(1) Emulator Build (Win32 PE)

First, find the start address of section “.SYMBIAN” by typically using “dumpbin /section:.SYMBIAN <Excutable File>”.

The output looks like:

SECTION HEADER #6
.SYMBIAN name
30 virtual size
17000 virtual address (00417000 to 0041702F)
1000 size of raw data
17000 file pointer to raw data (00017000 to 00017FFF)
0 file pointer to relocation table
0 file pointer to line numbers
0 number of relocations
0 number of line numbers
C0000040 flags
Initialized Data
Read Write

According to the line containing “virtual address”, section “.SYMBIAN” starts at address 0×00017000.

Now, use any hex-editor to view the content at this address:

00017000h: 7A 00 00 10 00 00 00 00 B2 97 1F 10 5E 01 00 00
00017010h: B2 97 1F 10 57 B6 1F 10 B6 E1 0F 00 00 00 00 00

The first 3 dwords are UIDs: 0×1000007A stands for “Symbian EXE”, 0×101F97B2 is the unique UID of this file. (no UID2 for Symbian EXE, but this field is essential for DLL to indicate the framework, eg. 0×10009D8D for ECOM)

The capabilities field at offset 0×18h holds all the capabilities for this executive in the form of bitmask. Thus, 0×000FE1B6 is translated to the following capabilities: (see enumerator TCapability in Symbian SDK)

CommDD PowerMgmt ReadDeviceData WriteDeviceData TrustedUI ProtServ NetworkServices LocalServices ReadUserData WriteUserData Location SurroundingsDD UserEnvironment

(2) Target Build (Symbian PE)

3 UIDs located at the very beginning of the executive file, and the capabilities field is at fixed offset 0×88h. (same meaning as described for emulator build)