DiskInfo64[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DiskInfo64.exe
Size

2.7MB
MD5

031db3e4ecb470c1c88347b0ec428f83
SHA1

8ac9407930cd4155bb27f271f0650d94a2c9c6ff
SHA256

f90f48e787c76a1e641c53490fee0875dbc3b8f25c39de30dedf07b4c175fff8
SHA512

9e97a7d686dde0847f3ce0cb83d59a01fbab73f5ba63d4c2632fdd6be8acb71ea7a217ae4f40e70c867da96bd502b89a449eb510b82f0ab3a6d1d45922ae360b
SSDEEP

49152:yAl3q3M6le17ctIiSnmnM4atqZdd1v+0Krb74:yIqtIpnmnM4aqTPKrb74

Score

1^/10

Malware Config

Signatures

Files

DiskInfo64.exe
.exe windows:5 windows x64

Password: password

42bdb78e7d3b8d9674a14428062754d2

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4e:d3:c3:e6:41:76:90:14:67:47:c7:1e:0c:6a:51:50
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

13/02/2023, 07:59

Not After

13/02/2024, 07:59

Subject

CN=Open Source Developer\, Noriyuki Miyazaki,O=Open Source Developer,L=Sapporo,C=JP,1.2.840.113549.1.9.1=#0c196869796f6869796f406372797374616c6d61726b2e696e666f

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4e:d3:c3:e6:41:76:90:14:67:47:c7:1e:0c:6a:51:50
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

13/02/2023, 07:59

Not After

13/02/2024, 07:59

Subject

CN=Open Source Developer\, Noriyuki Miyazaki,O=Open Source Developer,L=Sapporo,C=JP,1.2.840.113549.1.9.1=#0c196869796f6869796f406372797374616c6d61726b2e696e666f

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

28/07/2022, 08:56

Not After

27/07/2033, 08:56

Subject

CN=Certum Timestamp 2022,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7d:c0:50:e8:c3:66:82:18:c5:41:dd:9f:6f:79:43:c8:a1:17:df:20:42:93:95:1a:ea:96:14:75:0f:87:89:aa
Signer

Actual PE Digest

7d:c0:50:e8:c3:66:82:18:c5:41:dd:9f:6f:79:43:c8:a1:17:df:20:42:93:95:1a:ea:96:14:75:0f:87:89:aa

Digest Algorithm

sha256

PE Digest Matches

true

fc:fd:7c:82:c9:d9:cc:2b:69:c6:a4:ef:98:59:90:68:e1:31:4c:6d
Signer

Actual PE Digest

fc:fd:7c:82:c9:d9:cc:2b:69:c6:a4:ef:98:59:90:68:e1:31:4c:6d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetFileAttributesW
FileTimeToLocalFileTime
LoadLibraryExA
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetUserDefaultUILanguage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
LCMapStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
EnumSystemLocalesW
IsValidLocale
GetOEMCP
IsValidCodePage
GetStringTypeW
GetCPInfo
ExitProcess
GetStdHandle
HeapQueryInformation
GetFileType
SetStdHandle
GetCommandLineA
VirtualQuery
GetSystemInfo
RtlUnwind
RtlPcToFileHeader
RtlUnwindEx
RaiseException
OutputDebugStringW
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalFlags
FileTimeToSystemTime
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetFullPathNameW
GetFileSize
FlushFileBuffers
GetTickCount64
GetCurrentProcessId
lstrcmpA
GetVersionExW
GetCurrentThread
CreateEventW
SetEvent
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
FormatMessageW
MulDiv
LocalFree
GlobalFree
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
SetLastError
OutputDebugStringA
GetACP
MultiByteToWideChar
FreeLibrary
VirtualFree
VirtualAlloc
OpenMutexW
ReleaseMutex
DeviceIoControl
SetFilePointer
ReadFile
GetDriveTypeW
DefineDosDeviceW
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
LoadLibraryW
GetPrivateProfileStringW
GetTickCount
GetFileAttributesExW
VerifyVersionInfoW
GetWindowsDirectoryW
GetCurrentProcess
VerSetConditionMask
FindNextFileW
FindFirstFileW
FindClose
lstrlenW
lstrcmpW
LoadLibraryExW
VirtualProtect
GetTimeZoneInformation
GetProcAddress
GetModuleHandleW
WritePrivateProfileStringW
GetVolumeInformationW
GetDiskFreeSpaceExW
WideCharToMultiByte
GlobalLock
GlobalUnlock
GlobalAlloc
GetComputerNameW
GetLocalTime
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
GetTempPathW
WriteFile
DeleteFileW
CreateFileW
GetPrivateProfileIntW
GetModuleFileNameW
Sleep
CreateMutexW
SetErrorMode
CloseHandle
CreateDirectoryW
GetCommandLineW
GetUserDefaultLCID
FindResourceW
SizeofResource
LockResource
LoadResource
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentStringsW
GetLastError

user32

MapDialogRect
RealChildWindowFromPoint
GetSysColorBrush
WindowFromPoint
CharUpperW
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RegisterClipboardFormatW
PostQuitMessage
TranslateMessage
GetMessageW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
MoveWindow
ShowWindow
GetMonitorInfoW
WinHelpW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
PtInRect
EnableWindow
InvalidateRect
GetClientRect
RegisterWindowMessageW
EqualRect
GetSysColor
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
RedrawWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
SetRect
IsRectEmpty
SetWindowContextHelpId
GetNextDlgGroupItem
MessageBeep
BeginDeferWindowPos
GetWindowPlacement
SetWindowPos
SetCapture
ReleaseCapture
PostThreadMessageW
IntersectRect
CharNextW
CopyAcceleratorTableW
GetTopWindow
InvalidateRgn
SendMessageW
UnregisterDeviceNotification
PostMessageW
WaitForInputIdle
IsWindowVisible
IsIconic
SetTimer
KillTimer
GetSystemMetrics
GetMenuState
DrawMenuBar
DestroyMenu
CheckMenuItem
GetSubMenu
DrawIcon
SetForegroundWindow
GetWindowTextW
GetWindowRect
EnumWindows
GetWindowThreadProcessId
CheckMenuRadioItem
LoadIconW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterDeviceNotificationW
CopyRect
MonitorFromRect
CreateMenu
CreatePopupMenu
TrackPopupMenu
InsertMenuItemW
GetCursorPos
LoadImageW
wsprintfW
EnableMenuItem
AppendMenuW
ModifyMenuW
RemoveMenu
SetScrollPos
GetScrollPos
SetScrollRange
SetCursor
LoadCursorW
FillRect
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetFocus
GetMenuItemCount
GetMenuItemID
GetParent
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetWindowInfo
AdjustWindowRect
UnregisterClassW
FrameRect
PrintWindow
MonitorFromWindow
SetWindowLongW
GetWindowLongW
ReleaseDC
GetDC
TranslateAcceleratorW
LoadAcceleratorsW
SystemParametersInfoW
SetPropW

gdi32

GetMapMode
GetRgnBox
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
SetBkMode
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetClipBox
Escape
SetBkColor
CreateBitmap
GetPixel
CreatePatternBrush
GetTextColor
GetBkColor
CreateSolidBrush
MoveToEx
GetObjectW
BitBlt
DeleteDC
EnumFontFamiliesExW
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
DeleteObject
GetBitmapBits
SetMapMode
SetDIBColorTable
GetDeviceCaps
GetTextExtentPoint32W
LineTo
SelectObject
SetBitmapBits
SetTextColor
CreateDIBSection

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

StartServiceW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
AddAccessAllowedAce
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
AllocateAndInitializeSid
QueryServiceStatus
OpenServiceW
OpenSCManagerW
CloseServiceHandle
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
FreeSid
RegCloseKey

shell32

Shell_NotifyIconW
SHAppBarMessage
ord680
ShellExecuteW
CommandLineToArgvW

comctl32

ImageList_ReplaceIcon
_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathIsUNCW
PathRemoveFileSpecW
PathFindFileNameW
UrlCreateFromPathW
PathFindExtensionW
SHDeleteKeyW
PathStripToRootW

uxtheme

SetWindowTheme

ole32

CoGetClassObject
CLSIDFromString
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateGuid
CoTaskMemFree
CoTaskMemAlloc
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoInitializeEx
CoUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
StgCreateDocfileOnILockBytes

oleaut32

SysAllocStringLen
VariantChangeType
VariantCopy
LoadRegTypeLi
DispCallFunc
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
SysFreeString
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
OleCreateFontIndirect
SafeArrayGetElement
VariantClear
SafeArrayDestroy
VariantInit
SysAllocString

gdiplus

GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipSaveImageToFile
GdipCreateBitmapFromFile
GdipGetImagePaletteSize
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipGetImageEncodersSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdiplusShutdown
GdipCloneImage
GdipFree
GdipAlloc
GdiplusStartup
GdipGetImageEncoders

winmm

mciSendCommandW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperGetProvCertFromChain

crypt32

CertGetNameStringW

setupapi

SetupDiGetClassDevsW
CM_Get_Device_IDW
SetupDiEnumDeviceInfo

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 890KB - Virtual size: 889KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: password

42bdb78e7d3b8d9674a14428062754d2

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

4e:d3:c3:e6:41:76:90:14:67:47:c7:1e:0c:6a:51:50Certificate

Extended Key Usages

Key Usages

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30Certificate

Extended Key Usages

Key Usages

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

4e:d3:c3:e6:41:76:90:14:67:47:c7:1e:0c:6a:51:50Certificate

Extended Key Usages

Key Usages

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39Certificate

Extended Key Usages

Key Usages

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

7d:c0:50:e8:c3:66:82:18:c5:41:dd:9f:6f:79:43:c8:a1:17:df:20:42:93:95:1a:ea:96:14:75:0f:87:89:aaSigner

fc:fd:7c:82:c9:d9:cc:2b:69:c6:a4:ef:98:59:90:68:e1:31:4c:6dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

winmm

version

wintrust

crypt32

setupapi

oleacc

Sections

.text Size: 890KB - Virtual size: 889KB

.rdata Size: 300KB - Virtual size: 299KB

.data Size: 20KB - Virtual size: 71KB

.pdata Size: 35KB - Virtual size: 34KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1.5MB - Virtual size: 1.5MB

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

4e:d3:c3:e6:41:76:90:14:67:47:c7:1e:0c:6a:51:50
Certificate

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

4e:d3:c3:e6:41:76:90:14:67:47:c7:1e:0c:6a:51:50
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

2b:d4:ae:70:b9:d0:63:5b:2a:e9:84:c8:d6:74:aa:30
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

7d:c0:50:e8:c3:66:82:18:c5:41:dd:9f:6f:79:43:c8:a1:17:df:20:42:93:95:1a:ea:96:14:75:0f:87:89:aa
Signer

fc:fd:7c:82:c9:d9:cc:2b:69:c6:a4:ef:98:59:90:68:e1:31:4c:6d
Signer

.text
Size: 890KB - Virtual size: 889KB

.rdata
Size: 300KB - Virtual size: 299KB

.data
Size: 20KB - Virtual size: 71KB

.pdata
Size: 35KB - Virtual size: 34KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1.5MB - Virtual size: 1.5MB