| / PC-Online 1998 February
/ PCOnline_02_1998.iso / filesbbs / win3x / browse.exe / REBOOTNT.EXE
| < prev | next > |
| MS-DOS/Windows or OS/2 Executable | 1997-01-29 | 3.5 KB |
view JSON data
|
view as text
|
open on a Mac
|
open on a PC| Confidence | Program | Detection | Match Type | Support |
|---|---|---|---|---|
| 100% | dexvert | MS-DOS/Windows or OS/2 Executable (executable/exe) | magic | Supported |
| 1% | dexvert | Ady's GLUE Packed (archive/adysGLUEPacked) | ext | Unsupported |
| 1% | dexvert | BlacK FiST Packed (archive/blackFiSTPacked) | ext | Unsupported |
| 1% | dexvert | CauseWay Compressor Packed (archive/causeWayCompressorPacked) | ext | Unsupported |
| 1% | dexvert | CExe Packed (archive/cExePacked) | ext | Unsupported |
| 1% | dexvert | cIPHATOR Protected (archive/ciphatorProtected) | ext | Unsupported |
| 1% | dexvert | CRYPACK Protected (archive/crypackProtected) | ext | Unsupported |
| 1% | dexvert | CRYPTEXE Protected (archive/cryptexeProtected) | ext | Unsupported |
| 1% | dexvert | Crypt Light Show Protected (archive/cryptLightShowProtected) | ext | Unsupported |
| 1% | dexvert | DaRKSToP Protected (archive/darkstopProtected) | ext | Unsupported |
| 1% | dexvert | DiskImager SFX Image (archive/diskImagerSFXImage) | ext | Unsupported |
| 1% | dexvert | Dismember EXE CRYPT Protected (archive/dismemberProtected) | ext | Unsupported |
| 1% | dexvert | DJP Packed (archive/djpPacked) | ext | Unsupported |
| 1% | dexvert | .NETZ Packed (archive/dotNETZPacked) | ext | Unsupported |
| 1% | dexvert | DSHIELD Protected (archive/dshieldProtected) | ext | Unsupported |
| 1% | dexvert | Exe32Pack Packed (archive/exe32PackPacked) | ext | Unsupported |
| 1% | dexvert | EXE Manager Protected (archive/exeManagerProtected) | ext | Unsupported |
| 1% | dexvert | EXETOOLS Protected (archive/exetoolsProtected) | ext | Unsupported |
| 1% | dexvert | EZip Packed (archive/ezipPacked) | ext | Unsupported |
| 1% | dexvert | FSG Packed (archive/fsgPacked) | ext | Unsupported |
| 1% | dexvert | HackStop Protected (archive/hackStopProtected) | ext | Unsupported |
| 1% | dexvert | JMCryptExe Protected (archive/jmCryptExeProtected) | ext | Unsupported |
| 1% | dexvert | kkrunchy Packed (archive/kkcrunchPacked) | ext | Unsupported |
| 1% | dexvert | mbp SHRINK Packed (archive/mbpSHRINKPacked) | ext | Unsupported |
| 1% | dexvert | MEGALITE Packed (archive/megalitePacked) | ext | Unsupported |
| 1% | dexvert | Mess Protected (archive/messProtected) | ext | Unsupported |
| 1% | dexvert | Mew Packed (archive/mewPacked) | ext | Unsupported |
| 1% | dexvert | MPRESS Packed (archive/mpressPacked) | ext | Unsupported |
| 1% | dexvert | NOS Packer Packed (archive/nosPackerPacked) | ext | Unsupported |
| 1% | dexvert | NTShell Protected (archive/ntShellProtected) | ext | Unsupported |
| 1% | dexvert | Pack Master Packed (archive/packMasterPacked) | ext | Unsupported |
| 1% | dexvert | PE Diminisher Packed (archive/peDiminisherPacked) | ext | Unsupported |
| 1% | dexvert | Petite Packed (archive/petitePacked) | ext | Unsupported |
| 1% | dexvert | PeX Packed (archive/pexPacked) | ext | Unsupported |
| 1% | dexvert | PKLITE32 Packed (archive/pklite32Packed) | ext | Unsupported |
| 1% | dexvert | PowerBatch Packed (archive/powerBatchPacked) | ext | Unsupported |
| 1% | dexvert | protector Protected (archive/protectorProtected) | ext | Unsupported |
| 1% | dexvert | py2exe Packed (archive/py2exePacked) | ext | Unsupported |
| 1% | dexvert | PyInstaller Packed (archive/pyInstallerPacked) | ext | Unsupported |
| 1% | dexvert | Scramb Packed (archive/scrambPacked) | ext | Unsupported |
| 1% | dexvert | SECURE Protected (archive/secureProtected) | ext | Unsupported |
| 1% | dexvert | Shrinker Packed (Windows) (archive/shrinkerWindowsPacked) | ext | Unsupported |
| 1% | dexvert | Spoon Studio Packed (archive/spoonStudioPacked) | ext | Unsupported |
| 1% | dexvert | tElock Packed (archive/telockPacked) | ext | Unsupported |
| 1% | dexvert | The Builder Packed (archive/theBuilderPacked) | ext | Unsupported |
| 1% | dexvert | The Patcher Packed (archive/thePatcherPacked) | ext | Unsupported |
| 1% | dexvert | 32Lite Packed (archive/thirtyTwoLitePacked) | ext | Unsupported |
| 1% | dexvert | TinyProt Protected (archive/tinyProtProtected) | ext | Unsupported |
| 1% | dexvert | (Win)Upack Packed (archive/winUpackPacked) | ext | Unsupported |
| 1% | dexvert | Yoda's Crypte Protected (archive/yodasCrypterProtected) | ext | Unsupported |
| 1% | dexvert | MS-DOS PMODE extender executable (executable/msdosPMODEExtenderExecutable) | ext | Unsupported |
| 1% | dexvert | Sony Playstation Executable (executable/sonyPlaystationExe) | ext | Unsupported |
| 1% | dexvert | Novell Netware Virtual Loadable Module (other/novellNetwareVirtualLoadableModule) | ext | Unsupported |
| 100% | file | PE32 executable for MS Windows 4.00 (GUI), Intel i386, 5 sections | default | |
| 99% | file | data | default | |
| 83% | TrID | Win32 Executable MS Visual C++ 4.x | default | |
| 4% | TrID | Win32 Dynamic Link Library (generic) | default (weak) | |
| 3% | TrID | Win16 NE executable (generic) | default (weak) | |
| 2% | TrID | Win32 Executable (generic) | default (weak) | |
| 1% | TrID | Win16/32 Executable Delphi generic | default (weak) | |
| 100% | gt2 | Ist eine ausf�hrbare Win32 Datei | default | |
| 100% | binwalkID | Microsoft executable, portable (PE) | default | |
| 100% | xdgMime | application/vnd.microsoft.portable-executable | default (weak) |
+--------+-------------------------+-------------------------+--------+--------+
|00000000| 4d 5a 90 00 03 00 00 00 | 04 00 00 00 ff ff 00 00 |MZ......|........|
|00000010| b8 00 00 00 00 00 00 00 | 40 00 00 00 00 00 00 00 |........|@.......|
|00000020| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000030| 00 00 00 00 00 00 00 00 | 00 00 00 00 80 00 00 00 |........|........|
|00000040| 0e 1f ba 0e 00 b4 09 cd | 21 b8 01 4c cd 21 54 68 |........|!..L.!Th|
|00000050| 69 73 20 70 72 6f 67 72 | 61 6d 20 63 61 6e 6e 6f |is progr|am canno|
|00000060| 74 20 62 65 20 72 75 6e | 20 69 6e 20 44 4f 53 20 |t be run| in DOS |
|00000070| 6d 6f 64 65 2e 0d 0d 0a | 24 00 00 00 00 00 00 00 |mode....|$.......|
|00000080| 50 45 00 00 4c 01 05 00 | 1e bd ef 32 00 00 00 00 |PE..L...|...2....|
|00000090| 00 00 00 00 e0 00 0e 01 | 0b 01 04 14 00 02 00 00 |........|........|
|000000a0| 00 08 00 00 00 00 00 00 | 00 10 00 00 00 10 00 00 |........|........|
|000000b0| 00 20 00 00 00 00 40 00 | 00 10 00 00 00 02 00 00 |. ....@.|........|
|000000c0| 04 00 00 00 00 00 00 00 | 04 00 00 00 00 00 00 00 |........|........|
|000000d0| 00 60 00 00 00 04 00 00 | 00 00 00 00 02 00 00 00 |.`......|........|
|000000e0| 00 00 10 00 00 10 00 00 | 00 10 00 00 00 10 00 00 |........|........|
|000000f0| 00 00 00 00 10 00 00 00 | 00 20 00 00 35 00 00 00 |........|. ..5...|
|00000100| 00 40 00 00 50 00 00 00 | 00 00 00 00 00 00 00 00 |.@..P...|........|
|00000110| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000120| 00 50 00 00 18 00 00 00 | 00 00 00 00 00 00 00 00 |.P......|........|
|00000130| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000140| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000150| 00 00 00 00 00 00 00 00 | 78 40 00 00 28 00 00 00 |........|x@..(...|
|00000160| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000170| 00 00 00 00 00 00 00 00 | 2e 74 65 78 74 00 00 00 |........|.text...|
|00000180| 92 00 00 00 00 10 00 00 | 00 02 00 00 00 04 00 00 |........|........|
|00000190| 00 00 00 00 00 00 00 00 | 00 00 00 00 20 00 00 60 |........|.... ..`|
|000001a0| 2e 72 64 61 74 61 00 00 | 35 00 00 00 00 20 00 00 |.rdata..|5.... ..|
|000001b0| 00 02 00 00 00 06 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000001c0| 00 00 00 00 40 00 00 40 | 2e 64 61 74 61 00 00 00 |....@..@|.data...|
|000001d0| 14 00 00 00 00 30 00 00 | 00 02 00 00 00 08 00 00 |.....0..|........|
|000001e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 40 00 00 c0 |........|....@...|
|000001f0| 2e 69 64 61 74 61 00 00 | 54 01 00 00 00 40 00 00 |.idata..|T....@..|
|00000200| 00 02 00 00 00 0a 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000210| 00 00 00 00 40 00 00 c0 | 2e 72 65 6c 6f 63 00 00 |....@...|.reloc..|
|00000220| 46 00 00 00 00 50 00 00 | 00 02 00 00 00 0c 00 00 |F....P..|........|
|00000230| 00 00 00 00 00 00 00 00 | 00 00 00 00 40 00 00 42 |........|....@..B|
|00000240| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000250| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000260| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000270| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000280| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000290| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000002a0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000002b0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000002c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000002d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000002e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000002f0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000300| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000310| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000320| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000330| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000340| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000350| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000360| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000370| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000380| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000390| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000003a0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000003b0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000003c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000003d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000003e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000003f0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000400| 55 8b ec 81 ec 18 01 00 | 00 56 8d 85 e8 fe ff ff |U.......|.V......|
|00000410| 68 04 01 00 00 50 ff 75 | 08 ff 15 8c 40 40 00 85 |h....P.u|....@@..|
|00000420| c0 74 11 6a 05 8d 85 e8 | fe ff ff 6a 00 50 ff 15 |.t.j....|...j.P..|
|00000430| 90 40 40 00 8d 45 fc 50 | 6a 28 ff 15 88 40 40 00 |.@@..E.P|j(...@@.|
|00000440| 50 ff 15 80 40 40 00 85 | c0 74 3e 8d 45 f0 33 f6 |P...@@..|.t>.E.3.|
|00000450| 50 68 00 30 40 00 56 ff | 15 78 40 40 00 56 8d 4d |Ph.0@.V.|.x@@.V.M|
|00000460| ec c7 45 ec 01 00 00 00 | c7 45 f8 02 00 00 00 56 |..E.....|.E.....V|
|00000470| 56 51 56 ff 75 fc ff 15 | 7c 40 40 00 85 c0 74 09 |VQV.u...||@@...t.|
|00000480| 56 6a 02 ff 15 98 40 40 | 00 33 c0 5e 8b e5 5d c2 |Vj....@@|.3.^..].|
|00000490| 10 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000004a0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000004b0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000004c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000004d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000004e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000004f0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000500| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000510| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000520| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000530| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000540| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000550| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000560| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000570| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000580| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000590| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000005a0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000005b0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000005c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000005d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000005e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000005f0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000600| 00 00 00 00 1e bd ef 32 | 00 00 00 00 28 20 00 00 |.......2|....( ..|
|00000610| 01 00 00 00 00 00 00 00 | 00 00 00 00 28 20 00 00 |........|....( ..|
|00000620| 28 20 00 00 28 20 00 00 | 52 45 42 4f 4f 54 4e 54 |( ..( ..|REBOOTNT|
|00000630| 2e 45 58 45 00 00 00 00 | 00 00 00 00 00 00 00 00 |.EXE....|........|
|00000640| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000650| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000660| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000670| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000680| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000690| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000006a0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000006b0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000006c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000006d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000006e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000006f0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000700| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000710| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000720| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000730| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000740| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000750| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000760| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000770| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000780| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000790| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000007a0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000007b0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000007c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000007d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000007e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000007f0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000800| 53 65 53 68 75 74 64 6f | 77 6e 50 72 69 76 69 6c |SeShutdo|wnPrivil|
|00000810| 65 67 65 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |ege.....|........|
|00000820| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000830| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000840| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000850| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000860| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000870| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000880| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000890| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000008a0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000008b0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000008c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000008d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000008e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000008f0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000900| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000910| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000920| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000930| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000940| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000950| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000960| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000970| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000980| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000990| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000009a0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000009b0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000009c0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000009d0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000009e0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|000009f0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000a00| 60 40 00 00 00 00 00 00 | 00 00 00 00 d8 40 00 00 |`@......|.....@..|
|00000a10| 88 40 00 00 70 40 00 00 | 00 00 00 00 00 00 00 00 |.@..p@..|........|
|00000a20| f6 40 00 00 98 40 00 00 | 50 40 00 00 00 00 00 00 |.@...@..|P@......|
|00000a30| 00 00 00 00 46 41 00 00 | 78 40 00 00 00 00 00 00 |....FA..|x@......|
|00000a40| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000a50| 1a 41 00 00 02 41 00 00 | 32 41 00 00 00 00 00 00 |.A...A..|2A......|
|00000a60| a0 40 00 00 c2 40 00 00 | b4 40 00 00 00 00 00 00 |.@...@..|.@......|
|00000a70| e6 40 00 00 00 00 00 00 | 1a 41 00 00 02 41 00 00 |.@......|.A...A..|
|00000a80| 32 41 00 00 00 00 00 00 | a0 40 00 00 c2 40 00 00 |2A......|.@...@..|
|00000a90| b4 40 00 00 00 00 00 00 | e6 40 00 00 00 00 00 00 |.@......|.@......|
|00000aa0| d2 00 47 65 74 43 75 72 | 72 65 6e 74 50 72 6f 63 |..GetCur|rentProc|
|00000ab0| 65 73 73 00 a5 01 4d 6f | 76 65 46 69 6c 65 45 78 |ess...Mo|veFileEx|
|00000ac0| 41 00 fb 00 47 65 74 4d | 6f 64 75 6c 65 46 69 6c |A...GetM|oduleFil|
|00000ad0| 65 4e 61 6d 65 41 00 00 | 4b 45 52 4e 45 4c 33 32 |eNameA..|KERNEL32|
|00000ae0| 2e 64 6c 6c 00 00 cb 00 | 45 78 69 74 57 69 6e 64 |.dll....|ExitWind|
|00000af0| 6f 77 73 45 78 00 55 53 | 45 52 33 32 2e 64 6c 6c |owsEx.US|ER32.dll|
|00000b00| 00 00 0a 00 41 64 6a 75 | 73 74 54 6f 6b 65 6e 50 |....Adju|stTokenP|
|00000b10| 72 69 76 69 6c 65 67 65 | 73 00 bf 00 4c 6f 6f 6b |rivilege|s...Look|
|00000b20| 75 70 50 72 69 76 69 6c | 65 67 65 56 61 6c 75 65 |upPrivil|egeValue|
|00000b30| 41 00 04 01 4f 70 65 6e | 50 72 6f 63 65 73 73 54 |A...Open|ProcessT|
|00000b40| 6f 6b 65 6e 00 00 41 44 | 56 41 50 49 33 32 2e 64 |oken..AD|VAPI32.d|
|00000b50| 6c 6c 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |ll......|........|
|00000b60| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000b70| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000b80| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000b90| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000ba0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000bb0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000bc0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000bd0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000be0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000bf0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000c00| 00 10 00 00 18 00 00 00 | 1b 30 30 30 3c 30 43 30 |........|.000<0C0|
|00000c10| 52 30 59 30 78 30 85 30 | 00 00 00 00 00 00 00 00 |R0Y0x0.0|........|
|00000c20| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000c30| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000c40| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000c50| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000c60| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000c70| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000c80| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000c90| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000ca0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000cb0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000cc0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000cd0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000ce0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000cf0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d00| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d10| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d20| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d30| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d40| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d50| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d60| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d70| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d80| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000d90| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000da0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000db0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000dc0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000dd0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000de0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
|00000df0| 00 00 00 00 00 00 00 00 | 00 00 00 00 00 00 00 00 |........|........|
+--------+-------------------------+-------------------------+--------+--------+