ExplorerFrame[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

ExplorerFrame.dll
Size

1.8MB
MD5

7c1e9c78ba4d7aa445878bff03cb1ed6
SHA1

865bddec22d000eb6cb9c871de39b0acbf904d41
SHA256

d614991dafd571e1a0dc4cdaf4df9ac06ed09db13f3f4bcbc0662856c8aa4486
SHA512

031d5f79252175f9c4b0c8906083ec8c3e430a2cab59f0ef624a09a0deee081c41f7140eaaaac651a1df081644287f5632e04555b92054b856d42aaf49865f89
SSDEEP

49152:OFHUZC4UgTSFYpw/Wr1IwUXpunAv13TvOukFFKKRulD8Owtx:ZLmFmIC1eXwA9Dvhktukx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ExplorerFrame.dll

Files

ExplorerFrame.dll
.dll windows:10 windows x86 arch:x86

eade0656a94e8b3a953b846e4ce4c0d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

ExplorerFrame.pdb

Imports

msvcp_win

?_Xout_of_range@std@@YAXPBD@Z
_Xtime_get_ticks
?_Xlength_error@std@@YAXPBD@Z

api-ms-win-crt-string-l1-1-0

memset
wcsncmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o_ceil
_o_free
_o_memcpy_s
memmove
_o_rand
_o_realloc
_o_strncpy_s
_o_strtol
_o_terminate
_o_toupper
_o_towlower
_except_handler4_common
_o__set_errno
_o__seh_filter_dll
_o__register_onexit_function
_o__purecall
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__wcsicmp
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__ultow_s
strchr
__std_terminate
__CxxFrameHandler3
_o__get_errno
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_CxxThrowException
memcmp
memcpy

shcore

IUnknown_GetSite
ord126
SHRegGetValueW
ord123
SHSetValueW
ord200
SHDeleteKeyW
ord193
SHOpenRegStream2W
IStream_Read
ord172
ord191
ord188
SHCreateMemStream
ord170
ord143
ord142
SHAnsiToUnicode
IUnknown_SetSite
IsOS
ord141
IUnknown_QueryService
ord190
IUnknown_Set
ord145
GetDpiForMonitor
SHCreateThreadRef
ord140
SHTaskPoolQueueTask
ord120
SHQueryValueExW
SHGetValueW
SHStrDupW
IStream_Reset
IStream_Write
SHGetThreadRef
SHStrDupA
ord131
SHCreateThread
SHEnumValueW
IStream_Size
ord187
ord186
ord183
ord102
ord162
ord182
ord125
ord175
GetProcessDpiAwareness
ord130
ord192
SHUnicodeToAnsi
SHDeleteValueW
ord122
SHSetThreadRef

shell32

SHGetKnownFolderPath
ord850
SHParseDisplayName
ord102
SHBindToFolderIDListParent
SHPathPrepareForWriteW
ord840
ord74
ord132
ord67
DragQueryFileW
ord25
SHBindToFolderIDListParentEx
ord19
ord18
ord17
SHBindToObject
SHGetDesktopFolder
SHCreateItemWithParent
ord21
ord939
ord644
ord645
ord23
ord873
ord68
SHGetKnownFolderIDList
ord2
ord4
ord24
ord882
ord833
ord866
SHCreateShellItemArrayFromIDLists
SHGetItemFromObject
ord777
ord823
SHAppBarMessage
ord137
ord881
ord147
ord824
ord851
RegenerateUserEnvironment
ord870
ord871
ord900
ord176
SHChangeNotifyRegisterThread
ShellExecuteExW
SHGetInstanceExplorer
SHGetKnownFolderItem
SHChangeNotify
ord14
ord162
ord85
SHChangeNotifySuspendResume
ord152
SHGetSpecialFolderLocation
ord153
SHGetFolderPathEx
SHGetPathFromIDListW
ord829
Shell_GetCachedImageIndexW
SHCreateShellItemArrayFromDataObject
SHSetTemporaryPropertyForItem
SHGetTemporaryPropertyForItem
SHGetNameFromIDList
ord88
ord193
ord71
ord787
ord727
SHGetIconOverlayIndexW
SHCreateShellItemArrayFromShellItem
SHELL32_AreAllItemsAvailable
ord6
SHCreateItemInKnownFolder
ord912
ord862
ord897
ord893
SHGetFolderLocation
ord945
ord98
ord853
ord27
SHGetPathFromIDListA
ord103
StateRepoNewMenuCache_EnsureCacheAsync
ord90
SHGetPropertyStoreForWindow
ord59
ShellAboutW
ord921
SHCreateItemFromParsingName
ord941
ord942
SHCreateShellItemArray
ord888
ord95
SHGetItemFromDataObject
ord22
ord134
ord129
ord136
ord173
ord654
ord652
ord747
ord884
ord77
SHBindToParent
SHGetFileInfoW
ord155
ord100
ord16
SHGetIDListFromObject
SHCreateItemFromIDList

shlwapi

ord163
ord165
ord164
ord172
PathIsRelativeW
PathIsURLW
StrStrIW
PathFindNextComponentW
StrDupW
StrCmpW
ord204
ord388
ord267
ord268
ord200
ord479
ord202
ord177
ord198
ord182
ord478
ord190
ord186
ord191
ord201
ord158
ord433
ord197
ord24
SHRegGetUSValueW
ord484
AssocQueryStringW
PathParseIconLocationW
ord168
PathGetDriveNumberW
ord167
ord515
ord616
StrChrW
ord178
StrStrW
PathUnquoteSpacesW
PathStripToRootW
ord284
PathFindFileNameW
ord509
ord281
ord283
PathCreateFromUrlW
ord638
SHRegGetBoolUSValueW
ord181
ord156
StrCmpNW
ord571
ord157
ord545
ord239
StrTrimW
StrCmpIW
PathCompactPathExW
PathFileExistsW
AssocCreate
ord540
ChrCmpIW
ord208
ord209
ord179
ord225
ord173
ord187
ord384
ord192
GetMenuPosFromID
ord282
ord635
ord288
ord240
ord219
PathCreateFromUrlA
UrlUnescapeA
ord2
PathSkipRootW
SHCreateShellPalette
ord287
ord210
UrlCanonicalizeW
UrlCreateFromPathW
UrlApplySchemeW
PathIsUNCW
ord286
ord481
ord516
ord517
HashData
ord1
PathAppendW
PathRemoveFileSpecW
ord317
PathRemoveExtensionW
ord639
ord533
ord487
ord538
PathFindExtensionW
StrCmpNIW
StrToIntExW
StrPBrkW
StrToIntW
ord154
ord581
IntlStrEqWorkerW

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
GetModuleHandleExW
FreeLibrary
GetModuleFileNameW
LockResource
GetModuleFileNameA
LoadStringW
DisableThreadLibraryCalls
LoadLibraryExW
LoadResource
GetModuleHandleW
GetProcAddress

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
InitializeCriticalSectionAndSpinCount
ReleaseSRWLockShared
WaitForMultipleObjectsEx
OpenEventW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionEx
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
InitializeCriticalSection
CreateEventExW
ReleaseSRWLockExclusive
CreateMutexExW
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseMutex
OpenMutexW
ReleaseSemaphore
CreateSemaphoreExW
AcquireSRWLockShared

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc
HeapDestroy
HeapReAlloc

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException

api-ms-win-core-com-l1-1-0

CoTaskMemRealloc
CoIncrementMTAUsage
PropVariantClear
CoUninitialize
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoReleaseMarshalData
CoGetInterfaceAndReleaseStream
CoWaitForMultipleHandles
CoGetApartmentType
StringFromGUID2
CoGetMalloc
CoFreeUnusedLibraries
CoRevokeClassObject
CoGetClassObject
CoRegisterClassObject
CoUnmarshalInterface
CreateStreamOnHGlobal
CoCreateInstance
CoCreateGuid
CoMarshalInterface
StringFromCLSID
PropVariantCopy
GetHGlobalFromStream
CoTaskMemFree
CLSIDFromString
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentProcess
TlsGetValue
TlsSetValue
OpenProcessToken
OpenThreadToken
GetStartupInfoW
GetCurrentThreadId
GetCurrentThread
TlsAlloc
SetThreadPriority
CreateThread
TerminateProcess
GetThreadPriority
TlsFree

api-ms-win-core-localization-l1-2-0

GetUserDefaultLCID
FindNLSString
FormatMessageW
FindNLSStringEx
GetThreadLocale
GetLocaleInfoW
GetThreadUILanguage

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-registry-l1-1-0

RegCreateKeyExW
RegOpenKeyExW
RegGetValueW
RegEnumKeyExW
RegCloseKey
RegNotifyChangeKeyValue
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteValueW
RegEnumValueW

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemTime
GetWindowsDirectoryW
GetTickCount
GetLocalTime
GetTickCount64

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolWait
CreateThreadpoolWait
CreateThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolWaitCallbacks
WaitForThreadpoolTimerCallbacks

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventSetInformation
EventRegister
EventUnregister
EventProviderEnabled
EventActivityIdControl
EventEnabled
EventWrite

api-ms-win-core-synch-l1-2-0

InitOnceComplete
InitOnceBeginInitialize
Sleep
InitOnceExecuteOnce

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryA
LoadLibraryW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringW
WideCharToMultiByte
GetStringTypeW
CompareStringOrdinal

api-ms-win-eventing-classicprovider-l1-1-0

RegisterTraceGuidsW
GetTraceEnableFlags
UnregisterTraceGuids
GetTraceEnableLevel
GetTraceLoggerHandle
TraceMessage

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

rpcrt4

UuidCreate

api-ms-win-core-path-l1-1-0

PathCchRemoveFileSpec
PathCchCombine
PathCchRemoveExtension

api-ms-win-core-heap-l2-1-0

LocalFree
GlobalFree
LocalAlloc
GlobalAlloc
LocalReAlloc

api-ms-win-core-file-l1-1-0

GetDriveTypeW

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsDeleteString
WindowsGetStringRawBuffer
WindowsPreallocateStringBuffer
WindowsPromoteStringBuffer
WindowsCreateStringReference
WindowsDeleteStringBuffer

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoTransformError
GetRestrictedErrorInfo
SetRestrictedErrorInfo

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
RoOriginateLanguageException

api-ms-win-core-wow64-l1-1-1

IsWow64Process2

api-ms-win-core-processenvironment-l1-1-0

GetEnvironmentVariableW
GetCurrentDirectoryW
ExpandEnvironmentStringsW

api-ms-win-core-sysinfo-l1-2-0

GetProductInfo

api-ms-win-core-string-l2-1-0

CharNextW
CharUpperW

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedPushEntrySList

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureStackBackTrace

api-ms-win-core-version-l1-1-0

GetFileVersionInfoExW
GetFileVersionInfoSizeExW
VerQueryValueW

api-ms-win-security-base-l1-1-0

GetSidSubAuthority
GetTokenInformation

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

ntdll

WinSqmAddToStream
RtlQueryResourcePolicy
WinSqmSetDWORD
WinSqmAddToStreamEx
WinSqmIncrementDWORD
RtlQueryWnfStateData
RtlNtStatusToDosError

advapi32

RegOpenKeyW
RegEnumKeyW
RegCreateKeyW

imm32

ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmGetDefaultIMEWnd
ImmIsIME
ImmGetContext

kernel32

RegisterWaitForSingleObject
UnregisterWait
lstrcmpA
GetUserDefaultUILanguage
DeactivateActCtx
GlobalUnlock
lstrcmpW
MulDiv
lstrcmpiW
lstrlenW
ActivateActCtx
GlobalSize
GetComputerNameW
AddAtomW
lstrlenA
CreateActCtxW
GlobalLock
ReleaseActCtx

user32

QueryDisplayConfig
GetDisplayConfigBufferSizes
GetCurrentInputMessageSource
SetMenuInfo
GetMenuInfo
GetMessageTime
ValidateRect
CreateWindowExW
ActivateKeyboardLayout
ord2707
ord2705
GetKeyboardLayout
GetScrollBarInfo
UnionRect
EnumChildWindows
UpdateWindow
CloseGestureInfoHandle
GetGestureInfo
SetGestureConfig
IsWinEventHookInstalled
RemoveMenu
PhysicalToLogicalPointForPerMonitorDPI
CreateCaret
CopyIcon
ShowCaret
HideCaret
SetCaretPos
IsHungAppWindow
DestroyCaret
GetClassLongW
GetWindowBand
CreateMenu
EnumWindows
LoadIconW
CallMsgFilterW
RemoveClipboardFormatListener
SetMenuItemInfoW
InsertMenuItemW
AddClipboardFormatListener
LoadMenuW
DrawTextExW
GetClassInfoExW
SendInput
IsClipboardFormatAvailable
RegisterWindowMessageW
GetIconInfo
LoadBitmapW
AppendMenuW
WindowFromPoint
ChangeClipboardChain
SetClipboardViewer
GetMessageExtraInfo
GetDoubleClickTime
SetMessageExtraInfo
SetMenuDefaultItem
GetMenuDefaultItem
GetDlgCtrlID
EndPaint
BeginPaint
NotifyWinEvent
DrawEdge
GetSysColorBrush
FillRect
RegisterClassExW
AnimateWindow
DrawTextW
GetMenuStringW
EnumDisplayMonitors
EnumDesktopWindows
WaitMessage
GetPhysicalCursorPos
IsIconic
IsWindowEnabled
GetWindowPlacement
SetWindowPlacement
RegisterPowerSettingNotification
UnregisterPowerSettingNotification
DestroyIcon
SetWindowLongW
GetWindowLongW
DefWindowProcW
LoadCursorW
DispatchMessageW
TranslateMessage
GetDC
ReleaseDC
GetWindowRect
SystemParametersInfoForDpi
GetDpiForWindow
GetSystemMetricsForDpi
ShowWindow
SendMessageW
GetKeyState
TranslateAcceleratorW
SetFocus
GetFocus
GetWindowTextW
SystemParametersInfoW
KillTimer
SetTimer
GetSysColor
GetSystemMetrics
DestroyAcceleratorTable
IsWindow
DestroyWindow
LoadAcceleratorsW
RegisterClassW
SetPropW
SetWindowTextW
GetPropW
RemovePropW
CallWindowProcW
GetSystemMenu
GetParent
SetWindowPos
GetClientRect
OffsetRect
InvalidateRect
GetAsyncKeyState
GetAncestor
TrackMouseEvent
EnableWindow
GetWindowTextLengthW
SetCursor
GetCursorPos
MapWindowPoints
PtInRect
PeekMessageW
SendNotifyMessageW
GetClassNameW
FindWindowW
SendMessageTimeoutW
GetForegroundWindow
GetDesktopWindow
ScreenToClient
OpenClipboard
GetClipboardData
CloseClipboard
RegisterWindowMessageA
IsChild
RedrawWindow
LockWindowUpdate
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
GetWindow
RegisterClipboardFormatW
GetMenuItemCount
PostMessageW
SetCapture
InflateRect
GetCapture
ReleaseCapture
CreatePopupMenu
CheckMenuItem
EnableMenuItem
DeleteMenu
DestroyMenu
TrackPopupMenu
MonitorFromWindow
IsWindowVisible
IsWindowUnicode
DefWindowProcA
SetClipboardData
TrackPopupMenuEx
ClientToScreen
CopyRect
GetClassWord
GetMenuItemID
GetMenuItemInfoW
GetSubMenu
GetMenuState
InsertMenuW
MonitorFromPoint
GetMonitorInfoW
GetMessagePos
GetActiveWindow
AdjustWindowRectEx
MoveWindow
SetParent
SetRectEmpty
IntersectRect
IsRectEmpty
SetWindowRgn
MessageBeep
SetRect
MonitorFromRect
EqualRect
PostQuitMessage
MsgWaitForMultipleObjectsEx
AttachThreadInput
GetWindowThreadProcessId
SetForegroundWindow
GetLastActivePopup
GetShellWindow

gdi32

CreateCompatibleDC
CreateFontIndirectW
GetDeviceCaps
GetTextExtentPointW
DeleteObject
CreateCompatibleBitmap
GdiAlphaBlend
DeleteDC
SetTextColor
CreateSolidBrush
GetTextExtentPoint32W
SetTextAlign
SelectObject
CreateRectRgnIndirect
CreateRectRgn
SetRectRgn
CombineRgn
EqualRgn
SetBkColor
GetObjectW
OffsetWindowOrgEx
SetWindowOrgEx
GetClipBox
SetBkMode
BitBlt
CreateDIBSection
GetDIBits
StretchDIBits
GetObjectType
GetLayout
SetLayout
GetViewportOrgEx
LPtoDP
SetViewportOrgEx
GetDCDpiScaleValue
GetPaletteEntries
SetPaletteEntries
GetStockObject
SelectPalette
RealizePalette
CreatePalette
CreateBitmapFromDxSurface
GdiTransparentBlt
SelectClipRgn
GetTextMetricsW
ExtTextOutW
OffsetViewportOrgEx
GetClipRgn
GetRgnBox
GetCharWidth32W
StretchBlt

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllGetVersion

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eade0656a94e8b3a953b846e4ce4c0d4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp_win

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

shcore

shell32

shlwapi

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-string-l1-1-0

api-ms-win-eventing-classicprovider-l1-1-0

api-ms-win-core-registry-l1-1-1

rpcrt4

api-ms-win-core-path-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-com-l1-1-1

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-wow64-l1-1-1

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-string-l2-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-version-l1-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-core-apiquery-l1-1-0

ntdll

advapi32

imm32

kernel32

user32

gdi32

api-ms-win-stateseparation-helpers-l1-1-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.data Size: 3KB - Virtual size: 10KB

.idata Size: 22KB - Virtual size: 21KB

.didat Size: 3KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 113KB - Virtual size: 112KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 3KB - Virtual size: 10KB

.idata
Size: 22KB - Virtual size: 21KB

.didat
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 113KB - Virtual size: 112KB