47a9283bb31c3ecb226f0471fa9221082706f8948440cd1e3b8d38bd7a1e6237

Sharing

Copy URL Twitter E-mail

General

Target

47a9283bb31c3ecb226f0471fa9221082706f8948440cd1e3b8d38bd7a1e6237
Size

7.6MB
MD5

883c24d3870f0f029394089385edbd31
SHA1

e265266e667f52eee25c7e28889f4332eb028ad6
SHA256

47a9283bb31c3ecb226f0471fa9221082706f8948440cd1e3b8d38bd7a1e6237
SHA512

4c9e821ff6675ff3c255f3fc2b3c5e00ca0698d6a4e3b6e1ee221014c3b7d729f7941f765fef6f2e67062331821015c15d09dde642f31c60c5e80f76af956d14
SSDEEP

49152:w2IZD5jVRvVmglV01yLZ1cNPNejiOXUTyyyyJ1qsjYr11fVMCEtEAcLWb9a:i8HRTyyyyGr1BVrLn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47a9283bb31c3ecb226f0471fa9221082706f8948440cd1e3b8d38bd7a1e6237

Files

47a9283bb31c3ecb226f0471fa9221082706f8948440cd1e3b8d38bd7a1e6237
.dll windows:6 windows x64 arch:x64

d415a7d29892d1f590132e95f66a107f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mfc140u

ord6572
ord3151
ord7182
ord1501
ord280
ord1489
ord3841
ord2487
ord1039
ord323
ord1450
ord983
ord1504
ord290
ord8063
ord8501
ord12762
ord6549
ord886
ord4030
ord6250
ord357
ord13761
ord2187
ord2473
ord1055
ord361
ord5674
ord7551
ord12967
ord4721
ord13199
ord3742
ord11322
ord3713
ord8507
ord12706
ord4726
ord2786
ord2475
ord6566
ord8468
ord7394
ord12746
ord6247
ord1086
ord438
ord1440
ord973
ord6320
ord3756
ord4656
ord2270
ord6313
ord1053
ord990
ord1454
ord6251
ord8900
ord5916
ord11902
ord8817
ord2698
ord13401
ord6002
ord3056
ord11813
ord11085
ord3951
ord3308
ord3307
ord3071
ord6000
ord13397
ord3212
ord3209
ord2311
ord2697
ord14360
ord9976
ord9978
ord9977
ord9975
ord1491
ord5451
ord11414
ord11415
ord8830
ord11771
ord3718
ord11625
ord14209
ord2351
ord8469
ord8656
ord878
ord11854
ord1369
ord11594
ord6729
ord10691
ord3828
ord8043
ord8947
ord3173
ord4335
ord13864
ord6634
ord13568
ord4498
ord13617
ord2909
ord13986
ord4696
ord14278
ord12087
ord3143
ord14225
ord2340
ord12030
ord6505
ord4095
ord3164
ord13513
ord11944
ord11940
ord1700
ord8826
ord6588
ord1424
ord3728
ord9159
ord278
ord1722
ord1748
ord8449
ord2921
ord2344
ord2212
ord5709
ord285
ord1734
ord1755
ord4776
ord1667
ord8452
ord2903
ord4843
ord4788
ord4806
ord4800
ord4794
ord4853
ord4837
ord4782
ord4859
ord4814
ord4752
ord12563
ord4767
ord4828
ord4360
ord8451
ord12600
ord9384
ord4946
ord1034
ord4352
ord2967
ord14211
ord12240
ord265
ord7651
ord1670
ord14217
ord2298
ord1643
ord300
ord310
ord311
ord6262
ord1430
ord964
ord3599
ord3685
ord14128
ord9068
ord5237
ord13679
ord12963
ord6631
ord14221
ord10727
ord11406
ord12763
ord266
ord13354
ord4511
ord8409
ord2316
ord6619
ord2346
ord2350
ord1404
ord2396
ord6866
ord1111
ord1492
ord324
ord1040
ord2327
ord2369
ord2372
ord2338
ord2371
ord473
ord2234
ord2336
ord2161
ord2266
ord2360
ord4947
ord5723
ord2629
ord11806
ord3812
ord3279
ord3278
ord3172
ord11850
ord5080
ord5363
ord5552
ord9041
ord5339
ord5582
ord5083
ord5229
ord5062
ord7460
ord7461
ord7450
ord5227
ord7922
ord9946
ord8901
ord2418
ord8731
ord4948
ord5675
ord10704
ord12241
ord2922
ord286
ord316
ord3697
ord10163
ord5240
ord305
ord306
ord1508
ord1511
ord1674
ord1677
ord1641
ord13767
ord1503
ord5710
ord12445
ord1671
ord1033
ord296
ord1089
ord446
ord7233
ord6848
ord7913
ord9979

kernel32

SetThreadLocale
SuspendThread
TerminateThread
SetThreadPriority
GetCurrentThreadId
GetCurrentThread
GetTimeZoneInformation
lstrcpynA
LoadLibraryExW
CreateSemaphoreW
lstrcmpiA
lstrcmpA
GetSystemTimeAsFileTime
ReleaseSemaphore
ReadFile
GetUserDefaultLangID
GetPrivateProfileIntW
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetACP
GetUserDefaultLCID
GetNumberFormatW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
SystemTimeToFileTime
FileTimeToSystemTime
MoveFileW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
WritePrivateProfileStringW
_lclose
_lwrite
_lcreat
lstrlenW
lstrlenA
lstrcatW
lstrcatA
lstrcpyW
lstrcpyA
lstrcpynW
lstrcmpiW
lstrcmpW
FormatMessageW
LocalFree
GlobalReAlloc
GetModuleFileNameW
FindResourceExW
GetVersionExW
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
GetTempPathW
SetFilePointer
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
GetVolumeInformationW
GetTempFileNameW
GetShortPathNameW
GetFullPathNameW
GetFileTime
GetFileSize
GetFileAttributesA
GetDriveTypeW
GetDiskFreeSpaceExW
FindNextFileW
FileTimeToLocalFileTime
CreateDirectoryW
CreateDirectoryA
CompareFileTime
GetProcessHeap
HeapDestroy
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
HeapFree
WriteFile
CreateFileW
GetFileAttributesW
Sleep
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
ResetEvent
SetEvent
WaitForSingleObject
ResumeThread
MulDiv
CloseHandle
CreateEventW
DeleteFileW
FindClose
FindFirstFileW
FreeLibrary
LoadLibraryW
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
GetLastError
EnterCriticalSection
LeaveCriticalSection
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
FreeResource
LoadResource
FindResourceW
LocalAlloc
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
InitializeSListHead
VirtualQuery
GlobalHandle
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateSemaphoreA
GetExitCodeThread
WaitForMultipleObjects
GetPrivateProfileStringW

user32

RemoveMenu
IsRectEmpty
GetDialogBaseUnits
DialogBoxIndirectParamW
CheckDlgButton
SetWindowLongPtrW
SetWindowTextW
CharLowerW
CharUpperW
SendDlgItemMessageW
IsDlgButtonChecked
GetDlgItemTextW
SetDlgItemTextW
EndDialog
CreateDialogParamW
DrawTextW
SetRectEmpty
GetMenuItemInfoW
MonitorFromWindow
EnumDisplayDevicesW
GetWindow
EnumWindows
EnumChildWindows
GetDesktopWindow
GetWindowLongPtrW
EqualRect
ScreenToClient
SetCursorPos
GetWindowTextW
ScrollWindowEx
InvalidateRgn
DeleteMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
CharPrevW
CharNextW
OemToCharA
CharToOemA
EmptyClipboard
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowPlacement
SetWindowPos
WaitMessage
PeekMessageW
wsprintfW
wsprintfA
LoadStringW
ClipCursor
MessageBoxW
RedrawWindow
IsWindow
KillTimer
GetDlgItem
SetRect
ReleaseCapture
PtInRect
SetCapture
GetCapture
PostMessageW
GetCursorPos
IsWindowVisible
SetTimer
GetClassInfoW
MoveWindow
SetWindowLongW
DestroyWindow
UpdateWindow
GetMonitorInfoW
EnableWindow
LoadCursorW
DestroyCursor
DestroyIcon
GetWindowLongW
GetClientRect
SetWindowRgn
GetParent
SendMessageW
GetNextDlgTabItem
SetCursor
InvalidateRect
ClientToScreen
WindowFromPoint
GetActiveWindow
CopyRect
InflateRect
DrawFocusRect
GetWindowRect
OffsetRect
DrawStateW
FillRect
GetSysColor
GetDC
ReleaseDC
GetIconInfo
CreateIconIndirect
LoadImageW
FrameRect
GetSystemMetrics
IsIconic
GetWindowPlacement
IntersectRect
LoadStringA
GetClassInfoExW
DefWindowProcW
LoadIconW
RegisterClassExW
CreateWindowExW
ShowWindow

gdi32

GetTextMetricsW
CreateFontW
StretchBlt
GetPixel
SetPixel
GetBkColor
GetDeviceCaps
CreateSolidBrush
GetTextExtentPoint32W
CreatePen
SetBkColor
CreateBitmap
BitBlt
CreateCompatibleBitmap
GetStockObject
CreateEllipticRgnIndirect
LineTo
GetObjectW
CreateCompatibleDC
SetDIBColorTable
SelectObject
DeleteDC
DeleteObject
CreateFontIndirectW
CombineRgn
CreateRectRgn
GetDIBits
TranslateCharsetInfo
PatBlt
RealizePalette
SelectPalette
CreatePalette
GetDIBColorTable
SetDIBitsToDevice
StretchDIBits
SetStretchBltMode
GetPaletteEntries
GetCurrentObject
CreateDIBSection
MoveToEx

comdlg32

GetFileTitleW

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyW
RegQueryValueExA
ReportEventW
RegEnumKeyExA
RegOpenKeyExA
DeregisterEventSource
RegisterEventSourceW

shell32

ExtractIconExW
SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteExW
ShellExecuteW

comctl32

ImageList_DragLeave
_TrackMouseEvent
ord17
ImageList_Create
ImageList_EndDrag
PropertySheetW
ImageList_ReplaceIcon

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathStripToRootW
PathFindExtensionW
StrCpyW
StrCmpLogicalW
PathAddBackslashA
PathAddBackslashW
PathAppendA
PathAppendW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecA
PathRemoveFileSpecW
StrStrIW

ole32

CreateStreamOnHGlobal
CoCreateInstance

oleaut32

VarDateFromStr
VariantTimeToSystemTime
VariantCopy
VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString
OleLoadPicture
SysAllocStringByteLen
SysStringByteLen

gdiplus

GdipLoadImageFromStream
GdipCreateFromHDC
GdipDrawImageRectI
GdipGetImageEncoders
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipCreateBitmapFromFile
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown
GdipGetImageEncodersSize

msvcp140

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Xlength_error@std@@YAXPEBD@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xout_of_range@std@@YAXPEBD@Z
??Bid@locale@std@@QEAA_KXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_JD@Z
?putback@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

winmm

PlaySoundW

wininet

InternetWriteFile
HttpOpenRequestW
HttpSendRequestExW
HttpEndRequestW
InternetOpenW
HttpQueryInfoW
HttpSendRequestW
InternetConnectW
InternetCloseHandle
HttpAddRequestHeadersW
InternetReadFile
InternetOpenUrlW

vcomp140

_vcomp_for_static_end
_vcomp_for_static_simple_init
_vcomp_fork
omp_get_thread_num
_vcomp_atomic_add_i4
_vcomp_for_static_init
_vcomp_set_num_threads
omp_get_max_threads
_vcomp_for_dynamic_next
_vcomp_for_dynamic_init
_vcomp_reduction_i4

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

vcruntime140

strstr
strchr
__CxxFrameHandler3
__C_specific_handler
__std_terminate
_purecall
_CxxThrowException
strrchr
wcschr
wcsrchr
__std_exception_copy
__std_exception_destroy
__vcrt_LoadLibraryExW
__vcrt_GetModuleFileNameW
__C_specific_handler_noexcept
__std_type_info_destroy_list
wcsstr
__RTDynamicCast
memcmp
memset
memmove
memcpy
memchr

api-ms-win-crt-runtime-l1-1-0

_resetstkoflw
_errno
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_beginthreadex
_configure_narrow_argv
_endthreadex
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
terminate
_initterm
_initterm_e
_controlfp_s
_initialize_narrow_environment
_invalid_parameter_noinfo

api-ms-win-crt-heap-l1-1-0

free
calloc
_aligned_malloc
_recalloc
malloc
realloc
_aligned_free

api-ms-win-crt-string-l1-1-0

strcmp
_wcsicmp
_wcsnicmp
_wcslwr_s
isdigit
strtok_s
_strlwr_s
wmemcpy_s
strcpy_s
strncpy
strlen
strncmp
iswdigit
_wcsdup
_wcslwr
wcstok_s
wcsncpy
_stricmp
wcsncpy_s
wcscpy_s
strcat_s
towupper
toupper
wcscat_s
wcscspn
wcsnlen
wcsncmp
wcstok
strtok

api-ms-win-crt-time-l1-1-0

_localtime64_s
_localtime64
_time64
_gmtime64

api-ms-win-crt-convert-l1-1-0

mbtowc
_wtoi
strtol
_itow
atof
mbstowcs
_gcvt
_wtof
_itow_s
_wtol
_ultoa_s
_itoa_s
strtoul
atoi
strtod

api-ms-win-crt-utility-l1-1-0

bsearch
srand
qsort
rand

api-ms-win-crt-stdio-l1-1-0

fwrite
setvbuf
fseek
fsetpos
ungetc
fread
fputc
fgets
fgetpos
fgetc
__stdio_common_vswprintf_s
fflush
fclose
_get_stream_buffer_pointers
__stdio_common_vswprintf
_wfopen
__acrt_iob_func
__stdio_common_vsprintf
ftell
__stdio_common_vsscanf
__stdio_common_vsprintf_s
__stdio_common_vfprintf
__stdio_common_vswscanf
feof
fopen
_fseeki64

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
remove
_lock_file

api-ms-win-crt-multibyte-l1-1-0

_mbsrchr
_mbscmp
_mbsbtype

api-ms-win-crt-math-l1-1-0

floor
pow
log10
atan2
powf
sqrt
tan
sin
atan
ceil
_hypot
sinf
log
roundf
logf
expf
fmodf
acos
asin
exp
round
sqrtf
cos

mscms

GetColorProfileHeader
IsColorProfileValid
OpenColorProfileW
TranslateBitmapBits
DeleteColorTransform
CreateMultiProfileTransform
CloseColorProfile

api-ms-win-crt-locale-l1-1-0

__initialize_lconv_for_unsigned_char

imagehlp

ImageGetCertificateHeader
ImageAddCertificate
ImageRemoveCertificate
ImageEnumerateCertificates
ImageGetCertificateData
ImageGetDigestStream

Exports

Exports

CXP_Free
CXP_GetPlugInInfo
CXP_Init
CXP_InvokeCommand
CXP_ShowPlugInDialog

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 650KB - Virtual size: 650KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d415a7d29892d1f590132e95f66a107f

Headers

DLL Characteristics

File Characteristics

Imports

mfc140u

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

msvcp140

winmm

wininet

vcomp140

version

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-math-l1-1-0

mscms

api-ms-win-crt-locale-l1-1-0

imagehlp

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 650KB - Virtual size: 650KB

.data Size: 63KB - Virtual size: 82KB

.pdata Size: 103KB - Virtual size: 102KB

_RDATA Size: 129KB - Virtual size: 129KB

.rsrc Size: 4.2MB - Virtual size: 4.2MB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 650KB - Virtual size: 650KB

.data
Size: 63KB - Virtual size: 82KB

.pdata
Size: 103KB - Virtual size: 102KB

_RDATA
Size: 129KB - Virtual size: 129KB

.rsrc
Size: 4.2MB - Virtual size: 4.2MB

.reloc
Size: 11KB - Virtual size: 11KB