1d88915215d7b9db15e1671ec5b46f04

Sharing

Copy URL

Twitter E-mail

General

Target

1d88915215d7b9db15e1671ec5b46f04
Size

9.2MB
MD5

1d88915215d7b9db15e1671ec5b46f04
SHA1

b4684219dae0bcc1cbca04291e246ca7a0ce3176
SHA256

3c98ead4523e58fa993215b0536711d1e8d99be715b1f62855a3b39a0d879d8b
SHA512

6a6938c7533d2fbce48a04c15b79b241a0f89d113513d6ad60bf48c1132b88abcd3cef8e42606d88467c1bad134120c672eef6bd70cd2e11fc32b9ef4030cf3c
SSDEEP

196608:OLEaE87WjiuFvcCSFo/vDKPohchISu6UcqkBs/5oLLcJxR:y7YFvrSFw7uo+U6Ucqkkl

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 14 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/51Logon/51Logon.exe	aspack_v212_v242
static1/unpack001/51Logon/dll/IEHelper.dll	aspack_v212_v242
static1/unpack001/51Logon/dll/ImageRes.dll	aspack_v212_v242
static1/unpack001/51Logon/dll/SoftFrame.dll	aspack_v212_v242
static1/unpack001/51Logon/dll/msimg32.dll	aspack_v212_v242
static1/unpack001/51Logon/dll/softCAL.dll	aspack_v212_v242
static1/unpack001/51Logon/dll/softCWL.dll	aspack_v212_v242
static1/unpack001/51Logon/dll/softExt.dll	aspack_v212_v242
static1/unpack001/51Logon/dll/softFunc.dll	aspack_v212_v242
static1/unpack001/51Logon/plugin/SysShortcut/SysShortCut.dll	aspack_v212_v242
static1/unpack001/51Logon/plugin/sg/SGDirect.dll	aspack_v212_v242
static1/unpack001/51Logon/recommend/Dll/Baidu.dll	aspack_v212_v242
static1/unpack001/51Logon/recommend/Dll/LogonBBS.dll	aspack_v212_v242
static1/unpack001/51Logon/recommend/Dll/LogonFlash.dll	aspack_v212_v242

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/51Logon/51Logon.exe
unpack001/51Logon/dll/IEHelper.dll
unpack001/51Logon/dll/ImageRes.dll
unpack001/51Logon/dll/SoftFrame.dll
unpack001/51Logon/dll/msimg32.dll
unpack001/51Logon/dll/softCAL.dll
unpack001/51Logon/dll/softCWL.dll
unpack001/51Logon/dll/softExt.dll
unpack001/51Logon/dll/softFunc.dll
unpack001/51Logon/plugin/SysShortcut/SysShortCut.dll
unpack001/51Logon/plugin/sg/SGDirect.dll
unpack001/51Logon/recommend/Dll/Baidu.dll
unpack001/51Logon/recommend/Dll/LogonBBS.dll
unpack001/51Logon/recommend/Dll/LogonFlash.dll

Files

1d88915215d7b9db15e1671ec5b46f04
.rar
51Logon/51Logon.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.1MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 46KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 210KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/51LogonCAE.dat
51Logon/51LogonCE.dat
51Logon/51LogonCLE.dat
51Logon/51LogonCLP.dat
51Logon/51LogonCUE.dat
51Logon/51LogonDE.dat
51Logon/51LogonPA.dat
51Logon/51LogonPE.dat
51Logon/dll/51IP.Dat
51Logon/dll/IEHelper.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

CODE
Size: 155KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/dll/IPImage/touch1.jpg
.jpg
51Logon/dll/IPImage/touch2.jpg
.jpg
51Logon/dll/ImageRes.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 565KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/dll/SoftFrame.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetFormWin
InitSoftFrame
SetSearchText

Sections

CODE
Size: 164KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/dll/geturl.htm
.html .js polyglot
51Logon/dll/msimg32.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag

Sections

.text
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/dll/softCAL.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

AutoLogonQQ
CaseAppView
CreateInputThread
InputProc
IsQQSoftFlag
SetProcAddr

Sections

CODE
Size: 165KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/dll/softCALMark.dat
51Logon/dll/softCWL.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

BindNewWebLogon
CreateWebChecker
FillInCurrentWeb
FreeWebChecker
GetCurrentUrlWeb
GetUrl
InitLogonWeb
OpenLogonUrl
SGDirect_kx001
SGDirect_my4399
SGDirect_qq
SGDirect_qq_ex
SGDirect_qq_gvp
SGDirect_rr
StartWebChecker
StopWebChecker

Sections

CODE
Size: 266KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 25KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/dll/softExt.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 295KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/dll/softFunc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetVIPFuncActive
GetVIPFuncCount
GetVIPFuncDescUrl
GetVIPFuncErrHint
GetVIPFuncInfo
InitSoftFunc

Sections

CODE
Size: 33KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/icon/extend/[PluginCard]1_2.png
.png
51Logon/icon/extend/[PluginCard]1_3.png
.png
51Logon/icon/extend/[PluginCard]1_4.png
.png
51Logon/icon/extend/[PluginCard]1_5.png
.png
51Logon/icon/logo/default.png
.png
51Logon/icon/logo/拍虎照.gif
.gif
51Logon/icon/url/alumni.163.com_favicon.ico
51Logon/icon/url/alumni.chinaren.com_favicon.ico
51Logon/icon/url/auto.sina.com.cn_favicon.ico
51Logon/icon/url/baike.baidu.com_favicon.ico
51Logon/icon/url/bbs.sina.com.cn_favicon.ico
51Logon/icon/url/bbs.tom.com_favicon.ico
51Logon/icon/url/blog.sina.com.cn_favicon.ico
51Logon/icon/url/club.163.com_favicon.ico
51Logon/icon/url/cn.bbs.yahoo.com_favicon.ico
51Logon/icon/url/community.csdn.net_favicon.ico
51Logon/icon/url/ehire.51job.com_favicon.ico
51Logon/icon/url/hi.baidu.com_favicon.ico
51Logon/icon/url/iask.sina.com.cn_favicon.ico
51Logon/icon/url/login.live.com_favicon.ico
51Logon/icon/url/m108.mail.qq.com_favicon.ico
51Logon/icon/url/mail.126.com_favicon.ico
51Logon/icon/url/mail.163.com_favicon.ico
51Logon/icon/url/mail.21cn.com_favicon.ico
51Logon/icon/url/mail.cn.yahoo.com_favicon.ico
51Logon/icon/url/mail.qq.com_favicon.ico
51Logon/icon/url/mail.sina.com.cn_favicon.ico
51Logon/icon/url/mail.sohu.com_favicon.ico
51Logon/icon/url/member1.taobao.com_favicon.ico
51Logon/icon/url/my.51job.com_favicon.ico
51Logon/icon/url/passport.baidu.com_favicon.ico
51Logon/icon/url/qzone.qq.com_favicon.ico
51Logon/icon/url/reg.xiaoyou.qq.com_favicon.ico
51Logon/icon/url/vip.163.com_favicon.ico
51Logon/icon/url/vip.chinahr.com_favicon.ico
51Logon/icon/url/www.126.com_favicon.ico
51Logon/icon/url/www.chinaren.com_favicon.ico
51Logon/icon/url/www.ctrip.com_favicon.ico
51Logon/icon/url/www.google.cn_favicon.ico
51Logon/icon/url/www.google.com_favicon.ico
51Logon/icon/url/www.sogou.com_favicon.ico
51Logon/icon/url/www.xici.net_favicon.ico
51Logon/icon/url/www.yeah.net_favicon.ico
51Logon/icon/url/www2.baidu.com_favicon.ico
51Logon/plugin/51LogonPlugin.dat
51Logon/plugin/51LogonPluginList.dat
51Logon/plugin/SysShortcut/51LogonCSE.dat
51Logon/plugin/SysShortcut/SysShortCut.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ChangePluginSkin
ClosePluginDB
ExecutePlugin
GetPluginCardHint
GetPluginCardMenuState
InitializePlugin
OpenPluginDB
PluginRunState
TerminatePlugin
UninstallPlugin

Sections

CODE
Size: 534KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 35KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/plugin/SysShortcut/icon/Control.ico
51Logon/plugin/SysShortcut/icon/Dev.ico
51Logon/plugin/SysShortcut/icon/Display.ico
51Logon/plugin/SysShortcut/icon/Firewall.ico
51Logon/plugin/SysShortcut/icon/Internet.ico
51Logon/plugin/SysShortcut/icon/MyComputer.ico
51Logon/plugin/SysShortcut/icon/Recycled.ico
51Logon/plugin/SysShortcut/icon/Setup.ico
51Logon/plugin/SysShortcut/icon/Time.ico
51Logon/plugin/SysShortcut/icon/Users.ico
51Logon/plugin/SysShortcut/icon/calc.ico
51Logon/plugin/SysShortcut/icon/compmgmt.ico
51Logon/plugin/SysShortcut/icon/lock.ico
51Logon/plugin/SysShortcut/icon/msconfig.ico
51Logon/plugin/SysShortcut/icon/mspaint.ico
51Logon/plugin/SysShortcut/icon/mstsc.ico
51Logon/plugin/SysShortcut/icon/network.ico
51Logon/plugin/SysShortcut/icon/notepad.ico
51Logon/plugin/SysShortcut/icon/print.ico
51Logon/plugin/SysShortcut/icon/regedit.ico
51Logon/plugin/SysShortcut/icon/services.ico
51Logon/plugin/SysShortcut/icon/system.ico
51Logon/plugin/SysShortcut/icon/taskmgr.ico
51Logon/plugin/image/sg.png
.png
51Logon/plugin/image/shortcut.png
.png
51Logon/plugin/sg/SGDirect.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ChangePluginSkin
ClosePluginDB
ExecutePlugin
GetPluginCardHint
GetPluginCardMenuState
InitializePlugin
OpenPluginDB
PluginRunState
TerminatePlugin
UninstallPlugin

Sections

CODE
Size: 538KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 35KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 37KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/recommend/51LogonRecommend.dat
51Logon/recommend/Dll/Baidu.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ChangePluginSkin
ExecutePlugin
InitializePlugin
TerminatePlugin
UninstallPlugin

Sections

CODE
Size: 173KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/recommend/Dll/LogonBBS.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ChangePluginSkin
ExecutePlugin
InitializePlugin
TerminatePlugin
UninstallPlugin

Sections

CODE
Size: 174KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/recommend/Dll/LogonFlash.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ChangePluginSkin
ExecutePlugin
InitializePlugin
TerminatePlugin
UninstallPlugin

Sections

CODE
Size: 174KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
51Logon/recommend/Icon/51Logon.png
.png
51Logon/recommend/Icon/51LogonFlash.png
.png
51Logon/recommend/Icon/baidu.png
.png
51Logon/recommend/Icon/sgrefer.png
.png
51Logon/skin/Skin1/CtrlSkin.dat
51Logon/skin/Skin1/MainSkin.dat
51Logon/skin/Skin1/MenuSkin.dat
51Logon/skin/Skin1/Skin.cfg
51Logon/skin/Skin1/Skin.png
.png
51Logon/skin/Skin2/CtrlSkin.dat
51Logon/skin/Skin2/MainSkin.dat
51Logon/skin/Skin2/MenuSkin.dat
51Logon/skin/Skin2/Skin.cfg
51Logon/skin/Skin2/Skin.png
.png

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 1.1MB - Virtual size: 3.2MB

DATA Size: 46KB - Virtual size: 124KB

BSS Size: - Virtual size: 420KB

.idata Size: 5KB - Virtual size: 16KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 192KB

.rsrc Size: 210KB - Virtual size: 1.3MB

.aspack Size: 35KB - Virtual size: 36KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 155KB - Virtual size: 368KB

DATA Size: 2KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 28KB

.rsrc Size: 10KB - Virtual size: 28KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 6KB - Virtual size: 12KB

DATA Size: 512B - Virtual size: 4KB

BSS Size: - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.rsrc Size: 565KB - Virtual size: 2.0MB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 164KB - Virtual size: 384KB

DATA Size: 12KB - Virtual size: 20KB

BSS Size: - Virtual size: 8KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 28KB

.rsrc Size: 33KB - Virtual size: 56KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 4KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 165KB - Virtual size: 392KB

DATA Size: 2KB - Virtual size: 16KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 17KB - Virtual size: 28KB

.rsrc Size: 8KB - Virtual size: 24KB

CODE
Size: 1.1MB - Virtual size: 3.2MB

DATA
Size: 46KB - Virtual size: 124KB

BSS
Size: - Virtual size: 420KB

.idata
Size: 5KB - Virtual size: 16KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 192KB

.rsrc
Size: 210KB - Virtual size: 1.3MB

.aspack
Size: 35KB - Virtual size: 36KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 155KB - Virtual size: 368KB

DATA
Size: 2KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 10KB - Virtual size: 28KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 6KB - Virtual size: 12KB

DATA
Size: 512B - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 565KB - Virtual size: 2.0MB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 164KB - Virtual size: 384KB

DATA
Size: 12KB - Virtual size: 20KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 33KB - Virtual size: 56KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 4KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 165KB - Virtual size: 392KB

DATA
Size: 2KB - Virtual size: 16KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 17KB - Virtual size: 28KB

.rsrc
Size: 8KB - Virtual size: 24KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 266KB - Virtual size: 684KB

DATA
Size: 4KB - Virtual size: 12KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 25KB - Virtual size: 44KB

.rsrc
Size: 14KB - Virtual size: 44KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 295KB - Virtual size: 780KB

DATA
Size: 15KB - Virtual size: 40KB

BSS
Size: - Virtual size: 24KB

.idata
Size: 3KB - Virtual size: 12KB

.reloc
Size: 27KB - Virtual size: 48KB

.rsrc
Size: 48KB - Virtual size: 396KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 33KB - Virtual size: 72KB

DATA
Size: 1024B - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 8KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 534KB - Virtual size: 1.4MB

DATA
Size: 35KB - Virtual size: 88KB

BSS
Size: - Virtual size: 12KB