[
{
"exe_name": "notepad",
"basic_info": {
"target_arch": "X86_64",
"subsystem": "Windows",
"entry_point": 6576,
"image_base": 5368709120,
"section_count": 8,
"file_size": 360448
},
"export_count": 0,
"import_count": 315,
"section_count": 8,
"sample_exports": [],
"sample_imports": [
"SetMapMode",
"SetViewportExtEx",
"SetWindowExtEx",
"LPtoDP",
"SetBkMode",
"GetTextMetricsW",
"TextOutW",
"AbortDoc",
"EndDoc",
"SetAbortProc",
"StartDocW",
"StartPage",
"CreateDCW",
"EnumFontsW",
"GetTextFaceW",
"GetDeviceCaps",
"DeleteDC",
"DeleteObject",
"SetBkColor",
"CreateSolidBrush"
],
"section_names": [
".text",
"fothk",
".rdata",
".data",
".pdata",
".didat",
".rsrc",
".reloc"
],
"linker_version": "14.38",
"os_version": "10.0",
"image_version": "10.0",
"subsystem_version": "10.0",
"checksum": 418294,
"dll_characteristics": 49504,
"stack_reserve_size": 524288,
"stack_commit_size": 69632,
"heap_reserve_size": 1048576,
"heap_commit_size": 4096,
"code_size": 163840,
"initialized_data_size": 200704,
"uninitialized_data_size": 0,
"analysis_success": true
},
{
"exe_name": "calc",
"basic_info": {
"target_arch": "X86_64",
"subsystem": "Windows",
"entry_point": 5952,
"image_base": 5368709120,
"section_count": 7,
"file_size": 49152
},
"export_count": 0,
"import_count": 34,
"section_count": 7,
"sample_exports": [],
"sample_imports": [
"ShellExecuteW",
"GetCurrentThreadId",
"GetSystemTimeAsFileTime",
"GetTickCount",
"RtlCaptureContext",
"GetCurrentProcessId",
"RtlVirtualUnwind",
"UnhandledExceptionFilter",
"SetUnhandledExceptionFilter",
"GetCurrentProcess",
"TerminateProcess",
"QueryPerformanceCounter",
"RtlLookupFunctionEntry",
"__setusermatherr",
"_initterm",
"__C_specific_handler",
"memset",
"_wcmdln",
"_fmode",
"_commode"
],
"section_names": [
".text",
"fothk",
".rdata",
".data",
".pdata",
".rsrc",
".reloc"
],
"linker_version": "14.38",
"os_version": "10.0",
"image_version": "10.0",
"subsystem_version": "10.0",
"checksum": 90741,
"dll_characteristics": 49504,
"stack_reserve_size": 524288,
"stack_commit_size": 8192,
"heap_reserve_size": 1048576,
"heap_commit_size": 4096,
"code_size": 8192,
"initialized_data_size": 36864,
"uninitialized_data_size": 0,
"analysis_success": true
},
{
"exe_name": "cmd",
"basic_info": {
"target_arch": "X86_64",
"subsystem": "Console",
"entry_point": 162928,
"image_base": 5368709120,
"section_count": 8,
"file_size": 339968
},
"export_count": 0,
"import_count": 286,
"section_count": 8,
"sample_exports": [],
"sample_imports": [
"wcscmp",
"wcsncmp",
"memset",
"wcsspn",
"_time32",
"_initterm",
"_initterm_e",
"_register_thread_local_exe_atexit_callback",
"_c_exit",
"_o__get_initial_narrow_environment",
"_o__get_osfhandle",
"_o__getch",
"_o__initialize_narrow_environment",
"_o__initialize_onexit_table",
"_o__invalid_parameter_noinfo",
"_o__open_osfhandle",
"_o__pclose",
"_o__pipe",
"_o__purecall",
"_o__register_onexit_function"
],
"section_names": [
".text",
"fothk",
".rdata",
".data",
".pdata",
".didat",
".rsrc",
".reloc"
],
"linker_version": "14.38",
"os_version": "10.0",
"image_version": "10.0",
"subsystem_version": "10.0",
"checksum": 399297,
"dll_characteristics": 49504,
"stack_reserve_size": 1048576,
"stack_commit_size": 1032192,
"heap_reserve_size": 1048576,
"heap_commit_size": 4096,
"code_size": 233472,
"initialized_data_size": 217088,
"uninitialized_data_size": 0,
"analysis_success": true
},
{
"exe_name": "powershell",
"basic_info": {
"target_arch": "X86_64",
"subsystem": "Console",
"entry_point": 21760,
"image_base": 5368709120,
"section_count": 7,
"file_size": 454656
},
"export_count": 0,
"import_count": 133,
"section_count": 7,
"sample_exports": [],
"sample_imports": [
"_unlock",
"_lock",
"_commode",
"_fmode",
"_initterm",
"__setusermatherr",
"_cexit",
"_exit",
"exit",
"__set_app_type",
"__wgetmainargs",
"__CxxFrameHandler4",
"__dllonexit",
"_amsg_exit",
"_onexit",
"?terminate↯↯YAXXZ",
"_vsnwprintf",
"_wcsicmp",
"_wcsnicmp",
"fclose"
],
"section_names": [
".text",
"fothk",
".rdata",
".data",
".pdata",
".rsrc",
".reloc"
],
"linker_version": "14.38",
"os_version": "10.0",
"image_version": "10.0",
"subsystem_version": "10.0",
"checksum": 498581,
"dll_characteristics": 49504,
"stack_reserve_size": 524288,
"stack_commit_size": 8192,
"heap_reserve_size": 1048576,
"heap_commit_size": 4096,
"code_size": 45056,
"initialized_data_size": 405504,
"uninitialized_data_size": 0,
"analysis_success": true
},
{
"exe_name": "explorer",
"basic_info": {
"target_arch": "X86_64",
"subsystem": "Windows",
"entry_point": 750320,
"image_base": 5368709120,
"section_count": 9,
"file_size": 3191352
},
"export_count": 1,
"import_count": 778,
"section_count": 9,
"sample_exports": [
"g_trayTriageBlock"
],
"sample_imports": [
"?_Syserror_map↯std↯↯YAPEBDH↯Z",
"?_ReportUnobservedException↯details↯Concurrency↯↯YAXXZ",
"?_Pninc↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯IEAAPEAGXZ",
"?xsputn↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯MEAA_JPEBG_J↯Z",
"?pptr↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯IEBAPEAGXZ",
"?sync↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯MEAAHXZ",
"?_Unlock↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯UEAAXXZ",
"?_Lock↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯UEAAXXZ",
"?_Winerror_map↯std↯↯YAHH↯Z",
"??1?$basic_ios↯GU?$char_traits↯G↯std↯↯↯std↯↯UEAA↯XZ",
"?_Xinvalid_argument↯std↯↯YAXPEBD↯Z",
"?gptr↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯IEBAPEAGXZ",
"?gbump↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯IEAAXH↯Z",
"??1?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯UEAA↯XZ",
"?uflow↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯MEAAGXZ",
"_Cnd_unregister_at_thread_exit",
"_Cnd_broadcast",
"?showmanyc↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯MEAA_JXZ",
"?xsgetn↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯MEAA_JPEAG_J↯Z",
"?setbuf↯?$basic_streambuf↯GU?$char_traits↯G↯std↯↯↯std↯↯MEAAPEAV12↯PEAG_J↯Z"
],
"section_names": [
".text",
"fothk",
".imrsiv",
".rdata",
".data",
".pdata",
".didat",
".rsrc",
".reloc"
],
"linker_version": "14.38",
"os_version": "10.0",
"image_version": "10.0",
"subsystem_version": "10.0",
"checksum": 3203375,
"dll_characteristics": 49600,
"stack_reserve_size": 524288,
"stack_commit_size": 57344,
"heap_reserve_size": 1048576,
"heap_commit_size": 4096,
"code_size": 1933312,
"initialized_data_size": 1232896,
"uninitialized_data_size": 4096,
"analysis_success": true
},
{
"exe_name": "taskmgr",
"basic_info": {
"target_arch": "X86_64",
"subsystem": "Windows",
"entry_point": 1187024,
"image_base": 5368709120,
"section_count": 9,
"file_size": 5559048
},
"export_count": 0,
"import_count": 1104,
"section_count": 9,
"sample_exports": [],
"sample_imports": [
"_register_thread_local_exe_atexit_callback",
"_c_exit",
"_initterm",
"_initterm_e",
"_o_wcstod",
"_o_wcstok_s",
"_o_wcstol",
"_o_wcstoul",
"__C_specific_handler",
"__current_exception",
"__current_exception_context",
"_o_wcscpy_s",
"memmove",
"_o__wcsnicmp",
"_o__wcsicmp",
"_o__ui64tow_s",
"_o__strnicmp",
"_o__stricmp",
"_o__set_new_mode",
"_o__set_fmode"
],
"section_names": [
".text",
"fothk",
".imrsiv",
".rdata",
".data",
".pdata",
".didat",
".rsrc",
".reloc"
],
"linker_version": "14.38",
"os_version": "10.0",
"image_version": "10.0",
"subsystem_version": "10.0",
"checksum": 5566047,
"dll_characteristics": 49632,
"stack_reserve_size": 524288,
"stack_commit_size": 8192,
"heap_reserve_size": 1048576,
"heap_commit_size": 4096,
"code_size": 2637824,
"initialized_data_size": 2895872,
"uninitialized_data_size": 4096,
"analysis_success": true
},
{
"exe_name": "regedit",
"basic_info": {
"target_arch": "X86_64",
"subsystem": "Windows",
"entry_point": 8096,
"image_base": 5368709120,
"section_count": 8,
"file_size": 585728
},
"export_count": 0,
"import_count": 387,
"section_count": 8,
"sample_exports": [],
"sample_imports": [
"SetTextAlign",
"SetROP2",
"GetTextExtentPoint32W",
"Polyline",
"GetStockObject",
"StartPage",
"AbortDoc",
"EndDoc",
"DeleteDC",
"SetViewportOrgEx",
"SetAbortProc",
"StartDocW",
"EndPage",
"CreatePatternBrush",
"CreateBitmap",
"PatBlt",
"SelectClipRgn",
"GetObjectW",
"ExcludeClipRect",
"SelectObject"
],
"section_names": [
".text",
"fothk",
".rdata",
".data",
".pdata",
".didat",
".rsrc",
".reloc"
],
"linker_version": "14.38",
"os_version": "10.0",
"image_version": "10.0",
"subsystem_version": "10.0",
"checksum": 624998,
"dll_characteristics": 49504,
"stack_reserve_size": 524288,
"stack_commit_size": 16384,
"heap_reserve_size": 1048576,
"heap_commit_size": 4096,
"code_size": 184320,
"initialized_data_size": 667648,
"uninitialized_data_size": 0,
"analysis_success": true
}
]