Behavioral task
behavioral1
Sample
51ed93b08c4f633c701680589d5a3f6d53b6f7f612d83e9e1f959721e24cd742.exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral2
Sample
51ed93b08c4f633c701680589d5a3f6d53b6f7f612d83e9e1f959721e24cd742.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
51ed93b08c4f633c701680589d5a3f6d53b6f7f612d83e9e1f959721e24cd742
-
Size
480KB
-
MD5
04c8126ffaf0c546d26a4242ce01d6e0
-
SHA1
122212a778a65c658eec0a82588dc18663cc4922
-
SHA256
51ed93b08c4f633c701680589d5a3f6d53b6f7f612d83e9e1f959721e24cd742
-
SHA512
c3ec7db89b26a9d23fa30ddc910e9323e6e62dcf5f4876074d3bee74b166c8a0c3394e62ffdaa5a7ea3f8609757a9f56e4dc91571c9a7d72343008051836f7ae
-
SSDEEP
6144:tjkeob8EICf56TJXxsiJM5SfY9PiPMWUcecLJyQjOZypq5XgcinOyfwm4sdy4GVd:tiXfaJsSfYd3TcFy4o5XBU4b6UtR
Malware Config
Signatures
-
resource yara_rule sample upx
Files
-
51ed93b08c4f633c701680589d5a3f6d53b6f7f612d83e9e1f959721e24cd742.exe windows x86
e2e3de601a292b8fd390431ecf56d981
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
TraceEvent
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW
UnregisterTraceGuids
RegQueryValueExW
RegEnumValueW
RegEnumKeyW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegNotifyChangeKeyValue
kernel32
InterlockedExchange
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
lstrlenW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetLastError
LoadLibraryW
GetProcAddress
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleA
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
OutputDebugStringA
WaitForMultipleObjects
ExpandEnvironmentStringsW
CreateFileW
WriteFile
GlobalFree
GetTempFileNameW
GetModuleHandleW
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
LoadLibraryExW
GetModuleFileNameW
HeapAlloc
GetProcessHeap
HeapFree
EnterCriticalSection
LeaveCriticalSection
LockResource
FindResourceExW
WaitForSingleObject
CreateEventW
FlushInstructionCache
GetCurrentProcess
lstrcmpW
MulDiv
GetCurrentThreadId
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
GetCommandLineW
HeapSetInformation
GetVersionExW
OutputDebugStringW
GetTempPathW
GetUserDefaultUILanguage
GetTickCount
RegisterApplicationRestart
QueryPerformanceFrequency
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
SetEvent
GetFileAttributesExW
CompareStringW
CreateProcessW
LoadLibraryA
VirtualFree
VirtualAlloc
FindResourceW
CloseHandle
InterlockedCompareExchange
gdi32
GetObjectW
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
CreateSolidBrush
SelectObject
DeleteObject
CreateCompatibleDC
DeleteDC
GetStockObject
user32
GetClassInfoExW
LoadCursorW
RegisterClassExW
CreateWindowExW
CreateAcceleratorTableW
DispatchMessageW
TranslateMessage
GetMessageW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
RegisterWindowMessageW
SystemParametersInfoW
IsWindow
GetKeyboardLayout
RemovePropW
GetDesktopWindow
KillTimer
SetForegroundWindow
SendMessageW
LoadIconW
SetTimer
SetPropW
UnregisterClassW
EnumThreadWindows
AllowSetForegroundWindow
GetFocus
GetWindow
SetFocus
DestroyAcceleratorTable
LoadBitmapW
BeginPaint
EndPaint
CallWindowProcW
DestroyWindow
ReleaseCapture
GetClassNameW
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
CharNextW
FillRect
ReleaseDC
ScreenToClient
GetKeyboardLayoutList
UnregisterClassA
GetDC
PostThreadMessageW
SetWindowLongW
GetWindowLongW
DefWindowProcW
GetSysColor
MoveWindow
SetWindowPos
GetClientRect
ClientToScreen
GetPropW
msvcrt
wcscpy_s
memmove_s
_ftol2_sse
memset
_itow
_ftol2
wcschr
wcsstr
_wcsnicmp
qsort
swprintf_s
wcscat_s
iswspace
_wcsicmp
??_U@YAPAXI@Z
??2@YAPAXI@Z
_purecall
__CxxFrameHandler3
??_V@YAXPAX@Z
wcsncpy_s
_CxxThrowException
memcpy_s
free
malloc
_vsnwprintf
_vscwprintf
vswprintf_s
_beginthreadex
??3@YAXPAX@Z
_endthreadex
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_except_handler4_common
?terminate@@YAXXZ
realloc
_errno
_unlock
__dllonexit
_lock
_onexit
_controlfp
memcpy
dui70
InitThread
UnInitThread
?Create@DUIXmlParser@DirectUI@@SGJPAPAV12@P6GPAVValue@2@PBGPAX@Z2P6GX11H2@Z2@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QAEJIPAUHINSTANCE__@@0@Z
CreateDUIWrapper
?GetIndex@Element@DirectUI@@QAEHXZ
?Remove@Element@DirectUI@@QAEJPAV12@@Z
?HasChildren@Element@DirectUI@@QAE_NXZ
?GetContentString@Element@DirectUI@@QAEPBGPAPAVValue@2@@Z
?GetID@Element@DirectUI@@QAEGXZ
?SetAccDesc@Element@DirectUI@@QAEJPBG@Z
?Register@HWNDHost@DirectUI@@SGJXZ
?IsDescendent@Element@DirectUI@@QAE_NPAV12@@Z
?AddListener@Element@DirectUI@@QAEJPAUIElementListener@2@@Z
?SetEnabled@Element@DirectUI@@QAEJ_N@Z
?GetSelected@Element@DirectUI@@QAE_NXZ
?FireEvent@Element@DirectUI@@QAEXPAUEvent@2@_N1@Z
?Initialize@HWNDHost@DirectUI@@QAEJIIPAVElement@2@PAK@Z
?EraseBkgnd@HWNDHost@DirectUI@@MAE_NPAUHDC__@@PAJ@Z
?CreateHWND@HWNDHost@DirectUI@@MAEPAUHWND__@@PAU3@@Z
?SetWindowDirection@HWNDHost@DirectUI@@UAEXPAUHWND__@@@Z
?OnAdjustWindowSize@HWNDHost@DirectUI@@UAEHHHI@Z
?OnWindowStyleChanged@HWNDHost@DirectUI@@UAEXIPBUtagSTYLESTRUCT@@@Z
?OnCtrlThemeChanged@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?OnSinkThemeChanged@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?OnSysChar@HWNDHost@DirectUI@@UAE_NG@Z
?OnMessage@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?OnNotify@HWNDHost@DirectUI@@UAE_NIIJPAJ@Z
?GetHWND@HWNDHost@DirectUI@@UAEPAUHWND__@@XZ
?DefaultAction@Element@DirectUI@@UAEJXZ
?GetAccessibleImpl@HWNDHost@DirectUI@@UAEJPAPAUIAccessible@@@Z
?GetKeyFocused@HWNDHost@DirectUI@@UAE_NXZ
?OnUnHosted@HWNDHost@DirectUI@@MAEXPAVElement@2@@Z
?OnHosted@HWNDHost@DirectUI@@MAEXPAVElement@2@@Z
?MessageCallback@HWNDHost@DirectUI@@UAEIPAUtagGMSG@@@Z
?SetKeyFocus@HWNDHost@DirectUI@@UAEXXZ
?Paint@HWNDHost@DirectUI@@UAEXPAUHDC__@@PBUtagRECT@@1PAU4@2@Z
?OnEvent@HWNDHost@DirectUI@@UAEXPAUEvent@2@@Z
?OnDestroy@HWNDHost@DirectUI@@UAEXXZ
?OnInput@HWNDHost@DirectUI@@UAEXPAUInputEvent@2@@Z
?OnPropertyChanged@HWNDHost@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
??0HWNDHost@DirectUI@@QAE@XZ
?GetClassInfoPtr@HWNDHost@DirectUI@@SGPAUIClassInfo@2@XZ
?SetSelected@Element@DirectUI@@QAEJ_N@Z
??1HWNDHost@DirectUI@@UAE@XZ
?DUICreatePropertySheetPage@TaskPage@DirectUI@@QAEJPAUHINSTANCE__@@@Z
??BTaskPage@DirectUI@@QAEPAU_PSP@@XZ
?Create@BorderLayout@DirectUI@@SGJPAPAVLayout@2@@Z
?SetLayout@Element@DirectUI@@QAEJPAVLayout@2@@Z
?GetLayoutPos@Element@DirectUI@@QAEHXZ
?SetExpanded@Expandable@DirectUI@@QAEJ_N@Z
?SetContentString@Element@DirectUI@@QAEJPBG@Z
?GetValue@Element@DirectUI@@QAEPAVValue@2@P6GPBUPropertyInfo@2@XZHPAUUpdateCache@2@@Z
?SetWidth@Element@DirectUI@@QAEJH@Z
?SetHeight@Element@DirectUI@@QAEJH@Z
?SetAccessible@Element@DirectUI@@QAEJ_N@Z
?GetParent@Element@DirectUI@@QAEPAV12@XZ
?DestroyAll@Element@DirectUI@@QAEJ_N@Z
?SetNotifyHandler@CCBase@DirectUI@@QAEXP6GHIIJPAJPAX@Z1@Z
?GetChildren@Element@DirectUI@@QAEPAV?$DynamicArray@PAVElement@DirectUI@@$0A@@2@PAPAVValue@2@@Z
?CreateElement@DUIXmlParser@DirectUI@@QAEJPBGPAVElement@2@1PAKPAPAV32@@Z
?SetLayoutPos@Element@DirectUI@@QAEJH@Z
?Click@Button@DirectUI@@SG?AVUID@@XZ
?GetParentHWND@TaskPage@DirectUI@@QAEPAUHWND__@@XZ
?SetDataEntry@PText@DirectUI@@QAEXPAUIDataEntry@2@@Z
?GetElement@TaskPage@DirectUI@@IAEPAVElement@2@XZ
?EndDefer@Element@DirectUI@@QAEXK@Z
?StartDefer@Element@DirectUI@@QAEXPAK@Z
?Destroy@Element@DirectUI@@QAEJ_N@Z
?FindDescendent@Element@DirectUI@@QAEPAV12@G@Z
?PropSheet_SendMessage@TaskPage@DirectUI@@IAEJIIJ@Z
?DestroyCP@TaskPage@DirectUI@@EAEXXZ
?CreateParserCP@TaskPage@DirectUI@@EAEJPAPAVDUIXmlParser@2@@Z
?CreateDUICP@TaskPage@DirectUI@@EAEJPAVHWNDElement@2@PAUHWND__@@1PAPAVElement@2@PAPAVDUIXmlParser@2@@Z
?OnMessage@TaskPage@DirectUI@@MAE_NIIJPAJ@Z
?OnQueryInitialFocus@TaskPage@DirectUI@@MAEPAVElement@2@XZ
?OnWizBack@TaskPage@DirectUI@@MAEJXZ
?OnReset@TaskPage@DirectUI@@MAEJXZ
?OnKillActive@TaskPage@DirectUI@@MAEJXZ
?InitPropSheetPage@TaskPage@DirectUI@@MAEXPAU_PROPSHEETPAGEW@@@Z
?GetPageResID@TaskPage@DirectUI@@MAEPBGXZ
?GetPageRCID@TaskPage@DirectUI@@MAEIXZ
?LoadPage@TaskPage@DirectUI@@MAEJPAVHWNDElement@2@PAUHINSTANCE__@@PAPAVElement@2@PAPAVDUIXmlParser@2@@Z
?LoadParser@TaskPage@DirectUI@@MAEJPAPAVDUIXmlParser@2@@Z
?OnListenedInput@TaskPage@DirectUI@@MAEXPAVElement@2@PAUInputEvent@2@@Z
?OnListenedPropertyChanged@TaskPage@DirectUI@@MAEXPAVElement@2@PBUPropertyInfo@2@HPAVValue@2@2@Z
?OnListenedPropertyChanging@TaskPage@DirectUI@@MAE_NPAVElement@2@PBUPropertyInfo@2@HPAVValue@2@2@Z
?OnListenerDetach@TaskPage@DirectUI@@MAEXPAVElement@2@@Z
?OnListenerAttach@TaskPage@DirectUI@@MAEXPAVElement@2@@Z
??0TaskPage@DirectUI@@QAE@XZ
??1TaskPage@DirectUI@@UAE@XZ
StrToID
??1IDataEntry@DirectUI@@UAE@XZ
??0IDataEntry@DirectUI@@QAE@XZ
?Destroy@DUIXmlParser@DirectUI@@QAEXXZ
UnInitProcessPriv
InitProcessPriv
?BackgroundProp@Element@DirectUI@@SGPBUPropertyInfo@2@XZ
?CreateGraphic@Value@DirectUI@@SGPAV12@PAUHBITMAP__@@EI_N11@Z
?ContentProp@Element@DirectUI@@SGPBUPropertyInfo@2@XZ
?SetValue@Element@DirectUI@@QAEJP6GPBUPropertyInfo@2@XZHPAVValue@2@@Z
?Register@Button@DirectUI@@SGJXZ
?GetFactoryLock@Element@DirectUI@@SGPAU_RTL_CRITICAL_SECTION@@XZ
??0CritSecLock@DirectUI@@QAE@PAU_RTL_CRITICAL_SECTION@@@Z
?ClassExist@ClassInfoBase@DirectUI@@SG_NPAPAUIClassInfo@2@PBQBUPropertyInfo@2@IPAU32@PAUHINSTANCE__@@PBG_N@Z
?Register@ClassInfoBase@DirectUI@@QAEJXZ
??1CritSecLock@DirectUI@@QAE@XZ
?GetHeight@Element@DirectUI@@QAEHXZ
?GetWidth@Element@DirectUI@@QAEHXZ
?ForegroundProp@Element@DirectUI@@SGPBUPropertyInfo@2@XZ
?Initialize@ClassInfoBase@DirectUI@@QAEJPAUHINSTANCE__@@PBG_NPBQBUPropertyInfo@2@I@Z
?GetValue@Element@DirectUI@@QAEPAVValue@2@PBUPropertyInfo@2@HPAUUpdateCache@2@@Z
?GetType@Value@DirectUI@@QBEHXZ
?GetFill@Value@DirectUI@@QAEPBUFill@2@XZ
GetThemeHandle
?GetInt@Value@DirectUI@@QAEHXZ
ColorFromEnumI
?Release@Value@DirectUI@@QAEXXZ
?AddRef@Value@DirectUI@@QAEXXZ
??1ClassInfoBase@DirectUI@@UAE@XZ
?Initialize@Button@DirectUI@@QAEJIPAVElement@2@PAK@Z
?AssertPIZeroRef@ClassInfoBase@DirectUI@@UBEXXZ
?GetChildren@ClassInfoBase@DirectUI@@UBEHXZ
?RemoveChild@ClassInfoBase@DirectUI@@UAEXXZ
?AddChild@ClassInfoBase@DirectUI@@UAEXXZ
?IsGlobal@ClassInfoBase@DirectUI@@UBE_NXZ
?GetModule@ClassInfoBase@DirectUI@@UBEPAUHINSTANCE__@@XZ
?IsSubclassOf@ClassInfoBase@DirectUI@@UBE_NPAUIClassInfo@2@@Z
?IsValidProperty@ClassInfoBase@DirectUI@@UBE_NPBUPropertyInfo@2@@Z
?GetName@ClassInfoBase@DirectUI@@UBEPBGXZ
?GetGlobalIndex@ClassInfoBase@DirectUI@@UBEIXZ
?GetPICount@ClassInfoBase@DirectUI@@UBEIXZ
?GetByClassIndex@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z
?EnumPropertyInfo@ClassInfoBase@DirectUI@@UAEPBUPropertyInfo@2@I@Z
?Release@ClassInfoBase@DirectUI@@UAEHXZ
?AddRef@ClassInfoBase@DirectUI@@UAEXXZ
??0ClassInfoBase@DirectUI@@QAE@XZ
?GetClassInfoPtr@Button@DirectUI@@SGPAUIClassInfo@2@XZ
??1Button@DirectUI@@UAE@XZ
?OnReceivedDialogFocus@Button@DirectUI@@UAE_NPAVDialogElement@2@@Z
?OnLostDialogFocus@Button@DirectUI@@UAE_NPAVDialogElement@2@@Z
?HandleUiaEventListener@Element@DirectUI@@UAEXPAUEvent@2@@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UAEXPBUPropertyInfo@2@@Z
?HandleUiaPropertyListener@Element@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?HandleUiaDestroyListener@Element@DirectUI@@UAEXXZ
?GetElementProviderImpl@Element@DirectUI@@UAEJPAVInvokeHelper@2@PAPAVElementProvider@2@@Z
?DefaultAction@Button@DirectUI@@UAEJXZ
?GetAccessibleImpl@Element@DirectUI@@UAEJPAPAUIAccessible@@@Z
?GetKeyFocused@Element@DirectUI@@UAE_NXZ
?RemoveTooltip@Element@DirectUI@@MAEXPAV12@@Z
?ActivateTooltip@Element@DirectUI@@MAEXPAV12@K@Z
?UpdateTooltip@Element@DirectUI@@MAEXPAV12@@Z
?OnUnHosted@Element@DirectUI@@MAEXPAV12@@Z
?OnHosted@Element@DirectUI@@MAEXPAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MAE?AUtagSIZE@@HHPAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MAEXHH@Z
?QueryInterface@Element@DirectUI@@UAGJABU_GUID@@PAPAX@Z
?MessageCallback@Element@DirectUI@@UAEIPAUtagGMSG@@@Z
?SetKeyFocus@Element@DirectUI@@UAEXXZ
?EnsureVisible@Element@DirectUI@@UAE_NHHHH@Z
?GetAdjacent@Element@DirectUI@@UAEPAV12@PAV12@HPBUNavReference@2@K@Z
?Remove@Element@DirectUI@@UAEJPAPAV12@I@Z
?Insert@Element@DirectUI@@UAEJPAPAV12@II@Z
??0Button@DirectUI@@QAE@XZ
?IsRTLReading@Element@DirectUI@@UAE_NXZ
?IsContentProtected@Element@DirectUI@@UAE_NXZ
?GetContentStringAsDisplayed@Element@DirectUI@@UAEPBGPAPAVValue@2@@Z
?OnPropertyChanging@Element@DirectUI@@UAE_NPBUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UAE_NPAUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanged@Button@DirectUI@@UAEXPBUPropertyInfo@2@HPAVValue@2@1@Z
?OnPropertyChanged@Element@DirectUI@@UAEXPAUPropertyInfo@2@HPAVValue@2@1@Z
?OnGroupChanged@Element@DirectUI@@UAEXH_N@Z
?OnInput@Button@DirectUI@@UAEXPAUInputEvent@2@@Z
?OnKeyFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z
?OnMouseFocusMoved@Element@DirectUI@@UAEXPAV12@0@Z
?OnDestroy@Element@DirectUI@@UAEXXZ
?OnEvent@Element@DirectUI@@UAEXPAUEvent@2@@Z
?Paint@Element@DirectUI@@UAEXPAUHDC__@@PBUtagRECT@@1PAU4@2@Z
?GetContentSize@Element@DirectUI@@UAE?AUtagSIZE@@HHPAVSurface@2@@Z
?Add@Element@DirectUI@@UAEJPAPAV12@I@Z
comctl32
PropertySheetW
ord345
InitCommonControlsEx
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
ole32
CoSuspendClassObjects
CoReleaseMarshalData
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoInitializeEx
CoUninitialize
OleUninitialize
OleInitialize
CoResumeClassObjects
CoGetInterfaceAndReleaseStream
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoMarshalInterThreadInterfaceInStream
StringFromCLSID
CreateStreamOnHGlobal
oleaut32
VarUI4FromStr
SysStringLen
SysAllocStringLen
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysStringByteLen
VarBstrCmp
VariantInit
VariantClear
OleCreateFontIndirect
LoadRegTypeLi
SafeArrayGetVartype
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
VariantCopy
SysAllocStringByteLen
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
VariantChangeType
SafeArrayCreate
SysFreeString
shlwapi
SHRegGetValueW
StrCmpW
PathFileExistsW
uxtheme
GetThemeColor
OpenThemeData
CloseThemeData
shell32
ShellExecuteW
wer
WerReportCloseHandle
WerReportAddFile
WerReportSetParameter
WerReportCreate
WerReportSubmit
ntdll
EtwLogTraceEvent
Sections
.text Size: 161KB - Virtual size: 161KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 162KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UPX0 Size: 144KB - Virtual size: 380KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE