the-nose-knows/loadpe_allvars_dump.txt

## loadpe_allvars_dump.txt
+		addy	0x0000004032f4e238 {0x0000000000001000}	unsigned __int64 *
		argc	0x00000002	int
+		argv	0x000001560ce43920 {0x000001560ce43938 "C:\\Users\\TheUser\\documents\\visual studio 2017\\Projects\\load_pe\\x64\\Debug\\load_pe.exe"}	char * *
		Characteristics	0x00000022	unsigned long
		coverted_base_address	0x000001560cd90000	unsigned __int64
		data_directory_optional_header_offset	0x0000000000000070	unsigned __int64
		direct_access_size_stack	0x0000000000001000	unsigned __int64
		error_check	0x00000000	int
		fDOSImage	0x00 '\0'	unsigned char
+		FileHeader	0x000001560cd90100 {Signature=0x00004550 FileHeader={Machine=0x8664 NumberOfSections=0x0008 TimeDateStamp=...} ...}	_IMAGE_NT_HEADERS64 *
+		FileHeader_FileHeader	{Machine=0x8664 NumberOfSections=0x0008 TimeDateStamp=0x5908da2a ...}	_IMAGE_FILE_HEADER
		FileHeader_FileHeader_Characteristics	0x0022	unsigned short
		FileHeader_FileHeader_Machine	0x8664	unsigned short
		FileHeader_FileHeader_NumberOfSections	0x0008	unsigned short
		FileHeader_FileHeader_NumberOfSymbols	0x00000000	unsigned long
		FileHeader_FileHeader_PointerToSymbolTable	0x00000000	unsigned long
		FileHeader_FileHeader_SizeOfOptionalHeader	0x00f0	unsigned short
		FileHeader_FileHeader_TimeDateStamp	0x5908da2a	unsigned long
+		FileHeader_OptionalHeader	{Magic=0x020b MajorLinkerVersion=0x0e '\xe' MinorLinkerVersion=0x00 '\0' ...}	_IMAGE_OPTIONAL_HEADER64
		FileHeader_OptionalHeader_AddressOfEntryPoint	0x00009088	unsigned long
		FileHeader_OptionalHeader_BaseOfCode	0x00001000	unsigned long
		FileHeader_OptionalHeader_CheckSum	0x00000000	unsigned long
+		FileHeader_OptionalHeader_DataDirectory	0x000001560cd90188 {VirtualAddress=0x00000000 Size=0x00000000 }	_IMAGE_DATA_DIRECTORY *
		FileHeader_OptionalHeader_DataDirectory_Size	0x00000000	unsigned long
		FileHeader_OptionalHeader_DataDirectory_VirtualAddress	0x00000000	unsigned long
		FileHeader_OptionalHeader_DllCharacteristics	0x8160	unsigned short
		FileHeader_OptionalHeader_FileAlignment	0x00000200	unsigned long
		FileHeader_OptionalHeader_ImageBase	0x0000000140000000	unsigned __int64
		FileHeader_OptionalHeader_LoaderFlags	0x00000000	unsigned long
		FileHeader_OptionalHeader_Magic	0x020b	unsigned short
		FileHeader_OptionalHeader_MajorImageVersion	0x0000	unsigned short
		FileHeader_OptionalHeader_MajorLinkerVersion	0x0e '\xe'	unsigned char
		FileHeader_OptionalHeader_MajorOperatingSystemVersion	0x0006	unsigned short
		FileHeader_OptionalHeader_MajorSubsystemVersion	0x0006	unsigned short
		FileHeader_OptionalHeader_MinorImageVersion	0x0000	unsigned short
		FileHeader_OptionalHeader_MinorLinkerVersion	0x00 '\0'	unsigned char
		FileHeader_OptionalHeader_MinorOperatingSystemVersion	0x0000	unsigned short
		FileHeader_OptionalHeader_MinorSubsystemVersion	0x0000	unsigned short
		FileHeader_OptionalHeader_NumberOfRvaAndSizes	0x00000010	unsigned long
		FileHeader_OptionalHeader_SectionAlignment	0x00001000	unsigned long
		FileHeader_OptionalHeader_SizeOfCode	0x00009e00	unsigned long
		FileHeader_OptionalHeader_SizeOfHeaders	0x00000400	unsigned long
		FileHeader_OptionalHeader_SizeOfHeapCommit	0x0000000000001000	unsigned __int64
		FileHeader_OptionalHeader_SizeOfHeapReserve	0x0000000000100000	unsigned __int64
		FileHeader_OptionalHeader_SizeOfImage	0x00019000	unsigned long
		FileHeader_OptionalHeader_SizeOfInitializedData	0x00009000	unsigned long
		FileHeader_OptionalHeader_SizeOfStackCommit	0x0000000000001000	unsigned __int64
		FileHeader_OptionalHeader_SizeOfStackReserve	0x0000000000100000	unsigned __int64
		FileHeader_OptionalHeader_SizeOfUninitializedData	0x00000000	unsigned long
		FileHeader_OptionalHeader_Subsystem	0x0003	unsigned short
		FileHeader_OptionalHeader_Win32VersionValue	0x00000000	unsigned long
		FileHeader_Signature	0x00004550	unsigned long
+		filesystem_image	{_Mystr=L"C:\pathToFile\\some_test.exe" }	std::experimental::filesystem::v1::path
		fReadOnly	0x01 '\x1'	unsigned char
		fSystemImage	0x00 '\0'	unsigned char
		hFile	0x00000000000000ac	void *
+		image_directory	"C:\pathToFile"	std::basic_string<char,std::char_traits<char>,std::allocator<char> >
		image_loaded	true	bool
+		image_name	"some_test"	std::basic_string<char,std::char_traits<char>,std::allocator<char> >
+		image_name_and_extension	"some_test.exe"	std::basic_string<char,std::char_traits<char>,std::allocator<char> >
+		image_to_load	"C:\pathToFile\\some_test.exe"	std::basic_string<char,std::char_traits<char>,std::allocator<char> >
		is32bit	false	bool
		is64bit	true	bool
+		LastRvaSection	0x000001560cd90208 {Name=0x000001560cd90208 ".text" Misc={PhysicalAddress=0x00009c56 VirtualSize=0x00009c56 } ...}	_IMAGE_SECTION_HEADER *
		LastRvaSection_Characteristics	0x60000020	unsigned long
		LastRvaSection_Misc_PhysicalAddress	0x00009c56	unsigned long
		LastRvaSection_Misc_VirtualSize	0x00009c56	unsigned long
+		LastRvaSection_Name	0x000001560cd90208 ".text"	unsigned char *
		LastRvaSection_NumberOfLinenumbers	0x0000	unsigned short
		LastRvaSection_NumberOfRelocations	0x0000	unsigned short
		LastRvaSection_PointerToLinenumbers	0x00000000	unsigned long
		LastRvaSection_PointerToRawData	0x00000400	unsigned long
		LastRvaSection_PointerToRelocations	0x00000000	unsigned long
		LastRvaSection_SizeOfRawData	0x00009e00	unsigned long
		LastRvaSection_VirtualAddress	0x00001000	unsigned long
+		Links	{Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {...} ...} ...} ...} ...}	_LIST_ENTRY
+		Links_Blink	0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=...} ...} ...} ...}	_LIST_ENTRY *
+		Links_Flink	0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=...} ...} ...} ...}	_LIST_ENTRY *
+		loaded_image	{ModuleName=0x000001560ce3fac0 "C:\pathToFile\\some_test.exe" ...}	_LOADED_IMAGE
		magic_number	0x0000020b	int
+		MappedAddress	0x000001560cd90000 "MZ"	unsigned char *
+		module_base_address	0x000001560cd90000 "MZ"	unsigned char *
+		ModuleName	0x000001560ce3fac0 "C:\pathToFile\\some_test.exe"	char *
		NumberOfSections	0x00000008	unsigned long
+		p_loaded_image	0x0000004032f4e080 {ModuleName=0x000001560ce3fac0 "C:\pathToFile\\some_test.exe" ...}	_LOADED_IMAGE *
+		Sections	0x000001560cd90208 {Name=0x000001560cd90208 ".text" Misc={PhysicalAddress=0x00009c56 VirtualSize=0x00009c56 } ...}	_IMAGE_SECTION_HEADER *
		Sections_Characteristics	0x60000020	unsigned long
		Sections_Misc_PhysicalAddress	0x00009c56	unsigned long
		Sections_Misc_VirtualSize	0x00009c56	unsigned long
+		Sections_Name	0x000001560cd90208 ".text"	unsigned char *
		Sections_NumberOfLinenumbers	0x0000	unsigned short
		Sections_NumberOfRelocations	0x0000	unsigned short
		Sections_PointerToLinenumbers	0x00000000	unsigned long
		Sections_PointerToRawData	0x00000400	unsigned long
		Sections_PointerToRelocations	0x00000000	unsigned long
		Sections_SizeOfRawData	0x00009e00	unsigned long
		Sections_VirtualAddress	0x00001000	unsigned long
		size_stack_commit_offset	0x0000000000000050	unsigned __int64
		SizeOfImage	0x00013200	unsigned long
		sum_for_size_stack	0x000001560cd900d8	unsigned __int64
		validFile	true	bool
		Version	0x01 '\x1'	unsigned char
		windows_optional_header_offset	0x0000000000000018	unsigned __int64
	+ addy 0x0000004032f4e238 {0x0000000000001000} unsigned __int64 *
	argc 0x00000002 int
	+ argv 0x000001560ce43920 {0x000001560ce43938 "C:\\Users\\TheUser\\documents\\visual studio 2017\\Projects\\load_pe\\x64\\Debug\\load_pe.exe"} char * *
	Characteristics 0x00000022 unsigned long
	coverted_base_address 0x000001560cd90000 unsigned __int64
	data_directory_optional_header_offset 0x0000000000000070 unsigned __int64
	direct_access_size_stack 0x0000000000001000 unsigned __int64
	error_check 0x00000000 int
	fDOSImage 0x00 '\0' unsigned char
	+ FileHeader 0x000001560cd90100 {Signature=0x00004550 FileHeader={Machine=0x8664 NumberOfSections=0x0008 TimeDateStamp=...} ...} _IMAGE_NT_HEADERS64 *
	+ FileHeader_FileHeader {Machine=0x8664 NumberOfSections=0x0008 TimeDateStamp=0x5908da2a ...} _IMAGE_FILE_HEADER
	FileHeader_FileHeader_Characteristics 0x0022 unsigned short
	FileHeader_FileHeader_Machine 0x8664 unsigned short
	FileHeader_FileHeader_NumberOfSections 0x0008 unsigned short
	FileHeader_FileHeader_NumberOfSymbols 0x00000000 unsigned long
	FileHeader_FileHeader_PointerToSymbolTable 0x00000000 unsigned long
	FileHeader_FileHeader_SizeOfOptionalHeader 0x00f0 unsigned short
	FileHeader_FileHeader_TimeDateStamp 0x5908da2a unsigned long
	+ FileHeader_OptionalHeader {Magic=0x020b MajorLinkerVersion=0x0e '\xe' MinorLinkerVersion=0x00 '\0' ...} _IMAGE_OPTIONAL_HEADER64
	FileHeader_OptionalHeader_AddressOfEntryPoint 0x00009088 unsigned long
	FileHeader_OptionalHeader_BaseOfCode 0x00001000 unsigned long
	FileHeader_OptionalHeader_CheckSum 0x00000000 unsigned long
	+ FileHeader_OptionalHeader_DataDirectory 0x000001560cd90188 {VirtualAddress=0x00000000 Size=0x00000000 } _IMAGE_DATA_DIRECTORY *
	FileHeader_OptionalHeader_DataDirectory_Size 0x00000000 unsigned long
	FileHeader_OptionalHeader_DataDirectory_VirtualAddress 0x00000000 unsigned long
	FileHeader_OptionalHeader_DllCharacteristics 0x8160 unsigned short
	FileHeader_OptionalHeader_FileAlignment 0x00000200 unsigned long
	FileHeader_OptionalHeader_ImageBase 0x0000000140000000 unsigned __int64
	FileHeader_OptionalHeader_LoaderFlags 0x00000000 unsigned long
	FileHeader_OptionalHeader_Magic 0x020b unsigned short
	FileHeader_OptionalHeader_MajorImageVersion 0x0000 unsigned short
	FileHeader_OptionalHeader_MajorLinkerVersion 0x0e '\xe' unsigned char
	FileHeader_OptionalHeader_MajorOperatingSystemVersion 0x0006 unsigned short
	FileHeader_OptionalHeader_MajorSubsystemVersion 0x0006 unsigned short
	FileHeader_OptionalHeader_MinorImageVersion 0x0000 unsigned short
	FileHeader_OptionalHeader_MinorLinkerVersion 0x00 '\0' unsigned char
	FileHeader_OptionalHeader_MinorOperatingSystemVersion 0x0000 unsigned short
	FileHeader_OptionalHeader_MinorSubsystemVersion 0x0000 unsigned short
	FileHeader_OptionalHeader_NumberOfRvaAndSizes 0x00000010 unsigned long
	FileHeader_OptionalHeader_SectionAlignment 0x00001000 unsigned long
	FileHeader_OptionalHeader_SizeOfCode 0x00009e00 unsigned long
	FileHeader_OptionalHeader_SizeOfHeaders 0x00000400 unsigned long
	FileHeader_OptionalHeader_SizeOfHeapCommit 0x0000000000001000 unsigned __int64
	FileHeader_OptionalHeader_SizeOfHeapReserve 0x0000000000100000 unsigned __int64
	FileHeader_OptionalHeader_SizeOfImage 0x00019000 unsigned long
	FileHeader_OptionalHeader_SizeOfInitializedData 0x00009000 unsigned long
	FileHeader_OptionalHeader_SizeOfStackCommit 0x0000000000001000 unsigned __int64
	FileHeader_OptionalHeader_SizeOfStackReserve 0x0000000000100000 unsigned __int64
	FileHeader_OptionalHeader_SizeOfUninitializedData 0x00000000 unsigned long
	FileHeader_OptionalHeader_Subsystem 0x0003 unsigned short
	FileHeader_OptionalHeader_Win32VersionValue 0x00000000 unsigned long
	FileHeader_Signature 0x00004550 unsigned long
	+ filesystem_image {_Mystr=L"C:\pathToFile\\some_test.exe" } std::experimental::filesystem::v1::path
	fReadOnly 0x01 '\x1' unsigned char
	fSystemImage 0x00 '\0' unsigned char
	hFile 0x00000000000000ac void *
	+ image_directory "C:\pathToFile" std::basic_string<char,std::char_traits<char>,std::allocator<char> >
	image_loaded true bool
	+ image_name "some_test" std::basic_string<char,std::char_traits<char>,std::allocator<char> >
	+ image_name_and_extension "some_test.exe" std::basic_string<char,std::char_traits<char>,std::allocator<char> >
	+ image_to_load "C:\pathToFile\\some_test.exe" std::basic_string<char,std::char_traits<char>,std::allocator<char> >
	is32bit false bool
	is64bit true bool
	+ LastRvaSection 0x000001560cd90208 {Name=0x000001560cd90208 ".text" Misc={PhysicalAddress=0x00009c56 VirtualSize=0x00009c56 } ...} _IMAGE_SECTION_HEADER *
	LastRvaSection_Characteristics 0x60000020 unsigned long
	LastRvaSection_Misc_PhysicalAddress 0x00009c56 unsigned long
	LastRvaSection_Misc_VirtualSize 0x00009c56 unsigned long
	+ LastRvaSection_Name 0x000001560cd90208 ".text" unsigned char *
	LastRvaSection_NumberOfLinenumbers 0x0000 unsigned short
	LastRvaSection_NumberOfRelocations 0x0000 unsigned short
	LastRvaSection_PointerToLinenumbers 0x00000000 unsigned long
	LastRvaSection_PointerToRawData 0x00000400 unsigned long
	LastRvaSection_PointerToRelocations 0x00000000 unsigned long
	LastRvaSection_SizeOfRawData 0x00009e00 unsigned long
	LastRvaSection_VirtualAddress 0x00001000 unsigned long
	+ Links {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {...} ...} ...} ...} ...} _LIST_ENTRY
	+ Links_Blink 0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=...} ...} ...} ...} _LIST_ENTRY *
	+ Links_Flink 0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=0x0000004032f4e0c0 {Flink=...} ...} ...} ...} _LIST_ENTRY *
	+ loaded_image {ModuleName=0x000001560ce3fac0 "C:\pathToFile\\some_test.exe" ...} _LOADED_IMAGE
	magic_number 0x0000020b int
	+ MappedAddress 0x000001560cd90000 "MZ" unsigned char *
	+ module_base_address 0x000001560cd90000 "MZ" unsigned char *
	+ ModuleName 0x000001560ce3fac0 "C:\pathToFile\\some_test.exe" char *
	NumberOfSections 0x00000008 unsigned long
	+ p_loaded_image 0x0000004032f4e080 {ModuleName=0x000001560ce3fac0 "C:\pathToFile\\some_test.exe" ...} _LOADED_IMAGE *
	+ Sections 0x000001560cd90208 {Name=0x000001560cd90208 ".text" Misc={PhysicalAddress=0x00009c56 VirtualSize=0x00009c56 } ...} _IMAGE_SECTION_HEADER *
	Sections_Characteristics 0x60000020 unsigned long
	Sections_Misc_PhysicalAddress 0x00009c56 unsigned long
	Sections_Misc_VirtualSize 0x00009c56 unsigned long
	+ Sections_Name 0x000001560cd90208 ".text" unsigned char *
	Sections_NumberOfLinenumbers 0x0000 unsigned short
	Sections_NumberOfRelocations 0x0000 unsigned short
	Sections_PointerToLinenumbers 0x00000000 unsigned long
	Sections_PointerToRawData 0x00000400 unsigned long
	Sections_PointerToRelocations 0x00000000 unsigned long
	Sections_SizeOfRawData 0x00009e00 unsigned long
	Sections_VirtualAddress 0x00001000 unsigned long
	size_stack_commit_offset 0x0000000000000050 unsigned __int64
	SizeOfImage 0x00013200 unsigned long
	sum_for_size_stack 0x000001560cd900d8 unsigned __int64
	validFile true bool
	Version 0x01 '\x1' unsigned char
	windows_optional_header_offset 0x0000000000000018 unsigned __int64