DOS HEADER:

e_magic: 5A4D **

e_cblp: 0090

e_cp: 0003

e_crlc: 0000

e_caprhdr: 0004

e_minlloc: 0000

e_maxalloc: FFFF

e_ss: 0000

e_sp: 00B8

e_csum: 0000

e_ip: 0000

e_cs: 0000

e_ifarlc: 0040

e_ovnc: 0000

e_res[4]: 0000 0000 0000 0000

e_oemid: 0000

e_oeminfo: 0000

e_res2[10]: 0

e_lfanew: 00E0 **





NT_HEADERS

Signature: 00 00 45 50 **





FILE_HEADER

Machine: 014C ****

NumberOfSections: 0004 ****

TimeDateStamp: 4D74BC7E ****

PointerToSymbolTable; 00000000

NumberOfSymbols: 00000000

SizeOfOptionalHeader: 00E0 ****

Characteristics: 010F ****







OPTIONAL_HEADER

Magic: 010B ****

MajorLinkerVersion: 06

MinorLinkerVersion: 00

SizeOfCode: 00021000 ****

SizeOflnitializedData: 0001B000 ****

SizeOfUninitializedData: 00000000 ****

AdderssOfEntryPoint: 0001D26F ****

BaseOfCode: 00001000 ****

BaseOfData: 00022000 ****

ImageBase: 00400000 ****

SectionAlignment: 00001000 ****

FileAlignment: 00001000 ****

MajorOperatingSystemVersion: 0004

MinorOperationgSystemVersion: 0000

MajorImageVersion: 0000

MinorImageVersion: 0000

MajorSubsystemVersion: 0004

MinorSubsystemVersion: 0000

Win32VersionValue: 00000000

SizeOfImage: 0003D000 ****

SizeOfHeaders: 00001000 ****

CheckSum: 00000000 ****

Subsystem: 0002

DllCharacteristics: 0000

SizeOfStackReserve: 00100000 ****

SizeOfStackCommit: 00001000 ****

SizeOfHeapReserve: 00100000 ****

SizeOfHeapCommit: 00001000 ****

LoaderFlags: 00000000

NumberOfRvaAndSizes: 00000010



DataDirectory[16] ***