Untitled

0:000> !dh kool_ade

File Type: DLL
FILE HEADER VALUES
    8664 machine (X64)
       7 number of sections
667DA41F time date stamp Thu Jun 27 12:40:47 2024

       0 file pointer to symbol table
       0 number of symbols
      F0 size of optional header
    2822 characteristics
            Executable
            App can handle >2gb addresses
            Run from swap file if image is on net
            DLL

OPTIONAL HEADER VALUES
     20B magic #
   14.16 linker version
   74400 size of code
   94A00 size of initialized data
       0 size of uninitialized data
   6E670 address of entry point
    1000 base of code
         ----- new -----
0000000180000000 image base
    1000 section alignment
     200 file alignment
       2 subsystem (Windows GUI)
    6.00 operating system version
    0.00 image version
    6.00 subsystem version
  10D000 size of image
     400 size of headers
       0 checksum
0000000002000000 size of stack reserve
0000000000001000 size of stack commit
0000000000100000 size of heap reserve
0000000000001000 size of heap commit
     160  DLL characteristics
            High entropy VA supported
            Dynamic base
            NX compatible
   BE4D0 [   1006C] address [size] of Export Directory
   CE53C [     2F8] address [size] of Import Directory
       0 [       0] address [size] of Resource Directory
  102000 [    5F34] address [size] of Exception Directory
       0 [       0] address [size] of Security Directory
  10C000 [     8E0] address [size] of Base Relocation Directory
   AA860 [      54] address [size] of Debug Directory
       0 [       0] address [size] of Description Directory
       0 [       0] address [size] of Special Directory
   AA9C0 [      28] address [size] of Thread Storage Directory
   AA8C0 [     100] address [size] of Load Configuration Directory
       0 [       0] address [size] of Bound Import Directory
   76000 [    10A8] address [size] of Import Address Table Directory
       0 [       0] address [size] of Delay Import Directory
       0 [       0] address [size] of COR20 Header Directory
       0 [       0] address [size] of Reserved Directory


SECTION HEADER #1
   .text name
   74230 virtual size
    1000 virtual address
   74400 size of raw data
     400 file pointer to raw data
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
60000020 flags
         Code
         (no align specified)
         Execute Read

SECTION HEADER #2
  .rdata name
   5CFE8 virtual size
   76000 virtual address
   5D000 size of raw data
   74800 file pointer to raw data
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
40000040 flags
         Initialized Data
         (no align specified)
         Read Only


Debug Directories(3)
	Type       Size     Address  Pointer
	cv           5d       acfb4    ab7b4	Format: RSDS, guid, 1, y:\bld\pre\ficc\liberty\win64_vc15.bld\src\kool_ade\src\kool_ade.pdb
	(   12)      14       ad014    ab814
	(   13)     39c       ad028    ab828

SECTION HEADER #3
   .data name
   2EAD0 virtual size
   D3000 virtual address
    2000 size of raw data
   D1800 file pointer to raw data
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
C0000040 flags
         Initialized Data
         (no align specified)
         Read Write

SECTION HEADER #4
  .pdata name
    5F34 virtual size
  102000 virtual address
    6000 size of raw data
   D3800 file pointer to raw data
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
40000040 flags
         Initialized Data
         (no align specified)
         Read Only

SECTION HEADER #5
.detourc name
    21C0 virtual size
  108000 virtual address
    2200 size of raw data
   D9800 file pointer to raw data
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
40000040 flags
         Initialized Data
         (no align specified)
         Read Only

SECTION HEADER #6
.detourd name
      18 virtual size
  10B000 virtual address
     200 size of raw data
   DBA00 file pointer to raw data
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
C0000040 flags
         Initialized Data
         (no align specified)
         Read Write

SECTION HEADER #7
  .reloc name
     8E0 virtual size
  10C000 virtual address
     A00 size of raw data
   DBC00 file pointer to raw data
       0 file pointer to relocation table
       0 file pointer to line numbers
       0 number of relocations
       0 number of line numbers
42000040 flags
         Initialized Data
         Discardable
         (no align specified)
         Read Only