309af970f2d957ae27f69d27d157c39da7a4419d7f99c53f757bb75a4766b19a

Sharing

Copy URL

Twitter E-mail

General

Target

309af970f2d957ae27f69d27d157c39da7a4419d7f99c53f757bb75a4766b19a
Size

226KB
MD5

258f804fe407256dbdcbc5298bf22dfa
SHA1

5d4a3b2eb3495b8b767f6b5b72f6773025036bf6
SHA256

309af970f2d957ae27f69d27d157c39da7a4419d7f99c53f757bb75a4766b19a
SHA512

46385982b4aa89296b6a3efd3f9f2ec6bbf198bda5d786b0b67b61305469a09dafa6fe7e7e622b385700e281dab692dc19b8d595562bc286d47e2755380a99bf
SSDEEP

6144:EjgpFAgXpN7rY3KYZHNH+3dSwfIkPbXUytwVt9K:EFEPxYZH1+3QnkDX16NK

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/28279d17721bdce45111f8d62998dbf04cd943f5
unpack001/2cf29e0a699d82ee4f28980298e78ef94cc77150
unpack001/a16e0592db3cc83d4b0812488f4e9b22981a5a6f
unpack001/d64d38ce911755282bbfa48229b58eb441685b57
unpack001/e99c389381c0f95777400d950c4b913127a8fe60
unpack001/ed9a49796a1390d7af5ace3e270417053747f7cc

Files

309af970f2d957ae27f69d27d157c39da7a4419d7f99c53f757bb75a4766b19a
.zip

Password: infected
28279d17721bdce45111f8d62998dbf04cd943f5
.exe windows:5 windows x64 arch:x64

b19bd5d94428efcb26645e12191d96a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentProcess
HeapFree
WaitForSingleObject
VirtualFree
GetProcessHeap
IsBadReadPtr
ReadFile
HeapAlloc
GetProcAddress
VirtualAlloc
LoadLibraryA
VirtualProtect
CloseHandle
CreateThread
FreeLibrary
SetFilePointer
GetFileSize
GetLastError
CreateFileA
HeapReAlloc
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapSetInformation
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlPcToFileHeader
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle

Exports

Exports

StartWork

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
2cf29e0a699d82ee4f28980298e78ef94cc77150
.dll windows:5 windows x86 arch:x86

2a118b56ebc94288c86b4c6ef560d716

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
VirtualFree
GetProcessHeap
IsBadReadPtr
OpenProcess
Sleep
ReadFile
GetLastError
HeapFree
VirtualAlloc
SetFileAttributesA
LoadLibraryA
VirtualProtect
CloseHandle
GetCurrentProcessId
CreateThread
GetCurrentProcess
HeapAlloc
FreeLibrary
SetFilePointer
GetFileSize
GetProcAddress
CreateFileA
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
VirtualQuery

advapi32

SetServiceStatus
DuplicateTokenEx
RegisterServiceCtrlHandlerA
OpenProcessToken

shell32

SHCreateDirectoryExA
SHGetFolderPathA

Exports

Exports

MultiDesktop
ServiceMain

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
a16e0592db3cc83d4b0812488f4e9b22981a5a6f
.dll windows:5 windows x86 arch:x86

4e44468a5286af49936a893a10998af9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
HeapFree
WaitForSingleObject
VirtualFree
GetProcessHeap
IsBadReadPtr
OpenProcess
ReadFile
GetLastError
HeapAlloc
VirtualAlloc
SetFileAttributesA
LoadLibraryA
VirtualProtect
CloseHandle
GetCurrentProcessId
CreateThread
FreeLibrary
SetFilePointer
GetFileSize
GetProcAddress
CreateFileA
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
VirtualQuery

advapi32

DuplicateTokenEx
OpenProcessToken

shell32

SHCreateDirectoryExA
SHGetFolderPathA

Exports

Exports

MultiDesktop

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d64d38ce911755282bbfa48229b58eb441685b57
.dll windows:5 windows x86 arch:x86

4e44468a5286af49936a893a10998af9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
HeapFree
WaitForSingleObject
VirtualFree
GetProcessHeap
IsBadReadPtr
OpenProcess
ReadFile
GetLastError
HeapAlloc
VirtualAlloc
SetFileAttributesA
LoadLibraryA
VirtualProtect
CloseHandle
GetCurrentProcessId
CreateThread
FreeLibrary
SetFilePointer
GetFileSize
GetProcAddress
CreateFileA
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
VirtualQuery

advapi32

DuplicateTokenEx
OpenProcessToken

shell32

SHCreateDirectoryExA
SHGetFolderPathA

Exports

Exports

MultiDesktop

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
e99c389381c0f95777400d950c4b913127a8fe60
.dll windows:5 windows x86 arch:x86

2a118b56ebc94288c86b4c6ef560d716

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
VirtualFree
GetProcessHeap
IsBadReadPtr
OpenProcess
Sleep
ReadFile
GetLastError
HeapFree
VirtualAlloc
SetFileAttributesA
LoadLibraryA
VirtualProtect
CloseHandle
GetCurrentProcessId
CreateThread
GetCurrentProcess
HeapAlloc
FreeLibrary
SetFilePointer
GetFileSize
GetProcAddress
CreateFileA
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
VirtualQuery

advapi32

SetServiceStatus
DuplicateTokenEx
RegisterServiceCtrlHandlerA
OpenProcessToken

shell32

SHCreateDirectoryExA
SHGetFolderPathA

Exports

Exports

MultiDesktop
ServiceMain

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ed9a49796a1390d7af5ace3e270417053747f7cc
.dll windows:5 windows x86 arch:x86

2a118b56ebc94288c86b4c6ef560d716

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
VirtualFree
GetProcessHeap
IsBadReadPtr
OpenProcess
Sleep
ReadFile
GetLastError
HeapFree
VirtualAlloc
SetFileAttributesA
LoadLibraryA
VirtualProtect
CloseHandle
GetCurrentProcessId
CreateThread
GetCurrentProcess
HeapAlloc
FreeLibrary
SetFilePointer
GetFileSize
GetProcAddress
CreateFileA
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
VirtualQuery

advapi32

SetServiceStatus
DuplicateTokenEx
RegisterServiceCtrlHandlerA
OpenProcessToken

shell32

SHCreateDirectoryExA
SHGetFolderPathA

Exports

Exports

MultiDesktop
ServiceMain

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

b19bd5d94428efcb26645e12191d96a8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 5KB - Virtual size: 66KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1KB - Virtual size: 1KB

2a118b56ebc94288c86b4c6ef560d716

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 64KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

4e44468a5286af49936a893a10998af9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 64KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 5KB

4e44468a5286af49936a893a10998af9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 64KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 5KB

2a118b56ebc94288c86b4c6ef560d716

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

Exports

Exports

Sections

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 5KB - Virtual size: 66KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB