PESCAN.IO - Analysis Report Basic |
|||||||
| File Structure |
|
PE Chart Code
Executable header (light blue)
Executable sections (pink)
Non-executable sections (black)
External injected code (red)
File Structure in red = malformed or corrupted header
Chart Code For Other Files
Printable characters (blue)
Non-printable characters (black)
| Information |
| Size: 1,28 MB SHA-256 Hash: 68C78590D1997122C30C992EC79857D32E5E976A0F17C0A69A2E29EAB0101D70 SHA-1 Hash: 5743D07BEBACFA3BBFDD883ECB1F80C9CF3B96D9 MD5 Hash: 552A28572DFEAAD3EF6F57B223A7DE76 Imphash: 968F4D5BB6EB388C5D5DA08A94ACACEF MajorOSVersion: 6 MinorOSVersion: 0 CheckSum: 00000000 EntryPoint (rva): 81D00 SizeOfHeaders: 400 SizeOfImage: 14D000 ImageBase: 10000000 Architecture: x86 ExportTable: 11F760 ImportTable: 125B30 IAT: E6000 Characteristics: 2102 TimeDateStamp: 68B6172C Date: 01/09/2025 21:59:08 File Type: DLL Number Of Sections: 5 ASLR: Enabled Section Names: .text, .rdata, .data, .rsrc, .reloc Number Of Executable Sections: 1 Subsystem: Windows GUI UAC Execution Level Manifest: asInvoker |
| Sections Info |
| Section Name | Flags | ROffset | RSize | VOffset | VSize | Entropy | Chi2 |
|---|---|---|---|---|---|---|---|
| .text | 60000020 (Code, Executable, Readable) | 400 | E5000 | 1000 | E4F16 | 6,7075 | 3647943,66 |
| .rdata | 40000040 (Initialized Data, Readable) | E5400 | 41600 | E6000 | 4150C | 6,1165 | 1931658,87 |
| .data | C0000040 (Initialized Data, Readable, Writeable) | 126A00 | 16C00 | 128000 | 18668 | 6,4994 | 1181446,28 |
| .rsrc | 40000040 (Initialized Data, Readable) | 13D600 | 600 | 141000 | 4E8 | 3,6249 | 110779,67 |
| .reloc | 42000040 (Initialized Data, GP-Relative, Readable) | 13DC00 | A400 | 142000 | A374 | 6,7568 | 157683,87 |
| Description |
| OriginalFilename: SDL2.dll LegalCopyright: Copyright (C) 2025 Sam Lantinga ProductName: Simple DirectMedia Layer FileVersion: 2, 32, 10, 0 FileDescription: SDL ProductVersion: 2, 32, 10, 0 Language: English (United States) (ID=0x409) CodePage: Unicode (UTF-16 LE) (0x4B0) |
| Entry Point |
| The section number (1) - (.text) have the Entry Point Information -> EntryPoint (calculated) - 81100 Code -> B801000000C20C00CCCCCCCCCCCCCCCC558BEC81EC600100005356578B7D088DB5A0FEFFFF578BC6C745A000000000BB0200 • MOV EAX, 1 • RET 0XC • INT3 • INT3 • INT3 • INT3 • INT3 • INT3 • INT3 • INT3 • PUSH EBP • MOV EBP, ESP • SUB ESP, 0X160 • PUSH EBX • PUSH ESI • PUSH EDI • MOV EDI, DWORD PTR [EBP + 8] • LEA ESI, [EBP - 0X160] • PUSH EDI • MOV EAX, ESI • MOV DWORD PTR [EBP - 0X60], 0 |
| Signatures |
| Rich Signature Analyzer: Code -> CA6EA3248E0FCD778E0FCD778E0FCD77FA8EC9768A0FCD77FA8ECC76990FCD778E0FCC77960ECD770186C976370FCD770186CD768F0FCD77018632778F0FCD778E0F5A778F0FCD770186CF768F0FCD77526963688E0FCD77 Footprint md5 Hash -> E85FFD8103CD0462F5D27BE92FD23F3D • The Rich header apparently has not been modified Certificate - Digital Signature Not Found: • The file is not signed |
| Packer/Compiler |
| Compiler: Microsoft Visual Studio Detect It Easy (die) • PE: patcher: simple patch(-)[-] • PE: linker: Microsoft Linker(14.44**)[-] • Entropy: 6.97086 |
| Suspicious Functions |
| Library | Function | Description |
|---|---|---|
| KERNEL32.DLL | WriteFile | Possible Call API By Name | Writes data to a specified file or input/output (I/O) device. |
| KERNEL32.DLL | VirtualAlloc | Reserve, commit, or both, a region of memory within the virtual address space of a process. |
| KERNEL32.DLL | WriteFile | Writes data to a specified file or input/output (I/O) device. |
| KERNEL32.DLL | LoadLibraryA | Loads the specified module into the address space of the calling process. |
| KERNEL32.DLL | LoadLibraryW | Loads the specified module into the address space of the calling process. |
| KERNEL32.DLL | GetProcAddress | Retrieves the address of an exported function or variable from the specified dynamic-link library (DLL). |
| KERNEL32.DLL | CreateFileA | Creates or opens a file or I/O device. |
| KERNEL32.DLL | IsDebuggerPresent | Determines if the calling process is being debugged by a user-mode debugger. |
| USER32.DLL | GetAsyncKeyState | Retrieves the status of a virtual key asynchronously. |
| SHELL32.DLL | ShellExecuteW | Performs a run operation on a specific file. |
| ET Functions (carving) |
| SDL_AddEventWatch SDL_AddHintCallback SDL_AddTimer SDL_AllocFormat SDL_AllocPalette SDL_AllocRW SDL_AtomicAdd SDL_AtomicCAS SDL_AtomicCASPtr SDL_AtomicGet SDL_AtomicGetPtr SDL_AtomicLock SDL_AtomicSet SDL_AtomicSetPtr SDL_AtomicTryLock SDL_AtomicUnlock SDL_AudioInit SDL_AudioQuit SDL_AudioStreamAvailable SDL_AudioStreamClear SDL_AudioStreamFlush SDL_AudioStreamGet SDL_AudioStreamPut SDL_BuildAudioCVT SDL_CalculateGammaRamp SDL_CaptureMouse SDL_ClearComposition SDL_ClearError SDL_ClearHints SDL_ClearQueuedAudio SDL_CloseAudio SDL_CloseAudioDevice SDL_ComposeCustomBlendMode SDL_CondBroadcast SDL_CondSignal SDL_CondWait SDL_CondWaitTimeout SDL_ConvertAudio SDL_ConvertPixels SDL_ConvertSurface SDL_ConvertSurfaceFormat SDL_CreateColorCursor SDL_CreateCond SDL_CreateCursor SDL_CreateMutex SDL_CreateRGBSurface SDL_CreateRGBSurfaceFrom SDL_CreateRGBSurfaceWithFormat SDL_CreateRGBSurfaceWithFormatFrom SDL_CreateRenderer SDL_CreateSemaphore SDL_CreateShapedWindow SDL_CreateSoftwareRenderer SDL_CreateSystemCursor SDL_CreateTexture SDL_CreateTextureFromSurface SDL_CreateThread SDL_CreateThreadWithStackSize SDL_CreateWindow SDL_CreateWindowAndRenderer SDL_CreateWindowFrom SDL_DXGIGetOutputInfo SDL_DYNAPI_entry SDL_DelEventWatch SDL_DelHintCallback SDL_Delay SDL_DequeueAudio SDL_DestroyCond SDL_DestroyMutex SDL_DestroyRenderer SDL_DestroySemaphore SDL_DestroyTexture SDL_DestroyWindow SDL_DestroyWindowSurface SDL_DetachThread SDL_Direct3D9GetAdapterIndex SDL_DisableScreenSaver SDL_DuplicateSurface SDL_EnableScreenSaver SDL_EncloseFPoints SDL_EnclosePoints SDL_Error SDL_EventState SDL_FillRect SDL_FillRects SDL_FilterEvents SDL_FlashWindow SDL_FlushEvent SDL_FlushEvents SDL_FreeAudioStream SDL_FreeCursor SDL_FreeFormat SDL_FreePalette SDL_FreeRW SDL_FreeSurface SDL_FreeWAV SDL_GL_BindTexture SDL_GL_CreateContext SDL_GL_DeleteContext SDL_GL_ExtensionSupported SDL_GL_GetAttribute SDL_GL_GetCurrentContext SDL_GL_GetCurrentWindow SDL_GL_GetDrawableSize SDL_GL_GetProcAddress SDL_GL_GetSwapInterval SDL_GL_LoadLibrary SDL_GL_MakeCurrent SDL_GL_ResetAttributes SDL_GL_SetAttribute SDL_GL_SetSwapInterval SDL_GL_SwapWindow SDL_GL_UnbindTexture SDL_GL_UnloadLibrary SDL_GUIDFromString SDL_GUIDToString SDL_GameControllerAddMapping SDL_GameControllerAddMappingsFromRW SDL_GameControllerClose SDL_GameControllerEventState SDL_GameControllerFromInstanceID SDL_GameControllerFromPlayerIndex SDL_GameControllerGetAppleSFSymbolsNameForAxis SDL_GameControllerGetAppleSFSymbolsNameForButton SDL_GameControllerGetAttached SDL_GameControllerGetAxis SDL_GameControllerGetAxisFromString SDL_GameControllerGetBindForAxis SDL_GameControllerGetBindForButton SDL_GameControllerGetButton SDL_GameControllerGetButtonFromString SDL_GameControllerGetFirmwareVersion SDL_GameControllerGetJoystick SDL_GameControllerGetNumTouchpadFingers SDL_GameControllerGetNumTouchpads SDL_GameControllerGetPlayerIndex SDL_GameControllerGetProduct SDL_GameControllerGetProductVersion SDL_GameControllerGetSensorData SDL_GameControllerGetSensorDataRate SDL_GameControllerGetSensorDataWithTimestamp SDL_GameControllerGetSerial SDL_GameControllerGetSteamHandle SDL_GameControllerGetStringForAxis SDL_GameControllerGetStringForButton SDL_GameControllerGetTouchpadFinger SDL_GameControllerGetType SDL_GameControllerGetVendor SDL_GameControllerHasAxis SDL_GameControllerHasButton SDL_GameControllerHasLED SDL_GameControllerHasRumble SDL_GameControllerHasRumbleTriggers SDL_GameControllerHasSensor SDL_GameControllerIsSensorEnabled SDL_GameControllerMapping SDL_GameControllerMappingForDeviceIndex SDL_GameControllerMappingForGUID SDL_GameControllerMappingForIndex SDL_GameControllerName SDL_GameControllerNameForIndex SDL_GameControllerNumMappings SDL_GameControllerOpen SDL_GameControllerPath SDL_GameControllerPathForIndex SDL_GameControllerRumble SDL_GameControllerRumbleTriggers SDL_GameControllerSendEffect SDL_GameControllerSetLED SDL_GameControllerSetPlayerIndex SDL_GameControllerSetSensorEnabled SDL_GameControllerTypeForIndex SDL_GameControllerUpdate SDL_GetAssertionHandler SDL_GetAssertionReport SDL_GetAudioDeviceName SDL_GetAudioDeviceSpec SDL_GetAudioDeviceStatus SDL_GetAudioDriver SDL_GetAudioStatus SDL_GetBasePath SDL_GetCPUCacheLineSize SDL_GetCPUCount SDL_GetClipRect SDL_GetClipboardText SDL_GetClosestDisplayMode SDL_GetColorKey SDL_GetCurrentAudioDriver SDL_GetCurrentDisplayMode SDL_GetCurrentVideoDriver SDL_GetCursor SDL_GetDefaultAssertionHandler SDL_GetDefaultAudioInfo SDL_GetDefaultCursor SDL_GetDesktopDisplayMode SDL_GetDisplayBounds SDL_GetDisplayDPI SDL_GetDisplayMode SDL_GetDisplayName SDL_GetDisplayOrientation SDL_GetDisplayUsableBounds SDL_GetError SDL_GetErrorMsg SDL_GetEventFilter SDL_GetGlobalMouseState SDL_GetGrabbedWindow SDL_GetHint SDL_GetHintBoolean SDL_GetJoystickGUIDInfo SDL_GetKeyFromName SDL_GetKeyFromScancode SDL_GetKeyName SDL_GetKeyboardFocus SDL_GetKeyboardState SDL_GetMemoryFunctions SDL_GetModState SDL_GetMouseFocus SDL_GetMouseState SDL_GetNumAllocations SDL_GetNumAudioDevices SDL_GetNumAudioDrivers SDL_GetNumDisplayModes SDL_GetNumRenderDrivers SDL_GetNumTouchDevices SDL_GetNumTouchFingers SDL_GetNumVideoDisplays SDL_GetNumVideoDrivers SDL_GetOriginalMemoryFunctions SDL_GetPerformanceCounter SDL_GetPerformanceFrequency SDL_GetPixelFormatName SDL_GetPlatform SDL_GetPointDisplayIndex SDL_GetPowerInfo SDL_GetPrefPath SDL_GetPreferredLocales SDL_GetPrimarySelectionText SDL_GetQueuedAudioSize SDL_GetRGB SDL_GetRGBA SDL_GetRectDisplayIndex SDL_GetRelativeMouseMode SDL_GetRelativeMouseState SDL_GetRenderDrawBlendMode SDL_GetRenderDrawColor SDL_GetRenderDriverInfo SDL_GetRenderTarget SDL_GetRenderer SDL_GetRendererInfo SDL_GetRendererOutputSize SDL_GetRevision SDL_GetRevisionNumber SDL_GetScancodeFromKey SDL_GetScancodeFromName SDL_GetScancodeName SDL_GetShapedWindowMode SDL_GetSurfaceAlphaMod SDL_GetSurfaceBlendMode SDL_GetSurfaceColorMod SDL_GetSystemRAM SDL_GetTextureAlphaMod SDL_GetTextureBlendMode SDL_GetTextureColorMod SDL_GetTextureScaleMode SDL_GetTextureUserData SDL_GetThreadID SDL_GetThreadName SDL_GetTicks SDL_GetTicks64 SDL_GetTouchDevice SDL_GetTouchDeviceType SDL_GetTouchFinger SDL_GetTouchName SDL_GetVersion SDL_GetVideoDriver SDL_GetWindowBordersSize SDL_GetWindowBrightness SDL_GetWindowData SDL_GetWindowDisplayIndex SDL_GetWindowDisplayMode SDL_GetWindowFlags SDL_GetWindowFromID SDL_GetWindowGammaRamp SDL_GetWindowGrab SDL_GetWindowICCProfile SDL_GetWindowID SDL_GetWindowKeyboardGrab SDL_GetWindowMaximumSize SDL_GetWindowMinimumSize SDL_GetWindowMouseGrab SDL_GetWindowMouseRect SDL_GetWindowOpacity SDL_GetWindowPixelFormat SDL_GetWindowPosition SDL_GetWindowSize SDL_GetWindowSizeInPixels SDL_GetWindowSurface SDL_GetWindowTitle SDL_GetWindowWMInfo SDL_GetYUVConversionMode SDL_GetYUVConversionModeForResolution SDL_HapticClose SDL_HapticDestroyEffect SDL_HapticEffectSupported SDL_HapticGetEffectStatus SDL_HapticIndex SDL_HapticName SDL_HapticNewEffect SDL_HapticNumAxes SDL_HapticNumEffects SDL_HapticNumEffectsPlaying SDL_HapticOpen SDL_HapticOpenFromJoystick SDL_HapticOpenFromMouse SDL_HapticOpened SDL_HapticPause SDL_HapticQuery SDL_HapticRumbleInit SDL_HapticRumblePlay SDL_HapticRumbleStop SDL_HapticRumbleSupported SDL_HapticRunEffect SDL_HapticSetAutocenter SDL_HapticSetGain SDL_HapticStopAll SDL_HapticStopEffect SDL_HapticUnpause SDL_HapticUpdateEffect SDL_Has3DNow SDL_HasARMSIMD SDL_HasAVX SDL_HasAVX2 SDL_HasAVX512F SDL_HasAltiVec SDL_HasClipboardText SDL_HasColorKey SDL_HasEvent SDL_HasEvents SDL_HasIntersection SDL_HasIntersectionF SDL_HasLASX SDL_HasLSX SDL_HasMMX SDL_HasNEON SDL_HasPrimarySelectionText SDL_HasRDTSC SDL_HasSSE SDL_HasSSE2 SDL_HasSSE3 SDL_HasSSE41 SDL_HasSSE42 SDL_HasScreenKeyboardSupport SDL_HasSurfaceRLE SDL_HasWindowSurface SDL_HideWindow SDL_Init SDL_InitSubSystem SDL_IntersectFRect SDL_IntersectFRectAndLine SDL_IntersectRect SDL_IntersectRectAndLine SDL_IsGameController SDL_IsScreenKeyboardShown SDL_IsScreenSaverEnabled SDL_IsShapedWindow SDL_IsTablet SDL_IsTextInputActive SDL_IsTextInputShown SDL_JoystickAttachVirtual SDL_JoystickAttachVirtualEx SDL_JoystickClose SDL_JoystickCurrentPowerLevel SDL_JoystickDetachVirtual SDL_JoystickEventState SDL_JoystickFromInstanceID SDL_JoystickFromPlayerIndex SDL_JoystickGetAttached SDL_JoystickGetAxis SDL_JoystickGetAxisInitialState SDL_JoystickGetBall SDL_JoystickGetButton SDL_JoystickGetDeviceGUID SDL_JoystickGetDeviceInstanceID SDL_JoystickGetDevicePlayerIndex SDL_JoystickGetDeviceProduct SDL_JoystickGetDeviceProductVersion SDL_JoystickGetDeviceType SDL_JoystickGetDeviceVendor SDL_JoystickGetFirmwareVersion SDL_JoystickGetGUID SDL_JoystickGetGUIDFromString SDL_JoystickGetGUIDString SDL_JoystickGetHat SDL_JoystickGetPlayerIndex SDL_JoystickGetProduct SDL_JoystickGetProductVersion SDL_JoystickGetSerial SDL_JoystickGetType SDL_JoystickGetVendor SDL_JoystickHasLED SDL_JoystickHasRumble • EXPORT FUNCTIONS > 400 |
| Windows REG |
| software\SDL_render_sw.c System\CurrentControlSet\Control\MediaCategories\{%02X%02X%02X%02X-%02X%02X-%02X%02X-%02X%02X-%02X%02X%02X%02X%02X%02X} |
| File Access |
| t locate our .exe OLEAUT32.dll ole32.dll SHELL32.dll ADVAPI32.dll GDI32.dll USER32.dll KERNEL32.dll VERSION.dll IMM32.dll WINMM.dll SETUPAPI.dll SDL2.dll vulkan-1.dll DXGI.DLL D3D9.DLL SHCORE.DLL OPENGL32.DLL libEGL.dll libGLES_CM.dll libGLESv1_CM.dll libGLESv2.dll d3dcompiler_43.dll d3dcompiler_46.dll d3dcompiler_47.dll d3d11.dll D3D12.dll cfgmgr32.dll failed to load DSOUND.DLL qDSOUND.DLL .dat @.dat Temp |
| File Access (UNICODE) |
| comctl32.dll SDL2.dll XInput9_1_0.dll bin\XInput1_3.dll XInput1_3.dll XInput1_4.dll %s%s%scombase.dll hid.dll avrt.dll |
| Interest's Words |
| exec attrib start pause sdelete systeminfo ping |
| Strings/Hex Code Found With The File Rules |
| Rule Type | Encoding | Matched (Word) |
|---|---|---|
| Text | Ascii | WinAPI Sockets (bind) |
| Text | Ascii | WinAPI Sockets (connect) |
| Text | Ascii | WinAPI Sockets (send) |
| Text | Ascii | Registry (RegOpenKeyEx) |
| Text | Ascii | File (CreateFile) |
| Text | Ascii | File (WriteFile) |
| Text | Unicode | File (WriteFile) |
| Text | Ascii | File (ReadFile) |
| Text | Ascii | Anti-Analysis VM (IsDebuggerPresent) |
| Text | Ascii | Anti-Analysis VM (GetSystemInfo) |
| Text | Ascii | Anti-Analysis VM (GlobalMemoryStatusEx) |
| Text | Ascii | Anti-Analysis VM (GetVersion) |
| Text | Ascii | Stealth (ReleaseSemaphore) |
| Text | Ascii | Stealth (CloseHandle) |
| Text | Ascii | Stealth (VirtualAlloc) |
| Text | Ascii | Execution (ShellExecute) |
| Text | Ascii | Execution (CreateSemaphoreW) |
| Text | Ascii | Execution (CreateEventW) |
| Text | Ascii | Keyboard Key (Left Windows) |
| Text | Ascii | Keyboard Key (Right Windows) |
| Text | Ascii | Keyboard Key (Right Shift) |
| Text | Ascii | Keyboard Key (RBUTTON) |
| Text | Ascii | Keyboard Key (Scroll) |
| Text | Ascii | Keyboard Key (PageDown) |
| Text | Ascii | Keyboard Key (PageUp) |
| Text | Ascii | Keyboard Key (CapsLock) |
| Text | Ascii | Keyboard Key (Backspace) |
| Resources |
| Path | DataRVA | Size | FileOffset | Code | Text |
|---|---|---|---|---|---|
| \VERSION\1\1033 | 1410A0 | 2C4 | 13D6A0 | C40234000000560053005F00560045005200530049004F004E005F0049004E0046004F0000000000BD04EFFE000001002000 | ..4...V.S._.V.E.R.S.I.O.N._.I.N.F.O............. . |
| \24\2\1033 | 141368 | 17D | 13D968 | 3C3F786D6C2076657273696F6E3D27312E302720656E636F64696E673D275554462D3827207374616E64616C6F6E653D2779 | <?xml version='1.0' encoding='UTF-8' standalone='y |
| Intelligent String |
| • qDSOUND.DLL • sdlaudio-in.rawsdlaudio.raw • avrt.dll • hid.dll • combase.dll • XInput1_4.dll • XInput1_3.dll • bin\XInput1_3.dll • XInput9_1_0.dll • srcCouldn't locate our .exe • kernel32.dll • \\.\pipe\HIDVID_045E&PID_028E&IG_00%*X&%*X&%*X%d%*uXbox One Game Controller • cfgmgr32.dll • dxgi.dll • D3D12.dll • d3d11.dll • C:\temp\SDL2-2.32.10\src\render\opengl\SDL_render_gl.c • C:\temp\SDL2-2.32.10\src\render\opengles2\SDL_render_gles2.c • C:\temp\SDL2-2.32.10\src\render\software\SDL_render_sw.c • api-ms-win-core-synch-l1-2-0.dll • SDL_VIDEO_DUMMY_SAVE_FRAMESSDL_window%u-%8.8d.bmp • d3dcompiler_47.dll • d3dcompiler_46.dll • d3dcompiler_43.dll • libEGL.dll • imm32.dll • TINTLGNT.IME • CINTLGNT.IME • MSTCIPHA.IME • PINTLGNT.IME • MSSCIPYA.IME • comctl32.dll • TaskDialogIndirect • OPENGL32.DLL • USER32.DLL • SHCORE.DLL • SDL_WINDOW_FRAME_USABLE_WHILE_CURSOR_HIDDEN_SDL_WAKEUPD3D9.DLL • DXGI.DLL • vulkan-1.dll • C:\temp\SDL2-2.32.10\VisualC\SDL\Win32\Release\SDL2.pdb • .bss • SETUPAPI.dll • KERNEL32.dll • ADVAPI32.dll • SDL2.dll |
| Flow Anomalies |
| Offset | RVA | Section | Description |
|---|---|---|---|
| 9C9 | 1013EB6C | .text | CALL [static] | Indirect call to absolute memory address |
| 9D6 | 1013EB64 | .text | CALL [static] | Indirect call to absolute memory address |
| CA6 | 1013EB68 | .text | CALL [static] | Indirect call to absolute memory address |
| CC7 | 1013EB60 | .text | CALL [static] | Indirect call to absolute memory address |
| CF7 | 100E63CC | .text | CALL [static] | Indirect call to absolute memory address |
| 19E6 | 1013EB78 | .text | CALL [static] | Indirect call to absolute memory address |
| 1AC5 | 1013EBAC | .text | CALL [static] | Indirect call to absolute memory address |
| 1C20 | 1013EB80 | .text | CALL [static] | Indirect call to absolute memory address |
| 1C69 | 1013EB98 | .text | CALL [static] | Indirect call to absolute memory address |
| 1CA3 | 1013EB94 | .text | CALL [static] | Indirect call to absolute memory address |
| 1DBC | 1013EB98 | .text | CALL [static] | Indirect call to absolute memory address |
| 1DC3 | 1013EB84 | .text | CALL [static] | Indirect call to absolute memory address |
| 1DF6 | 1013EBA0 | .text | CALL [static] | Indirect call to absolute memory address |
| 1E0A | 1013EBA4 | .text | CALL [static] | Indirect call to absolute memory address |
| 1E7D | 1013EBA0 | .text | CALL [static] | Indirect call to absolute memory address |
| 1E92 | 1013EBA4 | .text | CALL [static] | Indirect call to absolute memory address |
| 222E | 1013EBA0 | .text | CALL [static] | Indirect call to absolute memory address |
| 223F | 1013EBA4 | .text | CALL [static] | Indirect call to absolute memory address |
| 2266 | 1013EBA0 | .text | JMP [static] | Indirect jump to absolute memory address |
| 240C | 1013EBA0 | .text | CALL [static] | Indirect call to absolute memory address |
| 241B | 1013EBA4 | .text | CALL [static] | Indirect call to absolute memory address |
| 2656 | 1013EBA0 | .text | CALL [static] | Indirect call to absolute memory address |
| 266F | 1013EBA4 | .text | CALL [static] | Indirect call to absolute memory address |
| 26F5 | 1013EBA0 | .text | CALL [static] | Indirect call to absolute memory address |
| 270C | 1013EBA4 | .text | CALL [static] | Indirect call to absolute memory address |
| 27C6 | 1013EBA8 | .text | CALL [static] | Indirect call to absolute memory address |
| 2814 | 1013EB80 | .text | CALL [static] | Indirect call to absolute memory address |
| 2847 | 1013EB90 | .text | CALL [static] | Indirect call to absolute memory address |
| 2900 | 1013EB90 | .text | CALL [static] | Indirect call to absolute memory address |
| 2935 | 1013EB8C | .text | CALL [static] | Indirect call to absolute memory address |
| 293C | 1013EB88 | .text | CALL [static] | Indirect call to absolute memory address |
| 2996 | 1013EB8C | .text | CALL [static] | Indirect call to absolute memory address |
| 299D | 1013EB88 | .text | CALL [static] | Indirect call to absolute memory address |
| 29C9 | 1013EB8C | .text | CALL [static] | Indirect call to absolute memory address |
| 29D0 | 1013EB88 | .text | CALL [static] | Indirect call to absolute memory address |
| 2A04 | 1013EB84 | .text | CALL [static] | Indirect call to absolute memory address |
| 2A66 | 1013EBA4 | .text | JMP [static] | Indirect jump to absolute memory address |
| 2C80 | 1013EBA0 | .text | CALL [static] | Indirect call to absolute memory address |
| 2CA8 | 1013EBA4 | .text | CALL [static] | Indirect call to absolute memory address |
| 2D07 | 1013EB9C | .text | CALL [static] | Indirect call to absolute memory address |
| 2E5A | 1013EBA8 | .text | CALL [static] | Indirect call to absolute memory address |
| 31CF | 1013EB7C | .text | CALL [static] | Indirect call to absolute memory address |
| B1D9 | 100E6124 | .text | CALL [static] | Indirect call to absolute memory address |
| B1FB | 100E640C | .text | CALL [static] | Indirect call to absolute memory address |
| B22D | 100E6408 | .text | CALL [static] | Indirect call to absolute memory address |
| B28B | 100E6430 | .text | CALL [static] | Indirect call to absolute memory address |
| B2BD | 100E642C | .text | CALL [static] | Indirect call to absolute memory address |
| B329 | 100E6124 | .text | CALL [static] | Indirect call to absolute memory address |
| B3BC | 100E6404 | .text | CALL [static] | Indirect call to absolute memory address |
| B3CA | 100E6424 | .text | CALL [static] | Indirect call to absolute memory address |
| B427 | 100E6428 | .text | CALL [static] | Indirect call to absolute memory address |
| B448 | 100E60AC | .text | CALL [static] | Indirect call to absolute memory address |
| B484 | 100E60A4 | .text | CALL [static] | Indirect call to absolute memory address |
| B4B2 | 100E643C | .text | CALL [static] | Indirect call to absolute memory address |
| B503 | 100E6410 | .text | CALL [static] | Indirect call to absolute memory address |
| B537 | 100E6420 | .text | CALL [static] | Indirect call to absolute memory address |
| B548 | 100E6444 | .text | CALL [static] | Indirect call to absolute memory address |
| B588 | 100E6400 | .text | CALL [static] | Indirect call to absolute memory address |
| B599 | 100E60DC | .text | CALL [static] | Indirect call to absolute memory address |
| B5DF | 100E60A4 | .text | CALL [static] | Indirect call to absolute memory address |
| B600 | 100E643C | .text | CALL [static] | Indirect call to absolute memory address |
| B745 | 100E6404 | .text | CALL [static] | Indirect call to absolute memory address |
| B76C | 100E6424 | .text | CALL [static] | Indirect call to absolute memory address |
| B799 | 100E60A8 | .text | CALL [static] | Indirect call to absolute memory address |
| B83C | 100E6418 | .text | CALL [static] | Indirect call to absolute memory address |
| B854 | 100E643C | .text | CALL [static] | Indirect call to absolute memory address |
| B875 | 100E641C | .text | CALL [static] | Indirect call to absolute memory address |
| B898 | 100E6440 | .text | CALL [static] | Indirect call to absolute memory address |
| B92A | 100E6414 | .text | CALL [static] | Indirect call to absolute memory address |
| B95E | 100E60A4 | .text | CALL [static] | Indirect call to absolute memory address |
| BB44 | 100E6468 | .text | CALL [static] | Indirect call to absolute memory address |
| BB99 | 100E60DC | .text | CALL [static] | Indirect call to absolute memory address |
| C1FC | 100E60B4 | .text | CALL [static] | Indirect call to absolute memory address |
| C7AA | 100E60B8 | .text | CALL [static] | Indirect call to absolute memory address |
| C7F2 | 100E60C0 | .text | CALL [static] | Indirect call to absolute memory address |
| C807 | 100E60BC | .text | CALL [static] | Indirect call to absolute memory address |
| C81D | 100E60BC | .text | CALL [static] | Indirect call to absolute memory address |
| C8E7 | 100E60C0 | .text | CALL [static] | Indirect call to absolute memory address |
| C9EE | 100E60B8 | .text | CALL [static] | Indirect call to absolute memory address |
| CD68 | 100E6468 | .text | CALL [static] | Indirect call to absolute memory address |
| CE91 | 100E6460 | .text | CALL [static] | Indirect call to absolute memory address |
| D1BD | 100E6464 | .text | CALL [static] | Indirect call to absolute memory address |
| D476 | 100E60D4 | .text | CALL [static] | Indirect call to absolute memory address |
| D494 | 100E645C | .text | CALL [static] | Indirect call to absolute memory address |
| D4A5 | 100E645C | .text | CALL [static] | Indirect call to absolute memory address |
| D4C0 | 100E6458 | .text | JMP [static] | Indirect jump to absolute memory address |
| D548 | 100E60CC | .text | CALL [static] | Indirect call to absolute memory address |
| D56C | 100E60BC | .text | CALL [static] | Indirect call to absolute memory address |
| D66F | 100E6008 | .text | CALL [static] | Indirect call to absolute memory address |
| D6B7 | 100E6000 | .text | CALL [static] | Indirect call to absolute memory address |
| D6FF | 100E6000 | .text | CALL [static] | Indirect call to absolute memory address |
| D803 | 100E60C8 | .text | CALL [static] | Indirect call to absolute memory address |
| D847 | 100E60D0 | .text | CALL [static] | Indirect call to absolute memory address |
| DA2E | 100E60B8 | .text | CALL [static] | Indirect call to absolute memory address |
| DD33 | 100E61D4 | .text | CALL [static] | Indirect call to absolute memory address |
| E0EA | 100E60D8 | .text | CALL [static] | Indirect call to absolute memory address |
| E369 | 10128800 | .text | JMP [static] | Indirect jump to absolute memory address |
| E379 | 10128804 | .text | JMP [static] | Indirect jump to absolute memory address |
| E389 | 10128808 | .text | JMP [static] | Indirect jump to absolute memory address |
| E399 | 1012880C | .text | JMP [static] | Indirect jump to absolute memory address |
| 23B3-23DF | N/A | .text | Unusual BP Cave, count: 45 |
| 15D67-15D8F | N/A | .text | Unusual BP Cave, count: 41 |
| 2D351-2D36F | N/A | .text | Unusual BP Cave, count: 31 |
| Extra Analysis |
| Metric | Value | Percentage |
|---|---|---|
| Ascii Code | 919104 | 68,4118% |
| Null Byte Code | 128701 | 9,5796% |
© 2026 All rights reserved.