General

Malware Config

Signatures

Files

• eb7baf7ae5d0833bc199e262e97160d59c2e3000e57c35ea1ce5904291dc5873

  .exe windows:5 windows x86 arch:x86

  212a558b73b0855970ba3d4c1bdf95d7

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetTickCount

  GetCommandLineA

  MulDiv

  GetProcAddress

  GetModuleHandleA

  GetVolumeInformationA

  SetCurrentDirectoryA

  CreateDirectoryA

  DeleteFileA

  MoveFileA

  GetFileAttributesA

  FindClose

  FindFirstFileA

  GetTempPathA

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  OutputDebugStringA

  Sleep

  ResetEvent

  WriteConsoleW

  GetFullPathNameW

  SetStdHandle

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  FindFirstFileExW

  GetTimeZoneInformation

  ReadConsoleW

  GetConsoleMode

  EnumSystemLocalesW

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetTimeFormatW

  GetDateFormatW

  SetEnvironmentVariableW

  SetFilePointerEx

  SystemTimeToTzSpecificLocalTime

  GetFileInformationByHandle

  GetDriveTypeW

  GetFileAttributesExW

  GetACP

  IsValidCodePage

  HeapQueryInformation

  HeapSize

  FreeLibraryAndExitThread

  ExitThread

  GetConsoleCP

  GetModuleHandleExW

  GetCommandLineW

  GetCurrentDirectoryW

  LoadLibraryExW

  InterlockedPushEntrySList

  RaiseException

  RtlUnwind

  SetFileAttributesW

  CreateDirectoryW

  GetFileSizeEx

  CreateFileW

  VerifyVersionInfoW

  VerSetConditionMask

  GetFileType

  GetStdHandle

  CloseHandle

  GetEnvironmentVariableA

  MoveFileExW

  FormatMessageW

  GetSystemDirectoryW

  SleepEx

  QueryPerformanceFrequency

  LCMapStringEx

  DecodePointer

  QueryPerformanceCounter

  GetFileSize

  FindNextFileW

  DeleteFileW

  GetSystemTime

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingW

  GetFileAttributesExA

  WriteProcessMemory

  FileTimeToSystemTime

  lstrcmpA

  GetModuleFileNameW

  ReadProcessMemory

  CreateProcessA

  GetVersion

  GetLocalTime

  GetSystemInfo

  GetCurrentThread

  GetCurrentProcess

  CreateEventW

  DuplicateHandle

  LoadLibraryW

  GetModuleHandleW

  InitializeSListHead

  WaitForSingleObjectEx

  InitializeCriticalSectionAndSpinCount

  GetOEMCP

  GetCPInfo

  GetCurrentProcessId

  GetProcessVersion

  SetErrorMode

  GlobalFlags

  QueryDosDeviceW

  VirtualAllocEx

  OpenProcess

  TerminateProcess

  GetTempFileNameA

  CreateSemaphoreA

  ResumeThread

  ReleaseSemaphore

  EnterCriticalSection

  LeaveCriticalSection

  GetProfileStringA

  EncodePointer

  TryEnterCriticalSection

  InitializeCriticalSectionEx

  AcquireSRWLockExclusive

  SetFileTime

  GetFileTime

  TlsGetValue

  LocalReAlloc

  TlsSetValue

  TlsFree

  ReleaseSRWLockExclusive

  GlobalHandle

  TlsAlloc

  LocalAlloc

  GlobalGetAtomNameA

  GlobalAddAtomA

  GlobalFindAtomA

  GlobalDeleteAtom

  lstrcmpiA

  GetThreadLocale

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  SetFilePointer

  lstrcpynA

  SetLastError

  FileTimeToLocalFileTime

  FormatMessageA

  LocalFree

  InterlockedDecrement

  InterlockedIncrement

  GetSystemTimeAsFileTime

  WriteFile

  WaitForMultipleObjects

  CreateFileA

  DeviceIoControl

  SetEvent

  FindResourceA

  LoadResource

  LockResource

  ReadFile

  InitializeSRWLock

  GetStringTypeW

  PeekNamedPipe

  WaitForSingleObject

  lstrlenW

  RemoveDirectoryA

  GetModuleFileNameA

  GetCurrentThreadId

  ExitProcess

  GlobalSize

  GlobalFree

  DeleteCriticalSection

  InitializeCriticalSection

  lstrcatA

  lstrlenA

  WinExec

  lstrcpyA

  FindNextFileA

  GlobalReAlloc

  HeapFree

  HeapReAlloc

  GetProcessHeap

  HeapAlloc

  IsDebuggerPresent

  CreateEventA

  CreateThread

  IsProcessorFeaturePresent

  GetStartupInfoW

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetUserDefaultLCID

  MultiByteToWideChar

  WideCharToMultiByte

  GetFullPathNameA

  FreeLibrary

  LoadLibraryA

  GetLastError

  GetPrivateProfileSectionNamesA

  WritePrivateProfileStringA

  GetPrivateProfileStringA

  GetCurrentProcess

  FreeLibrary

  TerminateProcess

  GetSystemInfo

  CreateToolhelp32Snapshot

  Thread32First

  GetCurrentThreadId

  OpenThread

  Thread32Next

  CloseHandle

  SuspendThread

  ResumeThread

  WriteProcessMemory

  VirtualAlloc

  VirtualProtect

  VirtualFree

  GetProcessAffinityMask

  SetProcessAffinityMask

  GetCurrentThread

  SetThreadAffinityMask

  Sleep

  GetTickCount

  GetLocalTime

  GlobalFree

  GetProcAddress

  LocalAlloc

  LoadLibraryA

  ExitProcess

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  DeleteCriticalSection

  GetModuleHandleW

  LoadResource

  MultiByteToWideChar

  FindResourceExW

  FindResourceExA

  WideCharToMultiByte

  GetThreadLocale

  GetUserDefaultLCID

  GetSystemDefaultLCID

  EnumResourceNamesA

  EnumResourceNamesW

  EnumResourceLanguagesA

  EnumResourceLanguagesW

  EnumResourceTypesA

  EnumResourceTypesW

  CreateFileW

  LoadLibraryW

  FlushFileBuffers

  GetCurrentProcessId

  GetLastError

  GetModuleFileNameW

  CreateEventA

  GetModuleHandleA

  GetSystemTimeAsFileTime

  VirtualQuery

  LocalFree

  CreateFileA

  ReadFile

  GetCommandLineA

  RaiseException

  RtlUnwind

  HeapFree

  GetCPInfo

  InterlockedIncrement

  InterlockedDecrement

  GetACP

  GetOEMCP

  IsValidCodePage

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  SetLastError

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  HeapAlloc

  LCMapStringA

  LCMapStringW

  SetHandleCount

  GetStdHandle

  GetFileType

  GetStartupInfoA

  GetModuleFileNameA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  HeapCreate

  HeapDestroy

  QueryPerformanceCounter

  HeapReAlloc

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  HeapSize

  WriteFile

  SetFilePointer

  GetConsoleCP

  GetConsoleMode

  InitializeCriticalSectionAndSpinCount

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  LocalAlloc

  GetCurrentProcess

  GetCurrentThread

  LocalFree

  GetModuleFileNameW

  GetProcessAffinityMask

  SetProcessAffinityMask

  SetThreadAffinityMask

  Sleep

  ExitProcess

  GetLastError

  FreeLibrary

  LoadLibraryA

  GetModuleHandleA

  GetProcAddress

  user32

  WaitForInputIdle

  wsprintfA

  CloseClipboard

  GetClipboardData

  OpenClipboard

  SetClipboardData

  EmptyClipboard

  GetSystemMetrics

  GetCursorPos

  MessageBoxA

  MessageBeep

  SetWindowPos

  SendMessageA

  DestroyCursor

  SetParent

  IsWindow

  PostMessageA

  GetTopWindow

  GetParent

  GetFocus

  GetClientRect

  InvalidateRect

  ValidateRect

  UpdateWindow

  EqualRect

  GetWindowRect

  SetForegroundWindow

  DestroyMenu

  TrackPopupMenu

  IsChild

  ReleaseDC

  IsRectEmpty

  FillRect

  GetDC

  SetCursor

  LoadCursorA

  SetCursorPos

  GetWindowThreadProcessId

  LoadIconA

  TranslateMessage

  DrawFrameControl

  DrawEdge

  DrawFocusRect

  WindowFromPoint

  GetMessageA

  DispatchMessageA

  SetRectEmpty

  RegisterClipboardFormatA

  CreateIconFromResourceEx

  CreateIconFromResource

  DrawIconEx

  CreatePopupMenu

  AppendMenuA

  ModifyMenuA

  CreateMenu

  CreateAcceleratorTableA

  GetDlgCtrlID

  GetSubMenu

  EnableMenuItem

  ClientToScreen

  EnumDisplaySettingsA

  LoadImageA

  SystemParametersInfoA

  ShowWindow

  IsWindowEnabled

  TranslateAcceleratorA

  GetKeyState

  CopyAcceleratorTableA

  PostQuitMessage

  IsZoomed

  GetClassInfoA

  DefWindowProcA

  GetSystemMenu

  DeleteMenu

  GetMenu

  SetMenu

  PeekMessageA

  IsIconic

  SetFocus

  GetActiveWindow

  GetWindow

  DestroyAcceleratorTable

  GetWindowTextA

  GetWindowTextLengthA

  CharUpperA

  GetWindowDC

  BeginPaint

  EndPaint

  TabbedTextOutA

  DrawTextA

  GrayStringA

  GetDlgItem

  DestroyWindow

  CreateDialogIndirectParamA

  EndDialog

  GetNextDlgTabItem

  GetWindowPlacement

  RegisterWindowMessageA

  GetForegroundWindow

  GetLastActivePopup

  GetMessageTime

  RemovePropA

  CallWindowProcA

  GetPropA

  UnhookWindowsHookEx

  SetPropA

  GetClassLongA

  CallNextHookEx

  SetWindowsHookExA

  CreateWindowExA

  GetMenuItemID

  GetMenuItemCount

  RegisterClassA

  GetScrollPos

  AdjustWindowRectEx

  MapWindowPoints

  SendDlgItemMessageA

  ScrollWindowEx

  IsDialogMessageA

  SetWindowTextA

  MoveWindow

  CheckMenuItem

  SetMenuItemBitmaps

  GetMenuState

  GetMenuCheckMarkDimensions

  GetClassNameA

  GetDesktopWindow

  CharNextA

  SetWindowContextHelpId

  MapDialogRect

  LoadStringA

  GetSysColorBrush

  GetNextDlgGroupItem

  PostThreadMessageA

  GetMessagePos

  ScreenToClient

  ChildWindowFromPointEx

  CopyRect

  LoadBitmapA

  WinHelpA

  KillTimer

  SetTimer

  ReleaseCapture

  GetCapture

  SetCapture

  GetScrollRange

  SetScrollRange

  SetScrollPos

  SetRect

  InflateRect

  IntersectRect

  DestroyIcon

  PtInRect

  OffsetRect

  IsWindowVisible

  EnableWindow

  RedrawWindow

  GetWindowLongA

  SetWindowLongA

  GetSysColor

  SetActiveWindow

  SetWindowRgn

  UnregisterClassA

  CharUpperBuffW

  MessageBoxW

  gdi32

  LineTo

  MoveToEx

  ExcludeClipRect

  GetClipBox

  ScaleWindowExtEx

  SetWindowExtEx

  SetWindowOrgEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  GetMapMode

  GetTextMetricsA

  ExtSelectClipRgn

  Escape

  ExtTextOutA

  TextOutA

  RectVisible

  PtVisible

  GetViewportExtEx

  SaveDC

  RestoreDC

  SetBkMode

  SetPolyFillMode

  SetROP2

  SetTextColor

  SetMapMode

  SetViewportOrgEx

  SetBkColor

  CreateRectRgnIndirect

  SetStretchBltMode

  GetClipRgn

  CreatePolygonRgn

  SelectClipRgn

  DeleteObject

  CreateDIBitmap

  GetSystemPaletteEntries

  CreatePalette

  StretchBlt

  SelectPalette

  RealizePalette

  GetDIBits

  GetWindowExtEx

  GetViewportOrgEx

  GetWindowOrgEx

  BeginPath

  EndPath

  PathToRegion

  CreateEllipticRgn

  CreateRoundRectRgn

  GetTextColor

  GetBkMode

  GetBkColor

  GetROP2

  GetStretchBltMode

  GetPolyFillMode

  CreateCompatibleBitmap

  CreateDCA

  CreateBitmap

  SelectObject

  CreatePen

  PatBlt

  CombineRgn

  CreateRectRgn

  FillRgn

  CreateSolidBrush

  CreateFontIndirectA

  GetStockObject

  GetObjectA

  EndPage

  EndDoc

  DeleteDC

  StartDocA

  StartPage

  BitBlt

  CreateCompatibleDC

  Ellipse

  Rectangle

  LPtoDP

  DPtoLP

  GetCurrentObject

  RoundRect

  GetTextExtentPoint32A

  GetDeviceCaps

  winmm

  waveOutUnprepareHeader

  midiStreamProperty

  midiOutPrepareHeader

  midiStreamOut

  waveOutWrite

  midiStreamStop

  midiOutReset

  midiStreamClose

  midiStreamRestart

  waveOutPrepareHeader

  waveOutGetNumDevs

  midiOutUnprepareHeader

  waveOutOpen

  waveOutClose

  waveOutReset

  waveOutPause

  midiStreamOpen

  winspool.drv

  DocumentPropertiesA

  OpenPrinterA

  ClosePrinter

  comdlg32

  ChooseColorA

  ChooseFontA

  GetOpenFileNameA

  GetSaveFileNameA

  GetFileTitleA

  advapi32

  RegOpenKeyExA

  RegCloseKey

  RegSetValueExA

  RegQueryValueA

  CryptEncrypt

  CryptImportKey

  CryptDestroyKey

  CryptDestroyHash

  CryptHashData

  CryptCreateHash

  CryptGetHashParam

  CryptAcquireContextW

  CryptGenRandom

  CryptReleaseContext

  CryptAcquireContextA

  RegCreateKeyExA

  RegQueryValueExA

  RegCloseKey

  RegOpenKeyExA

  CloseServiceHandle

  QueryServiceConfigW

  OpenServiceW

  EnumServicesStatusExW

  OpenSCManagerW

  OpenSCManagerW

  EnumServicesStatusExW

  OpenServiceW

  QueryServiceConfigW

  CloseServiceHandle

  shell32

  Shell_NotifyIconA

  ShellExecuteA

  ole32

  OleRun

  CoCreateInstance

  CLSIDFromString

  OleInitialize

  OleIsCurrentClipboard

  OleFlushClipboard

  CoRevokeClassObject

  CoRegisterMessageFilter

  CoFreeUnusedLibraries

  CreateILockBytesOnHGlobal

  StgCreateDocfileOnILockBytes

  StgOpenStorageOnILockBytes

  CoGetClassObject

  CoTaskMemFree

  CoTaskMemAlloc

  CLSIDFromProgID

  OleUninitialize

  oleaut32

  SafeArrayGetUBound

  VariantTimeToSystemTime

  SysStringLen

  SysFreeString

  UnRegisterTypeLi

  OleCreateFontIndirect

  LoadTypeLi

  LHashValOfNameSys

  RegisterTypeLi

  SafeArrayPutElement

  SafeArrayCreate

  SafeArrayDestroy

  SysAllocString

  VariantInit

  VariantCopyInd

  SafeArrayGetElement

  SafeArrayAccessData

  SafeArrayUnaccessData

  SafeArrayGetDim

  SafeArrayGetLBound

  VariantChangeType

  VariantClear

  VariantCopy

  SafeArrayGetElemsize

  SysAllocStringByteLen

  SysAllocStringLen

  comctl32

  ImageList_Read

  ImageList_Destroy

  ord17

  ImageList_SetBkColor

  ImageList_GetImageCount

  ImageList_GetIcon

  ImageList_Duplicate

  oledlg

  ord8

  ws2_32

  WSAStartup

  WSACleanup

  gethostname

  select

  send

  closesocket

  WSAAsyncSelect

  htons

  bind

  htonl

  socket

  setsockopt

  sendto

  recvfrom

  ioctlsocket

  connect

  freeaddrinfo

  recv

  listen

  getpeername

  accept

  getaddrinfo

  __WSAFDIsSet

  inet_ntoa

  WSAIoctl

  WSASetLastError

  ntohs

  getsockopt

  getsockname

  WSAGetLastError

  WSAWaitForMultipleEvents

  WSAResetEvent

  WSAEventSelect

  WSACloseEvent

  WSACreateEvent

  WSAEnumNetworkEvents

  psapi

  GetModuleFileNameExW

  EnumProcesses

  GetProcessImageFileNameW

  shlwapi

  PathFileExistsA

  wininet

  InternetTimeToSystemTimeA

  iphlpapi

  GetAdaptersAddresses

  wldap32

  ord301

  ord73

  ord216

  ord133

  ord145

  ord46

  ord219

  ord147

  ord79

  ord142

  ord167

  ord127

  ord208

  ord26

  ord117

  ord14

  ord41

  ord27

  crypt32

  CertOpenStore

  CertCloseStore

  CertEnumCertificatesInStore

  CertFreeCertificateContext

  CryptStringToBinaryW

  PFXImportCertStore

  CryptDecodeObjectEx

  CertAddCertificateContextToStore

  CertFindExtension

  CertGetNameStringW

  CryptQueryObject

  CertCreateCertificateChainEngine

  CertFreeCertificateChainEngine

  CertGetCertificateChain

  CertFreeCertificateChain

  CertFindCertificateInStore

  wtsapi32

  WTSSendMessageW

  Exports

  Exports

  ��*a�A����L \��1�P��Jz��hl���P��
  ��^^��ɓ�3�2���scWǔ 9�l���1�d��4T� W'���^N�W�$ĝ�#{�p�rTuwLXz��s���?c$�C�0�{y\5 � ̤d��9��k�6{ur���\9 ���b���!�0' wZ�HQ�j�����[����5!���]��\ Wځ��\/��-+������k��v >嫡��� ThX�XþW塱o}�|���G���^��e*�[M�k`��m��x��Ռ�S�j�:F� �����w�V�gr��\�������^���J��Sgp��*|�3��M�Dp�Z��Mi�
  Ɖh�;]��c �U}y�H��Gtݠ'�T5��tG wl����t����4���9:].X����u>�U�!� w�46�f멥 ��`JJ�{��ߕ"���i����-�z�"
  �lh�pB��O�]p�~#�1(���|�K%u83��K#��B�%�x�M�c��hFl9T ��RI[�h�STF��@&��0��$��JQA�ђ<�~D��dU�X� �m‰S�>����j�"��q�1p��Gu>m~�I��ـ�����yD6X����S<!�X�b\م��A&ݢg� ���35�\��pB������n�E�U�+�o�����j����(����;.����i�c���'�V2��"R-T ���Y�اA�c���42�.+r�~=�C�m]5�;�4*?���GO�HPTdc��j.0?�}��球'���?t}�#p��\�C~����G���C�)i���'=9�\���&e'fC-�,�9�[m�z�{9�w�T� ��r��V��(��yQ?\q �B�#uӧ��a@J[��������M3���k܁���*4n��bH��"X�\�k�� �p���S�ܦF��B4�IBz�l���@S�~��g
  ��{P���5ѮS{���n�q�"u��~ LR�n�.�/��� �4F�.�Y
  ���2/��o�^Ū��p@#�ؘ\�,K�i%�"��� �]�.� ���QQT�Ґ�1���8�@3=��LV���z���z�5�0����;E�E�����yS �C��v���Ӱ�B � �<��/e������g�w<[ی�X�\�ꙥ������ғW�ƤY�S �l\.���Z�5�g4�1����� �����h@[B/dmW��p|�:+v+;a
  ��ٕ���{2�5@t���D�{Zw�����9��q��*}���wG7iE�ք�c��`���4Y�LYf�?�S���l�'�vq�JwPY�H���te��lw�v��֣�d����i�.FV�h����o�.��r��>h��P������>�*k���A P3�a��MJpPO[@B�Ӫ�t�o ��z�g�VE����X��J̚e~Q.�D���2�!Lю��<����Jgd�//��S�cl')�7������C��I� Y�*��nK��B��z���uXp��H������ ��������C��w����!0��% �ŀ�b*�o�����$�O���몸+Do��Ԍ��<�h �ay͈"v[뒝��$�;9��y�.w�����m���*� �Q8UE��=��`�$�s��
  ��X���p���?�ňΊ=y|��:R�8K.��\/��8�/R8�U�b�|7��᎗�����$V��M��0�$Xx����֏��������]U̹K`�@�-%�W�W� �ƣ��2�(�l#Q� �����/EW���9횟�9([����P�B����~�5�#�J��ӗ�R�
  � 1����ܕh*et�L!-2��M�o�^C=�4��-I�C:���@�����i!�P8]'�m ��Zʡ������ʾ�/�'�!�p�����]�,;.P��S���o[ ��Q%t��m(癲��urH�~���G�|�e0��Z��g���nDG���a>_`"�P���)�ja;��z��.���=!kݐ�H&.7��w_ז�:2K�_��OjB�=.b�E���;�X�����f��K���.�ꒂ"\y>�4+��Ƶ� &� ߼�?ߤ��;Q��yo��֍�4��� 60�϶Ӎ����x6{�5��H%�sKҏH̉�ΫTT�^%Ֆ���_�h��z�Qg`҆-������;��!�|o �؁ fv�~|`c9�`��0]Q���j~x8�3��h>��O�D�����X}� k_y�M���*'Nzc-ڜ���Q��T�ٿW 4��� ڀ�������a-F��"�������w�־��������v�w61<�g��j�8nl瑍�g��-�92QV�9\�Cb����0������h�Ty�./��.:�Z|b�Ie�B�3�}J��.�":�Z-���E�G��Q< 3�\҃�������-F�Q5�i��`�l�d��ƅ�����`�R���G���H b�#q�㧢[qݴi$��������Tp�r�f~+�=�pB�����J ��'-k���[�� ��[�SXf��ɫوo�"�H,��`��vl�$�&�i�'skf.����Elw<`� ����2���3y���x��f�>�m�6W5p3x�e���2�p#�8D� �Z�S�����N��2�.�u��HgxgD�BQN��ɡ$5K�'�����bV�D�?���|3���(��L.�^Y����6���w Y_�ukK>)��b�<��!c藗�����̞G��sx�1�^h�&y�*M������$� �
  �&�k�@��ɟ:��lN�p{7^¤JȵGޮ����t�$�H��ּZ�̴Ռp�+�?#D9UJ*FK�O��J�n�O��Ī��s��g�.\�y�\i�'-���Be�'��CM�ʙ�
  ��J�
  ;�o%�Eof鏉�M�D�������b_��|��(�.Ł$�܏P
  2�˼���{�A �^�#23úo�+9�#�x�0�6˜�kf:x,a9�r�lBlD�U���l�k����, A���W|A������+9s�vF_8�Zߚ7��w�T��M>:�W�"s�hv� K����lY'�6��lo�&�bك��

  Sections

  .text

  Size: - Virtual size: 2.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1.0MB - Virtual size: 1.0MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 213KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 4.6MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .vmp1

  Size: 5.3MB - Virtual size: 5.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 13KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ