-
-
Save mrexodia/65ff4248e2d35d830491c0bd3e6e09a6 to your computer and use it in GitHub Desktop.
aksdf.exe.dd64
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "comments": [ | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14076", | |
| "manual": true, | |
| "text": "e_lfanew" | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1408F", | |
| "manual": true, | |
| "text": "rdx+rax*1:\"PE\" (Signature)" | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142A3", | |
| "manual": true, | |
| "text": "uint32_t hashExportName(const char* name)" | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142E4", | |
| "manual": true, | |
| "text": "void* resolveImport(void* base, uint32_t hash)" | |
| } | |
| ], | |
| "labels": [ | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142E4", | |
| "manual": true, | |
| "text": "resolveImport" | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142A3", | |
| "manual": true, | |
| "text": "hashExportName" | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x12100", | |
| "manual": true, | |
| "text": "oep" | |
| } | |
| ], | |
| "functions": [ | |
| { | |
| "module": "aksdf.exe", | |
| "start": "0x142A3", | |
| "end": "0x142E3", | |
| "icount": "0x21", | |
| "manual": false | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "start": "0x142E4", | |
| "end": "0x1447D", | |
| "icount": "0xA5", | |
| "manual": false | |
| } | |
| ], | |
| "xrefs": [ | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14441", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14358", | |
| "type": "0x2" | |
| }, | |
| { | |
| "addr": "0x14366", | |
| "type": "0x2" | |
| }, | |
| { | |
| "addr": "0x14415", | |
| "type": "0x2" | |
| }, | |
| { | |
| "addr": "0x1432A", | |
| "type": "0x2" | |
| }, | |
| { | |
| "addr": "0x14338", | |
| "type": "0x2" | |
| }, | |
| { | |
| "addr": "0x14343", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14456", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14453", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143EF", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143EA", | |
| "type": "0x2" | |
| }, | |
| { | |
| "addr": "0x143EC", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142F1", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142EC", | |
| "type": "0x2" | |
| }, | |
| { | |
| "addr": "0x142EE", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142FC", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142F9", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14301", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142F0", | |
| "type": "0x1" | |
| }, | |
| { | |
| "addr": "0x142FE", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14438", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143F7", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143EA", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142F1", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142F8", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143EF", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14411", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x1443F", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1444A", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14447", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1434C", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142F7", | |
| "type": "0x1" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14307", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14304", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142F6", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143EE", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14387", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x1437D", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14444", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14441", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1430C", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14309", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143A9", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14409", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14395", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x1430C", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143AF", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143AC", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142CC", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142C9", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1444F", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x1444C", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142DE", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142DB", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1447D", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x1447A", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1439E", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14392", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14417", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14382", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142B0", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142AD", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14398", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14395", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1445E", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14436", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14474", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14471", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1440D", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143A7", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143B5", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143B2", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142C2", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142BF", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14327", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14324", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1445C", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14459", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143C1", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143BE", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14467", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14464", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14312", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14398", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142C8", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142D8", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143BA", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143B7", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x1446E", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x1446B", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14320", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x1431D", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143C7", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143C4", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x143F5", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x143E7", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x14478", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x14475", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142AA", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142A7", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142B5", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142B2", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142BC", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142B9", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142DA", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142CE", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142D6", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142D3", | |
| "type": "0x2" | |
| } | |
| ] | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x142E3", | |
| "manual": false, | |
| "references": [ | |
| { | |
| "addr": "0x142E0", | |
| "type": "0x2" | |
| } | |
| ] | |
| } | |
| ], | |
| "encodemaps": [ | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x0", | |
| "manual": false, | |
| "data": "00{13FE4}0100{9}0100{6}0100{9}0100{17}0100{6}0100{9}01{C}00000100{C}0100{5}0100{6}0100{7}0100{6}0100{C}0501{7}00{7}0100{7}0100{A}0100{D}0100{6}0100{3}0100{A}01{C}00{10}01{C}00{7}0100{6}0100{A}0100{4}0100{6}0100{5}0100{10}0100{8}0100{5}0100{4}0100{6}0100{5}0100{11}0100{5}0100{5}0100{4}0100{6}0100{5}0100{12}0100{7}0100{6}0100{4}01{D}00{5}0100{5}01{D}00{12}0100{C}0100{5}0100{4}0100{6}0100{5}0100{A}0100{7}0100000100000100000100{5}0100{4}0100{6}0100{5}0100{8}0100{4}0100{8}0100{5}0100{5}0100{7}01{8}00{5}01{7}00{4}01000001{2A}00000100000100{3}0100{3}01{7}00{7}0100{5}0100{4}0100{6}0100{5}0100{9}0100{9}0100{7}0100{4}0100{D}0100{6}0100{3}0100{4}0100{5}0100{4}0100{5}0100{D}0100{6}0100{70}0100{16}0100{5}0100{4}0100{6}0100{5}0100{27}0100{54}0100{5}0100{4}0100{6}0100{5}0100{A}0100{6}0100{5}0100{3}0100{4}0100{B83}" | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "address": "0x13000", | |
| "manual": false, | |
| "data": "00{E6C}0100{E}0100{8}01{C}00{8}0100{1167}" | |
| } | |
| ], | |
| "tracerecord": [ | |
| { | |
| "module": "aksdf.exe", | |
| "rva": "0x13000", | |
| "type": "0x3", | |
| "data": "00{19EA}01400140018000000140014001800000014001400100018001400180014001800000014001000100010001000180000001400100018001400180000001400100018001400180000001400100018001400180000001400100018001400100018001400180014001800000014001800000014001000180014001400180000001400100018001400180000001400180014001800000014001000100018001400180000004C004C004C0034003800000014001800140010001800140018000{E}0140010001800140018001400180000001400180014001800000014001800000014001800000014001800140018000000140018001400100018001400180014001800140018000000140018000000140018027C127C127C127C127C127C127C127C127C126C126C126C126C126C126C126C1264126810000014001800140018000000140010001000100010001802641268126C126C126C126412681000026C126C126C126C126C126C126412681000026C126C126C1264126810840088008C008C008C008C008C008C00840088000{1E}26C126C126C126C126C126C1D244D2844EC44EC44EC44EC4D443D483ADC2ADC2ADC2ADC2ADC2ADC2ADC2ADC2ADC200001C401C8000001C401C800000ADC2ADC2ADC2ADC2ADC297C097C0974097C097C0000001400180000001400180000097C097C07BC07BC07BC07BC07BC01CC01CC01CC01C401C801C401C8000001CC01CC01CC01C401C8000001CC01CC01CC01CC01CC01CC01CC01C401C8000001C401C8000001C401C8000001CC01CC01CC01CC01C401C8000001CC01CC01CC01C401C8000001C401C801C401C8000001CC01CC01CC01CC01C401C80000070C070C070C054C054C000001C401C801C401C80014001400100018001400180000001400100018001400140018000000140018000000140014001800000014001400CC00CC00BC00BC00BC00BC00BC003C003C003C00340038003400380000003C003C003C003C003C003C000000340038000000140018001400180000001400100010001000100018003400380000001400180014001800000014001000100010001000180034003C003C003C00340038003400380000003C003C003C003C003C003C0000003C003C003C003C003C00340038000000340038000000340034003800000034003400380000003400380000003400380000003400340038000000340038003400380000003400380034003800000034003400380034003800000034003800000034003800000034003800340038000000340038003400380000003400380034003800000034003800000034003800340038000000340038003C003C003C003400380034003800000034003800000034003800000014001800140018015C016C016C01540188003C003C003C003C003C003C0014001800140010001800140018000000340038003400380000003C003C003C003C003C003C001400180014001800000014001800000014001400100010001000100010001800140018000000340038003400380000003C003C003C003C003C003C001400100010001000100010001800140010001000100010001800140018000000340038003400380000003400380014001000100010001000100018001400140010001800140018001400180000001400100010001000100018000000140010001000100010001000180014001400100018001400180014001800000014001000100010001000180000001400140018000000140010001000100018000{F0}" | |
| }, | |
| { | |
| "module": "aksdf.exe", | |
| "rva": "0x14000", | |
| "type": "0x3", | |
| "data": "00{52}0140018001400180000001400100010001000100018004400480000004C004C004C004C004C004C004C004C004C004C00440048000001BC01BC01BC0064006800000064006800640068006400680000006C006C006C00640068006400680000006C006C006C006C006C006C0000006C006C006C006C006C006C006C005C005C005C00540058000{10}054005800140010001800140018000000140010001800140018001400180000001400100010001000100018001400180014001800000014001000100018001400100018001400180014001800140018000000140010001000100010001800000014001400180000003C003C003C0014001400180014001800140018000000240028002400280000002C002C002C002C002C002C0014001800140010001000100010001800140010001000100010001800140018000{18}0140010001800140018001400180000001400100010001000100018000000140014001400180000001400100018001400180000001400180014001800000014001000100018001400180000003C003C003C00240028000000140018001400100010001000100010001800140018000{18}02400280000002C002C002C00240028000000240028002400280000002C002C002C002C002400280000066C066C066C064C064C0000002400280024002C002C002C002C002C002C002C002C002C002C002C002C002400280000002C002C002C002400280000002C002C002C00240028000000240028002400280000002C002C002C002C002400280000065C065C065C063C063C000000240028002C002C002C002C002C002C002C002C002C00240028002C002C002C002400280000002C002C002C00240028002400280000002C002C002C002C002C002C00000024002800240028000000640068006400680000006C006C006C006C006C006C0000002C002C002C002400280000002C002C002C002400280000001400180014001800000014001000100010001000180000002C002C002C002C002C003400380014001000180014001000100010001000180014001800000014001000180014001800140010001000100018000{2A}0140010001800140018000{5E}28C028C028C02840288000{108}014000{32}FF7FFF3FFFBFFF7FFFBF00{46}0140010001000100018000{1B0}FF7FFF3FFFBFFF7FFFBF00{1874}" | |
| } | |
| ], | |
| "breakpoints": [ | |
| { | |
| "address": "0x14044", | |
| "enabled": true, | |
| "type": 1, | |
| "titantype": "0xB47", | |
| "name": "", | |
| "module": "aksdf.exe", | |
| "breakCondition": "", | |
| "logText": "", | |
| "logCondition": "", | |
| "commandText": "", | |
| "commandCondition": "", | |
| "fastResume": false, | |
| "silent": false | |
| }, | |
| { | |
| "address": "0x140A8", | |
| "enabled": true, | |
| "type": 1, | |
| "titantype": "0xC47", | |
| "name": "", | |
| "module": "aksdf.exe", | |
| "breakCondition": "", | |
| "logText": "", | |
| "logCondition": "", | |
| "commandText": "", | |
| "commandCondition": "", | |
| "fastResume": false, | |
| "silent": false | |
| }, | |
| { | |
| "address": "0x142E4", | |
| "enabled": true, | |
| "type": 1, | |
| "titantype": "0xD47", | |
| "name": "", | |
| "module": "aksdf.exe", | |
| "breakCondition": "", | |
| "logText": "", | |
| "logCondition": "", | |
| "commandText": "", | |
| "commandCondition": "", | |
| "fastResume": false, | |
| "silent": false | |
| }, | |
| { | |
| "address": "0xC0000096", | |
| "enabled": true, | |
| "type": 4, | |
| "titantype": "0x1", | |
| "name": "", | |
| "breakCondition": "0", | |
| "logText": "", | |
| "logCondition": "", | |
| "commandText": "skip", | |
| "commandCondition": "1", | |
| "fastResume": false, | |
| "silent": false | |
| } | |
| ], | |
| "hashAlgorithm": "murmurhash", | |
| "hash": "0x6904D2CA1B72CF04" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment