11afd722085cf493d7e008186adc20bd03cc0010a53d37c0ec874231d1b50596

Sharing

Copy URL

Twitter E-mail

General

Target

11afd722085cf493d7e008186adc20bd03cc0010a53d37c0ec874231d1b50596
Size

1.6MB
MD5

85511b4064d528019b83291a5833d6eb
SHA1

eba19bc8a0ec1afd65531348e1103130371df95b
SHA256

11afd722085cf493d7e008186adc20bd03cc0010a53d37c0ec874231d1b50596
SHA512

8428fefa7d88c8f654055e41bf0304aefd50b679281ba7e1b3982568d2af77c2acaf1470a4dc769ec5321ab1b681cc2caaa9ede515c7f6d57cc31d7c776f481e
SSDEEP

49152:ZbA1gkiFt8FRtP8lRzQVk/projm9ov6lTA8j3:Zb5k8t8dklek/Nxov0TJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GuJian1.Trainer.V3.1.3-XiaoXing.exe

Files

11afd722085cf493d7e008186adc20bd03cc0010a53d37c0ec874231d1b50596
.rar
3DMGAME 中国第一单机游戏门户全球最大汉化游戏论坛.url
GuJian1.Trainer.V3.1.3-XiaoXing.exe
.exe windows x86

fc672ca4ed2ea87a628befb09698a02d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
GetStringTypeW
GetACP
ExitProcess
FindFirstFileExW
GetOEMCP
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
FindNextFileW
GetStdHandle
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetTempFileNameW
GetProfileIntW
SearchPathW
IsValidCodePage
GetWindowsDirectoryW
FindResourceExW
SetErrorMode
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GlobalGetAtomNameW
VerifyVersionInfoW
VerSetConditionMask
GetPrivateProfileIntW
lstrcpyW
GetVersionExW
GetCurrentThread
lstrcmpA
GetThreadLocale
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
ResumeThread
SetThreadPriority
SetEvent
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryW
LoadLibraryA
LoadLibraryExW
GetProcAddress
GetModuleHandleA
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
SetLastError
EncodePointer
OutputDebugStringA
GetFileAttributesW
GetModuleHandleW
GetModuleFileNameW
CreateEventW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
GetTickCount
VirtualFreeEx
WritePrivateProfileStringW
WaitForSingleObject
CreateRemoteThread
GetTempPathW
MultiByteToWideChar
GetCurrentDirectoryW
OpenProcess
OutputDebugStringW
WriteProcessMemory
ReadProcessMemory
VirtualProtectEx
VirtualAllocEx
VirtualQueryEx
Module32NextW
Module32FirstW
QueryDosDeviceW
GetLogicalDriveStringsW
K32GetProcessImageFileNameW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
CreateMutexW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
GetLastError
WideCharToMultiByte
Sleep
SizeofResource
CloseHandle
CreateThread
GetPrivateProfileStringW
FindResourceW
LoadResource
LockResource
GetFileType
WriteConsoleW

user32

GetMenuItemInfoW
DestroyMenu
ReleaseCapture
IntersectRect
ShowOwnedPopups
EnumDisplayMonitors
SystemParametersInfoW
SetLayeredWindowAttributes
DrawIconEx
IsRectEmpty
InflateRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
CharUpperW
GetMessageW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetCursorPos
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
MapVirtualKeyW
GetKeyNameTextW
FillRect
DrawStateW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
SetDlgItemTextW
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassLongW
SetWindowLongW
GetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
RealChildWindowFromPoint
GetAsyncKeyState
CreateAcceleratorTableW
EnableWindow
SendMessageW
GetWindowRect
PostMessageW
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
TrackMouseEvent
IsZoomed
SetCapture
GetSystemMenu
DeleteMenu
MessageBeep
WindowFromPoint
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint
IsMenu
IsWindow
DestroyIcon
LoadImageW
WaitMessage
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
OpenClipboard
CopyImage
GetFocus
GetClientRect
SetParent
SetRect
GetDC
ReleaseDC
GetWindow
IsWindowVisible
GetClassNameW
GetWindowThreadProcessId
GetWindowTextW
EnumWindows
MessageBoxW
LoadIconW
SetTimer
RegisterHotKey
IsIconic
GetSystemMetrics
DrawIcon
UnregisterHotKey
KillTimer
InvalidateRect
SetCursor
LoadCursorW
PeekMessageW
TranslateMessage
DispatchMessageW
UnregisterClassW
LoadMenuW
GetSubMenu
LoadAcceleratorsW
GetParent
RegisterWindowMessageW
GetMessagePos
GetMessageTime
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
CharUpperBuffW
FrameRect
PostThreadMessageW
HideCaret
InvertRect
SubtractRect
IsClipboardFormatAvailable
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
CopyIcon
GetIconInfo
GetDoubleClickTime
LockWindowUpdate
BringWindowToTop
SetCursorPos
EmptyClipboard
SetClipboardData
CloseClipboard

gdi32

Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateRectRgn
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetMapMode
SetRectRgn
DPtoLP
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateRoundRectRgn
GetRgnBox
SetPixel
Rectangle
OffsetRgn
RoundRect
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
PatBlt
CreateRectRgnIndirect
CreateSolidBrush
CreateDCW
CopyMetaFileW
CreateBitmap
SetTextColor
SetBkColor
CreateFontIndirectW
GetDeviceCaps
CreateDIBSection
GetObjectW
CreateCompatibleDC
GetDIBColorTable
StretchBlt
SelectObject
DeleteDC
DeleteObject
CreateEllipticRgn
SetDIBColorTable
GetStockObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
DeleteService
ControlService
CloseServiceHandle
StartServiceW
QueryServiceStatus
OpenServiceW
CreateServiceW
OpenSCManagerW
RegCloseKey

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
SHAppBarMessage
SHGetDesktopFolder
SHBrowseForFolderW

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
DrawThemeText
GetWindowTheme
GetThemePartSize

ole32

CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleGetClipboard
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
OleUninitialize
CoCreateInstance

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
OleCreateFontIndirect
SafeArrayDestroy
SystemTimeToVariantTime
SysStringLen
SysAllocString
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
VariantTimeToSystemTime

oledlg

OleUIBusyW

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown
GdipDrawImageI
GdiplusStartup

wininet

InternetOpenUrlW
InternetCloseHandle
InternetReadFile
InternetOpenW

winmm

PlaySoundW

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 381KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GuJian1.ini
TrAntiAntiCheat_x64.sys
.exe windows x64

960ec0d939e5ea631c6052a6eaf72f73

Code Sign

5f:78:14:9e:b4:f7:5e:b1:74:04:a8:14:3a:ae:ae:d7
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-03-2011 00:00

Not After

22-03-2012 23:59

Subject

CN=上海域联软件技术有限公司,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=上海域联软件技术有限公司,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c4:f3:f9:8a:42:9a:d4:de:fb:4e:39:0a:d2:57:5e:5a:53:b9:0d:9f
Signer

Actual PE Digest

c4:f3:f9:8a:42:9a:d4:de:fb:4e:39:0a:d2:57:5e:5a:53:b9:0d:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

PsProcessType
PsThreadType
ObUnRegisterCallbacks
RtlCopyUnicodeString
ObRegisterCallbacks
_vsnwprintf
ZwOpenEvent
KeBugCheckEx
ZwClose

wdfldr.sys

WdfVersionBindClass
WdfVersionBind
WdfVersionUnbind
WdfVersionUnbindClass

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
使用方法.txt
心路历程.txt

Sharing

General

Malware Config

Signatures

Files

fc672ca4ed2ea87a628befb09698a02d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wininet

winmm

oleacc

imm32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 381KB - Virtual size: 381KB

.data Size: 23KB - Virtual size: 49KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 153KB - Virtual size: 153KB

960ec0d939e5ea631c6052a6eaf72f73

Code Sign

5f:78:14:9e:b4:f7:5e:b1:74:04:a8:14:3a:ae:ae:d7Certificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

c4:f3:f9:8a:42:9a:d4:de:fb:4e:39:0a:d2:57:5e:5a:53:b9:0d:9fSigner

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

wdfldr.sys

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 3KB

.pdata Size: 512B - Virtual size: 228B

.gfids Size: 512B - Virtual size: 4B

INIT Size: 1024B - Virtual size: 546B

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 512B - Virtual size: 36B

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 381KB - Virtual size: 381KB

.data
Size: 23KB - Virtual size: 49KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 153KB - Virtual size: 153KB

5f:78:14:9e:b4:f7:5e:b1:74:04:a8:14:3a:ae:ae:d7
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

c4:f3:f9:8a:42:9a:d4:de:fb:4e:39:0a:d2:57:5e:5a:53:b9:0d:9f
Signer

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 3KB

.pdata
Size: 512B - Virtual size: 228B

.gfids
Size: 512B - Virtual size: 4B

INIT
Size: 1024B - Virtual size: 546B

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 512B - Virtual size: 36B