sample[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sample.zip
Size

111KB
MD5

893ca76bd650febc74be4d2ca48a6ef6
SHA1

6439c153f31c6e64794b7184bc4ddbcf3f26688a
SHA256

f6b4a3791af73c724bb4bc0e51b96c6b9881c994eac165d150d27c96df52deee
SHA512

3b53136943a4b3070bb2c0dadfffa7c311ec55be99561d11718812f2175a2d63267e7704925943c02bb495e92e4302df7340ad30ce9b069d928369d3209b3369
SSDEEP

3072:hO3EYkTAA6FWkC4gdX4BAzt1l5kToN516uJyRnMG:hO3EYkA0kiXAIH71XJydMG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a.cpl

Files

sample.zip
.zip

Password: infected
a.cpl
.dll windows x86

f965287400975ef8686d759dacdeb55e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

GetUserNameA

gdi32

BitBlt
CreateCompatibleDC
CreateDCA
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceCaps
RestoreDC
SaveDC
SelectObject

gdiplus

GdipAlloc
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipFree
GdipSaveImageToFile
GdiplusStartup

kernel32

AddAtomA
CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateMutexA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
GetAtomNameA
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetFileAttributesA
GetFileSize
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GetVersion
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MoveFileExA
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
SetCriticalSectionSpinCount
SetCurrentDirectoryA
SetEvent
SetFileAttributesA
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcpyA

msvcrt

__dllonexit
__mb_cur_max
_amsg_exit
_beginthreadex
_endthreadex
_errno
_ftime
_initterm
_iob
_itow
_itoa
_lock
_onexit
_setjmp3
_unlock
_write
abort
atoi
calloc
exit
fclose
fopen
fprintf
fputc
fputs
free
fwrite
getenv
localeconv
longjmp
malloc
mbstowcs
memcmp
memcpy
memmove
memset
printf
realloc
setlocale
sprintf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
system
vfprintf
wcslen

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
SysAllocStringLen
VariantInit

shell32

SHChangeNotify
SHGetFileInfoA
SHGetFolderLocation
SHGetFolderPathA

user32

ChildWindowFromPoint
DrawIcon
FindWindowA
GetCursorInfo
GetCursorPos
GetForegroundWindow
GetIconInfo
GetWindowTextA
MapWindowPoints
WindowFromPoint

Exports

Exports

ALL_POWERSCHEMES_GUID
ARRAYID_PathProperties
BHID_AssociationArray
BHID_DataObject
BHID_EnumAssocHandlers
BHID_EnumItems
BHID_Filter
BHID_LinkTargetItem
BHID_PropertyStore
BHID_RandomAccessStream
BHID_SFObject
BHID_SFUIObject
BHID_SFViewObject
BHID_Storage
BHID_StorageEnum
BHID_Stream
BHID_ThumbnailHandler
BHID_Transfer
CATID_BrowsableShellExt
CATID_BrowseInPlace
CATID_CommBand
CATID_Control
CATID_DeskBand
CATID_DocObject
CATID_InfoBand
CATID_Insertable
CATID_InternetAware
CATID_IsShortcut
CATID_LocationFactory
CATID_LocationProvider
CATID_NeverShowExt
CATID_PersistsToFile
CATID_PersistsToMemory
CATID_PersistsToMoniker
CATID_PersistsToPropertyBag
CATID_PersistsToStorage
CATID_PersistsToStream
CATID_PersistsToStreamInit
CATID_Printable
CATID_Programmable
CATID_RequiresDataPathHost
CATID_SafeForInitializing
CATID_SafeForScripting
CATID_SearchableApplication
CGID_DefView
CGID_Explorer
CGID_ExplorerBarDoc
CGID_MENUDESKBAR
CGID_ShellDocView
CGID_ShellServiceObject
CGID_ShortCut
CLSID_ACLCustomMRU
CLSID_ACLHistory
CLSID_ACLMRU
CLSID_ACLMulti
CLSID_ACListISF
CLSID_AccPropServices
CLSID_AccessibilityDockingService
CLSID_ActiveDesktop
CLSID_AllClasses
CLSID_AlphabeticalCategorizer
CLSID_AppShellVerbHandler
CLSID_AppStartupLink
CLSID_AppVisibility
CLSID_ApplicationActivationManager
CLSID_ApplicationAssociationRegistration
CLSID_ApplicationAssociationRegistrationUI
CLSID_ApplicationDesignModeSettings
CLSID_ApplicationDestinations
CLSID_ApplicationDocumentLists
CLSID_AttachmentServices
CLSID_AutoComplete
CLSID_CAnchorBrowsePropertyPage
CLSID_CColorPropPage
CLSID_CDBurn
CLSID_CDocBrowsePropertyPage
CLSID_CFSIconOverlayManager
CLSID_CFontPropPage
CLSID_CImageBrowsePropertyPage
CLSID_CPicturePropPage
CLSID_CURLSearchHook
CLSID_CUrlHistory
CLSID_ControlPanel
CLSID_ConvertVBX
CLSID_CurrentUserClasses
CLSID_DOMDocument
CLSID_DOMFreeThreadedDocument
CLSID_DarwinAppPublisher
CLSID_DefFolderMenu
CLSID_DesktopGadget
CLSID_DesktopWallpaper
CLSID_DestinationList
CLSID_DocHostUIHandler
CLSID_DocPropShellExtension
CLSID_DragDropHelper
CLSID_DriveSizeCategorizer
CLSID_DriveTypeCategorizer
CLSID_EnumerableObjectCollection
CLSID_ExecuteFolder
CLSID_ExecuteUnknown
CLSID_ExplorerBrowser
CLSID_FSCopyHandler
CLSID_FileOpenDialog
CLSID_FileOperation
CLSID_FileProtocol
CLSID_FileSaveDialog
CLSID_FileSearchBand
CLSID_FileTypes
CLSID_FolderItem
CLSID_FolderItemsMultiLevel
CLSID_FolderShortcut
CLSID_FolderViewHost
CLSID_FrameworkInputPane
CLSID_FreeSpaceCategorizer
CLSID_FtpProtocol
CLSID_GopherProtocol
CLSID_HWShellExecute
CLSID_HomeGroup
CLSID_HttpProtocol
CLSID_HttpSProtocol
CLSID_IENamespaceTreeControl
CLSID_ISFBand
CLSID_IdentityUnmarshal
CLSID_ImageProperties
CLSID_ImageRecompress
CLSID_InMemoryPropertyStore
CLSID_InProcFreeMarshaler
CLSID_Internet
CLSID_InternetButtons
CLSID_InternetPrintOrdering
CLSID_InternetShortcut
CLSID_KnownFolderManager
CLSID_LinkColumnProvider
CLSID_LocalMachineClasses
CLSID_MSOButtons
CLSID_MailRecipient
CLSID_MenuBand
CLSID_MenuBandSite
CLSID_MenuToolbarBase
CLSID_MergedCategorizer
CLSID_MkProtocol
CLSID_MyComputer
CLSID_MyDocuments
CLSID_NamespaceTreeControl
CLSID_NamespaceWalker
CLSID_NetworkConnections
CLSID_NetworkDomain
CLSID_NetworkExplorerFolder
CLSID_NetworkPlaces
CLSID_NetworkServer
CLSID_NetworkShare
CLSID_NewMenu
CLSID_OpenControlPanel
CLSID_PSBindCtx
CLSID_PSClassObject
CLSID_PSClientSite
CLSID_PSDragDrop
CLSID_PSEnumerators
CLSID_PSGenObject
CLSID_PSInPlaceActive
CLSID_PSInPlaceFrame
CLSID_PSUrlMonProxy
CLSID_PackageDebugSettings
CLSID_PersistPropset
CLSID_Picture_Dib
CLSID_Picture_EnhMetafile
CLSID_Picture_Metafile
CLSID_PlaybackManager
CLSID_PreviousVersions
CLSID_Printers
CLSID_ProgressDialog
CLSID_PropertiesUI
CLSID_PropertySystem
CLSID_PublishDropTarget
CLSID_PublishingWizard
CLSID_QueryAssociations
CLSID_QueryCancelAutoPlay
CLSID_QuickLinks
CLSID_RecycleBin
CLSID_ScheduledTasks
CLSID_SearchFolderItemFactory
CLSID_SharingConfigurationManager
CLSID_Shell
CLSID_ShellDesktop
CLSID_ShellDispatchInproc
CLSID_ShellFSFolder
CLSID_ShellFldSetExt
CLSID_ShellFolderItem
CLSID_ShellFolderView
CLSID_ShellFolderViewOC
CLSID_ShellItem
CLSID_ShellLibrary
CLSID_ShellLink
CLSID_ShellLinkObject
CLSID_SizeCategorizer
CLSID_StartMenuPin
CLSID_StaticDib
CLSID_StaticMetafile
CLSID_StdComponentCategoriesMgr
CLSID_StdFont
CLSID_StdHlink
CLSID_StdHlinkBrowseContext
CLSID_StdMarshal
CLSID_StdPicture
CLSID_StdURLMoniker
CLSID_StdURLProtocol
CLSID_TaskbarList
CLSID_TimeCategorizer
CLSID_ToolbarExtButtons
CLSID_TrayBandSiteService
CLSID_TrayDeskBand
CLSID_UserNotification
CLSID_WebBrowser
CLSID_WebWizardHost
CLSID_XMLHTTPRequest
CN
CPFG_CREDENTIAL_PROVIDER_LABEL
CPFG_CREDENTIAL_PROVIDER_LOGO
CPFG_LOGON_PASSWORD
CPFG_LOGON_USERNAME
CPFG_SMARTCARD_PIN
CPFG_SMARTCARD_USERNAME
CPlApplet
CPlApplet@16
Ch
Cy
DIID_DShellFolderViewEvents
DIID_DWebBrowserEvents
DIID_DWebBrowserEvents2
DIID_XMLDOMDocumentEvents
DXVA2_ModeH264_A
DXVA2_ModeH264_B
DXVA2_ModeH264_C
DXVA2_ModeH264_D
DXVA2_ModeH264_E
DXVA2_ModeH264_F
DXVA2_ModeMPEG2_IDCT
DXVA2_ModeMPEG2_MoComp
DXVA2_ModeMPEG2_VLD
DXVA2_ModeVC1_A
DXVA2_ModeVC1_B
DXVA2_ModeVC1_C
DXVA2_ModeVC1_D
DXVA2_ModeWMV8_A
DXVA2_ModeWMV8_B
DXVA2_ModeWMV9_A
DXVA2_ModeWMV9_B
DXVA2_ModeWMV9_C
DXVA_NoEncrypt
Dri
EP_AdvQueryPane
EP_Commands
EP_Commands_Organize
EP_Commands_View
EP_DetailsPane
EP_NavPane
EP_PreviewPane
EP_QueryPane
EP_Ribbon
EP_StatusBar
EncoderChrominanceTable
EncoderColorDepth
EncoderCompression
EncoderLuminanceTable
EncoderQuality
EncoderRenderMethod
EncoderSaveFlag
EncoderScanMethod
EncoderTransformation
EncoderVersion
FLAGID_Internet
FMTID_Briefcase
FMTID_CustomImageProperties
FMTID_DRM
FMTID_Displaced
FMTID_DocSummaryInformation
FMTID_ImageProperties
FMTID_InternetSite
FMTID_Intshcut
FMTID_LibraryProperties
FMTID_MUSIC
FMTID_Misc
FMTID_Query
FMTID_ShellDetails
FMTID_Storage
FMTID_SummaryInformation
FMTID_UserDefinedProperties
FMTID_Volume
FMTID_WebView
FOLDERID_AccountPictures
FOLDERID_AddNewPrograms
FOLDERID_AdminTools
FOLDERID_AppUpdates
FOLDERID_ApplicationShortcuts
FOLDERID_AppsFolder
FOLDERID_CDBurning
FOLDERID_ChangeRemovePrograms
FOLDERID_CommonAdminTools
FOLDERID_CommonOEMLinks
FOLDERID_CommonPrograms
FOLDERID_CommonStartMenu
FOLDERID_CommonStartup
FOLDERID_CommonTemplates
FOLDERID_ComputerFolder
FOLDERID_ConflictFolder
FOLDERID_ConnectionsFolder
FOLDERID_Contacts
FOLDERID_ControlPanelFolder
FOLDERID_Cookies
FOLDERID_Desktop
FOLDERID_DeviceMetadataStore
FOLDERID_Documents
FOLDERID_DocumentsLibrary
FOLDERID_Downloads
FOLDERID_Favorites
FOLDERID_Fonts
FOLDERID_GameTasks
FOLDERID_Games
FOLDERID_History
FOLDERID_HomeGroup
FOLDERID_HomeGroupCurrentUser
FOLDERID_ImplicitAppShortcuts
FOLDERID_InternetCache
FOLDERID_InternetFolder
FOLDERID_Libraries
FOLDERID_Links
FOLDERID_LocalAppData
FOLDERID_LocalAppDataLow
FOLDERID_LocalizedResourcesDir
FOLDERID_Music
FOLDERID_MusicLibrary
FOLDERID_NetHood
FOLDERID_NetworkFolder
FOLDERID_OriginalImages
FOLDERID_PhotoAlbums
FOLDERID_Pictures
FOLDERID_PicturesLibrary
FOLDERID_Playlists
FOLDERID_PrintHood
FOLDERID_PrintersFolder
FOLDERID_Profile
FOLDERID_ProgramData
FOLDERID_ProgramFiles
FOLDERID_ProgramFilesCommon
FOLDERID_ProgramFilesCommonX64
FOLDERID_ProgramFilesCommonX86
FOLDERID_ProgramFilesX64
FOLDERID_ProgramFilesX86
FOLDERID_Programs
FOLDERID_Public
FOLDERID_PublicDesktop
FOLDERID_PublicDocuments
FOLDERID_PublicDownloads
FOLDERID_PublicGameTasks
FOLDERID_PublicLibraries
FOLDERID_PublicMusic
FOLDERID_PublicPictures
FOLDERID_PublicRingtones
FOLDERID_PublicUserTiles
FOLDERID_PublicVideos
FOLDERID_QuickLaunch
FOLDERID_Recent
FOLDERID_RecordedTVLibrary
FOLDERID_RecycleBinFolder
FOLDERID_ResourceDir
FOLDERID_Ringtones
FOLDERID_RoamedTileImages
FOLDERID_RoamingAppData
FOLDERID_RoamingTiles
FOLDERID_SEARCH_CSC
FOLDERID_SEARCH_MAPI
FOLDERID_SampleMusic
FOLDERID_SamplePictures
FOLDERID_SamplePlaylists
FOLDERID_SampleVideos
FOLDERID_SavedGames
FOLDERID_SavedSearches
FOLDERID_Screenshots
FOLDERID_SearchHome
FOLDERID_SendTo
FOLDERID_SidebarDefaultParts
FOLDERID_SidebarParts
FOLDERID_StartMenu
FOLDERID_Startup
FOLDERID_SyncManagerFolder
FOLDERID_SyncResultsFolder
FOLDERID_SyncSetupFolder
FOLDERID_System
FOLDERID_SystemX86
FOLDERID_Templates
FOLDERID_UserPinned
FOLDERID_UserProfiles
FOLDERID_UserProgramFiles
FOLDERID_UserProgramFilesCommon
FOLDERID_UsersFiles
FOLDERID_UsersLibraries
FOLDERID_Videos
FOLDERID_VideosLibrary
FOLDERID_Windows
FOLDERTYPEID_AccountPictures
FOLDERTYPEID_Communications
FOLDERTYPEID_CompressedFolder
FOLDERTYPEID_Contacts
FOLDERTYPEID_ControlPanelCategory
FOLDERTYPEID_ControlPanelClassic
FOLDERTYPEID_Documents
FOLDERTYPEID_Games
FOLDERTYPEID_Generic
FOLDERTYPEID_GenericLibrary
FOLDERTYPEID_GenericSearchResults
FOLDERTYPEID_Invalid
FOLDERTYPEID_Music
FOLDERTYPEID_NetworkExplorer
FOLDERTYPEID_OpenSearch
FOLDERTYPEID_OtherUsers
FOLDERTYPEID_Pictures
FOLDERTYPEID_Printers
FOLDERTYPEID_PublishedItems
FOLDERTYPEID_RecordedTV
FOLDERTYPEID_RecycleBin
FOLDERTYPEID_SavedGames
FOLDERTYPEID_SearchConnector
FOLDERTYPEID_SearchHome
FOLDERTYPEID_Searches
FOLDERTYPEID_SoftwareExplorer
FOLDERTYPEID_StartMenu
FOLDERTYPEID_UserFiles
FOLDERTYPEID_UsersLibraries
FOLDERTYPEID_Videos
FnCryptBinaryToStringA
FrameDimensionPage
FrameDimensionTime
GUID_ACDC_POWER_SOURCE
GUID_ACTIVE_POWERSCHEME
GUID_ADAPTIVE_POWER_BEHAVIOR_SUBGROUP
GUID_ALLOW_AWAYMODE
GUID_ALLOW_DISPLAY_REQUIRED
GUID_ALLOW_RTC_WAKE
GUID_ALLOW_STANDBY_STATES
GUID_ALLOW_SYSTEM_REQUIRED
GUID_APPLAUNCH_BUTTON
GUID_BACKGROUND_TASK_NOTIFICATION
GUID_BATTERY_DISCHARGE_ACTION_0
GUID_BATTERY_DISCHARGE_ACTION_1
GUID_BATTERY_DISCHARGE_ACTION_2
GUID_BATTERY_DISCHARGE_ACTION_3
GUID_BATTERY_DISCHARGE_FLAGS_0
GUID_BATTERY_DISCHARGE_FLAGS_1
GUID_BATTERY_DISCHARGE_FLAGS_2
GUID_BATTERY_DISCHARGE_FLAGS_3
GUID_BATTERY_DISCHARGE_LEVEL_0
GUID_BATTERY_DISCHARGE_LEVEL_1
GUID_BATTERY_DISCHARGE_LEVEL_2
GUID_BATTERY_DISCHARGE_LEVEL_3
GUID_BATTERY_PERCENTAGE_REMAINING
GUID_BATTERY_SUBGROUP
GUID_CHECKVALUEEXCLUSIVE
GUID_COLOR
GUID_CONSOLE_DISPLAY_STATE
GUID_CRITICAL_POWER_TRANSITION
GUID_DEVICE_IDLE_POLICY
GUID_DEVICE_POWER_POLICY_VIDEO_BRIGHTNESS
GUID_DEVICE_POWER_POLICY_VIDEO_DIM_BRIGHTNESS
GUID_DEVINTERFACE_CDCHANGER
GUID_DEVINTERFACE_CDROM
GUID_DEVINTERFACE_COMPORT
GUID_DEVINTERFACE_DISK
GUID_DEVINTERFACE_FLOPPY
GUID_DEVINTERFACE_MEDIUMCHANGER
GUID_DEVINTERFACE_PARTITION
GUID_DEVINTERFACE_SERENUM_BUS_ENUMERATOR
GUID_DEVINTERFACE_STORAGEPORT
GUID_DEVINTERFACE_TAPE
GUID_DEVINTERFACE_VOLUME
GUID_DEVINTERFACE_WRITEONCEDISK
GUID_DISK_ADAPTIVE_POWERDOWN
GUID_DISK_BURST_IGNORE_THRESHOLD
GUID_DISK_COALESCING_POWERDOWN_TIMEOUT
GUID_DISK_IDLE_TIMEOUT
GUID_DISK_POWERDOWN_TIMEOUT
GUID_DISK_SUBGROUP
GUID_ENABLE_SWITCH_FORCED_SHUTDOWN
GUID_EXECUTION_REQUIRED_REQUEST_TIMEOUT
GUID_FONTBOLD
GUID_FONTITALIC
GUID_FONTNAME
GUID_FONTSIZE
GUID_FONTSTRIKETHROUGH
GUID_FONTUNDERSCORE
GUID_GLOBAL_USER_PRESENCE
GUID_HANDLE
GUID_HIBERNATE_FASTS4_POLICY
GUID_HIBERNATE_TIMEOUT
GUID_HIMETRIC
GUID_HasPathProperties
GUID_IDLE_BACKGROUND_TASK
GUID_IDLE_RESILIENCY_PERIOD
GUID_IDLE_RESILIENCY_SUBGROUP
GUID_LIDCLOSE_ACTION
GUID_LIDOPEN_POWERSTATE

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f965287400975ef8686d759dacdeb55e

Headers

File Characteristics

Imports

advapi32

gdi32

gdiplus

kernel32

msvcrt

ole32

oleaut32

shell32

user32

Exports

Exports

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 19KB - Virtual size: 18KB

.rdata Size: 35KB - Virtual size: 34KB

.bss Size: - Virtual size: 7KB

.edata Size: 46KB - Virtual size: 45KB

.idata Size: 5KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 19KB - Virtual size: 18KB

.rdata
Size: 35KB - Virtual size: 34KB

.bss
Size: - Virtual size: 7KB

.edata
Size: 46KB - Virtual size: 45KB

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 7KB - Virtual size: 6KB