??4_Init_locks@std@@QAEAAV01@ABV01@@Z
Static task
static1
Behavioral task
behavioral1
Sample
fc24cca7abd1fb73261e1ec1b246aab28b32a5b03756f5b7377c715f7adc8dff.exe
Resource
win7-20220812-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
fc24cca7abd1fb73261e1ec1b246aab28b32a5b03756f5b7377c715f7adc8dff.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
fc24cca7abd1fb73261e1ec1b246aab28b32a5b03756f5b7377c715f7adc8dff
-
Size
442KB
-
MD5
34d6eee466540db5a041c34b2c413f40
-
SHA1
13bc50c376de99bec7cfe0dafb7f2180362b7200
-
SHA256
fc24cca7abd1fb73261e1ec1b246aab28b32a5b03756f5b7377c715f7adc8dff
-
SHA512
0458f578f391b59e51682a68100c93ca0619b64d7a7106b9bd4937606d073325f810bceffd78fd727e7b6f709d1ceb5fa4075891c23fef53223cc459ebc8faa2
-
SSDEEP
12288:O2112ZSTgddWN+ITQVMZOTPZbCsc7V4OH9Q:PSdMTQaOTPhCsc7V4O6
Score
N/A
Malware Config
Signatures
Files
-
fc24cca7abd1fb73261e1ec1b246aab28b32a5b03756f5b7377c715f7adc8dff.exe windows x86
f9ea6f1218042c0080bdecbfc19820ec
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
bdswnestcore
?GetLocalSoftList@CDataBase@swcoreex@@SAXAAV?$vector@U?$pair@V?$basic_suid@HH@@USSWSoftLocalItemEx@@@std@@V?$allocator@U?$pair@V?$basic_suid@HH@@USSWSoftLocalItemEx@@@std@@@2@@std@@@Z
?RunLocalScanTask@CDoTask@swcoreex@@SA_NW4tagScanType@@@Z
?CancelAllTaskThread@CDoTask@swcoreex@@SAXXZ
?RegisterCallback@CCallback@swcoreex@@SAXPAVINestCoreCallback@@@Z
?UnregisterCallback@CCallback@swcoreex@@SAXPAVINestCoreCallback@@@Z
?GetSoftDetailItem_pc@CDataBase@swcoreex@@SA?AU?$pair@V?$basic_suid@HH@@USSWSoftLocalItemEx@@@std@@ABV?$basic_suid@HH@@W4EDetailType@@@Z
?QueryGetSoftwareDetail@CNetwork@swcoreex@@SAXABV?$vector@V?$basic_suid@HH@@V?$allocator@V?$basic_suid@HH@@@std@@@std@@@Z
?DeleteNewestPackage@CDoTask@swcoreex@@SAXABV?$basic_suid@HH@@@Z
?DoInstalltask@CDoTask@swcoreex@@SA_NABV?$basic_suid@HH@@W4tagInstallTaskType@@@Z
?SetDownloadPath@CTools@swcoreex@@SAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?AyncShellExecute@CTools@swcoreex@@SAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?GetDownloadPath@CTools@swcoreex@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?GetLocalResource@CTools@swcoreex@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABUSUID_KIT@@W4tagResourceType@@ABV34@@Z
?GetSoftDetailItem_svr@CDataBase@swcoreex@@SA?AU?$pair@V?$basic_suid@HH@@USSWSoftSvrItemEx@@@std@@ABV?$basic_suid@HH@@W4EDetailType@@@Z
bdmskin
?GetObjectW@CBDMDelegateBase@ExpandInterface@BDMSkin@@IAEPAXXZ
??1CBDMBaseWnd@BDMSkin@@UAE@XZ
??BCStdString@Utils@BDMSkin@@QBEPB_WXZ
??BCBDMBaseWnd@BDMSkin@@QBEPAUHWND__@@XZ
??1CStdString@Utils@BDMSkin@@QAE@XZ
??0CRect@Utils@BDMSkin@@QAE@ABUtagRECT@@@Z
?Close@CBDMBaseWnd@BDMSkin@@QAEXXZ
?CenterWindow@CBDMBaseWnd@BDMSkin@@QAEXPAUHWND__@@@Z
?Selected@CBDMOptionUI@BDMSkin@@QAEXK@Z
?GetHWND@CBDMBaseWnd@BDMSkin@@QBEPAUHWND__@@XZ
?GetData@CStdString@Utils@BDMSkin@@QBEPB_WXZ
?FindSubControlByName@CBDMControlManger@BDMSkin@@QBEPAVIControlUI@ExpandInterface@2@PAV342@PB_W@Z
?BDMSkinMessageBox@BDMSkin@@YAHPAUHWND__@@PB_W1IK1@Z
?ShowModal@CBDMBaseWnd@BDMSkin@@QAE_NPAUtagRECT@@H@Z
?SetValue@CBDMProgressUI@BDMSkin@@QAEXH_N@Z
?BDMSkinMessageBoxSetResource@BDMSkin@@YAXPB_W00@Z
?GetHeight@CRect@Utils@BDMSkin@@QBEHXZ
??0CStdString@Utils@BDMSkin@@QAE@XZ
??0CBDMControlManger@BDMSkin@@QAE@XZ
??1CBDMDelegateBase@ExpandInterface@BDMSkin@@UAE@XZ
??YCBDMEventSource@ExpandInterface@BDMSkin@@QAEXAAVCBDMDelegateBase@12@@Z
??0CBDMDelegateBase@ExpandInterface@BDMSkin@@QAE@PAX0@Z
?OnFinalMessage@CBDMBaseWnd@BDMSkin@@MAEXPAUHWND__@@@Z
?GetAt@CStdPtrArray@Utils@BDMSkin@@QBEPAXH@Z
??4CStdString@Utils@BDMSkin@@QAEABV012@PB_W@Z
?Create@CBDMBaseWnd@BDMSkin@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
??_7INotifyUI@ExpandInterface@BDMSkin@@6B@
?GetClassStyle@CBDMBaseWnd@BDMSkin@@MBEIXZ
?GetSuperClassName@CBDMBaseWnd@BDMSkin@@MBEPB_WXZ
??1CStdPtrArray@Utils@BDMSkin@@QAE@XZ
?CreateMulti@CBDMDialogBuilder@BDMSkin@@QAE?AVCStdPtrArray@Utils@2@VSTRINGorID@42@PB_WPAVIDialogBuilderCallback@2@PAVIControlManger@ExpandInterface@2@PAVIControlUI@82@H@Z
??0CBDMDialogBuilder@BDMSkin@@QAE@XZ
??1CBDMDialogBuilder@BDMSkin@@QAE@XZ
??0CStdString@Utils@BDMSkin@@QAE@PB_W@Z
??8CStdString@Utils@BDMSkin@@QBE_NPB_W@Z
?Equals@CBDMDelegateBase@ExpandInterface@BDMSkin@@UBE_NABV123@@Z
?GetWidth@CRect@Utils@BDMSkin@@QBEHXZ
??0CRect@Utils@BDMSkin@@QAE@XZ
??1CBDMControlManger@BDMSkin@@QAE@XZ
?ShowWindow@CBDMBaseWnd@BDMSkin@@QAEX_N0@Z
??0CStdString@Utils@BDMSkin@@QAE@ABV012@@Z
??4CStdString@Utils@BDMSkin@@QAEABV012@ABV012@@Z
?SetUpdateNeeded@CPaintMessageHandler@BDMSkin@@QAEX_N@Z
??0CBDMDelegateBase@ExpandInterface@BDMSkin@@QAE@ABV012@@Z
?Create@CBDMDialogBuilder@BDMSkin@@QAEPAVIControlUI@ExpandInterface@2@VSTRINGorID@Utils@2@PB_WPAVIDialogBuilderCallback@2@PAVIControlManger@42@PAV342@@Z
?AttachDialog@CBDMControlManger@BDMSkin@@QAE_NPAVIControlUI@ExpandInterface@2@@Z
?AddNotifier@CBDMControlManger@BDMSkin@@QAE_NPAVINotifyUI@ExpandInterface@2@@Z
?Offset@CRect@Utils@BDMSkin@@QAEXHH@Z
??0CBDMBaseWnd@BDMSkin@@QAE@XZ
?SendMessageW@CBDMBaseWnd@BDMSkin@@IAEJIIJ@Z
?SetResourceZip@IResourceManager@ExpandInterface@BDMSkin@@SAXPB_W@Z
?BDMLangGetLangMgr@BDMSkin@@YAPAVIBDMLangMgr@1@XZ
?BDMSkinLibInit@BDMSkin@@YAHPB_W00@Z
?BDMSkinLibSetPrivateResDir@BDMSkin@@YAXPAVIResourceManager@ExpandInterface@1@PB_W1@Z
?BDMSkinCheckHasFile@BDMSkin@@YA_NPAVIResourceManager@ExpandInterface@1@PB_W@Z
?BDMSkinMessageBoxSetBtnText@BDMSkin@@YAXPB_W00@Z
?HandleMessage@CBDMBaseWnd@BDMSkin@@MAEJIIJ@Z
?IsEmpty@CStdString@Utils@BDMSkin@@QBE_NXZ
?BDMSkinInsertFileToRes@BDMSkin@@YA_NPB_W0_N@Z
shlwapi
StrFromTimeIntervalW
StrFormatByteSizeW
PathAddBackslashW
PathFileExistsW
PathAppendW
StrFormatKBSizeW
PathUnquoteSpacesW
PathRemoveBackslashW
AssocQueryStringW
PathCanonicalizeW
PathRemoveFileSpecW
PathQuoteSpacesW
PathIsDirectoryW
wnsprintfW
bdmframework
?Enter@CCriticalSection@utils@@QAEXXZ
??1CCriticalSection@utils@@QAE@XZ
??0CCriticalSection@utils@@QAE@XZ
?Leave@CCriticalSection@utils@@QAEXXZ
bdlogicutils
?BDLogicUtilsLibrary_Init@BDLogicUtils@@YAHXZ
?GetBDCrashCatcher@BDLogicUtils@@YAPAVIBDCrashCatcher@1@XZ
?GetBDMReportMgr@BDLogicUtils@@YAPAVIBDMReportMgr@1@XZ
?BDLogicUtilsLibrary_Unit@BDLogicUtils@@YAHXZ
kernel32
LockResource
SizeofResource
FindResourceW
LocalFree
FindResourceExW
CreateMutexW
GetProcessTimes
SetDllDirectoryW
GetCommandLineW
GetSystemTimeAsFileTime
ExitProcess
InterlockedIncrement
InterlockedDecrement
WTSGetActiveConsoleSessionId
GetCurrentProcessId
GetFileSize
WriteFile
GetFileSizeEx
CreateFileMappingW
MapViewOfFile
ExpandEnvironmentStringsW
UnmapViewOfFile
MoveFileW
GetBinaryTypeW
MoveFileExW
IsBadReadPtr
GetSystemWow64DirectoryW
GetSystemWindowsDirectoryW
DeleteFileW
DebugBreak
GetWindowsDirectoryW
InterlockedExchange
EnterCriticalSection
OpenEventW
OpenFileMappingW
DeleteCriticalSection
GetModuleHandleExW
SetLastError
GetCurrentThreadId
OutputDebugStringA
GetLocalTime
InterlockedCompareExchange
InitializeCriticalSection
GetModuleFileNameA
LeaveCriticalSection
SetEnvironmentVariableW
GetEnvironmentVariableW
TlsSetValue
TlsGetValue
TlsFree
HeapAlloc
QueryPerformanceCounter
HeapFree
QueryPerformanceFrequency
GetProcessHeap
ReleaseMutex
TlsAlloc
OutputDebugStringW
LoadResource
WriteFileEx
SetFilePointer
SystemTimeToTzSpecificLocalTime
GetCurrencyFormatW
SystemTimeToFileTime
GetTimeFormatW
GetLocaleInfoW
GetDateFormatW
GetNumberFormatW
FileTimeToLocalFileTime
GetLocaleInfoA
GetFileAttributesW
lstrcmpiW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetThreadLocale
GetACP
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
RaiseException
ResetEvent
WaitNamedPipeW
ProcessIdToSessionId
lstrlenW
ResumeThread
SuspendThread
TerminateThread
GetExitCodeThread
Sleep
GetSystemDirectoryW
GetVersionExW
CreateDirectoryW
FreeLibrary
FindClose
FindFirstFileW
LoadLibraryW
GetProcAddress
WaitForSingleObject
SetEvent
OpenMutexW
FileTimeToSystemTime
GetModuleHandleW
WideCharToMultiByte
WaitForMultipleObjects
GetTickCount
CreateEventW
MultiByteToWideChar
SetProcessWorkingSetSize
GetCurrentProcess
CreateProcessW
GetModuleFileNameW
CloseHandle
GetLastError
DeviceIoControl
GetDriveTypeW
CreateFileW
GetDiskFreeSpaceExW
GetCurrentDirectoryW
SetErrorMode
LocalAlloc
ReadFile
user32
SetForegroundWindow
BringWindowToTop
SetWindowRgn
GetClientRect
ScreenToClient
PostQuitMessage
SetWindowLongW
GetWindowLongW
SetFocus
FindWindowA
SendMessageTimeoutW
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
GetLastActivePopup
ShowWindow
IsIconic
IsZoomed
FindWindowW
IsWindow
ClientToScreen
PostMessageW
EnableWindow
FindWindowExW
SendMessageW
InvalidateRect
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
DestroyWindow
UpdateWindow
SetWindowPos
UnregisterClassA
DestroyIcon
GetForegroundWindow
gdi32
CreateRoundRectRgn
DeleteObject
advapi32
GetExplicitEntriesFromAclW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyW
RegNotifyChangeKeyValue
FreeSid
AllocateAndInitializeSid
CheckTokenMembership
GetNamedSecurityInfoW
shell32
ShellExecuteW
SHCreateDirectoryExW
CommandLineToArgvW
SHChangeNotify
SHGetFolderPathW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ole32
CoTaskMemAlloc
StgIsStorageFile
CoUninitialize
CoCreateInstance
CoTaskMemFree
StgOpenStorage
StgCreateDocfile
CoInitialize
msvcp80
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
msvcr80
__p__commode
_CxxThrowException
memcpy
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
_except_handler4_common
__set_app_type
??3@YAXPAX@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
swprintf_s
_itow
??2@YAPAXI@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
__RTDynamicCast
wcscat_s
_waccess_s
wcscpy_s
towlower
_wtoi
_waccess
??_V@YAXPAX@Z
_purecall
memmove_s
_stricmp
tolower
free
realloc
malloc
wcsncpy_s
_wsplitpath
_snwprintf
wcsncat
_beginthreadex
_endthreadex
_wcsicmp
memcpy_s
wcschr
setlocale
wcsstr
_time64
_vsnprintf_s
fprintf
sscanf_s
strncmp
isspace
strchr
isalnum
isalpha
memmove
wcsncat_s
wcsncmp
_snprintf_s
_wcsnicmp
strncpy_s
_fsopen
printf_s
fwrite
fflush
wcsrchr
_vsnwprintf_s
vswprintf_s
_memicmp
_vscwprintf
strrchr
swscanf_s
_itow_s
wcstol
putwchar
putchar
_wtol
_vswprintf_c_l
memset
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
__CxxFrameHandler3
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
_except_handler3
__p__fmode
wininet
InternetGetConnectedState
ws2_32
connect
htons
gethostbyname
WSAGetLastError
WSACreateEvent
socket
WSAStartup
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSACloseEvent
closesocket
WSACleanup
WSAEventSelect
imagehlp
UnMapAndLoad
MapAndLoad
Exports
Exports
Sections
.text Size: 252KB - Virtual size: 249KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 96KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 12KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE