filename | nvim.exe | |
---|---|---|
size | 3354429 (0x332f3d) | |
md5 | f6d3ca0ead8a31f0c6a2c1a1c7daea1d | |
type | PE32+ executable (console) x86-64, for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0x80 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Sections
Data Directory
TLS
raw start | raw end | index | callbks | zero fill | flags | |
---|---|---|---|---|---|---|
0x676000 | 0x676060 | 0x66cf5c | 0x675040 | 0 | 0 |
module_name | hint | ord | function_name |
---|---|---|---|
winpty.dll | 1 | winpty_config_free | |
winpty.dll | 2 | winpty_config_new | |
winpty.dll | 4 | winpty_config_set_initial_size | |
winpty.dll | 5 | winpty_conin_name | |
winpty.dll | 6 | winpty_conout_name | |
winpty.dll | 8 | winpty_error_free | |
winpty.dll | 10 | winpty_free | |
winpty.dll | 11 | winpty_open | |
winpty.dll | 12 | winpty_set_size | |
winpty.dll | 13 | winpty_spawn | |
winpty.dll | 14 | winpty_spawn_config_free | |
winpty.dll | 15 | winpty_spawn_config_new | |
libiconv-2.dll | 4 | libiconv | |
libiconv-2.dll | 5 | libiconv_close | |
libiconv-2.dll | 6 | libiconv_open | |
libintl-8.dll | 1 | __printf__ | |
libintl-8.dll | 21 | _nl_msg_cat_cntr | |
libintl-8.dll | 35 | libintl_bind_textdomain_codeset | |
libintl-8.dll | 36 | libintl_bindtextdomain | |
libintl-8.dll | 42 | libintl_fprintf | |
libintl-8.dll | 44 | libintl_gettext | |
libintl-8.dll | 71 | libintl_setlocale | |
libintl-8.dll | 72 | libintl_snprintf | |
libintl-8.dll | 73 | libintl_sprintf | |
libintl-8.dll | 75 | libintl_textdomain | |
libintl-8.dll | 80 | libintl_vfprintf | |
ADVAPI32.dll | 176 | CryptAcquireContextA | |
ADVAPI32.dll | 193 | CryptGenRandom | |
ADVAPI32.dll | 203 | CryptReleaseContext | |
ADVAPI32.dll | 503 | OpenProcessToken | |
ADVAPI32.dll | 560 | RegCloseKey | |
ADVAPI32.dll | 609 | RegOpenKeyExW | |
ADVAPI32.dll | 622 | RegQueryValueExW | |
IPHLPAPI.DLL | 74 | GetAdaptersAddresses | |
KERNEL32.dll | 22 | AssignProcessToJobObject | |
KERNEL32.dll | 69 | CancelIo | |
KERNEL32.dll | 85 | CloseHandle | |
KERNEL32.dll | 104 | ConnectNamedPipe | |
KERNEL32.dll | 133 | CreateDirectoryW | |
KERNEL32.dll | 134 | CreateEventA | |
KERNEL32.dll | 141 | CreateFileA | |
KERNEL32.dll | 148 | CreateFileW | |
KERNEL32.dll | 152 | CreateHardLinkW | |
KERNEL32.dll | 153 | CreateIoCompletionPort | |
KERNEL32.dll | 155 | CreateJobObjectW | |
KERNEL32.dll | 164 | CreateNamedPipeA | |
KERNEL32.dll | 165 | CreateNamedPipeW | |
KERNEL32.dll | 167 | CreatePipe | |
KERNEL32.dll | 170 | CreateProcessA | |
KERNEL32.dll | 174 | CreateProcessW | |
KERNEL32.dll | 177 | CreateSemaphoreA | |
KERNEL32.dll | 180 | CreateSemaphoreW | |
KERNEL32.dll | 195 | CreateToolhelp32Snapshot | |
KERNEL32.dll | 216 | DeleteCriticalSection | |
KERNEL32.dll | 231 | DeviceIoControl | |
KERNEL32.dll | 243 | DuplicateHandle | |
KERNEL32.dll | 249 | EnterCriticalSection | |
KERNEL32.dll | 306 | FileTimeToSystemTime | |
KERNEL32.dll | 307 | FillConsoleOutputAttribute | |
KERNEL32.dll | 309 | FillConsoleOutputCharacterW | |
KERNEL32.dll | 356 | FlushFileBuffers | |
KERNEL32.dll | 362 | FormatMessageA | |
KERNEL32.dll | 367 | FreeLibrary | |
KERNEL32.dll | 430 | GetConsoleCursorInfo | |
KERNEL32.dll | 442 | GetConsoleMode | |
KERNEL32.dll | 448 | GetConsoleScreenBufferInfo | |
KERNEL32.dll | 452 | GetConsoleTitleW | |
KERNEL32.dll | 461 | GetCurrentDirectoryW | |
KERNEL32.dll | 462 | GetCurrentProcess | |
KERNEL32.dll | 463 | GetCurrentProcessId | |
KERNEL32.dll | 466 | GetCurrentThread | |
KERNEL32.dll | 467 | GetCurrentThreadId | |
KERNEL32.dll | 492 | GetEnvironmentVariableW | |
KERNEL32.dll | 495 | GetExitCodeProcess | |
KERNEL32.dll | 506 | GetFileAttributesW | |
KERNEL32.dll | 508 | GetFileInformationByHandle | |
KERNEL32.dll | 515 | GetFileType | |
KERNEL32.dll | 529 | GetLastError | |
KERNEL32.dll | 543 | GetLongPathNameW | |
KERNEL32.dll | 547 | GetModuleFileNameA | |
KERNEL32.dll | 548 | GetModuleFileNameW | |
KERNEL32.dll | 549 | GetModuleHandleA | |
KERNEL32.dll | 552 | GetModuleHandleW | |
KERNEL32.dll | 560 | GetNamedPipeHandleStateA | |
KERNEL32.dll | 583 | GetNumberOfConsoleInputEvents | |
KERNEL32.dll | 599 | GetProcAddress | |
KERNEL32.dll | 612 | GetProcessTimes | |
KERNEL32.dll | 624 | GetQueuedCompletionStatus | |
KERNEL32.dll | 627 | GetShortPathNameW | |
KERNEL32.dll | 628 | GetStartupInfoA | |
KERNEL32.dll | 629 | GetStartupInfoW | |
KERNEL32.dll | 630 | GetStdHandle | |
KERNEL32.dll | 645 | GetSystemInfo | |
KERNEL32.dll | 651 | GetSystemTimeAsFileTime | |
KERNEL32.dll | 678 | GetTickCount | |
KERNEL32.dll | 724 | GlobalMemoryStatusEx | |
KERNEL32.dll | 762 | InitializeCriticalSection | |
KERNEL32.dll | 785 | IsDBCSLeadByteEx | |
KERNEL32.dll | 832 | LCMapStringW | |
KERNEL32.dll | 844 | LeaveCriticalSection | |
KERNEL32.dll | 849 | LoadLibraryExW | |
KERNEL32.dll | 860 | LocalFree | |
KERNEL32.dll | 884 | MoveFileExW | |
KERNEL32.dll | 891 | MultiByteToWideChar | |
KERNEL32.dll | 920 | OpenProcess | |
KERNEL32.dll | 931 | PeekNamedPipe | |
KERNEL32.dll | 932 | PostQueuedCompletionStatus | |
KERNEL32.dll | 940 | Process32First | |
KERNEL32.dll | 942 | Process32Next | |
KERNEL32.dll | 958 | QueryPerformanceCounter | |
KERNEL32.dll | 959 | QueryPerformanceFrequency | |
KERNEL32.dll | 968 | QueueUserWorkItem | |
KERNEL32.dll | 976 | ReadConsoleInputW | |
KERNEL32.dll | 982 | ReadConsoleW | |
KERNEL32.dll | 983 | ReadDirectoryChangesW | |
KERNEL32.dll | 984 | ReadFile | |
KERNEL32.dll | 998 | RegisterWaitForSingleObject | |
KERNEL32.dll | 1007 | ReleaseSemaphore | |
KERNEL32.dll | 1012 | RemoveDirectoryW | |
KERNEL32.dll | 1024 | ResetEvent | |
KERNEL32.dll | 1028 | ResumeThread | |
KERNEL32.dll | 1029 | RtlAddFunctionTable | |
KERNEL32.dll | 1030 | RtlCaptureContext | |
KERNEL32.dll | 1037 | RtlLookupFunctionEntry | |
KERNEL32.dll | 1044 | RtlVirtualUnwind | |
KERNEL32.dll | 1067 | SetConsoleCtrlHandler | |
KERNEL32.dll | 1069 | SetConsoleCursorInfo | |
KERNEL32.dll | 1071 | SetConsoleCursorPosition | |
KERNEL32.dll | 1083 | SetConsoleMode | |
KERNEL32.dll | 1092 | SetConsoleTextAttribute | |
KERNEL32.dll | 1094 | SetConsoleTitleW | |
KERNEL32.dll | 1099 | SetCurrentDirectoryW | |
KERNEL32.dll | 1109 | SetEnvironmentVariableW | |
KERNEL32.dll | 1110 | SetErrorMode | |
KERNEL32.dll | 1111 | SetEvent | |
KERNEL32.dll | 1128 | SetFileTime | |
KERNEL32.dll | 1133 | SetHandleInformation | |
KERNEL32.dll | 1134 | SetInformationJobObject | |
KERNEL32.dll | 1136 | SetLastError | |
KERNEL32.dll | 1145 | SetNamedPipeHandleState | |
KERNEL32.dll | 1187 | SetUnhandledExceptionFilter | |
KERNEL32.dll | 1200 | Sleep | |
KERNEL32.dll | 1210 | SwitchToThread | |
KERNEL32.dll | 1214 | TerminateProcess | |
KERNEL32.dll | 1219 | TlsAlloc | |
KERNEL32.dll | 1220 | TlsFree | |
KERNEL32.dll | 1221 | TlsGetValue | |
KERNEL32.dll | 1222 | TlsSetValue | |
KERNEL32.dll | 1228 | TryEnterCriticalSection | |
KERNEL32.dll | 1234 | UnhandledExceptionFilter | |
KERNEL32.dll | 1241 | UnregisterWait | |
KERNEL32.dll | 1242 | UnregisterWaitEx | |
KERNEL32.dll | 1253 | VerSetConditionMask | |
KERNEL32.dll | 1256 | VerifyVersionInfoA | |
KERNEL32.dll | 1264 | VirtualProtect | |
KERNEL32.dll | 1266 | VirtualQuery | |
KERNEL32.dll | 1272 | WaitForMultipleObjects | |
KERNEL32.dll | 1274 | WaitForSingleObject | |
KERNEL32.dll | 1281 | WaitNamedPipeW | |
KERNEL32.dll | 1298 | WideCharToMultiByte | |
KERNEL32.dll | 1311 | WriteConsoleInputW | |
KERNEL32.dll | 1317 | WriteConsoleW | |
KERNEL32.dll | 1318 | WriteFile | |
KERNEL32.dll | 1334 | __C_specific_handler | |
msvcrt.dll | 63 | ___lc_codepage_func | |
msvcrt.dll | 78 | __dllonexit | |
msvcrt.dll | 79 | __doserrno | |
msvcrt.dll | 81 | __getmainargs | |
msvcrt.dll | 82 | __initenv | |
msvcrt.dll | 83 | __iob_func | |
msvcrt.dll | 90 | __lconv_init | |
msvcrt.dll | 91 | __mb_cur_max | |
msvcrt.dll | 93 | __pioinfo | |
msvcrt.dll | 96 | __set_app_type | |
msvcrt.dll | 98 | __setusermatherr | |
msvcrt.dll | 115 | _acmdln | |
msvcrt.dll | 122 | _amsg_exit | |
msvcrt.dll | 136 | _beginthreadex | |
msvcrt.dll | 140 | _cexit | |
msvcrt.dll | 154 | _close | |
msvcrt.dll | 156 | _close | |
msvcrt.dll | 175 | _ctime64 | |
msvcrt.dll | 191 | _dup | |
msvcrt.dll | 199 | _environ | |
msvcrt.dll | 201 | _errno | |
msvcrt.dll | 216 | _exit | |
msvcrt.dll | 225 | _fdopen | |
msvcrt.dll | 226 | _fdopen | |
msvcrt.dll | 233 | _filelengthi64 | |
msvcrt.dll | 234 | _fileno | |
msvcrt.dll | 236 | _fileno | |
msvcrt.dll | 251 | _fmode | |
msvcrt.dll | 289 | _get_osfhandle | |
msvcrt.dll | 330 | _initterm | |
msvcrt.dll | 438 | _localtime64 | |
msvcrt.dll | 439 | _lock | |
msvcrt.dll | 448 | _lseek | |
msvcrt.dll | 450 | _lseeki64 | |
msvcrt.dll | 611 | _onexit | |
msvcrt.dll | 613 | _open_osfhandle | |
msvcrt.dll | 633 | _putenv_s | |
msvcrt.dll | 640 | _read | |
msvcrt.dll | 641 | _read | |
msvcrt.dll | 686 | _snwprintf | |
msvcrt.dll | 731 | _stricmp | |
msvcrt.dll | 747 | _strnicmp | |
msvcrt.dll | 788 | _time64 | |
msvcrt.dll | 811 | _umask | |
msvcrt.dll | 819 | _unlock | |
msvcrt.dll | 850 | _vsnprintf | |
msvcrt.dll | 878 | _wchmod | |
msvcrt.dll | 884 | _wcsdup | |
msvcrt.dll | 902 | _wcsnicmp | |
msvcrt.dll | 908 | _wcsrev | |
msvcrt.dll | 968 | _wmkdir | |
msvcrt.dll | 983 | _write | |
msvcrt.dll | 984 | _write | |
msvcrt.dll | 985 | _wrmdir | |
msvcrt.dll | 1030 | abort | |
msvcrt.dll | 1032 | acos | |
msvcrt.dll | 1035 | asin | |
msvcrt.dll | 1037 | atan | |
msvcrt.dll | 1043 | atoi | |
msvcrt.dll | 1044 | atol | |
msvcrt.dll | 1047 | calloc | |
msvcrt.dll | 1055 | cosh | |
msvcrt.dll | 1060 | exit | |
msvcrt.dll | 1064 | fclose | |
msvcrt.dll | 1065 | feof | |
msvcrt.dll | 1066 | ferror | |
msvcrt.dll | 1067 | fflush | |
msvcrt.dll | 1069 | fgetpos | |
msvcrt.dll | 1070 | fgets | |
msvcrt.dll | 1077 | fopen | |
msvcrt.dll | 1079 | fprintf | |
msvcrt.dll | 1081 | fputc | |
msvcrt.dll | 1082 | fputs | |
msvcrt.dll | 1085 | fread | |
msvcrt.dll | 1086 | free | |
msvcrt.dll | 1092 | fseek | |
msvcrt.dll | 1093 | fsetpos | |
msvcrt.dll | 1094 | ftell | |
msvcrt.dll | 1095 | fwprintf | |
msvcrt.dll | 1097 | fwrite | |
msvcrt.dll | 1100 | getc | |
msvcrt.dll | 1102 | getenv | |
msvcrt.dll | 1109 | isalnum | |
msvcrt.dll | 1110 | isalpha | |
msvcrt.dll | 1111 | iscntrl | |
msvcrt.dll | 1113 | isgraph | |
msvcrt.dll | 1115 | islower | |
msvcrt.dll | 1117 | ispunct | |
msvcrt.dll | 1118 | isspace | |
msvcrt.dll | 1119 | isupper | |
msvcrt.dll | 1124 | iswctype | |
msvcrt.dll | 1134 | isxdigit | |
msvcrt.dll | 1138 | localeconv | |
msvcrt.dll | 1141 | log10 | |
msvcrt.dll | 1145 | malloc | |
msvcrt.dll | 1146 | mblen | |
msvcrt.dll | 1151 | memchr | |
msvcrt.dll | 1152 | memcmp | |
msvcrt.dll | 1153 | memcpy | |
msvcrt.dll | 1154 | memmove | |
msvcrt.dll | 1155 | memset | |
msvcrt.dll | 1164 | putc | |
msvcrt.dll | 1165 | putchar | |
msvcrt.dll | 1169 | qsort | |
msvcrt.dll | 1171 | raise | |
msvcrt.dll | 1173 | realloc | |
msvcrt.dll | 1176 | rewind | |
msvcrt.dll | 1179 | setbuf | |
msvcrt.dll | 1183 | signal | |
msvcrt.dll | 1186 | sinh | |
msvcrt.dll | 1188 | sprintf | |
msvcrt.dll | 1194 | strcat | |
msvcrt.dll | 1196 | strchr | |
msvcrt.dll | 1197 | strcmp | |
msvcrt.dll | 1199 | strcpy | |
msvcrt.dll | 1202 | strerror | |
msvcrt.dll | 1203 | strftime | |
msvcrt.dll | 1204 | strlen | |
msvcrt.dll | 1205 | strncat | |
msvcrt.dll | 1207 | strncmp | |
msvcrt.dll | 1208 | strncpy | |
msvcrt.dll | 1210 | strpbrk | |
msvcrt.dll | 1211 | strrchr | |
msvcrt.dll | 1215 | strstr | |
msvcrt.dll | 1216 | strtok | |
msvcrt.dll | 1218 | strtol | |
msvcrt.dll | 1219 | strtoul | |
msvcrt.dll | 1226 | tan | |
msvcrt.dll | 1228 | tanh | |
msvcrt.dll | 1233 | tolower | |
msvcrt.dll | 1234 | toupper | |
msvcrt.dll | 1235 | towlower | |
msvcrt.dll | 1236 | towupper | |
msvcrt.dll | 1237 | ungetc | |
msvcrt.dll | 1239 | vfprintf | |
msvcrt.dll | 1253 | wcschr | |
msvcrt.dll | 1256 | wcscpy | |
msvcrt.dll | 1260 | wcslen | |
msvcrt.dll | 1263 | wcsncmp | |
msvcrt.dll | 1264 | wcsncpy | |
msvcrt.dll | 1267 | wcspbrk | |
msvcrt.dll | 1268 | wcsrchr | |
msvcrt.dll | 1276 | wcstombs | |
PSAPI.DLL | 21 | GetProcessMemoryInfo | |
USER32.dll | 496 | MessageBoxW | |
USERENV.dll | 26 | GetUserProfileDirectoryW | |
WS2_32.dll | 34 | WSADuplicateSocketW | |
WS2_32.dll | 43 | WSAGetLastError | |
WS2_32.dll | 54 | WSAIoctl | |
WS2_32.dll | 68 | WSARecv | |
WS2_32.dll | 70 | WSARecvFrom | |
WS2_32.dll | 73 | WSASend | |
WS2_32.dll | 76 | WSASendTo | |
WS2_32.dll | 79 | WSASetLastError | |
WS2_32.dll | 83 | WSASocketW | |
WS2_32.dll | 84 | WSAStartup | |
WS2_32.dll | 148 | bind | |
WS2_32.dll | 149 | closesocket | |
WS2_32.dll | 157 | getpeername | |
WS2_32.dll | 162 | getsockname | |
WS2_32.dll | 163 | getsockopt | |
WS2_32.dll | 164 | htonl | |
WS2_32.dll | 165 | htons | |
WS2_32.dll | 170 | ioctlsocket | |
WS2_32.dll | 171 | listen | |
WS2_32.dll | 176 | select | |
WS2_32.dll | 179 | setsockopt | |
WS2_32.dll | 180 | shutdown | |
WS2_32.dll | 181 | socket |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
[?] can't find file_offset of VA 0x26cf5c