12-16-2014, 06:10 PM
(12-16-2014, 02:59 PM)travis Wrote: 23.83.96.42 on port 12346
exeinfo says its packed VMProtect v.2.07 - X.X 2003-2012 VMProtect Software - www.vmpsoft.com
mine is not
Code:
Filename : C:\Program Files (x86)\LFROBOT\xiaohua.exe
File Size : 5,498,880 Bytes
Created Date : 12-12-2014 05:25:02
Modified Date : 12-12-2014 05:24:56
Executable Format : Portable Executable (32-bit)
MS-DOS Header Information
=========================
Bytes in the last page : 144
Number of pages : 3
Relocation entries : 0
Header size in paragraphs : 4
Initial SS (Relative) : 0x0000
Initial SP : 0x00b8
Initial CS (Relative) : 0x0000
Initial IP : 0x0000
Checksum : 0x0000
Portable Executable Header Information
===================================
Machine : Intel 386
Number Of Sections : 8
Number Of Symbols : 0
Optional Header Size : 224 Bytes
Time Stamp : 0x548a7bb0
Characteristics :
Optional Header Information
===================================
Linker Version : 11.0
Size Of Code : 229,376 Bytes
Size of initialized data : 2,433,024 Bytes
Size of uninitialized data : 0 Bytes
Section Alignment : 4,096 Bytes
File Alignment : 512 Bytes
OS Version : 5.1
Image Version : 0.0
Subsystem Version : 5.1
Size Of Image : 12,300,288 Bytes
Size Of Headers : 1,024 Bytes
Checksum : 0x00000000
Subsystem : Windows GUI
Reserve Stack Size : 0x00100000
Commit Stack Size : 0x00001000
Reserve Heap Size : 0x00100000
Commit Heap Size : 0x00001000
Base Address : 0x00400000
Entry Point : 0x00bb31e4
Base Of Code : 0x00001000
Base Of Data : 0x00039000
Section Headers Information
===================================
This file has 8 sections:
----------------------------------------
Section Name : .text
Virtual Address : 0x00001000
Raw Data Size : 0x00000000
Raw Data Pointer : 0x00000000
Characteristics : Code, Executable, Readable
----------------------------------------
Section Name : .rdata
Virtual Address : 0x00039000
Raw Data Size : 0x00000000
Raw Data Pointer : 0x00000000
Characteristics : Initialized Data, Readable
----------------------------------------
Section Name : .data
Virtual Address : 0x00045000
Raw Data Size : 0x00000000
Raw Data Pointer : 0x00000000
Characteristics : Initialized Data, Readable, Writable
----------------------------------------
Section Name : .vmp0
Virtual Address : 0x0004d000
Raw Data Size : 0x00000000
Raw Data Pointer : 0x00000000
Characteristics : Code, Initialized Data, Executable, Readable, Writable
----------------------------------------
Section Name : .tls
Virtual Address : 0x0067a000
Raw Data Size : 0x00000200
Raw Data Pointer : 0x00000400
Characteristics : Initialized Data, Readable, Writable
----------------------------------------
Section Name : .vmp1
Virtual Address : 0x0067b000
Raw Data Size : 0x0053c600
Raw Data Pointer : 0x00000600
Characteristics : Code, Initialized Data, Executable, Readable, Writable
----------------------------------------
Section Name : .reloc
Virtual Address : 0x00bb8000
Raw Data Size : 0x00000200
Raw Data Pointer : 0x0053cc00
Characteristics : Initialized Data, Readable
----------------------------------------
Section Name : .rsrc
Virtual Address : 0x00bb9000
Raw Data Size : 0x00001a00
Raw Data Pointer : 0x0053ce00
Characteristics : Initialized Data, Readable
----------------------------------------
Version Information
====================
Operating System : Windows NT, 32-bit Windows
File Type : Application
File Sub-Type : Unknown
File Version : 1,0,0,4
Product Version : 1,0,0,4
============================================================
Product Name : TODO: <???>
File Description : ??
File Version : 1.0.0.4
Product Version : 1.0.0.4
Company Name : TODO: <???>
Internal Name : LittleRedCap.exe
Legal Copyright : TODO: (C) <???>????????
Original FileName : ??.exe