f547c0ac07fea7fb13ec8c7f4cc86eab2c1d2e6a586a94f7dec7e4a824ffabc9

Sharing

Copy URL

Twitter E-mail

General

Target

f547c0ac07fea7fb13ec8c7f4cc86eab2c1d2e6a586a94f7dec7e4a824ffabc9
Size

3.9MB
MD5

3eb14f5332417765fdc65c109e02d33f
SHA1

51d2efb9ac6ffcb9c0ee8a982f4af42edbaf126d
SHA256

f547c0ac07fea7fb13ec8c7f4cc86eab2c1d2e6a586a94f7dec7e4a824ffabc9
SHA512

dbc401fd4078a2e8c29e6d7714bed43625f55b838de05032e518626926526c4d70c2bf2f720ca816771cb50824da57178e7042615396f8629779a925f569c219
SSDEEP

98304:lzw0+RNZsXur9B36VQk+I0AOowCQ+yN4:ls0WNZIur2sA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f547c0ac07fea7fb13ec8c7f4cc86eab2c1d2e6a586a94f7dec7e4a824ffabc9

Files

f547c0ac07fea7fb13ec8c7f4cc86eab2c1d2e6a586a94f7dec7e4a824ffabc9
.exe windows:5 windows x64 arch:x64

9da30b0f50b49c66c8e7af5a30cd62dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdiplus

GdipGetImageGraphicsContext
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipFree
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipGetImagePixelFormat

setupxml

??0CXMLFileManagerInterface@@QEAA@XZ
?SetFeatureData@CXMLFileManagerInterface@@QEAA_NUCXML_FEATURE_DATA@@@Z
?GetFeatureData@CXMLFileManagerInterface@@QEAA_NPEB_WPEAUCXML_FEATURE_DATA@@@Z
?GetFeatureData@CXMLFileManagerInterface@@QEAA_NHPEAUCXML_FEATURE_DATA@@@Z
?ToggleCheck@CXMLFileManagerInterface@@QEAAXH_N@Z
?RemoveAll@CXMLFileManagerInterface@@QEAAJPEB_W@Z
?IsXMLLoaded@CXMLFileManagerInterface@@QEAA_NXZ
?GetAttributeSingleNode@CXMLFileManagerInterface@@QEAA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PEB_W0W4XMLFILENAMES@@@Z
?SetAttributeSingleNode@CXMLFileManagerInterface@@QEAA_NPEB_W00W4XMLFILENAMES@@@Z
?Select@CXMLFileManagerInterface@@QEAAJPEB_W@Z
?GetParentAttribute@CXMLFileManagerInterface@@QEAA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PEB_W@Z
GetOsLanguage
??0CXMLFileManagerInterface@@QEAA@AEBV0@@Z
?AddNodeAsChild@CXMLFileManagerInterface@@QEAA_NPEB_W@Z
??1CXMLFileManagerInterface@@UEAA@XZ
?GetAttributeBool@CXMLFileManagerInterface@@QEAA_NPEB_W@Z
?SetAttribute@CXMLFileManagerInterface@@QEAA_NPEB_W_N@Z
?AddNodeToEndOfList@CXMLFileManagerInterface@@QEAA_NPEB_W@Z
?SetAttribute@CXMLFileManagerInterface@@QEAA_NPEB_WI@Z
?CounterLast@CXMLFileManagerInterface@@QEAAJXZ
?GetAttribute@CXMLFileManagerInterface@@QEAA?AV?$CStringT@_WV?$StrTraitMFC@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PEB_W@Z
?CounterNext@CXMLFileManagerInterface@@QEAAJXZ
?SetAttribute@CXMLFileManagerInterface@@QEAA_NPEB_W0@Z
?Init@CXMLFileManagerInterface@@SAJPEB_W@Z
?UnInitialize@CXMLFileManagerInterface@@QEAAXXZ
?Saveit@CXMLFileManagerInterface@@QEAAJPEB_W_N@Z
?ToggleCheck@CXMLFileManagerInterface@@QEAAXPEB_W_N@Z
?SetFileIndex@CXMLFileManagerInterface@@QEAAXW4XMLFILENAMES@@@Z
?CreateXML@CXMLFileManagerInterface@@QEAAJPEB_W@Z

script

?OnSetupPrerequisites@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnAfterExecutePatches@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnBeforeExecutePatches@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnAfterExecuteChain@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnBeforeExecuteChain@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnSetupInitialization@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?ScheduleGAPost@CScript@@SAXPEAVCUtlXSetupEng@@@Z
?ScheduleTracking@CScript@@SAXPEAVCUtlXSetupEng@@@Z
?OnWizardCompleteSilent@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnWizardCompleteError@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnWizardCompleteSuccess@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnWizardCompleteReboot@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnWizardStart@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnWizardProgressStart@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnWizardInit@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnCustomCommandLine_S@CScript@@SAIPEAVCUtlXSetupEng@@@Z
?OnFeatureSelectionChanged@CScript@@SAIPEAVCUtlXSetupEng@@UCXML_FEATURE_DATA@@@Z

kernel32

GlobalGetAtomNameW
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
SetErrorMode
GetTickCount
GetWindowsDirectoryW
lstrcpyW
VerSetConditionMask
VerifyVersionInfoW
TlsFree
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID
FindResourceExW
GetCommandLineW
GetSystemTimeAsFileTime
ExitProcess
AreFileApisANSI
IsDebuggerPresent
IsProcessorFeaturePresent
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
CreateThread
ExitThread
GetSystemInfo
VirtualAlloc
VirtualQuery
HeapQueryInformation
SetStdHandle
GetFileType
GetStdHandle
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
GetStringTypeW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
OutputDebugStringW
GetDriveTypeW
WriteConsoleW
SetEnvironmentVariableA
GetNativeSystemInfo
GetUserGeoID
GetLongPathNameW
GetSystemTime
DeviceIoControl
lstrlenA
FindFirstFileExW
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
PeekNamedPipe
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
GetThreadLocale
lstrcmpiW
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LocalReAlloc
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
GlobalFindAtomW
GetSystemDirectoryW
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SystemTimeToFileTime
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FileTimeToSystemTime
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
GlobalAddAtomW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
SetThreadPriority
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
OutputDebugStringA
GetCurrentProcessId
FreeResource
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
SetLastError
MulDiv
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
Process32NextW
Module32NextW
Module32FirstW
Process32FirstW
CreateToolhelp32Snapshot
GetExitCodeProcess
CreateProcessW
WaitForSingleObject
WriteFile
CreateFileW
LocalFree
FormatMessageW
CopyFileW
GetTempPathW
DeleteCriticalSection
DecodePointer
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
WideCharToMultiByte
CreateDirectoryW
lstrcmpW
MultiByteToWideChar
GetModuleHandleW
GetDiskFreeSpaceExW
FreeLibrary
GetProcAddress
LoadLibraryW
CopyFileExW
GetExitCodeThread
Sleep
SuspendThread
ResumeThread
GetCurrentProcess
GetLastError
CreateMutexW
RemoveDirectoryW
GetModuleFileNameW
SetEvent
DeleteFileW
CloseHandle
CreateEventW
FindResourceW
LoadResource
LockResource
SizeofResource
LocalAlloc
GlobalHandle
ReadFile
GlobalReAlloc
GetTempFileNameW

user32

GetMenuItemInfoW
DestroyMenu
LoadMenuW
SendDlgItemMessageA
FillRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
MapVirtualKeyW
GetKeyNameTextW
GetMonitorInfoW
MonitorFromWindow
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetTopWindow
GetClassNameW
GetClassLongPtrW
PtInRect
EqualRect
CopyRect
GetSysColor
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
SetCursor
ShowOwnedPopups
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
CallNextHookEx
SetWindowsHookExW
ValidateRect
GetKeyState
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetFocus
TranslateMDISysAccel
GetDlgCtrlID
CheckDlgButton
MoveWindow
GetDesktopWindow
SetActiveWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
InflateRect
GetLastActivePopup
GetWindowLongW
IsWindowEnabled
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
RemoveMenu
AppendMenuW
InsertMenuW
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
GetWindowThreadProcessId
GetWindow
EnumDesktopWindows
PostMessageW
ScreenToClient
GetCursorPos
EnableMenuItem
GetSystemMenu
MessageBoxW
GetDlgItem
DefWindowProcW
UpdateLayeredWindow
SetWindowPos
SetWindowLongPtrW
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
SetClassLongPtrW
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
LockWindowUpdate
MapVirtualKeyExW
IsCharLowerW
GetWindowLongPtrW
CreateWindowExW
UnregisterClassW
GetKeyboardLayout
IsZoomed
GetComboBoxInfo
TrackMouseEvent
MonitorFromPoint
IsMenu
SetWindowRgn
DrawFrameControl
RegisterClassExW
LoadCursorW
SystemParametersInfoW
UpdateWindow
SetLayeredWindowAttributes
GetWindowRect
DrawIcon
GetClientRect
IsIconic
GetAsyncKeyState
LoadImageW
LoadIconW
wsprintfW
LoadBitmapW
GetParent
SendMessageW
EnableWindow
KillTimer
SetTimer
IsWindowVisible
SetForegroundWindow
ShowWindow
FindWindowW
ReleaseDC
GetDC
GetSystemMetrics
RegisterWindowMessageW
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
CharUpperW
GetSysColorBrush
WaitMessage
SetCapture
ReleaseCapture
WindowFromPoint
CopyImage
DeleteMenu
RealChildWindowFromPoint
InvalidateRect
CharNextW
OffsetRect
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
IsRectEmpty
GetNextDlgGroupItem
MessageBeep
DestroyIcon
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
SetRectEmpty
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
GetMenuDefaultItem
DrawFocusRect
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
GetWindowRgn
DestroyCursor
CreateMenu
SubtractRect
GetUpdateRect
IsWindow
IsClipboardFormatAvailable
PostThreadMessageW
SetParent
UnionRect
NotifyWinEvent
SetFocus
InvertRect
WinHelpW

gdi32

SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
RestoreDC
SetROP2
SetTextAlign
RectVisible
SetPolyFillMode
PtVisible
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateFontIndirectW
GetTextExtentPoint32W
GetBkColor
GetTextColor
GetRgnBox
GetTextMetricsW
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
CreateCompatibleBitmap
CreatePalette
IntersectClipRect
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
Rectangle
EnumFontFamiliesExW
OffsetRgn
CreateRoundRectRgn
RoundRect
FrameRgn
PtInRegion
SetPixelV
ExtFloodFill
SetPaletteEntries
FillRgn
GetBoundsRect
GetWindowOrgEx
LPtoDP
GetViewportOrgEx
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
PatBlt
CreateRectRgnIndirect
GetTextCharsetInfo
LineTo
GetObjectW
SetTextColor
SetBkColor
CreateBitmap
CreateDCW
CopyMetaFileW
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
GetNearestPaletteIndex
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
InitiateSystemShutdownW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
SHGetFolderPathW
ShellExecuteW
SHGetFileInfoW
DragQueryFileW
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragFinish

comctl32

InitCommonControlsEx
ImageList_AddMasked

shlwapi

PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW
PathCombineW
PathAddBackslashW
PathFindExtensionW
PathAppendW
PathFileExistsW

uxtheme

GetWindowTheme
GetThemeSysColor
IsAppThemed
GetThemePartSize
GetCurrentThemeName
GetThemeColor
CloseThemeData
OpenThemeData
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
DrawThemeText

ole32

StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
StringFromGUID2
CoCreateInstance
CLSIDFromProgID
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoInitializeEx
CoRevokeClassObject
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoSetProxyBlanket
DoDragDrop

oleaut32

OleCreateFontIndirect
VarBstrFromDate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayDestroy
SafeArrayCreate
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
LoadTypeLi
DispCallFunc
LoadRegTypeLi
VariantCopy
VariantChangeType
SysFreeString
SysAllocString
VariantClear
SysAllocStringLen
VariantInit

oledlg

OleUIBusyW

msi

ord169
ord43
ord70
ord96
ord49
ord19
ord8
ord232
ord94
ord34
ord88
ord190
ord111
ord113
ord125
ord17
ord281
ord137
ord141
ord116
ord278
ord254
ord45
ord175
ord158
ord74
ord118
ord160
ord133
ord145
ord32
ord159

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

crypt32

CryptProtectData
CryptUnprotectData

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpenRequest
WinHttpOpen
WinHttpSendRequest
WinHttpConnect
WinHttpCloseHandle

rpcrt4

UuidToStringW
RpcStringFreeW

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 810KB - Virtual size: 809KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 628KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9da30b0f50b49c66c8e7af5a30cd62dc

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

setupxml

script

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

msi

oleacc

imm32

winmm

crypt32

setupapi

winhttp

rpcrt4

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 810KB - Virtual size: 809KB

.data Size: 46KB - Virtual size: 110KB

.pdata Size: 98KB - Virtual size: 98KB

.rsrc Size: 148KB - Virtual size: 147KB

.reloc Size: 628KB - Virtual size: 632KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 810KB - Virtual size: 809KB

.data
Size: 46KB - Virtual size: 110KB

.pdata
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 148KB - Virtual size: 147KB

.reloc
Size: 628KB - Virtual size: 632KB