77615cd66929f0314e0cbf6d7623c1f0320dea3866964de8adb52ab71ea31311

Sharing

Copy URL Twitter E-mail

General

Target

77615cd66929f0314e0cbf6d7623c1f0320dea3866964de8adb52ab71ea31311
Size

2.0MB
MD5

9e42250f599f64ca7a3e12029f7dfb2e
SHA1

c319c7e7e6300e95eb9b1bd36060ebc277f9f5a2
SHA256

77615cd66929f0314e0cbf6d7623c1f0320dea3866964de8adb52ab71ea31311
SHA512

ed8d89b17a808493afce50996564036b5fc6a7e6754ac112fc0979484243fb3502f261b2f6aa3254b414161a0a30430e4297594a5c48cc4b752c5d2088ed1bb1
SSDEEP

49152:l+8GXJZaxuDb+8GXJZaxuDY+8GXJZaxuDC+8GXJZaxuD6t8EXRokOs6G+8GXJZar:Q8GZZaxuDq8GZZaxuDB8GZZaxuDP8GZC

Score

N/A

Malware Config

Signatures

Files

77615cd66929f0314e0cbf6d7623c1f0320dea3866964de8adb52ab71ea31311
.zip
KTeRMFOO.exe
.exe windows x86

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringA
SendMessageW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadBitmapA
MoveWindow
SetWindowPos
InvalidateRect
GetKeyboardState
GetPropA
LoadAcceleratorsW
EnableWindow
GetScrollPos
FlashWindowEx
GetParent
GetMenuItemID
WindowFromPoint
GetMenu
TranslateAcceleratorA
GetScrollRange
SetWindowLongA
GetScrollInfo
GetWindowLongA

kernel32

ReadFile
GetCurrentDirectoryW
SleepEx
LoadLibraryW
GetProcessHeap
HeapAlloc
CreateFileA
GetProcAddress
lstrcpyA
CreateFileMappingA
GetFileSize
DeleteFileA
CloseHandle
lstrlenA
GetStartupInfoA
GetModuleHandleA

gdi32

DeleteDC
CreateCompatibleDC

comctl32

ord17

shell32

ExtractIconA

crtdll

_global_unwind2
_commode_dll
__GetMainArgs
_initterm
_fmode_dll
_local_unwind2
exit
_XcptFilter
_exit
_acmdln_dll

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
OkGiGmHm.exe
.exe windows x86

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringA
SendMessageW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadBitmapA
MoveWindow
SetWindowPos
InvalidateRect
GetKeyboardState
GetPropA
LoadAcceleratorsW
EnableWindow
GetScrollPos
FlashWindowEx
GetParent
GetMenuItemID
WindowFromPoint
GetMenu
TranslateAcceleratorA
GetScrollRange
SetWindowLongA
GetScrollInfo
GetWindowLongA

kernel32

ReadFile
GetCurrentDirectoryW
SleepEx
LoadLibraryW
GetProcessHeap
HeapAlloc
CreateFileA
GetProcAddress
lstrcpyA
CreateFileMappingA
GetFileSize
DeleteFileA
CloseHandle
lstrlenA
GetStartupInfoA
GetModuleHandleA

gdi32

DeleteDC
CreateCompatibleDC

comctl32

ord17

shell32

ExtractIconA

crtdll

_global_unwind2
_commode_dll
__GetMainArgs
_initterm
_fmode_dll
_local_unwind2
exit
_XcptFilter
_exit
_acmdln_dll

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dLIOrKHN.exe
.exe windows x86

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringA
SendMessageW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadBitmapA
MoveWindow
SetWindowPos
InvalidateRect
GetKeyboardState
GetPropA
LoadAcceleratorsW
EnableWindow
GetScrollPos
FlashWindowEx
GetParent
GetMenuItemID
WindowFromPoint
GetMenu
TranslateAcceleratorA
GetScrollRange
SetWindowLongA
GetScrollInfo
GetWindowLongA

kernel32

ReadFile
GetCurrentDirectoryW
SleepEx
LoadLibraryW
GetProcessHeap
HeapAlloc
CreateFileA
GetProcAddress
lstrcpyA
CreateFileMappingA
GetFileSize
DeleteFileA
CloseHandle
lstrlenA
GetStartupInfoA
GetModuleHandleA

gdi32

DeleteDC
CreateCompatibleDC

comctl32

ord17

shell32

ExtractIconA

crtdll

_global_unwind2
_commode_dll
__GetMainArgs
_initterm
_fmode_dll
_local_unwind2
exit
_XcptFilter
_exit
_acmdln_dll

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
document8961294.zip
.zip
fax_message33198.zip
.zip
pcfXwvLt.exe
.exe windows x86

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringA
SendMessageW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadBitmapA
MoveWindow
SetWindowPos
InvalidateRect
GetKeyboardState
GetPropA
LoadAcceleratorsW
EnableWindow
GetScrollPos
FlashWindowEx
GetParent
GetMenuItemID
WindowFromPoint
GetMenu
TranslateAcceleratorA
GetScrollRange
SetWindowLongA
GetScrollInfo
GetWindowLongA

kernel32

ReadFile
GetCurrentDirectoryW
SleepEx
LoadLibraryW
GetProcessHeap
HeapAlloc
CreateFileA
GetProcAddress
lstrcpyA
CreateFileMappingA
GetFileSize
DeleteFileA
CloseHandle
lstrlenA
GetStartupInfoA
GetModuleHandleA

gdi32

DeleteDC
CreateCompatibleDC

comctl32

ord17

shell32

ExtractIconA

crtdll

_global_unwind2
_commode_dll
__GetMainArgs
_initterm
_fmode_dll
_local_unwind2
exit
_XcptFilter
_exit
_acmdln_dll

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
tubei560T.txt
twYRKgeC.exe
.exe windows x86

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
DialogBoxParamW
DestroyWindow
DefWindowProcW
CreateWindowExW
LoadIconW
LoadCursorW
RegisterClassExW
LoadStringA
SendMessageW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
LoadBitmapA
MoveWindow
SetWindowPos
InvalidateRect
GetKeyboardState
GetPropA
LoadAcceleratorsW
EnableWindow
GetScrollPos
FlashWindowEx
GetParent
GetMenuItemID
WindowFromPoint
GetMenu
TranslateAcceleratorA
GetScrollRange
SetWindowLongA
GetScrollInfo
GetWindowLongA

kernel32

ReadFile
GetCurrentDirectoryW
SleepEx
LoadLibraryW
GetProcessHeap
HeapAlloc
CreateFileA
GetProcAddress
lstrcpyA
CreateFileMappingA
GetFileSize
DeleteFileA
CloseHandle
lstrlenA
GetStartupInfoA
GetModuleHandleA

gdi32

DeleteDC
CreateCompatibleDC

comctl32

ord17

shell32

ExtractIconA

crtdll

_global_unwind2
_commode_dll
__GetMainArgs
_initterm
_fmode_dll
_local_unwind2
exit
_XcptFilter
_exit
_acmdln_dll

Sections

.text
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
update13037.zip
.zip
xxxpcaluaxxx.exe
.exe windows x64

55eac22bec69292daeec7a3befe0c3d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapSetInformation
LocalFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
Sleep
TerminateProcess
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetCurrentProcess

user32

GetDesktopWindow
RegisterClassExW
SetForegroundWindow
CreateWindowExW
GetSystemMetrics
DefWindowProcW

msvcrt

?terminate@@YAXXZ
__set_app_type
_fmode
__wgetmainargs
_amsg_exit
_XcptFilter
_wtoi
_wcmdln
__C_specific_handler
_initterm
__setusermatherr
_cexit
_exit
exit
_commode
memset

apphelp

ApphelpDebugPrintf

shell32

CommandLineToArgvW

ntdll

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

pcaui

PcaLaunchApplicationWithConsent
PcaPersistSettingsAndLaunchApplication

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xxxpcaluaxxx_1.exe
.exe windows x64

55eac22bec69292daeec7a3befe0c3d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapSetInformation
LocalFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
Sleep
TerminateProcess
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetCurrentProcess

user32

GetDesktopWindow
RegisterClassExW
SetForegroundWindow
CreateWindowExW
GetSystemMetrics
DefWindowProcW

msvcrt

?terminate@@YAXXZ
__set_app_type
_fmode
__wgetmainargs
_amsg_exit
_XcptFilter
_wtoi
_wcmdln
__C_specific_handler
_initterm
__setusermatherr
_cexit
_exit
exit
_commode
memset

apphelp

ApphelpDebugPrintf

shell32

CommandLineToArgvW

ntdll

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

pcaui

PcaLaunchApplicationWithConsent
PcaPersistSettingsAndLaunchApplication

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xxxpcaluaxxx_2.exe
.exe windows x64

55eac22bec69292daeec7a3befe0c3d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapSetInformation
LocalFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
Sleep
TerminateProcess
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetCurrentProcess

user32

GetDesktopWindow
RegisterClassExW
SetForegroundWindow
CreateWindowExW
GetSystemMetrics
DefWindowProcW

msvcrt

?terminate@@YAXXZ
__set_app_type
_fmode
__wgetmainargs
_amsg_exit
_XcptFilter
_wtoi
_wcmdln
__C_specific_handler
_initterm
__setusermatherr
_cexit
_exit
exit
_commode
memset

apphelp

ApphelpDebugPrintf

shell32

CommandLineToArgvW

ntdll

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

pcaui

PcaLaunchApplicationWithConsent
PcaPersistSettingsAndLaunchApplication

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

shell32

crtdll

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 32KB - Virtual size: 37KB

.rsrc Size: 53KB - Virtual size: 52KB

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

shell32

crtdll

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 32KB - Virtual size: 37KB

.rsrc Size: 53KB - Virtual size: 52KB

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

shell32

crtdll

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 32KB - Virtual size: 37KB

.rsrc Size: 53KB - Virtual size: 52KB

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

shell32

crtdll

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 32KB - Virtual size: 37KB

.rsrc Size: 53KB - Virtual size: 52KB

0f471f9c942cb033fc12ea3e5a5dcf79

Headers

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

shell32

crtdll

Sections

.text Size: 402KB - Virtual size: 401KB

.rdata Size: 63KB - Virtual size: 63KB

.data Size: 32KB - Virtual size: 37KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 32KB - Virtual size: 37KB

.rsrc
Size: 53KB - Virtual size: 52KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 32KB - Virtual size: 37KB

.rsrc
Size: 53KB - Virtual size: 52KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 32KB - Virtual size: 37KB

.rsrc
Size: 53KB - Virtual size: 52KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 32KB - Virtual size: 37KB

.rsrc
Size: 53KB - Virtual size: 52KB

.text
Size: 402KB - Virtual size: 401KB

.rdata
Size: 63KB - Virtual size: 63KB

.data
Size: 32KB - Virtual size: 37KB

.rsrc
Size: 53KB - Virtual size: 52KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 240B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 104B

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 240B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 104B

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 240B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 104B