C:\Users\KC\Documents\GitHub\vcpkg\buildtrees\curl\x64-windows-rel\lib\libcurl.pdb
Overview
overview
10Static
static
7Lowkey Cra...li.zip
windows7-x64
1Lowkey Cra...li.zip
windows10-2004-x64
1Lowkey Cra...ed.exe
windows7-x64
7Lowkey Cra...ed.exe
windows10-2004-x64
7Lowkey Cra...RU.exe
windows7-x64
10Lowkey Cra...RU.exe
windows10-2004-x64
10Lowkey Cra...rt.exe
windows7-x64
10Lowkey Cra...rt.exe
windows10-2004-x64
10Lowkey Cra...in.bat
windows7-x64
1Lowkey Cra...in.bat
windows10-2004-x64
1Lowkey Cra...in.txt
windows7-x64
1Lowkey Cra...in.txt
windows10-2004-x64
1Lowkey Cra...rl.dll
windows7-x64
1Lowkey Cra...rl.dll
windows10-2004-x64
1Lowkey Cra...d.1337
windows7-x64
3Lowkey Cra...d.1337
windows10-2004-x64
3Lowkey Cra...b1.dll
windows7-x64
1Lowkey Cra...b1.dll
windows10-2004-x64
1Behavioral task
behavioral1
Sample
Lowkey Cracked_ BYKali.zip
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
Lowkey Cracked_ BYKali.zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Lowkey Cracked_ BYKali/Loader_protected.exe
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
Lowkey Cracked_ BYKali/Loader_protected.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
Lowkey Cracked_ BYKali/Monitor Spoof/CRU.exe
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
Lowkey Cracked_ BYKali/Monitor Spoof/CRU.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Lowkey Cracked_ BYKali/Monitor Spoof/restart.exe
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
Lowkey Cracked_ BYKali/Monitor Spoof/restart.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral9
Sample
Lowkey Cracked_ BYKali/Wifi & Bluetooth disabler/Disabler_Run_Admin.bat
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
Lowkey Cracked_ BYKali/Wifi & Bluetooth disabler/Disabler_Run_Admin.bat
Resource
win10v2004-20240611-en
Behavioral task
behavioral11
Sample
Lowkey Cracked_ BYKali/last_login.txt
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
Lowkey Cracked_ BYKali/last_login.txt
Resource
win10v2004-20240611-en
Behavioral task
behavioral13
Sample
Lowkey Cracked_ BYKali/libcurl.dll
Resource
win7-20240419-en
Behavioral task
behavioral14
Sample
Lowkey Cracked_ BYKali/libcurl.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral15
Sample
Lowkey Cracked_ BYKali/lowkey-spoofer-fixed.1337
Resource
win7-20240611-en
Behavioral task
behavioral16
Sample
Lowkey Cracked_ BYKali/lowkey-spoofer-fixed.1337
Resource
win10v2004-20240508-en
Behavioral task
behavioral17
Sample
Lowkey Cracked_ BYKali/zlib1.dll
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
Lowkey Cracked_ BYKali/zlib1.dll
Resource
win10v2004-20240226-en
General
-
Target
Lowkey Cracked_ BYKali.zip
-
Size
6.2MB
-
MD5
f282376252a6a5c99faf96f0a1418201
-
SHA1
719700bf55be12e04f74a9a9390b113a95b0ce03
-
SHA256
178d950e74dce8c1728c3b64614b775710f2dbdd72777358c5ceee81af0586f0
-
SHA512
8ff256112108bf7965c7fbbf43de71712573bb41334d40596134ff9a495b4ae731d559d7d37d34b5cfa800e82003d87d2ba20caa3f2cade66192d1a354389df2
-
SSDEEP
196608:+bL/0PD55fyGV3PlWAbPQIkvZY2+Ja56H:+X8tVyYNhbPCmtJCO
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/Lowkey Cracked_ BYKali/Loader_protected.exe themida -
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Lowkey Cracked_ BYKali/Loader_protected.exe unpack001/Lowkey Cracked_ BYKali/Monitor Spoof/CRU.exe unpack001/Lowkey Cracked_ BYKali/Monitor Spoof/restart.exe unpack001/Lowkey Cracked_ BYKali/libcurl.dll unpack001/Lowkey Cracked_ BYKali/zlib1.dll
Files
-
Lowkey Cracked_ BYKali.zip.zip
-
Lowkey Cracked_ BYKali/Loader_protected.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
Size: 620KB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 141KB - Virtual size: 326KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 819KB - Virtual size: 931KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 31KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.themida Size: - Virtual size: 6.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 3.8MB - Virtual size: 3.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 16B - Virtual size: 4KB
IMAGE_SCN_MEM_READ
-
Lowkey Cracked_ BYKali/Monitor Spoof/CRU.exe.exe windows:4 windows x86 arch:x86
8c16c795b57934183422be5f6df7d891
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
EVENT_SINK_GetIDsOfNames
ord690
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaLateIdCall
__vbaPut3
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
ord517
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaCopyBytes
__vbaStrCat
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
ord661
__vbaHresultCheckObj
__vbaNameFile
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaAryDestruct
ord669
ord593
__vbaExitProc
ord594
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaFpR4
ord705
__vbaStrFixstr
_CIsin
ord631
ord709
ord525
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaGet3
__vbaStrCmp
ord529
__vbaGet4
__vbaPutOwner3
__vbaAryConstruct2
__vbaVarTstEq
__vbaI2I4
DllFunctionCall
__vbaFpUI1
__vbaRedimPreserve
__vbaStrR4
_adj_fpatan
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
ord714
ord609
__vbaFPException
ord319
__vbaGetOwner3
__vbaUbound
ord535
__vbaFileSeek
ord537
_CIlog
__vbaErrorOverflow
__vbaFileOpen
ord648
ord570
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
ord689
__vbaAryLock
__vbaVarAdd
ord611
ord320
__vbaVarDup
__vbaStrToAnsi
ord321
__vbaFpI2
__vbaFpI4
ord616
__vbaLateMemCallLd
_CIatan
__vbaStrMove
ord618
__vbaCastObj
__vbaR8IntI4
ord650
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
ord580
ord581
Sections
.text Size: 104KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
Lowkey Cracked_ BYKali/Monitor Spoof/restart.exe.exe windows:4 windows x86 arch:x86
8c16c795b57934183422be5f6df7d891
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
EVENT_SINK_GetIDsOfNames
ord690
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaLenBstr
__vbaLateIdCall
__vbaPut3
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
EVENT_SINK_Invoke
__vbaRaiseEvent
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
ord517
_adj_fprem1
__vbaRecAnsiToUni
ord519
__vbaCopyBytes
__vbaStrCat
__vbaLsetFixstr
__vbaRecDestruct
__vbaSetSystemError
ord661
__vbaHresultCheckObj
__vbaNameFile
_adj_fdiv_m32
Zombie_GetTypeInfo
__vbaAryDestruct
ord669
ord593
__vbaExitProc
ord594
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaFpR4
ord705
__vbaStrFixstr
_CIsin
ord631
ord709
ord525
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaGet3
__vbaStrCmp
ord529
__vbaGet4
__vbaPutOwner3
__vbaAryConstruct2
__vbaVarTstEq
__vbaI2I4
DllFunctionCall
__vbaFpUI1
__vbaRedimPreserve
__vbaStrR4
_adj_fpatan
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
ord714
ord609
__vbaFPException
ord319
__vbaGetOwner3
__vbaUbound
ord535
__vbaFileSeek
ord537
_CIlog
__vbaErrorOverflow
__vbaFileOpen
ord648
ord570
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
ord689
__vbaAryLock
__vbaVarAdd
ord611
ord320
__vbaVarDup
__vbaStrToAnsi
ord321
__vbaFpI2
__vbaFpI4
ord616
__vbaLateMemCallLd
_CIatan
__vbaStrMove
ord618
__vbaCastObj
__vbaR8IntI4
ord650
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr
ord580
ord581
Sections
.text Size: 104KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
Lowkey Cracked_ BYKali/Wifi & Bluetooth disabler/Disabler_Run_Admin.bat
-
Lowkey Cracked_ BYKali/last_login.txt
-
Lowkey Cracked_ BYKali/libcurl.dll.dll windows:6 windows x64 arch:x64
8571205d611243f448ca93f8273cd505
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
ws2_32
__WSAFDIsSet
ntohl
ioctlsocket
WSAWaitForMultipleEvents
WSASetEvent
WSAResetEvent
WSAEventSelect
select
WSACreateEvent
WSACloseEvent
socket
send
recv
closesocket
accept
htonl
WSAGetLastError
WSAStartup
WSACleanup
recvfrom
sendto
listen
getsockopt
getsockname
getpeername
connect
bind
WSAEnumNetworkEvents
htons
ntohs
setsockopt
gethostname
WSASetLastError
WSAIoctl
inet_pton
getaddrinfo
freeaddrinfo
zlib1
zlibVersion
inflate
inflateEnd
inflateInit_
inflateInit2_
advapi32
CryptAcquireContextA
CryptDestroyKey
CryptImportKey
CryptEncrypt
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGenRandom
CryptReleaseContext
crypt32
CertFindCertificateInStore
PFXImportCertStore
CertCloseStore
CertOpenStore
CertFreeCertificateContext
CryptStringToBinaryA
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertEnumCertificatesInStore
CertFreeCertificateChain
kernel32
LoadLibraryA
GetModuleHandleA
GetSystemDirectoryA
QueryPerformanceFrequency
FormatMessageW
SetLastError
GetLastError
GetStdHandle
Sleep
GetEnvironmentVariableA
WaitForSingleObjectEx
CloseHandle
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
VerSetConditionMask
VerifyVersionInfoA
CreateFileA
GetFileSizeEx
DeleteCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
MoveFileExA
InitializeSListHead
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
SleepEx
vcruntime140
memset
__std_type_info_destroy_list
__C_specific_handler
memchr
strstr
memcmp
memmove
strrchr
strchr
memcpy
api-ms-win-crt-stdio-l1-1-0
ftell
fgets
fopen
fread
fseek
fputs
__stdio_common_vsprintf
fputc
feof
fwrite
fflush
_lseeki64
_close
fclose
__acrt_iob_func
_write
_read
__stdio_common_vsscanf
_open
api-ms-win-crt-time-l1-1-0
strftime
_gmtime64
_time64
api-ms-win-crt-convert-l1-1-0
strtol
atoi
strtoll
wcstombs
strtoul
api-ms-win-crt-runtime-l1-1-0
_initterm_e
_initterm
_cexit
_beginthreadex
_getpid
_crt_atexit
strerror
__sys_nerr
_errno
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
api-ms-win-crt-string-l1-1-0
isupper
_strdup
strncmp
strncpy
tolower
strpbrk
strcspn
strspn
strcmp
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-filesystem-l1-1-0
_unlink
_fstat64
_access
_stat64
api-ms-win-crt-heap-l1-1-0
free
calloc
malloc
realloc
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-math-l1-1-0
_fdopen
Exports
Exports
curl_dbg_accept
curl_dbg_calloc
curl_dbg_fclose
curl_dbg_fdopen
curl_dbg_fopen
curl_dbg_free
curl_dbg_log
curl_dbg_malloc
curl_dbg_mark_sclose
curl_dbg_memdebug
curl_dbg_memlimit
curl_dbg_realloc
curl_dbg_recv
curl_dbg_sclose
curl_dbg_send
curl_dbg_socket
curl_dbg_strdup
curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_perform_ev
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info
Sections
.text Size: 370KB - Virtual size: 370KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 98KB - Virtual size: 97KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Lowkey Cracked_ BYKali/lowkey-spoofer-fixed.1337
-
Lowkey Cracked_ BYKali/zlib1.dll.dll windows:6 windows x64 arch:x64
3e00cc5294fc2fcbabd14c323443ba4e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\KC\Documents\GitHub\vcpkg\buildtrees\zlib\x64-windows-rel\zlib.pdb
Imports
vcruntime140
__std_type_info_destroy_list
__C_specific_handler
memchr
memset
memcpy
api-ms-win-crt-stdio-l1-1-0
_wopen
_write
_read
_close
__stdio_common_vsprintf
_open
_lseeki64
api-ms-win-crt-heap-l1-1-0
malloc
free
api-ms-win-crt-convert-l1-1-0
wcstombs
api-ms-win-crt-runtime-l1-1-0
_errno
_cexit
strerror
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
kernel32
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
RtlCaptureContext
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
Exports
Exports
adler32
adler32_combine
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion
Sections
.text Size: 53KB - Virtual size: 53KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 108B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ