Static task
static1
Behavioral task
behavioral1
Sample
6627af0492ef911e8313b42c2dd5c794a3286ad389ee12625b612defcf9ba9ce.exe
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
6627af0492ef911e8313b42c2dd5c794a3286ad389ee12625b612defcf9ba9ce.exe
Resource
win10v2004-20230915-en
windows10-2004-x64
General
-
Target
6627af0492ef911e8313b42c2dd5c794a3286ad389ee12625b612defcf9ba9ce
-
Size
432KB
-
MD5
44bab5520d0fb8c2223b7b28a61b988a
-
SHA1
bce1f130d6fb284e8c97cbef2dffddef7f909fb6
-
SHA256
6627af0492ef911e8313b42c2dd5c794a3286ad389ee12625b612defcf9ba9ce
-
SHA512
515389fb48bede0cd32d6ab470c79125cd670f5cf1b657df5a0309a648f0bf01ead90d12352f0854a8206f4efc3c8cbaa6913bd0590a8545dce0173d00614455
-
SSDEEP
12288:xHdzQplwmhvfmskttlCwKTOm0pFBrZdue:Fdz8WIjpwKTOdDr7ue
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6627af0492ef911e8313b42c2dd5c794a3286ad389ee12625b612defcf9ba9ce
Files
-
6627af0492ef911e8313b42c2dd5c794a3286ad389ee12625b612defcf9ba9ce.exe windows:5 windows x86
d3e52225f2b1643bc63813b14248499e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wndbase
?PaintContent@XStaticEx@@QAEXPAUHDC__@@@Z
?ShowWindow@XWindow@@QAEHH@Z
?SetMarkIcon@XButton@@QAEXHH@Z
?SetIcon@XButton@@QAEXPAU_IMAGELIST@@HHH@Z
?SetPatter@XStaticEx@@QAEXHK@Z
?SetTextFont@XStaticEx@@QAEXPAUXWNDFONT@@@Z
?Create@XStaticEx@@QAEHPAUHWND__@@PBUtagRECT@@PB_W@Z
??0XStaticEx@@QAE@XZ
??1XStaticEx@@UAE@XZ
?Sys_SetAppManager@@YGXPAVXAppManager@@@Z
?SetAppMainFrame@@YGXPAUHWND__@@@Z
?HandleIdleUpdate@@YGXXZ
?GetAppMainFrame@@YGPAUHWND__@@XZ
??1XAppManager@@UAE@XZ
?Draw_Rect@@YGXPAUHDC__@@PBUtagRECT@@K@Z
?SetTextFont@XGradeTaskbar@@QAEXPAUHFONT__@@K@Z
?SearchStyle@XAppManager@@QAEPBUXStyleBase@@K@Z
??1XGradeTaskbar@@UAE@XZ
?OnDraw@XGradeTaskbar@@MAEXPAUHDC__@@HH@Z
?DefMessageProc@XGradeTaskbar@@MAEJIIJ@Z
??0XGradeTaskbar@@QAE@XZ
?Create@XGradeTaskbar@@QAEHPAUHWND__@@PBUtagRECT@@KKK@Z
?ScreenToClient@XWindow@@QAEXPAUtagPOINT@@@Z
?HitTest@XTreeCtrl@@QAEPAU_TREEITEM@@UtagPOINT@@PAI@Z
?GetItemData@XTreeCtrl@@QAEJPAU_TREEITEM@@@Z
?SetWorkFolder@XAppManager@@QAEXPB_W@Z
?Sys_GetFullFile@@YGXPA_WPB_W@Z
?SetParameter@XAppManager@@QAEXHK@Z
?Sys_GetPatter@@YGPBUXStyleBase@@H@Z
?SetItemText@XTreeCtrl@@QAEHPAU_TREEITEM@@PB_W@Z
?SetTextBuffer@XStaticEx@@QAEXPB_W@Z
?CreateFromTemplate@XWindow@@QAEHPAUHWND__@@IPAUHINSTANCE__@@@Z
??0XAppManager@@QAE@XZ
?ChooseFolder@XGradeTaskbar@@QAEHPB_W@Z
?Create@XTreeCtrl@@QAEHPAUHWND__@@PBUtagRECT@@KI@Z
?SetImageList@XTreeCtrl@@QAEPAU_IMAGELIST@@PAU2@H@Z
?SetBkColor@XTreeCtrl@@QAEKK@Z
?SetTextColor@XTreeCtrl@@QAEKK@Z
?SetItemHeight@XTreeCtrl@@QAEHH@Z
?GetCount@XTreeCtrl@@QAEHXZ
?GetTaskbarMode@XGradeTaskbar@@QAEHXZ
?AddFolder@XGradeTaskbar@@QAEHPB_WPAUHWND__@@J@Z
?SelectFolder@XGradeTaskbar@@QAEHH@Z
?SetTaskbarMode@XGradeTaskbar@@QAEXH@Z
?GetWindowRect@XWindow@@QAEXPAUtagRECT@@@Z
?GetItemHeight@XTreeCtrl@@QAEHXZ
?SetFolderSize@XGradeTaskbar@@QAEHHH@Z
?InsertItem@XTreeCtrl@@QAEPAU_TREEITEM@@PB_WHHPAU2@1@Z
?SetItemData@XTreeCtrl@@QAEHPAU_TREEITEM@@J@Z
?Expand@XTreeCtrl@@QAEHPAU_TREEITEM@@I@Z
?GetChildItem@XTreeCtrl@@QAEPAU_TREEITEM@@PAU2@@Z
?GetItemState@XTreeCtrl@@QAEIPAU_TREEITEM@@I@Z
?GetNextSiblingItem@XTreeCtrl@@QAEPAU_TREEITEM@@PAU2@@Z
??1XTreeCtrl@@UAE@XZ
?OnAttachWindow@XTreeCtrl@@MAEXH@Z
?DefMessageProc@XWindow@@UAEJIIJ@Z
??0XTreeCtrl@@QAE@XZ
?SetIcon@XWindow@@QAEPAUHICON__@@PAU2@H@Z
?Sys_GetRescFile@@YGXPA_WPB_W@Z
?SetImageFile@XPicture@@QAEHPB_WH@Z
?Sys_QueryRegValue@@YGHPB_WPA_WK@Z
?SetListContent@XComboBox@@QAEHPB_W@Z
?Sys_GetRegValue@@YGHPB_WPAXPAK@Z
?AttachDlgItem@XWindow@@QAEHPAUHWND__@@I@Z
?Add_Menu@XMenuBar@@QAEHPAUHMENU__@@H@Z
?GetFontSize@XMenuBar@@QAEHXZ
?Create@XMenuBar@@QAEHPAUHWND__@@HI@Z
?SetOwner@XMenuBar@@QAEXPAUHWND__@@@Z
??0XMenuBar@@QAE@XZ
?DestroyWindow@XWindow@@UAEHXZ
?MoveWindow@XWindow@@QAEHPBUtagRECT@@H@Z
?DefMessageProc@XMenuBar@@MAEJIIJ@Z
?OnCommand@XWindow@@UAEHIIPAUHWND__@@@Z
?OnNotify@XWindow@@UAEJIPAUtagNMHDR@@@Z
?OnChildNotify@XWindow@@UAEHIIJPAJ@Z
?OnTranslateMessage@XWindow@@UAEHPAUtagMSG@@@Z
?OnAttachWindow@XWindow@@UAEXH@Z
?OnIdleUpdate@XWindow@@UAEXXZ
?Default@XWindow@@UAEJXZ
??1XMenuBar@@UAE@XZ
?FillGradeRect@@YGXPAUHDC__@@PBUtagRECT@@KKH@Z
?FillSolidRect@@YGXPAUHDC__@@PBUtagRECT@@K@Z
?MoveWindow@XWindow@@QAEHHHHHH@Z
?SetScrollSize@XScrollWindow@@QAEXHH@Z
??1XComboBox@@UAE@XZ
??1XEditBox@@UAE@XZ
??1XButton@@UAE@XZ
??1XDialog@@UAE@XZ
??0XPicture@@QAE@XZ
??0XComboBox@@QAE@XZ
??0XEditBox@@QAE@XZ
??0XButton@@QAE@XZ
??0XDialog@@QAE@XZ
?OnTranslateMessage@XDialog@@UAEHPAUtagMSG@@@Z
?OnBeforeVisible@XDialog@@UAEXXZ
??1XPicture@@UAE@XZ
?DoModal@XDialog@@QAEHPAUHWND__@@IPAUHINSTANCE__@@@Z
?OnCommand@XDialog@@UAEHIIPAUHWND__@@@Z
?EndDialog@XDialog@@QAEHH@Z
?Sys_SetRegValue@@YGHPB_WKPBXK@Z
?GetWindowTextW@XWindow@@QAEHPA_WH@Z
?DefMessageProc@XDialog@@UAEJIIJ@Z
?SetPatter@XCtrlBase@@QAEXHK@Z
?SetWindowTextW@XWindow@@QAEHPB_W@Z
?GetClientRect@XWindow@@QAEXPAUtagRECT@@@Z
?MovePlace@XPicture@@QAEXPBUtagRECT@@@Z
?PaintPicture@XPicture@@QAEXPAUHDC__@@H@Z
modulebase
?SelectNode@XML_Archive@@QAEPAUXML_Node@@PB_WPAU2@@Z
?ParseInteger@@YGKPB_W@Z
?KeyEncrypt@@YGXKPB_WPA_W@Z
?OpenFile@XML_Archive@@QAEHPB_W@Z
?CloseDoc@XML_Archive@@QAEXXZ
?GetModuleFolder@@YGKPAUHINSTANCE__@@PA_WK@Z
??1XML_Archive@@UAE@XZ
??0XML_Archive@@QAE@XZ
?SaveFile@XML_Archive@@QAEHPB_W@Z
?XBM_SetDebugProc@@YGXPAX@Z
?UTF_Transfer@@YGHPB_WPADH@Z
?MatchIdentifer@@YGKPB_W0@Z
oleadapter
?SetWebBrowserVersion@@YGXK@Z
?OnNotifyAppActivate@@YGXH@Z
formviewer
?SetupStyleFile@@YGXPAVXAppManager@@PB_W@Z
?OnNotify@XFormWindow@@QAEJKK@Z
bizzlinker
?SearchFormer@XFormAdapter@@UAEPAVXFormWindow@@KPB_W@Z
?GetIndexFormer@XFormAdapter@@UAEPAVXFormWindow@@H@Z
?GetActiveFormer@XFormAdapter@@UAEPAVXFormWindow@@XZ
?ShowError@XFormAdapter@@UAEXK@Z
?IsEmptyContainer@XFormAdapter@@UAEJXZ
?GetOwnerHandle@XFormAdapter@@UAEPAUHWND__@@XZ
?Release@XFormAdapter@@UAEXXZ
?CreateContainer@XFormAdapter@@QAEHPAUHWND__@@PB_WH@Z
?ReleaseContainer@XFormAdapter@@QAEXXZ
??1XFormAdapter@@UAE@XZ
??0XFormAdapter@@QAE@XZ
?StartWaitbar@@YGXPAUHWND__@@H@Z
?CloseWaitbar@@YGXXZ
?ClearContainer@XFormAdapter@@QAEXH@Z
?Sys_InitMessager@@YGXPB_W0H@Z
?Sys_GetResource@@YGJPB_W@Z
?XBM_Call_Proc@@YGHHPAX@Z
?LoadBrowserHooker@@YGHPAVXML_Archive@@PB_W@Z
?Sys_QueryAction@@YGJPAPAUXActionNode@@@Z
?Sys_ReleaseAction@@YGXPAUXActionNode@@@Z
?ShowContainer@XFormAdapter@@UAEXH@Z
?Sys_CloseLinker@@YGXXZ
?Sys_ChangeKey@@YGJPB_W0@Z
?Sys_GetLoginer@@YGXPAUSYS_USER@@@Z
?Sys_LoginUser@@YGJPB_W000@Z
?XBM_GetError@@YGPB_WK@Z
?Sys_CreateFormer@@YGJPB_WPAUIFormAdapter@@PAPAVXFormWindow@@@Z
?GetLogicGrider@XFormAdapter@@UAEJPB_WPAVXRowBuffer@@@Z
?SetParseMember@XFormAdapter@@UAEJPAUXVariable@@0@Z
?GetParseMember@XFormAdapter@@UAEJPAUXVariable@@PAVXRowBuffer@@@Z
?GetParseGrider@XFormAdapter@@UAEJPAUXVariable@@PAVXRowBuffer@@@Z
?GetFileStorage@XFormAdapter@@UAEJPAUSYS_STORAGE@@PA_WH@Z
?SetFileStorage@XFormAdapter@@UAEJPAUSYS_STORAGE@@PB_WH@Z
?GetStorageDoc@XFormAdapter@@UAEJPAUSYS_STORAGE@@PAUIArchive@@H@Z
?SetStorageDoc@XFormAdapter@@UAEJPAUSYS_STORAGE@@PAUIArchive@@H@Z
?Sys_ShowMessager@@YGXXZ
?Sys_CheckUpdater@@YGHPA_W@Z
?Sys_LinkServer@@YGHPB_W0HH@Z
?Sys_SetLoginer@@YGXK@Z
?GetLogicBuffer@XFormAdapter@@UAEJPB_WPAVXRowBuffer@@@Z
?MoveContainer@XFormAdapter@@UAEXPBUtagRECT@@@Z
?CloseContainer@XFormAdapter@@UAEJH@Z
?MacroDispose@XFormAdapter@@UAEJPB_W@Z
?CallProc@XFormAdapter@@UAEJHPAX@Z
?SetReturnHooker@XFormAdapter@@UAEXPAX0@Z
?EmbedContainer@XFormAdapter@@UAEPAUIFormAdapter@@PAUHWND__@@PB_W@Z
?ExecuteOperator@XFormAdapter@@UAEJPB_W@Z
?MacroOperator@XFormAdapter@@UAEJPB_WPAVXRowBuffer@@@Z
?CarryOperator@XFormAdapter@@UAEJPB_WPAKPAUIArchive@@@Z
?DeleteMember@XFormAdapter@@UAEJKK@Z
?SetLogicBuffer@XFormAdapter@@UAEJPB_WPAVXRowBuffer@@@Z
?Sys_ReleaseMessager@@YGXXZ
?GetLogicMember@XFormAdapter@@UAEJPB_WPAVXRowBuffer@@@Z
socketcore
?InitializeServer@XSocketServer@@QAEHXZ
?SetWorkNumber@XSocketServer@@QAEXK@Z
?SetServerProc@XSocketServer@@QAEXP6GHPAVXSocket@@PAUXRecvCache@@@Z@Z
?SetFinishProc@XSocketServer@@QAEXP6GHPAVXSocket@@PAX@Z@Z
?SetTickerProc@XSocketServer@@QAEXP6GHPAVXSocket@@PAX@Z@Z
?StartServer@XSocketServer@@QAEHHH@Z
?Recv@XSocket@@QAEHPAUXRecvCache@@PAXPAK@Z
??0XSocketServer@@QAE@XZ
??1XSocketServer@@UAE@XZ
?SendEx@XSocket@@QAEHPBXK@Z
httpmodule
?ParseBuffer@XVarManager@@QAEHPBDH@Z
?GetCaller@XVarManager@@QAEPBDXZ
?GetVariable@XVarManager@@QAEHPBDPA_WH@Z
??1XVarManager@@UAE@XZ
??0XVarManager@@QAE@XZ
kernel32
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CreateFileA
SetEnvironmentVariableA
GetStringTypeW
GetConsoleCP
LCMapStringW
LCMapStringA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetOEMCP
GetACP
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeA
lstrlenW
lstrcmpW
GetTickCount
lstrcpynW
lstrcpyW
lstrcmpiW
CreateDirectoryW
SetCurrentDirectoryW
GetCurrentThreadId
WriteConsoleW
Sleep
InterlockedExchange
GetModuleFileNameW
FreeConsole
GetCurrentProcessId
GetFileAttributesW
SetConsoleTitleW
GetStdHandle
AllocConsole
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
WideCharToMultiByte
SetLastError
GetLastError
GlobalAddAtomW
GlobalGetAtomNameW
LoadLibraryW
GetModuleHandleW
GetProcAddress
GlobalUnlock
GlobalLock
GetVersionExA
FreeLibrary
LoadLibraryA
CompareStringW
GetVersionExW
GlobalDeleteAtom
GlobalFindAtomW
FreeResource
InterlockedDecrement
GetPrivateProfileIntW
WritePrivateProfileStringW
MulDiv
LocalFree
FormatMessageW
GlobalAlloc
GlobalFree
GetModuleHandleA
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
CloseHandle
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
lstrlenA
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CreateFileW
FileTimeToSystemTime
SetErrorMode
FileTimeToLocalFileTime
GetFileSizeEx
GetFileTime
GetStartupInfoW
RtlUnwind
HeapAlloc
HeapFree
RaiseException
ExitProcess
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
user32
IsWindow
ClientToScreen
GetParent
IsChild
GetFocus
SetRect
BringWindowToTop
SetActiveWindow
OffsetRect
DeferWindowPos
CopyRect
GetCapture
WindowFromPoint
GetKeyState
GetDlgCtrlID
TranslateAcceleratorW
GetWindowLongW
GetWindow
GetDesktopWindow
GetLastActivePopup
IntersectRect
GetMenuItemCount
GetMenuItemID
IsWindowVisible
LoadAcceleratorsW
PeekMessageW
SetWindowLongW
GetDlgItem
EqualRect
IsWindowEnabled
GetActiveWindow
SetWindowPos
WinHelpW
ReuseDDElParam
UnpackDDElParam
GetClassNameW
EnableMenuItem
GetMenuState
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetSystemMetrics
GetWindowPlacement
SystemParametersInfoA
CallWindowProcW
AdjustWindowRectEx
DestroyCursor
TrackPopupMenu
MapWindowPoints
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
IsDialogMessageW
SetWindowTextW
MoveWindow
IsZoomed
FillRect
TabbedTextOutW
DrawTextExW
GrayStringW
GetWindowDC
InflateRect
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageW
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
IsRectEmpty
GetSysColorBrush
UnregisterClassW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
CharUpperW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageW
RedrawWindow
ScreenToClient
ReleaseCapture
SetCapture
GetDCEx
SetCursor
GetSysColor
PostMessageW
UpdateWindow
LoadImageW
SetRectEmpty
PtInRect
DrawIconEx
CreateWindowExW
DestroyIcon
DestroyWindow
ShowWindow
GetClientRect
GetWindowRect
DrawEdge
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
SetFocus
GetCursorPos
GetMenu
SetMenu
KillTimer
SetTimer
InvalidateRect
IsIconic
SendMessageW
GetMenuItemInfoW
SystemParametersInfoW
CreateAcceleratorTableW
CreateMenu
CreatePopupMenu
InsertMenuItemW
GetMessagePos
LoadMenuW
GetSubMenu
SetMenuInfo
CheckMenuItem
TrackPopupMenuEx
DestroyMenu
LoadIconW
BeginPaint
EndPaint
MessageBoxW
wsprintfW
GetClassInfoW
DefWindowProcW
LoadCursorW
RegisterClassW
EnableWindow
GetDC
DrawTextW
ReleaseDC
GetClassInfoExW
gdi32
GetRgnBox
GetTextColor
GetMapMode
SetBkColor
CreateFontIndirectW
CreatePatternBrush
ExtTextOutW
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetBkMode
SelectObject
SetTextColor
TextOutW
CreateSolidBrush
CreateCompatibleDC
PatBlt
GetObjectW
CreateFontW
DeleteObject
GetTextExtentPoint32W
GetBkColor
CreateCompatibleBitmap
CreateBitmap
DeleteDC
ExtSelectClipRgn
GetStockObject
GetClipBox
CreateRectRgnIndirect
GetTextMetricsW
GetDeviceCaps
SaveDC
RestoreDC
SetMapMode
ExcludeClipRect
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
comdlg32
GetFileTitleW
winspool.drv
DocumentPropertiesW
ClosePrinter
OpenPrinterW
advapi32
RegOpenKeyW
RegQueryValueW
RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegEnumKeyW
shell32
ShellExecuteW
Shell_NotifyIconW
DragFinish
DragQueryFileW
comctl32
ImageList_Draw
ImageList_Destroy
ImageList_LoadImageW
shlwapi
PathFindFileNameW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
oledlg
OleUIBusyW
ole32
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
oleaut32
OleCreateFontIndirect
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
VariantCopy
SysAllocString
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
Sections
.text Size: 285KB - Virtual size: 285KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 83KB - Virtual size: 83KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 50KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ