0
私はgeek.exeを分析しようとしましたが、下記の私が得たものの一部です:dumpbin出力の数値は16進数または10進数ですか?
PE signature found
File Type: EXECUTABLE IMAGE
FILE HEADER VALUES
14C machine (x86)
4 number of sections
56AE989D time date stamp Mon Feb 1 06:28:29 2016
0 file pointer to symbol table
0 number of symbols
E0 size of optional header
103 characteristics
Relocations stripped
Executable
32 bit word machine
OPTIONAL HEADER VALUES
10B magiC# (PE32)
12.00 linker version
1A5E00 size of code
46BC00 size of initialized data
0 size of uninitialized data
71ECE entry point (00471ECE)
1000 base of code
1A7000 base of data
400000 image base (00400000 to 00A13FFF)
1000 section alignment
200 file alignment
5.01 operating system version
0.00 image version
5.01 subsystem version
0 Win32 version
614000 size of image
400 size of headers
610DF5 checksum
2 subsystem (Windows GUI)
8100 DLL characteristics
NX compatible
Terminal Server Aware
100000 size of stack reserve
1000 size of stack commit
100000 size of heap reserve
1000 size of heap commit
0 loader flags
10 number of directories
0 [ 0] RVA [size] of Export Directory
220104 [ 17C] RVA [size] of Import Directory
234000 [ 3E0000] RVA [size] of Resource Directory
0 [ 0] RVA [size] of Exception Directory
60C600 [ 3E18] RVA [size] of Certificates Directory
0 [ 0] RVA [size] of Base Relocation Directory
1A7DB0 [ 38] RVA [size] of Debug Directory
0 [ 0] RVA [size] of Architecture Directory
0 [ 0] RVA [size] of Global Pointer Directory
0 [ 0] RVA [size] of Thread Storage Directory
1FB340 [ 40] RVA [size] of Load Configuration Directory
0 [ 0] RVA [size] of Bound Import Directory
1A7000 [ A60] RVA [size] of Import Address Table Directory
0 [ 0] RVA [size] of Delay Import Directory
0 [ 0] RVA [size] of COM Descriptor Directory
0 [ 0] RVA [size] of Reserved Directory
私が知りたいのは何がポイントが16進数でフローティングされていない全ての数であるということですか?私は彼らのすべてが16進数であるか、12月にいくつかあるとは確信していませんか? ありがとう