📄 example4.txt

📁 一个小编辑器

💻 TXT

字号:


SI: MeltIce Trick
-----------------

Victim:

Url:  http://supertest2002.narod.ru/Programm/supertest.zip
size: 726474


cc TInfo.exe > TInfo.cc

 + [TInfo.exe] File Header Info:

##      Name       VirtSize   RVA        PhysSize   Offset     Attr
-----   --------   --------   --------   --------   --------   --------
    1   CODE       000CD000   00001000   000CC200   00000400   C0000040
    2   DATA       00003000   000CE000   00002600   000CC600   C0000040
    3   BSS        00002000   000D1000   00000000   000CEC00   C0000040
    4   .idata     00003000   000D3000   00002800   000CEC00   C0000040
    5   .tls       00001000   000D6000   00000000   000D1400   C0000040
    6   .rdata     00001000   000D7000   00000200   000D1400   C0000040
    7   .reloc     0000D360   000D8000   00000000   00000000   C0000040
    8   .rsrc      00020000   000E6000   0001F600   000D1600   C0000040


      ***   Don't forget to check a <data> section for CryptoBoxes   ***

 + Crypto Check for section #1 [CODE    ] of file 'TInfo.exe' [00000400:000CC600]

##      Offset     RVA         Value      Method
-----   --------   ---------   --------   --------
    2   000969E4   .5C2E5C5C   004975E4   Anti-Hack: SI MeltIce Trick [SICE]
    3   00096A20   .5C2E5C5C   00497620   Anti-Hack: SI MeltIce Trick [NTICE]
    4   0004173E   .80000000   0044233E   HKEY_CLASSES_ROOT ?
    5   000045D2   .80000001   004051D2   HKEY_CURRENT_USER ?
    6   000045F0   .80000001   004051F0   HKEY_CURRENT_USER ?
    7   0000217E   .80000002   00402D7E   HKEY_LOCAL_MACHINE ?
    8   00047F96   .80000002   00448B96   HKEY_LOCAL_MACHINE ?
    9   0006A23F   .80000003   0046AE3F   HKEY_USERS ?
   10   000B3AF6   .80000005   004B46F6   HKEY_CURRENT_CONFIG ?
   11   000B7FA2   .80000005   004B8BA2   HKEY_CURRENT_CONFIG ?
   12   0005E214   .80000006   0045EE14   HKEY_DYN_DATA ?
   13   0005E2B8   .80000006   0045EEB8   HKEY_DYN_DATA ?
   14   0005E2EA   .80000006   0045EEEA   HKEY_DYN_DATA ?
   15   0005E301   .80000006   0045EF01   HKEY_DYN_DATA ?
   15   00001FEA   .00402BEA   08088405   PKZip & Borland Pascal/Delphi PRNG
   16   000C41A9   .004C4DA9   08088405   PKZip & Borland Pascal/Delphi PRNG


HD 1.0 :  HexDump for file 'TInfo.exe' [000969A0:00096A30]

000969A0:  49 73 44 65 62 75 67 67 65 72 50 72 65 73 65 6E  IsDebuggerPresen
000969B0:  74 00 00 00 53 33 DB 6A 00 68 80 00 00 00 6A 03  t...S3-j.h

💿 文件大小 70 K

👤 上传用户 awake2

📂 所属分类编辑器/阅读器

🏷️ 相关标签

#编辑器

⌨️ 快捷键说明

复制代码 Ctrl + C

搜索代码 Ctrl + F

全屏模式 F11

切换主题 Ctrl + Shift + D

显示快捷键 ?

增大字号 Ctrl + =

减小字号 Ctrl + -