??4_Init_locks@std@@QAEAAV01@ABV01@@Z
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
18d5ea18fce8ebec027ec6981fd327f13a6a6c4b0729679eba2595281740dba0.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
18d5ea18fce8ebec027ec6981fd327f13a6a6c4b0729679eba2595281740dba0.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
18d5ea18fce8ebec027ec6981fd327f13a6a6c4b0729679eba2595281740dba0
-
Size
840KB
-
MD5
6c944eca3d9b7056902bd992460efc9f
-
SHA1
f3737db628bbf23d47ae1d38b77a330f6aab5793
-
SHA256
18d5ea18fce8ebec027ec6981fd327f13a6a6c4b0729679eba2595281740dba0
-
SHA512
30689a29bb86c1516ed629c494184cb3aa75bc5b285f88bd69c253c28026ac61145a88f25abc2b1c1b3d85fa62b7f29786c6abf6cefeb7978aca9ccacaaf6120
-
SSDEEP
12288:TTt7ibCntX38zC2e1IqatZyotzQ28ELgIjSQ:YwIC24atsotzUGgIjSQ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 18d5ea18fce8ebec027ec6981fd327f13a6a6c4b0729679eba2595281740dba0
Files
-
18d5ea18fce8ebec027ec6981fd327f13a6a6c4b0729679eba2595281740dba0.exe windows:4 windows x86 arch:x86
9561267ff4465575f7d0bdab91696537
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
qtcore4
?free@QString@@CAXPAUData@1@@Z
??0QString@@QAE@ABV0@@Z
?toStdWString@QString@@QBE?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@XZ
?replace@QString@@QAEAAV1@ABV1@0W4CaseSensitivity@Qt@@@Z
?fromAscii_helper@QString@@CAPAUData@1@PBDH@Z
?arg@QString@@QBE?AV1@ABV1@HABVQChar@@@Z
?fromWCharArray@QString@@SA?AV1@PBGH@Z
??0QChar@@QAE@UQLatin1Char@@@Z
?windowsVersion@QSysInfo@@SA?AW4WinVersion@1@XZ
?arg@QString@@QBE?AV1@DHABVQChar@@@Z
??4QString@@QAEAAV0@ABV0@@Z
?shared_null@QString@@0UData@1@A
?exists@QFile@@SA_NABVQString@@@Z
?toStdString@QString@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?tr@QObject@@SA?AVQString@@PBD0@Z
?toWCharArray@QString@@QBEHPAG@Z
?number@QString@@SA?AV1@HH@Z
?fromLocal8Bit@QString@@SA?AV1@PBDH@Z
??1QVariant@@QAE@XZ
?toInt@QVariant@@QBEHPA_N@Z
?value@QSettings@@QBE?AVQVariant@@ABVQString@@ABV2@@Z
??0QVariant@@QAE@PBD@Z
??0QSettings@@QAE@ABVQString@@W4Format@0@PAVQObject@@@Z
??YQString@@QAEAAV0@PBD@Z
?metaObject@QSettings@@UBEPBUQMetaObject@@XZ
?qt_metacast@QSettings@@UAEPAXPBD@Z
?qt_metacall@QSettings@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?event@QSettings@@MAE_NPAVQEvent@@@Z
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?connectNotify@QObject@@MAEXPBD@Z
?disconnectNotify@QObject@@MAEXPBD@Z
??1QSettings@@UAE@XZ
?append@QString@@QAEAAV1@ABV1@@Z
?remove@QFile@@SA_NABVQString@@@Z
?fromStdString@QString@@SA?AV1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??8QString@@QBE_NPBD@Z
??9QString@@QBE_NPBD@Z
?fromAscii@QString@@SA?AV1@PBDH@Z
??1QByteArray@@QAE@XZ
??1QTextStream@@UAE@XZ
?qFree@@YAXPAX@Z
?close@QFile@@UAEXXZ
?right@QString@@QBE?AV1@H@Z
?indexOf@QString@@QBEHABV1@HW4CaseSensitivity@Qt@@@Z
??0QTextStream@@QAE@PAVQIODevice@@@Z
??1QFile@@UAE@XZ
?open@QFile@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QFile@@QAE@ABVQString@@@Z
?toUtf8@QString@@QBE?AVQByteArray@@XZ
??8QString@@QBE_NABV0@@Z
??4QString@@QAEAAV0@PBD@Z
?lastIndexOf@QString@@QBEHABV1@HW4CaseSensitivity@Qt@@@Z
?utf16@QString@@QBEPBGXZ
?detach@QByteArray@@QAEXXZ
?toAscii@QString@@QBE?AVQByteArray@@XZ
??0QChar@@QAE@D@Z
??AQString@@QAE?AVQCharRef@@H@Z
?count@QString@@QBEHABV1@W4CaseSensitivity@Qt@@@Z
??4QCharRef@@QAEAAV0@ABV0@@Z
??4QCharRef@@QAEAAV0@ABVQChar@@@Z
?fromAscii@QChar@@SA?AV1@D@Z
??0QVariant@@QAE@ABVQString@@@Z
?fromUtf8@QString@@SA?AV1@PBDH@Z
?setCodec@QTextStream@@QAEXPBD@Z
??1QString@@QAE@XZ
?left@QString@@QBE?AV1@H@Z
qtxml4
?nextSibling@QDomNode@@QBE?AV1@XZ
??1QDomDocument@@QAE@XZ
??1QDomNode@@QAE@XZ
?toElement@QDomNode@@QBE?AVQDomElement@@XZ
?attribute@QDomElement@@QBE?AVQString@@ABV2@0@Z
?isNull@QDomNode@@QBE_NXZ
?firstChild@QDomNode@@QBE?AV1@XZ
?documentElement@QDomDocument@@QBE?AVQDomElement@@XZ
?setContent@QDomDocument@@QAE_NPAVQIODevice@@PAVQString@@PAH2@Z
??0QDomDocument@@QAE@XZ
??1QDomAttr@@QAE@XZ
?save@QDomNode@@QBEXAAVQTextStream@@HW4EncodingPolicy@1@@Z
?appendChild@QDomNode@@QAE?AV1@ABV1@@Z
?setAttributeNode@QDomElement@@QAE?AVQDomAttr@@ABV2@@Z
?setValue@QDomAttr@@QAEXABVQString@@@Z
?createAttribute@QDomDocument@@QAE?AVQDomAttr@@ABVQString@@@Z
?createElement@QDomDocument@@QAE?AVQDomElement@@ABVQString@@@Z
?firstChildElement@QDomNode@@QBE?AVQDomElement@@ABVQString@@@Z
?setAttribute@QDomElement@@QAEXABVQString@@0@Z
??4QDomNode@@QAEAAV0@ABV0@@Z
??1QDomElement@@QAE@XZ
comn
GetObjectLog
GetObjectSys
GetObjectLang
GetObjectVol
uilogic
CreateUiLogic
CreateUiPolicyPtr
msvcr80
strstr
fclose
ferror
_fsopen
fputc
_vsnprintf_s
ftell
memmove
isspace
strchr
isalnum
_itoa
_strnicmp
wcsstr
wcsncpy
strcpy_s
mbstowcs
wcscpy_s
wcstombs
malloc
vsprintf
strrchr
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??0exception@std@@QAE@XZ
__CxxFrameHandler3
wprintf
memset
_itow
memcpy
_invalid_parameter_noinfo
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
strncpy_s
strncat_s
??2@YAPAXI@Z
memmove_s
sprintf
tolower
printf
wcschr
??_V@YAXPAX@Z
atoi
strtol
_vsnprintf
_purecall
_vsnwprintf
strftime
??_U@YAPAXI@Z
_wtoi
setlocale
isalpha
isdigit
_vswprintf_c_l
_localtime64
_vswprintf
_vscwprintf
_vscprintf
_controlfp_s
_invoke_watson
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
srand
rand
calloc
free
_time64
_mktime64
exit
strncmp
__iob_func
fprintf
strncpy
toupper
_swprintf
_wcsnicmp
signal
_beginthread
fopen
fread
fseek
wcsrchr
ntdll
RtlInitUnicodeString
ZwCreateFile
ZwClose
enumfolder
CreateEnumRemoteFolder
encrypt
StrToHex
CreateEncryptObject
HexToStr
ws2_32
gethostbyname
WSAStartup
WSACleanup
inet_ntoa
WSAGetLastError
kernel32
CreateDirectoryA
OutputDebugStringA
WriteConsoleW
WriteConsoleA
OutputDebugStringW
GetSystemInfo
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
lstrlenW
GetWindowsDirectoryW
GetVersionExA
GetSystemDirectoryW
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateFileA
SetLastError
ReleaseMutex
IsBadWritePtr
CreatePipe
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetModuleHandleW
MoveFileW
GetVersionExW
DeviceIoControl
CreateDirectoryW
ReadFile
WriteFile
WideCharToMultiByte
GetLogicalDrives
SetCurrentDirectoryA
GetCurrentDirectoryA
SetUnhandledExceptionFilter
GetPrivateProfileStringA
CreateProcessA
GetCurrentThreadId
GetStartupInfoW
CreateProcessW
GetExitCodeProcess
GetFileAttributesA
FreeLibrary
GetCurrentProcessId
GetCurrentProcess
SetFileAttributesW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetModuleFileNameA
GetModuleFileNameW
CreateFileW
CloseHandle
DeleteFileW
CreateMutexW
GetLastError
LoadLibraryW
GetProcAddress
GetConsoleWindow
GetStdHandle
SetConsoleScreenBufferSize
CreateThread
WaitForSingleObject
MultiByteToWideChar
GetFileAttributesW
Sleep
GetPrivateProfileIntW
WritePrivateProfileStringW
GetDriveTypeW
CopyFileW
PeekNamedPipe
IsBadReadPtr
user32
wsprintfW
advapi32
OpenSCManagerW
RegOpenKeyExW
OpenServiceW
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteValueW
RegQueryValueExA
RegFlushKey
RegSetValueExW
RegSetValueExA
RegOpenKeyA
RegCloseKey
RegOpenKeyW
RegQueryValueExW
CloseServiceHandle
shell32
SHGetFolderPathA
SHGetFolderPathW
msvcp80
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?allocate@?$allocator@G@std@@QAEPAGI@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
?swap@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXAAV12@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@ABV01@@Z
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?clear@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEXXZ
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
??Y?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@PBG@Z
??$?8GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?end@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$_String_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
?begin@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE?AV?$_String_iterator@GU?$char_traits@G@std@@V?$allocator@G@2@@2@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?append@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@PBG@Z
?replace@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV12@IIPBG@Z
?npos@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@2IB
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIPBGI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?9GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YA_NABV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@PBG@Z
?_Lock@_Mutex@std@@QAEXXZ
?_Unlock@_Mutex@std@@QAEXXZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@IG@Z
??$?5GU?$char_traits@G@std@@V?$allocator@G@1@@std@@YAAAV?$basic_istream@GU?$char_traits@G@std@@@0@AAV10@AAV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@0@@Z
?wcin@std@@3V?$basic_istream@GU?$char_traits@G@std@@@1@A
?substr@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBEIGI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find_last_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?deallocate@?$allocator@G@std@@QAEXPAGI@Z
shlwapi
PathRemoveFileSpecA
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
winhttp
WinHttpConnect
WinHttpOpen
WinHttpSetTimeouts
WinHttpReadData
WinHttpOpenRequest
WinHttpQueryDataAvailable
WinHttpCloseHandle
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpCrackUrl
WinHttpReceiveResponse
Exports
Exports
Sections
.text Size: 380KB - Virtual size: 376KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 60KB - Virtual size: 58KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 88KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 372KB - Virtual size: 372KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE