| ofs | hex dump | ascii |
|---|
| 0000 | 4c 01 02 00 38 98 49 52 6c 02 00 00 0a 00 00 00 00 00 00 01 2e 65 64 61 74 61 00 00 00 00 00 00 | L...8.IRl............edata...... |
| 0020 | 00 00 00 00 5b 00 00 00 64 00 00 00 c0 00 00 00 00 00 00 00 08 00 00 00 40 00 00 40 2e 64 65 62 | ....[...d...............@..@.deb |
| 0040 | 75 67 24 53 00 00 00 00 00 00 00 00 5c 01 00 00 10 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 | ug$S........\................... |
| 0060 | 40 00 10 42 00 00 00 00 38 98 49 52 00 00 00 00 00 00 00 00 01 00 00 00 02 00 00 00 02 00 00 00 | @..B....8.IR.................... |
| 0080 | 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 | ................................ |
| 00a0 | 6b 65 6c 6c 6f 77 6f 72 6c 64 2e 64 6c 6c 00 68 65 6c 6c 6f 77 6f 72 6c 64 00 70 69 6e 67 00 00 | kelloworld.dll.helloworld.ping.. |
| 00c0 | 0c 00 00 00 02 00 00 00 07 00 1c 00 00 00 03 00 00 00 07 00 20 00 00 00 04 00 00 00 07 00 24 00 | ..............................$. |
| 00e0 | 00 00 05 00 00 00 07 00 28 00 00 00 08 00 00 00 07 00 30 00 00 00 06 00 00 00 07 00 2c 00 00 00 | ........(.........0.........,... |
| 0100 | 09 00 00 00 07 00 34 00 00 00 07 00 00 00 07 00 04 00 00 00 f1 00 00 00 50 01 00 00 59 00 01 11 | ......4.................P...Y... |
| 0120 | 00 00 00 00 43 3a 5c 47 69 74 68 75 62 5c 50 6f 77 65 72 53 68 65 6c 6c 45 78 70 65 72 69 6d 65 | ....C:\Github\PowerShellExperime |
| 0140 | 6e 74 61 6c 5c 49 6e 76 6f 6b 65 2d 4d 69 6d 69 6b 61 74 7a 5c 6d 69 6d 69 6b 61 74 7a 2d 31 2e | ntal\Invoke-Mimikatz\mimikatz-1. |
| 0160 | 30 5c 57 69 6e 33 32 5c 6b 65 6c 6c 6f 77 6f 72 6c 64 2e 65 78 70 00 2b 00 3c 11 07 00 00 00 03 | 0\Win32\kelloworld.exp.+.<...... |
| 0180 | 00 00 00 00 00 00 00 00 00 0a 00 00 00 6f 76 01 00 4d 69 63 72 6f 73 6f 66 74 20 28 52 29 20 4c | .............ov..Microsoft.(R).L |
| 01a0 | 49 4e 4b 00 a4 00 3d 11 00 63 77 64 00 43 3a 5c 47 69 74 68 75 62 5c 50 6f 77 65 72 53 68 65 6c | INK...=..cwd.C:\Github\PowerShel |
| 01c0 | 6c 45 78 70 65 72 69 6d 65 6e 74 61 6c 5c 49 6e 76 6f 6b 65 2d 4d 69 6d 69 6b 61 74 7a 5c 6d 69 | lExperimental\Invoke-Mimikatz\mi |
| 01e0 | 6d 69 6b 61 74 7a 2d 31 2e 30 5c 6c 69 62 72 61 69 72 69 65 73 5c 6b 65 6c 6c 6f 77 6f 72 6c 64 | mikatz-1.0\librairies\kelloworld |
| 0200 | 00 65 78 65 00 43 3a 5c 50 72 6f 67 72 61 6d 20 46 69 6c 65 73 20 28 78 38 36 29 5c 4d 69 63 72 | .exe.C:\Program.Files.(x86)\Micr |
| 0220 | 6f 73 6f 66 74 20 56 69 73 75 61 6c 20 53 74 75 64 69 6f 20 31 30 2e 30 5c 56 43 5c 62 69 6e 5c | osoft.Visual.Studio.10.0\VC\bin\ |
| 0240 | 6c 69 6e 6b 2e 65 78 65 00 00 12 00 38 11 01 00 00 00 5f 68 65 6c 6c 6f 77 6f 72 6c 64 00 0c 00 | link.exe....8....._helloworld... |
| 0260 | 38 11 02 00 00 00 5f 70 69 6e 67 00 40 63 6f 6d 70 2e 69 64 6f 76 9b 00 ff ff 00 00 03 00 2e 65 | 8....._ping.@comp.idov.........e |
| 0280 | 64 61 74 61 00 00 00 00 00 00 01 00 00 00 03 00 73 7a 4e 61 6d 65 00 00 3c 00 00 00 01 00 00 00 | data............szName..<....... |
| 02a0 | 03 00 72 67 70 76 00 00 00 00 28 00 00 00 01 00 00 00 03 00 72 67 73 7a 4e 61 6d 65 30 00 00 00 | ..rgpv....(.........rgszName0... |
| 02c0 | 01 00 00 00 03 00 72 67 77 4f 72 64 00 00 38 00 00 00 01 00 00 00 03 00 24 4e 30 30 30 30 31 00 | ......rgwOrd..8.........$N00001. |
| 02e0 | 4b 00 00 00 01 00 00 00 03 00 24 4e 30 30 30 30 32 00 56 00 00 00 01 00 00 00 03 00 00 00 00 00 | K.........$N00002.V............. |
| 0300 | 04 00 00 00 00 00 00 00 00 00 00 00 02 00 5f 70 69 6e 67 00 00 00 00 00 00 00 00 00 00 00 02 00 | .............._ping............. |
| 0320 | 10 00 00 00 5f 68 65 6c 6c 6f 77 6f 72 6c 64 00 | ...._helloworld. |