E:\Project\CRM9250T\Tool\CRM9250Ttoolv1.0\Src\CRM9250Ttool\Debug\CRM9250Ttool.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
d485d16f6485eda55e14c70a6e26c46caeb57f7b8013b20d80bde4c6b0e6d6b7.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
d485d16f6485eda55e14c70a6e26c46caeb57f7b8013b20d80bde4c6b0e6d6b7.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
d485d16f6485eda55e14c70a6e26c46caeb57f7b8013b20d80bde4c6b0e6d6b7
-
Size
12.6MB
-
MD5
e193675b31cff5d02fdd8c4c1d02d7a4
-
SHA1
55417b16937b1e09ef4bed98feae6b9b02f11f0c
-
SHA256
d485d16f6485eda55e14c70a6e26c46caeb57f7b8013b20d80bde4c6b0e6d6b7
-
SHA512
a848550714c7fa3c443ee199769f2c8408700a90fd550dff2b934327fdeb049ff02cd447c772cd2ec3b25f5dc295273323261b47beaed4708bfab042c9423473
-
SSDEEP
98304:s70hnxMyeKX9LD1303j9lNU/X1z3alS+E:xxMyeK9LJ303j9lNgz3aP
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d485d16f6485eda55e14c70a6e26c46caeb57f7b8013b20d80bde4c6b0e6d6b7
Files
-
d485d16f6485eda55e14c70a6e26c46caeb57f7b8013b20d80bde4c6b0e6d6b7.exe windows:5 windows x86 arch:x86
acf5a7186a803ebed532f3d994ebd436
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
crm9250nvdll
?iSetImageSaveModel@CCRM9250NV@@QAEHE@Z
?iOpenUSB@CCRM9250NV@@QAEHXZ
?iReadCollectPicInfo_EDNV@CCRM9250NV@@QAEHPAE0PAIPAUtDevReturn@@@Z
?iCloseUSB@CCRM9250NV@@QAEHXZ
?iReadCollectPic_EDNV@CCRM9250NV@@QAEHPAE0PAKPAUtDevReturn@@@Z
?iRecvOCRPicInfo_EDNV@CCRM9250NV@@QAEHPAEPAKPAUtDevReturn@@@Z
?iSetWorkModel@CCRM9250NV@@QAEHE@Z
?iGetOcrData@CCRM9250NV@@QAEHEIPAI0PAE@Z
?iGetFirstImageType@CCRM9250NV@@QAEHEEPAI0PAE@Z
?iGetOtherImageType@CCRM9250NV@@QAEHEEPAI0PAE@Z
?iRevData@CCRM9250NV@@QAEHPAEIPAIK@Z
?iSendRawData@CCRM9250NV@@QAEHPAEI@Z
?iGetOCRPicInfo_EDNV@CCRM9250NV@@QAEHPAEE0PAKPAUtDevReturn@@@Z
?iGetOcrNumber@CCRM9250NV@@QAEHEPAE0@Z
??1CCRM9250NV@@UAE@XZ
??0CCRM9250NV@@QAE@XZ
?iReadCollectPicSendACK_EDNV@CCRM9250NV@@QAEHPAEPAKPAUtDevReturn@@@Z
?CRC16_Table@CCRM9250NV@@QAEGPAEI@Z
crm9250tdevdll
?iSendAndRecv@CCRM9250TDev@@QAEHPAEI0AAIPAUtDevReturn@@IH@Z
?iSetCommPara@CCRM9250TDev@@QAEHPAUtDevReturn@@@Z
?bWriteLog@LogUtil@@QAE_NPBDPBEI1I@Z
??0LogUtil@@QAE@XZ
??1LogUtil@@QAE@XZ
?iDownSendAndRecv@CCRM9250TDev@@QAEHPAEI0AAIPAUtDevReturn@@H@Z
?SetDevSecNotify@CCRM9250TDev@@QAEXPAVDevSec_Notify@@@Z
??0CCRM9250TDev@@QAE@XZ
??1CCRM9250TDev@@UAE@XZ
nvapi
?iReadSecondAdjustParam@CNvApi@@QAEHXZ
?iSetSecondAdjustFlag@CNvApi@@QAEHXZ
?iSecondAdjustProcess@CNvApi@@QAEHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?iGetAllCollectedImageData@CNvApi@@QAEHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
??1CNvApi@@QAE@XZ
?iGetAllOCRImageData@CNvApi@@QAEHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?iSetFuncHandle@CNvApi@@QAEHP6AHPAEII@ZP6AH0AAII@ZPAVCProgressCtrl@@PAV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
?vSetLanguage@CNvApi@@QAEXW4EN_LANGUAGE_ID@@@Z
?vSetNvType@CNvApi@@QAEXW4EN_NVTYPE_ID@@@Z
?iGetAllRejectedImageData@CNvApi@@QAEHV?$CStringT@DV?$StrTraitMFC_DLL@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@@Z
??0CNvApi@@QAE@XZ
mfc100d
ord6468
ord1464
ord12367
ord9618
ord5128
ord3884
ord317
ord272
ord1644
ord4710
ord1437
ord1429
ord15102
ord3342
ord8179
ord7854
ord2696
ord4663
ord13083
ord10000
ord2964
ord14880
ord6841
ord4424
ord6935
ord1420
ord985
ord15846
ord8986
ord2248
ord2199
ord3092
ord6086
ord5123
ord15649
ord1398
ord5434
ord7593
ord1806
ord960
ord13902
ord5057
ord9549
ord10061
ord13421
ord15650
ord1409
ord971
ord13449
ord4092
ord5710
ord15245
ord15241
ord14806
ord4849
ord2067
ord1054
ord1023
ord2765
ord5045
ord14072
ord3452
ord351
ord3453
ord406
ord1095
ord4085
ord5504
ord13399
ord14322
ord1343
ord4708
ord14075
ord3777
ord873
ord15217
ord14077
ord3780
ord14073
ord5465
ord9202
ord356
ord463
ord9180
ord9679
ord7740
ord7753
ord3549
ord4482
ord11642
ord15785
ord11531
ord9211
ord2985
ord9149
ord14472
ord5773
ord8993
ord862
ord7506
ord14101
ord4409
ord1335
ord11882
ord12481
ord15330
ord9235
ord7675
ord9289
ord2553
ord14664
ord9243
ord9631
ord7668
ord8789
ord1025
ord532
ord964
ord1143
ord1402
ord7190
ord13082
ord4983
ord2365
ord8706
ord2358
ord2244
ord934
ord15065
ord9292
ord9200
ord13844
ord16308
ord5822
ord2559
ord13447
ord13448
ord15835
ord8635
ord15833
ord10266
ord4337
ord4279
ord13929
ord8656
ord2072
ord16627
ord12826
ord15706
ord13440
ord8709
ord16021
ord9177
ord16023
ord16020
ord16022
ord16019
ord4044
ord6497
ord13113
ord13121
ord8994
ord11247
ord13131
ord13910
ord6309
ord11073
ord10078
ord4660
ord2693
ord7497
ord986
ord1421
ord9551
ord3190
ord7508
ord9148
ord9546
ord11194
ord8320
ord15368
ord15103
ord884
ord14383
ord15111
ord8835
ord10245
ord5761
ord1089
ord13796
ord2035
ord14245
ord2963
ord16611
ord16613
ord16612
ord16610
ord16614
ord16596
ord16523
ord16524
ord10007
ord12950
ord4028
ord12781
ord15828
ord9834
ord4876
ord2742
ord7669
ord11845
ord10105
ord3432
ord15019
ord13138
ord13136
ord1753
ord1760
ord1766
ord1764
ord1771
ord5324
ord5361
ord5332
ord5344
ord5340
ord5336
ord5366
ord5357
ord5328
ord5370
ord5349
ord5315
ord5319
ord5352
ord4887
ord16531
ord4874
ord3235
ord15836
ord8636
ord15834
ord7518
ord12557
ord14811
ord6522
ord2871
ord12986
ord4133
ord3544
ord3543
ord3431
ord13032
ord5664
ord6047
ord6306
ord10219
ord6019
ord6334
ord5667
ord5884
ord5647
ord8412
ord8413
ord8403
ord5882
ord12809
ord6451
ord3091
ord13293
ord13797
ord13865
ord9617
ord5579
ord457
ord4282
ord6962
ord7667
ord6128
ord8998
ord11078
ord10079
ord4545
ord2597
ord14148
ord1090
ord15656
ord7548
ord4048
ord417
ord369
ord8796
ord4987
ord2478
ord508
ord1351
ord13531
ord509
ord8842
ord14730
ord14729
ord6403
ord14431
ord8508
ord4006
ord1462
ord459
ord16018
ord456
ord14609
ord14960
ord5641
ord9686
ord14600
ord1434
ord1444
ord5577
ord5425
ord8509
ord15804
ord15438
ord5600
ord15049
ord5893
ord7188
ord954
ord444
ord1394
ord1079
ord13036
ord11859
ord10126
ord413
ord7799
ord8163
ord267
ord270
ord1427
ord5503
ord1731
ord1432
ord2359
ord9613
ord5767
ord5839
ord8941
ord15106
ord15108
ord8510
ord13756
ord12516
ord4074
ord6801
ord6107
ord6809
ord6356
ord6410
ord15240
ord11273
ord15334
ord14380
ord8820
ord14465
ord6033
ord14564
ord8776
ord4046
ord8783
ord14753
ord5058
ord4039
ord14749
ord4889
ord15748
ord322
ord924
ord2321
ord1029
ord1128
ord1371
ord7801
ord8165
ord15536
ord3184
ord6501
ord311
ord6450
ord3199
ord1727
ord1463
ord1460
ord306
ord2196
ord269
ord316
ord5223
ord1669
ord14065
ord14773
ord973
ord1411
ord15041
ord14987
ord9167
ord8822
ord1127
ord6446
ord359
ord999
ord5102
ord1092
ord2292
ord4053
ord10218
ord1740
ord6122
ord13037
ord12935
ord9163
ord2267
ord5896
ord5575
ord4856
ord4261
ord3886
ord3995
ord3881
ord3887
ord3994
ord1059
ord1024
ord1057
ord1442
ord1435
ord12993
ord9903
ord12229
ord4281
ord3581
ord3580
ord3334
ord3333
ord6839
ord14876
ord3472
ord3469
ord14037
ord2294
msvcr100d
_gmtime64_s
_localtime64_s
_snprintf_s
_errno
_CrtDbgReport
wcscpy
_vsnprintf_s
_vsnwprintf_s
_snwprintf_s
wcscpy_s
wcsncpy_s
calloc
_recalloc
_wcsicmp
memmove_s
wcslen
_itoa
_setmbcp
strtok
atoi
printf
malloc
free
fputwc
fwrite
fclose
memcpy
memset
__CxxFrameHandler3
fopen
_invoke_watson
_controlfp_s
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_initterm_e
_initterm
_CrtSetCheckCount
_acmdln
_ismbblead
exit
_cexit
_XcptFilter
_exit
__getmainargs
_amsg_exit
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
_CRT_RTC_INITW
fopen_s
fprintf
strtok_s
_beginthread
_endthread
strcat
strchr
_mbclen
strtol
_wassert
_mktime64
sscanf_s
strncat
_purecall
strrchr
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
fflush
setvbuf
fsetpos
_fseeki64
fgetpos
fgetc
ungetc
fputc
_unlock_file
_lock_file
sprintf_s
strlen
strncmp
fseek
ftell
fread
strncpy
_access
sscanf
memcpy_s
strcpy_s
strcmp
strstr
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
_vsnprintf
memmove
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
_CrtDbgReportW
_invalid_parameter
_CxxThrowException
_stricmp
_time64
sprintf
srand
rand
memcmp
strcpy
kernel32
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
MulDiv
OpenFileMappingA
OutputDebugStringW
VirtualAlloc
UnmapViewOfFile
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetCurrentThread
OpenEventA
VirtualQuery
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
LoadLibraryW
lstrlenA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
DecodePointer
EncodePointer
GlobalAlloc
GlobalFree
GetPrivateProfileSectionA
DeleteFileA
RemoveDirectoryA
GetLastError
FormatMessageA
WideCharToMultiByte
MultiByteToWideChar
GetACP
FindFirstFileA
FindClose
CreateMutexA
CopyFileA
FreeLibrary
LoadLibraryA
OutputDebugStringA
WritePrivateProfileStringA
LocalFree
InterlockedDecrement
CreateProcessA
GetFileAttributesA
SetFileAttributesA
Beep
SetThreadLocale
GetModuleFileNameA
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
ReleaseMutex
GetProcAddress
WaitForMultipleObjects
ResetEvent
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
CreateEventA
CreateThread
Sleep
CreateDirectoryA
lstrcpyA
GetTickCount
GetPrivateProfileStringA
GetPrivateProfileIntA
InterlockedIncrement
user32
SetRectEmpty
UnionRect
SubtractRect
OffsetRect
InflateRect
EqualRect
SetRect
PtInRect
IntersectRect
CopyRect
SetCursor
PeekMessageA
TranslateMessage
DispatchMessageA
SendMessageA
GetSystemMetrics
GetWindowLongA
SetWindowLongA
MessageBoxA
GetKeyState
IsRectEmpty
msimg32
AlphaBlend
advapi32
RegSetValueExA
RevertToSelf
OpenThreadToken
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
SetThreadToken
shell32
SHGetPathFromIDListA
ShellExecuteExA
SHBrowseForFolderA
comctl32
InitCommonControlsEx
shlwapi
StrToIntA
ole32
OleRun
CoInitialize
CoUninitialize
CoCreateInstance
oleaut32
VariantCopy
SetErrorInfo
GetErrorInfo
SysAllocString
SysFreeString
VariantClear
VariantChangeType
CreateErrorInfo
SysStringByteLen
SysAllocStringByteLen
VariantInit
ws2_32
WSAStartup
msvcp100d
?_Debug_message@std@@YAXPB_W0I@Z
??1_Lockit@std@@QAE@XZ
?_Getpfirst@_Container_base12@std@@QBEPAPAU_Iterator_base12@2@XZ
??0_Lockit@std@@QAE@H@Z
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
??0_Container_base12@std@@QAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Swap_all@_Container_base12@std@@QAEXAAU12@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_DebugHeapTag_func@std@@YAABU_DebugHeapTag_t@1@XZ
??2@YAPAXIABU_DebugHeapTag_t@std@@PADH@Z
??3@YAXPAXABU_DebugHeapTag_t@std@@PADH@Z
?_Xinvalid_argument@std@@YAXPBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Incref@facet@locale@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?width@ios_base@std@@QAE_J_J@Z
?_Xout_of_range@std@@YAXPBD@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_BADOFF@std@@3_JB
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
devbasedlld
?vCallProcFun@ODevBase@@UAEXHPADHPBX@Z
?vSetBreakAsynRecvFlag@ODevBase@@UAEX_N@Z
??1ODevBase@@UAE@XZ
??0ODevBase@@QAE@XZ
?iCloseComm2@ODevBase@@QAEHXZ
?iSendCommand2@ODevBase@@QAEHPBEIF_N1@Z
?iWaitResult2@ODevBase@@QAEHPAEAAIIF_N@Z
?vSetLogicalDevName@ODevBase@@QAEXPBD@Z
?iPreInitDev@ODevBase@@QAEHXZ
?iGetErrorFlag@ODevBase@@QAEHXZ
?vSetErrorFlag@ODevBase@@QAEXUtDevReturn@@@Z
?iGetDefaultCommConfig2@ODevBase@@QAEHAAUtCommCfg2@@@Z
?iInitComm2@ODevBase@@QAEHUtCommCfg2@@_N@Z
?vOnDataReceived@ODevBase@@UAEXPADH@Z
?iTest@ODevBase@@UAEHPAUtDevReturn@@@Z
?iInit@ODevBase@@UAEHPAUtDevReturn@@@Z
?iGetStatus@ODevBase@@UAEHPAUtDevReturn@@@Z
?iGetDevVersion@ODevBase@@UAEHPAD@Z
?iGetVersion@ODevBase@@UAEHPAD@Z
?bGetBreakAsynRecvFlag@ODevBase@@UAE_NXZ
mtoken_gm3000
SKF_GetDevState
SKF_EnumDev
SKF_ConnectDev
SKF_OpenApplication
SKF_DigestInit
SKF_Digest
SKF_VerifyPIN
SKF_GenRandom
SKF_OpenContainer
SKF_ExportPublicKey
SKF_ECCSignData
SKF_ECCVerify
SKF_ReadFile
setupapi
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
Sections
.textbss Size: - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 605KB - Virtual size: 604KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 12.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7.5MB - Virtual size: 7.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 576KB - Virtual size: 575KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dtjwt Size: 4KB - Virtual size: 4KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 110KB - Virtual size: 110KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE