5fdff50211a7c561e2328ff28bd8ea0dc08f8ad25f57d7adb1214dadce74ffcd

Sharing

Copy URL Twitter E-mail

General

Target

5fdff50211a7c561e2328ff28bd8ea0dc08f8ad25f57d7adb1214dadce74ffcd
Size

645KB
MD5

6593980f727381f0cccd285a16e41600
SHA1

87fbfaed71c4cbafaa756972e75ef8443d5dccb5
SHA256

5fdff50211a7c561e2328ff28bd8ea0dc08f8ad25f57d7adb1214dadce74ffcd
SHA512

97645bf2a85c1c24664d16db74a374dc387f09adddc5225da1e53d56a910122fea1c92f52a55fab609dd113f24ab665795bd9f57bee5d29fd1ee5c178c81faaa
SSDEEP

6144:4aA/ODLliO9LAgLJ1xgcYrv0b9SWkj5zEUcGFP8Q1o4ljtQirkH2jbEABzMaSkMb:imMUi7/zEUjhkS2cnwvUwPz8OM

Score

N/A

Malware Config

Signatures

Files

5fdff50211a7c561e2328ff28bd8ea0dc08f8ad25f57d7adb1214dadce74ffcd
.exe windows x86

9b34b5126ed22e05c6572e0211ea8138

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f9:0d:77:48:e3:75:2b:71:67:9d:d0:a8:95:ff:29:44
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/04/2015, 00:00

Not After

01/04/2016, 23:59

Subject

CN=TELEKOM-ASSIST,O=TELEKOM-ASSIST,POSTALCODE=125009,STREET=Khlynovski tupik\, 3/4,L=Moscow,ST=Moscow region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f6:95:24:7e:55:6e:a3:05:7d:6d:1a:32:f5:4e:ff:f6:82:01:1a:03
Signer

Actual PE Digest

f6:95:24:7e:55:6e:a3:05:7d:6d:1a:32:f5:4e:ff:f6:82:01:1a:03

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=TELEKOM-ASSIST,O=TELEKOM-ASSIST,POSTALCODE=125009,STREET=Khlynovski tupik\, 3/4,L=Moscow,ST=Moscow region,C=RU

29/09/2022, 18:51
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

SetWindowTextA
GetUpdateRect
EndDialog
SetInternalWindowPos
HideCaret
GetSysColorBrush
GetKeyboardType
BroadcastSystemMessageW
GetDialogBaseUnits
OpenDesktopW
GetGUIThreadInfo
CharPrevW
MessageBeep
EnableScrollBar
LoadIconW
SetMenuContextHelpId
FillRect
TrackPopupMenu
DefFrameProcW
SetDlgItemTextW
DrawTextExA
GetMonitorInfoW
DefDlgProcA
DialogBoxIndirectParamW
GetKeyboardLayoutNameA
SendMessageCallbackW
ShowScrollBar
ChildWindowFromPoint
GetMenuItemCount
SubtractRect
MapVirtualKeyExW
GetWindowTextLengthA
GetGuiResources
SetLastErrorEx
SetThreadDesktop
UnregisterClassA
IsMenu
CharToOemBuffW
CharUpperBuffA
GetClassNameA
GetSubMenu
GetScrollRange
LoadImageW
ToUnicodeEx
MapVirtualKeyExA
RegisterDeviceNotificationW
GetCursorPos
DrawTextA
SetProcessWindowStation
ValidateRgn
SetWindowPlacement
GetWindowRgn
SendNotifyMessageA
IntersectRect
EnumPropsW
InsertMenuItemA
SetClassLongA
LoadImageA
GetNextDlgTabItem
ScrollWindowEx
MenuWindowProcA
SetUserObjectInformationA
CreateDialogIndirectParamA
IsCharUpperW
SetCapture
GetTabbedTextExtentA
OpenInputDesktop
TranslateAcceleratorA
ShowStartGlass
CharNextA
GetDC
GetSystemMenu
SetClipboardViewer
SetClassWord
SetMenuInfo
RealGetWindowClassA
CharNextExA
GetWindowInfo
IsChild
WaitForInputIdle
GetIconInfo
SetMenuDefaultItem
PrivateExtractIconsW
CharToOemBuffA
LoadMenuA
MenuItemFromPoint
DrawFrameControl
MessageBoxA
SetWindowContextHelpId
GetParent
PrivateExtractIconsA
EndTask
CharNextW
SetClipboardData
SetScrollInfo
LoadBitmapW
GetDCEx
IsCharAlphaNumericW
SetRectEmpty
GetDlgItem
ToAscii
GetCaretPos
ModifyMenuA
GetKeyboardLayoutNameW
wvsprintfW
DlgDirSelectExA
RegisterWindowMessageW
LoadKeyboardLayoutA
OffsetRect
GetKeyNameTextW
GetMenuContextHelpId
LoadMenuW
TrackMouseEvent
PostMessageA
GetWindowThreadProcessId
RealGetWindowClassW
DrawStateA
AppendMenuW
GrayStringW
GetNextDlgGroupItem
EndPaint
GetAncestor
RemoveMenu
GetPropA
CloseWindowStation
GetLastInputInfo
LoadCursorFromFileA
GetUserObjectInformationA
ToAsciiEx
SendNotifyMessageW
SendMessageA
DestroyAcceleratorTable
MapVirtualKeyA
AttachThreadInput
PostThreadMessageA
SetDlgItemTextA
CopyAcceleratorTableW
DragDetect
GetMenuItemInfoA
EnumWindowStationsW
DestroyCaret
IsRectEmpty
PrintWindow
CharPrevExA
GetKeyboardState
RegisterClassA
IsCharAlphaW
SystemParametersInfoW
CharUpperA
InflateRect
GetSystemMetrics
GetClipboardData
GetDlgItemTextW
PtInRect
GetTitleBarInfo
DestroyIcon
CheckRadioButton
SetSysColors
GetMenuItemID
EnumDisplayMonitors
ShowWindowAsync
SetSystemMenu
CreateAcceleratorTableA
SetPropW
SetMenu
BroadcastSystemMessageA
CloseDesktop
OemKeyScan
CharUpperW
SendDlgItemMessageA
GetClipboardViewer
GrayStringA
GetWindowTextLengthW
OemToCharBuffA
GetMessagePos
ClipCursor
GetForegroundWindow
RealChildWindowFromPoint
CheckDlgButton
SetWindowsHookExA
DefWindowProcW
TabbedTextOutA
MenuWindowProcW
CallMsgFilterW
EnumPropsExA
RegisterClassExW
DialogBoxParamA
TabbedTextOutW
GetInputState
PostMessageW
GetWindow
GetComboBoxInfo
CreateDialogParamW
SetWindowsHookW
GetMenuItemRect
GetMenuStringA
CharLowerW
LoadCursorA
DrawAnimatedRects
FlashWindow
GetWindowDC
EnableWindow
MessageBoxW
CreateMDIWindowA
CloseWindow
GetWindowPlacement
GetClipboardFormatNameA
SetLayeredWindowAttributes
EnumDesktopsW
ScreenToClient
GetAltTabInfoA
GetClassLongA
LockWindowUpdate
IsWindowVisible
GetProcessWindowStation
WaitMessage
FrameRect
ValidateRect
SendMessageW
EnumThreadWindows
DlgDirListA
WinHelpA
GetAltTabInfoW
UnionRect
OpenIcon
RemovePropW
LockWorkStation
GetScrollInfo
UpdateLayeredWindow
PrivateExtractIconExA
DrawEdge
SetForegroundWindow
SetWindowWord
GetWindowLongW
ReleaseCapture
WindowFromPoint
IsWindowUnicode
GetClipboardOwner
AdjustWindowRect
GetCursorInfo
OemToCharBuffW
SetSystemCursor
SendDlgItemMessageW
LoadKeyboardLayoutEx
RegisterWindowMessageA
SetScrollPos
IsCharLowerA
EnumPropsExW
InvalidateRgn
EmptyClipboard
SetCursor
GetWindowTextA
SetMessageExtraInfo
ShowWindow
SendInput
UnregisterDeviceNotification
ActivateKeyboardLayout
AnimateWindow
CascadeWindows
GetMenuState
GetInputDesktop
IsIconic
DrawMenuBar
GetClassInfoA
ChangeMenuA
GetMouseMovePointsEx
MessageBoxIndirectW
CallNextHookEx
TileChildWindows
GetMenuBarInfo
OemToCharW
FlashWindowEx
SetDebugErrorLevel
GetMenuStringW
UnloadKeyboardLayout
MapWindowPoints
RegisterClassExA
CopyIcon
InsertMenuA
DrawTextW
GetClassInfoW
DrawFrame
IsDialogMessage
ModifyMenuW
GetMenu
DestroyWindow
ShowOwnedPopups
LoadIconA
MessageBoxExA
DlgDirSelectExW
GetWindowWord
MessageBoxTimeoutA
RegisterHotKey
MapDialogRect
LoadAcceleratorsA
FindWindowA
EnumDisplaySettingsW
GetMenuDefaultItem
CreateIconFromResourceEx
wvsprintfA
TileWindows
OpenWindowStationW
CloseClipboard
SetCursorPos
OemToCharA
GetClassWord
BeginPaint
ScrollWindow
CallWindowProcW
EnableMenuItem
MonitorFromWindow
DialogBoxIndirectParamA

kernel32

WaitNamedPipeA
GetStartupInfoA
SetTimeZoneInformation
CancelTimerQueueTimer
GetAtomNameW
GetCommandLineW
FindVolumeMountPointClose
OpenEventW
EnumLanguageGroupLocalesW
GetConsoleAliasesW
MoveFileExA
CallNamedPipeW
GetMailslotInfo
DebugBreak
EnumCalendarInfoW
SetCommState
GetSystemInfo
OpenJobObjectW
LocalFree
FindAtomA
GetConsoleCharType
GlobalFindAtomA
RegisterWowExec
GetCurrentDirectoryW
LZCreateFileW
IsValidLocale
lstrcmpW
IsBadReadPtr
QueueUserWorkItem
SetCommTimeouts
GlobalFree
VirtualLock
AddConsoleAliasA
ReadConsoleOutputAttribute
GetProfileSectionA
LZCopy
GetLocaleInfoW
GetTapeStatus
GetStringTypeW
IsBadHugeWritePtr
GetCommState
EnumResourceNamesW
lstrcmpiW
DnsHostnameToComputerNameW
GlobalAlloc
CancelDeviceWakeupRequest
PulseEvent
GetPrivateProfileIntW
GetExpandedNameA
CreateTimerQueueTimer
SetCurrentDirectoryA
GetVolumeNameForVolumeMountPointW
Heap32First
SystemTimeToTzSpecificLocalTime
ReadConsoleInputW
GetConsoleCursorInfo
HeapCompact
AllocConsole
GetProfileStringW
HeapUnlock
FindActCtxSectionStringW
GetPrivateProfileStringA
UpdateResourceW
GetDiskFreeSpaceExA
GetModuleFileNameA
GetSystemDefaultUILanguage
GetPrivateProfileSectionW
RtlCaptureContext
EnumDateFormatsExW
GetVolumePathNamesForVolumeNameA
CreateThread
TlsGetValue
SetFileAttributesA
GetCurrentDirectoryA
GetEnvironmentStrings
FindResourceW
SetEndOfFile
SetCommConfig
EnumLanguageGroupLocalesA
WaitNamedPipeW
GenerateConsoleCtrlEvent
FindNextVolumeMountPointW
EnumResourceLanguagesA
SetDefaultCommConfigW
OpenSemaphoreA
BackupRead
SetComPlusPackageInstallStatus
InterlockedDecrement
FindFirstFileExA
FatalExit
FindFirstVolumeMountPointW
TryEnterCriticalSection
GetConsoleDisplayMode
GetTapeParameters
CreateJobObjectA
SetFilePointerEx
lstrcpyA
SetFileShortNameW
ConsoleMenuControl
lstrcpyn
EnumSystemLanguageGroupsW
InterlockedCompareExchange
QueryDosDeviceA
CreateConsoleScreenBuffer
lstrlen
MoveFileExW
ConvertDefaultLocale
MapViewOfFile
OpenFileMappingA
DefineDosDeviceW
FindFirstVolumeA
GetProcessAffinityMask
FindActCtxSectionGuid
GetProcessHeap
WriteTapemark
GetUserDefaultLangID
lstrcmpiA
SetThreadLocale
SetLastConsoleEventActive
EnumResourceLanguagesW
EnumUILanguagesA
SetCurrentDirectoryW
VirtualQueryEx
SetVolumeLabelW
PeekNamedPipe
GetPrivateProfileStructW
HeapValidate
WriteProfileSectionW
LocalFileTimeToFileTime
GetVolumePathNameA
lstrcpyW
ResetWriteWatch
ReadConsoleOutputW
FindNextVolumeA
HeapQueryInformation
ProcessIdToSessionId
FileTimeToSystemTime
GetComputerNameExW
WriteConsoleOutputAttribute
ReadDirectoryChangesW
RtlMoveMemory
GetLastError
VirtualQuery
ReadConsoleInputA
ExpandEnvironmentStringsW
VirtualQuery
LoadLibraryA
TlsAlloc
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Exports

Exports

w?�Eƾ��%�]x#��4_q��r�:-Zl��O��pmCb`�˔�cy��f��_R&`��l�x��bx�h�Q��AB�N��7�Y��8E��V�P'o��T�a�n5O�X=�Ee��(��܏_5J�G͙|�H� -��9@37��5�Nu,�O�uRX�󪷰4��m��[�g�Z��E�Q��C�v�j�Btk��P�$�[]��:��h.O�aa�;R܊��}�Tg�Ajbr��V�_}\|�5-Êȏ�m��@]L��BŔ��&�r�d��2��k�3��.�).��d��p��L:��'�s&i��Ϊz��s�;�hoC��W�_awT/-�(�H��?.��F�r�@�1�6�qAwY��T�~�B�z�Jx�%�� .��l��k��i Y�lHM}�>{Z�Aϛ��y�0��-��aǆ�^�I�D�;*E��E��9�Ҫ�s0�f{In4�^6��m�LF��0\H�z�|3K^ܳ7VB�J�+T#��s� ͬ�ڦݬ-@�K�c㡋�D*~��w��-B�Z�0��/��)�Q�4��朷��lH,� ��"��`�sk:��ʏ$�芓o,�C|��<qu9�G��=�i��9�G��nw�t��0&=��$d>�!�u��ev��ʱ�}��|�~�_�e��n8�� |�)�g|� _��v��Y�* Ե��:��|�<�W�{�R5ϓ��?칑[��d��2s�= ��όW�<`�*Hhl(F6�t �ʠ�o�D�lë��-�Y��l Ǟc�V�M��9�6V|m5p)y.��*�o�)[RL��Kn��PAU�ѓr�h�S/��X��p��Z��H��6��]�}Ѱ@��>h��9s�&��e��~�]&�<R$a�kS&i��r�p��j=��N��Z�v��T�'#4��, ��(F�G��I�,cSc��܅��HFG6B��Lꓗ ��Wfǵk��+Mk�a��Uſ��7�\�H�]��v��U:��<b��lH-��o)��G��*�}(>��&��zvP�Υ��ހ6}\t��R_��w��|��+�h��K꾧O��-��^>~��@��k��M�-��R)[H��D��c5!k�gZ��5*қⶍ��~jp2,ll{RXR�Ε[�Bor;��Qž�<��t�6_��ϲ��2t��5{}�'�� g<�@� �NW�!��y�=q$c��?$��G�B�,fq�w&�ޕ��EI2P��1?r@��d'�*��|��+�1MC��6��4�� kvb'�+��ڌ�E��d�N�"8��ȈU4�n�<Ǌ6��tT��%�4��XF6�,AΜ��w:��ƈe[��}��C��7��0�%x�#�J��wܢ��<�g|��q�bh�i��r�mE#�1�#ݽ�G��qa� �gu�F�Z�݀�/��J�R��ȿ��Tjxe�J"�b"(��4��i~d��/E}z��3��hi;�"0<��{��ܶ��=��n�E��ޤ�*�幸ŀ]?3�Km��!�~Ø��r23p�jp[�Ij��FR��Q���%X��m/4��yp/�hW�v@=s԰��b��oq-�GYH��n��Gú<��M�T��&IHPk�<70@o�Uu��Y��Y��s<b?�T'��iN��=2��OD��?) S�1��3��L��m�p��'�%n�量��s�*��W"��I�Ƨ=�$ �O-Қ�گrG�u�ޝ��t5��jP��x��0ʃ��o�� llCCt�p�i]Os�9��"�fO�ǊXp�֖�I��v�'GD��l��s6��2�rg��h4��T��n��f��݅k]2�nL^�e1��!"��T�gj� 5��ő�ߒ�f�Gs.�9n��#ƮJ��=�{�G��=mq�z�pC��.��l"X�r�K��֩Q��eM�BƋ�x��C��&l ��##��[��Y ��ąD��t��5�-+��ӭ�/><A��$ڻ,�O��@��c߼N �ݔ��h�8�1�J4�[�LV�Z�j�s��7��L�]]B��1\�=�&�{��]F�@��U��Fn��:��X�ó69FFA�H[l6F'�0!��l5�cD~D��7a��QE��yP��R� i±,q�c|�J1�$�1�(�*�7M��)��jW��i�=�@��F+oJn�� $:�(�G��[��Ķ��G��C�^%B�� ǹ�t߳��g��|2�O�Qi�o�U�=��^c�p��x�1F{Ź��p�!ql��Y��I��[��?G�ߦ`.��}q�< !��ZL��1��]�c��B #/�r��$4��*e�)+g��N`(;?O�Ww��{��p�*�j0eBH��lIy1L��T!�l*�|��uBՙ�虁j�l�� g�]<��2��5�v�uJ��4$]X� RQ��1H��[��iD��b]�V+�h��q?yY�1"��=Ƥir�3��I�w)�@�+��A(دN[vs��!3�t�荁t��ۜj�es}��d��O�C$|��`��ǬU�+�C��<��Pw1��p0eHߎWk�4��0��ϵ��Ee�Cs�z-��*�E�=wj�ԑc�1á��~�}vF��:L��>��C��O�zYX�{o9��|�Տ��J��~�`��āH}+S/bPGs��Ӳ��x�xX�ՌɈ��;��/`/>F� ^q�ސ�:e��y�peJ6�5+�½j��/؏1]Yɍq��X��qM��Ǡ�s�ބĹ'�X�iy�S

Sections

CODE
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 955B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 15KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b34b5126ed22e05c6572e0211ea8138

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

01Certificate

Key Usages

f9:0d:77:48:e3:75:2b:71:67:9d:d0:a8:95:ff:29:44Certificate

Extended Key Usages

Key Usages

f6:95:24:7e:55:6e:a3:05:7d:6d:1a:32:f5:4e:ff:f6:82:01:1a:03Signer

Signature Validations

Verification

29/09/2022, 18:51 Valid: false

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

CODE Size: 452KB - Virtual size: 451KB

DATA Size: 25KB - Virtual size: 24KB

BSS Size: - Virtual size: 955B

.idata Size: 20KB - Virtual size: 20KB

.text0 Size: 15KB - Virtual size: 13KB

.tls Size: 512B - Virtual size: 24B

.text1 Size: 63KB - Virtual size: 62KB

.reloc Size: 9KB - Virtual size: 8KB

.rsrc Size: 53KB - Virtual size: 53KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

01
Certificate

f9:0d:77:48:e3:75:2b:71:67:9d:d0:a8:95:ff:29:44
Certificate

f6:95:24:7e:55:6e:a3:05:7d:6d:1a:32:f5:4e:ff:f6:82:01:1a:03
Signer

29/09/2022, 18:51
Valid: false

CODE
Size: 452KB - Virtual size: 451KB

DATA
Size: 25KB - Virtual size: 24KB

BSS
Size: - Virtual size: 955B

.idata
Size: 20KB - Virtual size: 20KB

.text0
Size: 15KB - Virtual size: 13KB

.tls
Size: 512B - Virtual size: 24B

.text1
Size: 63KB - Virtual size: 62KB

.reloc
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 53KB - Virtual size: 53KB