[+] PE IMAGE INFORMATION [+] Architecture x64 [+] DOS HEADER e_magic : 0x5A4D e_cblp : 0x90 e_cp : 0x3 e_crlc : 0x0 e_cparhdr : 0x4 e_minalloc : 0x0 e_maxalloc : 0xFFFF e_ss : 0x0 e_sp : 0xB8 e_csum : 0x0 e_ip : 0x0 e_cs : 0x0 e_lfarlc : 0x40 e_ovno : 0x0 e_oemid : 0x0 e_oeminfo : 0x0 e_lfanew : 0x108 [+] NT HEADER Signature : 0x4550 [+] FILE HEADER Machine : 0x8664 NumberOfSections : 0x6 TimeDateStamp : 0x6696E62F PointerToSymbolTable : 0x0 NumberOfSymbols : 0x0 SizeOfOptionalHeader : 0xF0 Characteristics : 0x2022 (DLL) [+] OPTIONAL HEADER Magic : 0x20B MajorLinkerVersion : 0xE MinorLinkerVersion : 0x1D SizeOfCode : 0x1E200 SizeOfInitializedData : 0x34200 SizeOfUninitializedData : 0x0 AddressOfEntryPoint : 0x1E2D4 BaseOfCode : 0x1000 ImageBase : 0x80000000 BSectionAlignment : 0x1000 FileAlignment : 0x200 MajorOperatingSystemVersion : 0x6 MinorOperatingSystemVersion : 0x0 MajorImageVersion : 0xC MinorImageVersion : 0xD MajorSubsystemVersion : 0x6 MinorSubsystemVersion : 0x0 Win32VersionValue : 0x0 SizeOfImage : 0x57000 SizeOfHeaders : 0x400 CheckSum : 0x53536 Subsystem : 0x2 (GUI APP) DllCharacteristics : 0x160 SizeOfStackReserve : 0x100000 SizeOfStackCommit : 0x1000 SizeOfHeapReserve : 0x100000 SizeOfHeapCommit : 0x1000 LoaderFlags : 0x0 NumberOfRvaAndSizes : 0x10 DataDirectory : 0xAFFCC8 DataDirectory (Export Table) VirtualAddress : 0x2A680 DataDirectory (Export Table) Size : 0x1C5C DataDirectory (Import Table) VirtualAddress : 0x2C2DC DataDirectory (Import Table) Size : 0xC8 DataDirectory (Ressource Table) VirtualAddress : 0x53000 DataDirectory (Ressource Table) Size : 0x5F0 DataDirectory (Exception Entry) VirtualAddress : 0x50000 DataDirectory (Exception Entry) Size : 0x2664 DataDirectory (Relocation Table) VirtualAddress : 0x54000 DataDirectory (Relocation Table) Size : 0x2A54 DataDirectory (Debug Entry) VirtualAddress : 0x236B0 DataDirectory (Debug Entry) Size : 0x54 DataDirectory (TLS Entry) VirtualAddress : 0x23880 DataDirectory (TLS Entry) Size : 0x28 DataDirectory (Configuration Entry) VirtualAddress : 0x23710 DataDirectory (Configuration Entry) Size : 0x138 DataDirectory (IAT) VirtualAddress : 0x20000 DataDirectory (IAT) Size : 0x3E8 [+] PE IMAGE SECTIONS SECTION : .text Misc (PhysicalAddress) : 0x1E07C Misc (VirtualSize) : 0x1E07C VirtualAddress : 0x1000 SizeOfRawData : 0x1E200 PointerToRawData : 0x400 PointerToRelocations : 0x0 PointerToLinenumbers : 0x0 NumberOfRelocations : 0x0 NumberOfLinenumbers : 0x0 Characteristics : 0x60000020 (EXECUTE | READ) SECTION : .rdata Misc (PhysicalAddress) : 0xD1D4 Misc (VirtualSize) : 0xD1D4 VirtualAddress : 0x20000 SizeOfRawData : 0xD200 PointerToRawData : 0x1E600 PointerToRelocations : 0x0 PointerToLinenumbers : 0x0 NumberOfRelocations : 0x0 NumberOfLinenumbers : 0x0 Characteristics : 0x40000040 (READ) SECTION : .data Misc (PhysicalAddress) : 0x214E0 Misc (VirtualSize) : 0x214E0 VirtualAddress : 0x2E000 SizeOfRawData : 0x1F600 PointerToRawData : 0x2B800 PointerToRelocations : 0x0 PointerToLinenumbers : 0x0 NumberOfRelocations : 0x0 NumberOfLinenumbers : 0x0 Characteristics : 0xC0000040 (READ | WRITE) SECTION : .pdata Misc (PhysicalAddress) : 0x2698 Misc (VirtualSize) : 0x2698 VirtualAddress : 0x50000 SizeOfRawData : 0x2800 PointerToRawData : 0x4AE00 PointerToRelocations : 0x0 PointerToLinenumbers : 0x0 NumberOfRelocations : 0x0 NumberOfLinenumbers : 0x0 Characteristics : 0x40000040 (READ) SECTION : .rsrc Misc (PhysicalAddress) : 0x5F0 Misc (VirtualSize) : 0x5F0 VirtualAddress : 0x53000 SizeOfRawData : 0x600 PointerToRawData : 0x4D600 PointerToRelocations : 0x0 PointerToLinenumbers : 0x0 NumberOfRelocations : 0x0 NumberOfLinenumbers : 0x0 Characteristics : 0x40000040 (READ) SECTION : .reloc Misc (PhysicalAddress) : 0x2A54 Misc (VirtualSize) : 0x2A54 VirtualAddress : 0x54000 SizeOfRawData : 0x2C00 PointerToRawData : 0x4DC00 PointerToRelocations : 0x0 PointerToLinenumbers : 0x0 NumberOfRelocations : 0x0 NumberOfLinenumbers : 0x0 Characteristics : 0x42000040 (READ) [+] IMPORTED DLL DLL NAME : KERNEL32.dll Characteristics : 0xEAA608 OriginalFirstThunk : 0xEAA608 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E260 Imported Functions : CloseHandle SetEvent ReleaseSemaphore WaitForSingleObjectEx CreateEventExA CreateSemaphoreExA CreateEventExW TlsGetValue TlsSetValue DeleteFiber GetLastError SetErrorMode FreeLibrary GetModuleFileNameA GetModuleHandleExA GetProcAddress LoadLibraryA TlsAlloc TlsFree GetCurrentThreadStackLimits GetEnvironmentVariableA InitializeCriticalSection EnterCriticalSection LeaveCriticalSection DeleteCriticalSection SwitchToThread GetCurrentThreadId lstrcmpA GetSystemInfo GetCurrentProcess GetCurrentThread GetNativeSystemInfo GetProcessAffinityMask ResumeThread IsThreadAFiber SwitchToFiber ConvertThreadToFiberEx CreateFiber GetSystemTimeAsFileTime GetCurrentProcessId QueryPerformanceCounter IsDebuggerPresent IsProcessorFeaturePresent TerminateProcess SetUnhandledExceptionFilter UnhandledExceptionFilter RtlVirtualUnwind RtlLookupFunctionEntry RtlCaptureContext GetModuleHandleW CreateEventW ResetEvent InitializeCriticalSectionAndSpinCount InitOnceComplete InitOnceBeginInitialize InitializeSListHead DLL NAME : msvcp140-f1c90b395d7d901af7e16ef487237278.dll Characteristics : 0xEAA7D0 OriginalFirstThunk : 0xEAA7D0 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E428 Imported Functions : ?__ExceptionPtrCurrentException@@YAXPEAX@Z ?__ExceptionPtrCopy@@YAXPEAXPEBX@Z ?__ExceptionPtrDestroy@@YAXPEAX@Z ?__ExceptionPtrCreate@@YAXPEAX@Z ?__ExceptionPtrRethrow@@YAXPEBX@Z _Mtx_unlock _Mtx_destroy_in_situ _Mtx_init_in_situ ?_Xlength_error@std@@YAXPEBD@Z _Query_perf_frequency _Thrd_yield _Mtx_lock ?_Throw_C_error@std@@YAXH@Z _Query_perf_counter DLL NAME : vcruntime140-26a92e4fb4b73ddc824fe6616b0ea281.dll Characteristics : 0xEAA848 OriginalFirstThunk : 0xEAA848 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E4A0 Imported Functions : __std_type_info_destroy_list __current_exception_context __current_exception __C_specific_handler __std_exception_destroy __std_exception_copy strrchr memset memmove _CxxThrowException _purecall __std_terminate memcpy DLL NAME : Characteristics : 0xEAA8B8 OriginalFirstThunk : 0xEAA8B8 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E510 Imported Functions : __CxxFrameHandler4 DLL NAME : api-ms-win-crt-heap-l1-1-0.dll Characteristics : 0xEAA8D8 OriginalFirstThunk : 0xEAA8D8 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E530 Imported Functions : _callnewh _aligned_free malloc free _aligned_malloc DLL NAME : api-ms-win-crt-runtime-l1-1-0.dll Characteristics : 0xEAA908 OriginalFirstThunk : 0xEAA908 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E560 Imported Functions : _beginthreadex _cexit _register_onexit_function _initterm _initterm_e _crt_atexit _execute_onexit_table _initialize_onexit_table _initialize_narrow_environment _configure_narrow_argv terminate _seh_filter_dll abort _control87 strerror DLL NAME : api-ms-win-crt-string-l1-1-0.dll Characteristics : 0xEAA9B8 OriginalFirstThunk : 0xEAA9B8 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E610 Imported Functions : _wcsdup strnlen strncat strncpy strncpy_s strspn DLL NAME : api-ms-win-crt-environment-l1-1-0.dll Characteristics : 0xEAA8C8 OriginalFirstThunk : 0xEAA8C8 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E520 Imported Functions : getenv DLL NAME : api-ms-win-crt-stdio-l1-1-0.dll Characteristics : 0xEAA988 OriginalFirstThunk : 0xEAA988 TimeDateStamp : 0xE7E260 ForwarderChain : 0xE7E260 FirstThunk : 0xE9E5E0 Imported Functions : __stdio_common_vsprintf __stdio_common_vfprintf fputs __acrt_iob_func fflush [+] EXPORTED FUNCTIONS ?abort_bounded_queue_monitors@r1@detail@tbb@@YAXPEAVconcurrent_monitor@123@@Z ?acquire@r1@detail@tbb@@YAXAEAVqueuing_rw_mutex@d1@23@AEAVscoped_lock@4523@_N@Z ?acquire@r1@detail@tbb@@YAXAEAVrtm_mutex@d1@23@AEAVscoped_lock@4523@_N@Z ?acquire_reader@r1@detail@tbb@@YAXAEAVrtm_rw_mutex@d1@23@AEAVscoped_lock@4523@_N@Z ?acquire_writer@r1@detail@tbb@@YAXAEAVrtm_rw_mutex@d1@23@AEAVscoped_lock@4523@_N@Z ?allocate@r1@detail@tbb@@YAPEAXAEAPEAVsmall_object_pool@d1@23@_K@Z ?allocate@r1@detail@tbb@@YAPEAXAEAPEAVsmall_object_pool@d1@23@_KAEBUexecution_data@523@@Z ?allocate_bounded_queue_rep@r1@detail@tbb@@YAPEAE_K@Z ?allocate_memory@r1@detail@tbb@@YAPEAX_K@Z ?assertion_failure@r1@detail@tbb@@YAXPEBDH00@Z ?attach@r1@detail@tbb@@YA_NAEAVtask_arena_base@d1@23@@Z ?cache_aligned_allocate@r1@detail@tbb@@YAPEAX_K@Z ?cache_aligned_deallocate@r1@detail@tbb@@YAXPEAX@Z ?cache_line_size@r1@detail@tbb@@YA_KXZ ?call_itt_notify@r1@detail@tbb@@YAXHPEAX@Z ?cancel_group_execution@r1@detail@tbb@@YA_NAEAVtask_group_context@d1@23@@Z ?capture_fp_settings@r1@detail@tbb@@YAXAEAVtask_group_context@d1@23@@Z ?constraints_default_concurrency@r1@detail@tbb@@YAHAEBUconstraints@d1@23@_J@Z ?constraints_threads_per_core@r1@detail@tbb@@YAHAEBUconstraints@d1@23@_J@Z ?construct@r1@detail@tbb@@YAXAEAVqueuing_rw_mutex@d1@23@@Z ?core_type_count@r1@detail@tbb@@YAI_J@Z ?create@r1@detail@tbb@@YAXAEAVglobal_control@d1@23@@Z ?create_itt_sync@r1@detail@tbb@@YAXPEAXPEB_W1@Z ?current_context@r1@detail@tbb@@YAPEAVtask_group_context@d1@23@XZ ?current_suspend_point@r1@detail@tbb@@YAPEAUsuspend_point_type@123@XZ ?deallocate@r1@detail@tbb@@YAXAEAVsmall_object_pool@d1@23@PEAX_K@Z ?deallocate@r1@detail@tbb@@YAXAEAVsmall_object_pool@d1@23@PEAX_KAEBUexecution_data@523@@Z ?deallocate_bounded_queue_rep@r1@detail@tbb@@YAXPEAE_K@Z ?deallocate_memory@r1@detail@tbb@@YAXPEAX@Z ?destroy@r1@detail@tbb@@YAXAEAVglobal_control@d1@23@@Z ?destroy@r1@detail@tbb@@YAXAEAVtask_group_context@d1@23@@Z ?downgrade@r1@detail@tbb@@YA_NAEAVscoped_lock@rtm_rw_mutex@d1@23@@Z ?downgrade_to_reader@r1@detail@tbb@@YA_NAEAVscoped_lock@queuing_rw_mutex@d1@23@@Z ?enqueue@r1@detail@tbb@@YAXAEAVtask@d1@23@AEAVtask_group_context@523@PEAVtask_arena_base@523@@Z ?enqueue@r1@detail@tbb@@YAXAEAVtask@d1@23@PEAVtask_arena_base@523@@Z ?execute@r1@detail@tbb@@YAXAEAVtask_arena_base@d1@23@AEAVdelegate_base@523@@Z ?execute_and_wait@r1@detail@tbb@@YAXAEAVtask@d1@23@AEAVtask_group_context@523@AEAVwait_context@523@1@Z ?execution_slot@r1@detail@tbb@@YAGPEBUexecution_data@d1@23@@Z ?fill_core_type_indices@r1@detail@tbb@@YAXPEAH_J@Z ?fill_numa_indices@r1@detail@tbb@@YAXPEAH@Z ?finalize@r1@detail@tbb@@YA_NAEAVtask_scheduler_handle@d1@23@_J@Z ?get@r1@detail@tbb@@YAXAEAVtask_scheduler_handle@d1@23@@Z ?global_control_active_value@r1@detail@tbb@@YA_KH@Z ?initialize@r1@detail@tbb@@YAXAEAVtask_arena_base@d1@23@@Z ?initialize@r1@detail@tbb@@YAXAEAVtask_group_context@d1@23@@Z ?is_group_execution_cancelled@r1@detail@tbb@@YA_NAEAVtask_group_context@d1@23@@Z ?is_tbbmalloc_used@r1@detail@tbb@@YA_NXZ ?is_writer@r1@detail@tbb@@YA_NAEBVscoped_lock@queuing_rw_mutex@d1@23@@Z ?isolate_within_arena@r1@detail@tbb@@YAXAEAVdelegate_base@d1@23@_J@Z ?itt_make_task_group@r1@detail@tbb@@YAXW4itt_domain_enum@d1@23@PEAX_K12W4string_resource_index@d0@23@@Z ?itt_metadata_ptr_add@r1@detail@tbb@@YAXW4itt_domain_enum@d1@23@PEAX_KW4string_resource_index@d0@23@1@Z ?itt_metadata_str_add@r1@detail@tbb@@YAXW4itt_domain_enum@d1@23@PEAX_KW4string_resource_index@d0@23@PEBD@Z ?itt_region_begin@r1@detail@tbb@@YAXW4itt_domain_enum@d1@23@PEAX_K12W4string_resource_index@d0@23@@Z ?itt_region_end@r1@detail@tbb@@YAXW4itt_domain_enum@d1@23@PEAX_K@Z ?itt_relation_add@r1@detail@tbb@@YAXW4itt_domain_enum@d1@23@PEAX_KW4itt_relation@d0@23@12@Z ?itt_set_sync_name@r1@detail@tbb@@YAXPEAXPEB_W@Z ?itt_task_begin@r1@detail@tbb@@YAXW4itt_domain_enum@d1@23@PEAX_K12W4string_resource_index@d0@23@@Z ?itt_task_end@r1@detail@tbb@@YAXW4itt_domain_enum@d1@23@@Z ?max_concurrency@r1@detail@tbb@@YAHPEBVtask_arena_base@d1@23@@Z ?notify_bounded_queue_monitor@r1@detail@tbb@@YAXPEAVconcurrent_monitor@123@_K1@Z ?notify_by_address@r1@detail@tbb@@YAXPEAX_K@Z ?notify_by_address_all@r1@detail@tbb@@YAXPEAX@Z ?notify_by_address_one@r1@detail@tbb@@YAXPEAX@Z ?notify_waiters@r1@detail@tbb@@YAX_K@Z ?numa_default_concurrency@r1@detail@tbb@@YAHH@Z ?numa_node_count@r1@detail@tbb@@YAIXZ ?observe@r1@detail@tbb@@YAXAEAVtask_scheduler_observer@d1@23@_N@Z ?parallel_pipeline@r1@detail@tbb@@YAXAEAVtask_group_context@d1@23@_KAEBVfilter_node@523@@Z ?release@r1@detail@tbb@@YAXAEAVscoped_lock@queuing_rw_mutex@d1@23@@Z ?release@r1@detail@tbb@@YAXAEAVscoped_lock@rtm_mutex@d1@23@@Z ?release@r1@detail@tbb@@YAXAEAVscoped_lock@rtm_rw_mutex@d1@23@@Z ?reset@r1@detail@tbb@@YAXAEAVtask_group_context@d1@23@@Z ?resume@r1@detail@tbb@@YAXPEAUsuspend_point_type@123@@Z ?set_end_of_input@r1@detail@tbb@@YAXAEAVbase_filter@d1@23@@Z ?spawn@r1@detail@tbb@@YAXAEAVtask@d1@23@AEAVtask_group_context@523@@Z ?spawn@r1@detail@tbb@@YAXAEAVtask@d1@23@AEAVtask_group_context@523@G@Z ?submit@r1@detail@tbb@@YAXAEAVtask@d1@23@AEAVtask_group_context@523@PEAVarena@123@_K@Z ?suspend@r1@detail@tbb@@YAXP6AXPEAXPEAUsuspend_point_type@123@@Z0@Z ?terminate@r1@detail@tbb@@YAXAEAVtask_arena_base@d1@23@@Z ?throw_exception@r1@detail@tbb@@YAXW4exception_id@d0@23@@Z ?try_acquire@r1@detail@tbb@@YA_NAEAVqueuing_rw_mutex@d1@23@AEAVscoped_lock@4523@_N@Z ?try_acquire@r1@detail@tbb@@YA_NAEAVrtm_mutex@d1@23@AEAVscoped_lock@4523@@Z ?try_acquire_reader@r1@detail@tbb@@YA_NAEAVrtm_rw_mutex@d1@23@AEAVscoped_lock@4523@@Z ?try_acquire_writer@r1@detail@tbb@@YA_NAEAVrtm_rw_mutex@d1@23@AEAVscoped_lock@4523@@Z ?upgrade@r1@detail@tbb@@YA_NAEAVscoped_lock@rtm_rw_mutex@d1@23@@Z ?upgrade_to_writer@r1@detail@tbb@@YA_NAEAVscoped_lock@queuing_rw_mutex@d1@23@@Z ?wait@r1@detail@tbb@@YAXAEAVtask_arena_base@d1@23@@Z ?wait@r1@detail@tbb@@YAXAEAVwait_context@d1@23@AEAVtask_group_context@523@@Z ?wait_bounded_queue_monitor@r1@detail@tbb@@YAXPEAVconcurrent_monitor@123@_K_JAEAVdelegate_base@d1@23@@Z ?wait_on_address@r1@detail@tbb@@YAXPEAXAEAVdelegate_base@d1@23@_K@Z ?what@bad_last_alloc@r1@detail@tbb@@UEBAPEBDXZ ?what@missing_wait@r1@detail@tbb@@UEBAPEBDXZ ?what@user_abort@r1@detail@tbb@@UEBAPEBDXZ TBB_runtime_interface_version TBB_runtime_version