archiveint[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

archiveint.dll
Size

563KB
MD5

dd0f04b43362a7c7660c1df405d416f0
SHA1

9781771df2a7155d4c5861961bf3380ad85f9be7
SHA256

4806569f82efb2f07fa7adcf62e1e71d5d7e060588bdacdd3a6b86b8ab8ee7e9
SHA512

89f204dc9e9fd10731769964331b6ffc72f8dc6884206f8f43be2a1c6b10da457a1a90593f7f9b542c9744f21b8255a987cb9f08fb8297bd73c134ac7b8dd786
SSDEEP

12288:UFxKT6NtqcPif2yxdLlIj/T5lhVKZ+cBhirsTXYpG/asdVy9t4AOy:yy6fqcPgZx0/HhVgjhirsp/ldVet4AO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
archiveint.dll

Files

archiveint.dll
.dll windows:10 windows x86 arch:x86

12dfeb0eb8d0ae985f7f94154025e953

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

archiveint.pdb

Imports

api-ms-win-crt-string-l1-1-0

memset
strspn
strncpy
strcspn
strnlen
wcsncmp
strncmp
wcsncpy

api-ms-win-crt-time-l1-1-0

_time32

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__cexit
_o__close
_o__configure_narrow_argv
_o__ctime64_s
_o__errno
_o__execute_onexit_table
_o__fileno
_o__fseeki64
_o__get_osfhandle
_o__get_timezone
_o__gmtime64_s
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__localtime64_s
_o__lseeki64
_o__mkgmtime64
_o__mktime32
_o__open_osfhandle
_o__seh_filter_dll
memmove
_o__setmode
_o__sopen_s
_o__strdup
_o__umask
_o__wcsdup
_o__wrename
_o__wrmdir
_o__wsopen_s
_o__wunlink
_o_abort
_o_atoi
_o_bsearch
_o_calloc
_o_exit
_o_ferror
_o_fread
_o_free
_o_fwrite
_o_getenv
_o_isalnum
_o_isdigit
_o_isprint
_o_isspace
_o_isupper
_o_malloc
_o_mbstowcs
_o_qsort
_o_realloc
_o_setlocale
_o_strftime
_o_strtol
_o_tolower
_o_toupper
_o_wcrtomb
_except_handler4_common
_o___stdio_common_vfprintf
_o___stdio_common_vsprintf
_o___std_type_info_destroy_list
_o___acrt_iob_func
_o____mb_cur_max_func
strstr
wcsrchr
wcschr
strchr
strrchr
memchr
memcmp
memcpy

bcrypt

BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptGenerateSymmetricKey
BCryptDestroyKey
BCryptDeriveKeyPBKDF2
BCryptCreateHash
BCryptFinishHash
BCryptHashData
BCryptEncrypt

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-security-cryptoapi-l1-1-0

CryptDestroyHash
CryptGenRandom
CryptCreateHash
CryptAcquireContextA
CryptGetHashParam
CryptHashData
CryptReleaseContext

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-file-l1-1-0

GetDiskFreeSpaceW
FindNextFileW
FindClose
SetFileTime
GetVolumePathNameW
CreateFileW
GetFileInformationByHandle
GetDriveTypeW
FindFirstFileW
GetFileAttributesW
FindFirstFileA
GetFullPathNameW
WriteFile
GetFileAttributesA
SetFilePointer
CreateFileA
GetFileType
CreateDirectoryW
ReadFile
SetFileAttributesW
SetEndOfFile

api-ms-win-core-io-l1-1-1

CancelIo

api-ms-win-core-memory-l1-1-0

VirtualFree
VirtualAlloc

api-ms-win-core-io-l1-1-0

DeviceIoControl
GetOverlappedResult

api-ms-win-core-synch-l1-1-0

CreateEventW
ResetEvent

api-ms-win-core-handle-l1-1-0

CloseHandle
SetHandleInformation
DuplicateHandle

api-ms-win-core-namedpipe-l1-1-0

PeekNamedPipe
CreatePipe

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-localization-l1-2-0

GetACP
IsValidCodePage
GetOEMCP

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateProcessA
GetExitCodeProcess
TerminateProcess

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryA

api-ms-win-core-processenvironment-l1-1-0

GetStdHandle
GetCurrentDirectoryW

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
DisableThreadLibraryCalls

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-processenvironment-l1-2-0

SearchPathA

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

Exports

Exports

_archive_bzlib_version@0
_archive_clear_error@4
_archive_compression@4
_archive_compression_name@4
_archive_copy_error@8
_archive_entry_acl@4
_archive_entry_acl_add_entry@24
_archive_entry_acl_add_entry_w@24
_archive_entry_acl_clear@4
_archive_entry_acl_count@8
_archive_entry_acl_from_text@12
_archive_entry_acl_from_text_w@12
_archive_entry_acl_next@28
_archive_entry_acl_reset@8
_archive_entry_acl_text@8
_archive_entry_acl_text_w@8
_archive_entry_acl_to_text@12
_archive_entry_acl_to_text_w@12
_archive_entry_acl_types@4
_archive_entry_atime@4
_archive_entry_atime_is_set@4
_archive_entry_atime_nsec@4
_archive_entry_birthtime@4
_archive_entry_birthtime_is_set@4
_archive_entry_birthtime_nsec@4
_archive_entry_clear@4
_archive_entry_clone@4
_archive_entry_copy_bhfi@8
_archive_entry_copy_fflags_text@8
_archive_entry_copy_fflags_text_w@8
_archive_entry_copy_gname@8
_archive_entry_copy_gname_w@8
_archive_entry_copy_hardlink@8
_archive_entry_copy_hardlink_w@8
_archive_entry_copy_link@8
_archive_entry_copy_link_w@8
_archive_entry_copy_mac_metadata@12
_archive_entry_copy_pathname@8
_archive_entry_copy_pathname_w@8
_archive_entry_copy_sourcepath@8
_archive_entry_copy_sourcepath_w@8
_archive_entry_copy_stat@8
_archive_entry_copy_symlink@8
_archive_entry_copy_symlink_w@8
_archive_entry_copy_uname@8
_archive_entry_copy_uname_w@8
_archive_entry_ctime@4
_archive_entry_ctime_is_set@4
_archive_entry_ctime_nsec@4
_archive_entry_dev@4
_archive_entry_dev_is_set@4
_archive_entry_devmajor@4
_archive_entry_devminor@4
_archive_entry_digest@8
_archive_entry_fflags@12
_archive_entry_fflags_text@4
_archive_entry_filetype@4
_archive_entry_free@4
_archive_entry_gid@4
_archive_entry_gname@4
_archive_entry_gname_utf8@4
_archive_entry_gname_w@4
_archive_entry_hardlink@4
_archive_entry_hardlink_utf8@4
_archive_entry_hardlink_w@4
_archive_entry_ino64@4
_archive_entry_ino@4
_archive_entry_ino_is_set@4
_archive_entry_is_data_encrypted@4
_archive_entry_is_encrypted@4
_archive_entry_is_metadata_encrypted@4
_archive_entry_linkify@12
_archive_entry_linkresolver_free@4
_archive_entry_linkresolver_new@0
_archive_entry_linkresolver_set_strategy@8
_archive_entry_mac_metadata@8
_archive_entry_mode@4
_archive_entry_mtime@4
_archive_entry_mtime_is_set@4
_archive_entry_mtime_nsec@4
_archive_entry_new2@4
_archive_entry_new@0
_archive_entry_nlink@4
_archive_entry_partial_links@8
_archive_entry_pathname@4
_archive_entry_pathname_utf8@4
_archive_entry_pathname_w@4
_archive_entry_perm@4
_archive_entry_rdev@4
_archive_entry_rdevmajor@4
_archive_entry_rdevminor@4
_archive_entry_set_atime@12
_archive_entry_set_birthtime@12
_archive_entry_set_ctime@12
_archive_entry_set_dev@8
_archive_entry_set_devmajor@8
_archive_entry_set_devminor@8
_archive_entry_set_fflags@12
_archive_entry_set_filetype@8
_archive_entry_set_gid@12
_archive_entry_set_gname@8
_archive_entry_set_gname_utf8@8
_archive_entry_set_hardlink@8
_archive_entry_set_hardlink_utf8@8
_archive_entry_set_ino64@12
_archive_entry_set_ino@12
_archive_entry_set_is_data_encrypted@8
_archive_entry_set_is_metadata_encrypted@8
_archive_entry_set_link@8
_archive_entry_set_link_utf8@8
_archive_entry_set_mode@8
_archive_entry_set_mtime@12
_archive_entry_set_nlink@8
_archive_entry_set_pathname@8
_archive_entry_set_pathname_utf8@8
_archive_entry_set_perm@8
_archive_entry_set_rdev@8
_archive_entry_set_rdevmajor@8
_archive_entry_set_rdevminor@8
_archive_entry_set_size@12
_archive_entry_set_symlink@8
_archive_entry_set_symlink_type@8
_archive_entry_set_symlink_utf8@8
_archive_entry_set_uid@12
_archive_entry_set_uname@8
_archive_entry_set_uname_utf8@8
_archive_entry_size@4
_archive_entry_size_is_set@4
_archive_entry_sourcepath@4
_archive_entry_sourcepath_w@4
_archive_entry_sparse_add_entry@20
_archive_entry_sparse_clear@4
_archive_entry_sparse_count@4
_archive_entry_sparse_next@12
_archive_entry_sparse_reset@4
_archive_entry_stat@4
_archive_entry_strmode@4
_archive_entry_symlink@4
_archive_entry_symlink_type@4
_archive_entry_symlink_utf8@4
_archive_entry_symlink_w@4
_archive_entry_uid@4
_archive_entry_uname@4
_archive_entry_uname_utf8@4
_archive_entry_uname_w@4
_archive_entry_unset_atime@4
_archive_entry_unset_birthtime@4
_archive_entry_unset_ctime@4
_archive_entry_unset_mtime@4
_archive_entry_unset_size@4
_archive_entry_update_gname_utf8@8
_archive_entry_update_hardlink_utf8@8
_archive_entry_update_link_utf8@8
_archive_entry_update_pathname_utf8@8
_archive_entry_update_symlink_utf8@8
_archive_entry_update_uname_utf8@8
_archive_entry_xattr_add_entry@16
_archive_entry_xattr_clear@4
_archive_entry_xattr_count@4
_archive_entry_xattr_next@16
_archive_entry_xattr_reset@4
_archive_errno@4
_archive_error_string@4
_archive_file_count@4
_archive_filter_bytes@8
_archive_filter_code@8
_archive_filter_count@4
_archive_filter_name@8
_archive_format@4
_archive_format_name@4
_archive_free@4
_archive_liblz4_version@0
_archive_liblzma_version@0
_archive_libzstd_version@0
_archive_match_exclude_entry@12
_archive_match_exclude_pattern@8
_archive_match_exclude_pattern_from_file@12
_archive_match_exclude_pattern_from_file_w@12
_archive_match_exclude_pattern_w@8
_archive_match_excluded@8
_archive_match_free@4
_archive_match_include_date@12
_archive_match_include_date_w@12
_archive_match_include_file_time@12
_archive_match_include_file_time_w@12
_archive_match_include_gid@12
_archive_match_include_gname@8
_archive_match_include_gname_w@8
_archive_match_include_pattern@8
_archive_match_include_pattern_from_file@12
_archive_match_include_pattern_from_file_w@12
_archive_match_include_pattern_w@8
_archive_match_include_time@16
_archive_match_include_uid@12
_archive_match_include_uname@8
_archive_match_include_uname_w@8
_archive_match_new@0
_archive_match_owner_excluded@8
_archive_match_path_excluded@8
_archive_match_path_unmatched_inclusions@4
_archive_match_path_unmatched_inclusions_next@8
_archive_match_path_unmatched_inclusions_next_w@8
_archive_match_set_inclusion_recursion@8
_archive_match_time_excluded@8
_archive_position_compressed@4
_archive_position_uncompressed@4
_archive_read_add_callback_data@12
_archive_read_add_passphrase@8
_archive_read_append_callback_data@8
_archive_read_append_filter@8
_archive_read_append_filter_program@8
_archive_read_append_filter_program_signature@16
_archive_read_close@4
_archive_read_data@12
_archive_read_data_block@16
_archive_read_data_into_fd@8
_archive_read_data_skip@4
_archive_read_disk_can_descend@4
_archive_read_disk_current_filesystem@4
_archive_read_disk_current_filesystem_is_remote@4
_archive_read_disk_current_filesystem_is_synthetic@4
_archive_read_disk_descend@4
_archive_read_disk_entry_from_file@16
_archive_read_disk_gname@12
_archive_read_disk_new@0
_archive_read_disk_open@8
_archive_read_disk_open_w@8
_archive_read_disk_set_atime_restored@4
_archive_read_disk_set_behavior@8
_archive_read_disk_set_gname_lookup@16
_archive_read_disk_set_matching@16
_archive_read_disk_set_metadata_filter_callback@12
_archive_read_disk_set_standard_lookup@4
_archive_read_disk_set_symlink_hybrid@4
_archive_read_disk_set_symlink_logical@4
_archive_read_disk_set_symlink_physical@4
_archive_read_disk_set_uname_lookup@16
_archive_read_disk_uname@12
_archive_read_extract2@12
_archive_read_extract@12
_archive_read_extract_set_progress_callback@12
_archive_read_extract_set_skip_file@20
_archive_read_finish@4
_archive_read_format_capabilities@4
_archive_read_free@4
_archive_read_has_encrypted_entries@4
_archive_read_header_position@4
_archive_read_new@0
_archive_read_next_header2@8
_archive_read_next_header@8
_archive_read_open1@4
_archive_read_open2@24
_archive_read_open@20
_archive_read_open_FILE@8
_archive_read_open_fd@12
_archive_read_open_file@12
_archive_read_open_filename@12
_archive_read_open_filename_w@12
_archive_read_open_filenames@12
_archive_read_open_memory2@16
_archive_read_open_memory@12
_archive_read_prepend_callback_data@8
_archive_read_set_callback_data2@12
_archive_read_set_callback_data@8
_archive_read_set_close_callback@8
_archive_read_set_filter_option@16
_archive_read_set_format@8
_archive_read_set_format_option@16
_archive_read_set_open_callback@8
_archive_read_set_option@16
_archive_read_set_options@8
_archive_read_set_passphrase_callback@12
_archive_read_set_read_callback@8
_archive_read_set_seek_callback@8
_archive_read_set_skip_callback@8
_archive_read_set_switch_callback@8
_archive_read_support_compression_all@4
_archive_read_support_compression_bzip2@4
_archive_read_support_compression_compress@4
_archive_read_support_compression_gzip@4
_archive_read_support_compression_lzip@4
_archive_read_support_compression_lzma@4
_archive_read_support_compression_none@4
_archive_read_support_compression_program@8
_archive_read_support_compression_program_signature@16
_archive_read_support_compression_rpm@4
_archive_read_support_compression_uu@4
_archive_read_support_compression_xz@4
_archive_read_support_filter_all@4
_archive_read_support_filter_by_code@8
_archive_read_support_filter_bzip2@4
_archive_read_support_filter_compress@4
_archive_read_support_filter_grzip@4
_archive_read_support_filter_gzip@4
_archive_read_support_filter_lrzip@4
_archive_read_support_filter_lz4@4
_archive_read_support_filter_lzip@4
_archive_read_support_filter_lzma@4
_archive_read_support_filter_lzop@4
_archive_read_support_filter_none@4
_archive_read_support_filter_program@8
_archive_read_support_filter_program_signature@16
_archive_read_support_filter_rpm@4
_archive_read_support_filter_uu@4
_archive_read_support_filter_xz@4
_archive_read_support_filter_zstd@4
_archive_read_support_format_7zip@4
_archive_read_support_format_all@4
_archive_read_support_format_ar@4
_archive_read_support_format_by_code@8
_archive_read_support_format_cab@4
_archive_read_support_format_cpio@4
_archive_read_support_format_empty@4
_archive_read_support_format_gnutar@4
_archive_read_support_format_iso9660@4
_archive_read_support_format_lha@4
_archive_read_support_format_mtree@4
_archive_read_support_format_rar5@4
_archive_read_support_format_rar@4
_archive_read_support_format_raw@4
_archive_read_support_format_tar@4
_archive_read_support_format_warc@4
_archive_read_support_format_xar@4
_archive_read_support_format_zip@4
_archive_read_support_format_zip_seekable@4
_archive_read_support_format_zip_streamable@4
_archive_seek_data@16
_archive_utility_string_sort@4
_archive_version_details@0
_archive_version_number@0
_archive_version_string@0
_archive_write_add_filter@8
_archive_write_add_filter_b64encode@4
_archive_write_add_filter_by_name@8
_archive_write_add_filter_bzip2@4
_archive_write_add_filter_compress@4
_archive_write_add_filter_grzip@4
_archive_write_add_filter_gzip@4
_archive_write_add_filter_lrzip@4
_archive_write_add_filter_lz4@4
_archive_write_add_filter_lzip@4
_archive_write_add_filter_lzma@4
_archive_write_add_filter_lzop@4
_archive_write_add_filter_none@4
_archive_write_add_filter_program@8
_archive_write_add_filter_uuencode@4
_archive_write_add_filter_xz@4
_archive_write_add_filter_zstd@4
_archive_write_close@4
_archive_write_data@12
_archive_write_data_block@20
_archive_write_disk_gid@16
_archive_write_disk_new@0
_archive_write_disk_set_group_lookup@16
_archive_write_disk_set_options@8
_archive_write_disk_set_skip_file@20
_archive_write_disk_set_standard_lookup@4
_archive_write_disk_set_user_lookup@16
_archive_write_disk_uid@16
_archive_write_fail@4
_archive_write_finish@4
_archive_write_finish_entry@4
_archive_write_free@4
_archive_write_get_bytes_in_last_block@4
_archive_write_get_bytes_per_block@4
_archive_write_header@8
_archive_write_new@0
_archive_write_open2@24
_archive_write_open@20
_archive_write_open_FILE@8
_archive_write_open_fd@8
_archive_write_open_file@8
_archive_write_open_filename@8
_archive_write_open_filename_w@8
_archive_write_open_memory@16
_archive_write_set_bytes_in_last_block@8
_archive_write_set_bytes_per_block@8
_archive_write_set_compression_bzip2@4
_archive_write_set_compression_compress@4
_archive_write_set_compression_gzip@4
_archive_write_set_compression_lzip@4
_archive_write_set_compression_lzma@4
_archive_write_set_compression_none@4
_archive_write_set_compression_program@8
_archive_write_set_compression_xz@4
_archive_write_set_filter_option@16
_archive_write_set_format@8
_archive_write_set_format_7zip@4
_archive_write_set_format_ar_bsd@4
_archive_write_set_format_ar_svr4@4
_archive_write_set_format_by_name@8
_archive_write_set_format_cpio@4
_archive_write_set_format_cpio_bin@4
_archive_write_set_format_cpio_newc@4
_archive_write_set_format_cpio_odc@4
_archive_write_set_format_cpio_pwb@4
_archive_write_set_format_filter_by_ext@8
_archive_write_set_format_filter_by_ext_def@12
_archive_write_set_format_gnutar@4
_archive_write_set_format_iso9660@4
_archive_write_set_format_mtree@4
_archive_write_set_format_mtree_classic@4
_archive_write_set_format_option@16
_archive_write_set_format_pax@4
_archive_write_set_format_pax_restricted@4
_archive_write_set_format_raw@4
_archive_write_set_format_shar@4
_archive_write_set_format_shar_dump@4
_archive_write_set_format_ustar@4
_archive_write_set_format_v7tar@4
_archive_write_set_format_warc@4
_archive_write_set_format_xar@4
_archive_write_set_format_zip@4
_archive_write_set_option@16
_archive_write_set_options@8
_archive_write_set_passphrase@8
_archive_write_set_passphrase_callback@12
_archive_write_set_skip_file@20
_archive_write_zip_set_compression_deflate@4
_archive_write_zip_set_compression_store@4
_archive_zlib_version@0
archive_set_error

Sections

.text
Size: 541KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12dfeb0eb8d0ae985f7f94154025e953

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

bcrypt

api-ms-win-core-heap-l1-1-0

api-ms-win-security-cryptoapi-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-io-l1-1-1

api-ms-win-core-memory-l1-1-0

api-ms-win-core-io-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-namedpipe-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-file-l1-2-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-processenvironment-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-interlocked-l1-1-0

Exports

Exports

Sections

.text Size: 541KB - Virtual size: 540KB

.data Size: 1KB - Virtual size: 7KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 541KB - Virtual size: 540KB

.data
Size: 1KB - Virtual size: 7KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 12KB - Virtual size: 12KB