fc06c6d9567ab75bd919e99709798270_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fc06c6d9567ab75bd919e99709798270_JaffaCakes118
Size

1.5MB
MD5

fc06c6d9567ab75bd919e99709798270
SHA1

1edbe360300f9aab619e2f23ca74a9595843204d
SHA256

8ce29cca5742cea8b4b2cbed42a4c99bc46f6c9de0b4481710273b596a26f293
SHA512

5e2accc244a44c840fb086569f15c4e3d1d05339f6e913b2ca46c35e3d3b477a9cb868a266335b7500fc0f34e03538f5a5de054fb8f8462023423878009e7f91
SSDEEP

24576:4yIifmSCrkWqTnLNSrrGlBEyJ3ya+Lr2F8dHUE/vkSkrn9Lc6Za3ezmvG:4villNSrrGIyJkCMvkn7YeSvG

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CSVExportor/LocoyCommon.dll
unpack001/CSVExportor/LocoyDBOperator.dll
unpack001/CSVExportor/LocoyListView.dll
unpack001/CSVExportor/MaxToCode.dll
unpack001/CSVExportor/MySql.Data.dll
unpack001/CSVExportor/System.Data.SQLite.DLL
unpack001/CSVExportor/本地数据库导出CSV小工具.exe

Files

fc06c6d9567ab75bd919e99709798270_JaffaCakes118
.rar
CSVExportor/LocoyCommon.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 736KB - Virtual size: 736KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CSVExportor/LocoyDBOperator.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CSVExportor/LocoyListView.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CSVExportor/MaxToCode.dll
.dll windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

Exports

Exports

A6F86D2D67D9403eA725820C4EF210A2
A6F92A92B69B4082AB0F9C7A9C1FF10C
CheckRuntime
EC1DB9C1620C48588C4701045B242FA9
GetCpuID
GetCpuIDW
GetDiskID
GetDiskIDW
GetMacID
GetMacIDW
GetModuleBase
MainDLL
_CorExeMain

Sections

.text
Size: 104KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CSVExportor/MySql.Data.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 200KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CSVExportor/System.Data.SQLite.DLL
.dll windows:5 windows x86 arch:x86

a07175faecc286fae03a9ef79415acd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameW
GetFullPathNameA
CreateFileA
GetFileSize
SetFilePointer
VirtualQuery
SetEndOfFile
FreeLibrary
InterlockedIncrement
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
GetTickCount
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
Sleep
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
MultiByteToWideChar
FlushFileBuffers
GetTempPathW
GetLastError
SetLastError
GetProcAddress
LockFileEx
EnterCriticalSection
LoadLibraryA
DeviceIoControl
GetModuleHandleA
DeleteCriticalSection
GetCurrentThreadId
GetVersionExA
CloseHandle
DeleteFileW
GetCurrentProcessId
GetTempPathA
GetSystemTime
DeleteFileA
LocalAlloc
InterlockedExchange
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetStdHandle
GetModuleFileNameA
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

__CorDllMainStub@12
_sqlite3_aggregate_context_interop@8
_sqlite3_aggregate_count_interop@4
_sqlite3_bind_blob_interop@20
_sqlite3_bind_double_interop@12
_sqlite3_bind_int64_interop@12
_sqlite3_bind_int_interop@12
_sqlite3_bind_null_interop@8
_sqlite3_bind_parameter_count_interop@4
_sqlite3_bind_parameter_index_interop@8
_sqlite3_bind_parameter_name_interop@12
_sqlite3_bind_text16_interop@20
_sqlite3_bind_text_interop@20
_sqlite3_busy_handler_interop@12
_sqlite3_busy_timeout_interop@8
_sqlite3_changes_interop@4
_sqlite3_close_interop@4
_sqlite3_column_blob_interop@8
_sqlite3_column_bytes16_interop@8
_sqlite3_column_bytes_interop@8
_sqlite3_column_count_interop@4
_sqlite3_column_database_name16_interop@12
_sqlite3_column_database_name_interop@12
_sqlite3_column_decltype16_interop@12
_sqlite3_column_decltype_interop@12
_sqlite3_column_double_interop@12
_sqlite3_column_int64_interop@12
_sqlite3_column_int_interop@8
_sqlite3_column_name16_interop@12
_sqlite3_column_name_interop@12
_sqlite3_column_origin_name16_interop@12
_sqlite3_column_origin_name_interop@12
_sqlite3_column_table_name16_interop@12
_sqlite3_column_table_name_interop@12
_sqlite3_column_text16_interop@12
_sqlite3_column_text_interop@12
_sqlite3_column_type_interop@8
_sqlite3_commit_hook_interop@8
_sqlite3_complete16_interop@4
_sqlite3_complete_interop@4
_sqlite3_compressfile@4
_sqlite3_create_collation16_interop@24
_sqlite3_create_collation_interop@24
_sqlite3_create_function16_interop@32
_sqlite3_create_function_interop@32
_sqlite3_cursor_rowid@12
_sqlite3_data_count_interop@4
_sqlite3_decompressfile@4
_sqlite3_detach_all_interop@4
_sqlite3_errcode_interop@4
_sqlite3_errmsg_interop@8
_sqlite3_errmsg_stmt_interop@8
_sqlite3_exec_interop@24
_sqlite3_finalize_interop@4
_sqlite3_free_interop@4
_sqlite3_free_table_interop@4
_sqlite3_function_free_callbackcookie@4
_sqlite3_get_table_interop@28
_sqlite3_index_column_info_interop@32
_sqlite3_interrupt_interop@4
_sqlite3_key_interop@12
_sqlite3_last_insert_rowid_interop@4
_sqlite3_libversion_interop@4
_sqlite3_libversion_number_interop@0
_sqlite3_open16_interop@8
_sqlite3_open_interop@8
_sqlite3_prepare16_interop@24
_sqlite3_prepare_interop@24
_sqlite3_rekey_interop@12
_sqlite3_reset_interop@4
_sqlite3_result_blob_interop@16
_sqlite3_result_double_interop@8
_sqlite3_result_error16_interop@12
_sqlite3_result_error_interop@12
_sqlite3_result_int64_interop@8
_sqlite3_result_int_interop@8
_sqlite3_result_null_interop@4
_sqlite3_result_text16_interop@16
_sqlite3_result_text_interop@16
_sqlite3_rollback_hook_interop@8
_sqlite3_sleep_interop@4
_sqlite3_step_interop@4
_sqlite3_table_column_metadata_interop@44
_sqlite3_table_cursor@12
_sqlite3_table_hascheckconstraints@16
_sqlite3_total_changes_interop@4
_sqlite3_update_hook_interop@8
_sqlite3_value_blob_interop@4
_sqlite3_value_bytes16_interop@4
_sqlite3_value_bytes_interop@4
_sqlite3_value_double_interop@8
_sqlite3_value_int64_interop@8
_sqlite3_value_int_interop@4
_sqlite3_value_text16_interop@8
_sqlite3_value_text_interop@8
_sqlite3_value_type_interop@4
sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_handle
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_key
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_load_extension
sqlite3_malloc
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_rekey
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_sql
sqlite3_step
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf

Sections

.text
Size: 441KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.clr
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CSVExportor/如程序无法运行请点击下载.NET.url
CSVExportor/新云软件.url
.url
CSVExportor/本地数据库导出CSV小工具.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 736KB - Virtual size: 736KB

.sdata Size: 116KB - Virtual size: 116KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 544KB - Virtual size: 544KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 60KB - Virtual size: 60KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 44KB - Virtual size: 44KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 40KB - Virtual size: 40KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 32KB - Virtual size: 32KB

2eabe9054cad5152567f0699947a2c5b

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 228KB

.rsrc Size: 20KB - Virtual size: 17KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 628KB

.data Size: 452KB - Virtual size: 452KB

.data Size: 4KB - Virtual size: 4KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 200KB - Virtual size: 198KB

.rsrc Size: 4KB - Virtual size: 992B

.reloc Size: 4KB - Virtual size: 12B

a07175faecc286fae03a9ef79415acd1

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 441KB - Virtual size: 441KB

.rdata Size: 47KB - Virtual size: 47KB

.data Size: 4KB - Virtual size: 8KB

.clr Size: 148KB - Virtual size: 148KB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 15KB - Virtual size: 14KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

.text
Size: 736KB - Virtual size: 736KB

.sdata
Size: 116KB - Virtual size: 116KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 544KB - Virtual size: 544KB

.text
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 44KB - Virtual size: 44KB

.text
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 32KB - Virtual size: 32KB

.text
Size: 104KB - Virtual size: 228KB

.rsrc
Size: 20KB - Virtual size: 17KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 628KB

.data
Size: 452KB - Virtual size: 452KB

.data
Size: 4KB - Virtual size: 4KB

.text
Size: 200KB - Virtual size: 198KB

.rsrc
Size: 4KB - Virtual size: 992B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 441KB - Virtual size: 441KB

.rdata
Size: 47KB - Virtual size: 47KB

.data
Size: 4KB - Virtual size: 8KB

.clr
Size: 148KB - Virtual size: 148KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 15KB - Virtual size: 14KB

.text
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 36KB - Virtual size: 36KB