WEBLOGS_2023-01-13_09_12_32[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

WEBLOGS_2023-01-13_09_12_32.zip
Size

883KB
MD5

c3dd47f89cd1367eeb351b48e61609f3
SHA1

de69cabf9e13a38f71634cd5da219bab2492ea82
SHA256

7ec44f7aed9e6099005c3a84a67766d64c56b61a50209a157c0617b95cfb93d6
SHA512

7094690a2c0c38afd7b495ec4467184fd4df1e3137e38f57dea04c46b7c388fb102019e4a50dc444319a5272065e972e57ad87f90d4ffb9131f5f91a2b5b3093
SSDEEP

24576:uqcollIeuT2HpiX/B7vylPBkBPvGImPYxw7axcCIlwZkK8j62nm:hco8euT2HoPZvypqmQK7GLI+t2m

Score

N/A

Malware Config

Signatures

Files

WEBLOGS_2023-01-13_09_12_32.zip
.zip

Password: Malware123!!
Device/HarddiskVolume2/Users/Administrator/Downloads/7zip_installer_d793026.exe
.exe windows x86

Password: Malware123!!

3701258e15db8451dfacdb7d93bb1117

Code Sign

6a:5d:73:f2:62:c3:8b:bd:45:78:ab:6a:d7:13:31:8d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

19/06/2011, 00:00

Not After

01/07/2013, 23:59

Subject

CN=W3i\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=W3i\, LLC,L=Sartell,ST=Minnesota,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9e:d3:e5:bd:5d:05:4d:1f:e4:e8:55:1f:5f:0c:c7:00:44:d3:f4:88
Signer

Actual PE Digest

9e:d3:e5:bd:5d:05:4d:1f:e4:e8:55:1f:5f:0c:c7:00:44:d3:f4:88

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=W3i\, LLC,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=W3i\, LLC,L=Sartell,ST=Minnesota,C=US

13/01/2023, 12:41
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_Add

kernel32

GetFileAttributesW
FormatMessageW
LoadLibraryW
UnlockFileEx
LockFile
UnlockFile
InterlockedCompareExchange
UnmapViewOfFile
MapViewOfFile
GetFullPathNameW
GetTempPathW
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingA
GetDiskFreeSpaceA
GetFileAttributesExW
MultiByteToWideChar
GetPrivateProfileStringA
GetPrivateProfileIntA
CopyFileA
SystemTimeToFileTime
GetLocalTime
WritePrivateProfileStringA
WaitForSingleObject
CreateMutexA
ReleaseMutex
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
GetTickCount
GetCurrentThreadId
Sleep
GetLastError
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteFileW
AreFileApisANSI
CreateFileW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
RtlUnwind
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetFileType
SetHandleCount
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
RaiseException
FormatMessageA
GetModuleHandleA
LocalAlloc
lstrlenA
LocalFree
BeginUpdateResourceA
HeapAlloc
GetProcessHeap
UpdateResourceA
HeapFree
EndUpdateResourceA
LoadLibraryA
EnumResourceNamesA
EnumResourceLanguagesA
FreeLibrary
LoadLibraryExA
GetUserDefaultUILanguage
GetTempPathA
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
GetSystemTime
GetTempFileNameA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
MoveFileA
GetModuleFileNameA
GetCurrentDirectoryA
GetFullPathNameA
GetLongPathNameA
CloseHandle
GetPrivateProfileSectionNamesA
CreateProcessA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateProcess
GetExitCodeProcess
Module32First
Module32Next
GetProcAddress
GetCurrentProcessId
VirtualQuery
GetCurrentThread
GetCurrentProcess
CreateEventA
WaitForSingleObjectEx
ResetEvent
SetEvent
FileTimeToSystemTime
GetTimeZoneInformation
CreateFileA
GetFileTime
FileTimeToLocalFileTime
TzSpecificLocalTimeToSystemTime
GetFileSize
ReadFile
WriteFile
SetFilePointer
GetVersionExA
GetSystemInfo
GetWindowsDirectoryA
GetSystemDirectoryA
ExpandEnvironmentStringsA
GlobalMemoryStatus
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapReAlloc
HeapSize
GetModuleHandleW
ExitProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
ExitThread
CreateThread
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
HeapCreate
VirtualFree
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings

user32

GetShellWindow
FindWindowA
GetDesktopWindow
LoadCursorA
CreateWindowExA
GetClassInfoExA
RegisterClassExA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CallWindowProcA
DefWindowProcA
LoadBitmapA
LoadImageA
SetCursor
ReleaseCapture
GetKeyboardState
CreatePopupMenu
DestroyMenu
AppendMenuA
TrackPopupMenu
WaitForInputIdle
SetDlgItemTextA
AdjustWindowRectEx
OffsetRect
SystemParametersInfoA
GetDC
DrawIcon
ReleaseDC
GetMessagePos
InflateRect
CopyRect
SendMessageW
GetDlgItem
EndDialog
CreateDialogParamA
DialogBoxParamA
GetWindowTextLengthA
SetWindowLongA
GetSystemMetrics
GetWindowLongA
PostMessageA
SendMessageA
ScreenToClient
EnumChildWindows
GetClassNameA
IsWindow
ClientToScreen
FindWindowExA
GetWindowThreadProcessId
IsWindowEnabled
EnumWindows
LoadStringA
FrameRect
BeginPaint
SetWindowPos
GetCursorPos
PostQuitMessage
LoadIconA
IsIconic
EndPaint
GetDlgCtrlID
GetSysColor
GetSysColorBrush
LoadAcceleratorsA
DestroyWindow
MessageBoxA
MessageBoxExA
GetWindowTextA
SetWindowTextA
SetClassLongA
ShowWindow
EnableWindow
SetForegroundWindow
UpdateWindow
GetFocus
SetFocus
IsWindowVisible
InvalidateRgn
InvalidateRect
MoveWindow
GetClientRect
GetWindowRect
SetParent
GetParent
KillTimer
SetTimer

shell32

Shell_NotifyIconA
SHGetSpecialFolderPathA
ShellExecuteExA

ole32

CoInitializeEx
CoTaskMemAlloc
CoUninitialize
CoInitialize
CoCreateGuid
StringFromGUID2
CoTaskMemFree
CoCreateInstance
OleInitialize
CoInitializeSecurity
OleUninitialize

oleaut32

SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysFreeString
SafeArrayDestroy

psapi

GetModuleFileNameExA
EnumProcesses

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

userenv

ExpandEnvironmentStringsForUserA

wininet

InternetErrorDlg
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetCombineUrlA
InternetGetCookieA
InternetSetCookieA
InternetCloseHandle
InternetOpenA
InternetSetStatusCallback
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetReadFileExA

shlwapi

PathCombineA
UrlEscapeA
SHDeleteEmptyKeyA
PathIsDirectoryEmptyA
PathRemoveFileSpecA
PathStripPathA
PathFindExtensionA
PathRenameExtensionA

urlmon

IsValidURL

gdi32

GetStockObject
PatBlt
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetBkColor
DeleteDC
BitBlt
SetWindowOrgEx
GetObjectA

advapi32

GetLengthSid
RegEnumValueA
RegEnumKeyExA
RevertToSelf
OpenProcessToken
GetTokenInformation
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
SetTokenInformation
LookupPrivilegeValueA
DuplicateTokenEx
ImpersonateLoggedOnUser
AdjustTokenPrivileges
RegOpenCurrentUser
RegOpenUserClassesRoot
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA

gdiplus

GdipSetCompositingMode
GdipDeleteGraphics
GdipCreateFromHDC

comdlg32

GetOpenFileNameA

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-ti
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-de
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-de
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-ti
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: Malware123!!

Password: Malware123!!

3701258e15db8451dfacdb7d93bb1117

Code Sign

6a:5d:73:f2:62:c3:8b:bd:45:78:ab:6a:d7:13:31:8dCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

9e:d3:e5:bd:5d:05:4d:1f:e4:e8:55:1f:5f:0c:c7:00:44:d3:f4:88Signer

Signature Validations

Verification

13/01/2023, 12:41 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

shell32

ole32

oleaut32

psapi

version

userenv

wininet

shlwapi

urlmon

gdi32

advapi32

gdiplus

comdlg32

Sections

.text Size: 114KB - Virtual size: 113KB

.text-co Size: 99KB - Virtual size: 98KB

.text-co Size: 129KB - Virtual size: 129KB

.text-co Size: 39KB - Virtual size: 39KB

.text-co Size: 28KB - Virtual size: 27KB

.text-co Size: 13KB - Virtual size: 13KB

.text-co Size: 252KB - Virtual size: 251KB

.text-co Size: 19KB - Virtual size: 19KB

.text-co Size: 13KB - Virtual size: 13KB

.text-co Size: 31KB - Virtual size: 31KB

.text-co Size: 56KB - Virtual size: 55KB

.text-co Size: 38KB - Virtual size: 38KB

.text-co Size: 77KB - Virtual size: 76KB

.text-co Size: 12KB - Virtual size: 12KB

.text-co Size: 10KB - Virtual size: 10KB

.text-co Size: 25KB - Virtual size: 25KB

.text-ti Size: 41KB - Virtual size: 40KB

.text-co Size: 9KB - Virtual size: 9KB

.text-de Size: 87KB - Virtual size: 86KB

.rdata Size: 282KB - Virtual size: 281KB

.data Size: 14KB - Virtual size: 22KB

.data-de Size: 512B - Virtual size: 48B

.data-co Size: 512B - Virtual size: 176B

.data-co Size: 512B - Virtual size: 52B

.data-co Size: 512B - Virtual size: 48B

.data-co Size: 512B - Virtual size: 40B

.data-ti Size: 1KB - Virtual size: 1KB

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 68B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 44B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 80B

.data-co Size: 512B - Virtual size: 48B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 3KB - Virtual size: 2KB

.rsrc Size: 216KB - Virtual size: 215KB

6a:5d:73:f2:62:c3:8b:bd:45:78:ab:6a:d7:13:31:8d
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

9e:d3:e5:bd:5d:05:4d:1f:e4:e8:55:1f:5f:0c:c7:00:44:d3:f4:88
Signer

13/01/2023, 12:41
Valid: false

.text
Size: 114KB - Virtual size: 113KB

.text-co
Size: 99KB - Virtual size: 98KB

.text-co
Size: 129KB - Virtual size: 129KB

.text-co
Size: 39KB - Virtual size: 39KB

.text-co
Size: 28KB - Virtual size: 27KB

.text-co
Size: 13KB - Virtual size: 13KB

.text-co
Size: 252KB - Virtual size: 251KB

.text-co
Size: 19KB - Virtual size: 19KB

.text-co
Size: 13KB - Virtual size: 13KB

.text-co
Size: 31KB - Virtual size: 31KB

.text-co
Size: 56KB - Virtual size: 55KB

.text-co
Size: 38KB - Virtual size: 38KB

.text-co
Size: 77KB - Virtual size: 76KB

.text-co
Size: 12KB - Virtual size: 12KB

.text-co
Size: 10KB - Virtual size: 10KB

.text-co
Size: 25KB - Virtual size: 25KB

.text-ti
Size: 41KB - Virtual size: 40KB

.text-co
Size: 9KB - Virtual size: 9KB

.text-de
Size: 87KB - Virtual size: 86KB

.rdata
Size: 282KB - Virtual size: 281KB

.data
Size: 14KB - Virtual size: 22KB

.data-de
Size: 512B - Virtual size: 48B

.data-co
Size: 512B - Virtual size: 176B

.data-co
Size: 512B - Virtual size: 52B

.data-co
Size: 512B - Virtual size: 48B

.data-co
Size: 512B - Virtual size: 40B

.data-ti
Size: 1KB - Virtual size: 1KB

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 68B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 44B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 80B

.data-co
Size: 512B - Virtual size: 48B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 216KB - Virtual size: 215KB