AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Static task
static1
Behavioral task
behavioral1
Sample
xenia_canary.exe
Resource
win7-20230220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
xenia_canary.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
10 signatures
150 seconds
General
-
Target
xenia_canary.exe
-
Size
9.4MB
-
MD5
e54126867a0bb124f7a56509b04f6c04
-
SHA1
779b30b9f9d0bfed770b4b8693546b180d5239f5
-
SHA256
43f8e9a3e3fae12d66fb055c891e8c4a53979ce5323bea8c16d60ed24c7fa58c
-
SHA512
16d7e8a4607a01f8155bde6ddc199122c6373fbad52bd4c5ea8c7243848238f95c797cf0302c55ada0c30e5c58957dc014d76812d6348348371c411b3fc2dbed
-
SSDEEP
49152:NOok4BZReYCEqHSW56uXO/tTMNvhaJnlzBldeei7UI9vQ30JsHJCcAU5pSKRaMlw:kGtSHctTMKlFyc0JsAchpSeRd2zFt4M
Score
1/10
Malware Config
Signatures
Files
-
xenia_canary.exe.exe windows x64
bc28924362da13fa973887d79b909882
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
InitializeSRWLock
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
GetConsoleMode
SetUnhandledExceptionFilter
FormatMessageA
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
GetLocaleInfoA
GetSystemPowerStatus
CompareStringA
GetModuleHandleExW
LoadLibraryExW
SetThreadExecutionState
GlobalMemoryStatusEx
VerifyVersionInfoW
GetOverlappedResult
CreateFileA
FormatMessageW
WaitForSingleObject
CancelIo
SetEnvironmentVariableA
GetEnvironmentVariableA
ReleaseSemaphore
MulDiv
GetTickCount
Process32Next
CreateToolhelp32Snapshot
Process32First
OutputDebugStringW
SetErrorMode
GetFileSizeEx
GetModuleFileNameW
WaitNamedPipeW
PeekNamedPipe
LoadLibraryA
VirtualAlloc
VirtualFree
RemoveVectoredContinueHandler
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
MapViewOfFileEx
MapViewOfFile
CreateFileMappingW
GetFileSize
GetSystemInfo
FlushViewOfFile
UnmapViewOfFile
SetFilePointer
InitializeCriticalSectionEx
TryEnterCriticalSection
GetProcAddress
K32GetModuleInformation
GetCurrentThread
GetLastError
GetModuleHandleA
GetCurrentProcess
WriteProcessMemory
GetModuleFileNameA
ExitProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
UnhandledExceptionFilter
InitializeSListHead
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetFileInformationByHandleEx
DeviceIoControl
AreFileApisANSI
SetFileInformationByHandle
GetFullPathNameW
FindFirstFileExW
CreateDirectoryW
FlushInstructionCache
VirtualProtect
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
DeleteTimerQueueTimer
GlobalAddAtomW
GlobalDeleteAtom
CreateTimerQueueTimer
GetThreadContext
GetSystemTimeAsFileTime
AllocConsole
AttachConsole
GetStdHandle
FreeLibrary
LocalFree
LoadLibraryW
GetCommandLineW
QueryPerformanceCounter
GetCurrentProcessId
QueryPerformanceFrequency
FlushFileBuffers
SetFilePointerEx
GetFileAttributesExW
CreateFileW
FindClose
SetEndOfFile
WriteFile
FindNextFileW
FindFirstFileW
ReadFile
IsDebuggerPresent
TlsGetValue
SleepEx
CreateSemaphoreW
GetModuleHandleW
GetThreadId
QueueUserAPC
CreateThread
RaiseException
CloseHandle
GetThreadPriority
TlsAlloc
WaitForSingleObjectEx
TerminateThread
Sleep
CreateEventW
CancelWaitableTimer
ExitThread
ResumeThread
SuspendThread
ReleaseMutex
GetCurrentThreadId
WaitForMultipleObjectsEx
CreateMutexW
SetThreadPriority
SignalObjectAndWait
GetProcessAffinityMask
CreateWaitableTimerW
SetProcessAffinityMask
TlsSetValue
SetWaitableTimer
SetThreadAffinityMask
OutputDebugStringA
WriteConsoleW
user32
KillTimer
ClipCursor
GetUpdateRect
IsRectEmpty
GetForegroundWindow
GetClipCursor
TrackMouseEvent
GetRawInputData
PeekMessageW
SetTimer
UnregisterClassW
GetSystemMetrics
CallNextHookEx
GetPropW
GetMenu
GetWindowRect
CallWindowProcW
GetMessageExtraInfo
RegisterClassExA
UnregisterDeviceNotification
UnregisterClassA
CreateWindowExA
RegisterDeviceNotificationW
RegisterWindowMessageA
GetDesktopWindow
SystemParametersInfoW
DrawTextW
GetDlgItem
SystemParametersInfoA
DialogBoxIndirectParamW
EndDialog
GetRawInputDeviceList
GetRawInputDeviceInfoA
PostThreadMessageW
RegisterRawInputDevices
SetCursorPos
CreateIconIndirect
CopyImage
GetWindowTextW
SetForegroundWindow
PtInRect
GetParent
FlashWindowEx
SetWindowsHookExW
IntersectRect
SetLayeredWindowAttributes
UnhookWindowsHookEx
CreateIconFromResource
AttachThreadInput
RegisterClassW
GetKeyboardState
RemovePropW
MessageBoxW
GetCursorPos
ReleaseDC
GetDoubleClickTime
ReleaseCapture
CreateMenu
GetClassInfoExW
AppendMenuW
GetMenuInfo
GetClientRect
SetWindowLongW
SetCursor
SetCapture
DrawMenuBar
LoadCursorW
LoadIconW
SetPropW
SetFocus
DestroyMenu
SetMenu
ValidateRect
SetMenuInfo
SetWindowPlacement
ClientToScreen
GetMonitorInfoW
DestroyIcon
GetCapture
ShowWindow
GetClassLongPtrW
GetWindowPlacement
WindowFromPoint
RegisterClassExW
GetWindowLongPtrW
CreatePopupMenu
SetWindowTextW
SendMessageW
ScreenToClient
CreateWindowExW
SetWindowLongPtrW
MonitorFromWindow
SetWindowPos
GetDC
DestroyWindow
GetFocus
CreateIconFromResourceEx
GetKeyState
AdjustWindowRectEx
DefWindowProcW
GetWindowLongW
PostQuitMessage
TranslateMessage
DispatchMessageW
PostMessageW
GetMessageW
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetAsyncKeyState
SetActiveWindow
MonitorFromRect
GetWindowTextLengthW
IsClipboardFormatAvailable
GetClipboardSequenceNumber
EnableMenuItem
IsIconic
MessageBoxA
ChangeDisplaySettingsExW
InvalidateRect
GetWindowThreadProcessId
SetWindowRgn
ToUnicode
GetKeyboardLayout
MapVirtualKeyW
EnumDisplaySettingsW
EnumDisplayDevicesW
EnumDisplayMonitors
MonitorFromPoint
advapi32
RegOpenKeyExW
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegQueryValueExW
RegGetValueW
ole32
CoInitializeEx
CoTaskMemFree
CoUninitialize
CoCreateInstance
CLSIDFromString
PropVariantClear
ntdll
RtlCaptureContext
RtlVirtualUnwind
VerSetConditionMask
RtlCaptureStackBackTrace
RtlInstallFunctionTableCallback
RtlDeleteFunctionTable
RtlLookupFunctionEntry
dwmapi
DwmSetWindowAttribute
shlwapi
ord219
dxgi
CreateDXGIFactory1
winmm
waveInGetNumDevs
waveInPrepareHeader
waveOutGetErrorTextW
waveInReset
waveOutGetNumDevs
waveInUnprepareHeader
waveOutUnprepareHeader
waveOutClose
waveOutWrite
waveOutGetDevCapsW
timeBeginPeriod
waveInAddBuffer
waveInStart
waveOutPrepareHeader
waveOutOpen
waveInOpen
waveOutReset
waveInClose
timeEndPeriod
waveInGetDevCapsW
PlaySoundW
wsock32
htonl
ioctlsocket
WSAStartup
select
__WSAFDIsSet
WSAGetLastError
setsockopt
inet_ntoa
sendto
getsockopt
recv
recvfrom
socket
getsockname
listen
shutdown
ntohl
closesocket
bind
connect
accept
send
bcrypt
BCryptGenRandom
BCryptImportKeyPair
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptDestroyKey
BCryptEncrypt
imm32
ImmReleaseContext
ImmGetContext
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmAssociateContext
ImmSetCompositionStringW
ImmNotifyIME
ImmGetCandidateListW
ImmGetIMEFileNameA
ImmSetCandidateWindow
msvcp140
_Thrd_hardware_concurrency
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
_Mtx_trylock
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
_Mtx_current_owns
_Cnd_timedwait
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
_Thrd_yield
_Query_perf_frequency
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
_Mbrtowc
_Strxfrm
_Thrd_sleep
_Query_perf_counter
_Xtime_get_ticks
_Thrd_join
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Cnd_init_in_situ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?id@?$collate@D@std@@2V0locale@2@A
?_Syserror_map@std@@YAPEBDH@Z
_Strcoll
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
_Mtx_lock
_Cnd_do_broadcast_at_thread_exit
_Mtx_unlock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Thrd_id
?id@?$numpunct@D@std@@2V0locale@2@A
?id@?$numpunct@_W@std@@2V0locale@2@A
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
_Cnd_wait
_Cnd_signal
?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ
??0ctype_base@std@@QEAA@_K@Z
??1ctype_base@std@@UEAA@XZ
_Toupper
_Tolower
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
_Cnd_destroy_in_situ
_Cnd_broadcast
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
vcruntime140_1
__CxxFrameHandler4
vcruntime140
strstr
__RTtypeid
__std_type_info_name
__C_specific_handler
strchr
memchr
memcpy
memcmp
strrchr
memmove
__std_terminate
_purecall
__std_type_info_compare
__std_exception_copy
__RTDynamicCast
_CxxThrowException
memset
__current_exception_context
__current_exception
__std_exception_destroy
api-ms-win-crt-stdio-l1-1-0
ferror
__stdio_common_vsscanf
fopen
fread
_set_fmode
_ftelli64
_wfopen
fopen_s
fgets
_chsize_s
__p__commode
__stdio_common_vsprintf
_fileno
__stdio_common_vsnprintf_s
fseek
ftell
__stdio_common_vfprintf
fputs
__stdio_common_vswprintf
_isatty
fwrite
fgetpos
__acrt_iob_func
setvbuf
__stdio_common_vsprintf_s
_get_stream_buffer_pointers
_fseeki64
fsetpos
fputc
fflush
ungetc
fclose
freopen_s
fgetc
_open_osfhandle
api-ms-win-crt-heap-l1-1-0
_aligned_malloc
malloc
_set_new_mode
free
calloc
_aligned_realloc
realloc
_aligned_free
_callnewh
api-ms-win-crt-math-l1-1-0
_fdsign
truncf
scalbn
__setusermatherr
_ldsign
lroundf
frexp
llrint
acos
asin
atan
cos
_copysign
log2f
exp2f
sqrtf
powf
cosh
logf
log10f
log10
fmodf
fminf
roundf
fmod
lround
expf
cosf
atanf
atan2f
round
trunc
asinf
acosf
_ldclass
exp2
ldexp
fabs
_fdclass
nanf
log2
_dsign
sinf
_fdopen
scalbnf
sqrt
pow
atan2
_dclass
hypot
log
tanh
tan
sinh
sin
exp
tanf
api-ms-win-crt-convert-l1-1-0
atof
strtoll
strtoull
strtod
strtoul
atoi
strtol
wcstombs
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_unlock_file
api-ms-win-crt-locale-l1-1-0
localeconv
___lc_codepage_func
_configthreadlocale
api-ms-win-crt-runtime-l1-1-0
_get_wpgmptr
_register_thread_local_exe_atexit_callback
_c_exit
_exit
_initterm_e
abort
strerror
_beginthreadex
quick_exit
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_register_onexit_function
terminate
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_errno
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
signal
exit
_initterm
api-ms-win-crt-time-l1-1-0
_gmtime64
clock
_mkgmtime64
_localtime64
_mktime64
_time64
api-ms-win-crt-string-l1-1-0
toupper
_strdup
isprint
isupper
_wcsnicmp
_wcsicmp
_stricmp
strspn
strcmp
_strrev
isalpha
isspace
_strnicmp
islower
tolower
isxdigit
isalnum
strncpy
iscntrl
ispunct
strcspn
isdigit
strncmp
isgraph
api-ms-win-crt-utility-l1-1-0
bsearch
qsort
gdi32
DeleteDC
CreateRectRgn
GetTextMetricsW
CreateCompatibleDC
GetTextExtentPoint32A
SelectObject
CreateBitmap
DeleteObject
CombineRgn
GetICMProfileW
SetDeviceGammaRamp
CreateDCW
GetDeviceCaps
GetDeviceGammaRamp
GetStockObject
CreateFontIndirectW
BitBlt
DescribePixelFormat
ChoosePixelFormat
SwapBuffers
GetPixelFormat
SetPixelFormat
CreateCompatibleBitmap
GetDIBits
CreateDIBSection
shell32
DragAcceptFiles
DragFinish
DragQueryFileW
SHGetFolderPathW
ExtractIconExW
CommandLineToArgvW
ShellExecuteW
SHGetKnownFolderPath
setupapi
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
CM_Get_Parent
CM_Locate_DevNodeA
CM_Get_Device_IDA
SetupDiGetDeviceRegistryPropertyA
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
oleaut32
SysFreeString
api-ms-win-crt-environment-l1-1-0
getenv
Exports
Exports
Sections
.text Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.cold Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4.3MB - Virtual size: 4.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 272KB - Virtual size: 5.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 182KB - Virtual size: 182KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 173KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ