Static task
static1
General
-
Target
FDLauncher.exe
-
Size
12.8MB
-
MD5
5aba6a083794802eb6ab3f1498208e9a
-
SHA1
0955dbb9e9233f84ce096adedf047634ff1cc718
-
SHA256
1f634829a9a252b18180a434425066fa8a9b21e6cecc3948802d61d5c5399c49
-
SHA512
eb9e2832b2a3f2d441bf1eae19198d8e1e3070af46830cc8dbfa4be8518296396bf0cb01b442df5ea984b06ef972272893495bb089514b741da4addebcf0b36a
-
SSDEEP
196608:wh/pRneJF51C9/+MVIXyrdC/l6XOcNBhHy4ZZJsv6tWKFdu9CkKU:wh/feT33MesC8hHRZJsv6tWKFdu9CI
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource FDLauncher.exe
Files
-
FDLauncher.exe.exe windows x86
9f6e6c305aa90cfc59dd35244c4d7f1c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
RegisterClassW
EnumDisplayDevicesW
GetClipboardFormatNameW
HideCaret
DestroyCaret
CreateCaret
TrackMouseEvent
GetMessageExtraInfo
GetAsyncKeyState
GetTouchInputInfo
CloseTouchInputHandle
GetWindowTextW
GetIconInfo
IsWindowEnabled
RegisterWindowMessageW
GetKeyboardLayout
CreateIconIndirect
EnumWindows
RealGetWindowClassW
ChangeWindowMessageFilterEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
EnumDisplaySettingsExA
PostThreadMessageW
CharNextExA
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetCursorInfo
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
TrackPopupMenuEx
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
ChangeClipboardChain
PeekMessageW
FindWindowA
SetCaretPos
RegisterClipboardFormatW
ShowCaret
EnumDisplayDevicesA
SetClipboardViewer
IsHungAppWindow
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
SetMenuItemInfoW
GetMenuItemInfoW
TrackPopupMenu
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
DestroyMenu
CreatePopupMenu
CreateMenu
DrawMenuBar
SetMenu
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
WindowFromPoint
GetCursorPos
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
GetKeyboardLayoutList
GetAncestor
MonitorFromPoint
DestroyIcon
DestroyCursor
GetWindow
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetWindowTextW
InvalidateRect
SetWindowRgn
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetMenu
ReleaseCapture
SetCapture
GetCapture
IsTouchWindow
UnregisterTouchWindow
RegisterTouchWindow
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
SetLayeredWindowAttributes
UpdateLayeredWindow
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
UpdateLayeredWindowIndirect
GetCaretBlinkTime
MessageBeep
IsWindow
GetDoubleClickTime
MessageBoxW
GetDesktopWindow
DestroyWindow
DefWindowProcW
GetForegroundWindow
SystemParametersInfoW
GetSysColor
GetSystemMetrics
ReleaseDC
GetDC
EnableMenuItem
GetSystemMenu
DrawIconEx
kernel32
GetUserPreferredUILanguages
GetFileAttributesExW
GetStartupInfoW
GetStdHandle
ConnectNamedPipe
CreateNamedPipeW
GetExitCodeProcess
GetProcessId
UnregisterWaitEx
RegisterWaitForSingleObject
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
GetFileAttributesW
GetFileInformationByHandle
GetFullPathNameW
GetLogicalDrives
RemoveDirectoryW
SetFileTime
GetTempPathW
GetVolumePathNamesForVolumeNameW
SetErrorMode
DeviceIoControl
CopyFileW
MoveFileW
MoveFileExW
TzSpecificLocalTimeToSystemTime
FileTimeToSystemTime
GetUserDefaultLCID
GetFileInformationByHandleEx
FlushFileBuffers
GetFileType
SetEndOfFile
CompareStringW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
FindFirstFileExW
GetModuleHandleExW
ReadFileEx
PeekNamedPipe
CancelIoEx
SleepEx
WriteFileEx
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
ExitProcess
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ReleaseMutex
CreateMutexW
VirtualAlloc
VirtualFree
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
GetSystemDirectoryW
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ResumeThread
TerminateThread
GetThreadPriority
CreateThread
SwitchToThread
WaitForMultipleObjects
Sleep
DuplicateHandle
GetLocalTime
GetSystemTime
SetEvent
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
GetCommandLineW
CompareStringEx
GetUserDefaultLangID
GetCurrentProcessId
GlobalSize
LoadLibraryA
GetLocaleInfoW
GlobalLock
GlobalUnlock
GlobalAlloc
OpenProcess
CheckRemoteDebuggerPresent
CreateProcessW
ExpandEnvironmentStringsW
WTSGetActiveConsoleSessionId
FormatMessageW
LocalFree
GetModuleHandleW
GetCurrentThreadId
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
WriteFile
SetFilePointer
GetConsoleWindow
lstrcmpW
SetFilePointerEx
ReadFile
CreateFileW
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameW
SetThreadPriority
GetCurrentThread
FindNextFileW
InitializeSListHead
FindFirstFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
InitOnceComplete
InitOnceBeginInitialize
FindClose
WideCharToMultiByte
MultiByteToWideChar
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
RaiseException
CreateEventW
WaitForSingleObjectEx
ResetEvent
GetLastError
CloseHandle
OutputDebugStringW
DebugBreak
IsDebuggerPresent
GetDriveTypeW
GetLongPathNameW
GetVolumeInformationW
SystemTimeToFileTime
GetSystemTimeAsFileTime
gdi32
CombineRgn
GetDIBits
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
SelectObject
CreateDIBSection
GdiFlush
BitBlt
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetTextFaceW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
EnumFontFamiliesExW
CreateFontIndirectW
GetObjectW
GetBitmapBits
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
SetLayout
OffsetRgn
shell32
SHGetFileInfoW
SHGetStockIconInfo
ord727
ShellExecuteW
SHCreateItemFromIDList
SHGetMalloc
SHGetPathFromIDListW
SHGetKnownFolderIDList
SHBrowseForFolderW
Shell_NotifyIconW
Shell_NotifyIconGetRect
CommandLineToArgvW
SHGetKnownFolderPath
SHGetSpecialFolderPathW
SHCreateItemFromParsingName
ole32
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
OleUninitialize
OleInitialize
RevokeDragDrop
CoGetMalloc
CoLockObjectExternal
CoCreateGuid
StringFromGUID2
CoInitialize
CLSIDFromString
StringFromCLSID
PropVariantClear
CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemFree
DoDragDrop
RegisterDragDrop
ReleaseStgMedium
oleaut32
SafeArrayPutElement
SysFreeString
SafeArrayCreateVector
SysAllocString
advapi32
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
SystemFunction036
OpenProcessToken
AccessCheck
AllocateAndInitializeSid
CopySid
DuplicateToken
FreeSid
GetLengthSid
MapGenericMask
LookupAccountSidW
GetEffectiveRightsFromAclW
GetNamedSecurityInfoW
BuildTrusteeWithSidW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
imm32
ImmSetCompositionWindow
ImmNotifyIME
ImmGetOpenStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey
ImmSetCandidateWindow
userenv
GetUserProfileDirectoryW
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
netapi32
NetShareEnum
NetApiBufferFree
ws2_32
WSAAsyncSelect
uxtheme
GetCurrentThemeName
IsAppThemed
IsThemeActive
SetWindowTheme
GetThemeBool
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundRegion
ord47
CloseThemeData
GetThemeTransitionDuration
OpenThemeData
GetThemePartSize
GetThemeColor
GetThemeInt
GetThemeEnumValue
GetThemeMargins
GetThemePropertyOrigin
dwmapi
DwmIsCompositionEnabled
DwmEnableBlurBehindWindow
DwmGetWindowAttribute
DwmSetWindowAttribute
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
msvcp140
_Cnd_broadcast
_Cnd_signal
_Cnd_register_at_thread_exit
_Cnd_unregister_at_thread_exit
?_Throw_future_error@std@@YAXABVerror_code@1@@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
_Cnd_destroy_in_situ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?ignore@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Xbad_alloc@std@@YAXXZ
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?swap@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXAAV12@@Z
?swap@?$basic_istream@DU?$char_traits@D@std@@@std@@IAEXAAV12@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
?id@?$ctype@D@std@@2V0locale@2@A
?classic@locale@std@@SAABV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?tolower@?$ctype@D@std@@QBEDD@Z
_Cnd_wait
_Cnd_init_in_situ
_Thrd_detach
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCreate@@YAXPAX@Z
_Thrd_sleep
_Query_perf_frequency
_Query_perf_counter
_Xtime_get_ticks
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_yield
_Thrd_join
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Syserror_map@std@@YAPBDH@Z
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
?_Xbad_function_call@std@@YAXXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
vcruntime140
strstr
longjmp
_setjmp3
strrchr
__current_exception
__current_exception_context
_except_handler4_common
wcsrchr
strchr
memcmp
_purecall
__CxxFrameHandler3
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memchr
memcpy
memmove
memset
api-ms-win-crt-runtime-l1-1-0
_beginthreadex
_errno
strerror
__p___argc
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_endthreadex
_initialize_narrow_environment
abort
_initialize_onexit_table
terminate
_register_onexit_function
_crt_atexit
exit
_controlfp_s
_register_thread_local_exe_atexit_callback
_c_exit
_exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_set_app_type
_seh_filter_exe
_cexit
__p___argv
api-ms-win-crt-stdio-l1-1-0
__p__commode
_set_fmode
ftell
fopen
__stdio_common_vfprintf
_open_osfhandle
_fileno
rewind
ungetc
setvbuf
fwrite
_fseeki64
fsetpos
fread
fputc
fgetpos
fgetc
fflush
fclose
_get_stream_buffer_pointers
__acrt_iob_func
_wfopen
__stdio_common_vsprintf
_write
_read
_close
fgets
feof
__stdio_common_vswprintf
fputws
__stdio_common_vsscanf
__stdio_common_vsnprintf_s
_get_osfhandle
fseek
_ftelli64
_lseeki64
fputs
ferror
clearerr
api-ms-win-crt-filesystem-l1-1-0
_wchmod
_waccess
_unlock_file
_wstat64i32
_lock_file
api-ms-win-crt-string-l1-1-0
toupper
isalnum
strncpy
wcslen
isalpha
strcmp
tolower
isdigit
strlen
strncmp
strcpy_s
isspace
strcat
wcsncmp
isxdigit
wcscmp
strcpy
api-ms-win-crt-math-l1-1-0
modf
_fdtest
tan
sin
log2f
log
hypot
sqrt
ldexp
sinh
cos
cbrtf
trunc
exp
_dtest
copysignf
fmod
atan2
asin
acos
lround
roundf
floor
round
fabs
pow
__setusermatherr
log10
atan
ceil
api-ms-win-crt-utility-l1-1-0
_byteswap_ushort
_byteswap_uint64
rand_s
abs
bsearch
_byteswap_ulong
srand
qsort
_rotl
rand
api-ms-win-crt-time-l1-1-0
_mktime64
_localtime64_s
_get_tzname
_time64
_tzset
_get_timezone
api-ms-win-crt-heap-l1-1-0
free
malloc
realloc
calloc
_aligned_malloc
_aligned_free
_set_new_mode
_callnewh
api-ms-win-crt-convert-l1-1-0
strtol
strtof
atoi
strtoul
api-ms-win-crt-environment-l1-1-0
getenv
getenv_s
_wgetenv_s
_wgetcwd
_wgetenv
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
setlocale
winmm
waveOutClose
waveInGetNumDevs
waveOutUnprepareHeader
waveOutOpen
waveOutGetDevCapsW
waveOutWrite
waveOutPrepareHeader
waveInGetDevCapsW
PlaySoundW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
timeKillEvent
timeSetEvent
waveOutGetNumDevs
waveInReset
waveInStop
waveInStart
waveInAddBuffer
Sections
.text Size: 6.0MB - Virtual size: 6.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5.8MB - Virtual size: 5.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 288KB - Virtual size: 834KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qtmetad Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.qtmimed Size: 316KB - Virtual size: 316KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 204KB - Virtual size: 204KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 209KB - Virtual size: 208KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ