NEAS[.]53d2be4be1ce05f636a6249e1ca6fff0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.53d2be4be1ce05f636a6249e1ca6fff0.exe
Size

3.6MB
MD5

53d2be4be1ce05f636a6249e1ca6fff0
SHA1

72c8c62bad38943b3d20b20fbb0369f26104c2e2
SHA256

654e472b188a95c473d5f825621abfddd844e3ddcebfe143b437b76d9435f680
SHA512

2a114faefec3e6a5c9e0f5c99dd8a768410835845bfd34162734e1fcca7e56b579a13e723ec3cce8bcfac48a5cff7d6603f37a3df02f05cbebeb7b5f2165cb37
SSDEEP

98304:SXjizCyTdcERDM9sfidByJoo7jl0AluJ0+LM+BqXFpjQpE9:1+/zWVF1JjJ

Score

1^/10

Malware Config

Signatures

Files

NEAS.53d2be4be1ce05f636a6249e1ca6fff0.exe
.exe windows:5 windows x86

6999013891216d68f48bcb86d23b600f

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

35:8b:4f:97:95:73:1d:9b:44:26:52:3f
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

02/12/2022, 07:43

Not After

02/01/2024, 10:35

Subject

SERIALNUMBER=110111-1772535,CN=Everyzone Inc.,O=Everyzone Inc.,STREET=136 Mapo-daero,L=Mapo-gu,ST=Seoul,C=KR,1.3.6.1.4.1.311.60.2.1.3=#13024b52,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:45

Not After

08/05/2033, 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a9:c3:21:07:56:98:ef:ec:d9:95:11:d0:48:83:c2:c8:d4:d4:7b:df:05:9c:77:bd:a3:f3:a9:a7:14:bb:1a:c1
Signer

Actual PE Digest

a9:c3:21:07:56:98:ef:ec:d9:95:11:d0:48:83:c2:c8:d4:d4:7b:df:05:9c:77:bd:a3:f3:a9:a7:14:bb:1a:c1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
AreFileApisANSI
GetSystemTime
GetTempPathA
VirtualLock
GetDiskFreeSpaceA
CreateFileMappingA
WriteConsoleA
VirtualUnlock
HeapValidate
GetFileAttributesA
FormatMessageA
UnlockFileEx
WaitForSingleObjectEx
FlushViewOfFile
TryEnterCriticalSection
HeapCompact
GetFullPathNameA
InterlockedCompareExchange
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetStdHandle
HeapSize
CreateThread
ExitThread
RaiseException
RtlUnwind
GetFileType
VirtualQuery
VirtualAlloc
ExitProcess
HeapReAlloc
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
FindResourceExW
GetDiskFreeSpaceW
VirtualProtect
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetProfileIntW
SearchPathW
GetTempFileNameW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
lstrcpyW
GlobalFlags
GetThreadLocale
lstrlenA
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
SetThreadPriority
GetModuleHandleA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetVersionExA
GlobalSize
FormatMessageW
MulDiv
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
FileTimeToSystemTime
GetTickCount
SuspendThread
GetLongPathNameW
CreateProcessW
QueryFullProcessImageNameW
SetLastError
GetExitCodeProcess
DuplicateHandle
DeleteCriticalSection
InitializeCriticalSection
DeleteFileA
GetFileSize
GetFileTime
FindClose
FindFirstFileW
SetFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
ReadFile
GetFileAttributesW
SystemTimeToFileTime
SetFilePointer
InterlockedExchange
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
Sleep
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
WriteFile
GetNativeSystemInfo
GetTempPathW
GetPrivateProfileIntW
TerminateThread
ResumeThread
ResetEvent
CreateEventW
OpenMutexW
MoveFileW
MoveFileExW
GetSystemDirectoryW
CreateMutexW
SetEvent
CopyFileW
lstrlenW
GetSystemInfo
GetModuleHandleW
GetVersionExW
ProcessIdToSessionId
GetStartupInfoW
OpenProcess
HeapFree
GetProcessHeap
HeapAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
GetUserDefaultLangID
SetUnhandledExceptionFilter
GetModuleFileNameW
GetLocalTime
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
GetProcAddress
LoadLibraryW
OutputDebugStringW
CreateDirectoryW
WideCharToMultiByte
DeleteFileW
WaitForSingleObject
OutputDebugStringA
LocalFree
GetLastError
LocalAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
MultiByteToWideChar
LockFileEx

user32

ModifyMenuW
EnableMenuItem
CheckMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
LoadMenuW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
TrackPopupMenu
DrawIcon
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
CreateWindowExW
GetClassInfoExW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetDesktopWindow
GetNextDlgGroupItem
ReleaseCapture
ClientToScreen
ReleaseDC
GetDC
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowDC
BeginPaint
EndPaint
InflateRect
ValidateRect
GetActiveWindow
GetMessageW
PostQuitMessage
IsZoomed
MessageBeep
SetWindowRgn
DrawFocusRect
DrawEdge
WindowFromPoint
GetCursorPos
GetCapture
DispatchMessageW
TranslateMessage
PeekMessageW
LoadCursorW
SystemParametersInfoW
MapDialogRect
SetWindowContextHelpId
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
ShowOwnedPopups
GetKeyNameTextW
MapVirtualKeyW
GetMenuItemInfoW
DestroyMenu
GetSysColorBrush
DeleteMenu
DestroyCursor
GetWindowRgn
CreateMenu
GetDoubleClickTime
GetIconInfo
SubtractRect
CopyIcon
CharUpperBuffW
GetUpdateRect
FrameRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
IsClipboardFormatAvailable
EnableWindow
GetSysColor
GetWindowRect
RedrawWindow
GetParent
InvalidateRect
UpdateWindow
GetClientRect
FillRect
OffsetRect
SetCursor
SendMessageW
IsWindow
KillTimer
SetTimer
GetSystemMetrics
PostMessageW
GetClassNameW
EnumChildWindows
GetWindowThreadProcessId
GetClassInfoW
RegisterClassW
MapVirtualKeyExW
IsCharLowerW
UnpackDDElParam
MessageBoxW
FindWindowW
ReuseDDElParam
InsertMenuItemW
LoadIconW
GetSystemMenu
AppendMenuW
SetClassLongW
GetClassLongW
SetForegroundWindow
SetWindowLongW
GetWindowLongW
TranslateAcceleratorW
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawFrameControl
DrawIconEx
UnregisterClassW
InvalidateRgn
SetRect
CharNextW
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyIcon
CopyImage
OpenClipboard
SetRectEmpty
PostThreadMessageW
WaitMessage
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
CharUpperW
GetAsyncKeyState
DestroyAcceleratorTable
LoadAcceleratorsW
CreateAcceleratorTableW
NotifyWinEvent
CreatePopupMenu
SetParent
SetCapture
IsMenu
IsRectEmpty
BringWindowToTop
LockWindowUpdate
RegisterClipboardFormatW
DrawStateW

gdi32

SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreatePen
CreateHatchBrush
CreateRectRgnIndirect
SetRectRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32W
OffsetRgn
GetRgnBox
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
GetDIBits
RealizePalette
SetPixel
GetBkColor
ScaleViewportExtEx
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
GetTextFaceW
SetPixelV
SetViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CopyMetaFileW
GetDeviceCaps
CombineRgn
CreateRectRgn
GetPixel
SelectClipRgn
StretchBlt
CreateDIBSection
SetDIBColorTable
SelectObject
DeleteDC
RemoveFontResourceExW
CreateFontW
AddFontResourceExW
Rectangle
GetStockObject
SetTextCharacterExtra
SetViewportOrgEx
GetViewportOrgEx
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
BitBlt
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

AllocateAndInitializeSid
LookupAccountSidW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyW
RegEnumKeyExW
RegDeleteValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
FreeSid
CheckTokenMembership
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
QueryServiceStatusEx
CloseServiceHandle
OpenServiceW
OpenSCManagerW
GetTokenInformation

shell32

SHGetFileInfoW
ShellExecuteW
ShellExecuteExW
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
DragFinish
DragQueryFileW

comctl32

InitCommonControlsEx
_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathFileExistsW
SHGetValueW
PathRemoveBackslashW
PathFileExistsA
PathFindFileNameW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
CoInitializeEx
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CreateStreamOnHGlobal
IsAccelerator

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VarDateFromStr
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen
VariantCopy

gdiplus

GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateHBITMAPFromBitmap
GdipFree
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup

libcurl

curl_easy_cleanup
curl_global_cleanup
curl_easy_getinfo
curl_global_init
curl_easy_init
curl_easy_setopt
curl_easy_strerror
curl_easy_perform

libeay32

ord363
ord2572
ord3877
ord298
ord315
ord1795
ord256
ord259
ord3844
ord3816
ord257
ord464
ord258
ord964
ord3212
ord3873
ord3019
ord2747
ord2784
ord333
ord3836
ord2201
ord965

iphlpapi

GetAdaptersInfo

wtsapi32

WTSEnumerateSessionsW

wininet

InternetGetConnectedState

psapi

GetModuleFileNameExW
EnumProcesses

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 309KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6999013891216d68f48bcb86d23b600f

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

35:8b:4f:97:95:73:1d:9b:44:26:52:3fCertificate

Extended Key Usages

Key Usages

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

a9:c3:21:07:56:98:ef:ec:d9:95:11:d0:48:83:c2:c8:d4:d4:7b:df:05:9c:77:bd:a3:f3:a9:a7:14:bb:1a:c1Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

libcurl

libeay32

iphlpapi

wtsapi32

wininet

psapi

imm32

winmm

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 612KB - Virtual size: 612KB

.data Size: 309KB - Virtual size: 355KB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 254KB - Virtual size: 254KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

35:8b:4f:97:95:73:1d:9b:44:26:52:3f
Certificate

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

a9:c3:21:07:56:98:ef:ec:d9:95:11:d0:48:83:c2:c8:d4:d4:7b:df:05:9c:77:bd:a3:f3:a9:a7:14:bb:1a:c1
Signer

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 612KB - Virtual size: 612KB

.data
Size: 309KB - Virtual size: 355KB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 254KB - Virtual size: 254KB