ab31f8d27f5ae40642116505732b52671d19e353a68463ceab72d9d652cbc211

Sharing

Copy URL Twitter E-mail

General

Target

ab31f8d27f5ae40642116505732b52671d19e353a68463ceab72d9d652cbc211
Size

4.0MB
MD5

783abe677b1eeed6d264b7bffb8899c8
SHA1

08783d45597dc4e25040f839772f069d73c84af3
SHA256

ab31f8d27f5ae40642116505732b52671d19e353a68463ceab72d9d652cbc211
SHA512

77da152337cc4c80fcefd110dc5cfba013ea7021e45c8554e50b7c971865927882017c1be61c771b0961faf67b8d873c8fcc41b6f50b0dad6b40f67180ebe0fb
SSDEEP

49152:UUrFOAyuq2yGmKnqBJtog+Gj4Z3eh7uJ4WUYiIb6erKB3gPL9iKbztguL3Cj8CkV:UUROAcCqmHBpeh7uaWU/Y6erK5iH

Score

N/A

Malware Config

Signatures

Files

ab31f8d27f5ae40642116505732b52671d19e353a68463ceab72d9d652cbc211
.exe windows x86

aac4ad0a62c54049ecf9d2f55104b8c9

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:43:03:29:35:88:65:e2:d9:b5:ac:25:13:d9:78:db
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/04/2020, 00:00

Not After

27/04/2021, 12:00

Subject

SERIALNUMBER=4800-01-000861,CN=JUSTSYSTEMS CORPORATION,O=JUSTSYSTEMS CORPORATION,L=Shinjuku-ku,ST=Tokyo,C=JP,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024a50

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:5a:0f:81:18:8e:2b:21:99:c1:99:c5:f4:db:be:e1:a3:a7:82:dd
Signer

Actual PE Digest

2e:5a:0f:81:18:8e:2b:21:99:c1:99:c5:f4:db:be:e1:a3:a7:82:dd

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=4800-01-000861,CN=JUSTSYSTEMS CORPORATION,O=JUSTSYSTEMS CORPORATION,L=Shinjuku-ku,ST=Tokyo,C=JP,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024a50

04/01/2021, 06:40
Valid: true

Chain 1

SERIALNUMBER=4800-01-000861,CN=JUSTSYSTEMS CORPORATION,O=JUSTSYSTEMS CORPORATION,L=Shinjuku-ku,ST=Tokyo,C=JP,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024a50

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetSystemInfo
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
SetStdHandle
ExitProcess
AreFileApisANSI
MoveFileExW
SetFilePointerEx
RemoveDirectoryW
DeviceIoControl
OutputDebugStringW
VirtualQuery
GetFileType
GetStdHandle
GetACP
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetUserDefaultLCID
GetProfileIntW
SearchPathW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
GetWindowsDirectoryW
FindResourceExW
VerifyVersionInfoW
VerSetConditionMask
DuplicateHandle
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetCurrentDirectoryW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GlobalFlags
GetThreadLocale
FileTimeToSystemTime
GlobalGetAtomNameW
LocalReAlloc
GlobalHandle
GlobalReAlloc
CompareStringA
lstrcmpA
GetCurrentThread
ResumeThread
SetThreadPriority
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
OutputDebugStringA
CopyFileW
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetCPInfo
GetLocaleInfoW
LCMapStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
GetStringTypeW
UnmapViewOfFile
MapViewOfFile
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
SystemTimeToFileTime
GetSystemTime
GetCurrentProcessId
InitializeCriticalSection
ReleaseMutex
UnlockFile
SetFilePointer
ReadFile
LockFile
GetFileSize
ResetEvent
CompareStringW
GetSystemDirectoryW
GetTickCount
CreateProcessW
WaitForSingleObject
GetTempPathW
WriteFile
GetTempFileNameW
DeleteFileW
ExpandEnvironmentStringsW
lstrcmpiW
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
FreeLibrary
GetCurrentThreadId
SetFileAttributesW
GetFileTime
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
CreateFileW
CreateDirectoryW
lstrlenW
lstrcatW
lstrcpyW
LocalAlloc
DeleteBoundaryDescriptor
AddSIDToBoundaryDescriptor
CreateBoundaryDescriptorW
ClosePrivateNamespace
OpenPrivateNamespaceW
GetModuleFileNameW
CreateFileMappingW
GetVersionExW
GetCurrentProcess
CreateEventW
CreateMutexW
CreateMutexA
SetLastError
FormatMessageW
FormatMessageA
LocalFree
SetEvent
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
MulDiv
DeleteCriticalSection
RaiseException
FindResourceW
SizeofResource
LockResource
LoadResource
Sleep
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLastError

user32

CopyImage
IsRectEmpty
DrawFocusRect
WindowFromPoint
ReleaseCapture
SetCapture
GetNextDlgGroupItem
LoadMenuW
InvalidateRect
DrawStateW
SetRectEmpty
SendDlgItemMessageA
GetMenuItemInfoW
DestroyMenu
IntersectRect
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
PostQuitMessage
GetCursorPos
TranslateMessage
GetMessageW
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
MoveWindow
ShowWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
GetWindowLongW
EqualRect
CopyRect
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
DrawIconEx
GetScrollRange
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SendMessageTimeoutW
PostMessageW
IsWindow
EnableWindow
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
DrawEdge
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
LoadBitmapW
GetParent
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
FillRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
GetIconInfo
GetSysColorBrush
RealChildWindowFromPoint
GetAsyncKeyState
DeleteMenu
CharUpperW
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
SetRect
MessageBeep
TrackMouseEvent
IsZoomed
SetWindowRgn
GetWindowDC
TabbedTextOutW
GrayStringW
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
ShowScrollBar
MessageBoxW
FindWindowW
FindWindowExW
LoadIconW
SendMessageW
UnregisterClassW
IsIconic
BringWindowToTop
GetSystemMetrics
GetSystemMenu
InsertMenuW
AppendMenuW
DrawIcon
SetForegroundWindow
GetClientRect
GetWindowRect
InflateRect
PtInRect
SystemParametersInfoW
FrameRect
GetDC
ReleaseDC
RegisterWindowMessageW
PeekMessageW
SetTimer
KillTimer
LoadCursorW
DestroyIcon
LoadImageW
GetFocus
OffsetRect
GetDesktopWindow
GetWindowThreadProcessId
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
wsprintfW
WaitForInputIdle
EnumThreadWindows
GetClassNameW
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
RemoveMenu
UnhookWindowsHookEx
DrawTextW
DrawTextExW
DrawFrameControl
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
SetLayeredWindowAttributes
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
HideCaret
InvertRect
MapVirtualKeyW
GetKeyNameTextW
SetClassLongW
SetParent
SetCursorPos
CopyIcon
CharUpperBuffW
LockWindowUpdate
ModifyMenuW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
PostThreadMessageW
GetDoubleClickTime
GetComboBoxInfo
IsCharLowerW
MapVirtualKeyExW
IsClipboardFormatAvailable
GetUpdateRect
DestroyCursor
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
CreateMenu
SubtractRect
GetWindowRgn
SetFocus

gdi32

GetObjectW
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextExtentPoint32W
GetTextMetricsW
GetBkColor
GetTextColor
GetRgnBox
CreateRoundRectRgn
CreateCompatibleBitmap
CreateDIBSection
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
LPtoDP
OffsetRgn
ExtFloodFill
SetPaletteEntries
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
DeleteObject
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateCompatibleDC
CreateBitmap
BitBlt
CreateDCW
CopyMetaFileW
GetDeviceCaps
PaintRgn
GetRegionData
CreateSolidBrush
DeleteDC
CombineRgn
SetPixel
CreateRectRgn

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

CopySid
CreateWellKnownSid
RegQueryValueW
RegEnumKeyW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey
GetUserNameW
GetTokenInformation
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetLengthSid
GetAclInformation
GetAce

shell32

SHGetSpecialFolderPathW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW
DragQueryFileW
SHBrowseForFolderW
SHAppBarMessage
DragFinish
Shell_NotifyIconW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW

uxtheme

OpenThemeData
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetCurrentThemeName
IsAppThemed
DrawThemeText
DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
GetThemeColor

ole32

CoDisconnectObject
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitializeEx
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal

oleaut32

SysFreeString
SysStringLen
SystemTimeToVariantTime
SafeArrayDestroy
VariantInit
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
VariantClear
VariantChangeType
SysAllocString
VariantTimeToSystemTime
LoadTypeLi
SysAllocStringLen

oledlg

OleUIBusyW

gdiplus

GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetPageUnit
GdipFillRectangleI
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageHeight

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 642KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aac4ad0a62c54049ecf9d2f55104b8c9

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

05:43:03:29:35:88:65:e2:d9:b5:ac:25:13:d9:78:dbCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

2e:5a:0f:81:18:8e:2b:21:99:c1:99:c5:f4:db:be:e1:a3:a7:82:ddSigner

Signature Validations

Verification

04/01/2021, 06:40 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

winmm

imm32

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 642KB - Virtual size: 642KB

.data Size: 81KB - Virtual size: 100KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 192KB - Virtual size: 191KB

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

05:43:03:29:35:88:65:e2:d9:b5:ac:25:13:d9:78:db
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

2e:5a:0f:81:18:8e:2b:21:99:c1:99:c5:f4:db:be:e1:a3:a7:82:dd
Signer

04/01/2021, 06:40
Valid: true

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 642KB - Virtual size: 642KB

.data
Size: 81KB - Virtual size: 100KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 192KB - Virtual size: 191KB