E:\Project\History\20220114-xj-eti-NO-vo\asm_loader\tmp_loader\Release\tmp_loader.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
7fb3963b426e9d732b11eec2e97b2326d799889722bad5c126d28fe26afb7a6d.dll
Resource
win7-20240220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
7fb3963b426e9d732b11eec2e97b2326d799889722bad5c126d28fe26afb7a6d.dll
Resource
win10v2004-20231215-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
7fb3963b426e9d732b11eec2e97b2326d799889722bad5c126d28fe26afb7a6d
-
Size
273KB
-
MD5
59379bccc85717a12c1bca2b3df34090
-
SHA1
55e89f458b5f5642300dd7c50b444232e37c3fa7
-
SHA256
7fb3963b426e9d732b11eec2e97b2326d799889722bad5c126d28fe26afb7a6d
-
SHA512
353064a9272378ba52da80746b31792327fa520548e90af40f76fcb4349f9d60f2e8078592f2895085e359715830ad30f0c7b701552eb5d95495e80b34589e75
-
SSDEEP
6144:jX2RlPHhKopwu1Jt+2p0VMYtrr2wlq9+b:CTZ98qCN
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7fb3963b426e9d732b11eec2e97b2326d799889722bad5c126d28fe26afb7a6d
Files
-
7fb3963b426e9d732b11eec2e97b2326d799889722bad5c126d28fe26afb7a6d.dll windows:6 windows x86 arch:x86
042b58bd54530ea40f624db7cd72f56b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
GetThreadPriorityBoost
GetNLSVersionEx
SetFileCompletionNotificationModes
GetEnvironmentVariableA
GetOverlappedResult
GetACP
GetPhysicallyInstalledSystemMemory
MultiByteToWideChar
CreateSemaphoreExA
FindNextVolumeMountPointW
GetDevicePowerState
SetThreadPriority
GetStartupInfoW
CreateMailslotW
IsNLSDefinedString
SetConsoleTitleA
WritePrivateProfileStringW
GetDynamicTimeZoneInformation
SetFileIoOverlappedRange
GlobalUnlock
DisconnectNamedPipe
VirtualUnlock
FlushInstructionCache
FlushFileBuffers
GetTempPathW
IsThreadAFiber
RaiseException
GetSystemFileCacheSize
SetTapePosition
GetThreadPreferredUILanguages
DeactivateActCtx
GetShortPathNameA
CreateSymbolicLinkTransactedW
GetNamedPipeHandleStateW
LCMapStringA
GetPrivateProfileIntW
GetConsoleOutputCP
VerifyVersionInfoW
CreateDirectoryA
GlobalUnfix
GetApplicationRestartSettings
GetStartupInfoA
SetThreadLocale
GetStdHandle
EnumSystemLanguageGroupsA
GetLogicalDriveStringsA
FillConsoleOutputCharacterW
FreeLibraryAndExitThread
AddSecureMemoryCacheCallback
FindFirstFileExA
GetHandleInformation
SetThreadPreferredUILanguages
ChangeTimerQueueTimer
GetLongPathNameW
SetLastError
GetNamedPipeClientSessionId
ApplicationRecoveryFinished
EnumUILanguagesW
lstrcmpiA
GetThreadLocale
RaiseFailFastException
FindVolumeMountPointClose
GetLongPathNameA
GetProcessHeaps
IsBadHugeWritePtr
SetDynamicTimeZoneInformation
GetComputerNameExW
BeginUpdateResourceW
BackupWrite
VerLanguageNameA
QueueUserAPC
DefineDosDeviceW
CreateThreadpoolCleanupGroup
SetFirmwareEnvironmentVariableW
SetVolumeLabelW
CreateJobSet
LocalLock
WriteProfileSectionA
RemoveDirectoryA
GetFirmwareEnvironmentVariableW
EnumSystemCodePagesW
LockFileEx
GetThreadGroupAffinity
GetConsoleDisplayMode
FreeUserPhysicalPages
SetComputerNameA
GetFullPathNameTransactedW
SetTimerQueueTimer
SetProcessWorkingSetSizeEx
VirtualProtectEx
GlobalGetAtomNameA
GetLongPathNameTransactedA
SetFileAttributesA
GetSystemDefaultLocaleName
VirtualAllocEx
EnumSystemLanguageGroupsW
DefineDosDeviceA
SetProcessAffinityUpdateMode
GetNumaHighestNodeNumber
PrepareTape
SetThreadpoolThreadMinimum
GetTempFileNameA
GetProcessVersion
FindClose
ResetEvent
SetFileApisToOEM
FindNLSStringEx
GetLocalTime
GetAtomNameA
SetThreadPriorityBoost
LoadLibraryA
OpenThread
OpenMutexA
WriteConsoleA
CreateWaitableTimerExW
ProcessIdToSessionId
GetProcessId
RegisterWaitForSingleObject
GetProcessWorkingSetSize
OpenWaitableTimerW
CreateFileMappingA
GetConsoleScreenBufferInfo
LocalAlloc
SetCalendarInfoW
SetUserGeoID
CreateTapePartition
IsWow64Process
WritePrivateProfileStringA
MoveFileA
CreateFileMappingW
GetLogicalProcessorInformation
CreateHardLinkW
FindFirstVolumeMountPointW
SetConsoleDisplayMode
LocaleNameToLCID
GetExitCodeThread
TransmitCommChar
LockResource
GetNumaNodeProcessorMaskEx
SetCurrentDirectoryW
GetProfileStringA
SetFileApisToANSI
PowerClearRequest
GetSystemPreferredUILanguages
QueryDosDeviceW
AddSIDToBoundaryDescriptor
GetDiskFreeSpaceA
PostQueuedCompletionStatus
WriteProfileSectionW
VirtualLock
FindNextChangeNotification
GlobalGetAtomNameW
ClosePrivateNamespace
SetProcessWorkingSetSize
HeapLock
RtlUnwind
GlobalHandle
SetCommMask
GetNumaProcessorNodeEx
ReadThreadProfilingData
GetPrivateProfileStructA
GetLongPathNameTransactedW
GetProductInfo
CreateActCtxA
SetNamedPipeHandleState
GetSystemInfo
CreatePipe
WaitForMultipleObjects
SetSystemTime
SetEnvironmentVariableA
ConvertDefaultLocale
GlobalWire
GetVolumePathNamesForVolumeNameA
GetModuleFileNameA
GetPrivateProfileSectionNamesA
FindNLSString
GetDefaultCommConfigA
FindNextFileA
WriteProfileStringA
SetConsoleCursorInfo
FlsGetValue
lstrcmpiW
DebugSetProcessKillOnExit
CreateIoCompletionPort
WaitCommEvent
SetConsoleTitleW
GetModuleHandleA
GetProcessShutdownParameters
EnumSystemGeoID
QueryMemoryResourceNotification
GetThreadId
ContinueDebugEvent
DebugBreakProcess
UpdateResourceW
GetFileMUIInfo
QueryProcessCycleTime
OpenFileMappingW
CreateMutexA
GetProcessAffinityMask
GetProcessGroupAffinity
CreateThreadpoolTimer
CancelTimerQueueTimer
FatalExit
ConvertThreadToFiberEx
EnumResourceNamesA
CallbackMayRunLong
GetStringTypeW
GetConsoleTitleW
RequestWakeupLatency
FillConsoleOutputAttribute
Wow64SetThreadContext
PurgeComm
GetCurrentDirectoryA
EnumDateFormatsW
GetFileAttributesExW
GetConsoleCursorInfo
WaitForDebugEvent
OpenEventW
AllocateUserPhysicalPagesNuma
QueryPerformanceFrequency
FatalAppExitA
SetFileAttributesTransactedA
PeekConsoleInputA
GetSystemRegistryQuota
WriteConsoleOutputAttribute
OutputDebugStringA
GetCurrentThreadId
GetCPInfoExA
SetCalendarInfoA
SetProcessShutdownParameters
GetFinalPathNameByHandleA
OpenSemaphoreW
GetConsoleScreenBufferInfoEx
OpenFileById
CreateSymbolicLinkW
MoveFileTransactedA
GetErrorMode
ReleaseMutex
SetFileShortNameA
EndUpdateResourceA
ReadConsoleInputW
TlsAlloc
TrySubmitThreadpoolCallback
GetThreadErrorMode
CloseHandle
GetWindowsDirectoryW
FileTimeToLocalFileTime
GetVolumeNameForVolumeMountPointW
DeleteTimerQueueTimer
EnumResourceLanguagesW
DeleteFileTransactedW
SetFileValidData
GetThreadTimes
MoveFileTransactedW
GetSystemFirmwareTable
ResetWriteWatch
FlsFree
CreateThreadpoolIo
ReadConsoleOutputCharacterW
SetThreadStackGuarantee
OpenFileMappingA
CheckRemoteDebuggerPresent
EnumCalendarInfoExA
LocalFree
FindNextVolumeA
FindStringOrdinal
GetSystemTime
TlsFree
GetConsoleSelectionInfo
GetProfileSectionW
SuspendThread
ResumeThread
LCMapStringW
CommConfigDialogW
DeleteFileA
CreateThread
GetTickCount64
lstrcpyA
LocalFileTimeToFileTime
SwitchToThread
GetThreadUILanguage
GetFileSize
VirtualFree
lstrcatA
VirtualAlloc
VirtualProtect
GetConsoleMode
HeapSize
OutputDebugStringW
HeapReAlloc
HeapAlloc
GetModuleFileNameW
WriteFile
GetOEMCP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetProcessHeap
WideCharToMultiByte
GetProcAddress
DecodePointer
EncodePointer
GetLastError
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineA
GetDllDirectoryA
SetComputerNameExW
CreateFileW
GetTimeZoneInformation
GetSystemDirectoryA
GetTimeFormatEx
ReadFile
IsDBCSLeadByte
EnumResourceLanguagesA
IsValidLanguageGroup
LocalHandle
GetUserPreferredUILanguages
QueryIdleProcessorCycleTimeEx
TerminateProcess
GetBinaryTypeA
WriteConsoleW
CreateProcessA
VerifyVersionInfoA
SetTimeZoneInformation
MulDiv
EnumTimeFormatsEx
SetConsoleCursorPosition
GetTapePosition
CreateSemaphoreA
GetWriteWatch
Beep
GetVolumePathNamesForVolumeNameW
HeapValidate
GetConsoleAliasW
SetDllDirectoryA
GetComputerNameExA
GetExitCodeProcess
DnsHostnameToComputerNameW
HeapCreate
GetNumaNodeNumberFromHandle
GetStringTypeExW
DeleteVolumeMountPointW
CreatePrivateNamespaceW
MapUserPhysicalPagesScatter
WriteConsoleOutputA
QueryIdleProcessorCycleTime
GetSystemTimeAdjustment
FormatMessageW
ReadConsoleOutputW
GetSystemWindowsDirectoryA
GetConsoleWindow
GetProcessHandleCount
CreateEventA
EnumResourceTypesExA
IsBadCodePtr
ReadProcessMemory
GetCalendarInfoA
Wow64DisableWow64FsRedirection
FreeConsole
GetCalendarInfoW
_hread
GetPrivateProfileStructW
GetThreadSelectorEntry
ReadConsoleInputA
EnumLanguageGroupLocalesA
InitializeCriticalSectionAndSpinCount
SwitchToFiber
IsProcessInJob
TerminateThread
GetNumberFormatEx
IsValidLocale
LocalShrink
VirtualFreeEx
GlobalFindAtomA
GetFirmwareEnvironmentVariableA
GetVolumeInformationA
SetFileShortNameW
AddRefActCtx
EnumResourceTypesExW
GetConsoleCP
GetActiveProcessorGroupCount
FindResourceExA
OpenProcess
GetEnvironmentStrings
AllocateUserPhysicalPages
GetCurrencyFormatW
GetVolumePathNameW
GetPriorityClass
TlsSetValue
GetProcessTimes
WaitForMultipleObjectsEx
SetProcessPriorityBoost
GetCurrencyFormatEx
TzSpecificLocalTimeToSystemTime
CreateActCtxW
RegisterApplicationRestart
SetCommTimeouts
WriteFileGather
GetSystemWow64DirectoryA
EnumTimeFormatsW
GetDateFormatA
EnumTimeFormatsA
CancelDeviceWakeupRequest
VirtualQueryEx
ClearCommBreak
GetUILanguageInfo
GetCurrencyFormatA
GetFullPathNameTransactedA
EnumUILanguagesA
CreateWaitableTimerExA
GetGeoInfoW
GetWindowsDirectoryA
CreateRemoteThread
SetFileTime
FormatMessageA
ReadConsoleW
GetConsoleTitleA
GetPrivateProfileStringW
GetNumberFormatA
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
EscapeCommFunction
GetConsoleAliasesLengthA
IsBadReadPtr
FindNextVolumeMountPointA
GenerateConsoleCtrlEvent
GetCurrentThread
CreateNamedPipeW
GetCommConfig
ReadDirectoryChangesW
GetNamedPipeClientComputerNameW
MoveFileWithProgressA
SetTapeParameters
_lcreat
SetSystemFileCacheSize
_lclose
FreeEnvironmentStringsA
GetFileAttributesExA
BackupSeek
NeedCurrentDirectoryForExePathA
CallNamedPipeW
ConnectNamedPipe
GetCommProperties
GetSystemDefaultLCID
LockFile
SleepEx
CreateBoundaryDescriptorW
FindFirstFileExW
FlushViewOfFile
GetNumaAvailableMemoryNode
FlushConsoleInputBuffer
SetEvent
GetTimeFormatA
GetComputerNameW
SetVolumeMountPointW
SetComputerNameW
SignalObjectAndWait
WaitForSingleObject
SetProcessDEPPolicy
GetProfileStringW
GlobalLock
GetModuleHandleExW
CreateBoundaryDescriptorA
CreateHardLinkTransactedA
HeapFree
GetEnvironmentStringsW
GetSystemDEPPolicy
CreateJobObjectW
SetEnvironmentVariableW
GetConsoleOriginalTitleA
SetFirmwareEnvironmentVariableA
GetSystemWindowsDirectoryW
SetDefaultCommConfigW
GlobalSize
GetCurrentConsoleFontEx
WritePrivateProfileSectionA
SetFilePointerEx
CompareFileTime
FindFirstFileTransactedW
ScrollConsoleScreenBufferW
ZombifyActCtx
GetCurrentActCtx
SetEnvironmentStringsW
GetCalendarInfoEx
CopyFileTransactedA
GetCurrentProcess
WaitNamedPipeA
GetNumberOfConsoleMouseButtons
ReadConsoleA
SetConsoleTextAttribute
user32
CreatePopupMenu
SetMenu
EnumPropsExW
SetLayeredWindowAttributes
GetLastInputInfo
GetGestureConfig
DdeImpersonateClient
EnumWindowStationsW
GetCaretPos
LoadAcceleratorsA
LoadStringW
GetMenuStringA
GetMenuItemInfoA
ShutdownBlockReasonDestroy
SendMessageCallbackW
GetCursorPos
GetSysColor
GetDesktopWindow
DlgDirSelectComboBoxExW
DestroyCaret
SendMessageTimeoutA
GrayStringW
TabbedTextOutA
GetIconInfoExW
DdeConnectList
DestroyCursor
GetListBoxInfo
RegisterDeviceNotificationW
SetWindowLongW
GetDlgItem
IsWindowUnicode
ChangeClipboardChain
LoadCursorFromFileW
SetClassLongA
MapVirtualKeyExW
SetWindowsHookA
EmptyClipboard
EnableMenuItem
PeekMessageA
GetDCEx
CreateWindowExA
SetUserObjectSecurity
InSendMessageEx
SystemParametersInfoW
GetWindowTextW
TileWindows
GetWindowLongA
UnregisterClassA
DdeCreateDataHandle
GetAncestor
MapVirtualKeyExA
GetGestureExtraArgs
CharLowerA
AppendMenuW
GetWindowLongW
CreateWindowStationA
CreateAcceleratorTableA
LookupIconIdFromDirectoryEx
SetCursorPos
CharUpperBuffA
GetRegisteredRawInputDevices
DdeUninitialize
UnionRect
GetScrollInfo
OemToCharA
FlashWindowEx
CheckMenuRadioItem
MapVirtualKeyA
GetAsyncKeyState
DragDetect
RegisterClipboardFormatA
TrackPopupMenuEx
GetKeyboardLayout
SetLastErrorEx
SetWinEventHook
SetPropA
DisplayConfigGetDeviceInfo
CreateDialogIndirectParamW
IsCharAlphaNumericW
GetMenuItemRect
ChangeDisplaySettingsExA
OpenWindowStationA
GetWindowTextA
GetWindowModuleFileNameA
OffsetRect
GetGUIThreadInfo
CalculatePopupWindowPosition
LoadIconW
RegisterClassExW
GetWindowWord
LockSetForegroundWindow
GetMenu
SetDlgItemInt
CreateDialogIndirectParamA
GetForegroundWindow
SetSysColors
TranslateMessage
DrawFocusRect
WindowFromPhysicalPoint
GetDC
GetUpdateRect
GetIconInfo
WinHelpA
DrawTextExA
DlgDirListA
GetKeyboardLayoutNameW
InsertMenuItemW
GetMonitorInfoA
GetDoubleClickTime
SetWindowWord
CharLowerW
AnyPopup
SetScrollRange
DdeFreeStringHandle
GetClassInfoExW
PtInRect
EnumWindows
BeginPaint
EnumClipboardFormats
RegisterWindowMessageA
DdeQueryStringW
SetRectEmpty
GetMenuItemInfoW
DrawEdge
GetWindowTextLengthA
IsProcessDPIAware
GrayStringA
CharPrevA
CreateAcceleratorTableW
GetIconInfoExA
CreateMenu
BroadcastSystemMessageExW
GetClientRect
SetParent
WindowFromPoint
EnumDisplaySettingsExW
MenuItemFromPoint
FindWindowExA
DrawIcon
CharLowerBuffW
LogicalToPhysicalPoint
wsprintfA
OpenDesktopW
OpenInputDesktop
LoadMenuIndirectW
DdeKeepStringHandle
CharPrevW
GetClipboardFormatNameA
IsWindowEnabled
DefFrameProcA
CharPrevExA
EnumWindowStationsA
SetPhysicalCursorPos
GetWindowInfo
RemovePropA
GetGuiResources
LoadCursorW
InvalidateRgn
LoadIconA
CreateDesktopA
IsWinEventHookInstalled
LoadMenuA
GetMouseMovePointsEx
ChildWindowFromPointEx
AttachThreadInput
CancelShutdown
CreateDesktopExW
TrackMouseEvent
GetParent
IsClipboardFormatAvailable
AnimateWindow
CreateWindowStationW
DialogBoxParamW
GetFocus
CopyImage
SetDoubleClickTime
CloseWindowStation
ReplyMessage
GetWindowModuleFileNameW
ReuseDDElParam
DrawIconEx
DialogBoxIndirectParamW
GetKeyState
DrawTextA
TabbedTextOutW
IsZoomed
DdeDisconnectList
KillTimer
PostMessageW
SetCapture
RegisterShellHookWindow
GetTopWindow
GetPhysicalCursorPos
ChangeDisplaySettingsExW
DdeAbandonTransaction
GetMessageExtraInfo
DdeGetLastError
GetClassInfoExA
IsChild
DdeCreateStringHandleW
IsIconic
VkKeyScanExA
ShowWindowAsync
TrackPopupMenu
CharNextW
MonitorFromPoint
RegisterClassExA
GetMessageW
OpenDesktopA
InsertMenuItemA
CreateDialogParamA
MapDialogRect
PostThreadMessageA
LockWorkStation
CharUpperBuffW
LoadMenuIndirectA
DdeReconnect
OpenIcon
IsCharUpperA
ToAsciiEx
ShowOwnedPopups
UnloadKeyboardLayout
EndPaint
CopyAcceleratorTableW
ClientToScreen
DrawAnimatedRects
DlgDirListComboBoxW
SwapMouseButton
DrawCaption
GetClipboardFormatNameW
DestroyWindow
InternalGetWindowText
SetWindowPlacement
keybd_event
OemToCharW
DdeSetQualityOfService
GetWindowTextLengthW
SetUserObjectInformationW
GetMessageA
ChangeWindowMessageFilter
InvertRect
DlgDirSelectExW
GetClassNameA
GetSysColorBrush
SendMessageTimeoutW
IsCharLowerW
IsDlgButtonChecked
SetWindowsHookW
CreateDialogParamW
DrawMenuBar
FreeDDElParam
WindowFromDC
UnregisterTouchWindow
EnableScrollBar
AppendMenuA
GetMenuItemCount
FindWindowExW
PostMessageA
ClipCursor
RegisterRawInputDevices
DdeQueryStringA
BroadcastSystemMessageA
GetCursor
GetMenuInfo
SetWindowsHookExW
EqualRect
SetCaretBlinkTime
OpenClipboard
SetProcessDefaultLayout
UnhookWindowsHookEx
DeferWindowPos
DdeClientTransaction
DefMDIChildProcA
DdeConnect
MessageBoxIndirectW
SystemParametersInfoA
ScrollWindowEx
GetClipboardViewer
DisableProcessWindowsGhosting
GetSystemMetrics
SetCaretPos
AllowSetForegroundWindow
InsertMenuA
GetDisplayConfigBufferSizes
DdeNameService
RegisterClipboardFormatW
SetWindowTextA
PrintWindow
CloseWindow
ValidateRgn
SetClipboardData
LoadKeyboardLayoutA
AdjustWindowRect
FindWindowA
LoadCursorA
GetDlgCtrlID
GetDlgItemTextA
DialogBoxParamA
SetClassWord
PhysicalToLogicalPoint
VkKeyScanW
GetDlgItemInt
IsMenu
MapVirtualKeyW
SetWindowRgn
EnumDisplayDevicesW
GetSystemMenu
SetTimer
RealChildWindowFromPoint
HideCaret
RemovePropW
DispatchMessageW
ToUnicodeEx
GetKeyboardLayoutNameA
MoveWindow
SetMessageExtraInfo
SetProcessWindowStation
ChangeMenuW
ScreenToClient
LoadKeyboardLayoutW
SetClipboardViewer
PaintDesktop
ToUnicode
UnpackDDElParam
ExcludeUpdateRgn
DestroyIcon
EnumDisplayDevicesA
DrawFrameControl
SetMessageQueue
SetMenuItemInfoW
WinHelpW
GetPropW
GetScrollPos
RegisterHotKey
ModifyMenuA
InSendMessage
GetKeyboardLayoutList
CheckMenuItem
GetClipboardOwner
CopyRect
mouse_event
SoundSentry
DdeFreeDataHandle
VkKeyScanA
CallMsgFilterA
RegisterDeviceNotificationA
ActivateKeyboardLayout
DefFrameProcW
OemToCharBuffA
GetWindowThreadProcessId
IsCharAlphaNumericA
MonitorFromRect
LoadCursorFromFileA
EnumThreadWindows
GetShellWindow
GetNextDlgGroupItem
advapi32
CryptSetHashParam
CreateServiceW
CryptGetHashParam
GetSidIdentifierAuthority
GetCurrentHwProfileA
OpenServiceA
SetAclInformation
LookupPrivilegeNameW
IsValidAcl
RegCopyTreeA
AccessCheckByTypeResultListAndAuditAlarmByHandleA
CryptExportKey
CryptAcquireContextW
AccessCheckByTypeAndAuditAlarmA
ObjectOpenAuditAlarmA
CreateProcessWithLogonW
DeleteService
OpenThreadToken
CryptSetProvParam
TreeResetNamedSecurityInfoW
RegLoadAppKeyW
OpenEventLogW
SetEntriesInAclA
CryptVerifySignatureW
StartServiceCtrlDispatcherW
LogonUserW
AccessCheckByTypeAndAuditAlarmW
RegQueryReflectionKey
SetNamedSecurityInfoA
OpenBackupEventLogW
GetUserNameW
SetSecurityDescriptorControl
DeleteAce
GetEffectiveRightsFromAclW
GetMultipleTrusteeA
CryptHashSessionKey
SetSecurityDescriptorGroup
CryptDeriveKey
EnumServicesStatusA
CryptSetKeyParam
BuildTrusteeWithObjectsAndNameA
RegQueryMultipleValuesW
RegLoadAppKeyA
RegOpenUserClassesRoot
GetSidSubAuthorityCount
RegDeleteKeyValueA
ChangeServiceConfig2A
RegEnableReflectionKey
RegOverridePredefKey
GetSecurityDescriptorRMControl
CryptDuplicateHash
BuildTrusteeWithSidA
LookupPrivilegeNameA
RegDeleteKeyExW
GetMultipleTrusteeW
RegisterServiceCtrlHandlerExW
LookupAccountNameA
AddAccessAllowedAceEx
ControlServiceExA
RegEnumKeyW
GetTrusteeTypeW
GetKernelObjectSecurity
EncryptionDisable
RegDisablePredefinedCache
QueryServiceConfig2W
BuildTrusteeWithNameW
CryptGetKeyParam
RegSetValueExA
RegCreateKeyExW
QueryServiceLockStatusA
NotifyServiceStatusChangeA
BuildSecurityDescriptorA
FreeInheritedFromArray
EnumDependentServicesA
BuildSecurityDescriptorW
RegQueryValueExA
AddAccessDeniedObjectAce
EqualPrefixSid
EnumServicesStatusExA
CreatePrivateObjectSecurityWithMultipleInheritance
CryptReleaseContext
RegCreateKeyTransactedA
RegQueryInfoKeyW
DeregisterEventSource
RegDeleteKeyA
ObjectDeleteAuditAlarmW
BuildImpersonateExplicitAccessWithNameW
PrivilegeCheck
InitiateShutdownA
CryptSignHashA
RegDeleteKeyW
LookupSecurityDescriptorPartsA
RegSaveKeyW
RegLoadMUIStringW
AddAccessDeniedAce
StartServiceA
AdjustTokenGroups
LookupAccountNameW
CryptSignHashW
AddAuditAccessObjectAce
IsTokenRestricted
GetEventLogInformation
BuildTrusteeWithObjectsAndNameW
LookupPrivilegeValueA
RegisterServiceCtrlHandlerExA
AbortSystemShutdownA
CloseEncryptedFileRaw
CryptSetProviderA
GetNumberOfEventLogRecords
TreeSetNamedSecurityInfoW
RegCreateKeyExA
ReportEventA
ImpersonateSelf
GetSecurityDescriptorLength
CryptAcquireContextA
LookupPrivilegeDisplayNameA
RegOpenKeyExA
CreatePrivateObjectSecurityEx
QueryServiceObjectSecurity
ChangeServiceConfig2W
LookupAccountSidW
QuerySecurityAccessMask
RegGetKeySecurity
StartServiceW
AddConditionalAce
RegConnectRegistryExW
CryptSetProviderW
CryptEnumProviderTypesW
ObjectCloseAuditAlarmW
WriteEncryptedFileRaw
QueryRecoveryAgentsOnEncryptedFile
ImpersonateLoggedOnUser
BuildTrusteeWithSidW
RegConnectRegistryW
NotifyBootConfigStatus
RegOpenKeyTransactedW
FileEncryptionStatusA
CryptGenRandom
SetKernelObjectSecurity
InitializeAcl
RegDeleteValueA
RegDeleteTreeW
RegCreateKeyTransactedW
RegGetValueW
BackupEventLogA
SetServiceStatus
CryptEncrypt
RegOpenCurrentUser
SetSecurityDescriptorOwner
GetAuditedPermissionsFromAclA
RegDeleteKeyValueW
ReadEventLogW
CryptCreateHash
IsTokenUntrusted
GetServiceDisplayNameW
SetSecurityInfo
SetEntriesInAclW
RegEnumValueA
RegLoadKeyA
IsValidSid
RegSetKeySecurity
CryptEnumProvidersA
GetMultipleTrusteeOperationA
ClearEventLogA
ObjectDeleteAuditAlarmA
InitializeSid
FileEncryptionStatusW
GetTrusteeNameA
GetSecurityDescriptorSacl
SetFileSecurityA
QueryServiceConfigA
CryptVerifySignatureA
CryptSetProviderExW
MakeSelfRelativeSD
RegDeleteKeyExA
RegNotifyChangeKeyValue
BuildExplicitAccessWithNameA
ObjectPrivilegeAuditAlarmW
GetUserNameA
BuildExplicitAccessWithNameW
RegisterServiceCtrlHandlerW
GetCurrentHwProfileW
GetFileSecurityA
IsValidSecurityDescriptor
AddAccessDeniedAceEx
SetUserFileEncryptionKey
GetInheritanceSourceW
DecryptFileA
RegOpenKeyA
OpenEventLogA
SetSecurityDescriptorSacl
AbortSystemShutdownW
RegFlushKey
QueryServiceConfig2A
RegEnumKeyExW
CryptDecrypt
AreAnyAccessesGranted
FreeEncryptionCertificateHashList
RegDisablePredefinedCacheEx
RegConnectRegistryA
GetAuditedPermissionsFromAclW
GetWindowsAccountDomainSid
FindFirstFreeAce
QueryUsersOnEncryptedFile
ReadEventLogA
CryptGetUserKey
TreeResetNamedSecurityInfoA
QueryServiceConfigW
SetPrivateObjectSecurity
LogonUserExA
EqualDomainSid
PrivilegedServiceAuditAlarmW
CloseEventLog
OpenEncryptedFileRawW
GetExplicitEntriesFromAclA
RegUnLoadKeyW
GetEffectiveRightsFromAclA
shell32
Shell_NotifyIconA
CommandLineToArgvW
SHBindToParent
SHInvokePrinterCommandW
SHCreateQueryCancelAutoPlayMoniker
ord23
SHEmptyRecycleBinA
DragFinish
ord49
SHGetIconOverlayIndexW
SHOpenWithDialog
SHGetDiskFreeSpaceExA
SHGetDataFromIDListW
ord709
SHGetFolderPathA
SHCreateDefaultContextMenu
Shell_GetCachedImageIndexW
ord66
ord239
DragQueryPoint
ShellAboutA
ord165
SHGetPathFromIDListEx
ord155
ord9
SHGetKnownFolderPath
ExtractIconExW
SHGetFolderLocation
SHSetDefaultProperties
ord59
ord25
SHGetInstanceExplorer
ord191
SHCreateItemInKnownFolder
SHCreateShellItemArray
SHGetPathFromIDListW
SHRemoveLocalizedName
ord90
ord180
ord137
SHGetPathFromIDListA
SHGetPropertyStoreForWindow
ord189
SHCreateAssociationRegistration
ord63
SHCreateDirectoryExA
DragAcceptFiles
ExtractIconA
ord750
ExtractAssociatedIconExW
SHGetFileInfoW
ord43
ShellExecuteExA
SHGetFolderPathW
InitNetworkAddressControl
ord136
SHBindToFolderIDListParentEx
SHCreateProcessAsUserW
ord73
ord92
SHQueryRecycleBinW
SHLoadInProc
ord169
ord153
SHGetItemFromDataObject
SHCreateShellItemArrayFromDataObject
DuplicateIcon
ord193
ord71
SHAddToRecentDocs
ord24
SHGetDriveMedia
SHGetFileInfoA
ord231
ord644
SHFileOperationA
ord196
ord176
SHEmptyRecycleBinW
SHPathPrepareForWriteW
Shell_NotifyIconGetRect
ord83
ord154
SHFormatDrive
ord19
SHResolveLibrary
ord747
ExtractIconExA
DoEnvironmentSubstA
Shell_NotifyIconW
ExtractAssociatedIconExA
ord179
SHBrowseForFolderW
SHFileOperationW
ord689
SHCreateDirectoryExW
SHGetPropertyStoreFromParsingName
ord41
GetCurrentProcessExplicitAppUserModelID
SHGetIDListFromObject
ShellExecuteA
ord89
SHCreateDefaultPropertiesOp
ord167
ord190
ord42
ord526
ord18
ord100
SHGetItemFromObject
ord716
SHCreateDataObject
SHCreateDefaultExtractIcon
ord27
ord524
ord232
ord688
ord168
ord654
ord730
SHAssocEnumHandlers
SHCreateItemFromRelativeName
SHSetLocalizedName
ord75
SHBrowseForFolderA
SHLoadNonloadedIconOverlayIdentifiers
SHAppBarMessage
SHGetDesktopFolder
Shell_GetCachedImageIndexA
ord162
FindExecutableA
ord64
DragQueryFileA
ExtractIconW
ord171
ord98
ord240
SHGetStockIconInfo
setupapi
SetupDiGetINFClassA
SetupDiGetHwProfileListExW
SetupFindNextLine
SetupSetFileQueueFlags
SetupDiSetDeviceInstallParamsA
SetupInitDefaultQueueCallback
SetupDiGetClassPropertyW
SetupDiSetClassRegistryPropertyW
SetupSetDirectoryIdW
SetupDiClassNameFromGuidExA
SetupDiGetDeviceInstallParamsW
SetupRemoveFileLogEntryW
SetupSetSourceListW
SetupDiEnumDeviceInterfaces
SetupSetFileQueueAlternatePlatformW
SetupDiGetSelectedDriverA
SetupDiClassGuidsFromNameExW
SetupQueryDrivesInDiskSpaceListW
SetupPromptForDiskW
SetupDiGetHwProfileFriendlyNameA
SetupQueueDeleteSectionW
SetupDiDeleteDeviceInterfaceRegKey
SetupDiGetDeviceInterfaceDetailA
SetupQuerySourceListW
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsW
SetupDiGetCustomDevicePropertyW
SetupQueryInfOriginalFileInformationW
SetupQueryInfFileInformationA
SetupDiGetClassImageListExA
SetupDiGetClassInstallParamsA
SetupDiGetClassPropertyKeysExW
SetupDiGetActualSectionToInstallW
SetupGetInfPublishedNameW
SetupDefaultQueueCallbackA
SetupDiGetClassDevsW
SetupDiDeleteDeviceInfo
SetupDiDestroyClassImageList
SetupDiClassNameFromGuidExW
SetupDiOpenDevRegKey
SetupIterateCabinetW
SetupCopyOEMInfW
SetupQueueDefaultCopyA
SetupSetDirectoryIdA
SetupDiSetDeviceRegistryPropertyW
SetupDiInstallDeviceInterfaces
SetupDiGetDriverInfoDetailA
SetupDiGetActualSectionToInstallExA
SetupAddToDiskSpaceListA
SetupWriteTextLogInfLine
SetupDiGetSelectedDriverW
SetupGetStringFieldW
SetupLogErrorA
SetupOpenInfFileA
SetupDiGetActualSectionToInstallA
SetupSetDirectoryIdExA
SetupDiInstallClassExW
SetupAddInstallSectionToDiskSpaceListA
SetupDecompressOrCopyFileW
SetupDiEnumDriverInfoW
SetupDiGetActualModelsSectionA
SetupVerifyInfFileW
SetupDiCreateDeviceInterfaceA
SetupQueueRenameSectionA
SetupDiDeleteDevRegKey
SetupGetSourceFileLocationW
SetupSetFileQueueAlternatePlatformA
SetupQuerySourceListA
SetupDiGetDeviceInstanceIdA
SetupScanFileQueueW
SetupGetSourceFileSizeW
SetupDiGetClassImageListExW
SetupVerifyInfFileA
SetupDiSetDevicePropertyW
SetupGetBackupInformationA
SetupDiGetDriverInstallParamsA
SetupDiCreateDeviceInfoListExW
SetupSetPlatformPathOverrideW
SetupQueueDefaultCopyW
SetupDiGetCustomDevicePropertyA
SetupDiClassNameFromGuidA
SetupDiUnremoveDevice
SetupCloseFileQueue
SetupGetBinaryField
SetupDiGetHwProfileFriendlyNameW
SetupDiBuildClassInfoList
SetupQueueDeleteW
SetupDiSetDriverInstallParamsW
SetupDiClassGuidsFromNameExA
SetupGetTargetPathA
SetupGetSourceInfoA
SetupDiGetHwProfileFriendlyNameExA
SetupDiOpenDeviceInterfaceA
SetupCreateDiskSpaceListW
SetupDiBuildClassInfoListExW
SetupRemoveFileLogEntryA
SetupDiSetSelectedDriverA
SetupDiGetClassPropertyExW
SetupCopyErrorW
SetupGetLineByIndexW
SetupRemoveFromDiskSpaceListA
SetupDiGetClassBitmapIndex
SetupDestroyDiskSpaceList
SetupDiEnumDeviceInfo
SetupGetInfDriverStoreLocationA
SetupGetSourceFileLocationA
SetupDiGetDeviceRegistryPropertyW
SetupDiDeleteDeviceInterfaceData
SetupDiOpenDeviceInfoA
SetupDiGetDeviceInfoListClass
SetupDecompressOrCopyFileA
SetupDiOpenClassRegKeyExW
SetupInstallFileW
SetupDiSetClassPropertyW
SetupUninstallOEMInfA
SetupFindNextMatchLineA
SetupDiSetClassRegistryPropertyA
SetupDiSelectDevice
SetupGetFileQueueCount
SetupDiCreateDeviceInfoListExA
SetupDiClassNameFromGuidW
SetupGetMultiSzFieldA
SetupDiInstallDevice
SetupDiRegisterDeviceInfo
SetupCloseInfFile
SetupDiCreateDeviceInfoW
InstallHinfSectionA
SetupOpenFileQueue
SetupFreeSourceListW
SetupDiClassGuidsFromNameW
SetupDiGetHwProfileListExA
SetupCommitFileQueueA
SetupDiCreateDeviceInfoList
SetupQueueCopyA
SetupDiCreateDevRegKeyW
SetupDiDestroyDriverInfoList
SetupBackupErrorA
SetupDiGetClassDescriptionExA
SetupPrepareQueueForRestoreA
SetupDiGetClassPropertyKeys
SetupDiGetClassDescriptionA
SetupDiSelectBestCompatDrv
SetupInstallServicesFromInfSectionA
SetupEnumInfSectionsW
SetupRemoveSectionFromDiskSpaceListA
SetupDiSetClassInstallParamsA
SetupInstallFileA
SetupFreeSourceListA
SetupDiGetClassDevsExW
SetupQueueCopySectionA
SetupRemoveSectionFromDiskSpaceListW
SetupQuerySpaceRequiredOnDriveW
SetupGetFieldCount
SetupGetSourceFileSizeA
SetupCommitFileQueueW
SetupDiOpenClassRegKeyExA
SetupDiDrawMiniIcon
SetupPrepareQueueForRestoreW
SetupGetFileCompressionInfoA
SetupTerminateFileLog
SetupAddToDiskSpaceListW
SetupAdjustDiskSpaceListW
SetupDiGetClassDevPropertySheetsW
SetupQueryDrivesInDiskSpaceListA
SetupSetDirectoryIdExW
SetupGetLineTextW
SetupDiSetDriverInstallParamsA
SetupOpenAppendInfFileW
InstallHinfSectionW
SetupDiCancelDriverInfoSearch
SetupScanFileQueueA
SetupDuplicateDiskSpaceListW
SetupDiGetDevicePropertyKeys
SetupQueueDeleteA
rpcrt4
RpcAsyncRegisterInfo
NdrVaryingArrayFree
RpcServerInqBindingHandle
RpcEpUnregister
NDRSContextMarshallEx
NdrFixedArrayFree
RpcNetworkIsProtseqValidW
I_RpcSend
NdrComplexArrayUnmarshall
NdrContextHandleInitialize
NdrPointerFree
I_RpcNsBindingSetEntryNameA
I_RpcMapWin32Status
NdrInterfacePointerUnmarshall
NDRSContextUnmarshall
RpcNetworkInqProtseqsW
NdrSimpleStructFree
RpcBindingInqAuthClientExW
RpcServerTestCancel
RpcMgmtEpEltInqNextA
NdrPointerUnmarshall
RpcErrorSaveErrorInfo
RpcErrorStartEnumeration
RpcServerUseProtseqEpA
NdrVaryingArrayMemorySize
NdrConformantVaryingStructMemorySize
NdrComplexStructUnmarshall
NdrComplexArrayBufferSize
NdrInterfacePointerBufferSize
I_RpcAllocate
RpcSmDestroyClientContext
NdrConformantStructFree
NdrConvert2
NdrFixedArrayBufferSize
I_RpcDeleteMutex
I_RpcSendReceive
IUnknown_AddRef_Proxy
RpcServerUseProtseqEpW
NdrPointerMemorySize
NdrEncapsulatedUnionMemorySize
I_RpcServerStartService
RpcServerRegisterAuthInfoA
NdrPartialIgnoreClientBufferSize
NdrComplexArrayMemorySize
I_RpcFree
RpcEpRegisterNoReplaceA
RpcAsyncInitializeHandle
RpcBindingInqAuthInfoA
RpcMgmtInqServerPrincNameW
NdrClientContextUnmarshall
RpcServerUnregisterIf
I_RpcBindingCreateNP
RpcErrorEndEnumeration
I_RpcRequestMutex
NdrNsSendReceive
NdrRpcSmClientAllocate
RpcServerUnsubscribeForNotification
RpcExceptionFilter
RpcSsDisableAllocate
I_RpcBindingInqWireIdForSnego
RpcMgmtIsServerListening
RpcBindingInqAuthClientExA
I_RpcFreePipeBuffer
RpcBindingSetAuthInfoExA
NdrConformantArrayFree
RpcServerYield
NdrStubCall
NdrUserMarshalMarshall
NDRSContextUnmarshallEx
NdrConformantStringUnmarshall
RpcSsGetContextBinding
NDRCContextBinding
RpcBindingCreateA
I_RpcPauseExecution
NdrFullPointerXlatFree
NdrRpcSsDefaultAllocate
RpcEpRegisterA
IUnknown_Release_Proxy
RpcServerRegisterAuthInfoW
RpcServerRegisterIf2
RpcMgmtInqComTimeout
I_RpcExceptionFilter
NdrRpcSmSetClientToOsf
NdrEncapsulatedUnionMarshall
NdrSimpleStructMemorySize
I_RpcBindingInqTransportType
RpcServerUseAllProtseqs
RpcBindingInqAuthInfoW
NdrNonConformantStringMemorySize
RpcMgmtInqDefaultProtectLevel
I_RpcGetBufferWithObject
RpcUserFree
RpcBindingInqAuthInfoExA
RpcErrorClearInformation
NdrConformantArrayUnmarshall
NdrByteCountPointerBufferSize
RpcNetworkIsProtseqValidA
RpcStringFreeW
RpcSsDestroyClientContext
RpcSmGetThreadHandle
NdrByteCountPointerFree
RpcServerUseAllProtseqsEx
NdrNonEncapsulatedUnionBufferSize
I_RpcSsDontSerializeContext
NdrConformantVaryingArrayUnmarshall
NdrPartialIgnoreServerUnmarshall
I_RpcSessionStrictContextHandle
RpcProtseqVectorFreeW
RpcBindingFree
I_RpcNsInterfaceUnexported
NdrConformantVaryingStructBufferSize
NdrXmitOrRepAsFree
RpcSmClientFree
NdrConformantStringBufferSize
NdrClientInitialize
NDRSContextMarshall
RpcObjectInqType
I_RpcServerSetAddressChangeFn
NdrConformantStructMemorySize
RpcErrorGetNextRecord
I_RpcIfInqTransferSyntaxes
NdrComplexStructFree
RpcErrorGetNumberOfRecords
RpcServerUseProtseqIfExW
NdrXmitOrRepAsBufferSize
RpcServerUseProtseqW
NdrServerInitializePartial
RpcTestCancel
RpcMgmtStopServerListening
RpcEpRegisterW
RpcBindingInqObject
RpcSsSetClientAllocFree
NdrCreateServerInterfaceFromStub
NdrVaryingArrayMarshall
NdrOleAllocate
RpcSsContextLockExclusive
I_RpcBindingIsClientLocal
RpcBindingSetOption
RpcMgmtInqServerPrincNameA
RpcAsyncAbortCall
RpcBindingInqAuthClientW
RpcMgmtWaitServerListen
RpcServerUseProtseqIfW
NdrNonConformantStringMarshall
RpcSsSetThreadHandle
I_RpcBindingHandleToAsyncHandle
NdrUserMarshalUnmarshall
NdrUserMarshalBufferSize
NdrServerInitialize
NdrFixedArrayUnmarshall
I_UuidCreate
RpcServerUseAllProtseqsIfEx
NdrSimpleStructMarshall
RpcGetAuthorizationContextForClient
NdrNsGetBuffer
NdrUserMarshalSimpleTypeConvert
RpcObjectSetType
RpcServerInqBindings
NdrInterfacePointerFree
RpcBindingCreateW
UuidToStringA
NdrEncapsulatedUnionUnmarshall
NdrPartialIgnoreClientMarshall
I_RpcServerUseProtseq2W
RpcMgmtEnableIdleCleanup
NdrVaryingArrayBufferSize
I_RpcBindingInqSecurityContext
RpcEpRegisterNoReplaceW
NdrUserMarshalFree
I_RpcReallocPipeBuffer
I_RpcNegotiateTransferSyntax
NdrSimpleTypeMarshall
NdrFixedArrayMemorySize
RpcSmSetClientAllocFree
I_RpcBindingCopy
NdrOleFree
RpcAsyncCompleteCall
NdrServerContextNewUnmarshall
NdrServerMarshall
NdrConformantArrayBufferSize
NdrComplexStructMemorySize
NdrAllocate
NdrContextHandleSize
RpcServerRegisterIf
NdrEncapsulatedUnionFree
I_RpcBindingInqMarshalledTargetInfo
RpcMgmtInqStats
NDRCContextUnmarshall
NdrClientInitializeNew
RpcServerRegisterIfEx
RpcServerInqDefaultPrincNameA
RpcRaiseException
RpcMgmtInqIfIds
NdrEncapsulatedUnionBufferSize
NdrCorrelationPass
NdrFixedArrayMarshall
NdrNonConformantStringUnmarshall
I_RpcServerUseProtseqEp2W
I_RpcServerInqTransportType
RpcSmSetThreadHandle
RpcBindingInqOption
RpcBindingSetObject
RpcServerInqCallAttributesA
NdrConformantArrayMarshall
RpcServerCompleteSecurityCallback
RpcServerSubscribeForNotification
NdrNonEncapsulatedUnionFree
NdrMapCommAndFaultStatus
NdrAsyncServerCall
RpcAsyncCancelCall
comctl32
ImageList_DragShowNolock
ord331
ord334
ord2
ord5
ImageList_Copy
ord6
DestroyPropertySheetPage
InitializeFlatSB
DrawStatusTextW
ord15
PropertySheetW
ImageList_Destroy
ord330
ImageList_Merge
ImageList_DrawIndirect
ord17
ImageList_SetIconSize
ImageList_DragEnter
ImageList_Add
ImageList_DragLeave
ImageList_SetBkColor
ImageList_Replace
ord336
ImageList_GetDragImage
ImageList_BeginDrag
ord4
ImageList_LoadImageA
ord329
ord333
ord324
InitCommonControlsEx
ord328
ord340
FlatSB_SetScrollRange
ImageList_GetIconSize
ImageList_LoadImageW
FlatSB_GetScrollPos
ImageList_GetImageInfo
ImageList_ReplaceIcon
ord320
ord410
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetImageCount
FlatSB_GetScrollRange
ImageList_Remove
ord9
ord13
FlatSB_SetScrollPos
CreatePropertySheetPageW
ord16
CreateToolbarEx
ord8
InitMUILanguage
PropertySheetA
mpr
WNetAddConnectionA
WNetGetUniversalNameW
WNetGetNetworkInformationW
WNetDisconnectDialog1A
WNetGetConnectionW
WNetGetResourceParentW
WNetCloseEnum
WNetUseConnectionW
MultinetGetConnectionPerformanceW
WNetGetProviderNameW
version
GetFileVersionInfoSizeW
GetFileVersionInfoSizeExW
GetFileVersionInfoW
VerFindFileW
msimg32
GradientFill
TransparentBlt
AlphaBlend
Exports
Exports
InitHooks
SetClientVerdict
SetShuttingDownHint
Sections
.text Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 173KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ