AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
_Z13widechar_mainiPPw
_Z5_mainv
main
Overview
overview
3Static
static
3windows.zip
windows7-x64
1windows.zip
windows10-2004-x64
1SoundSpacePlus.exe
windows7-x64
1SoundSpacePlus.exe
windows10-2004-x64
1SoundSpacePlus.pck
windows7-x64
3SoundSpacePlus.pck
windows10-2004-x64
3discord-ga...ot.dll
windows7-x64
1discord-ga...ot.dll
windows10-2004-x64
1discord_game_sdk.dll
windows7-x64
1discord_game_sdk.dll
windows10-2004-x64
1libgodot_openvr.dll
windows7-x64
1libgodot_openvr.dll
windows10-2004-x64
1libnativedialogs.dll
windows7-x64
1libnativedialogs.dll
windows10-2004-x64
1openvr_api.dll
windows7-x64
1openvr_api.dll
windows10-2004-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
windows.zip
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
windows.zip
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral3
Sample
SoundSpacePlus.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral4
Sample
SoundSpacePlus.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral5
Sample
SoundSpacePlus.pck
Resource
win7-20240221-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral6
Sample
SoundSpacePlus.pck
Resource
win10v2004-20240226-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
discord-game-sdk-godot.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral8
Sample
discord-game-sdk-godot.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral9
Sample
discord_game_sdk.dll
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral10
Sample
discord_game_sdk.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
libgodot_openvr.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral12
Sample
libgodot_openvr.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
libnativedialogs.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral14
Sample
libnativedialogs.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral15
Sample
openvr_api.dll
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
openvr_api.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
windows.zip
-
Size
67.5MB
-
MD5
4107dc0dd0ff0189c4ac0cc18caf5869
-
SHA1
570219ff777d2176fd13fa406ce72380952cdbfe
-
SHA256
e22b8bc9a944c25a1ee7ba2501a8ffa32c7b1087133b02cc6b8c8e15cfccb2d2
-
SHA512
fd72eae17cc95a7c7f4f770f75c9101b0bde4bc1cdd1a4a891f68483ef65d4bf682c52390992e571e55f6057203e21152ca3331502f131591d6b88b38284cd4c
-
SSDEEP
1572864:L0NA15QSH9oZA+BPzG1xHmQbg7564GXritOS75dXwS0x4pm2k:wATrM5PzQxGQbg75HOsXP0xybk
Score
3/10
Malware Config
Signatures
-
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
resource unpack001/SoundSpacePlus.exe unpack001/discord-game-sdk-godot.dll unpack001/libgodot_openvr.dll unpack001/libnativedialogs.dll
Files
-
windows.zip.zip
-
SoundSpacePlus.exe.exe windows:4 windows x64 arch:x64
1b5031dfe417e10aec0a4aac4a2e9c55
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Imports
advapi32
GetCurrentHwProfileA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
avrt
AvSetMmThreadCharacteristicsA
AvSetMmThreadPriority
bcrypt
BCryptGenRandom
dinput8
DirectInput8Create
dwmapi
DwmEnableBlurBehindWindow
DwmFlush
DwmIsCompositionEnabled
gdi32
BitBlt
ChoosePixelFormat
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SelectObject
SetBkColor
SetPixelFormat
SetTextColor
SwapBuffers
imm32
ImmAssociateContext
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
iphlpapi
GetAdaptersAddresses
GetBestInterfaceEx
kernel32
AddVectoredExceptionHandler
AttachConsole
CloseHandle
CreateDirectoryW
CreateEventA
CreateMutexA
CreatePipe
CreateProcessW
CreateSemaphoreA
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FormatMessageW
FreeLibrary
GetCommandLineW
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExA
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoEx
GetLogicalDrives
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetThreadContext
GetThreadPriority
GetTickCount
GetTickCount64
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVolumeInformationW
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LCIDToLocaleName
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalFree
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveVectoredExceptionHandler
ReplaceFileW
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetConsoleTextAttribute
SetCurrentDirectoryW
SetEnvironmentVariableW
SetEvent
SetHandleInformation
SetLastError
SetPriorityClass
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
__C_specific_handler
msvcrt
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthread
_beginthreadex
_cexit
_commode
_endthreadex
_errno
_filelengthi64
_fileno
_fmode
_fstat64
_get_osfhandle
_getpid
_gmtime64
_initterm
_lock
_lseeki64
_onexit
_scprintf
_setjmp
_snprintf
_strdup
_strnicmp
fwprintf
_time64
_ultoa
_unlock
_vscprintf
_vsnprintf
_vsnprintf_s
_wchdir
_wfopen
_wfsopen
_wgetenv
_wrename
_wrmdir
_wstat64
_wunlink
abort
acos
asin
atan
atof
atoi
bsearch
calloc
cosh
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fprintf
fputc
fputs
fputwc
fread
free
freopen_s
frexp
fseek
fsetpos
ftell
fwrite
getc
getenv
getwc
islower
isspace
isupper
iswctype
isxdigit
localeconv
log10
malloc
memchr
memcmp
memcpy
memmove
memset
perror
printf
putc
putwc
qsort
rand
realloc
remove
setlocale
setvbuf
signal
sinh
srand
strcat
strchr
strcmp
strcoll
strcpy
strcpy_s
strerror
strftime
strlen
strncmp
strncpy
strrchr
strstr
strtol
strtoul
strxfrm
tan
tanh
tolower
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcscpy_s
wcsftime
wcslen
wcsxfrm
_vsnprintf_s
longjmp
_write
_strdup
_read
_memicmp
_fileno
_fdopen
_close
ole32
CoCreateInstance
CoInitialize
CoTaskMemFree
PropVariantClear
opengl32
wglCreateContext
wglDeleteContext
wglGetProcAddress
wglMakeCurrent
shell32
CommandLineToArgvW
DragAcceptFiles
DragQueryFileW
SHFileOperationW
SHGetKnownFolderPath
ShellExecuteW
shlwapi
PathFileExistsW
user32
ActivateKeyboardLayout
AdjustWindowRectEx
AllowSetForegroundWindow
CallWindowProcW
ClientToScreen
ClipCursor
CloseClipboard
CloseTouchInputHandle
CreateIconFromResource
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DestroyIcon
DispatchMessageW
EmptyClipboard
EnumDisplayMonitors
EnumDisplaySettingsW
FlashWindowEx
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetMessageExtraInfo
GetMonitorInfoW
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetSystemMetrics
GetTouchInputInfo
GetWindowLongPtrA
GetWindowRect
IsClipboardFormatAvailable
IsIconic
KillTimer
LoadCursorA
LoadIconA
MapVirtualKeyExA
MessageBoxA
MessageBoxW
MonitorFromPoint
MonitorFromWindow
MoveWindow
OpenClipboard
PeekMessageW
RegisterClassExW
RegisterRawInputDevices
RegisterTouchWindow
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageA
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongPtrA
SetWindowPos
SetWindowRgn
SetWindowTextW
ShowWindow
SystemParametersInfoA
TrackMouseEvent
TranslateMessage
winmm
midiInClose
midiInGetDevCapsA
midiInGetErrorTextA
midiInGetID
midiInGetNumDevs
midiInOpen
midiInStart
midiInStop
timeBeginPeriod
timeEndPeriod
ws2_32
WSAConnect
freeaddrinfo
getaddrinfo
getnameinfo
inet_pton
wsock32
WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
getsockname
htonl
htons
inet_addr
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket
Exports
Exports
Sections
.text Size: 29.4MB - Virtual size: 29.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pck Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.pdata Size: 583KB - Virtual size: 583KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.xdata Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 73KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 209B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 112B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 107KB - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 166KB - Virtual size: 165KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
SoundSpacePlus.pck
-
discord-game-sdk-godot.dll.dll windows:6 windows x64 arch:x64
6efd51ef4583131b1c0b1fb8e250fc4a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
discord_game_sdk
DiscordCreate
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
vcruntime140
__C_specific_handler
__std_type_info_destroy_list
memmove
__current_exception_context
__current_exception
memcpy
memset
__std_type_info_hash
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-runtime-l1-1-0
_invalid_parameter_noinfo_noreturn
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm_e
_initterm
_seh_filter_dll
api-ms-win-crt-string-l1-1-0
strncpy
api-ms-win-crt-math-l1-1-0
ceilf
api-ms-win-crt-heap-l1-1-0
free
_callnewh
malloc
kernel32
GetCurrentProcessId
InitializeSListHead
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DisableThreadLibraryCalls
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetCurrentThreadId
GetSystemTimeAsFileTime
Exports
Exports
godot_gdnative_init
godot_gdnative_terminate
godot_nativescript_init
Sections
.text Size: 450KB - Virtual size: 450KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 162KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 35KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
discord_game_sdk.dll.dll windows:6 windows x64 arch:x64
7630e2b3db583384d5348c364b4c56c3
Code Sign
02:d6:aa:ea:b3:92:48:59:80:5e:bb:52:9e:31:4d:e0Certificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before11/02/2021, 00:00Not After02/05/2024, 23:59SubjectSERIALNUMBER=5128862,CN=Discord Inc.,OU=Select or enter,O=Discord Inc.,L=San Francisco,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before29/03/2022, 00:00Not After14/03/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
02:d6:aa:ea:b3:92:48:59:80:5e:bb:52:9e:31:4d:e0Certificate
IssuerCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USNot Before11/02/2021, 00:00Not After02/05/2024, 23:59SubjectSERIALNUMBER=5128862,CN=Discord Inc.,OU=Select or enter,O=Discord Inc.,L=San Francisco,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate
IssuerCN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before18/04/2012, 12:00Not After18/04/2027, 12:00SubjectCN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before29/03/2022, 00:00Not After14/03/2033, 23:59SubjectCN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23/03/2022, 00:00Not After22/03/2037, 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
41:e2:71:d4:d2:0d:bf:87:fe:76:cd:b7:88:98:f0:d1:fc:15:5f:10:dc:99:b3:47:28:4a:d9:ee:49:b8:66:b2Signer
Actual PE Digest41:e2:71:d4:d2:0d:bf:87:fe:76:cd:b7:88:98:f0:d1:fc:15:5f:10:dc:99:b3:47:28:4a:d9:ee:49:b8:66:b2Digest Algorithmsha256PE Digest Matchestruede:d4:45:e0:a1:ac:c5:cb:e8:3b:b4:b6:c0:b7:1c:87:ac:c9:f0:0cSigner
Actual PE Digestde:d4:45:e0:a1:ac:c5:cb:e8:3b:b4:b6:c0:b7:1c:87:ac:c9:f0:0cDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
c:\b\discord\discord\target\x86_64-pc-windows-msvc\release\deps\discord_game_sdk.pdb
Imports
ws2_32
WSAGetLastError
bind
sendto
getaddrinfo
freeaddrinfo
WSACleanup
WSAStartup
WSASocketW
ioctlsocket
recv
closesocket
kernel32
LCMapStringW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetModuleHandleExW
LoadLibraryExW
TlsFree
InitializeCriticalSectionAndSpinCount
EncodePointer
AcquireSRWLockExclusive
LoadLibraryW
GetLastError
ReleaseSRWLockExclusive
CloseHandle
GetProcAddress
FreeLibrary
GetModuleFileNameW
SetErrorMode
SetThreadErrorMode
lstrlenW
SetEnvironmentVariableW
GetProcessId
WaitForSingleObject
GetExitCodeProcess
GetFileInformationByHandle
CancelIoEx
WriteFile
ReadFile
GetOverlappedResult
FlushFileBuffers
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
SleepConditionVariableSRW
SetHandleInformation
GetSystemInfo
RtlVirtualUnwind
ReleaseMutex
GetCurrentProcess
GetCurrentThread
RtlCaptureContext
RtlLookupFunctionEntry
LoadLibraryA
CreateMutexA
InitializeCriticalSection
LeaveCriticalSection
FreeEnvironmentStringsW
FindClose
ReleaseSRWLockShared
SwitchToThread
SetLastError
GetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetTempPathW
GetCommandLineW
SetFilePointerEx
EnterCriticalSection
GetStdHandle
TerminateProcess
GetCurrentProcessId
WakeAllConditionVariable
WakeConditionVariable
TryEnterCriticalSection
GetSystemTimeAsFileTime
SetThreadStackGuarantee
HeapAlloc
GetProcessHeap
HeapFree
TlsAlloc
HeapReAlloc
AcquireSRWLockShared
FindNextFileW
CreateFileW
DeviceIoControl
CreateDirectoryW
FindFirstFileW
DeleteFileW
DeleteCriticalSection
GetModuleHandleW
FormatMessageW
ExitProcess
GetFullPathNameW
CreateThread
TlsGetValue
TlsSetValue
QueryPerformanceFrequency
GetModuleHandleA
GetConsoleMode
WriteConsoleW
InterlockedFlushSList
GetFileType
GetStringTypeW
HeapSize
SetStdHandle
GetConsoleOutputCP
WaitForSingleObjectEx
QueryPerformanceCounter
RaiseException
RtlPcToFileHeader
RtlUnwindEx
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
advapi32
SystemFunction036
RegCloseKey
RegCreateKeyTransactedW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
ktmw32
CreateTransaction
CommitTransaction
ole32
CoTaskMemFree
shell32
SHGetKnownFolderPath
ShellExecuteExW
bcrypt
BCryptGenRandom
Exports
Exports
DiscordCreate
DiscordVersion
rust_eh_personality
Sections
.text Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 821KB - Virtual size: 820KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 116KB - Virtual size: 116KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gehcont Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
libgodot_openvr.dll.dll windows:6 windows x64 arch:x64
b80530fd633517c26bacbdde6841f4bf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
openvr_api
VR_IsInterfaceVersionValid
VR_InitInternal2
VR_ShutdownInternal
VR_GetVRInitErrorAsEnglishDescription
VR_IsRuntimeInstalled
VR_GetInitToken
VR_GetGenericInterface
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
kernel32
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memcpy
__std_exception_destroy
__C_specific_handler
__current_exception
__std_type_info_destroy_list
__current_exception_context
memmove
_CxxThrowException
__std_exception_copy
__std_type_info_hash
memset
__std_terminate
api-ms-win-crt-stdio-l1-1-0
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf
api-ms-win-crt-runtime-l1-1-0
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
terminate
_cexit
_crt_atexit
_execute_onexit_table
_initterm
_initterm_e
_register_onexit_function
api-ms-win-crt-heap-l1-1-0
free
malloc
_callnewh
api-ms-win-crt-math-l1-1-0
ceilf
Exports
Exports
godot_openvr_gdnative_init
godot_openvr_gdnative_singleton
godot_openvr_gdnative_terminate
godot_openvr_nativescript_init
Sections
.text Size: 457KB - Virtual size: 457KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 164KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
libnativedialogs.dll.dll windows:6 windows x64 arch:x64
9ae59c5bc3ab29f20ad3ab12795a167f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
user32
LoadIconA
GetWindowThreadProcessId
TranslateMessage
MessageBoxW
GetActiveWindow
SendMessageA
PeekMessageA
DispatchMessageA
EnumWindows
shell32
SHGetPathFromIDListW
Shell_NotifyIconW
SHBrowseForFolderW
msvcp140
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xbad_function_call@std@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
??0task_continuation_context@Concurrency@@AEAA@XZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
_Cnd_register_at_thread_exit
??1_Lockit@std@@QEAA@XZ
_Strcoll
_Strxfrm
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
??0_Lockit@std@@QEAA@H@Z
_Cnd_broadcast
_Cnd_timedwait
_Cnd_wait
_Cnd_destroy_in_situ
_Cnd_unregister_at_thread_exit
_Cnd_init_in_situ
_Mtx_unlock
_Mtx_lock
_Mtx_current_owns
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
_Query_perf_frequency
_Query_perf_counter
_Xtime_get_ticks
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?_Xbad_alloc@std@@YAXXZ
kernel32
LoadLibraryA
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
InitOnceComplete
InitOnceBeginInitialize
WideCharToMultiByte
GetProcAddress
GetFileAttributesW
EnumResourceNamesA
GetModuleHandleA
MultiByteToWideChar
DeactivateActCtx
ActivateActCtx
CreateActCtxA
VerifyVersionInfoW
FreeLibrary
GetSystemDirectoryA
GetCurrentThreadId
VerSetConditionMask
InitializeSListHead
vcruntime140
__std_type_info_hash
__std_type_info_destroy_list
memcpy
_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memcmp
memmove
memset
strchr
__C_specific_handler
__current_exception
__current_exception_context
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-heap-l1-1-0
realloc
malloc
_callnewh
free
api-ms-win-crt-runtime-l1-1-0
abort
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
terminate
api-ms-win-crt-math-l1-1-0
ceilf
Exports
Exports
godot_gdnative_init
godot_gdnative_terminate
godot_nativescript_init
Sections
.text Size: 530KB - Virtual size: 529KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 190KB - Virtual size: 190KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 38KB - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
openvr_api.dll.dll windows:6 windows x64 arch:x64
60cb0e399107eafb5e9071ed553ad4ab
Code Sign
0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2031, 00:00SubjectCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47Certificate
IssuerCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before04/10/2018, 00:00Not After07/10/2021, 12:00SubjectCN=Valve,O=Valve,L=Bellevue,ST=WA,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2013, 12:00Not After22/10/2028, 12:00SubjectCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
b8:6b:50:04:9f:a7:92:4a:60:4a:bc:99:bc:82:75:7d:be:c6:ce:bfSigner
Actual PE Digestb8:6b:50:04:9f:a7:92:4a:60:4a:bc:99:bc:82:75:7d:be:c6:ce:bfDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
c:\buildslave\steamvr_rel_win64\build\src\openvr_api\Retailopenvr_api\win64\2017\openvr_api.pdb
Imports
kernel32
GetModuleFileNameW
WideCharToMultiByte
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryExA
MultiByteToWideChar
GetACP
SetEnvironmentVariableA
GetEnvironmentVariableA
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TryEnterCriticalSection
SetLastError
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
LoadLibraryW
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
GetCurrentProcess
TerminateProcess
ReadFile
GetDriveTypeW
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetCurrentThread
HeapFree
GetStdHandle
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleCP
HeapAlloc
SetStdHandle
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
HeapReAlloc
GetTimeZoneInformation
FlushFileBuffers
HeapSize
SetEndOfFile
WriteConsoleW
Sleep
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
shell32
SHGetFolderPathW
Exports
Exports
LiquidVR
VRControlPanel
VRHeadsetView
VRPaths
VRVirtualDisplay
VR_GetGenericInterface
VR_GetInitToken
VR_GetRuntimePath
VR_GetStringForHmdError
VR_GetVRInitErrorAsEnglishDescription
VR_GetVRInitErrorAsSymbol
VR_InitInternal
VR_InitInternal2
VR_IsHmdPresent
VR_IsInterfaceVersionValid
VR_IsRuntimeInstalled
VR_RuntimePath
VR_ShutdownInternal
Sections
.text Size: 530KB - Virtual size: 529KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 172KB - Virtual size: 171KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 43KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ