Static task
static1
Behavioral task
behavioral1
Sample
1e0eae9ae40398bd5449e680c6520e3073540c73e2575bff348fdf0cb5e51523.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
1e0eae9ae40398bd5449e680c6520e3073540c73e2575bff348fdf0cb5e51523.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
General
-
Target
1e0eae9ae40398bd5449e680c6520e3073540c73e2575bff348fdf0cb5e51523
-
Size
684KB
-
MD5
a35b6f4825ee662eac7716be7a628c20
-
SHA1
8f158fde540554015000a73c09efc305b33af5ab
-
SHA256
1e0eae9ae40398bd5449e680c6520e3073540c73e2575bff348fdf0cb5e51523
-
SHA512
cc40ca5a51fd59db4c17a6f0dc1aa2065647a795cd64a19622aad315de336c6e0acd4141fb15c19959a257b74cbaaceeb11bede66adfa107c4086c0bf58bd042
-
SSDEEP
6144:igBUz3kWH2rjPkTTS3aVdiyM2z2pa0OOEEM4wqLy0HBGxjGXBoPBT83o8vkJm0UD:bPGKjPknzz+Eue0+jGXBWh8+
Malware Config
Signatures
Files
-
1e0eae9ae40398bd5449e680c6520e3073540c73e2575bff348fdf0cb5e51523.exe windows x86
80ec23a232e3fa127ca0e02a1260bc9b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
gameframed
?DoDataExchange@CGameFrameDlg@@MAEXPAVCDataExchange@@@Z
??1CGameFrameDlg@@UAE@XZ
??0CGameFrameDlg@@QAE@PAVCGameFrameView@@@Z
?PlayBkgrndSound@CGameFrameDlg@@QAEXPBD@Z
?OnInitDialog@CGameFrameDlg@@MAEHXZ
?SendData@CGameFrameDlg@@QAE_NGGPAXG@Z
?PlayEffectSound@CGameFrameDlg@@QAEXPBD@Z
?IsEnableSound@CGameFrameDlg@@QAE_NXZ
?EnableBkgrndSound@CGameFrameDlg@@QAEX_N@Z
?EnableSound@CGameFrameDlg@@QAEX_N@Z
?IsBkgrndSndPlaying@CGameFrameDlg@@QAE_NXZ
?GetMeChairID@CGameFrameDlg@@QAEGXZ
?SendData@CGameFrameDlg@@QAE_NGPAXG@Z
?SwitchViewChairID@CGameFrameDlg@@QAEGG@Z
?KillGameTimer@CGameFrameDlg@@QAE_NI@Z
?ActiveGameFrame@CGameFrameDlg@@QAEXXZ
?SetGameTimer@CGameFrameDlg@@QAE_NGII@Z
?PlayGameSound@CGameFrameDlg@@QAE_NPAUHINSTANCE__@@PBD@Z
?IsLookonMode@CGameFrameDlg@@QAE_NXZ
?UpdateGameView@CGameFrameView@@QAEXPBVCRect@@@Z
?GetUserData@CGameFrameDlg@@QAEPBUtagUserData@@G@Z
?PreTranslateMessage@CGameFrameDlg@@MAEHPAUtagMSG@@@Z
?StopBkgrndSound@CGameFrameDlg@@QAEXXZ
?SetGameStatus@CGameFrameDlg@@QAEXE@Z
?GetGameStatus@CGameFrameDlg@@QAEEXZ
?InsertGeneralString@CGameFrameDlg@@QAE_NPBDK_N@Z
?SendUserReady@CGameFrameDlg@@QAE_NPAXG@Z
?SendData@CGameFrameDlg@@QAE_NG@Z
?OnMove@CGameFrameDlg@@QAEXHH@Z
?GetThisMessageMap@CGameFrameDlg@@KGPBUAFX_MSGMAP@@XZ
?QueryInterface@CGameFrameView@@UAAPAXABU_GUID@@K@Z
?Release@CGameFrameView@@UAA_NXZ
?IsValid@CGameFrameView@@UAA_NXZ
??1CGameFrameView@@UAE@XZ
??0CGameFrameView@@QAE@_NIPAVCThreadDraw@@@Z
?OnCreate@CGameFrameView@@IAEHPAUtagCREATESTRUCTA@@@Z
?DrawUserReady@CGameFrameView@@QAEXPAVCDC@@HHH@Z
?DrawUserTimer@CGameFrameView@@QAEXPAVCDC@@HHGG@Z
?GetUserInfo@CGameFrameView@@QAEPBUtagUserData@@G@Z
?GetUserTimer@CGameFrameView@@QAEGG@Z
?OnTimer@CGameFrameView@@IAEXI@Z
?GetThisMessageMap@CGameFrameView@@KGPBUAFX_MSGMAP@@XZ
?OnOK@CGameFrameDlg@@MAEXXZ
?OnCancel@CGameFrameDlg@@MAEXXZ
?RectifyControl@CGameFrameDlg@@EAEXHH@Z
?OnFrameMessage@CGameFrameDlg@@EAE_NGPBXG@Z
?OnEventUserScore@CGameFrameDlg@@MAAXPAUtagUserData@@G_N@Z
?OnEventUserStatus@CGameFrameDlg@@MAAXPAUtagUserData@@G_N@Z
?ExitInstance@CGameFrameApp@@UAEHXZ
?OnReadyCmd@CGameFrameDlg@@UAEXXZ
?OnBnClickedComplaint@CGameFrameDlg@@EAEXXZ
?OnSplitterButton@CGameFrameDlg@@UAA_NPAVCSkinSplitter@@PAVCSkinButton@@@Z
?OnSplitterEvent@CGameFrameDlg@@UAA_NPAVCSkinSplitter@@IHH@Z
??1CGameFrameApp@@UAE@XZ
??0CGameFrameApp@@QAE@XZ
?GetMessageMap@CGameFrameApp@@MBEPBUAFX_MSGMAP@@XZ
?InitInstance@CGameFrameApp@@UAEHXZ
?SecretUser@CGameFrameDlg@@QAEX_N@Z
skincontrolsd
??0CSkinImage@@QAE@XZ
?SetLoadInfo@CSkinImage@@QAE_NIPAUHINSTANCE__@@_N@Z
?GetRuntimeClass@CSkinDialog@@UBEPAUCRuntimeClass@@XZ
?SetIcon@CSkinDialog@@QAEPAUHICON__@@PAU2@H@Z
?GetWidth@CPngImage@@QAEHXZ
?DrawImage@CPngImage@@QAE_NPAVCDC@@HH@Z
?GetHeight@CPngImage@@QAEHXZ
?DrawImage@CPngImage@@QAE_NPAVCDC@@HHHHHHHH@Z
?DrawImage@CPngImage@@QAE_NPAVCDC@@HHHHHH@Z
?SetButtonBkgnd@CPngButton@@QAEXPAVCDC@@@Z
?SetButtonImage@CPngButton@@QAEHPBD@Z
??0CPngImage@@QAE@XZ
??0CPngButton@@QAE@XZ
?InsertString@CSkinRichEdit@@QAE_NPBDK@Z
??1CPngButton@@UAE@XZ
??1CPngImage@@UAE@XZ
?LoadImageA@CPngImage@@QAE_NPBD@Z
??1CSkinImage@@UAE@XZ
mfc71d
ord2163
ord7004
ord3516
ord3811
ord3980
ord5998
ord3788
ord4007
ord3519
ord3692
ord3511
ord5159
ord5160
ord5150
ord3690
ord5514
ord6187
ord5949
ord2795
ord1680
ord7691
ord714
ord386
ord908
ord8394
ord8679
ord4656
ord6286
ord3124
ord5712
ord310
ord674
ord1493
ord1095
ord3200
ord316
ord1363
ord693
ord711
ord2558
ord2548
ord7372
ord7643
ord2177
ord379
ord2176
ord340
ord3648
ord5222
ord6680
ord8343
ord8430
ord2232
ord5590
ord7007
ord3477
ord901
ord893
ord4654
ord1569
ord1565
ord5651
ord1423
ord2405
ord1832
ord6695
ord1438
ord5997
ord7606
ord7607
ord6632
ord5406
ord2992
ord7668
ord1440
ord6354
ord8653
ord5663
ord5621
ord8675
ord5287
ord8673
ord6017
ord2700
ord2655
ord7576
ord5295
ord1346
ord6881
ord8607
ord7282
ord5321
ord2533
ord4122
ord7040
ord7042
ord5511
ord6274
ord7052
ord7017
ord7559
ord3983
ord6182
ord5948
ord2902
ord1768
ord4646
ord898
ord882
ord654
ord8397
ord1345
ord1192
ord7963
ord5214
ord1332
ord2561
ord3557
ord3704
ord1123
ord6941
ord7954
ord5581
ord6733
ord5761
ord1105
ord6877
ord1099
ord8489
ord8329
ord7793
ord2192
ord926
ord2037
ord673
ord1093
ord8503
ord289
ord8126
ord1928
ord7018
ord2905
ord1771
ord4650
ord929
ord2766
ord6560
ord6386
ord745
ord8326
ord2235
ord426
ord855
ord8395
ord1120
ord2330
ord621
ord832
ord573
ord4495
ord8680
ord7824
ord3454
ord5096
ord4835
ord2105
ord5918
ord695
ord348
ord2767
ord4077
ord5226
ord7648
ord2236
ord3251
ord5793
ord1157
ord928
ord6351
ord5775
ord2233
ord2591
ord1442
ord6976
ord1875
ord6738
ord4663
ord8674
ord5288
ord8676
ord2075
ord3003
ord3013
ord3294
ord3276
ord3274
ord3292
ord3304
ord3281
ord3297
ord3302
ord3285
ord3287
ord3289
ord3283
ord3299
ord3279
ord1189
ord1185
ord1187
ord1183
ord1178
ord7056
ord7058
ord8200
ord2164
ord5969
ord6463
ord4783
ord2645
ord1813
ord3005
ord5864
ord8672
ord6849
ord2519
ord6952
ord5930
ord1927
ord5507
ord2187
ord2190
ord8123
ord2111
ord2112
ord2255
ord2256
ord2657
ord6646
ord6476
ord5892
ord6983
ord4853
ord5053
ord1589
ord4340
msvcr71d
_resetstkoflw
_except_handler3
memset
rand
srand
time
_snprintf
strftime
_localtime64
memcmp
strcpy
_vsnprintf
_vsnwprintf
_snwprintf
realloc
_time64
_mktime64
_gmtime64
wcscmp
wcslen
wcsncpy
_setmbcp
_CrtDbgReport
malloc
free
??0exception@@QAE@XZ
memmove
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
fabs
__CxxFrameHandler
wcscpy
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
??_V@YAXPAX@Z
_CRT_RTC_INIT
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_c_exit
_exit
_controlfp
_XcptFilter
_cexit
exit
_ismbblead
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
memcpy
abs
kernel32
WaitForSingleObject
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetEnvironmentVariableW
GetModuleHandleA
lstrcpynA
EnterCriticalSection
LeaveCriticalSection
GetLastError
lstrlenA
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
CompareStringW
CompareStringA
lstrlenW
WideCharToMultiByte
GetStringTypeExW
GetStringTypeExA
lstrcmpiW
lstrcmpiA
DeleteCriticalSection
RaiseException
GetStartupInfoA
ExitProcess
DebugBreak
GetProcAddress
LoadLibraryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetModuleFileNameA
CloseHandle
GetCurrentProcess
FreeLibrary
VirtualAlloc
UnmapViewOfFile
IsBadReadPtr
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetCurrentThread
OpenFileMappingA
InterlockedIncrement
GetModuleFileNameW
GetVersion
InterlockedDecrement
MulDiv
SetEvent
OpenEventA
lstrcpyA
lstrcpyW
OutputDebugStringA
OutputDebugStringW
lstrcpynW
InitializeCriticalSection
FileTimeToSystemTime
GetEnvironmentVariableA
user32
IsRectEmpty
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
UnionRect
SubtractRect
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
PeekMessageA
MsgWaitForMultipleObjects
CopyRect
UnregisterClassA
CharUpperA
CharUpperW
CharLowerA
CharLowerW
SetLayeredWindowAttributes
PtInRect
DeferWindowPos
EmptyClipboard
SetClipboardData
CloseClipboard
LoadIconA
GetCursorPos
SetCursor
BeginDeferWindowPos
EndDeferWindowPos
IsWindow
UpdateLayeredWindow
PostMessageA
GetWindowLongW
GetWindowLongA
SetWindowLongA
gdi32
GetObjectA
SetDIBColorTable
DeleteObject
DeleteDC
CreateDIBSection
CreateCompatibleDC
SelectObject
GetDIBColorTable
StretchBlt
msimg32
AlphaBlend
TransparentBlt
shell32
ShellExecuteA
SHGetSpecialFolderPathA
comctl32
_TrackMouseEvent
shlwapi
PathFindExtensionW
PathFindExtensionA
oleaut32
SysFreeString
gdiplus
GdipCreateMatrix
GdipDeleteMatrix
GdipRotateMatrix
GdipTranslateMatrix
GdipCreateFromHDC
GdipDeleteGraphics
GdipReleaseDC
GdipSetWorldTransform
GdipDrawImagePointsRect
GdipDrawImageRectRectI
GdipFree
GdipAlloc
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
msvcp71d
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??1locale@std@@QAE@XZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?width@ios_base@std@@QBEHXZ
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?eof@?$char_traits@D@std@@SAHXZ
?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?to_char_type@?$char_traits@D@std@@SADABH@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?width@ios_base@std@@QAEHH@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Register@facet@locale@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@@Z
?_Getfacet@locale@std@@QBEPBVfacet@12@I@Z
??Bid@locale@std@@QAEIXZ
?id@?$ctype@D@std@@2V0locale@2@A
??0_Lockit@std@@QAE@H@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?to_int_type@?$char_traits@D@std@@SAHABD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEABDI@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
?to_char_type@?$char_traits@_W@std@@SA_WABG@Z
?eq_int_type@?$char_traits@_W@std@@SA_NABG0@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?eof@?$char_traits@_W@std@@SAGXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEAB_WI@Z
?to_int_type@?$char_traits@_W@std@@SAGAB_W@Z
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@@Z
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
?max_size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??1_Lockit@std@@QAE@XZ
advapi32
OpenThreadToken
RevertToSelf
SetThreadToken
ole32
CoUnmarshalInterface
CoRevokeClassObject
CoRegisterClassObject
CoReleaseMarshalData
CreateStreamOnHGlobal
CoMarshalInterface
Sections
.textbss Size: - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 240KB - Virtual size: 236KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 24KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 348KB - Virtual size: 347KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
g��ΣuP Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE