d:\PCGMR_BUILD\Cim\CiSrc\pdfconverter\pdfconverter\product\win32\dbginfo\pdfconverter.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5dec5a4a462c565da55370c0b1cef96eb707052ae8ada0edebbee41de6d94e4b.exe
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
5dec5a4a462c565da55370c0b1cef96eb707052ae8ada0edebbee41de6d94e4b.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
5dec5a4a462c565da55370c0b1cef96eb707052ae8ada0edebbee41de6d94e4b
-
Size
4.3MB
-
MD5
f817c3e9d8dcd068adedfba548b5fe99
-
SHA1
fd69e0c7457cfab09af20eddcfd544976c50dd65
-
SHA256
5dec5a4a462c565da55370c0b1cef96eb707052ae8ada0edebbee41de6d94e4b
-
SHA512
ff375d57a5fa5eef16bb95c4ed45c2186c34b25cf5ccfd1855b373d57be49fef3de95c4da16f4da148942d9ffcec0f913019573650b0260471b3eb7f92c924e0
-
SSDEEP
98304:RWmb68/+vK+YGTemn12JGoZVEd74blXO:RYBTn4JGoPEA
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5dec5a4a462c565da55370c0b1cef96eb707052ae8ada0edebbee41de6d94e4b
Files
-
5dec5a4a462c565da55370c0b1cef96eb707052ae8ada0edebbee41de6d94e4b.exe windows:4 windows x86 arch:x86
8b16e5404279983361d1651417761e5f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
freeimageplus
??1fipMemoryIO@@UAE@XZ
?getFileType@fipMemoryIO@@QBE?AW4FREE_IMAGE_FORMAT@@XZ
?loadFromMemory@fipImage@@QAEHAAVfipMemoryIO@@H@Z
?getWidth@fipImage@@QBEIXZ
?getHeight@fipImage@@QBEIXZ
?rescale@fipImage@@QAEHIIW4FREE_IMAGE_FILTER@@@Z
??0fipWinImage@@QAE@W4FREE_IMAGE_TYPE@@III@Z
??1fipWinImage@@UAE@XZ
?saveU@fipImage@@QBEHPB_WH@Z
?isValid@fipWinImage@@UBEHXZ
?clear@fipWinImage@@UAEXXZ
??0fipMemoryIO@@QAE@PAEK@Z
kernel32
VerifyVersionInfoW
LoadLibraryExW
GlobalFree
GlobalUnlock
DeleteCriticalSection
GetFileAttributesW
GlobalLock
GlobalAlloc
lstrcmpiW
OpenProcess
TerminateProcess
SetFilePointer
LocalFree
WriteFile
LocalAlloc
GetExitCodeThread
SetEvent
CreateEventW
WaitForMultipleObjects
WaitForSingleObject
WritePrivateProfileStringW
ResetEvent
DeleteFileW
GetCommandLineW
RemoveDirectoryW
CopyFileW
MoveFileW
CreateThread
SystemTimeToFileTime
CreateDirectoryW
FindFirstFileW
FindNextFileW
FindClose
ExpandEnvironmentStringsW
ReadProcessMemory
CreateToolhelp32Snapshot
Process32FirstW
Module32FirstW
Process32NextW
GetLogicalDriveStringsW
QueryDosDeviceW
GetModuleHandleW
InterlockedCompareExchange
OpenMutexW
ReleaseMutex
GetTempPathW
GetComputerNameA
GetDiskFreeSpaceExW
CreateProcessW
GetCurrentDirectoryW
SetCurrentDirectoryW
FileTimeToSystemTime
GetFileTime
SystemTimeToTzSpecificLocalTime
VerSetConditionMask
GetTickCount
InterlockedIncrement
CreateMutexW
Sleep
GetCurrentProcessId
FindResourceW
GetPrivateProfileStringW
SizeofResource
GetSystemTime
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
SwitchToFiber
DeleteFiber
LoadResource
GetModuleHandleExW
InterlockedExchangeAdd
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetEnvironmentVariableW
GetFileType
PeekNamedPipe
GetStdHandle
DuplicateHandle
TerminateThread
FormatMessageW
SleepEx
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
LockResource
GetProcAddress
FreeResource
FreeLibrary
CreateFileW
LeaveCriticalSection
GetFileSize
RaiseException
GetLocalTime
FindResourceExW
ReadFile
EnterCriticalSection
OutputDebugStringW
CloseHandle
GetPrivateProfileIntW
GetVersionExW
InitializeCriticalSection
SetLastError
GetModuleFileNameW
lstrlenA
GetCurrentThreadId
InterlockedDecrement
MultiByteToWideChar
FlushInstructionCache
GetWindowsDirectoryW
GetCurrentProcess
GetLastError
InterlockedExchange
WideCharToMultiByte
lstrlenW
LoadLibraryW
GetSystemDirectoryW
GetVersion
user32
GetDlgCtrlID
MapWindowPoints
BeginPaint
SetCursor
EnableWindow
ShowWindow
GetFocus
LoadCursorW
IsChild
EndPaint
GetWindowThreadProcessId
GetNextDlgTabItem
FindWindowW
GetForegroundWindow
SendMessageW
UpdateLayeredWindow
KillTimer
IsDialogMessageW
SetCapture
SystemParametersInfoW
LoadImageW
SetWindowPos
OffsetRect
ReleaseCapture
AttachThreadInput
LoadIconW
GetCursorPos
SetForegroundWindow
DestroyIcon
GetActiveWindow
PostMessageW
IsWindowVisible
CallWindowProcW
GetDC
EqualRect
IsWindowEnabled
DestroyWindow
MonitorFromWindow
ScreenToClient
PeekMessageW
ReleaseDC
DrawTextW
GetMonitorInfoW
IsWindow
IsRectEmpty
CopyRect
GetMessageW
TranslateMessage
DefWindowProcW
DispatchMessageW
PostThreadMessageW
RegisterWindowMessageW
InflateRect
GetClassInfoExW
wsprintfW
IsIconic
CharNextW
LoadBitmapW
GetWindowRect
DrawIconEx
SwitchToThisWindow
GetWindow
GetParent
IntersectRect
CreateWindowExW
MoveWindow
GetDlgItem
PtInRect
SetFocus
GetAsyncKeyState
FillRect
GetClientRect
UnregisterClassA
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW
SetRectEmpty
ClientToScreen
GetDesktopWindow
RegisterClassExW
InvalidateRect
SetActiveWindow
GetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetTimer
GetLastActivePopup
SetWindowLongW
SetRect
BringWindowToTop
gdi32
CreateSolidBrush
SetStretchBltMode
CreateCompatibleBitmap
CreateBitmap
StretchBlt
CreateFontIndirectW
DeleteObject
Rectangle
SelectObject
SetTextColor
SetBkMode
CreateCompatibleDC
ExtCreatePen
GetCurrentObject
SelectClipRgn
SetViewportOrgEx
GetClipRgn
ExtSelectClipRgn
GetStockObject
RoundRect
GetObjectW
GetViewportOrgEx
OffsetRgn
GetDeviceCaps
SaveDC
CreateRectRgnIndirect
CreatePen
GetTextColor
SetDIBColorTable
RectInRegion
CreateDIBSection
DeleteDC
MoveToEx
CombineRgn
CreateRoundRectRgn
RestoreDC
CreateRectRgn
TextOutW
SetBkColor
GetTextExtentPoint32W
ExtTextOutW
LineTo
BitBlt
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
CryptGetProvParam
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW
RegOpenKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
CryptEnumProvidersW
CryptDestroyKey
CryptGetUserKey
CryptExportKey
CryptDestroyHash
CryptSignHashW
CryptSetHashParam
CryptCreateHash
CryptDecrypt
shell32
SHCreateDirectoryExW
ShellExecuteExW
Shell_NotifyIconW
SHBrowseForFolderW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHFileOperationW
DragAcceptFiles
DragQueryFileW
CommandLineToArgvW
ord680
ShellExecuteW
SHGetFolderPathW
ole32
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoUninitialize
oleaut32
SysAllocStringLen
VarUI4FromStr
SysFreeString
shlwapi
PathFileExistsW
PathRemoveFileSpecW
StrToIntA
StrToIntW
PathFindFileNameW
PathAppendW
StrStrIW
PathIsDirectoryW
StrCmpLogicalW
PathFindExtensionW
PathAddBackslashW
msvcp80
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEHPB_WH@Z
??0?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?str@?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??_D?$basic_stringstream@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHPB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
comctl32
InitCommonControlsEx
_TrackMouseEvent
msimg32
AlphaBlend
gdiplus
GdipDeletePrivateFontCollection
GdipDeleteFontFamily
GdipGetFontSize
GdipCreateLineBrushFromRectWithAngleI
GdipSetClipPath
GdipNewPrivateFontCollection
GdipFree
GdipCreatePen1
GdipAddPathStringI
GdipMeasureString
GdipSetSmoothingMode
GdipDisposeImageAttributes
GdipGetFamily
GdipCreateImageAttributes
GdipDeleteBrush
GdipDrawLinesI
GdipSetPixelOffsetMode
GdipCreateFontFromLogfontW
GdipAddPathRectangleI
GdipSetInterpolationMode
GdipDeleteFont
GdipCloneBrush
GdiplusStartup
GdipGetImageGraphicsContext
GdipFillPath
GdipClosePathFigure
GdipDeletePen
GdipCreateFont
GdipCreateBitmapFromScan0
GdipAddPathPieI
GdipRotateWorldTransform
GdipLoadImageFromFile
GdipAddPathArcI
GdiplusShutdown
GdipCreateBitmapFromStream
GdipDrawString
GdipDeletePath
GdipCloneImage
GdipSetTextRenderingHint
GdipCreatePath
GdipDrawPath
GdipDisposeImage
GdipSetStringFormatTrimming
GdipGetImagePixelFormat
GdipLoadImageFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImagePointsRectI
GdipImageRotateFlip
GdipCloneBitmapArea
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipSetPenDashStyle
GdipSetPenEndCap
GdipDeleteGraphics
GdipSetImageAttributesColorMatrix
GdipGraphicsClear
GdipSetPenStartCap
GdipCreateFromHDC
GdipPrivateAddFontFile
GdipDrawImageRectI
GdipCreateStringFormat
GdipSetPenMode
GdipGetFontCollectionFamilyCount
GdipCreateSolidFill
GdipDrawImageI
GdipDeleteStringFormat
GdipAlloc
GdipDrawImageRectRectI
GdipDrawLine
GdipFillRectangle
GdipSetStringFormatFlags
GdipDrawImageRectRect
GdipGetFontCollectionFamilyList
GdipSetStringFormatAlign
GdipGetImageHeight
GdipSetCompositingQuality
GdipDrawRectangleI
GdipCloneFontFamily
GdipFillRectangleI
GdipSetStringFormatLineAlign
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipAddPathEllipseI
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
msvcr80
iswspace
strchr
isspace
strncmp
wcspbrk
_wcsnicmp
wcsncmp
setlocale
_wtoi64
_wstat32
_wstat64
_snwprintf_s
strcpy_s
_wfindfirst64i32
_wfindnext64i32
_findclose
wcstok
_get_errno
_mktime64
_vsnwprintf
_localtime64_s
_wtol
__CxxFrameHandler3
_CxxThrowException
sprintf_s
strpbrk
sprintf
sscanf
__argv
fgetws
fputws
fflush
?terminate@@YAXXZ
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_stricmp
__iob_func
strcpy
realloc
strtol
isdigit
strncpy
__sys_nerr
strrchr
strerror
strstr
toupper
strtoul
isxdigit
_strtoi64
memchr
_errno
fputs
fgets
fopen
_putenv
_lseeki64
_fstat64
_gmtime64
getenv
_stat64
qsort
clearerr
setbuf
_fstat64i32
_fileno
_stat64i32
strerror_s
_setmode
feof
_strnicmp
strspn
_vsnprintf
raise
_strdup
_gmtime64_s
strcspn
signal
_open
_read
_close
_configthreadlocale
isalpha
tolower
isalnum
fprintf
ftell
_vsnprintf_s
ferror
fputc
memmove
strcat
fseek
fwrite
memcmp
fclose
fread
_wfopen
_mbsinc
wcscat
wcscat_s
_resetstkoflw
_wcsupr_s
_mbsstr
??8type_info@@QBE_NABV0@@Z
_time64
rand
_wcsicmp
srand
_wcslwr_s
wcsncpy_s
wcstol
_waccess
_beginthreadex
__wargv
__argc
printf
free
_wtoi
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
calloc
??2@YAPAXI@Z
wcschr
swprintf_s
_mbscmp
strlen
_recalloc
memmove_s
abs
labs
_mbsicmp
_invalid_parameter_noinfo
vswprintf_s
?what@exception@std@@UBEPBDXZ
memset
??_V@YAXPAX@Z
ceil
_vscwprintf
vsprintf_s
floor
_vscprintf
wcsrchr
wcscpy_s
_wtof
_mbschr
memcpy_s
wcslen
??0exception@std@@QAE@ABV01@@Z
wcsstr
wcsspn
memcpy
??0exception@std@@QAE@XZ
wcscmp
strcmp
wcscspn
atoi
malloc
__RTDynamicCast
_purecall
??3@YAXPAX@Z
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
ws2_32
socket
bind
setsockopt
getsockname
getsockopt
ntohs
htons
select
ioctlsocket
WSASetLastError
WSACleanup
gethostbyname
inet_ntoa
accept
listen
sendto
recvfrom
__WSAFDIsSet
send
WSAStartup
inet_addr
connect
WSAGetLastError
closesocket
recv
winmm
timeGetTime
crypt32
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertOpenStore
CertGetCertificateContextProperty
CertFreeCertificateContext
CertDuplicateCertificateContext
Exports
Exports
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
Sections
.text Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 684KB - Virtual size: 683KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 64KB - Virtual size: 82KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE