Microsoft (R) COFF/PE Dumper Version 14.33.31630.0
Copyright (C) Microsoft Corporation.  All rights reserved.


Dump of file xe2019.exe

PE signature found

File Type: EXECUTABLE IMAGE

FILE HEADER VALUES
            8664 machine (x64)
               7 number of sections
        5C993F37 time date stamp Mon Mar 25 20:51:03 2019
               0 file pointer to symbol table
               0 number of symbols
              F0 size of optional header
              22 characteristics
                   Executable
                   Application can handle large (>2GB) addresses

OPTIONAL HEADER VALUES
             20B magic # (PE32+)
           10.00 linker version
          143800 size of code
           A5400 size of initialized data
               0 size of uninitialized data
           FAB9C entry point (00000001400FAB9C)
            1000 base of code
       140000000 image base (0000000140000000 to 000000014176FFFF)
            1000 section alignment
             200 file alignment
            5.02 operating system version
            0.00 image version
            5.02 subsystem version
               0 Win32 version
         1770000 size of image
             400 size of headers
          1EAFD5 checksum
               3 subsystem (Windows CUI)
            8140 DLL characteristics
                   Dynamic base
                   NX compatible
                   Terminal Server Aware
          100000 size of stack reserve
            1000 size of stack commit
          100000 size of heap reserve
            1000 size of heap commit
               0 loader flags
              10 number of directories
               0 [       0] RVA [size] of Export Directory
          1B7258 [      3C] RVA [size] of Import Directory
         175C000 [     B8C] RVA [size] of Resource Directory
         1750000 [    5F40] RVA [size] of Exception Directory
               0 [       0] RVA [size] of Certificates Directory
         175D000 [    3E34] RVA [size] of Base Relocation Directory
               0 [       0] RVA [size] of Debug Directory
               0 [       0] RVA [size] of Architecture Directory
               0 [       0] RVA [size] of Global Pointer Directory
               0 [       0] RVA [size] of Thread Storage Directory
               0 [       0] RVA [size] of Load Configuration Directory
               0 [       0] RVA [size] of Bound Import Directory
          145000 [     398] RVA [size] of Import Address Table Directory
               0 [       0] RVA [size] of Delay Import Directory
               0 [       0] RVA [size] of COM Descriptor Directory
               0 [       0] RVA [size] of Reserved Directory


SECTION HEADER #1
   .text name
  143690 virtual size
    1000 virtual address (0000000140001000 to 000000014014468F)
  143800 size of raw data
     400 file pointer to raw data (00000400 to 00143BFF)
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
60000020 flags
         Code
         Execute Read

SECTION HEADER #2
  .rdata name
   72E48 virtual size
  145000 virtual address (0000000140145000 to 00000001401B7E47)
   73000 size of raw data
  143C00 file pointer to raw data (00143C00 to 001B6BFF)
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
40000040 flags
         Initialized Data
         Read Only

SECTION HEADER #3
   .data name
 1597B30 virtual size
  1B8000 virtual address (00000001401B8000 to 000000014174FB2F)
   13000 size of raw data
  1B6C00 file pointer to raw data (001B6C00 to 001C9BFF)
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
C0000040 flags
         Initialized Data
         Read Write

SECTION HEADER #4
  .pdata name
    5F40 virtual size
 1750000 virtual address (0000000141750000 to 0000000141755F3F)
    6000 size of raw data
  1C9C00 file pointer to raw data (001C9C00 to 001CFBFF)
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
40000040 flags
         Initialized Data
         Read Only

SECTION HEADER #5
  .trace name
    5620 virtual size
 1756000 virtual address (0000000141756000 to 000000014175B61F)
    5800 size of raw data
  1CFC00 file pointer to raw data (001CFC00 to 001D53FF)
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
40000040 flags
         Initialized Data
         Read Only

SECTION HEADER #6
   .rsrc name
     B8C virtual size
 175C000 virtual address (000000014175C000 to 000000014175CB8B)
     C00 size of raw data
  1D5400 file pointer to raw data (001D5400 to 001D5FFF)
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
40000040 flags
         Initialized Data
         Read Only

SECTION HEADER #7
  .reloc name
   12F48 virtual size
 175D000 virtual address (000000014175D000 to 000000014176FF47)
   13000 size of raw data
  1D6000 file pointer to raw data (001D6000 to 001E8FFF)
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
42000040 flags
         Initialized Data
         Discardable
         Read Only

  Summary

     1598000 .data
        6000 .pdata
       73000 .rdata
       13000 .reloc
        1000 .rsrc
      144000 .text
        6000 .trace