448aae3716f3299ac71d597e1ae1c5c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

448aae3716f3299ac71d597e1ae1c5c5_JaffaCakes118
Size

8.4MB
MD5

448aae3716f3299ac71d597e1ae1c5c5
SHA1

df75a2171b0a1d39f0b1753788f59b02c8119110
SHA256

ea212b575bf041b81bfb15bdd571d695caa9e19eb29091030ed41ea3329a8a77
SHA512

9e9fa3b6484c9d84f5e0e97ca2f5d56a6bb16474f3828e2cb2861fa164c4503d7c12648ca8006ce6eea4b72d1f70e9bb50f625513b25079ac02b0104debc0528
SSDEEP

196608:bd1Yn7fneGhLJMBIIdPWtouJrWUKQtHsYe5zcmEyqR/+AtanK:EQeto8WUKaw5wmVqd+lK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/CameraTracker10v9/xf-thefoundry/Crack/XF-The_Foundry_Flexlm_Patcher_WIN32.exe	upx
static1/unpack001/CameraTracker10v9/xf-thefoundry/Crack/XF-The_Foundry_Flexlm_Patcher_WIN64.exe	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CameraTracker10v9/CameraTracker1.0v9-CC-win-x86-release-64.exe
unpack001/CameraTracker10v9/xf-thefoundry/Crack/XF-FLI_5.0v1_win-x86-release-32.exe
unpack001/CameraTracker10v9/xf-thefoundry/Crack/XF-The_Foundry_Flexlm_Patcher_WIN32.exe
unpack002/out.upx
unpack001/CameraTracker10v9/xf-thefoundry/Crack/XF-The_Foundry_Flexlm_Patcher_WIN64.exe
unpack003/out.upx

Files

448aae3716f3299ac71d597e1ae1c5c5_JaffaCakes118
.zip
CameraTracker10v9/CameraTracker1.0v9-CC-win-x86-release-64.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CameraTracker10v9/readme.txt
CameraTracker10v9/xf-thefoundry/Crack/XF-FLI_5.0v1_win-x86-release-32.exe
.exe windows:4 windows x86 arch:x86

a98f690b44b9425ac230053664905256

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
ShellExecuteW
SHGetFileInfoW
SHGetFolderPathA

advapi32

RegQueryValueW
RegCloseKey
RegQueryValueExA
RegOpenKeyA
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
QueryServiceStatusEx
StartServiceA
ControlService
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegEnumValueA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
GetUserNameA
GetUserNameW
RegEnumKeyExA
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyA
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryInfoKeyA
RegEnumValueW
RegEnumKeyExW
RegFlushKey
RegCreateKeyExW
RegQueryValueA

ws2_32

WSAGetLastError
WSAStartup
__WSAFDIsSet
select
connect
socket
WSACleanup
getprotobyname
recv
send
ioctlsocket
setsockopt
ntohs
inet_addr
inet_ntoa
gethostbyaddr
gethostbyname
gethostname
htonl
ntohl
closesocket
WSAAsyncSelect
htons

comctl32

ord17

user32

PostMessageA
ChangeClipboardChain
RegisterClipboardFormatW
MsgWaitForMultipleObjectsEx
DispatchMessageW
DispatchMessageA
KillTimer
SetTimer
GetClipboardFormatNameA
RegisterClipboardFormatA
GetMenu
MapVirtualKeyA
GetKeyboardState
SetMenuItemInfoW
TrackPopupMenuEx
MapVirtualKeyW
ToAscii
ToUnicode
GetKeyboardLayout
LoadImageW
GetIconInfo
DrawIconEx
LoadCursorW
LoadCursorA
CreateCursor
SetCursorPos
DestroyCursor
DestroyCaret
SetCaretPos
SendMessageW
CreateCaret
DialogBoxIndirectParamA
CreateDialogIndirectParamA
wsprintfA
GetSystemMetrics
GetClientRect
ScreenToClient
MoveWindow
ShowWindow
SetWindowTextA
SetFocus
GetFocus
GetParent
EndDialog
GetDlgItemTextA
GetDlgItemTextW
SetDlgItemTextA
MessageBeep
GetWindowLongA
SendMessageA
GetDlgItem
GetWindowRect
EnableWindow
GetActiveWindow
MessageBoxA
HideCaret
TranslateMessage
UnregisterClassA
UnregisterClassW
GetClassInfoW
GetClassInfoA
LoadIconW
RegisterClassW
LoadIconA
RegisterClassA
DefWindowProcW
DefWindowProcA
GetWindowRgn
RegisterWindowMessageW
RegisterWindowMessageA
GetUpdateRgn
GetUpdateRect
BeginPaint
EndPaint
GetCursorPos
WindowFromPoint
GetSysColor
GetDoubleClickTime
SetDoubleClickTime
IsChild
GetDC
ReleaseDC
SystemParametersInfoA
SystemParametersInfoW
SetWindowTextW
CreateIconIndirect
DestroyIcon
UnhookWindowsHookEx
ReleaseCapture
SetForegroundWindow
GetCaretBlinkTime
PostMessageW
InvalidateRgn
ValidateRgn
SetWindowPos
UpdateWindow
ScrollWindowEx
SetWindowRgn
AdjustWindowRectEx
GetWindowLongW
ClientToScreen
SetCapture
SetCursor
DestroyWindow
SetWindowLongA
IsZoomed
IsIconic
SetWindowLongW
InvalidateRect
SetWindowPlacement
IsWindowVisible
GetWindowPlacement
CreateWindowExA
CreateWindowExW
GetDesktopWindow
SetParent
EnableMenuItem
GetSystemMenu
GetKeyState
PeekMessageA
PeekMessageW
SetCaretBlinkTime
SetClipboardViewer

netapi32

Netbios

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetSaveFileNameW

imm32

ImmSetCompositionFontW
ImmGetContext
ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmAssociateContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmGetDefaultIMEWnd
ImmSetCompositionFontA

winmm

PlaySoundA

gdi32

SelectClipRgn
CreatePalette
GetPaletteEntries
GetCharABCWidthsW
GetCharABCWidthsA
GetCharABCWidthsFloatW
GetTextExtentPoint32W
GetGlyphOutlineW
GetGlyphOutlineA
GetOutlineTextMetricsA
GetTextMetricsA
EnumFontFamiliesExW
EnumFontFamiliesExA
GetTextMetricsW
GetTextFaceW
GetTextFaceA
GetTextCharsetInfo
CreateFontIndirectW
CreateFontIndirectA
GetFontData
CreateCompatibleBitmap
GetDIBits
CreateSolidBrush
CreatePen
Rectangle
DeleteDC
BitBlt
SetTextAlign
SetBkMode
TextOutA
SetGraphicsMode
SetWorldTransform
ExtTextOutW
CreateCompatibleDC
CreateDIBSection
GdiFlush
SelectObject
SetTextColor
CreateBitmap
DeleteObject
GetDeviceCaps
OffsetRgn
CombineRgn
CreateRectRgn
EqualRgn
CreateEllipticRgn
CreatePolygonRgn
PtInRegion
GetRgnBox
GetRegionData
GetObjectA
GetObjectW
GetStockObject
RealizePalette
SelectPalette

iphlpapi

GetIfTable

ole32

StringFromGUID2
CoCreateGuid
OleInitialize
OleUninitialize
CoCreateInstance
ReleaseStgMedium
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
OleGetClipboard
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CoGetMalloc
CoInitialize
CoUninitialize

oleaut32

SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocString
VariantInit

kernel32

GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
SetEnvironmentVariableA
SetFileAttributesA
CreateThread
ExitThread
ExitProcess
SetFileAttributesW
SetEnvironmentVariableW
CreateFileW
DeleteFileA
LCMapStringA
LCMapStringW
GetCPInfo
TlsFree
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
HeapSize
GetStringTypeA
GetStringTypeW
CreatePipe
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetUserDefaultLCID
EnumSystemLocalesA
SystemTimeToFileTime
DeleteFileW
CopyFileA
CopyFileW
MoveFileA
MoveFileW
CreateDirectoryW
RemoveDirectoryA
SetStdHandle
HeapReAlloc
GetSystemTimeAsFileTime
GetStartupInfoA
FileTimeToLocalFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
InterlockedExchange
InterlockedIncrement
FindFirstChangeNotificationW
FindFirstChangeNotificationA
FindNextChangeNotification
FindCloseChangeNotification
GetLogicalDrives
GetFileTime
GetFileAttributesW
GetFileAttributesA
GetFullPathNameW
GetFullPathNameA
SetEndOfFile
GetTempPathW
GetTempPathA
GetCurrentDirectoryW
GetCurrentDirectoryA
SetCurrentDirectoryW
SetCurrentDirectoryA
SetFilePointer
GetFileAttributesExW
Sleep
GetVersion
GetVersionExA
GetSystemInfo
GetProcAddress
GetModuleHandleA
CreateDirectoryA
CloseHandle
FlushFileBuffers
WaitForSingleObject
CreateProcessA
CreateFileA
LocalFree
LocalAlloc
GetTickCount
HeapFree
HeapAlloc
GetProcessHeap
FreeLibrary
ResetEvent
CreateEventA
SetEvent
LoadLibraryA
GetWindowsDirectoryA
SetErrorMode
SetHandleInformation
ReleaseMutex
GetLastError
CreateMutexA
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetVolumeInformationA
GetDriveTypeA
GetCurrentProcess
VirtualAlloc
VirtualFree
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
GetProcessTimes
SetLastError
GetPrivateProfileStringA
GetPrivateProfileIntA
ReadFile
WriteFile
DeviceIoControl
GetCurrentProcessId
GetModuleFileNameA
GetSystemTime
GetFileAttributesExA
GetLocalTime
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
GetVolumeInformationW
InterlockedDecrement
GetModuleHandleW
GetLocaleInfoA
IsValidLocale
GlobalUnlock
GlobalLock
GlobalAlloc
CreateProcessW
GetUserDefaultLangID
GetLocaleInfoW
lstrcmpW
GlobalSize
GetDriveTypeW
GetModuleFileNameW
GetCommandLineA
CompareStringA
CompareStringW
GetThreadLocale
FormatMessageA
FormatMessageW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
OutputDebugStringW
GetCurrentThreadId
GetCurrentThread
TlsAlloc
TerminateThread
SetThreadPriority
TlsSetValue
ResumeThread
GetThreadPriority
WaitForMultipleObjects
CreateEventW
DuplicateHandle
TlsGetValue
GetDateFormatA
GetDateFormatW
GetTimeFormatA
GetTimeFormatW
CreateSemaphoreW
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
LoadLibraryW
GetFileInformationByHandle
RemoveDirectoryW

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CameraTracker10v9/xf-thefoundry/Crack/XF-The_Foundry_Flexlm_Patcher_WIN32.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 208B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CameraTracker10v9/xf-thefoundry/Crack/XF-The_Foundry_Flexlm_Patcher_WIN64.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 208B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CameraTracker10v9/xf-thefoundry/Crack/foundry.lic
CameraTracker10v9/xf-thefoundry/Crack/install.txt
CameraTracker10v9/好251网址导航.htm
.html
CameraTracker10v9/绿色资源网.url

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 36KB - Virtual size: 36KB

DATA Size: 1024B - Virtual size: 588B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 40KB - Virtual size: 39KB

a98f690b44b9425ac230053664905256

Headers

File Characteristics

Imports

shell32

advapi32

ws2_32

comctl32

user32

netapi32

comdlg32

imm32

winmm

gdi32

iphlpapi

ole32

oleaut32

kernel32

Sections

.text Size: 5.1MB - Virtual size: 5.1MB

.text1 Size: 40KB - Virtual size: 37KB

CONST Size: 4KB - Virtual size: 80B

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 124KB - Virtual size: 447KB

.data1 Size: 304KB - Virtual size: 302KB

.rsrc Size: 220KB - Virtual size: 217KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 52KB

UPX1 Size: 27KB - Virtual size: 28KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 528B

.rdata Size: 512B - Virtual size: 432B

.bss Size: - Virtual size: 208B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 47KB - Virtual size: 46KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 52KB

UPX1 Size: 27KB - Virtual size: 28KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 288B

.rdata Size: 512B - Virtual size: 432B

.bss Size: - Virtual size: 208B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 47KB - Virtual size: 46KB

CODE
Size: 36KB - Virtual size: 36KB

DATA
Size: 1024B - Virtual size: 588B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 40KB - Virtual size: 39KB

.text
Size: 5.1MB - Virtual size: 5.1MB

.text1
Size: 40KB - Virtual size: 37KB

CONST
Size: 4KB - Virtual size: 80B

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 124KB - Virtual size: 447KB

.data1
Size: 304KB - Virtual size: 302KB

.rsrc
Size: 220KB - Virtual size: 217KB

UPX0
Size: - Virtual size: 52KB

UPX1
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 528B

.rdata
Size: 512B - Virtual size: 432B

.bss
Size: - Virtual size: 208B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 47KB - Virtual size: 46KB

UPX0
Size: - Virtual size: 52KB

UPX1
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 288B

.rdata
Size: 512B - Virtual size: 432B

.bss
Size: - Virtual size: 208B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 47KB - Virtual size: 46KB