| PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x10014615<BR>timedatestamp.....: 0x489bb4b1 (Fri Aug 08 02:51:29 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 5 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0x1c87d 0x1d000 6.57 9519973bddf095dad1ac25384afa1d18<BR>.rdata 0x1e000 0x4bd6 0x5000 4.65 07d6a17d5586bf0e0d6651c5479296b1<BR>.data 0x23000 0x2ac8 0x2000 2.22 3339eb5fdb8dd1ffb76c52fff29a67f7<BR>.rsrc 0x26000 0x880 0x1000 2.18 b4d82b7f1b6f4e003584a6756473aaff<BR>.reloc 0x27000 0x278e 0x3000 4.13 57c2750e24169898113303b150ca9322<BR><BR>( 8 imports ) <BR>> urlmon.dll: CoInternetGetSession<BR>> KERNEL32.dll: SetEndOfFile, InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale, GetVersionExA, MultiByteToWideChar, WideCharToMultiByte, lstrlenW, RaiseException, GetLastError, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSection, DeleteCriticalSection, SizeofResource, LockResource, LoadResource, FindResourceA, FindResourceExA, lstrlenA, lstrcmpiA, lstrcpynA, lstrcpyA, GetModuleFileNameA, lstrcatA, GetStringTypeA, IsDBCSLeadByte, InterlockedIncrement, InterlockedDecrement, FreeLibrary, LoadLibraryExA, GetModuleHandleA, GetTempPathA, Sleep, GetVolumeInformationA, CloseHandle, WriteFile, CreateFileA, MoveFileA, DeleteFileA, ReadFile, GetFileSize, CopyFileA, CreateThread, UnhandledExceptionFilter, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, SetFilePointer, GetStartupInfoA, GetFileType, GetStringTypeW, LoadLibraryA, IsBadReadPtr, IsBadCodePtr, FlushFileBuffers, GetStdHandle, SetStdHandle, SetHandleCount, SetUnhandledExceptionFilter, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, GetCurrentProcess, TerminateProcess, IsBadWritePtr, VirtualFree, HeapCreate, GetProcAddress, TlsGetValue, TlsSetValue, TlsFree, HeapDestroy, HeapAlloc, HeapFree, HeapReAlloc, HeapSize, GetProcessHeap, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, RtlUnwind, ExitProcess, GetSystemTimeAsFileTime, GetCurrentThreadId, GetCommandLineA, LCMapStringA, LCMapStringW, GetOEMCP, GetCPInfo, TlsAlloc, SetLastError<BR>> USER32.dll: CharNextA<BR>> ADVAPI32.dll: RegQueryInfoKeyA, RegSetValueExA, RegOpenKeyExA, RegCreateKeyExA, RegCloseKey, RegDeleteValueA, RegDeleteKeyA, RegEnumKeyExA<BR>> ole32.dll: CoGetClassObject, CoCreateInstance, CoTaskMemRealloc, CoTaskMemFree, CoTaskMemAlloc, StringFromGUID2<BR>> OLEAUT32.dll: -, -, -, -, -, -<BR>> SHLWAPI.dll: PathFindExtensionA, PathFileExistsA<BR>> WININET.dll: InternetCloseHandle, InternetReadFile, InternetOpenUrlA, InternetSetOptionA, InternetOpenA<BR><BR>( 4 exports ) <BR>DllCanUnloadNow, DllGetClassObject, DllRegisterServer, |
发表于 2008-8-18 14:43:46
发表于 2008-8-18 15:14:44
