| ofs | hex dump | ascii |
|---|---|---|
| 0000 | 21 3c 61 72 63 68 3e 0a 2f 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 31 35 31 36 31 36 30 38 | !<arch>./...............15161608 |
| 0020 | 39 35 20 20 30 20 20 20 20 20 30 20 20 20 20 20 30 20 20 20 20 20 20 20 36 31 36 20 20 20 20 20 | 95..0.....0.....0.......616..... |
| 0040 | 20 20 60 0a 00 00 00 14 00 00 02 ac 00 00 05 52 00 00 08 68 00 00 08 68 00 00 0b 46 00 00 0b 46 | ..`............R...h...h...F...F |
| 0060 | 00 00 0e 2e 00 00 0e 2e 00 00 11 00 00 00 11 00 00 00 13 e0 00 00 13 e0 00 00 16 bc 00 00 16 bc | ................................ |
| 0080 | 00 00 19 98 00 00 19 98 00 00 1c 74 00 00 1c 74 00 00 1f 4e 00 00 1f 4e 5f 5f 43 5f 5f 55 73 65 | ...........t...t...N...N__C__Use |
| 00a0 | 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 | rs_Peter_Code_winapi_rs_i686_lib |
| 00c0 | 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d 73 69 5f 61 5f 69 6e 61 6d 65 00 5f 5f 68 65 61 64 5f 43 | _libwinapi_amsi_a_iname.__head_C |
| 00e0 | 5f 5f 55 73 65 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 | __Users_Peter_Code_winapi_rs_i68 |
| 0100 | 36 5f 6c 69 62 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d 73 69 5f 61 00 5f 41 6d 73 69 55 6e 69 6e | 6_lib_libwinapi_amsi_a._AmsiUnin |
| 0120 | 69 74 69 61 6c 69 7a 65 40 34 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 55 6e 69 6e 69 74 69 61 6c 69 | itialize@4.__imp__AmsiUninitiali |
| 0140 | 7a 65 40 34 00 5f 41 6d 73 69 55 61 63 55 6e 69 6e 69 74 69 61 6c 69 7a 65 40 34 00 5f 5f 69 6d | ze@4._AmsiUacUninitialize@4.__im |
| 0160 | 70 5f 5f 41 6d 73 69 55 61 63 55 6e 69 6e 69 74 69 61 6c 69 7a 65 40 34 00 5f 41 6d 73 69 55 61 | p__AmsiUacUninitialize@4._AmsiUa |
| 0180 | 63 53 63 61 6e 40 31 36 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 55 61 63 53 63 61 6e 40 31 36 00 5f | cScan@16.__imp__AmsiUacScan@16._ |
| 01a0 | 41 6d 73 69 55 61 63 49 6e 69 74 69 61 6c 69 7a 65 40 34 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 55 | AmsiUacInitialize@4.__imp__AmsiU |
| 01c0 | 61 63 49 6e 69 74 69 61 6c 69 7a 65 40 34 00 5f 41 6d 73 69 53 63 61 6e 53 74 72 69 6e 67 40 32 | acInitialize@4._AmsiScanString@2 |
| 01e0 | 30 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 53 63 61 6e 53 74 72 69 6e 67 40 32 30 00 5f 41 6d 73 69 | 0.__imp__AmsiScanString@20._Amsi |
| 0200 | 53 63 61 6e 42 75 66 66 65 72 40 32 34 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 53 63 61 6e 42 75 66 | ScanBuffer@24.__imp__AmsiScanBuf |
| 0220 | 66 65 72 40 32 34 00 5f 41 6d 73 69 4f 70 65 6e 53 65 73 73 69 6f 6e 40 38 00 5f 5f 69 6d 70 5f | fer@24._AmsiOpenSession@8.__imp_ |
| 0240 | 5f 41 6d 73 69 4f 70 65 6e 53 65 73 73 69 6f 6e 40 38 00 5f 41 6d 73 69 49 6e 69 74 69 61 6c 69 | _AmsiOpenSession@8._AmsiInitiali |
| 0260 | 7a 65 40 38 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 49 6e 69 74 69 61 6c 69 7a 65 40 38 00 5f 41 6d | ze@8.__imp__AmsiInitialize@8._Am |
| 0280 | 73 69 43 6c 6f 73 65 53 65 73 73 69 6f 6e 40 38 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 43 6c 6f 73 | siCloseSession@8.__imp__AmsiClos |
| 02a0 | 65 53 65 73 73 69 6f 6e 40 38 00 00 64 79 69 79 74 2e 6f 2f 20 20 20 20 20 20 20 20 31 35 31 36 | eSession@8..dyiyt.o/........1516 |
| 02c0 | 31 36 30 38 39 35 20 20 30 20 20 20 20 20 30 20 20 20 20 20 31 30 30 36 36 36 20 20 36 31 38 20 | 160895..0.....0.....100666..618. |
| 02e0 | 20 20 20 20 20 20 60 0a 4c 01 06 00 00 00 00 00 18 01 00 00 0f 00 00 00 00 00 05 01 2e 74 65 78 | ......`.L....................tex |
| 0300 | 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | t............................... |
| 0320 | 20 00 30 60 2e 64 61 74 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ..0`.data....................... |
| 0340 | 00 00 00 00 00 00 00 00 40 00 30 c0 2e 62 73 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ........@.0..bss................ |
| 0360 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 30 c0 2e 69 64 61 74 61 24 34 00 00 00 00 | ..................0..idata$4.... |
| 0380 | 00 00 00 00 04 00 00 00 04 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 69 64 61 | ........................@.0..ida |
| 03a0 | 74 61 24 35 00 00 00 00 00 00 00 00 04 00 00 00 08 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ta$5............................ |
| 03c0 | 40 00 30 c0 2e 69 64 61 74 61 24 37 00 00 00 00 00 00 00 00 0c 00 00 00 0c 01 00 00 00 00 00 00 | @.0..idata$7.................... |
| 03e0 | 00 00 00 00 00 00 00 00 40 00 30 c0 00 00 00 00 00 00 00 00 41 6d 73 69 2e 64 6c 6c 00 00 00 00 | ........@.0.........Amsi.dll.... |
| 0400 | 2e 66 69 6c 65 00 00 00 00 00 00 00 fe ff 00 00 67 01 66 61 6b 65 00 00 00 00 00 00 00 00 00 00 | .file...........g.fake.......... |
| 0420 | 00 00 00 00 2e 74 65 78 74 00 00 00 00 00 00 00 01 00 00 00 03 01 00 00 00 00 00 00 00 00 00 00 | .....text....................... |
| 0440 | 00 00 00 00 00 00 00 00 2e 64 61 74 61 00 00 00 00 00 00 00 02 00 00 00 03 01 00 00 00 00 00 00 | .........data................... |
| 0460 | 00 00 00 00 00 00 00 00 00 00 00 00 2e 62 73 73 00 00 00 00 00 00 00 00 03 00 00 00 03 01 00 00 | .............bss................ |
| 0480 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 69 64 61 74 61 24 34 00 00 00 00 04 00 00 00 | .................idata$4........ |
| 04a0 | 03 01 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 69 64 61 74 61 24 35 00 00 00 00 | .....................idata$5.... |
| 04c0 | 05 00 00 00 03 01 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 69 64 61 74 61 24 37 | .........................idata$7 |
| 04e0 | 00 00 00 00 06 00 00 00 03 01 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................................ |
| 0500 | 04 00 00 00 00 00 00 00 06 00 00 00 02 00 44 00 00 00 5f 5f 43 5f 5f 55 73 65 72 73 5f 50 65 74 | ..............D...__C__Users_Pet |
| 0520 | 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 69 | er_Code_winapi_rs_i686_lib_libwi |
| 0540 | 6e 61 70 69 5f 61 6d 73 69 5f 61 5f 69 6e 61 6d 65 00 64 79 69 79 68 2e 6f 2f 20 20 20 20 20 20 | napi_amsi_a_iname.dyiyh.o/...... |
| 0560 | 20 20 31 35 31 36 31 36 30 38 39 35 20 20 30 20 20 20 20 20 30 20 20 20 20 20 31 30 30 36 36 36 | ..1516160895..0.....0.....100666 |
| 0580 | 20 20 37 32 39 20 20 20 20 20 20 20 60 0a 4c 01 06 00 00 00 00 00 36 01 00 00 10 00 00 00 00 00 | ..729.......`.L.......6......... |
| 05a0 | 04 01 2e 74 65 78 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ...text......................... |
| 05c0 | 00 00 00 00 00 00 20 00 30 60 2e 64 61 74 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ........0`.data................. |
| 05e0 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 62 73 73 00 00 00 00 00 00 00 00 00 00 | ..............@.0..bss.......... |
| 0600 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 30 c0 2e 69 64 61 74 61 | ........................0..idata |
| 0620 | 24 32 00 00 00 00 00 00 00 00 14 00 00 00 04 01 00 00 18 01 00 00 00 00 00 00 03 00 00 00 40 00 | $2............................@. |
| 0640 | 30 c0 2e 69 64 61 74 61 24 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | 0..idata$5...................... |
| 0660 | 00 00 00 00 00 00 40 00 30 c0 2e 69 64 61 74 61 24 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ......@.0..idata$4.............. |
| 0680 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ..............@.0............... |
| 06a0 | 00 00 00 00 00 00 00 00 00 00 0c 00 00 00 07 00 0c 00 00 00 0f 00 00 00 07 00 10 00 00 00 0d 00 | ................................ |
| 06c0 | 00 00 07 00 2e 66 69 6c 65 00 00 00 00 00 00 00 fe ff 00 00 67 01 66 61 6b 65 00 00 00 00 00 00 | .....file...........g.fake...... |
| 06e0 | 00 00 00 00 00 00 00 00 68 6e 61 6d 65 00 00 00 00 00 00 00 06 00 00 00 03 00 66 74 68 75 6e 6b | ........hname.............fthunk |
| 0700 | 00 00 00 00 00 00 05 00 00 00 03 00 2e 74 65 78 74 00 00 00 00 00 00 00 01 00 00 00 03 01 00 00 | .............text............... |
| 0720 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 64 61 74 61 00 00 00 00 00 00 00 02 00 00 00 | .................data........... |
| 0740 | 03 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 62 73 73 00 00 00 00 00 00 00 00 | .....................bss........ |
| 0760 | 03 00 00 00 03 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 69 64 61 74 61 24 32 | .........................idata$2 |
| 0780 | 00 00 00 00 04 00 00 00 03 01 14 00 00 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 69 64 61 | .............................ida |
| 07a0 | 74 61 24 34 00 00 00 00 06 00 00 00 03 00 2e 69 64 61 74 61 24 35 00 00 00 00 05 00 00 00 03 00 | ta$4...........idata$5.......... |
| 07c0 | 00 00 00 00 04 00 00 00 00 00 00 00 04 00 00 00 02 00 00 00 00 00 43 00 00 00 00 00 00 00 00 00 | ......................C......... |
| 07e0 | 00 00 02 00 83 00 00 00 5f 5f 68 65 61 64 5f 43 5f 5f 55 73 65 72 73 5f 50 65 74 65 72 5f 43 6f | ........__head_C__Users_Peter_Co |
| 0800 | 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 69 6e 61 70 69 5f | de_winapi_rs_i686_lib_libwinapi_ |
| 0820 | 61 6d 73 69 5f 61 00 5f 5f 43 5f 5f 55 73 65 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 5f 77 69 6e | amsi_a.__C__Users_Peter_Code_win |
| 0840 | 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d 73 69 5f 61 | api_rs_i686_lib_libwinapi_amsi_a |
| 0860 | 5f 69 6e 61 6d 65 00 0a 64 79 69 79 73 30 30 30 30 38 2e 6f 2f 20 20 20 31 35 31 36 31 36 30 38 | _iname..dyiys00008.o/...15161608 |
| 0880 | 39 35 20 20 30 20 20 20 20 20 30 20 20 20 20 20 31 30 30 36 36 36 20 20 36 37 33 20 20 20 20 20 | 95..0.....0.....100666..673..... |
| 08a0 | 20 20 60 0a 4c 01 07 00 00 00 00 00 7c 01 00 00 0a 00 00 00 00 00 04 01 2e 74 65 78 74 00 00 00 | ..`.L.......|............text... |
| 08c0 | 00 00 00 00 00 00 00 00 08 00 00 00 2c 01 00 00 54 01 00 00 00 00 00 00 01 00 00 00 20 00 30 60 | ............,...T.............0` |
| 08e0 | 2e 64 61 74 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | .data........................... |
| 0900 | 00 00 00 00 40 00 30 c0 2e 62 73 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ....@.0..bss.................... |
| 0920 | 00 00 00 00 00 00 00 00 00 00 00 00 80 00 30 c0 2e 69 64 61 74 61 24 37 00 00 00 00 00 00 00 00 | ..............0..idata$7........ |
| 0940 | 04 00 00 00 34 01 00 00 5e 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 35 | ....4...^.............0..idata$5 |
| 0960 | 00 00 00 00 00 00 00 00 04 00 00 00 38 01 00 00 68 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 | ............8...h.............0. |
| 0980 | 2e 69 64 61 74 61 24 34 00 00 00 00 00 00 00 00 04 00 00 00 3c 01 00 00 72 01 00 00 00 00 00 00 | .idata$4............<...r....... |
| 09a0 | 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 36 00 00 00 00 00 00 00 00 14 00 00 00 40 01 00 00 | ......0..idata$6............@... |
| 09c0 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 c0 ff 25 00 00 00 00 90 90 00 00 00 00 00 00 00 00 | .................%.............. |
| 09e0 | 00 00 00 00 08 00 41 6d 73 69 55 6e 69 6e 69 74 69 61 6c 69 7a 65 00 00 02 00 00 00 04 00 00 00 | ......AmsiUninitialize.......... |
| 0a00 | 06 00 00 00 00 00 09 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 | ................................ |
| 0a20 | 2e 74 65 78 74 00 00 00 00 00 00 00 01 00 00 00 03 00 2e 64 61 74 61 00 00 00 00 00 00 00 02 00 | .text..............data......... |
| 0a40 | 00 00 03 00 2e 62 73 73 00 00 00 00 00 00 00 00 03 00 00 00 03 00 2e 69 64 61 74 61 24 37 00 00 | .....bss...............idata$7.. |
| 0a60 | 00 00 04 00 00 00 03 00 2e 69 64 61 74 61 24 35 00 00 00 00 05 00 00 00 03 00 2e 69 64 61 74 61 | .........idata$5...........idata |
| 0a80 | 24 34 00 00 00 00 06 00 00 00 03 00 2e 69 64 61 74 61 24 36 00 00 00 00 07 00 00 00 03 00 00 00 | $4...........idata$6............ |
| 0aa0 | 00 00 04 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 00 00 18 00 00 00 00 00 00 00 05 00 00 00 | ................................ |
| 0ac0 | 02 00 00 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 02 00 71 00 00 00 5f 41 6d 73 69 55 6e 69 | ......2.............q..._AmsiUni |
| 0ae0 | 6e 69 74 69 61 6c 69 7a 65 40 34 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 55 6e 69 6e 69 74 69 61 6c | nitialize@4.__imp__AmsiUninitial |
| 0b00 | 69 7a 65 40 34 00 5f 5f 68 65 61 64 5f 43 5f 5f 55 73 65 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 | ize@4.__head_C__Users_Peter_Code |
| 0b20 | 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d | _winapi_rs_i686_lib_libwinapi_am |
| 0b40 | 73 69 5f 61 00 0a 64 79 69 79 73 30 30 30 30 37 2e 6f 2f 20 20 20 31 35 31 36 31 36 30 38 39 35 | si_a..dyiys00007.o/...1516160895 |
| 0b60 | 20 20 30 20 20 20 20 20 30 20 20 20 20 20 31 30 30 36 36 36 20 20 36 38 33 20 20 20 20 20 20 20 | ..0.....0.....100666..683....... |
| 0b80 | 60 0a 4c 01 07 00 00 00 00 00 80 01 00 00 0a 00 00 00 00 00 04 01 2e 74 65 78 74 00 00 00 00 00 | `.L....................text..... |
| 0ba0 | 00 00 00 00 00 00 08 00 00 00 2c 01 00 00 58 01 00 00 00 00 00 00 01 00 00 00 20 00 30 60 2e 64 | ..........,...X.............0`.d |
| 0bc0 | 61 74 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ata............................. |
| 0be0 | 00 00 40 00 30 c0 2e 62 73 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ..@.0..bss...................... |
| 0c00 | 00 00 00 00 00 00 00 00 00 00 80 00 30 c0 2e 69 64 61 74 61 24 37 00 00 00 00 00 00 00 00 04 00 | ............0..idata$7.......... |
| 0c20 | 00 00 34 01 00 00 62 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 35 00 00 | ..4...b.............0..idata$5.. |
| 0c40 | 00 00 00 00 00 00 04 00 00 00 38 01 00 00 6c 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 | ..........8...l.............0..i |
| 0c60 | 64 61 74 61 24 34 00 00 00 00 00 00 00 00 04 00 00 00 3c 01 00 00 76 01 00 00 00 00 00 00 01 00 | data$4............<...v......... |
| 0c80 | 00 00 00 00 30 c0 2e 69 64 61 74 61 24 36 00 00 00 00 00 00 00 00 16 00 00 00 40 01 00 00 00 00 | ....0..idata$6............@..... |
| 0ca0 | 00 00 00 00 00 00 00 00 00 00 00 00 20 c0 ff 25 00 00 00 00 90 90 00 00 00 00 00 00 00 00 00 00 | ...............%................ |
| 0cc0 | 00 00 07 00 41 6d 73 69 55 61 63 55 6e 69 6e 69 74 69 61 6c 69 7a 65 00 00 00 02 00 00 00 04 00 | ....AmsiUacUninitialize......... |
| 0ce0 | 00 00 06 00 00 00 00 00 09 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 00 00 00 00 06 00 00 00 | ................................ |
| 0d00 | 07 00 2e 74 65 78 74 00 00 00 00 00 00 00 01 00 00 00 03 00 2e 64 61 74 61 00 00 00 00 00 00 00 | ...text..............data....... |
| 0d20 | 02 00 00 00 03 00 2e 62 73 73 00 00 00 00 00 00 00 00 03 00 00 00 03 00 2e 69 64 61 74 61 24 37 | .......bss...............idata$7 |
| 0d40 | 00 00 00 00 04 00 00 00 03 00 2e 69 64 61 74 61 24 35 00 00 00 00 05 00 00 00 03 00 2e 69 64 61 | ...........idata$5...........ida |
| 0d60 | 74 61 24 34 00 00 00 00 06 00 00 00 03 00 2e 69 64 61 74 61 24 36 00 00 00 00 07 00 00 00 03 00 | ta$4...........idata$6.......... |
| 0d80 | 00 00 00 00 04 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 00 00 1b 00 00 00 00 00 00 00 05 00 | ................................ |
| 0da0 | 00 00 02 00 00 00 00 00 38 00 00 00 00 00 00 00 00 00 00 00 02 00 77 00 00 00 5f 41 6d 73 69 55 | ........8.............w..._AmsiU |
| 0dc0 | 61 63 55 6e 69 6e 69 74 69 61 6c 69 7a 65 40 34 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 55 61 63 55 | acUninitialize@4.__imp__AmsiUacU |
| 0de0 | 6e 69 6e 69 74 69 61 6c 69 7a 65 40 34 00 5f 5f 68 65 61 64 5f 43 5f 5f 55 73 65 72 73 5f 50 65 | ninitialize@4.__head_C__Users_Pe |
| 0e00 | 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 | ter_Code_winapi_rs_i686_lib_libw |
| 0e20 | 69 6e 61 70 69 5f 61 6d 73 69 5f 61 00 0a 64 79 69 79 73 30 30 30 30 36 2e 6f 2f 20 20 20 31 35 | inapi_amsi_a..dyiys00006.o/...15 |
| 0e40 | 31 36 31 36 30 38 39 35 20 20 30 20 20 20 20 20 30 20 20 20 20 20 31 30 30 36 36 36 20 20 36 36 | 16160895..0.....0.....100666..66 |
| 0e60 | 31 20 20 20 20 20 20 20 60 0a 4c 01 07 00 00 00 00 00 78 01 00 00 0a 00 00 00 00 00 04 01 2e 74 | 1.......`.L.......x............t |
| 0e80 | 65 78 74 00 00 00 00 00 00 00 00 00 00 00 08 00 00 00 2c 01 00 00 50 01 00 00 00 00 00 00 01 00 | ext...............,...P......... |
| 0ea0 | 00 00 20 00 30 60 2e 64 61 74 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ....0`.data..................... |
| 0ec0 | 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 62 73 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ..........@.0..bss.............. |
| 0ee0 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 30 c0 2e 69 64 61 74 61 24 37 00 00 | ....................0..idata$7.. |
| 0f00 | 00 00 00 00 00 00 04 00 00 00 34 01 00 00 5a 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 | ..........4...Z.............0..i |
| 0f20 | 64 61 74 61 24 35 00 00 00 00 00 00 00 00 04 00 00 00 38 01 00 00 64 01 00 00 00 00 00 00 01 00 | data$5............8...d......... |
| 0f40 | 00 00 00 00 30 c0 2e 69 64 61 74 61 24 34 00 00 00 00 00 00 00 00 04 00 00 00 3c 01 00 00 6e 01 | ....0..idata$4............<...n. |
| 0f60 | 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 36 00 00 00 00 00 00 00 00 0e 00 | ............0..idata$6.......... |
| 0f80 | 00 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 c0 ff 25 00 00 00 00 90 90 00 00 | ..@....................%........ |
| 0fa0 | 00 00 00 00 00 00 00 00 00 00 06 00 41 6d 73 69 55 61 63 53 63 61 6e 00 00 00 02 00 00 00 04 00 | ............AmsiUacScan......... |
| 0fc0 | 00 00 06 00 00 00 00 00 09 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 00 00 00 00 06 00 00 00 | ................................ |
| 0fe0 | 07 00 2e 74 65 78 74 00 00 00 00 00 00 00 01 00 00 00 03 00 2e 64 61 74 61 00 00 00 00 00 00 00 | ...text..............data....... |
| 1000 | 02 00 00 00 03 00 2e 62 73 73 00 00 00 00 00 00 00 00 03 00 00 00 03 00 2e 69 64 61 74 61 24 37 | .......bss...............idata$7 |
| 1020 | 00 00 00 00 04 00 00 00 03 00 2e 69 64 61 74 61 24 35 00 00 00 00 05 00 00 00 03 00 2e 69 64 61 | ...........idata$5...........ida |
| 1040 | 74 61 24 34 00 00 00 00 06 00 00 00 03 00 2e 69 64 61 74 61 24 36 00 00 00 00 07 00 00 00 03 00 | ta$4...........idata$6.......... |
| 1060 | 00 00 00 00 04 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 00 00 14 00 00 00 00 00 00 00 05 00 | ................................ |
| 1080 | 00 00 02 00 00 00 00 00 2a 00 00 00 00 00 00 00 00 00 00 00 02 00 69 00 00 00 5f 41 6d 73 69 55 | ........*.............i..._AmsiU |
| 10a0 | 61 63 53 63 61 6e 40 31 36 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 55 61 63 53 63 61 6e 40 31 36 00 | acScan@16.__imp__AmsiUacScan@16. |
| 10c0 | 5f 5f 68 65 61 64 5f 43 5f 5f 55 73 65 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 | __head_C__Users_Peter_Code_winap |
| 10e0 | 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d 73 69 5f 61 00 0a | i_rs_i686_lib_libwinapi_amsi_a.. |
| 1100 | 64 79 69 79 73 30 30 30 30 35 2e 6f 2f 20 20 20 31 35 31 36 31 36 30 38 39 35 20 20 30 20 20 20 | dyiys00005.o/...1516160895..0... |
| 1120 | 20 20 30 20 20 20 20 20 31 30 30 36 36 36 20 20 36 37 35 20 20 20 20 20 20 20 60 0a 4c 01 07 00 | ..0.....100666..675.......`.L... |
| 1140 | 00 00 00 00 7c 01 00 00 0a 00 00 00 00 00 04 01 2e 74 65 78 74 00 00 00 00 00 00 00 00 00 00 00 | ....|............text........... |
| 1160 | 08 00 00 00 2c 01 00 00 54 01 00 00 00 00 00 00 01 00 00 00 20 00 30 60 2e 64 61 74 61 00 00 00 | ....,...T.............0`.data... |
| 1180 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 | ............................@.0. |
| 11a0 | 2e 62 73 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | .bss............................ |
| 11c0 | 00 00 00 00 80 00 30 c0 2e 69 64 61 74 61 24 37 00 00 00 00 00 00 00 00 04 00 00 00 34 01 00 00 | ......0..idata$7............4... |
| 11e0 | 5e 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 35 00 00 00 00 00 00 00 00 | ^.............0..idata$5........ |
| 1200 | 04 00 00 00 38 01 00 00 68 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 34 | ....8...h.............0..idata$4 |
| 1220 | 00 00 00 00 00 00 00 00 04 00 00 00 3c 01 00 00 72 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 | ............<...r.............0. |
| 1240 | 2e 69 64 61 74 61 24 36 00 00 00 00 00 00 00 00 14 00 00 00 40 01 00 00 00 00 00 00 00 00 00 00 | .idata$6............@........... |
| 1260 | 00 00 00 00 00 00 20 c0 ff 25 00 00 00 00 90 90 00 00 00 00 00 00 00 00 00 00 00 00 05 00 41 6d | .........%....................Am |
| 1280 | 73 69 55 61 63 49 6e 69 74 69 61 6c 69 7a 65 00 02 00 00 00 04 00 00 00 06 00 00 00 00 00 09 00 | siUacInitialize................. |
| 12a0 | 00 00 07 00 00 00 00 00 06 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 2e 74 65 78 74 00 00 00 | .........................text... |
| 12c0 | 00 00 00 00 01 00 00 00 03 00 2e 64 61 74 61 00 00 00 00 00 00 00 02 00 00 00 03 00 2e 62 73 73 | ...........data..............bss |
| 12e0 | 00 00 00 00 00 00 00 00 03 00 00 00 03 00 2e 69 64 61 74 61 24 37 00 00 00 00 04 00 00 00 03 00 | ...............idata$7.......... |
| 1300 | 2e 69 64 61 74 61 24 35 00 00 00 00 05 00 00 00 03 00 2e 69 64 61 74 61 24 34 00 00 00 00 06 00 | .idata$5...........idata$4...... |
| 1320 | 00 00 03 00 2e 69 64 61 74 61 24 36 00 00 00 00 07 00 00 00 03 00 00 00 00 00 04 00 00 00 00 00 | .....idata$6.................... |
| 1340 | 00 00 01 00 00 00 02 00 00 00 00 00 19 00 00 00 00 00 00 00 05 00 00 00 02 00 00 00 00 00 34 00 | ..............................4. |
| 1360 | 00 00 00 00 00 00 00 00 00 00 02 00 73 00 00 00 5f 41 6d 73 69 55 61 63 49 6e 69 74 69 61 6c 69 | ............s..._AmsiUacInitiali |
| 1380 | 7a 65 40 34 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 55 61 63 49 6e 69 74 69 61 6c 69 7a 65 40 34 00 | ze@4.__imp__AmsiUacInitialize@4. |
| 13a0 | 5f 5f 68 65 61 64 5f 43 5f 5f 55 73 65 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 | __head_C__Users_Peter_Code_winap |
| 13c0 | 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d 73 69 5f 61 00 0a | i_rs_i686_lib_libwinapi_amsi_a.. |
| 13e0 | 64 79 69 79 73 30 30 30 30 34 2e 6f 2f 20 20 20 31 35 31 36 31 36 30 38 39 35 20 20 30 20 20 20 | dyiys00004.o/...1516160895..0... |
| 1400 | 20 20 30 20 20 20 20 20 31 30 30 36 36 36 20 20 36 37 31 20 20 20 20 20 20 20 60 0a 4c 01 07 00 | ..0.....100666..671.......`.L... |
| 1420 | 00 00 00 00 7c 01 00 00 0a 00 00 00 00 00 04 01 2e 74 65 78 74 00 00 00 00 00 00 00 00 00 00 00 | ....|............text........... |
| 1440 | 08 00 00 00 2c 01 00 00 54 01 00 00 00 00 00 00 01 00 00 00 20 00 30 60 2e 64 61 74 61 00 00 00 | ....,...T.............0`.data... |
| 1460 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 | ............................@.0. |
| 1480 | 2e 62 73 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | .bss............................ |
| 14a0 | 00 00 00 00 80 00 30 c0 2e 69 64 61 74 61 24 37 00 00 00 00 00 00 00 00 04 00 00 00 34 01 00 00 | ......0..idata$7............4... |
| 14c0 | 5e 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 35 00 00 00 00 00 00 00 00 | ^.............0..idata$5........ |
| 14e0 | 04 00 00 00 38 01 00 00 68 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 34 | ....8...h.............0..idata$4 |
| 1500 | 00 00 00 00 00 00 00 00 04 00 00 00 3c 01 00 00 72 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 | ............<...r.............0. |
| 1520 | 2e 69 64 61 74 61 24 36 00 00 00 00 00 00 00 00 12 00 00 00 40 01 00 00 00 00 00 00 00 00 00 00 | .idata$6............@........... |
| 1540 | 00 00 00 00 00 00 20 c0 ff 25 00 00 00 00 90 90 00 00 00 00 00 00 00 00 00 00 00 00 04 00 41 6d | .........%....................Am |
| 1560 | 73 69 53 63 61 6e 53 74 72 69 6e 67 00 00 00 00 02 00 00 00 04 00 00 00 06 00 00 00 00 00 09 00 | siScanString.................... |
| 1580 | 00 00 07 00 00 00 00 00 06 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 2e 74 65 78 74 00 00 00 | .........................text... |
| 15a0 | 00 00 00 00 01 00 00 00 03 00 2e 64 61 74 61 00 00 00 00 00 00 00 02 00 00 00 03 00 2e 62 73 73 | ...........data..............bss |
| 15c0 | 00 00 00 00 00 00 00 00 03 00 00 00 03 00 2e 69 64 61 74 61 24 37 00 00 00 00 04 00 00 00 03 00 | ...............idata$7.......... |
| 15e0 | 2e 69 64 61 74 61 24 35 00 00 00 00 05 00 00 00 03 00 2e 69 64 61 74 61 24 34 00 00 00 00 06 00 | .idata$5...........idata$4...... |
| 1600 | 00 00 03 00 2e 69 64 61 74 61 24 36 00 00 00 00 07 00 00 00 03 00 00 00 00 00 04 00 00 00 00 00 | .....idata$6.................... |
| 1620 | 00 00 01 00 00 00 02 00 00 00 00 00 17 00 00 00 00 00 00 00 05 00 00 00 02 00 00 00 00 00 30 00 | ..............................0. |
| 1640 | 00 00 00 00 00 00 00 00 00 00 02 00 6f 00 00 00 5f 41 6d 73 69 53 63 61 6e 53 74 72 69 6e 67 40 | ............o..._AmsiScanString@ |
| 1660 | 32 30 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 53 63 61 6e 53 74 72 69 6e 67 40 32 30 00 5f 5f 68 65 | 20.__imp__AmsiScanString@20.__he |
| 1680 | 61 64 5f 43 5f 5f 55 73 65 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 | ad_C__Users_Peter_Code_winapi_rs |
| 16a0 | 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d 73 69 5f 61 00 0a 64 79 69 79 | _i686_lib_libwinapi_amsi_a..dyiy |
| 16c0 | 73 30 30 30 30 33 2e 6f 2f 20 20 20 31 35 31 36 31 36 30 38 39 35 20 20 30 20 20 20 20 20 30 20 | s00003.o/...1516160895..0.....0. |
| 16e0 | 20 20 20 20 31 30 30 36 36 36 20 20 36 37 31 20 20 20 20 20 20 20 60 0a 4c 01 07 00 00 00 00 00 | ....100666..671.......`.L....... |
| 1700 | 7c 01 00 00 0a 00 00 00 00 00 04 01 2e 74 65 78 74 00 00 00 00 00 00 00 00 00 00 00 08 00 00 00 | |............text............... |
| 1720 | 2c 01 00 00 54 01 00 00 00 00 00 00 01 00 00 00 20 00 30 60 2e 64 61 74 61 00 00 00 00 00 00 00 | ,...T.............0`.data....... |
| 1740 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 62 73 73 | ........................@.0..bss |
| 1760 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ................................ |
| 1780 | 80 00 30 c0 2e 69 64 61 74 61 24 37 00 00 00 00 00 00 00 00 04 00 00 00 34 01 00 00 5e 01 00 00 | ..0..idata$7............4...^... |
| 17a0 | 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 35 00 00 00 00 00 00 00 00 04 00 00 00 | ..........0..idata$5............ |
| 17c0 | 38 01 00 00 68 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 34 00 00 00 00 | 8...h.............0..idata$4.... |
| 17e0 | 00 00 00 00 04 00 00 00 3c 01 00 00 72 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 | ........<...r.............0..ida |
| 1800 | 74 61 24 36 00 00 00 00 00 00 00 00 12 00 00 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ta$6............@............... |
| 1820 | 00 00 20 c0 ff 25 00 00 00 00 90 90 00 00 00 00 00 00 00 00 00 00 00 00 03 00 41 6d 73 69 53 63 | .....%....................AmsiSc |
| 1840 | 61 6e 42 75 66 66 65 72 00 00 00 00 02 00 00 00 04 00 00 00 06 00 00 00 00 00 09 00 00 00 07 00 | anBuffer........................ |
| 1860 | 00 00 00 00 06 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 2e 74 65 78 74 00 00 00 00 00 00 00 | .....................text....... |
| 1880 | 01 00 00 00 03 00 2e 64 61 74 61 00 00 00 00 00 00 00 02 00 00 00 03 00 2e 62 73 73 00 00 00 00 | .......data..............bss.... |
| 18a0 | 00 00 00 00 03 00 00 00 03 00 2e 69 64 61 74 61 24 37 00 00 00 00 04 00 00 00 03 00 2e 69 64 61 | ...........idata$7...........ida |
| 18c0 | 74 61 24 35 00 00 00 00 05 00 00 00 03 00 2e 69 64 61 74 61 24 34 00 00 00 00 06 00 00 00 03 00 | ta$5...........idata$4.......... |
| 18e0 | 2e 69 64 61 74 61 24 36 00 00 00 00 07 00 00 00 03 00 00 00 00 00 04 00 00 00 00 00 00 00 01 00 | .idata$6........................ |
| 1900 | 00 00 02 00 00 00 00 00 17 00 00 00 00 00 00 00 05 00 00 00 02 00 00 00 00 00 30 00 00 00 00 00 | ..........................0..... |
| 1920 | 00 00 00 00 00 00 02 00 6f 00 00 00 5f 41 6d 73 69 53 63 61 6e 42 75 66 66 65 72 40 32 34 00 5f | ........o..._AmsiScanBuffer@24._ |
| 1940 | 5f 69 6d 70 5f 5f 41 6d 73 69 53 63 61 6e 42 75 66 66 65 72 40 32 34 00 5f 5f 68 65 61 64 5f 43 | _imp__AmsiScanBuffer@24.__head_C |
| 1960 | 5f 5f 55 73 65 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 | __Users_Peter_Code_winapi_rs_i68 |
| 1980 | 36 5f 6c 69 62 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d 73 69 5f 61 00 0a 64 79 69 79 73 30 30 30 | 6_lib_libwinapi_amsi_a..dyiys000 |
| 19a0 | 30 32 2e 6f 2f 20 20 20 31 35 31 36 31 36 30 38 39 35 20 20 30 20 20 20 20 20 30 20 20 20 20 20 | 02.o/...1516160895..0.....0..... |
| 19c0 | 31 30 30 36 36 36 20 20 36 37 31 20 20 20 20 20 20 20 60 0a 4c 01 07 00 00 00 00 00 7c 01 00 00 | 100666..671.......`.L.......|... |
| 19e0 | 0a 00 00 00 00 00 04 01 2e 74 65 78 74 00 00 00 00 00 00 00 00 00 00 00 08 00 00 00 2c 01 00 00 | .........text...............,... |
| 1a00 | 54 01 00 00 00 00 00 00 01 00 00 00 20 00 30 60 2e 64 61 74 61 00 00 00 00 00 00 00 00 00 00 00 | T.............0`.data........... |
| 1a20 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 62 73 73 00 00 00 00 | ....................@.0..bss.... |
| 1a40 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 30 c0 | ..............................0. |
| 1a60 | 2e 69 64 61 74 61 24 37 00 00 00 00 00 00 00 00 04 00 00 00 34 01 00 00 5e 01 00 00 00 00 00 00 | .idata$7............4...^....... |
| 1a80 | 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 35 00 00 00 00 00 00 00 00 04 00 00 00 38 01 00 00 | ......0..idata$5............8... |
| 1aa0 | 68 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 34 00 00 00 00 00 00 00 00 | h.............0..idata$4........ |
| 1ac0 | 04 00 00 00 3c 01 00 00 72 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 36 | ....<...r.............0..idata$6 |
| 1ae0 | 00 00 00 00 00 00 00 00 12 00 00 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 c0 | ............@................... |
| 1b00 | ff 25 00 00 00 00 90 90 00 00 00 00 00 00 00 00 00 00 00 00 02 00 41 6d 73 69 4f 70 65 6e 53 65 | .%....................AmsiOpenSe |
| 1b20 | 73 73 69 6f 6e 00 00 00 02 00 00 00 04 00 00 00 06 00 00 00 00 00 09 00 00 00 07 00 00 00 00 00 | ssion........................... |
| 1b40 | 06 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 2e 74 65 78 74 00 00 00 00 00 00 00 01 00 00 00 | .................text........... |
| 1b60 | 03 00 2e 64 61 74 61 00 00 00 00 00 00 00 02 00 00 00 03 00 2e 62 73 73 00 00 00 00 00 00 00 00 | ...data..............bss........ |
| 1b80 | 03 00 00 00 03 00 2e 69 64 61 74 61 24 37 00 00 00 00 04 00 00 00 03 00 2e 69 64 61 74 61 24 35 | .......idata$7...........idata$5 |
| 1ba0 | 00 00 00 00 05 00 00 00 03 00 2e 69 64 61 74 61 24 34 00 00 00 00 06 00 00 00 03 00 2e 69 64 61 | ...........idata$4...........ida |
| 1bc0 | 74 61 24 36 00 00 00 00 07 00 00 00 03 00 00 00 00 00 04 00 00 00 00 00 00 00 01 00 00 00 02 00 | ta$6............................ |
| 1be0 | 00 00 00 00 17 00 00 00 00 00 00 00 05 00 00 00 02 00 00 00 00 00 30 00 00 00 00 00 00 00 00 00 | ......................0......... |
| 1c00 | 00 00 02 00 6f 00 00 00 5f 41 6d 73 69 4f 70 65 6e 53 65 73 73 69 6f 6e 40 38 00 5f 5f 69 6d 70 | ....o..._AmsiOpenSession@8.__imp |
| 1c20 | 5f 5f 41 6d 73 69 4f 70 65 6e 53 65 73 73 69 6f 6e 40 38 00 5f 5f 68 65 61 64 5f 43 5f 5f 55 73 | __AmsiOpenSession@8.__head_C__Us |
| 1c40 | 65 72 73 5f 50 65 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 | ers_Peter_Code_winapi_rs_i686_li |
| 1c60 | 62 5f 6c 69 62 77 69 6e 61 70 69 5f 61 6d 73 69 5f 61 00 0a 64 79 69 79 73 30 30 30 30 31 2e 6f | b_libwinapi_amsi_a..dyiys00001.o |
| 1c80 | 2f 20 20 20 31 35 31 36 31 36 30 38 39 35 20 20 30 20 20 20 20 20 30 20 20 20 20 20 31 30 30 36 | /...1516160895..0.....0.....1006 |
| 1ca0 | 36 36 20 20 36 36 39 20 20 20 20 20 20 20 60 0a 4c 01 07 00 00 00 00 00 7c 01 00 00 0a 00 00 00 | 66..669.......`.L.......|....... |
| 1cc0 | 00 00 04 01 2e 74 65 78 74 00 00 00 00 00 00 00 00 00 00 00 08 00 00 00 2c 01 00 00 54 01 00 00 | .....text...............,...T... |
| 1ce0 | 00 00 00 00 01 00 00 00 20 00 30 60 2e 64 61 74 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ..........0`.data............... |
| 1d00 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 62 73 73 00 00 00 00 00 00 00 00 | ................@.0..bss........ |
| 1d20 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 30 c0 2e 69 64 61 | ..........................0..ida |
| 1d40 | 74 61 24 37 00 00 00 00 00 00 00 00 04 00 00 00 34 01 00 00 5e 01 00 00 00 00 00 00 01 00 00 00 | ta$7............4...^........... |
| 1d60 | 00 00 30 c0 2e 69 64 61 74 61 24 35 00 00 00 00 00 00 00 00 04 00 00 00 38 01 00 00 68 01 00 00 | ..0..idata$5............8...h... |
| 1d80 | 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 34 00 00 00 00 00 00 00 00 04 00 00 00 | ..........0..idata$4............ |
| 1da0 | 3c 01 00 00 72 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 36 00 00 00 00 | <...r.............0..idata$6.... |
| 1dc0 | 00 00 00 00 12 00 00 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 c0 ff 25 00 00 | ........@....................%.. |
| 1de0 | 00 00 90 90 00 00 00 00 00 00 00 00 00 00 00 00 01 00 41 6d 73 69 49 6e 69 74 69 61 6c 69 7a 65 | ..................AmsiInitialize |
| 1e00 | 00 00 00 00 02 00 00 00 04 00 00 00 06 00 00 00 00 00 09 00 00 00 07 00 00 00 00 00 06 00 00 00 | ................................ |
| 1e20 | 07 00 00 00 00 00 06 00 00 00 07 00 2e 74 65 78 74 00 00 00 00 00 00 00 01 00 00 00 03 00 2e 64 | .............text..............d |
| 1e40 | 61 74 61 00 00 00 00 00 00 00 02 00 00 00 03 00 2e 62 73 73 00 00 00 00 00 00 00 00 03 00 00 00 | ata..............bss............ |
| 1e60 | 03 00 2e 69 64 61 74 61 24 37 00 00 00 00 04 00 00 00 03 00 2e 69 64 61 74 61 24 35 00 00 00 00 | ...idata$7...........idata$5.... |
| 1e80 | 05 00 00 00 03 00 2e 69 64 61 74 61 24 34 00 00 00 00 06 00 00 00 03 00 2e 69 64 61 74 61 24 36 | .......idata$4...........idata$6 |
| 1ea0 | 00 00 00 00 07 00 00 00 03 00 00 00 00 00 04 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 00 00 | ................................ |
| 1ec0 | 16 00 00 00 00 00 00 00 05 00 00 00 02 00 00 00 00 00 2e 00 00 00 00 00 00 00 00 00 00 00 02 00 | ................................ |
| 1ee0 | 6d 00 00 00 5f 41 6d 73 69 49 6e 69 74 69 61 6c 69 7a 65 40 38 00 5f 5f 69 6d 70 5f 5f 41 6d 73 | m..._AmsiInitialize@8.__imp__Ams |
| 1f00 | 69 49 6e 69 74 69 61 6c 69 7a 65 40 38 00 5f 5f 68 65 61 64 5f 43 5f 5f 55 73 65 72 73 5f 50 65 | iInitialize@8.__head_C__Users_Pe |
| 1f20 | 74 65 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 | ter_Code_winapi_rs_i686_lib_libw |
| 1f40 | 69 6e 61 70 69 5f 61 6d 73 69 5f 61 00 0a 64 79 69 79 73 30 30 30 30 30 2e 6f 2f 20 20 20 31 35 | inapi_amsi_a..dyiys00000.o/...15 |
| 1f60 | 31 36 31 36 30 38 39 35 20 20 30 20 20 20 20 20 30 20 20 20 20 20 31 30 30 36 36 36 20 20 36 37 | 16160895..0.....0.....100666..67 |
| 1f80 | 33 20 20 20 20 20 20 20 60 0a 4c 01 07 00 00 00 00 00 7c 01 00 00 0a 00 00 00 00 00 04 01 2e 74 | 3.......`.L.......|............t |
| 1fa0 | 65 78 74 00 00 00 00 00 00 00 00 00 00 00 08 00 00 00 2c 01 00 00 54 01 00 00 00 00 00 00 01 00 | ext...............,...T......... |
| 1fc0 | 00 00 20 00 30 60 2e 64 61 74 61 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ....0`.data..................... |
| 1fe0 | 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 62 73 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ..........@.0..bss.............. |
| 2000 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 30 c0 2e 69 64 61 74 61 24 37 00 00 | ....................0..idata$7.. |
| 2020 | 00 00 00 00 00 00 04 00 00 00 34 01 00 00 5e 01 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 | ..........4...^.............0..i |
| 2040 | 64 61 74 61 24 35 00 00 00 00 00 00 00 00 04 00 00 00 38 01 00 00 68 01 00 00 00 00 00 00 01 00 | data$5............8...h......... |
| 2060 | 00 00 00 00 30 c0 2e 69 64 61 74 61 24 34 00 00 00 00 00 00 00 00 04 00 00 00 3c 01 00 00 72 01 | ....0..idata$4............<...r. |
| 2080 | 00 00 00 00 00 00 01 00 00 00 00 00 30 c0 2e 69 64 61 74 61 24 36 00 00 00 00 00 00 00 00 14 00 | ............0..idata$6.......... |
| 20a0 | 00 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 c0 ff 25 00 00 00 00 90 90 00 00 | ..@....................%........ |
| 20c0 | 00 00 00 00 00 00 00 00 00 00 00 00 41 6d 73 69 43 6c 6f 73 65 53 65 73 73 69 6f 6e 00 00 02 00 | ............AmsiCloseSession.... |
| 20e0 | 00 00 04 00 00 00 06 00 00 00 00 00 09 00 00 00 07 00 00 00 00 00 06 00 00 00 07 00 00 00 00 00 | ................................ |
| 2100 | 06 00 00 00 07 00 2e 74 65 78 74 00 00 00 00 00 00 00 01 00 00 00 03 00 2e 64 61 74 61 00 00 00 | .......text..............data... |
| 2120 | 00 00 00 00 02 00 00 00 03 00 2e 62 73 73 00 00 00 00 00 00 00 00 03 00 00 00 03 00 2e 69 64 61 | ...........bss...............ida |
| 2140 | 74 61 24 37 00 00 00 00 04 00 00 00 03 00 2e 69 64 61 74 61 24 35 00 00 00 00 05 00 00 00 03 00 | ta$7...........idata$5.......... |
| 2160 | 2e 69 64 61 74 61 24 34 00 00 00 00 06 00 00 00 03 00 2e 69 64 61 74 61 24 36 00 00 00 00 07 00 | .idata$4...........idata$6...... |
| 2180 | 00 00 03 00 00 00 00 00 04 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 00 00 18 00 00 00 00 00 | ................................ |
| 21a0 | 00 00 05 00 00 00 02 00 00 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 02 00 71 00 00 00 5f 41 | ............2.............q..._A |
| 21c0 | 6d 73 69 43 6c 6f 73 65 53 65 73 73 69 6f 6e 40 38 00 5f 5f 69 6d 70 5f 5f 41 6d 73 69 43 6c 6f | msiCloseSession@8.__imp__AmsiClo |
| 21e0 | 73 65 53 65 73 73 69 6f 6e 40 38 00 5f 5f 68 65 61 64 5f 43 5f 5f 55 73 65 72 73 5f 50 65 74 65 | seSession@8.__head_C__Users_Pete |
| 2200 | 72 5f 43 6f 64 65 5f 77 69 6e 61 70 69 5f 72 73 5f 69 36 38 36 5f 6c 69 62 5f 6c 69 62 77 69 6e | r_Code_winapi_rs_i686_lib_libwin |
| 2220 | 61 70 69 5f 61 6d 73 69 5f 61 00 0a | api_amsi_a.. |
 |
index : firefox-esr | |
| debian 12 backports: mozilla | Progress Linux |
| summaryrefslogtreecommitdiffstats |
blob: 971e59798cd5338199b211b54a46837de8630135 (plain)