d:\Webhost\25-04-2024\WindowsBuilds\OSD_NATIVE\8222343\osdeployer\CLOUD_PRODUCTION\OSD_SRC\agent\Release\OSDA.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-04-25_725a8b0da0d8444512955ed5d99004dc_mafia_revil.exe
Resource
win7-20240220-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-04-25_725a8b0da0d8444512955ed5d99004dc_mafia_revil.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
5 signatures
150 seconds
General
-
Target
2024-04-25_725a8b0da0d8444512955ed5d99004dc_mafia_revil
-
Size
10.2MB
-
MD5
725a8b0da0d8444512955ed5d99004dc
-
SHA1
fff28766d793277ec7813e100bf3695d9d982f63
-
SHA256
22a89e55a97420bf5dd467c233d423c3c1c64b664710936929e2206040745130
-
SHA512
44ccc395a07dad42cc779424fa63d232aecae77ccc2092e2de1738b549d68918a6dcf5c4aba91eec1a06995a8f1a9f0314654f47b3cfa245c77f6e0db8cdf92b
-
SSDEEP
196608:bcytI1Jy4GpSQCvQMf40iyXqj1mSS3mrv60W2iG7+ljVhGzUg2jibXl+K0g9uLN4:4ytI1Jy4GpSQCvQMf40iyXqj1mSS3mrp
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-04-25_725a8b0da0d8444512955ed5d99004dc_mafia_revil
Files
-
2024-04-25_725a8b0da0d8444512955ed5d99004dc_mafia_revil.exe windows:5 windows x86 arch:x86
c1aba4d05844a7e8d826ecf9617fafaf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
netapi32
NetLocalGroupGetMembers
DsRoleFreeMemory
DsRoleGetPrimaryDomainInformation
DsGetDcNameW
NetGetJoinInformation
NetLocalGroupEnum
NetApiBufferFree
uxtheme
SetWindowTheme
ws2_32
WSAStartup
listen
bind
setsockopt
connect
send
accept
socket
shutdown
recvfrom
WSAPoll
WSAIoctl
closesocket
getaddrinfo
htons
freeaddrinfo
getnameinfo
ioctlsocket
ntohs
getsockname
getsockopt
select
__WSAFDIsSet
WSAGetLastError
gethostbyname
gethostname
WSACleanup
WSASetLastError
recv
htonl
WSASocketA
inet_addr
getprotobyname
ntohl
getpeername
inet_ntop
sendto
crypt32
CertFreeCertificateContext
CertFindCertificateInStore
CertDeleteCertificateFromStore
CertCreateCertificateContext
CryptStringToBinaryA
CertGetNameStringA
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertCloseStore
CertGetCertificateChain
CertFreeCertificateChain
CertEnumCertificatesInStore
CertGetNameStringW
CryptMsgGetParam
CryptQueryObject
CertAddCertificateContextToStore
CertOpenStore
iphlpapi
ConvertLengthToIpv4Mask
GetAdapterIndex
GetAdaptersInfo
GetAdaptersAddresses
ntdsapi
DsBindW
DsGetDomainControllerInfoW
DsUnBindW
DsFreeDomainControllerInfoW
kernel32
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GlobalMemoryStatusEx
GetComputerNameExW
GetSystemFirmwareTable
GetComputerNameW
GetFirmwareEnvironmentVariableW
CreateEventA
GlobalSize
lstrcmpW
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
CreateActCtxW
ReleaseActCtx
lstrcmpA
CompareStringA
LoadLibraryExW
GetLocaleInfoW
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrcmpiW
DuplicateHandle
GetSystemDirectoryW
GlobalReAlloc
LocalAlloc
GlobalHandle
LocalReAlloc
GlobalGetAtomNameW
GlobalFlags
SetErrorMode
GetTempFileNameW
GetNumberFormatW
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID
GetCommandLineW
HeapSetInformation
GetStartupInfoW
ExitThread
DecodePointer
EncodePointer
GetTimeFormatW
GetDateFormatW
ExitProcess
GetCPInfo
RtlUnwind
GetDriveTypeA
FindFirstFileExA
GetConsoleCP
GetTimeFormatA
GetDateFormatA
VirtualQuery
HeapQueryInformation
SetStdHandle
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
UnhandledExceptionFilter
IsDebuggerPresent
GetACP
GetOEMCP
IsValidCodePage
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
GetFileInformationByHandle
PeekNamedPipe
WriteConsoleW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetEnvironmentVariableA
GetTimeZoneInformation
CreateTimerQueueTimer
DeleteTimerQueueEx
DeleteTimerQueueTimer
CreateTimerQueue
SetConsoleMode
GetConsoleMode
ReadConsoleW
ReadConsoleA
ExpandEnvironmentStringsA
GetProcessAffinityMask
SetHandleInformation
SwitchToThread
SetCriticalSectionSpinCount
InterlockedExchange
ConvertFiberToThread
ConvertThreadToFiber
RaiseException
GetFileType
GetStdHandle
DeleteFiber
SwitchToFiber
CreateFiber
TlsFree
TlsAlloc
InterlockedExchangeAdd
InitializeCriticalSectionAndSpinCount
TlsSetValue
TlsGetValue
GetCurrentThread
GetThreadTimes
QueryPerformanceFrequency
GetModuleHandleExW
GetCurrentThreadId
TryEnterCriticalSection
AreFileApisANSI
GetFileSizeEx
CreateFileMappingW
DeleteFileA
FlushFileBuffers
FormatMessageA
GetCurrentProcessId
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
GetFullPathNameA
GetFullPathNameW
GetSystemInfo
GetTempPathA
GetTempPathW
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
HeapCompact
LoadLibraryA
LockFile
LockFileEx
MapViewOfFile
QueryPerformanceCounter
SetEndOfFile
UnlockFile
UnlockFileEx
UnmapViewOfFile
WaitForSingleObjectEx
OutputDebugStringA
OutputDebugStringW
GetProcessHeap
InterlockedCompareExchange
FlushViewOfFile
GetExitCodeThread
InterlockedDecrement
InterlockedIncrement
GetFileTime
GetFileAttributesExA
GetSystemTimeAsFileTime
FindClose
FindNextFileW
FindFirstFileW
FreeResource
GlobalAlloc
ResumeThread
GlobalFree
GlobalUnlock
GlobalLock
SystemTimeToFileTime
GetSystemTime
MulDiv
GetLocalTime
lstrcpyW
LocalFree
ActivateActCtx
DeactivateActCtx
SetLastError
SetCurrentDirectoryW
GetVersionExW
GetEnvironmentVariableW
VirtualFree
VirtualAlloc
CopyFileW
WriteFileEx
ReadFileEx
CreateFileA
WriteFile
GetModuleFileNameW
DeleteVolumeMountPointW
GetFileSize
GetWindowsDirectoryA
SetVolumeMountPointW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FreeLibrary
ReadFile
SetFilePointer
FindNextVolumeW
FindVolumeClose
DeviceIoControl
CreateFileW
FindFirstVolumeW
GetVolumePathNamesForVolumeNameW
FormatMessageW
GetVolumeInformationW
GetDriveTypeW
GetDiskFreeSpaceW
ReleaseSemaphore
CreateSemaphoreW
lstrlenA
WideCharToMultiByte
lstrlenW
RemoveDirectoryW
GetCurrentProcess
Sleep
CreateDirectoryW
GetDiskFreeSpaceExW
TerminateProcess
GetModuleHandleW
GetProcAddress
LoadLibraryW
GetExitCodeProcess
CreateProcessW
GetVersion
DeleteFileW
GetFileAttributesW
GetNativeSystemInfo
GetCurrentDirectoryA
GetWindowsDirectoryW
SetConsoleCtrlHandler
CreateThread
MoveFileW
GetTickCount
MultiByteToWideChar
TerminateThread
SetThreadPriority
ReleaseMutex
CreateMutexW
DeleteCriticalSection
CloseHandle
CreateEventW
InitializeCriticalSection
WaitForSingleObject
SetEvent
LeaveCriticalSection
ResetEvent
EnterCriticalSection
GetCurrentDirectoryW
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetFileAttributesW
RemoveDirectoryA
FindNextFileA
FindFirstFileA
SetFileAttributesA
OpenProcess
CreateFileMappingA
MoveFileExW
WaitForMultipleObjects
CreateSemaphoreA
GetModuleHandleA
WaitForMultipleObjectsEx
SetWaitableTimer
OpenEventA
CreateWaitableTimerA
IsDBCSLeadByteEx
GetCurrencyFormatW
FoldStringW
FileTimeToLocalFileTime
user32
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoW
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
GetScrollRange
SetForegroundWindow
ShowScrollBar
GetClassInfoExW
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
RegisterWindowMessageW
DrawStateW
LoadBitmapW
TabbedTextOutW
DrawTextW
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetRawInputDeviceList
GetProcessWindowStation
GetUserObjectInformationW
SetCapture
LoadImageW
CopyImage
DestroyIcon
GetIconInfo
ReleaseCapture
EndPaint
BeginPaint
DrawTextExW
RegisterClassW
SetParent
SetFocus
SetCaretPos
AppendMenuW
GetSystemMenu
PostQuitMessage
GetSysColorBrush
DefWindowProcW
GetClassInfoW
SetWindowLongW
MoveWindow
GetDlgCtrlID
DrawIcon
IsIconic
EnableScrollBar
GetWindowLongW
GetScrollPos
DrawFocusRect
DrawEdge
CopyRect
FillRect
GetCapture
IsWindow
UpdateWindow
RedrawWindow
MessageBoxW
EqualRect
KillTimer
SetTimer
LoadCursorW
SetCursor
SendDlgItemMessageA
GetCursorPos
PtInRect
SetRect
InflateRect
OffsetRect
SetScrollRange
IsRectEmpty
ReleaseDC
GetDC
SetScrollPos
GetClientRect
GetSysColor
SetRectEmpty
DispatchMessageW
TranslateMessage
PeekMessageW
GetCaretPos
IsWindowVisible
GetClassNameW
GetParent
PostMessageW
CreateWindowExW
LoadIconW
SendMessageW
GetDlgItem
EnableWindow
InvalidateRect
GrayStringW
ClientToScreen
GetWindowDC
IsWindowEnabled
GetWindowThreadProcessId
CheckDlgButton
IsDialogMessageW
SetWindowTextW
CheckMenuItem
GetWindow
SetWindowPos
GetDesktopWindow
MapWindowPoints
GetSystemMetrics
GetWindowRect
wsprintfW
EnableMenuItem
ModifyMenuW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
LoadMenuW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetNextDlgGroupItem
DrawIconEx
GetKeyNameTextW
MapVirtualKeyW
IntersectRect
IsZoomed
MessageBeep
SystemParametersInfoW
ValidateRect
GetMessageW
ShowOwnedPopups
GetMenuItemInfoW
DestroyMenu
CharUpperW
EnumDisplayMonitors
SetLayeredWindowAttributes
DrawFrameControl
SetWindowRgn
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
RealChildWindowFromPoint
DeleteMenu
WindowFromPoint
NotifyWinEvent
GetAsyncKeyState
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
CreatePopupMenu
SetMenuDefaultItem
GetMenuDefaultItem
UnregisterClassW
IsClipboardFormatAvailable
ScreenToClient
SendDlgItemMessageW
WaitMessage
PostThreadMessageW
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
DestroyAcceleratorTable
LoadAcceleratorsW
CreateAcceleratorTableW
SetClassLongW
TranslateAcceleratorW
BringWindowToTop
InsertMenuItemW
ReuseDDElParam
LockWindowUpdate
EnumChildWindows
RegisterClipboardFormatW
SetCursorPos
CopyIcon
GetDoubleClickTime
InvertRect
HideCaret
FrameRect
CharUpperBuffW
IsCharLowerW
MapVirtualKeyExW
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
GetUpdateRect
SubtractRect
CreateMenu
MapDialogRect
DestroyCursor
GetWindowRgn
ShowWindow
UnpackDDElParam
gdi32
GetBkColor
Polyline
Ellipse
Polygon
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
CreateDIBSection
ScaleWindowExtEx
OffsetRgn
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
GetTextFaceW
SetPixelV
GetObjectA
DeleteDC
DeleteObject
CreatePolygonRgn
CreateEllipticRgn
SetWindowExtEx
GetTextCharsetInfo
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
LPtoDP
GetDeviceCaps
GetTextMetricsW
TextOutW
CreateFontW
SelectClipRgn
RoundRect
SetLayout
GetLayout
Rectangle
CreatePen
GetTextExtentPoint32W
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetTextAlign
EnumFontFamiliesW
CreateDIBitmap
DPtoLP
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
CombineRgn
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetRectRgn
PatBlt
CreateHatchBrush
GetObjectType
SelectPalette
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
OffsetWindowOrgEx
SetBkColor
GetTextColor
SetTextColor
CreateDCW
CopyMetaFileW
CreateRectRgnIndirect
CreateFontIndirectW
GetStockObject
GetObjectW
CreateRoundRectRgn
CreateSolidBrush
SetDIBitsToDevice
msimg32
TransparentBlt
AlphaBlend
comdlg32
GetFileTitleW
winspool.drv
ClosePrinter
DocumentPropertiesW
OpenPrinterW
advapi32
GetSidSubAuthorityCount
RegLoadKeyW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegUnLoadKeyW
RegEnumKeyW
ConvertStringSidToSidW
ConvertSidToStringSidW
QueryServiceStatusEx
CloseServiceHandle
OpenServiceW
OpenSCManagerW
CryptGetHashParam
CryptHashData
OpenThreadToken
DuplicateToken
CreateWellKnownSid
CheckTokenMembership
CryptGetUserKey
CryptDestroyHash
CryptDecrypt
CryptDestroyKey
CryptCreateHash
CryptGetProvParam
CryptEnumProvidersW
CryptSignHashW
CryptAcquireContextW
CryptExportKey
CryptSetHashParam
ReportEventW
DeregisterEventSource
RegisterEventSourceW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegQueryValueExA
RegOpenKeyExA
GetSidSubAuthority
OpenProcessToken
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce
GetAclInformation
GetSecurityDescriptorSacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
RegOpenKeyW
RegEnumValueW
RegDeleteValueW
RegQueryValueW
RegRenameKey
RegQueryInfoKeyW
RegSetKeySecurity
GetSecurityDescriptorDacl
RegGetKeySecurity
RegCreateKeyExW
RegSetValueExW
LookupAccountSidW
RegQueryValueExW
GetTokenInformation
RegDeleteKeyW
GetNamedSecurityInfoW
AdjustTokenPrivileges
LookupPrivilegeValueW
shell32
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
DragFinish
ShellExecuteW
SHAppBarMessage
DragQueryFileW
SHCreateDirectoryExW
comctl32
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetIconSize
shlwapi
PathFindExtensionW
PathFileExistsA
PathStripToRootW
PathMatchSpecW
PathRemoveExtensionW
PathFileExistsW
PathFindFileNameW
PathIsNetworkPathW
PathCombineW
PathAppendW
StrTrimW
PathIsUNCW
PathRemoveFileSpecW
ole32
CoSetProxyBlanket
ReleaseStgMedium
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
CoInitializeEx
DoDragDrop
OleLockRunning
OleGetClipboard
OleCreateMenuDescriptor
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CoCreateGuid
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
oleaut32
VariantChangeType
SysStringLen
SysAllocStringLen
SystemTimeToVariantTime
VarBstrFromDate
VariantClear
VariantInit
SysAllocString
SysFreeString
VariantTimeToSystemTime
gdiplus
GdipDrawString
GdipSetStringFormatLineAlign
GdipCreateFontFromLogfontA
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetStringFormatAlign
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipCloneImage
GdipCreateStringFormat
GdipCloneBrush
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdiplusStartup
GdipGetImageGraphicsContext
GdipDeleteStringFormat
GdiplusShutdown
GdipDeleteFont
GdipCreateFontFromDC
GdipCreateFontFromLogfontW
GdipLoadImageFromStream
GdipCreateSolidFill
GdipDeleteBrush
setupapi
SetupGetStringFieldW
SetupCloseInfFile
SetupOpenInfFileW
SetupFindNextLine
SetupFindFirstLineW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Registry_Property_ExW
CM_Locate_DevNodeW
SetupDiGetDevicePropertyW
SetupDiGetDeviceInstanceIdW
CM_Get_DevNode_Status
SetupDiGetClassDevsW
mpr
WNetCancelConnection2W
WNetAddConnection2W
dwmapi
DwmExtendFrameIntoClientArea
winhttp
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpWriteData
WinHttpSetOption
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpAddRequestHeaders
WinHttpQueryOption
WinHttpSetStatusCallback
WinHttpCloseHandle
winmm
timeBeginPeriod
timeGetDevCaps
PlaySoundW
psapi
GetProcessMemoryInfo
GetProcessImageFileNameW
oleacc
CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow
imm32
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Exports
Exports
LZ4_compressBound
LZ4_compress_HC
LZ4_compress_HC_continue
LZ4_compress_HC_extStateHC
LZ4_compress_default
LZ4_compress_destSize
LZ4_compress_fast
LZ4_compress_fast_continue
LZ4_compress_fast_extState
LZ4_createStream
LZ4_createStreamDecode
LZ4_createStreamHC
LZ4_decompress_fast
LZ4_decompress_fast_continue
LZ4_decompress_fast_usingDict
LZ4_decompress_safe
LZ4_decompress_safe_continue
LZ4_decompress_safe_partial
LZ4_decompress_safe_usingDict
LZ4_freeStream
LZ4_freeStreamDecode
LZ4_freeStreamHC
LZ4_loadDict
LZ4_loadDictHC
LZ4_resetStream
LZ4_resetStreamHC
LZ4_saveDict
LZ4_saveDictHC
LZ4_setStreamDecode
LZ4_sizeofState
LZ4_sizeofStateHC
LZ4_versionNumber
LZ4_versionString
Sections
.text Size: 7.1MB - Virtual size: 7.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 134KB - Virtual size: 188KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 412KB - Virtual size: 412KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 616KB - Virtual size: 616KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ