C:\action-runner\_work\YimMenu\YimMenu\build\YimMenu.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
YimMenu.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
150 seconds
General
-
Target
YimMenu.dll
-
Size
9.7MB
-
MD5
69dccc165b82eb635f2d7a017915067a
-
SHA1
413d441b0570e7661155a52e0506d0b877ff42b1
-
SHA256
0ac9877f1c3fbf9bb92239135776b88807acd7e549cbca7f5870b0831fbc054b
-
SHA512
85c8b11f6cac92299e0fb08d76dd8026d2f18bf196bebe8de315ee49e6320ea699272efd3e33d15ce015015008efcfefcab05a40d2947bebf74be729c4887af4
-
SSDEEP
98304:kQCN8dm16VajSC1nt45QAZ6COieg3Nrf9r8I5M:0N8c16Vax345QAvrf9r8s
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource YimMenu.dll
Files
-
YimMenu.dll.dll windows:6 windows x64 arch:x64
Password: sas
7d330184726e1454138159ea36c68acf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
dbghelp
SymGetModuleBase64
SymCleanup
SymFromAddr
SymGetLineFromAddr64
StackWalk64
SymFunctionTableAccess64
SymInitialize
ws2_32
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
accept
WSAEventSelect
WSAResetEvent
closesocket
WSAGetLastError
ntohs
WSASetLastError
inet_ntop
ioctlsocket
getpeername
recv
listen
getsockname
connect
bind
WSAStartup
WSACleanup
inet_pton
getsockopt
htons
select
socket
__WSAFDIsSet
WSACloseEvent
getaddrinfo
WSAIoctl
setsockopt
freeaddrinfo
htonl
send
WSACreateEvent
advapi32
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
crypt32
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertGetCertificateChain
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CertFreeCertificateChainEngine
CertFreeCertificateChain
CertFindExtension
bcrypt
BCryptGenRandom
kernel32
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetFileInformationByHandleEx
MoveFileExW
AreFileApisANSI
SetFileInformationByHandle
GetFinalPathNameByHandleW
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateFileW
IsDebuggerPresent
GetModuleHandleA
VirtualAlloc
VirtualFree
GetCurrentThreadId
GetModuleFileNameA
WideCharToMultiByte
GetLastError
K32GetModuleInformation
GetCurrentProcess
lstrcpyW
SetErrorMode
CreateDirectoryW
IsBadReadPtr
SetConsoleMode
FreeConsole
AttachConsole
GetCurrentProcessId
AllocConsole
GetStdHandle
SetConsoleTitleA
SetConsoleOutputCP
GetConsoleMode
GetCurrentThread
GetProcAddress
LoadLibraryA
GlobalFree
SleepConditionVariableSRW
FreeLibraryAndExitThread
DisableThreadLibraryCalls
CreateThread
VirtualProtect
CreateFiber
DeleteFiber
SwitchToFiber
ConvertThreadToFiber
GetModuleFileNameW
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
Sleep
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
CreateToolhelp32Snapshot
Thread32First
Thread32Next
GetSystemInfo
VirtualQuery
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoA
QueryPerformanceFrequency
VerSetConditionMask
FreeLibrary
QueryPerformanceCounter
LoadLibraryExA
FormatMessageA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetSystemDirectoryA
GetEnvironmentVariableA
SetLastError
FormatMessageW
MoveFileExA
WaitForSingleObjectEx
SleepEx
VerifyVersionInfoW
CreateFileA
GetFileSizeEx
ReadFile
GetCurrentDirectoryW
GetSystemTimeAsFileTime
InitializeSListHead
GetLocaleInfoEx
RtlCaptureContext
WakeAllConditionVariable
InitOnceComplete
CloseHandle
InitOnceBeginInitialize
LocalFree
SetUnhandledExceptionFilter
user32
GetKeyState
GetMessageExtraInfo
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
TrackMouseEvent
GetKeyboardLayout
SetWindowsHookExA
SetCursor
GetClientRect
IsWindowUnicode
ReleaseCapture
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
FindWindowW
SetCapture
SetCursorPos
GetForegroundWindow
GetAsyncKeyState
FindWindowA
CallWindowProcW
SetWindowLongPtrW
UnhookWindowsHookEx
GetCursorPos
msvcp140
_Cnd_signal
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_J@Z
??Bios_base@std@@QEBA_NXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?good@ios_base@std@@QEBA_NXZ
?uncaught_exceptions@std@@YAHXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?id@?$numpunct@D@std@@2V0locale@2@A
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xbad_function_call@std@@YAXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
_Xtime_get_ticks
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
_Query_perf_counter
_Query_perf_frequency
_Mtx_unlock
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_lock
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?_Random_device@std@@YAIXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
_Thrd_yield
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?classic@locale@std@@SAAEBV12@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
_Cnd_do_broadcast_at_thread_exit
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?put@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AEAVios_base@2@_WPEBUtm@@PEB_W4@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
_Cnd_init_in_situ
_Cnd_destroy_in_situ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
_Cnd_broadcast
_Cnd_wait
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?__ExceptionPtrRethrow@@YAXPEBX@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
_Cnd_register_at_thread_exit
?__ExceptionPtrToBool@@YA_NPEBX@Z
_Cnd_unregister_at_thread_exit
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
_Mtx_trylock
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
_Thrd_join
_Thrd_id
msvcp140_2
__std_smf_hypot3f
winmm
timeGetTime
imm32
ImmSetCandidateWindow
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
d3dcompiler_47
D3DCompile
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memcpy
__RTDynamicCast
__std_type_info_destroy_list
__intrinsic_setjmp
__current_exception
strrchr
__std_exception_destroy
__std_exception_copy
__std_terminate
_purecall
strstr
__C_specific_handler
_CxxThrowException
memmove
memset
__current_exception_context
strchr
memcmp
memchr
longjmp
api-ms-win-crt-stdio-l1-1-0
fputs
__stdio_common_vsprintf
_fseeki64
clearerr
_open
_ftelli64
_pclose
_popen
_wfopen_s
fwrite
fread
fsetpos
fgetc
ungetc
fclose
_fileno
_close
__stdio_common_vsprintf_s
fgets
tmpnam
tmpfile
getc
setvbuf
fputc
ftell
__acrt_iob_func
fflush
fseek
__stdio_common_vfprintf
_wfopen
_get_stream_buffer_pointers
__stdio_common_vsscanf
freopen
fopen
ferror
feof
fgetpos
api-ms-win-crt-heap-l1-1-0
calloc
free
malloc
_callnewh
realloc
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
remove
_stat64
_access
_fstat64
_lock_file
rename
_unlink
api-ms-win-crt-runtime-l1-1-0
system
_beginthreadex
terminate
abort
_errno
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
exit
_invalid_parameter_noinfo_noreturn
__sys_errlist
__sys_nerr
strerror
api-ms-win-crt-math-l1-1-0
powf
roundf
sinf
_fdsign
fmodf
logf
floorf
cosf
_dsign
_fdopen
atan2f
_ldsign
ceilf
frexp
asinf
floor
round
acos
asin
atan2
ceil
cos
exp
fmod
log
log10
sin
sqrt
tan
_dclass
_fdclass
_isnan
_finite
_ldclass
llround
pow
ldexp
acosf
sqrtf
api-ms-win-crt-string-l1-1-0
strcoll
isdigit
isalnum
strspn
strncmp
isupper
strcspn
strcpy_s
islower
isxdigit
isalpha
isspace
ispunct
_strdup
toupper
isblank
strcmp
tolower
strncpy
_stricmp
isgraph
iscntrl
strpbrk
api-ms-win-crt-utility-l1-1-0
qsort
srand
rand
api-ms-win-crt-convert-l1-1-0
strtol
strtoull
strtoul
atof
atoi
_ecvt_s
wcstombs
strtod
strtoll
api-ms-win-crt-locale-l1-1-0
setlocale
___lc_codepage_func
localeconv
api-ms-win-crt-time-l1-1-0
_localtime64
clock
_time64
strftime
_difftime64
_gmtime64
_mktime64
api-ms-win-crt-environment-l1-1-0
getenv
Sections
.text Size: 7.6MB - Virtual size: 7.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 157KB - Virtual size: 573KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 287KB - Virtual size: 287KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 504B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ