Static task
static1
Behavioral task
behavioral1
Sample
e0cad01824ac9c1eb30c0bb94e4a2c4f910e3262820b889c3e2872d07fe7d6f9.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
e0cad01824ac9c1eb30c0bb94e4a2c4f910e3262820b889c3e2872d07fe7d6f9.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
e0cad01824ac9c1eb30c0bb94e4a2c4f910e3262820b889c3e2872d07fe7d6f9
-
Size
947KB
-
MD5
a36becfb11dcae9500ca6b901173a900
-
SHA1
3d28b545ea9304b19d6a7e9702f9a818f675c6f9
-
SHA256
e0cad01824ac9c1eb30c0bb94e4a2c4f910e3262820b889c3e2872d07fe7d6f9
-
SHA512
47973f54a48a7b0efe38ee9d63d52844e0274ee19284f72a335d10d2d302ed5b2df9af826bd32238c1f5cbd7b3048b6311358d639cc182ac2d8ccbfcc52e1d4c
-
SSDEEP
24576:VTPAIfzc/1EGtimhIiHEcKkGCsGfCpf3X8gMNV4t24JHmc:VTdF3eNVmHx
Malware Config
Signatures
Files
-
e0cad01824ac9c1eb30c0bb94e4a2c4f910e3262820b889c3e2872d07fe7d6f9.exe windows x86
701ef5a403eab14a90b1288c9fb1adc9
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
TraceMessage
EqualSid
RegCloseKey
RegOpenCurrentUser
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegGetValueW
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
LookupAccountSidW
CreateWellKnownSid
LookupAccountNameW
ConvertSidToStringSidW
CopySid
GetLengthSid
ConvertStringSidToSidW
AllocateAndInitializeSid
FreeSid
LogonUserW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
CheckTokenMembership
CloseServiceHandle
OpenSCManagerW
OpenServiceW
ChangeServiceConfigW
ControlService
QueryServiceStatus
IsValidSid
IsWellKnownSid
EventWrite
kernel32
MulDiv
lstrcmpW
LoadLibraryW
SetDllDirectoryW
SystemTimeToFileTime
CompareStringW
WideCharToMultiByte
GetThreadUILanguage
GlobalFree
GlobalUnlock
GlobalHandle
MultiByteToWideChar
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
FormatMessageW
CreateFileW
GetTempPathW
GetComputerNameW
GetLocaleInfoW
CreateThread
SetThreadPriority
GlobalLock
GlobalAlloc
GetProcAddress
GetModuleHandleW
FreeLibrary
GetSystemTimeAsFileTime
FlushInstructionCache
TlsSetValue
TlsGetValue
GetTickCount
InterlockedIncrement
InterlockedDecrement
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
GetCurrentThreadId
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
EnterCriticalSection
LeaveCriticalSection
GetLastError
LocalFree
GetCurrentProcessId
ProcessIdToSessionId
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
WaitForSingleObject
Sleep
InterlockedExchange
GetCurrentProcess
DeleteCriticalSection
CloseHandle
GetProcessId
OpenProcess
GetModuleFileNameW
CompareFileTime
RaiseException
SetLastError
HeapSetInformation
InitializeCriticalSection
HeapDestroy
lstrlenA
lstrlenW
GetFileAttributesW
CreateMutexW
ReleaseMutex
IsWow64Process
GetVersionExW
VirtualUnlock
VirtualLock
InitializeCriticalSectionAndSpinCount
TrySubmitThreadpoolCallback
CallbackMayRunLong
CloseThreadpool
SetThreadpoolThreadMinimum
SetThreadpoolThreadMaximum
CreateThreadpool
ConvertFiberToThread
OpenThread
QueueUserAPC
WaitForMultipleObjectsEx
IsThreadAFiber
TlsFree
TlsAlloc
CreateEventW
ResetEvent
SetEvent
LocalAlloc
IsDebuggerPresent
GetTickCount64
QueryPerformanceCounter
DecodePointer
EncodePointer
VirtualFree
HeapSize
InterlockedCompareExchange
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
IsProcessorFeaturePresent
VirtualAlloc
gdi32
DeleteObject
GetObjectW
SelectObject
GetStockObject
GetDeviceCaps
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
user32
GetMessageW
TranslateMessage
DispatchMessageA
DispatchMessageW
PeekMessageW
MsgWaitForMultipleObjectsEx
IsWindowUnicode
LoadIconW
RegisterWindowMessageW
FindWindowW
GetWindowThreadProcessId
ChangeWindowMessageFilter
AttachThreadInput
PostQuitMessage
CallWindowProcW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
IsWindow
IsChild
GetDlgItem
CharNextW
SetFocus
GetFocus
SetCapture
ReleaseCapture
CreateAcceleratorTableW
DestroyAcceleratorTable
GetForegroundWindow
SetForegroundWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
InvalidateRgn
RedrawWindow
SetWindowTextW
SystemParametersInfoW
GetWindowTextLengthW
GetMessageA
ClientToScreen
ScreenToClient
GetSysColor
FillRect
GetWindowLongW
SetWindowLongW
SetProcessDefaultLayout
GetDesktopWindow
GetParent
GetClassNameW
GetWindow
OpenClipboard
CloseClipboard
SetClipboardData
GetKeyState
ShowWindow
UpdateLayeredWindow
GetCursorPos
PtInRect
DialogBoxIndirectParamW
EndDialog
SendDlgItemMessageW
SetWindowContextHelpId
MapDialogRect
MonitorFromWindow
GetMonitorInfoW
EmptyClipboard
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CreatePopupMenu
DestroyMenu
AppendMenuW
TrackPopupMenu
UnregisterClassW
IsIconic
DestroyIcon
GetWindowRect
SetWindowPos
GetClientRect
AllowSetForegroundWindow
MoveWindow
SendMessageW
KillTimer
SetTimer
DefWindowProcW
PostMessageW
LoadCursorW
GetWindowTextW
DestroyWindow
SetCursor
msvcp110
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
msvcr110
calloc
_recalloc
memcmp
_wcslwr_s
wcscpy_s
wcschr
qsort
wcsrchr
__RTtypeid
??8type_info@@QBE_NABV0@@Z
_wcsupr_s
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
wcstol
__setusermatherr
_initterm_e
_initterm
_wcmdln
_fmode
_commode
?terminate@@YAXXZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
??3@YAXPAX@Z
iswdigit
swscanf_s
swprintf_s
wcsnlen
wcsstr
_time64
towupper
_wcsicmp
memset
__RTDynamicCast
malloc
free
wmemcpy_s
_vscwprintf
vswprintf_s
memmove_s
memcpy_s
memcpy
__CxxFrameHandler3
_CxxThrowException
??_V@YAXPAX@Z
memmove
??2@YAPAXI@Z
_configthreadlocale
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_invalid_parameter_noinfo_noreturn
tolower
wcsncpy_s
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
strnlen
wcscat_s
isalnum
_mbslwr_s
_wcsnicmp
_purecall
netapi32
NetUserGetLocalGroups
NetUserAdd
NetUserDel
NetLocalGroupAddMembers
NetApiBufferFree
NetUserEnum
NetGetJoinInformation
shell32
FindExecutableW
ShellExecuteW
SHFileOperationW
SHAppBarMessage
ShellExecuteExW
CommandLineToArgvW
SHGetFolderPathW
Shell_NotifyIconW
SHGetKnownFolderPath
ole32
OleLockRunning
CoInitializeSecurity
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
OleInitialize
CoCreateGuid
CoAllowSetForegroundWindow
CoSetProxyBlanket
CoUninitialize
CoInitializeEx
CoCreateInstance
CreateStreamOnHGlobal
CoGetClassObject
CoAddRefServerProcess
CoReleaseServerProcess
CoTaskMemFree
oleaut32
VarBstrCmp
VariantChangeType
DispCallFunc
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantInit
SafeArrayUnaccessData
SysFreeString
SysStringLen
SysAllocString
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SafeArrayCreate
SafeArrayDestroy
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
gdiplus
GdipCreateBitmapFromFile
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
shlwapi
PathFileExistsW
UrlCanonicalizeA
PathAppendW
StrRChrW
PathCombineW
comctl32
ord380
wtsapi32
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSFreeMemory
WTSEnumerateSessionsW
secur32
GetUserNameExW
uxcore
?OnUnHosted@HWNDHost@DirectUI@@MAEXPAVElement@2@@Z
?Paint@HWNDHost@DirectUI@@UAEJPAUID2D1RenderTarget@@PBUtagRECT@@PAU4@2@Z
?PaintText@Element@DirectUI@@UAEJPAPAUID2D1RenderTarget@@IPAUPaintTextParams@2@PBUtagRECT@@22@Z
?Remove@Element@DirectUI@@UAEJPAPAV12@I@Z
?OnShowWindow@CDUIDialog@@MAE_NIJAAJ@Z
?SetKeyFocus@Element@DirectUI@@UAEXXZ
?SyncFont@HWNDHost@DirectUI@@MAEXXZ
?_SelfLayoutDoLayout@Element@DirectUI@@MAEXHH@Z
?_SelfLayoutGetAdjacent@Element@DirectUI@@MAEPAV12@PAV12@HPBUNavReference@2@W4Flags@DuiGetAdjacent@@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MAE?AUtagSIZE@@HHPAVSurface@2@@Z
?_ShouldPaintContent@Element@DirectUI@@MAE_NXZ
?Class@HWNDHost@DirectUI@@2PAUIClassInfo@2@A
?RMLoadStringBSTR@@YGPA_WPBDIK@Z
?Load@CRMDUIParser@@QAEJPBDIK@Z
?ParserRequest@Element@DirectUI@@2PAEA
?QueryCmdStatus@Element@DirectUI@@2PAEA
?AccDescProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?Class@Hyperlink@DirectUI@@2PAUIClassInfo@2@A
?RMFindModule@@YGPAUHINSTANCE__@@PBDK@Z
?Navigate@Hyperlink@DirectUI@@2PAEA
?OnSaveHiddenState@CDUIDialog@@MAEX_N@Z
?OnNCDestroy@CDUIDialog@@MAE_NIJAAJ@Z
?OnLoadHiddenState@CDUIDialog@@MAE_NXZ
?OnInitDialog@CDUIDialog@@MAE_NIJAAJ@Z
?OnPropertyChanging@Element@DirectUI@@UAE_NPBUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanged@HWNDHost@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?OnGetMinMaxInfo@CDUIDialog@@MAE_NIJAAJ@Z
?OnDetach@CDUIDialog@@MAEXXZ
?OnDestroy@CDUIDialog@@MAE_NIJAAJ@Z
?OnDefaultFrameColorChanged@CFramelessHost@@MAEXXZ
?OnCreateRegion@CFramelessHost@@MAEPAUHRGN__@@HHHH@Z
?OnCreate@CDUIDialog@@MAE_NIJAAJ@Z
?OnCommand@CDUIDialog@@MAE_NIJAAJ@Z
?OnClose@CDUIDialog@@MAE_NIJAAJ@Z
?OnActivate@CDUIDialog@@MAE_NIJAAJ@Z
?GetDUIParser@CDUIDialog@@MAEPAVCRMDUIParser@@XZ
?ExitDialog@CDUIDialog@@MAEXH@Z
?DestroyWindow@NativeHWNDHost@DirectUI@@UAEXXZ
?Destroy@CDUIDialog@@MAEXXZ
??1CDUIDialog@@UAE@XZ
?LoadAndCreateElement@CRMDUIParser@@QAEJPBDIPB_WPAPAVElement@DirectUI@@PAV23@K@Z
??1CRMDUIParser@@UAE@XZ
??0CRMDUIParser@@QAE@XZ
?EvaluateSubtreeBindings@Element@DirectUI@@QAEJ_N@Z
?OnNotify@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?OnMouseFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z
?OnMessage@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?OnKeyFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z
?OnInput@HWNDHost@DirectUI@@UAEXPAUInputEvent@2@@Z
?RemoveHandler@Element@DirectUI@@QAEJPB_W@Z
?AddHandler@Element@DirectUI@@QAEJPB_WPAUIDuiHandlerDispatch@@@Z
?Add@Element@DirectUI@@QAEJPAV12@@Z
?DestroyAll@Element@DirectUI@@QAEJXZ
?Destroy@Element@DirectUI@@QAEJ_N@Z
?CreateString@Value@DirectUI@@SGPAV12@W4Flags@DuiValueFlags@@PB_WPAUHINSTANCE__@@I@Z
?CreateBool@Value@DirectUI@@SGPAV12@W4Flags@DuiValueFlags@@_N@Z
?CreateInt@Value@DirectUI@@SGPAV12@W4Flags@DuiValueFlags@@H@Z
?_ZeroRelease@Value@DirectUI@@AAEXXZ
?OnHosted@HWNDHost@DirectUI@@MAEXPAVElement@2@@Z
?OnGroupChanged@Element@DirectUI@@UAEXH_N@Z
?OnEvent@Element@DirectUI@@UAEXPAUEvent@2@@Z
?OnDestroy@HWNDHost@DirectUI@@UAEXXZ
?OnAdjustWindowSize@HWNDHost@DirectUI@@UAEHHHI@Z
?MessageCallback@HWNDHost@DirectUI@@UAEIPAUtagGMSG@@@Z
?Insert@Element@DirectUI@@UAEJPAPAV12@II@Z
?GetTextLineMetrics@Element@DirectUI@@UAEJPAUDWRITE_LINE_METRICS@@PAUtagPOINT@@@Z
?GetContentSize@Element@DirectUI@@UAE?AUtagSIZE@@HHPAVSurface@2@@Z
?GetAdjacent@Element@DirectUI@@UAEPAV12@PAV12@HPBUNavReference@2@W4Flags@DuiGetAdjacent@@@Z
?GetAccessibleImpl@HWNDHost@DirectUI@@UAEJPAPAUIAccessible@@@Z
?EnsureVisible@Element@DirectUI@@UAE_NHHHH@Z
?DefaultAction@Element@DirectUI@@UAEJXZ
?CreateHWND@HWNDHost@DirectUI@@MAEPAUHWND__@@PAU3@@Z
?AddBehavior@HWNDHost@DirectUI@@UAEJPAUIDuiBehavior@@@Z
?Add@Element@DirectUI@@UAEJPAPAV12@I@Z
?Initialize@HWNDHost@DirectUI@@QAEJII@Z
?GetPciMap@Element@DirectUI@@SGPAV?$BTreeLookup@PAUIClassInfo@DirectUI@@@2@XZ
?AllocateClassIndex@Element@DirectUI@@SGIXZ
?AllocatePropertyIndex@Element@DirectUI@@SGIXZ
??1Element@DirectUI@@UAE@XZ
?EndDefer@Element@DirectUI@@SGXXZ
?StartDefer@Element@DirectUI@@SGXXZ
?OnPostCreateDialog@CDUIDialog@@MAEXPAVElement@DirectUI@@@Z
?FilterMessage@CDUIDialog@@MAEHPAUtagMSG@@@Z
?FindDialogElement@CDUIDialog@@IAEPAVElement@DirectUI@@PB_W@Z
?DoModeless@CDUIDialog@@QAEJPBDGPB_WPAUHWND__@@PAUtagPOINT@@1_N441@Z
?UpdateAndGetDesiredSize@Element@DirectUI@@QAE?AUtagSIZE@@HH@Z
SetGadgetRootInfo
?LocationProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?WidthProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?YScrollableProp@ScrollViewer@DirectUI@@2PAUPropertyInfo@2@A
?YOffsetProp@ScrollViewer@DirectUI@@2PAUPropertyInfo@2@A
?PositionProp@ScrollBar@DirectUI@@2PAUPropertyInfo@2@A
?IsDescendent@Element@DirectUI@@QBE_NPAV12@@Z
?MapElementPointDirect@Element@DirectUI@@QBEXPAV12@PBUtagPOINT@@PAU3@@Z
UXCoreUnInitThread
UXCoreInitThread
UXCoreUnInitProcess
UXCoreInitProcess
?RMUpdateResourceSet@@YG_NPBDPB_WK11PAUHINSTANCE__@@@Z
?RMInitialize@@YGXXZ
?SetFontQuality@DirectUI@@YGJE@Z
GetMessageEx
?Class@ScrollViewer@DirectUI@@2PAUIClassInfo@2@A
?DesiredSizeProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?_UpdateDesiredSize@Element@DirectUI@@QAE?AUtagSIZE@@HHPAVSurface@2@@Z
?UpdateLayoutRect@Layout@DirectUI@@SGXPBVElement@2@HHPAV32@HHHH@Z
?FindDescendent@Element@DirectUI@@QAEPAV12@G@Z
?CreateAtom@Value@DirectUI@@SGPAV12@W4Flags@DuiValueFlags@@PB_W@Z
?Class@WLEditT@@2PAUIClassInfo@DirectUI@@A
?TagProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?KeyFocusedProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?ActiveProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?ParentProp@Element@DirectUI@@2PAUPropertyInfo@2@A
DuiCreateObject
?Class@Button@DirectUI@@2PAUIClassInfo@2@A
?DialogStyleProp@Button@DirectUI@@2PAUPropertyInfo@2@A
?EnabledProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?LayoutPosProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?ChildrenProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?ShowDialog@CDUIDialog@@MAEJPAUHWND__@@PAUtagPOINT@@@Z
?OnMessage@CDUIDialog@@MAEJIIJAAJ@Z
?DoModal@CDUIDialog@@QAEHPBDGPB_WPAUHWND__@@PAUtagPOINT@@1_N1@Z
??0CDUIDialog@@QAE@XZ
?RMLoadIcon@@YGPAUHICON__@@PBDPB_WK@Z
?External@PopupMenu2@DirectUI@@2PAEA
?ExecCmd@Element@DirectUI@@2PAEA
?InsertItem@SuperPopup@DirectUI@@QAEJPAUSuperPopupInsertItem@2@@Z
?CreatePopupMenu@SuperPopup@DirectUI@@QAEJXZ
?Create@SuperPopup@DirectUI@@SGJPAPAV12@@Z
?FireEvent@Element@DirectUI@@QAEXPAUEvent@2@_N@Z
?KeyWithinProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?FontStyleProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?ContentProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?AccNameProp@Element@DirectUI@@2PAUPropertyInfo@2@A
?pvNull@Value@DirectUI@@2PAV12@A
?Detach@CRMImage@@QAEPAUHBITMAP__@@XZ
?LoadFromResource@CRMImage@@QAEJPBDIPB_WPAUHINSTANCE__@@KW4GdiCreateFlags@1@@Z
??1CRMImage@@UAE@XZ
??0CRMImage@@QAE@XZ
?CreateImageValue@CRMDUIParser@@UAGJPBDPB_WPAPAVValue@DirectUI@@@Z
?SetValue@Element@DirectUI@@QAEJPBUPropertyInfo@2@HPAVValue@2@@Z
?GetValue@Element@DirectUI@@QBEPAVValue@2@PBUPropertyInfo@2@H@Z
?CreateGraphic@Value@DirectUI@@SGPAV12@W4Flags@DuiValueFlags@@PAUHICON__@@_N2@Z
?CreateGraphic@Value@DirectUI@@SGPAV12@W4Flags@DuiValueFlags@@PAUHBITMAP__@@EI_N2I2@Z
?Click@Button@DirectUI@@2PAEA
?SetDefaultFocus@NativeHWNDHost@DirectUI@@MAEXXZ
?OnUpdateFrame@CFramelessHost@@MAEXXZ
?OnSysCommand@CDUIDialog@@MAE_NIJAAJ@Z
?OnInitIcon@CDUIDialog@@MAE_NPAH@Z
?OnSize@CDUIDialog@@MAE_NIJAAJ@Z
?RemoveBehavior@HWNDHost@DirectUI@@UAEJPAUIDuiBehavior@@@Z
wlidux
WlidUxUninitProcess
WlidUxInitProcess
WlidUxCreateObject
wlidcli
ord51
ord38
ord2
ord29
ord120
ord3
crypt32
CryptProtectData
CryptUnprotectData
fwpuclnt
FwpmCalloutDeleteByKey0
FwpmSubLayerDeleteByKey0
FwpmTransactionAbort0
FwpmTransactionCommit0
FwpmTransactionBegin0
FwpmEngineClose0
FwpmEngineOpen0
FwpmFilterDeleteByKey0
wininet
InternetCreateUrlA
InternetCrackUrlA
Sections
.text Size: 623KB - Virtual size: 622KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 75KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 87KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 145KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE