D:\ipanel\cvs2033\tools\taskmgr\Debug\taskmgr.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0e64a9b4e721d1e1975d8f45ed97724fc7edc598a5d7afd7f4bb4177d731fd66.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
0e64a9b4e721d1e1975d8f45ed97724fc7edc598a5d7afd7f4bb4177d731fd66.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
0e64a9b4e721d1e1975d8f45ed97724fc7edc598a5d7afd7f4bb4177d731fd66
-
Size
6.3MB
-
MD5
0059183740d39dc7e38f458fe52c600b
-
SHA1
41531b2b947c1290d120fdbb71ed7887e257b02b
-
SHA256
0e64a9b4e721d1e1975d8f45ed97724fc7edc598a5d7afd7f4bb4177d731fd66
-
SHA512
bebde812941df43f1e60597280910f99fe061488e7dae54fc107ff0960f693a7cec94ee3c2f3381fbb6a391c62142fa68bb0f7932932df1d0ab141f63e847c6f
-
SSDEEP
98304:i2bOv/jw9/Om5ITexuOGR01lYZcUMLAJRB0gb45jpJvwqbdUnlmc:iMOXjD01CZcTbvPbdUlm
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0e64a9b4e721d1e1975d8f45ed97724fc7edc598a5d7afd7f4bb4177d731fd66
Files
-
0e64a9b4e721d1e1975d8f45ed97724fc7edc598a5d7afd7f4bb4177d731fd66.exe windows:5 windows x86 arch:x86
2c0cba654be36f28f2c99b792b1c452d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
MapViewOfFile
OpenFileMappingA
FileTimeToLocalFileTime
OpenEventA
LockResource
SizeofResource
UnmapViewOfFile
CreateFileMappingA
GetShortPathNameA
LoadResource
WideCharToMultiByte
GetTickCount
SetLastError
DeactivateActCtx
GetLastError
ActivateActCtx
GetProcAddress
LoadLibraryA
GetModuleHandleA
SetThreadPriority
GetThreadPriority
ResumeThread
SuspendThread
FreeResource
FindResourceA
GlobalFree
GlobalUnlock
GlobalLock
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeLibrary
lstrcmpW
GetVersionExA
MultiByteToWideChar
LoadLibraryW
CompareStringA
lstrlenA
GetModuleFileNameA
GetCurrentProcessId
LocalFree
FormatMessageA
GlobalAlloc
GlobalSize
CopyFileA
lstrlenW
MulDiv
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetLocaleInfoA
GetCurrentThread
lstrcmpA
GetModuleHandleW
InterlockedExchange
CloseHandle
WaitForSingleObject
SetEvent
CreateEventA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
lstrcpyA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
SetErrorMode
GetAtomNameA
VirtualProtect
GetProfileIntA
GlobalFlags
GetACP
GetCPInfo
GetOEMCP
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetCurrentDirectoryA
FileTimeToSystemTime
SystemTimeToFileTime
GetThreadLocale
DeleteFileA
GetHandleInformation
DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
MoveFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
lstrcmpiA
FindResourceW
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetFileAttributesExA
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
GetTempFileNameA
GetTempPathA
FindResourceExW
GetWindowsDirectoryA
GetNumberFormatA
SearchPathA
Sleep
GetDiskFreeSpaceA
ReplaceFileA
GetUserDefaultLCID
PulseEvent
ResetEvent
InitializeCriticalSectionAndSpinCount
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
ReleaseMutex
WaitForMultipleObjects
LocalUnlock
LocalLock
RtlUnwind
DecodePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
RaiseException
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapValidate
IsBadReadPtr
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
CreateThread
ExitThread
SetStdHandle
GetFileType
GetStdHandle
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
FatalAppExitA
SetConsoleCtrlHandler
IsValidCodePage
IsProcessorFeaturePresent
GetTimeZoneInformation
SetHandleCount
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
GetLocaleInfoW
GetStringTypeW
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode
GetProcessHeap
IsValidLocale
EnumSystemLocalesA
CreateFileW
SetEnvironmentVariableA
user32
CloseClipboard
SetClipboardData
LoadImageW
CopyImage
GetIconInfo
UnregisterClassA
SetClassLongA
SetCursorPos
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
DrawIconEx
CopyAcceleratorTableA
CharNextA
LoadAcceleratorsW
LoadImageA
DestroyIcon
GetMenuBarInfo
ReuseDDElParam
TranslateAcceleratorA
LoadAcceleratorsA
UpdateLayeredWindow
MonitorFromPoint
CharUpperA
MessageBeep
UnpackDDElParam
GetClipboardFormatNameA
GetDialogBaseUnits
RealChildWindowFromPoint
ReleaseCapture
SetRectEmpty
GetAsyncKeyState
DestroyMenu
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoA
MapVirtualKeyA
GetKeyNameTextA
WaitMessage
SetCursor
GetMessageA
TranslateMessage
PostQuitMessage
GetWindowThreadProcessId
GetCursorPos
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
GetMenuCheckMarkDimensions
RegisterWindowMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
MonitorFromWindow
GetMonitorInfoA
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetKeyState
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
EmptyClipboard
SetMenu
GetMenu
GetMessageTime
GetMessagePos
DrawTextExA
SetWindowPos
EndDialog
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
OpenIcon
CloseWindow
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowLongA
MapDialogRect
EnableWindow
NotifyWinEvent
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetParent
IsChild
GetLastActivePopup
GetWindow
GetTopWindow
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
GetTabbedTextExtentA
GrayStringA
ScrollDC
CreateMenu
DlgDirListComboBoxA
DlgDirListA
IsIconic
IsZoomed
IsWindowUnicode
GetMessageW
DispatchMessageW
GetDesktopWindow
GetFocus
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
DispatchMessageA
PeekMessageA
GetSystemMetrics
IsWindow
LoadBitmapW
GetClassNameA
SendMessageA
GetSysColorBrush
LoadBitmapA
WindowFromDC
ExcludeUpdateRgn
FillRect
FrameRect
InvertRect
DrawIcon
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
TabbedTextOutA
DefWindowProcA
DrawTextA
SubtractRect
UnionRect
IntersectRect
InflateRect
SetRect
ArrangeIconicWindows
SetWindowRgn
GetWindowRgn
BringWindowToTop
GetWindowRect
GetClientRect
MapWindowPoints
ClientToScreen
ScreenToClient
BeginPaint
CreatePopupMenu
IsMenu
DeleteMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetMenuItemInfoA
SetMenuItemInfoA
GetSubMenu
InsertMenuA
InsertMenuItemA
ModifyMenuA
RemoveMenu
SetMenuItemBitmaps
LoadMenuA
LoadMenuW
LoadMenuIndirectA
SetMenuContextHelpId
GetMenuContextHelpId
CheckMenuRadioItem
PostMessageA
DragDetect
DrawMenuBar
GetSystemMenu
GetTabbedTextExtentW
MsgWaitForMultipleObjectsEx
DestroyCursor
EnumChildWindows
InSendMessage
MapVirtualKeyExA
IsCharLowerA
GetDoubleClickTime
IsClipboardFormatAvailable
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
CharUpperBuffA
IsRectEmpty
CopyIcon
OffsetRect
PtInRect
SetWindowLongA
RegisterClipboardFormatA
HiliteMenuItem
gdi32
GetTextExtentPoint32W
GetTextExtentPointA
DeleteMetaFile
SetDIBColorTable
GetDIBits
GetSystemPaletteEntries
EnumFontFamiliesExA
CreateDIBSection
StretchDIBits
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesA
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetLayout
GetLayout
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
MoveToEx
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
RestoreDC
SaveDC
DeleteDC
CopyMetaFileA
SetBkColor
SetTextColor
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatA
GetCharABCWidthsFloatA
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetGlyphOutlineA
GetKerningPairsA
GetFontData
GetCharABCWidthsA
GetOutlineTextMetricsA
ResetDCA
GetBoundsRect
SetBoundsRect
Escape
GetAspectRatioFilterEx
GetCharacterPlacementA
GetFontLanguageInfo
GetCharWidthA
GetTextCharacterExtra
GetTextMetricsA
GetTextFaceA
GetTextAlign
GetTextExtentPoint32A
ExtTextOutA
TextOutA
ExtFloodFill
FloodFill
SetPixel
GetPixel
StretchBlt
BitBlt
PatBlt
RoundRect
Rectangle
PolyPolygon
Polygon
Pie
Ellipse
Chord
Polyline
Arc
GetCurrentPositionEx
RectVisible
PtVisible
PaintRgn
InvertRgn
FrameRgn
FillRgn
LPtoDP
DPtoLP
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetViewportOrgEx
GetWorldTransform
GetGraphicsMode
GetMapMode
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetBkColor
UpdateColors
RealizePalette
GetNearestColor
SelectObject
EnumObjects
SetBrushOrgEx
GetBrushOrgEx
GetDeviceCaps
CreateCompatibleDC
CreateICA
CreateDCA
RectInRegion
PtInRegion
GetRgnBox
OffsetRgn
EqualRgn
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateBitmap
CreateFontA
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
DeleteObject
GetObjectA
msimg32
AlphaBlend
GradientFill
TransparentBlt
comdlg32
GetFileTitleA
winspool.drv
GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter
advapi32
OpenThreadToken
RevertToSelf
SetThreadToken
RegCloseKey
RegSetValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyExA
RegOpenKeyExW
shell32
ExtractIconA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetSpecialFolderLocation
ShellExecuteExA
SHAppBarMessage
ShellExecuteA
DragAcceptFiles
SHGetFileInfoA
SHAddToRecentDocs
DragQueryFileA
DragFinish
comctl32
InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ImageList_Remove
ImageList_GetIcon
ImageList_GetImageCount
ImageList_DrawEx
shlwapi
PathRemoveExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathFindExtensionA
PathStripToRootA
ole32
CoInitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoRegisterMessageFilter
OleDuplicateData
CoTaskMemFree
CreateBindCtx
CoDisconnectObject
StringFromGUID2
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
OleRun
CreateStreamOnHGlobal
OleIsCurrentClipboard
OleSetClipboard
OleFlushClipboard
DoDragDrop
PropVariantCopy
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoGetMalloc
CreateFileMoniker
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
OleSetMenuDescriptor
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
OleCreate
OleLoad
OleSave
StgIsStorageILockBytes
GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
CreateGenericComposite
CreateItemMoniker
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
GetClassFile
OleQueryLinkFromData
OleQueryCreateFromData
CoUninitialize
CoInitializeEx
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
ReleaseStgMedium
CoTaskMemAlloc
OleRegGetMiscStatus
OleRegEnumVerbs
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
OleIsRunning
oleaut32
SafeArrayGetElemsize
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayGetDim
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
SystemTimeToVariantTime
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantInit
SafeArrayPtrOfIndex
VariantClear
VariantChangeType
oledlg
ord4
ord9
ord5
ord6
ord7
ord3
ord8
gdiplus
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipGetImageGraphicsContext
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
ws2_32
shutdown
listen
ioctlsocket
bind
getsockopt
getsockname
getpeername
sendto
recvfrom
WSAGetLastError
WSAAsyncSelect
gethostbyname
htonl
accept
ntohs
inet_ntoa
WSAStartup
WSASetLastError
WSACleanup
socket
inet_addr
htons
connect
closesocket
setsockopt
send
select
recv
oleacc
LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow
imm32
ImmReleaseContext
ImmGetContext
ImmGetOpenStatus
winmm
PlaySoundA
Sections
.textbss Size: - Virtual size: 2.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 5.1MB - Virtual size: 5.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 768KB - Virtual size: 767KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 41KB - Virtual size: 78KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 270KB - Virtual size: 270KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ