2024-03-28_1cbaece4f0dd44b48b3725a5fa85623e_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-03-28_1cbaece4f0dd44b48b3725a5fa85623e_ryuk
Size

13.4MB
MD5

1cbaece4f0dd44b48b3725a5fa85623e
SHA1

f0cd6d41c4302d0b6869dbef8e437c5b089a2ea1
SHA256

d82ebf09f7c7f2e3798db512059a00ecb90bfec06297b7be5c7308b5b586f5e4
SHA512

908c549959cf1e4a71f5425285959bbd159d186f57381d9684baac20b2d4c2c7de73c94c505018a30ccc55074a2470251339a39b1804bd77484e53a77a3c6efc
SSDEEP

49152:1i1fruVxZo9ZxX5InKKdOLr+WXwUTzxEy0cWcXIcl67MviBitYSr4d9wOSnq29z0:8uox6B6rOLDpQcm99HGODulwz5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-03-28_1cbaece4f0dd44b48b3725a5fa85623e_ryuk

Files

2024-03-28_1cbaece4f0dd44b48b3725a5fa85623e_ryuk
.exe windows:6 windows x64 arch:x64

dd179062453ad63e7911c2004f5e2e2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\CRAZY_WORKS\GIT\MAXVTI\_output\x64\Debug\maxvti64.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

scan

ThreatScanner_Uninitialize
ThreatScanner_InitializeEx
ThreatScanner_SetIntOption
ThreatScanner_ScanObject
ThreatScanner_SetScanCallback2
ThreatScanner_CreateInstance
ThreatScanner_DestroyInstance

bdupdateservicecom

BDUpdSdkPerformInstall
BDUpdSdkPerformUpdate
BDUpdSdkSetOption
BDUpdSdkCreate

kernel32

GetDriveTypeW
ReadConsoleW
SetStdHandle
GetConsoleCP
SetFilePointerEx
GetStringTypeW
GetCPInfo
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
WriteConsoleW
GetFileType
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetStdHandle
VirtualAlloc
HeapQueryInformation
GetCommandLineA
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
RtlPcToFileHeader
OutputDebugStringW
VirtualQuery
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
LocalFileTimeToFileTime
GetFileSizeEx
GetFileAttributesExW
FindResourceExW
GetStringTypeExW
lstrcmpiW
GetCurrentProcess
GetHandleInformation
DuplicateHandle
UnlockFile
LockFile
GetVolumeInformationW
GetShortPathNameW
FlushFileBuffers
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
VirtualProtect
GetProfileIntW
CreateSemaphoreW
WaitForMultipleObjects
CreateMutexW
ReleaseMutex
GetThreadLocale
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetAtomNameW
GlobalGetAtomNameW
GlobalFindAtomW
GlobalAddAtomW
FreeResource
GetSystemDirectoryW
EncodePointer
ResumeThread
SuspendThread
GetThreadPriority
SetThreadPriority
CompareStringA
lstrcmpW
lstrcmpA
GlobalDeleteAtom
LoadLibraryExW
GetVersionExW
GetCurrentThread
SetErrorMode
FileTimeToLocalFileTime
PulseEvent
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryW
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
CreateSemaphoreA
ReleaseSemaphore
GetComputerNameA
SetEnvironmentVariableW
GetProcessHeaps
HeapValidate
LoadLibraryA
GetProcAddress
CreateFileW
GetVersionExA
WriteFile
SetFileTime
SetEndOfFile
ReadFile
GetFileTime
GetFileSize
QueryPerformanceCounter
InitializeCriticalSection
GetOEMCP
GetACP
GetComputerNameW
FormatMessageA
GetModuleFileNameA
GetSystemTimeAsFileTime
MoveFileW
MoveFileA
CopyFileW
CopyFileA
GetTempPathA
GetTempPathW
SetFilePointer
SetFileAttributesW
SetFileAttributesA
RemoveDirectoryW
GetFullPathNameW
GetFullPathNameA
GetFileAttributesW
GetFileAttributesA
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
DeleteFileA
CreateFileA
CreateDirectoryA
GetCurrentDirectoryW
GetCurrentDirectoryA
SetCurrentDirectoryW
SetCurrentDirectoryA
SystemTimeToFileTime
GetLocalTime
GetSystemTime
CompareFileTime
CreateThread
DecodePointer
GetModuleHandleW
GetSystemInfo
GetExitCodeThread
TerminateThread
GetCurrentThreadId
Sleep
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
RaiseException
CloseHandle
CreateDirectoryW
GetCommandLineW
GetTickCount
GetCurrentProcessId
GetUserDefaultLangID
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
SetLastError
GetLastError
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetConsoleMode

user32

SetWindowTextW
ScrollWindowEx
IsWindowEnabled
SendDlgItemMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetClassNameW
GetClassLongPtrW
GetClassLongW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
EqualRect
CopyRect
GetSysColor
MessageBoxW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
GetKeyState
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
NotifyWinEvent
IsDialogMessageW
DlgDirSelectComboBoxExW
DlgDirListComboBoxW
DlgDirSelectExW
DlgDirListW
LoadIconW
LoadCursorW
GetLastActivePopup
GetTopWindow
FindWindowExW
FindWindowW
SetParent
GetDesktopWindow
ChildWindowFromPointEx
ChildWindowFromPoint
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
CreateCaret
GetWindowContextHelpId
SetMenuItemInfoW
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
LockWindowUpdate
RedrawWindow
ValidateRgn
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRgn
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
GetDCEx
GetDC
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
DragDetect
GetSystemMenu
DrawMenuBar
HiliteMenuItem
EnableWindow
KillTimer
SetTimer
SetCapture
GetCapture
GetFocus
GetActiveWindow
GetWindowThreadProcessId
DrawEdge
DrawFrameControl
LoadMenuW
LoadMenuIndirectW
CreateMenu
CreatePopupMenu
CheckMenuItem
EnableMenuItem
ModifyMenuW
DeleteMenu
SetMenuItemBitmaps
InsertMenuItemW
ArrangeIconicWindows
GetMenuItemInfoW
GetOpenClipboardWindow
ChangeClipboardChain
GetClipboardViewer
SetClipboardViewer
GetClipboardOwner
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
CloseWindow
OpenIcon
ShowOwnedPopups
FlashWindow
IsChild
PostThreadMessageW
SendNotifyMessageW
DrawAnimatedRects
DrawCaption
GetWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
SetFocus
MapDialogRect
TabbedTextOutW
IsWindow
PostMessageW
SendMessageW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
DrawIcon
DrawTextW
DrawTextExW
GrayStringW
DrawStateW
GetTabbedTextExtentW
WindowFromDC
ExcludeUpdateRgn
ScrollDC
SetMenuContextHelpId
GetSysColorBrush
DrawFocusRect
FillRect
FrameRect
InvertRect
CheckMenuRadioItem
LoadBitmapW
GetSystemMetrics
MsgWaitForMultipleObjectsEx
GetMenuCheckMarkDimensions
CreateDialogIndirectParamW
EndDialog
GetCursorPos
SetRect
GetMessageW
ReleaseCapture
SetCursor
InflateRect
GetAsyncKeyState
TranslateMessage
CopyImage
SystemParametersInfoW
RealChildWindowFromPoint
LoadAcceleratorsW
DestroyMenu
IntersectRect
GetClipboardFormatNameA
GetClipboardFormatNameW
UnpackDDElParam
IsRectEmpty
TranslateAcceleratorW
DestroyIcon
LoadImageW
GetMenuBarInfo
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringW
IsMenu
UnregisterClassA
GetParent
OffsetRect
SetRectEmpty
SendDlgItemMessageA
PeekMessageA
UnregisterClassW
PostQuitMessage
PeekMessageW
ReuseDDElParam
GetKeyNameTextW
MapVirtualKeyW
CharUpperW
GetDialogBaseUnits
UnionRect
SetWindowContextHelpId
GetMenuContextHelpId

gdi32

GetCurrentObject
GetCurrentPositionEx
GetFontData
GetGlyphOutlineW
GetGraphicsMode
GetMapMode
GetNearestColor
GetNearestPaletteIndex
GetObjectType
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetPolyFillMode
GetRegionData
GetRgnBox
GetStockObject
GetStretchBltMode
GetTextCharacterExtra
GetTextAlign
GetTextColor
GetTextExtentPoint32W
GetFontLanguageInfo
GetCharacterPlacementW
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
InvertRgn
MaskBlt
PlgBlt
OffsetRgn
PatBlt
Pie
PaintRgn
PolyPolygon
PtInRegion
PtVisible
RectInRegion
RectVisible
Rectangle
ResetDCW
RealizePalette
RoundRect
ResizePalette
SelectObject
SetBitmapBits
SetBoundsRect
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
UpdateColors
PlayEnhMetaFile
GdiComment
GetTextMetricsW
AngleArc
PolyPolyline
GetWorldTransform
GetColorAdjustment
CreateHalftonePalette
StartDocW
EndDoc
StartPage
EndPage
GetCharABCWidthsFloatW
SetAbortProc
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetPath
PathToRegion
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
ExtCreatePen
GetMiterLimit
GetArcDirection
TextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetBitmapDimensionEx
SetBrushOrgEx
GetTextFaceW
GetKerningPairsW
UnrealizeObject
DeleteDC
DeleteObject
ExcludeClipRect
GetClipBox
GetClipRgn
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
MoveToEx
PolyBezierTo
GetCharABCWidthsW
GetCharWidthFloatW
GetCharWidthW
GetBrushOrgEx
GetBoundsRect
GetBitmapDimensionEx
GetBitmapBits
CopyMetaFileW
CreateDCW
GetDeviceCaps
CloseMetaFile
CreateMetaFileW
CloseEnhMetaFile
CreateEnhMetaFileW
ExtTextOutW
SetBkColor
SetTextColor
GetObjectW
AnimatePalette
Arc
BitBlt
Chord
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
StretchDIBits
CreateDIBSection
EnumFontFamiliesExW
CombineRgn
CreateBitmap
CreateBitmapIndirect
CreateBrushIndirect
CreateCompatibleBitmap
CreateDiscardableBitmap
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateFontIndirectW
CreateFontW
GetBkMode
CreateHatchBrush
CreateICW
CreatePalette
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
DrawEscape
Ellipse
EnumObjects
EqualRgn
Escape
ExtEscape
ExtCreateRegion
ExtFloodFill
FillRgn
FloodFill
FrameRgn
GetROP2
GetAspectRatioFilterEx
GetBkColor
AbortDoc

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

CryptGenRandom
CryptDeriveKey
CryptDestroyKey
CryptExportKey
RegCreateKeyExA
RegOpenKeyExA
CryptAcquireContextA
RegCloseKey
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegSetValueExW
CryptAcquireContextW
CryptSetHashParam
CryptCreateHash
CryptDestroyHash
CryptSignHashA
CryptImportKey
CryptHashData
CryptGetProvParam
CryptEnumProvidersA
CryptGenKey
CryptGetUserKey
RegSetValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegDeleteValueW
RegEnumValueW
RegEnumKeyExW
GetFileSecurityW
SetFileSecurityW
CryptReleaseContext
GetUserNameA

shell32

ShellExecuteW
SHAddToRecentDocs
DragQueryFileW
DragFinish
ExtractIconW
SHGetFileInfoW
DragAcceptFiles

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathStripToRootW

uxtheme

DrawThemeText
DrawThemeBackground
OpenThemeData
GetThemePartSize
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
CloseThemeData

ole32

ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleRegGetUserType
SetConvertStg
CoUninitialize
CoCreateGuid
CoDisconnectObject
StringFromGUID2
CoCreateInstance
CoInitializeEx
CoInitialize
CLSIDFromProgID
OleRun
PropVariantCopy
CoRegisterClassObject
CoRevokeClassObject
CreateStreamOnHGlobal
CLSIDFromString

oleaut32

SysAllocString
VariantClear
SysAllocStringByteLen
SysStringByteLen
VariantInit
SysAllocStringLen
SafeArrayLock
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SysFreeString
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
SafeArrayGetElemsize
SafeArrayGetDim
VariantChangeType

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdiplusShutdown

crypt32

CryptVerifyMessageSignature
CryptDecryptMessage
CryptDecodeObject
CertDuplicateCertificateContext
CertCreateCertificateContext
CertSetCertificateContextProperty
CryptEncryptMessage
CryptVerifyDetachedMessageSignature
CertDeleteCertificateFromStore
CertAddCertificateContextToStore
CertAddEncodedCertificateToStore
CertFindCertificateInStore
CertEnumCertificatesInStore
CertSaveStore
CertDuplicateStore
CertNameToStrW
CertGetIntendedKeyUsage
CryptEncodeObject
CryptMsgOpenToDecode
CryptMsgClose
CryptMsgUpdate
CryptMsgGetParam
CryptMsgControl
CertOpenStore
CertCloseStore
CertGetSubjectCertificateFromStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CryptSignMessage
CertVerifyRevocation

ws2_32

getsockname
getsockopt
htons
inet_addr
inet_ntoa
bind
ntohs
recv
select
getpeername
setsockopt
shutdown
socket
gethostbyname
gethostname
WSAStartup
WSAGetLastError
accept
ioctlsocket
__WSAFDIsSet
connect
send
closesocket
listen

Sections

.textbss
Size: - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 428KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd179062453ad63e7911c2004f5e2e2b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

scan

bdupdateservicecom

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

oleacc

gdiplus

crypt32

ws2_32

Sections

.textbss Size: - Virtual size: 4.4MB

.text Size: 9.0MB - Virtual size: 9.0MB

.rdata Size: 3.7MB - Virtual size: 3.7MB

.data Size: 102KB - Virtual size: 161KB

.pdata Size: 428KB - Virtual size: 427KB

.idata Size: 36KB - Virtual size: 35KB

.gfids Size: 33KB - Virtual size: 32KB

.giats Size: 512B - Virtual size: 270B

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 283B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 116KB - Virtual size: 116KB

.textbss
Size: - Virtual size: 4.4MB

.text
Size: 9.0MB - Virtual size: 9.0MB

.rdata
Size: 3.7MB - Virtual size: 3.7MB

.data
Size: 102KB - Virtual size: 161KB

.pdata
Size: 428KB - Virtual size: 427KB

.idata
Size: 36KB - Virtual size: 35KB

.gfids
Size: 33KB - Virtual size: 32KB

.giats
Size: 512B - Virtual size: 270B

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 283B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 116KB - Virtual size: 116KB