Static task
static1
Behavioral task
behavioral1
Sample
914c439cd5dbdf2fd5b8999facdaeb594e16107561acc3a05e35cca1cef902e9.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
914c439cd5dbdf2fd5b8999facdaeb594e16107561acc3a05e35cca1cef902e9.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
914c439cd5dbdf2fd5b8999facdaeb594e16107561acc3a05e35cca1cef902e9
-
Size
159KB
-
MD5
ba879db3b03af934ac8fa27329970c9b
-
SHA1
e323cc7863709b698280599ab6b8ba3a3853dc76
-
SHA256
914c439cd5dbdf2fd5b8999facdaeb594e16107561acc3a05e35cca1cef902e9
-
SHA512
96ba0f8435380b170cd2f095251aec16a95bab179da86bae97f8d434eb92608a877d2fd2350085c5b4685f8d8ab48363ac57868d3e22ee8d6f86113e50bcf384
-
SSDEEP
1536:UsJbjR9RUtv8DwRkTsEuQWvlyMJJ9ORj7bb/Vp8osdWORhLT/884o:UWblbU4gJ9wrbNp89Ru8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 914c439cd5dbdf2fd5b8999facdaeb594e16107561acc3a05e35cca1cef902e9
Files
-
914c439cd5dbdf2fd5b8999facdaeb594e16107561acc3a05e35cca1cef902e9.dll windows:6 windows x64 arch:x64
4e2b46459ca28bebee13a4df97823791
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
windhawk
InternalWh_FindCloseSymbol
InternalWh_FindFirstSymbol3
InternalWh_FindNextSymbol2
InternalWh_GetIntSetting
InternalWh_IsLogEnabled
InternalWh_Log
InternalWh_SetFunctionHook
dwmapi
DwmGetWindowAttribute
DwmIsCompositionEnabled
DwmSetWindowAttribute
uxtheme
OpenThemeData
dbghelp
ImageDirectoryEntryToDataEx
msvcrt
__iob_func
_amsg_exit
_initterm
_lock
_stricmp
_unlock
abort
calloc
free
fwrite
memcpy
realloc
strlen
strncmp
swprintf_s
vfprintf
wcscat_s
wcscmp
wcslen
user32
FindWindowW
GetPropW
IsWindowEnabled
LoadStringW
PostMessageW
kernel32
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
Exports
Exports
ALL_POWERSCHEMES_GUID
BHID_AssociationArray
BHID_DataObject
BHID_EnumAssocHandlers
BHID_EnumItems
BHID_Filter
BHID_LinkTargetItem
BHID_PropertyStore
BHID_RandomAccessStream
BHID_SFObject
BHID_SFUIObject
BHID_SFViewObject
BHID_Storage
BHID_StorageEnum
BHID_Stream
BHID_ThumbnailHandler
BHID_Transfer
CATID_BrowsableShellExt
CATID_BrowseInPlace
CATID_CommBand
CATID_DeskBand
CATID_InfoBand
CATID_LocationFactory
CATID_LocationProvider
CATID_SearchableApplication
CGID_DefView
CGID_Explorer
CGID_ExplorerBarDoc
CGID_MENUDESKBAR
CGID_ShellDocView
CGID_ShellServiceObject
CGID_ShortCut
CLSID_ACLCustomMRU
CLSID_ACLHistory
CLSID_ACLMRU
CLSID_ACLMulti
CLSID_ACListISF
CLSID_ActiveDesktop
CLSID_AltTabSSO
CLSID_AutoComplete
CLSID_CAnchorBrowsePropertyPage
CLSID_CDocBrowsePropertyPage
CLSID_CFSIconOverlayManager
CLSID_CImageBrowsePropertyPage
CLSID_CScriptErrorList
CLSID_CURLSearchHook
CLSID_CUrlHistory
CLSID_ControlPanel
CLSID_DarwinAppPublisher
CLSID_DocHostUIHandler
CLSID_DragDropHelper
CLSID_FileSearchBand
CLSID_FileTypes
CLSID_FolderItem
CLSID_FolderItemsMultiLevel
CLSID_FolderShortcut
CLSID_HWShellExecute
CLSID_ISFBand
CLSID_Internet
CLSID_InternetButtons
CLSID_InternetExplorer
CLSID_InternetShortcut
CLSID_LinkColumnProvider
CLSID_MSOButtons
CLSID_MenuBand
CLSID_MenuBandSite
CLSID_MenuToolbarBase
CLSID_MyComputer
CLSID_MyDocuments
CLSID_NetworkDomain
CLSID_NetworkServer
CLSID_NetworkShare
CLSID_NewMenu
CLSID_Printers
CLSID_ProgressDialog
CLSID_QueryAssociations
CLSID_QuickLinks
CLSID_RecycleBin
CLSID_SearchAssistantOC
CLSID_Shell
CLSID_ShellBrowserWindow
CLSID_ShellDispatchInproc
CLSID_ShellFldSetExt
CLSID_ShellFolderItem
CLSID_ShellFolderView
CLSID_ShellFolderViewOC
CLSID_ShellLinkObject
CLSID_ShellNameSpace
CLSID_ShellSearchAssistantOC
CLSID_ShellShellNameSpace
CLSID_ShellUIHelper
CLSID_ShellWindows
CLSID_ToolbarExtButtons
CLSID_WebBrowser
CLSID_WebBrowser_V1
CPFG_CREDENTIAL_PROVIDER_LABEL
CPFG_CREDENTIAL_PROVIDER_LOGO
CPFG_LOGON_PASSWORD
CPFG_LOGON_USERNAME
CPFG_SMARTCARD_PIN
CPFG_SMARTCARD_USERNAME
DIID_DShellFolderViewEvents
DIID_DShellNameSpaceEvents
DIID_DShellWindowsEvents
DIID_DWebBrowserEvents
DIID_DWebBrowserEvents2
DIID__SearchAssistantEvents
DXVA2_ModeH264_A
DXVA2_ModeH264_B
DXVA2_ModeH264_C
DXVA2_ModeH264_D
DXVA2_ModeH264_E
DXVA2_ModeH264_F
DXVA2_ModeMPEG2_IDCT
DXVA2_ModeMPEG2_MoComp
DXVA2_ModeMPEG2_VLD
DXVA2_ModeVC1_A
DXVA2_ModeVC1_B
DXVA2_ModeVC1_C
DXVA2_ModeVC1_D
DXVA2_ModeWMV8_A
DXVA2_ModeWMV8_B
DXVA2_ModeWMV9_A
DXVA2_ModeWMV9_B
DXVA2_ModeWMV9_C
DXVA_NoEncrypt
EP_AdvQueryPane
EP_Commands
EP_Commands_Organize
EP_Commands_View
EP_DetailsPane
EP_NavPane
EP_PreviewPane
EP_QueryPane
EP_Ribbon
EP_StatusBar
FMTID_AudioSummaryInformation
FMTID_Briefcase
FMTID_CustomImageProperties
FMTID_DRM
FMTID_Displaced
FMTID_ImageProperties
FMTID_ImageSummaryInformation
FMTID_InternetSite
FMTID_Intshcut
FMTID_LibraryProperties
FMTID_MUSIC
FMTID_MediaFileSummaryInformation
FMTID_Misc
FMTID_Query
FMTID_ShellDetails
FMTID_Storage
FMTID_Volume
FMTID_WebView
FOLDERID_AccountPictures
FOLDERID_AddNewPrograms
FOLDERID_AdminTools
FOLDERID_AllAppMods
FOLDERID_AppCaptures
FOLDERID_AppDataDesktop
FOLDERID_AppDataDocuments
FOLDERID_AppDataFavorites
FOLDERID_AppDataProgramData
FOLDERID_AppUpdates
FOLDERID_ApplicationShortcuts
FOLDERID_AppsFolder
FOLDERID_CDBurning
FOLDERID_CameraRoll
FOLDERID_CameraRollLibrary
FOLDERID_ChangeRemovePrograms
FOLDERID_CommonAdminTools
FOLDERID_CommonOEMLinks
FOLDERID_CommonPrograms
FOLDERID_CommonStartMenu
FOLDERID_CommonStartMenuPlaces
FOLDERID_CommonStartup
FOLDERID_CommonTemplates
FOLDERID_ComputerFolder
FOLDERID_ConflictFolder
FOLDERID_ConnectionsFolder
FOLDERID_Contacts
FOLDERID_ControlPanelFolder
FOLDERID_Cookies
FOLDERID_CurrentAppMods
FOLDERID_Desktop
FOLDERID_DevelopmentFiles
FOLDERID_Device
FOLDERID_DeviceMetadataStore
FOLDERID_Documents
FOLDERID_DocumentsLibrary
FOLDERID_Downloads
FOLDERID_Favorites
FOLDERID_Fonts
FOLDERID_GameTasks
FOLDERID_Games
FOLDERID_History
FOLDERID_HomeGroup
FOLDERID_HomeGroupCurrentUser
FOLDERID_ImplicitAppShortcuts
FOLDERID_InternetCache
FOLDERID_InternetFolder
FOLDERID_Libraries
FOLDERID_Links
FOLDERID_LocalAppData
FOLDERID_LocalAppDataLow
FOLDERID_LocalDocuments
FOLDERID_LocalDownloads
FOLDERID_LocalMusic
FOLDERID_LocalPictures
FOLDERID_LocalVideos
FOLDERID_LocalizedResourcesDir
FOLDERID_Music
FOLDERID_MusicLibrary
FOLDERID_NetHood
FOLDERID_NetworkFolder
FOLDERID_Objects3D
FOLDERID_OneDrive
FOLDERID_OriginalImages
FOLDERID_PhotoAlbums
FOLDERID_Pictures
FOLDERID_PicturesLibrary
FOLDERID_Playlists
FOLDERID_PrintHood
FOLDERID_PrintersFolder
FOLDERID_Profile
FOLDERID_ProgramData
FOLDERID_ProgramFiles
FOLDERID_ProgramFilesCommon
FOLDERID_ProgramFilesCommonX64
FOLDERID_ProgramFilesCommonX86
FOLDERID_ProgramFilesX64
FOLDERID_ProgramFilesX86
FOLDERID_Programs
FOLDERID_Public
FOLDERID_PublicDesktop
FOLDERID_PublicDocuments
FOLDERID_PublicDownloads
FOLDERID_PublicGameTasks
FOLDERID_PublicLibraries
FOLDERID_PublicMusic
FOLDERID_PublicPictures
FOLDERID_PublicRingtones
FOLDERID_PublicUserTiles
FOLDERID_PublicVideos
FOLDERID_QuickLaunch
FOLDERID_Recent
FOLDERID_RecordedCalls
FOLDERID_RecordedTVLibrary
FOLDERID_RecycleBinFolder
FOLDERID_ResourceDir
FOLDERID_RetailDemo
FOLDERID_Ringtones
FOLDERID_RoamedTileImages
FOLDERID_RoamingAppData
FOLDERID_RoamingTiles
FOLDERID_SEARCH_CSC
FOLDERID_SEARCH_MAPI
FOLDERID_SampleMusic
FOLDERID_SamplePictures
FOLDERID_SamplePlaylists
FOLDERID_SampleVideos
FOLDERID_SavedGames
FOLDERID_SavedPictures
FOLDERID_SavedPicturesLibrary
FOLDERID_SavedSearches
FOLDERID_Screenshots
FOLDERID_SearchHistory
FOLDERID_SearchHome
FOLDERID_SearchTemplates
FOLDERID_SendTo
FOLDERID_SidebarDefaultParts
FOLDERID_SidebarParts
FOLDERID_SkyDrive
FOLDERID_SkyDriveCameraRoll
FOLDERID_SkyDriveDocuments
FOLDERID_SkyDriveMusic
FOLDERID_SkyDrivePictures
FOLDERID_StartMenu
FOLDERID_StartMenuAllPrograms
FOLDERID_Startup
FOLDERID_SyncManagerFolder
FOLDERID_SyncResultsFolder
FOLDERID_SyncSetupFolder
FOLDERID_System
FOLDERID_SystemX86
FOLDERID_Templates
FOLDERID_UserPinned
FOLDERID_UserProfiles
FOLDERID_UserProgramFiles
FOLDERID_UserProgramFilesCommon
FOLDERID_UsersFiles
FOLDERID_UsersLibraries
FOLDERID_Videos
FOLDERID_VideosLibrary
FOLDERID_Windows
FOLDERTYPEID_AccountPictures
FOLDERTYPEID_Communications
FOLDERTYPEID_CompressedFolder
FOLDERTYPEID_Contacts
FOLDERTYPEID_ControlPanelCategory
FOLDERTYPEID_ControlPanelClassic
FOLDERTYPEID_Documents
FOLDERTYPEID_Games
FOLDERTYPEID_Generic
FOLDERTYPEID_GenericLibrary
FOLDERTYPEID_GenericSearchResults
FOLDERTYPEID_Invalid
FOLDERTYPEID_Music
FOLDERTYPEID_NetworkExplorer
FOLDERTYPEID_OpenSearch
FOLDERTYPEID_OtherUsers
FOLDERTYPEID_Pictures
FOLDERTYPEID_Printers
FOLDERTYPEID_PublishedItems
FOLDERTYPEID_RecordedTV
FOLDERTYPEID_RecycleBin
FOLDERTYPEID_SavedGames
FOLDERTYPEID_SearchConnector
FOLDERTYPEID_SearchHome
FOLDERTYPEID_Searches
FOLDERTYPEID_SoftwareExplorer
FOLDERTYPEID_StartMenu
FOLDERTYPEID_UserFiles
FOLDERTYPEID_UsersLibraries
FOLDERTYPEID_Videos
GUID_ACDC_POWER_SOURCE
GUID_ACTIVE_POWERSCHEME
GUID_ADAPTIVE_POWER_BEHAVIOR_SUBGROUP
GUID_ALLOW_AWAYMODE
GUID_ALLOW_DISPLAY_REQUIRED
GUID_ALLOW_RTC_WAKE
GUID_ALLOW_STANDBY_STATES
GUID_ALLOW_SYSTEM_REQUIRED
GUID_APPLAUNCH_BUTTON
GUID_BACKGROUND_TASK_NOTIFICATION
GUID_BATTERY_DISCHARGE_ACTION_0
GUID_BATTERY_DISCHARGE_ACTION_1
GUID_BATTERY_DISCHARGE_ACTION_2
GUID_BATTERY_DISCHARGE_ACTION_3
GUID_BATTERY_DISCHARGE_FLAGS_0
GUID_BATTERY_DISCHARGE_FLAGS_1
GUID_BATTERY_DISCHARGE_FLAGS_2
GUID_BATTERY_DISCHARGE_FLAGS_3
GUID_BATTERY_DISCHARGE_LEVEL_0
GUID_BATTERY_DISCHARGE_LEVEL_1
GUID_BATTERY_DISCHARGE_LEVEL_2
GUID_BATTERY_DISCHARGE_LEVEL_3
GUID_BATTERY_PERCENTAGE_REMAINING
GUID_BATTERY_SUBGROUP
GUID_CONSOLE_DISPLAY_STATE
GUID_CRITICAL_POWER_TRANSITION
GUID_DEVICE_IDLE_POLICY
GUID_DEVICE_POWER_POLICY_VIDEO_BRIGHTNESS
GUID_DEVICE_POWER_POLICY_VIDEO_DIM_BRIGHTNESS
GUID_DEVINTERFACE_CDCHANGER
GUID_DEVINTERFACE_CDROM
GUID_DEVINTERFACE_COMPORT
GUID_DEVINTERFACE_DISK
GUID_DEVINTERFACE_FLOPPY
GUID_DEVINTERFACE_HIDDEN_VOLUME
GUID_DEVINTERFACE_MEDIUMCHANGER
GUID_DEVINTERFACE_PARTITION
GUID_DEVINTERFACE_SCM_PHYSICAL_DEVICE
GUID_DEVINTERFACE_SERENUM_BUS_ENUMERATOR
GUID_DEVINTERFACE_SERVICE_VOLUME
GUID_DEVINTERFACE_SES
GUID_DEVINTERFACE_STORAGEPORT
GUID_DEVINTERFACE_TAPE
GUID_DEVINTERFACE_UNIFIED_ACCESS_RPMB
GUID_DEVINTERFACE_VMLUN
GUID_DEVINTERFACE_VOLUME
GUID_DEVINTERFACE_WRITEONCEDISK
GUID_DEVINTERFACE_ZNSDISK
GUID_DISK_ADAPTIVE_POWERDOWN
GUID_DISK_BURST_IGNORE_THRESHOLD
GUID_DISK_COALESCING_POWERDOWN_TIMEOUT
GUID_DISK_IDLE_TIMEOUT
GUID_DISK_POWERDOWN_TIMEOUT
GUID_DISK_SUBGROUP
GUID_ENABLE_SWITCH_FORCED_SHUTDOWN
GUID_EXECUTION_REQUIRED_REQUEST_TIMEOUT
GUID_GLOBAL_USER_PRESENCE
GUID_HIBERNATE_FASTS4_POLICY
GUID_HIBERNATE_TIMEOUT
GUID_IDLE_BACKGROUND_TASK
GUID_IDLE_RESILIENCY_PERIOD
GUID_IDLE_RESILIENCY_SUBGROUP
GUID_LIDCLOSE_ACTION
GUID_LIDOPEN_POWERSTATE
GUID_LIDSWITCH_STATE_CHANGE
GUID_LOCK_CONSOLE_ON_WAKE
GUID_MAX_POWER_SAVINGS
GUID_MIN_POWER_SAVINGS
GUID_MONITOR_POWER_ON
GUID_NON_ADAPTIVE_INPUT_TIMEOUT
GUID_PCIEXPRESS_ASPM_POLICY
GUID_PCIEXPRESS_SETTINGS_SUBGROUP
GUID_POWERBUTTON_ACTION
GUID_POWERSCHEME_PERSONALITY
GUID_PROCESSOR_ALLOW_THROTTLING
GUID_PROCESSOR_CORE_PARKING_AFFINITY_HISTORY_DECREASE_FACTOR
GUID_PROCESSOR_CORE_PARKING_AFFINITY_HISTORY_THRESHOLD
GUID_PROCESSOR_CORE_PARKING_AFFINITY_WEIGHTING
GUID_PROCESSOR_CORE_PARKING_DECREASE_POLICY
GUID_PROCESSOR_CORE_PARKING_DECREASE_THRESHOLD
GUID_PROCESSOR_CORE_PARKING_DECREASE_TIME
GUID_PROCESSOR_CORE_PARKING_INCREASE_POLICY
GUID_PROCESSOR_CORE_PARKING_INCREASE_THRESHOLD
GUID_PROCESSOR_CORE_PARKING_INCREASE_TIME
GUID_PROCESSOR_CORE_PARKING_MAX_CORES
GUID_PROCESSOR_CORE_PARKING_MIN_CORES
GUID_PROCESSOR_CORE_PARKING_OVER_UTILIZATION_HISTORY_DECREASE_FACTOR
GUID_PROCESSOR_CORE_PARKING_OVER_UTILIZATION_HISTORY_THRESHOLD
GUID_PROCESSOR_CORE_PARKING_OVER_UTILIZATION_THRESHOLD
GUID_PROCESSOR_CORE_PARKING_OVER_UTILIZATION_WEIGHTING
GUID_PROCESSOR_DISTRIBUTE_UTILITY
GUID_PROCESSOR_IDLESTATE_POLICY
GUID_PROCESSOR_IDLE_ALLOW_SCALING
GUID_PROCESSOR_IDLE_DEMOTE_THRESHOLD
GUID_PROCESSOR_IDLE_DISABLE
GUID_PROCESSOR_IDLE_PROMOTE_THRESHOLD
GUID_PROCESSOR_IDLE_STATE_MAXIMUM
GUID_PROCESSOR_IDLE_TIME_CHECK
GUID_PROCESSOR_PARKING_CONCURRENCY_THRESHOLD
GUID_PROCESSOR_PARKING_CORE_OVERRIDE
GUID_PROCESSOR_PARKING_HEADROOM_THRESHOLD
GUID_PROCESSOR_PARKING_PERF_STATE
GUID_PROCESSOR_PERFSTATE_POLICY
GUID_PROCESSOR_PERF_BOOST_MODE
GUID_PROCESSOR_PERF_BOOST_POLICY
GUID_PROCESSOR_PERF_DECREASE_POLICY
GUID_PROCESSOR_PERF_DECREASE_THRESHOLD
GUID_PROCESSOR_PERF_DECREASE_TIME
GUID_PROCESSOR_PERF_HISTORY
GUID_PROCESSOR_PERF_INCREASE_POLICY
GUID_PROCESSOR_PERF_INCREASE_THRESHOLD
GUID_PROCESSOR_PERF_INCREASE_TIME
GUID_PROCESSOR_PERF_LATENCY_HINT
GUID_PROCESSOR_PERF_TIME_CHECK
GUID_PROCESSOR_SETTINGS_SUBGROUP
GUID_PROCESSOR_THROTTLE_MAXIMUM
GUID_PROCESSOR_THROTTLE_MINIMUM
GUID_PROCESSOR_THROTTLE_POLICY
GUID_SCM_PD_HEALTH_NOTIFICATION
GUID_SCM_PD_PASSTHROUGH_INVDIMM
GUID_SESSION_DISPLAY_STATUS
GUID_SESSION_USER_PRESENCE
GUID_SLEEPBUTTON_ACTION
GUID_SLEEP_IDLE_THRESHOLD
GUID_SLEEP_SUBGROUP
GUID_STANDBY_TIMEOUT
GUID_SYSTEM_AWAYMODE
GUID_SYSTEM_BUTTON_SUBGROUP
GUID_SYSTEM_COOLING_POLICY
GUID_TYPICAL_POWER_SAVINGS
GUID_UNATTEND_SLEEP_TIMEOUT
GUID_USERINTERFACEBUTTON_ACTION
GUID_VIDEO_ADAPTIVE_DISPLAY_BRIGHTNESS
GUID_VIDEO_ADAPTIVE_PERCENT_INCREASE
GUID_VIDEO_ADAPTIVE_POWERDOWN
GUID_VIDEO_ANNOYANCE_TIMEOUT
GUID_VIDEO_CONSOLE_LOCK_TIMEOUT
GUID_VIDEO_CURRENT_MONITOR_BRIGHTNESS
GUID_VIDEO_DIM_TIMEOUT
GUID_VIDEO_POWERDOWN_TIMEOUT
GUID_VIDEO_SUBGROUP
IID_AsyncIAdviseSink
IID_AsyncIAdviseSink2
IID_AsyncIMultiQI
IID_AsyncIUnknown
IID_CDefView
IID_DFConstraint
IID_Folder
IID_Folder2
IID_Folder3
IID_FolderItem
IID_FolderItem2
IID_FolderItemVerb
IID_FolderItemVerbs
IID_FolderItems
IID_FolderItems2
IID_FolderItems3
IID_IACList
IID_IACList2
IID_IADesktopP2
IID_IActiveDesktop
IID_IActiveDesktopP
IID_IAddrExclusionControl
IID_IAddrTrackingControl
IID_IAdviseSink
IID_IAdviseSink2
IID_IAdviseSinkEx
IID_IAgileObject
IID_IAgileReference
IID_IApartmentShutdown
IID_IAsyncManager
IID_IAsyncRpcChannelBuffer
IID_IAuthenticate
IID_IAuthenticateEx
IID_IAutoComplete
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 47KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.buildid Size: 512B - Virtual size: 53B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 272B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 432B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/4 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/18 Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/30 Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/42 Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/53 Size: 1024B - Virtual size: 720B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
/67 Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ