #<struct PEdump::IMAGE_IMPORT_DESCRIPTOR OriginalFirstThunk=4206636, TimeDateStamp=0, ForwarderChain=0, Name=0, FirstThunk=0, module_name=nil, original_first_thunk=nil, first_thunk=nil>
[?] can't find file_offset of VA 0x777a35ff
[?] can't find file_offset of VA 0x306a0040
[?] can't find file_offset of VA 0x176a0875
[?] can't find file_offset of VA 0x7d4e850
[?] import ofs 0x2ac00 VA=0x30000 beyond EOF
[?] import ofs 0x3b300 VA=0x40700 beyond EOF
[?] import ofs 0x2ac01 VA=0x30001 beyond EOF
[?] import ofs 0x1b200 VA=0x20600 beyond EOF
[?] import ofs 0x1af00 VA=0x20300 beyond EOF
[?] can't find file_offset of VA 0xa3000001
[?] can't find file_offset of VA 0x6a146a00
[?] can't find file_offset of VA 0x40776a
[?] can't find file_offset of VA 0x7a2
[?] can't find file_offset of VA 0x35ff016a
[?] can't find file_offset of VA 0x40752da0
[?] can't find file_offset of VA 0x326a326a
[?] can't find file_offset of VA 0x75013c00
[?] import ofs 0x5b200 VA=0x60600 beyond EOF
[?] import ofs 0x4ac02 VA=0x50002 beyond EOF
[?] import ofs 0x1b600 VA=0x20a00 beyond EOF
[?] can't find file_offset of VA 0x1deb0000
[?] can't find file_offset of VA 0x875ff00
[?] can't find file_offset of VA 0x680875ff
[?] can't find file_offset of VA 0x6a196a00
[?] can't find file_offset of VA 0x404433
[?] can't find file_offset of VA 0x777a35ff
[?] invalid VA 0x4f8ab7aa in OriginalFirstThunk[75] for 
[?] invalid VA 0x2e50024d in OriginalFirstThunk[77] for 
[?] invalid VA 0x224206 in OriginalFirstThunk[78] for 
[?] invalid VA 0x1700112b in OriginalFirstThunk[79] for 
[?] invalid VA 0x40c0005 in OriginalFirstThunk[80] for 
[?] import ofs 0x1ad00 VA=0x20100 beyond EOF
[?] invalid VA 0x3070702 in OriginalFirstThunk[83] for 
[?] import ofs 0x1b200 VA=0x20600 beyond EOF
[?] invalid VA 0x4000104 in OriginalFirstThunk[85] for 
[?] invalid VA 0x1020001 in OriginalFirstThunk[86] for 
[?] can't find file_offset of VA 0x306a0040
[?] import table: empty FirstThunk for 
[?] can't find file_offset of VA 0x6a617501
[?] can't find file_offset of VA 0x748e850
[?] can't find file_offset of VA 0xff006a10
[?] can't find file_offset of VA 0x7d834eeb
[?] can't find file_offset of VA 0x40751d35
[?] can't find file_offset of VA 0x20750f0c
[?] can't find file_offset of VA 0x50bc458d
[?] can't find file_offset of VA 0xe80875ff
[?] can't find file_offset of VA 0x100c7d83
[?] can't find file_offset of VA 0x6de
[?] can't find file_offset of VA 0x6a0f75
[?] can't find file_offset of VA 0xc7d8313
[?] can't find file_offset of VA 0x6a0d7502
[?] can't find file_offset of VA 0xff1475ff
[?] can't find file_offset of VA 0x70ee800
[?] can't find file_offset of VA 0x75ff1075
[?] can't find file_offset of VA 0xec8b5500
[?] can't find file_offset of VA 0x875ff0c
[?] can't find file_offset of VA 0xd10c6dd1
[?] can't find file_offset of VA 0x550008c2
[?] can't find file_offset of VA 0x458b086d
[?] can't find file_offset of VA 0x6aec8b
[?] can't find file_offset of VA 0xff1875ff
[?] can't find file_offset of VA 0x776635ff
[?] can't find file_offset of VA 0x75ff1475
[?] can't find file_offset of VA 0x40443868
[?] can't find file_offset of VA 0xc75ff10
[?] can't find file_offset of VA 0x2006800
[?] can't find file_offset of VA 0x6aec8b
[?] can't find file_offset of VA 0x3de80000
[?] can't find file_offset of VA 0x776635ff
[?] can't find file_offset of VA 0x75ff1875
[?] can't find file_offset of VA 0x75ff0040
[?] can't find file_offset of VA 0x1075ff14
[?] can't find file_offset of VA 0xe8006a00
[?] can't find file_offset of VA 0x68
[?] can't find file_offset of VA 0x608
[?] can't find file_offset of VA 0xff004077
[?] can't find file_offset of VA 0x1cc2c9
[?] can't find file_offset of VA 0x75ff2075
[?] can't find file_offset of VA 0x6810
[?] can't find file_offset of VA 0x1c75ff0c
[?] can't find file_offset of VA 0x75ff5000
[?] can't find file_offset of VA 0x1cc2c900
[?] can't find file_offset of VA 0x44446808
[?] can't find file_offset of VA 0xec8b5500
[?] can't find file_offset of VA 0x458d006a
[?] can't find file_offset of VA 0x68f8c483
[?] can't find file_offset of VA 0xf9e850fc
[?] can't find file_offset of VA 0x6a006a
[?] can't find file_offset of VA 0x83000006
[?] can't find file_offset of VA 0x800368
[?] can't find file_offset of VA 0x6a357e
[?] can't find file_offset of VA 0xfc75ff00
[?] can't find file_offset of VA 0xff0c75ff
[?] can't find file_offset of VA 0x5014458d
[?] can't find file_offset of VA 0x75ff0875
[?] can't find file_offset of VA 0x6a1075ff
[?] can't find file_offset of VA 0xf875ff02
[?] can't find file_offset of VA 0xff006a00
[?] can't find file_offset of VA 0xc483ec8b
[?] can't find file_offset of VA 0xc3e8fc75
[?] can't find file_offset of VA 0x26a53f0
[?] can't find file_offset of VA 0x38ee905
[?] can't find file_offset of VA 0x6a0e6a
[?] can't find file_offset of VA 0x45890000
[?] can't find file_offset of VA 0x37ae905
[?] can't find file_offset of VA 0x6a50f0
[?] can't find file_offset of VA 0x45890000
[?] can't find file_offset of VA 0xe90575c0
[?] can't find file_offset of VA 0xf075fff4
[?] can't find file_offset of VA 0x364
[?] can't find file_offset of VA 0x352e905
[?] can't find file_offset of VA 0x50f84589
[?] can't find file_offset of VA 0x45890000
[?] can't find file_offset of VA 0x5ea
[?] can't find file_offset of VA 0x6af88bfc
[?] can't find file_offset of VA 0x8b10c783
[?] can't find file_offset of VA 0xc7831f8b
[?] can't find file_offset of VA 0xe883f445
[?] can't find file_offset of VA 0x86a5304
[?] can't find file_offset of VA 0xe90575c0
[?] can't find file_offset of VA 0x65b535ff
[?] can't find file_offset of VA 0x314
[?] can't find file_offset of VA 0x5ace800
[?] can't find file_offset of VA 0x407519a3
[?] can't find file_offset of VA 0xfb030000
[?] can't find file_offset of VA 0x79e80040
[?] can't find file_offset of VA 0xc7831f8b
[?] can't find file_offset of VA 0xb000005
[?] can't find file_offset of VA 0xff575300
[?] can't find file_offset of VA 0xe90575c0
[?] can't find file_offset of VA 0x40751d35
[?] can't find file_offset of VA 0x86a5304
[?] can't find file_offset of VA 0x57ce800
[?] can't find file_offset of VA 0x65b535ff
[?] can't find file_offset of VA 0x2b4
[?] can't find file_offset of VA 0x49e80040
[?] can't find file_offset of VA 0x407521a3
[?] can't find file_offset of VA 0xfb030000
[?] can't find file_offset of VA 0xff575300
[?] can't find file_offset of VA 0x6857106a
[?] can't find file_offset of VA 0x6857056a
[?] can't find file_offset of VA 0x406dc9
[?] can't find file_offset of VA 0x407529
[?] can't find file_offset of VA 0x406dd9
[?] can't find file_offset of VA 0x10c78300
[?] can't find file_offset of VA 0x4c78300
[?] can't find file_offset of VA 0x6857046a
[?] can't find file_offset of VA 0x4065a5
[?] can't find file_offset of VA 0x4065a9
[?] can't find file_offset of VA 0x4065ad
[?] can't find file_offset of VA 0x55c3c95b
[?] can't find file_offset of VA 0x4c78300
[?] can't find file_offset of VA 0xbb60ec8b
[?] can't find file_offset of VA 0xc9850c4d
[?] can't find file_offset of VA 0x406db9
[?] can't find file_offset of VA 0xc2c90475
[?] can't find file_offset of VA 0x4942aa1a
[?] can't find file_offset of VA 0xfa830008
[?] can't find file_offset of VA 0xc961f075
[?] can't find file_offset of VA 0x20632f00
[?] can't find file_offset of VA 0xeb0008c2
[?] can't find file_offset of VA 0x206c6564
[?] can't find file_offset of VA 0x200
[?] can't find file_offset of VA 0x20220022
[?] can't find file_offset of VA 0x4066b968
[?] can't find file_offset of VA 0x402155
[?] can't find file_offset of VA 0x214d6800
[?] can't find file_offset of VA 0x4068b968
[?] can't find file_offset of VA 0x4068b9
[?] can't find file_offset of VA 0x486e800
[?] can't find file_offset of VA 0x456
[?] can't find file_offset of VA 0x215e6800
[?] can't find file_offset of VA 0x6a006a
[?] can't find file_offset of VA 0x63e8006a
[?] can't find file_offset of VA 0x4068b968
[?] can't find file_offset of VA 0xc3000004
[?] can't find file_offset of VA 0x488
[?] can't find file_offset of VA 0x752135ff
[?] can't find file_offset of VA 0x3cee8c3
[?] can't find file_offset of VA 0x404e5068
[?] can't find file_offset of VA 0xb5a30000
[?] can't find file_offset of VA 0x2006800
[?] can't find file_offset of VA 0x40595068
[?] can't find file_offset of VA 0xbbe80000
[?] can't find file_offset of VA 0x412e800
[?] can't find file_offset of VA 0x89e8006a
[?] can't find file_offset of VA 0x680000
[?] can't find file_offset of VA 0xff000003
[?] can't find file_offset of VA 0x39ae800
[?] can't find file_offset of VA 0x4065ad35
[?] can't find file_offset of VA 0x59a30000
[?] can't find file_offset of VA 0x23ce8ff
[?] can't find file_offset of VA 0x68004065
[?] can't find file_offset of VA 0xd9680000
[?] can't find file_offset of VA 0x403c6800
[?] can't find file_offset of VA 0x6800406d
[?] can't find file_offset of VA 0x50680040
[?] can't find file_offset of VA 0x68004059
[?] can't find file_offset of VA 0xe8004059
[?] can't find file_offset of VA 0x405450
[?] can't find file_offset of VA 0x6affff
[?] can't find file_offset of VA 0x36a006a
[?] can't find file_offset of VA 0xc3e80040
[?] can't find file_offset of VA 0x26a006a
[?] can't find file_offset of VA 0xa3000002
[?] can't find file_offset of VA 0x46680040
[?] can't find file_offset of VA 0x406551
[?] can't find file_offset of VA 0xff004075
[?] can't find file_offset of VA 0x406551
[?] can't find file_offset of VA 0x40655135
[?] can't find file_offset of VA 0x68004059
[?] can't find file_offset of VA 0x293d8000
[?] can't find file_offset of VA 0x4043d4
[?] can't find file_offset of VA 0xe8000001
[?] can't find file_offset of VA 0x4043a668
[?] can't find file_offset of VA 0x6a
[?] can't find file_offset of VA 0xa7e80000
[?] can't find file_offset of VA 0x655005c6
[?] can't find file_offset of VA 0xb9000002
[?] can't find file_offset of VA 0x802d74d8
[?] can't find file_offset of VA 0x19
[?] can't find file_offset of VA 0xd8841c1
[?] can't find file_offset of VA 0x2a5c3a00
[?] can't find file_offset of VA 0x404450
[?] can't find file_offset of VA 0x5505c62e
[?] can't find file_offset of VA 0xf082e851
[?] can't find file_offset of VA 0x2a004044
[?] can't find file_offset of VA 0x5859ffff
[?] can't find file_offset of VA 0x7be80040
[?] can't find file_offset of VA 0xe8c57d49
[?] can't find file_offset of VA 0x6a000002
[?] can't find file_offset of VA 0x4065b9
[?] can't find file_offset of VA 0x20ee800
[?] can't find file_offset of VA 0x2135ff00
[?] can't find file_offset of VA 0x6de96800
[?] can't find file_offset of VA 0x68
[?] can't find file_offset of VA 0x4b680040
[?] can't find file_offset of VA 0xa8e880
[?] can't find file_offset of VA 0x406de968
[?] can't find file_offset of VA 0xea680000
[?] can't find file_offset of VA 0x6800
[?] can't find file_offset of VA 0x4065b968
[?] can't find file_offset of VA 0x8fe88000
[?] can't find file_offset of VA 0x26ee800
[?] can't find file_offset of VA 0x80680000
[?] can't find file_offset of VA 0x43a36800
[?] can't find file_offset of VA 0x40595068
[?] can't find file_offset of VA 0x50680040
[?] can't find file_offset of VA 0x444b6800
[?] can't find file_offset of VA 0x49e8
[?] can't find file_offset of VA 0xb9680040
[?] can't find file_offset of VA 0x6de96800
[?] can't find file_offset of VA 0x40438d68
[?] can't find file_offset of VA 0xb9680040
[?] can't find file_offset of VA 0x65b96800
[?] can't find file_offset of VA 0x7e80040
[?] can't find file_offset of VA 0x4e80c600
[?] can't find file_offset of VA 0xb9680040
[?] invalid VA 0x40301425 in OriginalFirstThunk[0] for 
[?] invalid VA 0x1025ff00 in OriginalFirstThunk[1] for 
[?] invalid VA 0x4030e825 in OriginalFirstThunk[3] for 
[?] invalid VA 0x4030e025 in OriginalFirstThunk[6] for 
[?] invalid VA 0x40303425 in OriginalFirstThunk[9] for 
[?] invalid VA 0x2c25ff00 in OriginalFirstThunk[10] for 
[?] can't find file_offset of VA 0x68004065
[?] import table: empty FirstThunk for 
[?] can't find file_offset of VA 0xf8c483ec
[?] can't find file_offset of VA 0x80000000
[?] can't find file_offset of VA 0x50fc458d
[?] can't find file_offset of VA 0x43796800
[?] can't find file_offset of VA 0x50f8458d
[?] can't find file_offset of VA 0x6a0040
[?] can't find file_offset of VA 0xc3e81475
[?] can't find file_offset of VA 0xff0c75ff
[?] can't find file_offset of VA 0x50000001
[?] can't find file_offset of VA 0x1f8e8f8
[?] can't find file_offset of VA 0x6a1475ff
[?] can't find file_offset of VA 0x75ff0000
[?] can't find file_offset of VA 0xfcc483ec
[?] can't find file_offset of VA 0x1dee8f8
[?] can't find file_offset of VA 0x40755e
[?] can't find file_offset of VA 0x755e6800
[?] can't find file_offset of VA 0x15e
[?] can't find file_offset of VA 0x43dd6800
[?] can't find file_offset of VA 0x6a006a
[?] can't find file_offset of VA 0x40755e
[?] can't find file_offset of VA 0x6a036a
[?] can't find file_offset of VA 0x46680040
[?] can't find file_offset of VA 0xfc458900
[?] can't find file_offset of VA 0xff004075
[?] can't find file_offset of VA 0xc9000000
[?] can't find file_offset of VA 0xb9e8fc75
[?] can't find file_offset of VA 0x25ffccc3
[?] can't find file_offset of VA 0x403128
[?] can't find file_offset of VA 0x403130
[?] can't find file_offset of VA 0x312425ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x403108
[?] can't find file_offset of VA 0x312025ff
[?] can't find file_offset of VA 0x310425ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x4030fc
[?] can't find file_offset of VA 0x4030f8
[?] can't find file_offset of VA 0x311425ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x403040
[?] can't find file_offset of VA 0x304c25ff
[?] can't find file_offset of VA 0x304425ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x403058
[?] can't find file_offset of VA 0x403050
[?] can't find file_offset of VA 0x305c25ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x403068
[?] can't find file_offset of VA 0x307425ff
[?] can't find file_offset of VA 0x306c25ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x403080
[?] can't find file_offset of VA 0x403078
[?] can't find file_offset of VA 0x308425ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x403090
[?] can't find file_offset of VA 0x309c25ff
[?] can't find file_offset of VA 0x309425ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x4030a8
[?] can't find file_offset of VA 0x4030a0
[?] can't find file_offset of VA 0x30ac25ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x4030b8
[?] can't find file_offset of VA 0x30c425ff
[?] can't find file_offset of VA 0x30bc25ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x40303c
[?] can't find file_offset of VA 0x4030c8
[?] can't find file_offset of VA 0x30d825ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x403004
[?] can't find file_offset of VA 0x302425ff
[?] can't find file_offset of VA 0x300825ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x403000
[?] can't find file_offset of VA 0x403020
[?] can't find file_offset of VA 0x301425ff
[?] can't find file_offset of VA 0x25ff0040
[?] can't find file_offset of VA 0x4030e4
[?] can't find file_offset of VA 0x303425ff
[?] can't find file_offset of VA 0x30e025ff
[?] can't find file_offset of VA 0x25ff0040