C:\Users\DeveloperSys\Documents\Embarcadero\Studio\Projects\DLL New Completa\Projeto C++\DiagnosticRefused\x64\Release\BurnOut.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
343af0f5ab88d973895b7652c2291da8ba1846b576511e364c028b354f0bfe2c.dll
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
343af0f5ab88d973895b7652c2291da8ba1846b576511e364c028b354f0bfe2c.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
343af0f5ab88d973895b7652c2291da8ba1846b576511e364c028b354f0bfe2c
-
Size
534KB
-
MD5
6f1aef5fb785cbdf73fad8adf63bf71d
-
SHA1
01f55f49af25ca7dc4ea1970e751348a8bcbd7f8
-
SHA256
343af0f5ab88d973895b7652c2291da8ba1846b576511e364c028b354f0bfe2c
-
SHA512
87b500dafe7729905aee825d0e252763ac7a0bc2f111183610a453e4838a080445e44fa5fd0e81850195e8ce800a29b92028c103860540409d9d5bba8643fd35
-
SSDEEP
12288:Kb+5pLKjdUWYgeWYg955/155/VI91cq1uAx8KbqPwqN4Eo6l4:l5ZKjdS1n7x8KbqPwm1i
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 343af0f5ab88d973895b7652c2291da8ba1846b576511e364c028b354f0bfe2c
Files
-
343af0f5ab88d973895b7652c2291da8ba1846b576511e364c028b354f0bfe2c.dll windows:6 windows x64 arch:x64
df443992283a8e5ba346b6565e841abb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
CreateThread
WaitForSingleObject
CloseHandle
SetEvent
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetProcAddress
GetModuleHandleA
VirtualFreeEx
GetModuleHandleExW
GetModuleFileNameW
GetLastError
Sleep
DeleteFileW
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
WriteConsoleW
SetEndOfFile
CreateFileW
SetStdHandle
CreateEventW
OpenProcess
TerminateProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentThreadId
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringEx
GetSystemTimeAsFileTime
GetModuleHandleW
GetStringTypeW
GetCPInfo
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
RtlPcToFileHeader
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
HeapFree
HeapAlloc
GetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
GetFileSizeEx
SetFilePointerEx
MoveFileExW
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
ReadFile
ReadConsoleW
HeapReAlloc
HeapSize
RtlUnwind
user32
GetMessageW
TranslateMessage
DispatchMessageW
advapi32
SetServiceStatus
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
shell32
ShellExecuteW
wtsapi32
WTSFreeMemory
WTSQuerySessionInformationW
WTSEnumerateSessionsW
wininet
InternetReadFile
InternetConnectA
HttpOpenRequestW
HttpSendRequestW
InternetOpenA
InternetCloseHandle
Exports
Exports
?MpAddDynamicSignatureFile@@YAHXZ
?MpAllocMemory@@YAHXZ
?MpAmsiCloseSession@@YAHXZ
?MpAmsiNotify@@YAHXZ
?MpAmsiScan@@YAHXZ
?MpAsrSetHipsUserExclusion@@YAHXZ
?MpChangeCapability@@YAHXZ
?MpCheckAccessForClipboardOperation@@YAHXZ
?MpCheckAccessForClipboardOperationEx2@@YAHXZ
?MpCheckAccessForClipboardOperationEx@@YAHXZ
?MpCheckAccessForDragDropOperation2@@YAHXZ
?MpCheckAccessForDragDropOperation@@YAHXZ
?MpCheckAccessForPrintOperation2@@YAHXZ
?MpCheckAccessForPrintOperation@@YAHXZ
?MpCleanControl@@YAHXZ
?MpCleanOpen@@YAHXZ
?MpCleanPrecheckStart@@YAHXZ
?MpCleanStart@@YAHXZ
?MpClientUtilExportFunctions@@YAHXZ
?MpClose@@YAHXZ
?MpConfigClose@@YAHXZ
?MpConfigDelValue@@YAHXZ
?MpConfigGetValue@@YAHXZ
?MpConfigGetValueAlloc@@YAHXZ
?MpConfigInitialize@@YAHXZ
?MpConfigIteratorClose@@YAHXZ
?MpConfigIteratorEnum@@YAHXZ
?MpConfigIteratorEnumV2@@YAHXZ
?MpConfigIteratorOpen@@YAHXZ
?MpConfigOpen@@YAHXZ
?MpConfigQueryProtection@@YAHXZ
?MpConfigRegisterForNotifications@@YAHXZ
?MpConfigSetValue@@YAHXZ
?MpConfigUninitialize@@YAHXZ
?MpConfigUnregisterNotifications@@YAHXZ
?MpConveyDlpBypass@@YAHXZ
?MpConveySampleSubmissionResult@@YAHXZ
?MpConveyUserChoiceForDlpNotification@@YAHXZ
?MpConveyUserChoiceForDlpNotificationEx@@YAHXZ
?MpConveyUserChoiceForSampleList@@YAHXZ
?MpCreateComInstance@@YAHXZ
?MpDbgAllocMemory@@YAHXZ
?MpDebugExportFunctions@@YAHXZ
?MpDefenderIsPrintAccessCheckNeeded@@YAHXZ
?MpDefenderPrintAccessCheck@@YAHXZ
?MpDefenderPrintDataProvide@@YAHXZ
?MpDelegateCopyFile@@YAHXZ
?MpDeleteAsrHistory@@YAHXZ
?MpDetectionEnumerate@@YAHXZ
?MpDetectionQuery@@YAHXZ
?MpDlpDelegateEnforcement@@YAHXZ
?MpDlpGetOperationEnforcmentMode@@YAHXZ
?MpDlpInitializeEnforcementMode@@YAHXZ
?MpDlpNotifyCloseDocumentFile@@YAHXZ
?MpDlpNotifyPostOpenDocumentFile@@YAHXZ
?MpDlpNotifyPostSaveAsDocument@@YAHXZ
?MpDlpNotifyPostStartPrint@@YAHXZ
?MpDlpNotifyPreOpenDocumentFile@@YAHXZ
?MpDlpNotifyPrePrint@@YAHXZ
?MpDlpNotifyPreSaveAsDocument@@YAHXZ
?MpDynamicSignatureEnumerate@@YAHXZ
?MpDynamicSignatureOpen@@YAHXZ
?MpElevateCleanHandle@@YAHXZ
?MpElevationHandleAcquire@@YAHXZ
?MpElevationHandleActivate@@YAHXZ
?MpElevationHandleAttach@@YAHXZ
?MpElevationHandleOpen@@YAHXZ
?MpErrorMessageFormat@@YAHXZ
?MpFastMemoryScan@@YAHXZ
?MpFastMemoryScanOpen@@YAHXZ
?MpFlushLowfiCache@@YAHXZ
?MpForcedReboot@@YAHXZ
?MpFreeFileTrustExtraInfo@@YAHXZ
?MpFreeMemory@@YAHXZ
?MpFreeTSModeInfo@@YAHXZ
?MpGenerateSignature@@YAHXZ
?MpGenerateSignatureEx@@YAHXZ
?MpGenerateThreatReport@@YAHXZ
?MpGetASRPerRuleExclusions@@YAHXZ
?MpGetAsrBlockedActionInfos@@YAHXZ
?MpGetAsrBlockedActions@@YAHXZ
?MpGetAsrBlockedProcesses@@YAHXZ
?MpGetCallistoDetections@@YAHXZ
?MpGetCopyAcceleratorProcessStatus@@YAHXZ
?MpGetDevMode@@YAHXZ
?MpGetDeviceControlSecurityPolicies@@YAHXZ
?MpGetDeviceControlStatus@@YAHXZ
?MpGetDlpEvents@@YAHXZ
?MpGetEngineVersion@@YAHXZ
?MpGetFCValue@@YAHXZ
?MpGetHIPSRuleInfo@@YAHXZ
?MpGetHybridMode@@YAHXZ
?MpGetMAPSConnectivityStatusInfo@@YAHXZ
?MpGetRunningMode@@YAHXZ
?MpGetSampleChunk@@YAHXZ
?MpGetSampleListRequiringConsent@@YAHXZ
?MpGetTDTFeatureStatus@@YAHXZ
?MpGetTDTFeatureStatusEx@@YAHXZ
?MpGetTPStateInfo@@YAHXZ
?MpGetTSModeInfo@@YAHXZ
?MpGetTaskSchedulerStrings@@YAHXZ
?MpGetThreatExecutionInfo@@YAHXZ
?MpHandleClose@@YAHXZ
?MpIsDeviceControlAvailable@@YAHXZ
?MpIsGivenRunningModeSupported@@YAHXZ
?MpIsRtpAutoEnable@@YAHXZ
?MpManagerDisable@@YAHXZ
?MpManagerEnable@@YAHXZ
?MpManagerOpen@@YAHXZ
?MpManagerStatusQuery@@YAHXZ
?MpManagerStatusQueryEx@@YAHXZ
?MpManagerVersionQuery@@YAHXZ
?MpManagerXBGMDisable@@YAHXZ
?MpManagerXBGMEnable@@YAHXZ
?MpMemoryScanStart@@YAHXZ
?MpNetworkCapture@@YAHXZ
?MpNotificationRegister@@YAHXZ
?MpOfflineScanInstall@@YAHXZ
?MpOfflineScanStatusQuery@@YAHXZ
?MpOpen@@YAHXZ
?MpProductGenuineCheck@@YAHXZ
?MpQuarantineRequest@@YAHXZ
?MpQueryDefaultFolderGuardList@@YAHXZ
?MpQueryEngineConfigDword@@YAHXZ
?MpQueryFileTrustByHandle2@@YAHXZ
?MpQueryFileTrustByHandle@@YAHXZ
?MpRemapCallistoDetections@@YAHXZ
?MpRemoveDynamicSignatureFile@@YAHXZ
?MpReportClipboardOwner@@YAHXZ
?MpRequestSnooze@@YAHXZ
?MpRollbackPlatform@@YAHXZ
?MpSampleQuery@@YAHXZ
?MpSampleSubmit@@YAHXZ
?MpScanControl@@YAHXZ
?MpScanResult@@YAHXZ
?MpScanStart@@YAHXZ
?MpScanStartEx@@YAHXZ
?MpSendBrowserHeartbeat@@YAHXZ
?MpSendDeviceControlToast@@YAHXZ
?MpSetBreakTheGlassStatus@@YAHXZ
?MpSetTPState@@YAHXZ
?MpSetUacElevationDefaultWindowHandle@@YAHXZ
?MpShowDlpDetailsDialog@@YAHXZ
?MpShutdownCopyAcceleratorProcess@@YAHXZ
?MpSmartLockerEnable@@YAHXZ
?MpTelemetryAddToAverageDWORD@@YAHXZ
?MpTelemetryAddToStreamDWORD64@@YAHXZ
?MpTelemetryAddToStreamDWORD@@YAHXZ
?MpTelemetryAddToStreamString@@YAHXZ
?MpTelemetryIncrementDWORD@@YAHXZ
?MpTelemetryInitialize@@YAHXZ
?MpTelemetryIsOptIn@@YAHXZ
?MpTelemetryLiteralAddToAverageDWORD@@YAHXZ
?MpTelemetryLiteralAddToStreamDWORD64@@YAHXZ
?MpTelemetryLiteralAddToStreamDWORD@@YAHXZ
?MpTelemetryLiteralAddToStreamString@@YAHXZ
?MpTelemetryLiteralIncrementDWORD@@YAHXZ
?MpTelemetryLiteralSetDWORD64@@YAHXZ
?MpTelemetryLiteralSetDWORD@@YAHXZ
?MpTelemetryLiteralSetIfMaxDWORD@@YAHXZ
?MpTelemetryLiteralSetIfMinDWORD@@YAHXZ
?MpTelemetryLiteralSetString@@YAHXZ
?MpTelemetrySetConsent@@YAHXZ
?MpTelemetrySetDWORD64@@YAHXZ
?MpTelemetrySetDWORD@@YAHXZ
?MpTelemetrySetIfMaxDWORD@@YAHXZ
?MpTelemetrySetIfMinDWORD@@YAHXZ
?MpTelemetrySetString@@YAHXZ
?MpTelemetryUninitialize@@YAHXZ
?MpTelemetryUpdateUserConsent@@YAHXZ
?MpTelemetryUpload@@YAHXZ
?MpThreatAction@@YAHXZ
?MpThreatEnumerate@@YAHXZ
?MpThreatHistoryRequest@@YAHXZ
?MpThreatLocalizedInfoQuery@@YAHXZ
?MpThreatOpen@@YAHXZ
?MpThreatQuery@@YAHXZ
?MpThreatRollup@@YAHXZ
?MpTriggerErrorHeartbeatReport@@YAHXZ
?MpTriggerHeartbeatOnUninstall@@YAHXZ
?MpTriggerStatusRefreshNotification@@YAHXZ
?MpUnblockEngine@@YAHXZ
?MpUnblockPlatform@@YAHXZ
?MpUnblockSignatures@@YAHXZ
?MpUpdateBrowserActiveTab@@YAHXZ
?MpUpdateControl@@YAHXZ
?MpUpdateDevMode@@YAHXZ
?MpUpdateEngine@@YAHXZ
?MpUpdatePlatform@@YAHXZ
?MpUpdateStart@@YAHXZ
?MpUpdateStartEx@@YAHXZ
?MpUpdateTSMode@@YAHXZ
?MpUpdateTSModeEx@@YAHXZ
?MpUtilsExportFunctions@@YAHXZ
?MpWDEnable@@YAHXZ
?MpXBGMEnable@@YAHXZ
?MpXBGMFreeEvent@@YAHXZ
?MpXBGMGetData@@YAHXZ
?MpXBGMPutData@@YAHXZ
?MpXBGMUpdateIV@@YAHXZ
?MputAddToAverageDWORD64Rpc@@YAHXZ
?MputAddToAverageDWORDRpc@@YAHXZ
?MputIncrementDWORD64Rpc@@YAHXZ
?MputIncrementDWORDRpc@@YAHXZ
?MputSetBoolRpc@@YAHXZ
?MputSetDWORD64Rpc@@YAHXZ
?MputSetDWORDRpc@@YAHXZ
?MputSetIfMaxDWORD64Rpc@@YAHXZ
?MputSetIfMaxDWORDRpc@@YAHXZ
?MputSetIfMinDWORD64Rpc@@YAHXZ
?MputSetIfMinDWORDRpc@@YAHXZ
?MputSetStringRpc@@YAHXZ
?WDEnable@@YAHXZ
?WDStatus@@YAHXZ
MpAddDynamicSignatureFile
MpAllocMemory
MpAmsiCloseSession
MpAmsiNotify
MpAmsiScan
MpAsrSetHipsUserExclusion
MpChangeCapability
MpCheckAccessForClipboardOperation
MpCheckAccessForClipboardOperationEx
MpCheckAccessForClipboardOperationEx2
MpCheckAccessForDragDropOperation
MpCheckAccessForDragDropOperation2
MpCheckAccessForPrintOperation
MpCheckAccessForPrintOperation2
MpCleanControl
MpCleanOpen
MpCleanPrecheckStart
MpCleanStart
MpClientUtilExportFunctions
MpClose
MpConfigClose
MpConfigDelValue
MpConfigGetValue
MpConfigGetValueAlloc
MpConfigInitialize
MpConfigIteratorClose
MpConfigIteratorEnum
MpConfigIteratorEnumV2
MpConfigIteratorOpen
MpConfigOpen
MpConfigQueryProtection
MpConfigRegisterForNotifications
MpConfigSetValue
MpConfigUninitialize
MpConfigUnregisterNotifications
MpConveyDlpBypass
MpConveySampleSubmissionResult
MpConveyUserChoiceForDlpNotification
MpConveyUserChoiceForDlpNotificationEx
MpConveyUserChoiceForSampleList
MpCreateComInstance
MpDbgAllocMemory
MpDebugExportFunctions
MpDefenderIsPrintAccessCheckNeeded
MpDefenderPrintAccessCheck
MpDefenderPrintDataProvide
MpDelegateCopyFile
MpDeleteAsrHistory
MpDetectionEnumerate
MpDetectionQuery
MpDlpDelegateEnforcement
MpDlpGetOperationEnforcmentMode
MpDlpInitializeEnforcementMode
MpDlpNotifyCloseDocumentFile
MpDlpNotifyPostOpenDocumentFile
MpDlpNotifyPostSaveAsDocument
MpDlpNotifyPostStartPrint
MpDlpNotifyPreOpenDocumentFile
MpDlpNotifyPrePrint
MpDlpNotifyPreSaveAsDocument
MpDynamicSignatureEnumerate
MpDynamicSignatureOpen
MpElevateCleanHandle
MpElevationHandleAcquire
MpElevationHandleActivate
MpElevationHandleAttach
MpElevationHandleOpen
MpErrorMessageFormat
MpFastMemoryScan
MpFastMemoryScanOpen
MpFlushLowfiCache
MpForcedReboot
MpFreeFileTrustExtraInfo
MpFreeMemory
MpFreeTSModeInfo
MpGenerateSignature
MpGenerateSignatureEx
MpGenerateThreatReport
MpGetASRPerRuleExclusions
MpGetAsrBlockedActionInfos
MpGetAsrBlockedActions
MpGetAsrBlockedProcesses
MpGetCallistoDetections
MpGetCopyAcceleratorProcessStatus
MpGetDevMode
MpGetDeviceControlSecurityPolicies
MpGetDeviceControlStatus
MpGetDlpEvents
MpGetEngineVersion
MpGetFCValue
MpGetHIPSRuleInfo
MpGetHybridMode
MpGetMAPSConnectivityStatusInfo
MpGetRunningMode
MpGetSampleChunk
MpGetSampleListRequiringConsent
MpGetTDTFeatureStatus
MpGetTDTFeatureStatusEx
MpGetTPStateInfo
MpGetTSModeInfo
MpGetTaskSchedulerStrings
MpGetThreatExecutionInfo
MpHandleClose
MpIsDeviceControlAvailable
MpIsGivenRunningModeSupported
MpIsRtpAutoEnable
MpManagerDisable
MpManagerEnable
MpManagerOpen
MpManagerStatusQuery
MpManagerStatusQueryEx
MpManagerVersionQuery
MpManagerXBGMDisable
MpManagerXBGMEnable
MpMemoryScanStart
MpNetworkCapture
MpNotificationRegister
MpOfflineScanInstall
MpOfflineScanStatusQuery
MpOpen
MpProductGenuineCheck
MpQuarantineRequest
MpQueryDefaultFolderGuardList
MpQueryEngineConfigDword
MpQueryFileTrustByHandle
MpQueryFileTrustByHandle2
MpRemapCallistoDetections
MpRemoveDynamicSignatureFile
MpReportClipboardOwner
MpRequestSnooze
MpRollbackPlatform
MpSampleQuery
MpSampleSubmit
MpScanControl
MpScanResult
MpScanStart
MpScanStartEx
MpSendBrowserHeartbeat
MpSendDeviceControlToast
MpSetBreakTheGlassStatus
MpSetTPState
MpSetUacElevationDefaultWindowHandle
MpShowDlpDetailsDialog
MpShutdownCopyAcceleratorProcess
MpSmartLockerEnable
MpTelemetryAddToAverageDWORD
MpTelemetryAddToStreamDWORD
MpTelemetryAddToStreamDWORD64
MpTelemetryAddToStreamString
MpTelemetryIncrementDWORD
MpTelemetryInitialize
MpTelemetryIsOptIn
MpTelemetryLiteralAddToAverageDWORD
MpTelemetryLiteralAddToStreamDWORD
MpTelemetryLiteralAddToStreamDWORD64
MpTelemetryLiteralAddToStreamString
MpTelemetryLiteralIncrementDWORD
MpTelemetryLiteralSetDWORD
MpTelemetryLiteralSetDWORD64
MpTelemetryLiteralSetIfMaxDWORD
MpTelemetryLiteralSetIfMinDWORD
MpTelemetryLiteralSetString
MpTelemetrySetConsent
MpTelemetrySetDWORD
MpTelemetrySetDWORD64
MpTelemetrySetIfMaxDWORD
MpTelemetrySetIfMinDWORD
MpTelemetrySetString
MpTelemetryUninitialize
MpTelemetryUpdateUserConsent
MpTelemetryUpload
MpThreatAction
MpThreatEnumerate
MpThreatHistoryRequest
MpThreatLocalizedInfoQuery
MpThreatOpen
MpThreatQuery
MpThreatRollup
MpTriggerErrorHeartbeatReport
MpTriggerHeartbeatOnUninstall
MpTriggerStatusRefreshNotification
MpUnblockEngine
MpUnblockPlatform
MpUnblockSignatures
MpUpdateBrowserActiveTab
MpUpdateControl
MpUpdateDevMode
MpUpdateEngine
MpUpdatePlatform
MpUpdateStart
MpUpdateStartEx
MpUpdateTSMode
MpUpdateTSModeEx
MpUtilsExportFunctions
MpWDEnable
MpXBGMEnable
MpXBGMFreeEvent
MpXBGMGetData
MpXBGMPutData
MpXBGMUpdateIV
MputAddToAverageDWORD64Rpc
MputAddToAverageDWORDRpc
MputIncrementDWORD64Rpc
MputIncrementDWORDRpc
MputSetBoolRpc
MputSetDWORD64Rpc
MputSetDWORDRpc
MputSetIfMaxDWORD64Rpc
MputSetIfMaxDWORDRpc
MputSetIfMinDWORD64Rpc
MputSetIfMinDWORDRpc
MputSetStringRpc
WDEnable
WDStatus
Sections
.text Size: 351KB - Virtual size: 351KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 148KB - Virtual size: 147KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 348B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ