?GetValueAsInt@CCFGFileManager@AsLib@@QAA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAH@Z
?GetValueAsString@CCFGFileManager@AsLib@@QAA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
Static task
static1
Behavioral task
behavioral1
Sample
7be0f091a0b6e761236b31bbf3e5679ca9f4e6307a4f0cf9de5085805fb3c5cd.exe
Resource
win7-20220812-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
7be0f091a0b6e761236b31bbf3e5679ca9f4e6307a4f0cf9de5085805fb3c5cd.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
7be0f091a0b6e761236b31bbf3e5679ca9f4e6307a4f0cf9de5085805fb3c5cd
-
Size
904KB
-
MD5
8a8b9bb88fadcf465f4e54ad00107eee
-
SHA1
df6825dfa223ea00ded2e458b2be9b36d647f3f2
-
SHA256
7be0f091a0b6e761236b31bbf3e5679ca9f4e6307a4f0cf9de5085805fb3c5cd
-
SHA512
e4a51aad7a7d6a933a518af0fccf152d1220977243c25cffbed859ea48137d6054bdd3a7b1a762c1f5f302a31828868e45eb058941d3cf69d0d511387736f8bc
-
SSDEEP
12288:CQHeWeD9zLc7BqZazHCjwngfkXRpED1q8kTGX9zOnBxs3joaA/OLswoEEsn3tQ+y:p+HzsHCwX4g8kTGX9zIxSC/OtcsdT6
Score
N/A
Malware Config
Signatures
Files
-
7be0f091a0b6e761236b31bbf3e5679ca9f4e6307a4f0cf9de5085805fb3c5cd.exe windows x86
0e7ba139210c50c2ad1f4e8bec5c9472
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
xerces-c_2_7
??1MemBufInputSource@xercesc_2_7@@UAE@XZ
??1SAXParser@xercesc_2_7@@UAE@XZ
??2XMemory@xercesc_2_7@@SAPAXI@Z
??0SAXParser@xercesc_2_7@@QAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
?setValidationScheme@SAXParser@xercesc_2_7@@QAEXW4ValSchemes@12@@Z
?setDoNamespaces@SAXParser@xercesc_2_7@@QAEX_N@Z
?setDoSchema@SAXParser@xercesc_2_7@@QAEX_N@Z
?setValidationSchemaFullChecking@SAXParser@xercesc_2_7@@QAEX_N@Z
??0MemBufInputSource@xercesc_2_7@@QAE@QBEIQBD_NQAVMemoryManager@1@@Z
?getErrorCount@SAXParser@xercesc_2_7@@QBEHXZ
??3XMemory@xercesc_2_7@@SAXPAX@Z
?setEntityResolver@SAXParser@xercesc_2_7@@UAEXQAVEntityResolver@2@@Z
?setDTDHandler@SAXParser@xercesc_2_7@@UAEXQAVDTDHandler@2@@Z
?setDocumentHandler@SAXParser@xercesc_2_7@@UAEXQAVDocumentHandler@2@@Z
?setErrorHandler@SAXParser@xercesc_2_7@@UAEXQAVErrorHandler@2@@Z
?parse@SAXParser@xercesc_2_7@@UAEXQBD@Z
?parse@SAXParser@xercesc_2_7@@UAEXQBG@Z
?parse@SAXParser@xercesc_2_7@@UAEXABVInputSource@2@@Z
?setPSVIHandler@SAXParser@xercesc_2_7@@UAEXQAVPSVIHandler@2@@Z
?setXMLEntityResolver@SAXParser@xercesc_2_7@@UAEXQAVXMLEntityResolver@2@@Z
?docCharacters@SAXParser@xercesc_2_7@@UAEXQBGI_N@Z
?docComment@SAXParser@xercesc_2_7@@UAEXQBG@Z
?docPI@SAXParser@xercesc_2_7@@UAEXQBG0@Z
?endDocument@SAXParser@xercesc_2_7@@UAEXXZ
?endElement@SAXParser@xercesc_2_7@@UAEXABVXMLElementDecl@2@I_NQBG@Z
?endEntityReference@SAXParser@xercesc_2_7@@UAEXABVXMLEntityDecl@2@@Z
?ignorableWhitespace@SAXParser@xercesc_2_7@@UAEXQBGI_N@Z
?resetDocument@SAXParser@xercesc_2_7@@UAEXXZ
?startDocument@SAXParser@xercesc_2_7@@UAEXXZ
?startElement@SAXParser@xercesc_2_7@@UAEXABVXMLElementDecl@2@IQBGABV?$RefVectorOf@VXMLAttr@xercesc_2_7@@@2@I_N3@Z
?startEntityReference@SAXParser@xercesc_2_7@@UAEXABVXMLEntityDecl@2@@Z
?XMLDecl@SAXParser@xercesc_2_7@@UAEXQBG000@Z
?elementTypeInfo@XMLDocumentHandler@xercesc_2_7@@UAEXQBG0@Z
?error@SAXParser@xercesc_2_7@@UAEXIQBGW4ErrTypes@XMLErrorReporter@2@000JJ@Z
?resetErrors@SAXParser@xercesc_2_7@@UAEXXZ
?endInputSource@SAXParser@xercesc_2_7@@UAEXABVInputSource@2@@Z
?expandSystemId@SAXParser@xercesc_2_7@@UAE_NQBGAAVXMLBuffer@2@@Z
?resetEntities@SAXParser@xercesc_2_7@@UAEXXZ
?resolveEntity@SAXParser@xercesc_2_7@@UAEPAVInputSource@2@PAVXMLResourceIdentifier@2@@Z
?resolveEntity@SAXParser@xercesc_2_7@@UAEPAVInputSource@2@QBG00@Z
?startInputSource@SAXParser@xercesc_2_7@@UAEXABVInputSource@2@@Z
?attDef@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@ABVDTDAttDef@2@_N@Z
?doctypeComment@SAXParser@xercesc_2_7@@UAEXQBG@Z
?doctypeDecl@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@QBG1_N2@Z
?doctypePI@SAXParser@xercesc_2_7@@UAEXQBG0@Z
?doctypeWhitespace@SAXParser@xercesc_2_7@@UAEXQBGI@Z
?elementDecl@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@_N@Z
?endAttList@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@@Z
?endIntSubset@SAXParser@xercesc_2_7@@UAEXXZ
?endExtSubset@SAXParser@xercesc_2_7@@UAEXXZ
?entityDecl@SAXParser@xercesc_2_7@@UAEXABVDTDEntityDecl@2@_N1@Z
?resetDocType@SAXParser@xercesc_2_7@@UAEXXZ
?notationDecl@SAXParser@xercesc_2_7@@UAEXABVXMLNotationDecl@2@_N@Z
?startAttList@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@@Z
?startIntSubset@SAXParser@xercesc_2_7@@UAEXXZ
?startExtSubset@SAXParser@xercesc_2_7@@UAEXXZ
?TextDecl@SAXParser@xercesc_2_7@@UAEXQBG0@Z
?makeStream@MemBufInputSource@xercesc_2_7@@UBEPAVBinInputStream@2@XZ
?getEncoding@InputSource@xercesc_2_7@@UBEPBGXZ
?getPublicId@InputSource@xercesc_2_7@@UBEPBGXZ
?getSystemId@InputSource@xercesc_2_7@@UBEPBGXZ
?getIssueFatalErrorIfNotFound@InputSource@xercesc_2_7@@UBE_NXZ
?setEncoding@InputSource@xercesc_2_7@@UAEXQBG@Z
?setPublicId@InputSource@xercesc_2_7@@UAEXQBG@Z
?setSystemId@InputSource@xercesc_2_7@@UAEXQBG@Z
?setIssueFatalErrorIfNotFound@InputSource@xercesc_2_7@@UAEX_N@Z
?fgXercescDefaultLocale@XMLUni@xercesc_2_7@@2QBDB
?Initialize@XMLPlatformUtils@xercesc_2_7@@SAXQBD0QAVPanicHandler@2@QAVMemoryManager@2@_N@Z
?getDOMImplementation@DOMImplementationRegistry@xercesc_2_7@@SAPAVDOMImplementation@2@PBG@Z
?fgMemoryManager@XMLPlatformUtils@xercesc_2_7@@2PAVMemoryManager@2@A
?Terminate@XMLPlatformUtils@xercesc_2_7@@SAXXZ
?fgDOMNamespaces@XMLUni@xercesc_2_7@@2QBGB
?fgXercesSchema@XMLUni@xercesc_2_7@@2QBGB
?fgXercesSchemaFullChecking@XMLUni@xercesc_2_7@@2QBGB
?fgDOMValidateIfSchema@XMLUni@xercesc_2_7@@2QBGB
?fgDOMDatatypeNormalization@XMLUni@xercesc_2_7@@2QBGB
??1HandlerBase@xercesc_2_7@@UAE@XZ
??0HandlerBase@xercesc_2_7@@QAE@XZ
?resolveEntity@HandlerBase@xercesc_2_7@@UAEPAVInputSource@2@QBG0@Z
?notationDecl@HandlerBase@xercesc_2_7@@UAEXQBG00@Z
?unparsedEntityDecl@HandlerBase@xercesc_2_7@@UAEXQBG000@Z
?resetDocType@HandlerBase@xercesc_2_7@@UAEXXZ
?endDocument@HandlerBase@xercesc_2_7@@UAEXXZ
?endElement@HandlerBase@xercesc_2_7@@UAEXQBG@Z
?processingInstruction@HandlerBase@xercesc_2_7@@UAEXQBG0@Z
?resetDocument@HandlerBase@xercesc_2_7@@UAEXXZ
?setDocumentLocator@HandlerBase@xercesc_2_7@@UAEXQBVLocator@2@@Z
?startDocument@HandlerBase@xercesc_2_7@@UAEXXZ
?resetErrors@HandlerBase@xercesc_2_7@@UAEXXZ
?transcode@XMLString@xercesc_2_7@@SAPADQBG@Z
?compareIString@XMLString@xercesc_2_7@@SAHQBD0@Z
?release@XMLString@xercesc_2_7@@SAXPAPAD@Z
kernel32
GetLogicalDrives
GetSystemTime
DeleteFileA
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
GetModuleFileNameA
LocalFree
lstrcpynA
FormatMessageA
GlobalSize
MulDiv
CopyFileA
SetLastError
LoadLibraryA
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetProcAddress
GetModuleHandleA
lstrcmpA
GlobalDeleteAtom
FreeLibrary
GetCurrentThreadId
GetCurrentThread
GlobalAddAtomA
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventA
lstrcmpW
lstrcatA
GlobalFindAtomA
GlobalGetAtomNameA
FreeResource
InterlockedDecrement
FindClose
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
VirtualProtect
GetFileAttributesA
SetFileTime
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetDiskFreeSpaceA
InterlockedIncrement
RaiseException
GetDriveTypeA
DeleteCriticalSection
SystemTimeToFileTime
MoveFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
CreateFileA
GetShortPathNameA
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
FindResourceExA
LocalFileTimeToFileTime
SetErrorMode
LocalUnlock
LocalLock
RtlUnwind
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
CreateDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
HeapSize
SetHandleCount
GetStdHandle
GetFileType
FatalAppExitA
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
GetDiskFreeSpaceExA
GetComputerNameA
GlobalMemoryStatus
SetFileAttributesA
GetTickCount
GetLastError
lstrlenA
MoveFileExA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
GetVersion
GetEnvironmentVariableW
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
OpenProcess
TerminateProcess
GetCurrentDirectoryA
CreateThread
TerminateThread
Sleep
CreateProcessA
CloseHandle
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
FileTimeToDosDateTime
RemoveDirectoryA
InitializeCriticalSection
user32
RegisterClassA
GetClassInfoA
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetSysColor
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
IsChild
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
MapDialogRect
SetWindowContextHelpId
FindWindowA
IsRectEmpty
FillRect
DrawIcon
SetWindowRgn
ClientToScreen
SetCapture
ReleaseCapture
GetAsyncKeyState
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
CopyAcceleratorTableA
InvalidateRgn
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
UnpackDDElParam
DestroyMenu
LoadMenuA
TabbedTextOutA
DrawTextExA
GrayStringA
GetWindowDC
CharNextA
GetSysColorBrush
WindowFromPoint
WaitMessage
DeleteMenu
DestroyIcon
InflateRect
GetMenuItemInfoA
GetNextDlgGroupItem
MessageBeep
GetDialogBaseUnits
RegisterClipboardFormatA
GetKeyNameTextA
MapVirtualKeyA
UnionRect
PostThreadMessageA
IsClipboardFormatAvailable
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
GetSystemMenu
SetParent
UnregisterClassA
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetSystemMetrics
CopyRect
GetWindow
GetWindowTextLengthA
GetWindowTextA
ScrollWindowEx
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
GetParent
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetCursor
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
IsWindow
GetClientRect
SendMessageA
EnumDisplaySettingsA
InvalidateRect
wvsprintfA
LoadBitmapA
PtInRect
PostMessageA
CharUpperA
CharUpperW
CharLowerA
CharLowerW
EnableWindow
GetWindowThreadProcessId
SetTimer
GetDC
ReleaseDC
KillTimer
ValidateRect
BeginPaint
LoadImageA
DrawTextA
EndPaint
PostQuitMessage
GetWindowLongA
GetMenu
AdjustWindowRectEx
SetWindowPos
GetWindowRect
SetRect
LoadIconA
UpdateWindow
LoadCursorA
wsprintfA
MessageBoxA
SystemParametersInfoA
SetWindowPlacement
gdi32
GetObjectA
SetBkColor
SetTextColor
CreateEllipticRgn
DPtoLP
LPtoDP
Ellipse
CreateRectRgnIndirect
GetRgnBox
CreateCompatibleBitmap
SaveDC
RestoreDC
SetPolyFillMode
GetClipBox
SetStretchBltMode
SetMapMode
GetDCOrgEx
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetViewportExtEx
GetWindowExtEx
GetPixel
StartDocA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
CreateBitmap
ExcludeClipRect
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateCompatibleDC
SelectObject
BitBlt
GetBkMode
SetBkMode
DeleteObject
AbortDoc
SetROP2
SetAbortProc
EndDoc
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetBkColor
GetTextColor
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
SetRectRgn
CombineRgn
GetMapMode
PatBlt
StretchDIBits
GetCharWidthA
CreateFontA
StartPage
EndPage
DeleteDC
comdlg32
GetSaveFileNameA
GetFileTitleA
ReplaceTextA
FindTextA
PageSetupDlgA
PrintDlgA
CommDlgExtendedError
GetOpenFileNameA
winspool.drv
GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
advapi32
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
IsTextUnicode
RegSetValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
shell32
SHGetFileInfoA
ExtractIconA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
DragQueryFileA
DragFinish
comctl32
ImageList_Write
ImageList_Read
ord13
ImageList_GetImageInfo
ImageList_Draw
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ord17
ImageList_Merge
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord14
shlwapi
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathStripToRootA
PathIsUNCA
oledlg
ord8
ole32
OleRun
OleUninitialize
CoCreateInstance
CoDisconnectObject
CoFreeUnusedLibraries
OleInitialize
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
StringFromGUID2
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetMalloc
StgOpenStorageOnILockBytes
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
oleaut32
VariantClear
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
SafeArrayCreateVector
OleCreateFontIndirect
LoadTypeLi
SysAllocStringLen
SysFreeString
VariantInit
ws2_32
WSAEventSelect
WSAAsyncSelect
WSACreateEvent
getsockname
inet_ntoa
gethostname
recv
send
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
getpeername
accept
listen
htonl
bind
htons
setsockopt
connect
WSACloseEvent
closesocket
socket
WSAGetLastError
ioctlsocket
WSACleanup
gethostbyaddr
gethostbyname
inet_addr
WSAStartup
Exports
Exports
Sections
.text Size: 692KB - Virtual size: 690KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 164KB - Virtual size: 163KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ