mmc[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

mmc.exe
Size

1.9MB
MD5

1627e5cc3fa0442af745d2fc2a0f7971
SHA1

ef4eba0e1ad45d9d10e9b94c9ea192a8b4755052
SHA256

c48036b68d682fb92ab4396df06814dd5ec11dae0db508d07942d5598a77a753
SHA512

5afb5cfcdff00b120962ee9cf26b7e140e9d433b5d04dc0d293aa1cd8edf70d83bf8bc3f7e033b4bd300f13bc7ddf3ecc35b74489e8366425b1a8cba84f7c3cd
SSDEEP

24576:xPBAnOQ4NIUYfRk/uTTajDthtMGr64D4spjosxMo7wMo7DH:zb9IRUuTYhhtwspJ7e7DH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mmc.exe

Files

mmc.exe
.exe windows:10 windows x64 arch:x64

5aef584ea4bced674b66847fe9d61f23

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

mmc.pdb

Imports

gdi32

GetTextExtentPoint32W
SelectObject
GetStockObject
PtInRegion
CreatePolygonRgn
FillRgn
GetTextMetricsW
GetLayout
SetLayout
GetObjectW
GetDeviceCaps
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
PatBlt
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
DeleteObject
BitBlt
CreateFontIndirectW

user32

IsMenu
GetWindowTextLengthW
SetWindowTextW
GetClassNameW
wsprintfW
GetClassInfoExW
CreateWindowExW
CreateAcceleratorTableW
InvalidateRgn
CallWindowProcW
RegisterClassExW
ReleaseDC
GetDC
EndPaint
BeginPaint
GetDoubleClickTime
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
UnionRect
GetMessageTime
CopyImage
DrawIconEx
CharUpperW
GetSubMenu
DestroyIcon
DrawFrameControl
SetMenu
GetMenu
ChangeClipboardChain
SetForegroundWindow
SetActiveWindow
EnumThreadWindows
GetWindowTextW
SetClipboardViewer
KillTimer
SetTimer
SetWindowPos
DefWindowProcW
DrawFocusRect
IsWindowEnabled
TrackPopupMenuEx
GetNextDlgTabItem
GetDlgItem
CharLowerW
SetMenuDefaultItem
GetForegroundWindow
NotifyWinEvent
ReleaseCapture
GetCapture
AdjustWindowRectEx
DeferWindowPos
TabbedTextOutW
BeginDeferWindowPos
IsZoomed
GetSystemMenu
BringWindowToTop
EnableMenuItem
SetWindowLongPtrW
GetWindowPlacement
SetWindowLongW
GetWindowLongW
SetWindowPlacement
SetParent
DrawTextW
IsChild
LoadImageW
DrawEdge
GetSysColor
DestroyMenu
SetMenuItemInfoW
AppendMenuW
GetMenuStringW
GetMenuItemInfoW
GetMenuItemCount
CreatePopupMenu
GetDesktopWindow
MoveWindow
GetWindowRect
EnumChildWindows
LoadCursorW
SetCursor
GetMessagePos
ClientToScreen
GetDlgCtrlID
ModifyMenuW
InsertMenuW
GetMenuState
DeleteMenu
SetFocus
GetFocus
ChildWindowFromPointEx
IsIconic
MapWindowPoints
ScreenToClient
GetCursorPos
GetKeyState
SetCapture
InflateRect
IsRectEmpty
InvalidateRect
ShowWindow
GetClientRect
PtInRect
GetClassInfoW
GetSysColorBrush
GrayStringW
DestroyAcceleratorTable
LoadAcceleratorsW
TranslateAcceleratorW
EndDeferWindowPos
GetMenuItemID
PeekMessageW
IsWindow
DestroyWindow
CharNextW
GetParent
LoadStringW
PostMessageW
IsWindowVisible
UpdateWindow
LoadIconW
MessageBeep
GetIconInfo
PrivateExtractIconsW
CopyIcon
LoadMenuW
GetWindowLongPtrW
SendMessageTimeoutW
MessageBoxW
OffsetRect
MonitorFromPoint
GetMonitorInfoW
CopyRect
SystemParametersInfoW
SetRect
RedrawWindow
FindWindowExW
GetWindowThreadProcessId
GetWindow
EnableWindow
SetRectEmpty
GetSystemMetrics
SendMessageW
FillRect
RegisterWindowMessageW

mfc42u

ord6832
ord5815
ord6821
ord5804
ord426
ord921
ord4205
ord3585
ord1225
ord1584
ord4506
ord5920
ord3038
ord6099
ord6607
ord6096
ord6599
ord4668
ord6603
ord6407
ord6138
ord5896
ord5886
ord6448
ord6228
ord3747
ord4061
ord1562
ord1869
ord3310
ord6130
ord4595
ord1056
ord3911
ord3413
ord3419
ord4858
ord4596
ord1943
ord3912
ord3532
ord5681
ord1445
ord3873
ord568
ord2122
ord6708
ord6705
ord5925
ord6734
ord599
ord1006
ord629
ord1043
ord3754
ord996
ord3867
ord5584
ord5585
ord5583
ord5304
ord5114
ord5382
ord5352
ord4699
ord4722
ord5709
ord5227
ord1698
ord5710
ord4787
ord2059
ord4779
ord5980
ord4602
ord6050
ord6767
ord6418
ord5246
ord4582
ord2384
ord2328
ord2325
ord822
ord3743
ord4741
ord2586
ord999
ord549
ord1906
ord2532
ord4583
ord5082
ord1365
ord1003
ord559
ord1908
ord2517
ord1966
ord1568
ord4122
ord2145
ord2406
ord3141
ord4818
ord1316
ord2397
ord4785
ord4775
ord4947
ord3099
ord5175
ord5309
ord5269
ord4463
ord5706
ord5523
ord4852
ord6762
ord2661
ord5677
ord4806
ord428
ord4677
ord6886
ord6887
ord2629
ord1126
ord5637
ord5635
ord2781
ord3468
ord1471
ord287
ord1450
ord2408
ord1574
ord286
ord3830
ord3049
ord3243
ord3362
ord4815
ord3231
ord3366
ord3052
ord3166
ord3046
ord4082
ord4083
ord4077
ord3164
ord4371
ord1040
ord4770
ord2906
ord318
ord834
ord5615
ord6632
ord438
ord933
ord2210
ord1498
ord2211
ord6317
ord4211
ord1463
ord1677
ord2676
ord2002
ord1947
ord4598
ord4970
ord4972
ord4976
ord659
ord1063
ord4544
ord2595
ord3820
ord2449
ord2441
ord624
ord5873
ord626
ord2846
ord6750
ord6510
ord1430
ord4472
ord1337
ord6056
ord6055
ord2653
ord5723
ord347
ord859
ord1287
ord1284
ord1441
ord2752
ord2909
ord5711
ord6842
ord3682
ord2975
ord5887
ord620
ord1122
ord5730
ord5065
ord4424
ord1650
ord4539
ord2801
ord1264
ord1519
ord852
ord912
ord4983
ord6053
ord4368
ord5724
ord5722
ord2412
ord1388
ord4191
ord6071
ord2515
ord2559
ord4836
ord6813
ord3766
ord1336
ord3279
ord3592
ord5872
ord5612
ord6069
ord2001
ord3622
ord4835
ord4969
ord4971
ord5636
ord3826
ord4772
ord3484
ord4475
ord3277
ord3590
ord1339
ord5944
ord3192
ord4533
ord6070
ord5062
ord1821
ord4561
ord351
ord863
ord6464
ord1606
ord6021
ord4436
ord3282
ord3601
ord5213
ord6610
ord6769
ord2414
ord4473
ord4766
ord1499
ord2545
ord4124
ord4773
ord4984
ord6586
ord4732
ord5988
ord3254
ord5894
ord1752
ord5665
ord3140
ord5063
ord6880
ord1483
ord1286
ord4946
ord5297
ord4682
ord4690
ord5090
ord5285
ord4886
ord4901
ord4899
ord4881
ord4884
ord4879
ord5370
ord5367
ord4405
ord6440
ord4365
ord1778
ord5662
ord2399
ord5586
ord6812
ord4694
ord5712
ord4017
ord5229
ord4789
ord2670
ord2060
ord6814
ord3932
ord5484
ord1735
ord2457
ord2140
ord5699
ord4988
ord4780
ord1061
ord3933
ord1736
ord5683
ord1067
ord665
ord3397
ord3410
ord6386
ord4181
ord3647
ord4375
ord2900
ord3177
ord1946
ord4597
ord2393
ord4974
ord4975
ord657
ord3417
ord2540
ord5682
ord1536
ord4813
ord2132
ord3473
ord1389
ord2242
ord2925
ord6202
ord5974
ord6612
ord6817
ord6815
ord4612
ord4177
ord6351
ord4859
ord4623
ord622
ord3652
ord1581
ord3407
ord5467
ord6102
ord3234
ord4752
ord3920
ord408
ord904
ord2427
ord3790
ord1647
ord4945
ord4712
ord5288
ord5496
ord5663
ord3535
ord3894
ord1035
ord3783
ord4609
ord2464
ord2466
ord1648
ord5687
ord4721
ord5245
ord5406
ord5077
ord6437
ord1777
ord5702
ord4771
ord3761
ord337
ord2593
ord4747
ord3501
ord3806
ord2329
ord2371
ord4557
ord6328
ord4131
ord2857
ord6614
ord4257
ord2902
ord4262
ord660
ord1064
ord6133
ord4297
ord2776
ord6577
ord6243
ord3740
ord2421
ord1489
ord2105
ord2594
ord4887
ord4748
ord5675
ord3502
ord3807
ord328
ord4014
ord2591
ord4745
ord3794
ord899
ord4599
ord4568
ord6754
ord310
ord826
ord6076
ord6238
ord303
ord3742
ord6015
ord3174
ord3624
ord6446
ord6661
ord6393
ord3396
ord1124
ord2876
ord2121
ord3799
ord2903
ord1856
ord4569
ord427
ord890
ord5676
ord2919
ord1548
ord4807
ord5093
ord5659
ord1476
ord1575
ord4851
ord4759
ord5522
ord5468
ord5412
ord5147
ord5176
ord1317
ord2395
ord4774
ord2456
ord4784
ord1674
ord2671
ord5705
ord2396
ord4364
ord4462
ord2920
ord3536
ord5839
ord5420
ord4633

msvcrt

memset
memcmp
__RTDynamicCast
__CxxFrameHandler3
??_V@YAXPEAX@Z
_purecall
__C_specific_handler
_vsnwprintf
wcsncmp
_ltow
wcstoul
_ultow
wcsrchr
iswspace
_wcsnicmp
_wcsicmp
malloc
free
memcpy_s
_vsnprintf_s
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
memmove_s
swscanf
__wargv
__argc
wcscpy_s
_initterm
realloc
wcstol
_mbsnbcnt
_mbslen
wcsstr
_wtoi
wcschr
??0exception@@QEAA@AEBQEBD@Z
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
_CxxThrowException
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_commode
_fmode
_wcmdln
wcscmp
__setusermatherr
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
_XcptFilter
memmove
memcpy

ntdll

EtwTraceMessage
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

mmcbase

?FromLastError@SC@mmcerror@@QEAAAEAV12@XZ
?LastRefReleased@CMMCStrongReferences@@SA_NXZ
?GetSnapinName@BookKeeping@@SAPEBGH@Z
?GetHelpFile@SC@mmcerror@@SAPEBGXZ
?ReleaseSnapinInterface@BookKeeping@@SAJPEAUIUnknown@@H@Z
?MMCErrorBox@@YAHPEBGVSC@mmcerror@@I@Z
?RemoveItem@BookKeeping@@SAJPEAX@Z
LoadStandardOverlays
?AddItem@BookKeeping@@SAJAEAVItemHandle@@@Z
?InvalidInterface@BookKeeping@@SAXHPEBG0@Z
?ScSetConsoleEventDispatcher@CConsoleEventDispatcherProvider@@SA?AVSC@mmcerror@@PEAVCConsoleEventDispatcher@@@Z
?SetMainThreadID@SC@mmcerror@@SAXK@Z
?SetHWnd@SC@mmcerror@@SAXPEAUHWND__@@@Z
??8SC@mmcerror@@QEBA_NJ@Z
?MMCErrorBox@@YAHVSC@mmcerror@@I@Z
GetStringModule
?ScFromMMC@@YA?AVSC@mmcerror@@J@Z
??8SC@mmcerror@@QEBA_NAEBV01@@Z
?GetHelpID@SC@mmcerror@@QEAAKXZ
?GetErrorMessage@SC@mmcerror@@QEBAXIPEAG@Z
GetComObjectEventSource
??7SC@mmcerror@@QEBAHXZ
?MMCErrorBox@@YAHII@Z
MMCUpdateRegistry
?ToHr@SC@mmcerror@@QEBAJXZ
??4SC@mmcerror@@QEAAAEAV01@J@Z
??0SC@mmcerror@@QEAA@AEBV01@@Z
??9SC@mmcerror@@QEBA_NJ@Z
?FindAllSnapinUIThreads@BookKeeping@@SAJPEAPEAKPEAK@Z
InsideModalLoop
MMC_PickIconDlg
?ScEmitOrPostpone@CEventBuffer@@QEAA?AVSC@mmcerror@@PEAUIDispatch@@JPEAVCComVariant@ATL@@H@Z
?Release@CMMCStrongReferences@@SAKXZ
?InterfaceMethodException@BookKeeping@@SAXHPEBG0KPEAU_EXCEPTION_POINTERS@@@Z
?FromMMC@SC@mmcerror@@QEAAAEAV12@J@Z
?Clear@SC@mmcerror@@QEAAXXZ
?FindItem@BookKeeping@@SAPEAVItemHandle@@PEAX@Z
?MMCNullInterface@BookKeeping@@SAXHPEBG0@Z
?TraceSnapinError@@YAXPEBGAEBVSC@mmcerror@@@Z
??1?$CEventLock@UAppEvents@@@@QEAA@XZ
?AddSnapinInterface@BookKeeping@@SA_NPEAUIUnknown@@PEBGAEAH@Z
??0?$CEventLock@UAppEvents@@@@QEAA@XZ
??4SC@mmcerror@@QEAAAEAV01@AEBV01@@Z
?SetFunctionName@SC@mmcerror@@QEAAXPEBG@Z
?GetHWnd@SC@mmcerror@@SAPEAUHWND__@@XZ
?Throw@SC@mmcerror@@QEAAXJ@Z
??BSC@mmcerror@@QEBA_NXZ
?TraceError@@YAXPEBGAEBVSC@mmcerror@@@Z
??1SC@mmcerror@@QEAA@XZ
??0SC@mmcerror@@QEAA@J@Z
?Throw@SC@mmcerror@@QEAAXXZ
?LKResult2HRESULT@BookKeeping@@SAJ_J@Z
?FromWin32@SC@mmcerror@@QEAAAEAV12@J@Z
?AddRef@CMMCStrongReferences@@SAKXZ
?IsError@SC@mmcerror@@QEBA_NXZ
?FatalError@SC@mmcerror@@QEBAXXZ
?TraceAndClear@SC@mmcerror@@QEAAXXZ
?MMCErrorBox@@YAHPEBGI@Z
?AddSnapin@BookKeeping@@SAJPEBGAEAH@Z
?InterfaceMethodActivationContextException@BookKeeping@@SAXHPEBG0KPEAU_EXCEPTION_POINTERS@@@Z
GetEventBuffer

ole32

OleInitialize
CoDisconnectObject
CoCreateInstance
CoRegisterClassObject
CoFreeUnusedLibraries
OleUninitialize
CoRevokeClassObject
CoTaskMemFree
ProgIDFromCLSID
OleRun
CoCreateGuid
RevokeDragDrop
RegisterDragDrop
DoDragDrop
CoGetClassObject
CoTaskMemAlloc
StringFromCLSID
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
CoGetMalloc
GetHGlobalFromStream
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StringFromGUID2

shlwapi

ord503
ord176
PathFindFileNameW
ord500
ord225

uxtheme

SetWindowTheme
IsThemeActive
DrawThemeBackground
IsAppThemed
OpenThemeData
CloseThemeData

duser

SetGadgetStyle
GetGadgetRect

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
GetCurrentThreadId
CreateProcessW
TerminateProcess
GetStartupInfoW
GetCurrentProcessId

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW
ExpandEnvironmentStringsW
GetCurrentDirectoryW
ExpandEnvironmentStringsA
SetCurrentDirectoryW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
OutputDebugStringA
DebugBreak
IsDebuggerPresent

api-ms-win-core-string-l1-1-0

CompareStringW

api-ms-win-core-file-l1-1-0

GetFileSize
DeleteFileW
CreateDirectoryW
FindFirstFileW
GetFileAttributesW
GetFullPathNameW
ReadFile
GetLongPathNameW
CreateFileW
FindClose
GetFileTime
WriteFile
FindNextFileW

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
GetProcAddress
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameA
FreeLibrary
LoadLibraryExW
LoadLibraryExA
GetModuleHandleA

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetVersionExW
GetSystemDirectoryW
GetTickCount
GetSystemInfo

api-ms-win-core-synch-l1-1-0

AcquireSRWLockShared
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockShared
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
InitializeCriticalSectionEx
OpenSemaphoreW
CreateMutexExW
CreateSemaphoreExW
WaitForSingleObject

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-heap-l1-1-0

HeapDestroy
HeapCreate
GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-sysinfo-l1-2-0

GetProductInfo

api-ms-win-core-localization-l1-2-0

GetFileMUIPath
FormatMessageW

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks

api-ms-win-core-processthreads-l1-1-3

SetProcessInformation

api-ms-win-core-memory-l1-1-0

VirtualQuery
VirtualFree
VirtualProtect
VirtualAlloc

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
WakeAllConditionVariable
Sleep

api-ms-win-core-heap-l2-1-0

GlobalAlloc
GlobalFree
LocalFree

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-processthreads-l1-1-1

FlushInstructionCache

api-ms-win-core-interlocked-l1-1-0

InterlockedPopEntrySList
InterlockedPushEntrySList

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

kernel32

lstrcmpW
DeactivateActCtx
ActivateActCtx
FindActCtxSectionStringW
CreateActCtxW
QueryActCtxW
lstrlenW
lstrcpyW
AddAtomW
DeleteAtom
ReleaseActCtx
GlobalReAlloc
lstrcmpiW
GlobalUnlock
GlobalLock

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5aef584ea4bced674b66847fe9d61f23

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdi32

user32

mfc42u

msvcrt

ntdll

mmcbase

ole32

shlwapi

uxtheme

duser

api-ms-win-core-registry-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-heap-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-processthreads-l1-1-3

api-ms-win-core-memory-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-profile-l1-1-0

kernel32

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 493KB - Virtual size: 492KB

.data Size: 35KB - Virtual size: 43KB

.pdata Size: 52KB - Virtual size: 51KB

.didat Size: 1KB - Virtual size: 1KB

.rsrc Size: 274KB - Virtual size: 273KB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 493KB - Virtual size: 492KB

.data
Size: 35KB - Virtual size: 43KB

.pdata
Size: 52KB - Virtual size: 51KB

.didat
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 274KB - Virtual size: 273KB

.reloc
Size: 15KB - Virtual size: 14KB