800aa1073c6a1182a86a531c02efe3614deb760ed82037df8020074e227b9dde

Sharing

Copy URL Twitter E-mail

General

Target

800aa1073c6a1182a86a531c02efe3614deb760ed82037df8020074e227b9dde
Size

5.3MB
MD5

53d2a78b3ecf217ddf157c66f4e50055
SHA1

4564f7f6c522c66ca787f2a45b46d769e0472f4d
SHA256

800aa1073c6a1182a86a531c02efe3614deb760ed82037df8020074e227b9dde
SHA512

4f4a51a104c890345ee43aa946d497e961236f4dc2efa64938f13ef592b6f294918ea1fc1c77e67e763a711ea8f66631cf6ecce7303fb25166ae6ead9ea57756
SSDEEP

98304:Q+CBUzTA7qE8simfdZnQD5M05TfU4OKN38yz41U6S/+IEbjRqVTfyJ3EPomckV6I:Q3BUHAe7snFZQvTZNsyztrVTfZPz

Score

1^/10

Malware Config

Signatures

Files

800aa1073c6a1182a86a531c02efe3614deb760ed82037df8020074e227b9dde
.dll regsvr32 windows:4 windows x86 arch:x86

a2906c63559070ba8b3efdc059deff16

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

27/02/2012, 00:00

Not After

26/02/2015, 23:59

Subject

CN=Beijing baidu Netcom science and technology co.ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing baidu Netcom science and technology co.ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e0:e6:b1:90:82:33:3a:72:63:eb:35:aa:e4:3a:a9:94:42:8b:70:dc
Signer

Actual PE Digest

e0:e6:b1:90:82:33:3a:72:63:eb:35:aa:e4:3a:a9:94:42:8b:70:dc

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\cygwin\home\scmpf\compiler_src\liulin02_1067230_win32\0\app\gensoft\bar\toolbar\chinese_unicode_release\BaiduBarX.pdb

Imports

setupapi

SetupIterateCabinetW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

imm32

ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetCompositionStringW

shlwapi

SHSetValueW
SHGetValueW
PathIsDirectoryW
UrlEscapeW
SHDeleteKeyW
UrlCombineW
StrStrIW
PathFileExistsW
UrlUnescapeW
HashData
StrCpyW
PathFindFileNameW
PathRemoveExtensionW
PathIsDirectoryA
PathRemoveFileSpecA
StrCmpIW
PathFindExtensionW
UrlUnescapeA
UrlCanonicalizeW
StrRetToStrW
StrRetToStrA
SHCopyKeyW
SHDeleteValueW
PathRemoveFileSpecW

wininet

HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetConnectW
InternetSetOptionW
InternetOpenW
HttpQueryInfoW
InternetSetOptionA
InternetCrackUrlW
DeleteUrlCacheEntryW
InternetSetCookieW
HttpEndRequestA
InternetWriteFile
InternetReadFile
HttpAddRequestHeadersA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetGetConnectedState
HttpEndRequestW
HttpSendRequestExW
InternetGetCookieW
InternetOpenUrlW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
FindCloseUrlCache
FindNextUrlCacheGroup
DeleteUrlCacheGroup
FindFirstUrlCacheGroup
InternetQueryOptionW
InternetQueryDataAvailable
GetUrlCacheEntryInfoW
HttpOpenRequestA
InternetCanonicalizeUrlW
HttpSendRequestExA

urlmon

URLDownloadToFileW
CoInternetGetSession

rpcrt4

UuidCreate

iphlpapi

GetNetworkParams
GetAdaptersInfo

ws2_32

htonl
inet_addr
htons
ntohs
gethostname
socket
closesocket
setsockopt
sendto
select
__WSAFDIsSet
recv
ntohl
gethostbyname

winmm

timeGetTime
PlaySoundW

kernel32

HeapDestroy
HeapReAlloc
HeapSize
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
RaiseException
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
InterlockedDecrement
lstrlenW
LoadLibraryW
GetLastError
SetLastError
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
GetCurrentThreadId
InterlockedIncrement
DeleteFileW
GetTickCount
lstrlenA
DebugBreak
OutputDebugStringW
InitializeCriticalSection
DeleteCriticalSection
CreateProcessW
LoadLibraryA
FreeLibrary
GetModuleHandleExW
WideCharToMultiByte
CreateDirectoryW
GetTempPathW
CreateFileW
CloseHandle
WriteFile
WaitForSingleObject
CreateMutexW
ReleaseMutex
ResumeThread
SetThreadPriority
CreateEventW
SizeofResource
LockResource
LoadResource
FindResourceW
LocalFree
RtlUnwind
VirtualProtect
TryEnterCriticalSection
LoadLibraryExW
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
GetCurrentProcessId
GetCommandLineW
DisableThreadLibraryCalls
CopyFileW
DeviceIoControl
GetSystemDirectoryW
GetVersionExW
FindResourceExW
GetPrivateProfileStringW
CompareStringW
GetACP
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
FindClose
FindNextFileW
FindFirstFileW
TerminateThread
GetExitCodeThread
OpenMutexW
GetFullPathNameW
GlobalFree
RemoveDirectoryW
Sleep
ReadFile
GetFileSize
Thread32Next
SuspendThread
OpenThread
Thread32First
UnmapViewOfFile
SetUnhandledExceptionFilter
MapViewOfFile
CreateFileMappingW
VirtualAlloc
OpenProcess
lstrcpyW
IsBadReadPtr
SwitchToThread
GetPrivateProfileIntW
ExpandEnvironmentStringsW
GetExitCodeProcess
Process32NextW
Process32FirstW
TlsFree
TlsGetValue
TlsSetValue
TlsAlloc
InterlockedExchange
SetEvent
GetSystemTime
ResetEvent
OpenEventW
PulseEvent
WritePrivateProfileStringW
SetFileAttributesW
lstrcmpW
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableW
SetFilePointer
GetSystemInfo
GlobalSize
SetErrorMode
QueryPerformanceCounter
QueryPerformanceFrequency
FreeResource
GetShortPathNameW
GetSystemDefaultLCID
ReadProcessMemory
MoveFileExW
lstrcatW
GetTempFileNameW
GlobalReAlloc
GetVolumeInformationA
GetLocalTime
OpenFileMappingW
GetSystemTimeAsFileTime
ExitThread
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
VirtualQuery
GetFileAttributesA
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
HeapCreate
FatalAppExitA
GetCurrentThread
GetOEMCP
IsValidCodePage
GetStdHandle
GetModuleFileNameA
ExitProcess
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTimeZoneInformation
SetHandleCount
GetFileType
GetStartupInfoA
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
FlushFileBuffers
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEndOfFile
GetDriveTypeA
GetFullPathNameA
CompareStringA
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
TerminateProcess
GetVersionExA
SetEnvironmentVariableA
lstrcmpiW

user32

RegisterClassW
UnregisterClassW
ActivateKeyboardLayout
LoadKeyboardLayoutW
CharUpperBuffW
AttachThreadInput
GetForegroundWindow
SetForegroundWindow
UpdateLayeredWindow
PeekMessageW
EqualRect
DeleteMenu
EnableMenuItem
GetMenuItemCount
GetMenuItemInfoW
InsertMenuItemW
GetSysColorBrush
ShowCursor
UnregisterHotKey
RegisterHotKey
PrintWindow
EnumDisplayMonitors
EndMenu
GetComboBoxInfo
GetDlgItemInt
SetDlgItemInt
MessageBeep
CheckDlgButton
IsDlgButtonChecked
GetMenuItemRect
RemovePropW
GetPropW
SetPropW
SetMenuItemInfoW
DrawStateW
TrackPopupMenuEx
ModifyMenuW
GetSubMenu
PostQuitMessage
MsgWaitForMultipleObjects
ValidateRect
SetParent
IntersectRect
CharLowerBuffA
WaitForInputIdle
CharLowerA
CreateIconFromResourceEx
CharNextA
ScrollWindow
SetLayeredWindowAttributes
SetWindowRgn
SetScrollInfo
GetScrollPos
DestroyCursor
GetClassLongW
SetClassLongW
MonitorFromRect
GetMonitorInfoW
MoveWindow
InflateRect
WindowFromPoint
IsChild
FindWindowW
AdjustWindowRectEx
GetCapture
ReleaseCapture
SetCursor
GetDlgCtrlID
SetCapture
IsWindowEnabled
UpdateWindow
IsIconic
SetRectEmpty
SetFocus
FillRect
TrackMouseEvent
MessageBoxW
GetWindowThreadProcessId
GetGUIThreadInfo
GetClassNameW
GetFocus
GetSysColor
OffsetRect
SetRect
GetWindowTextLengthW
GetWindowTextW
RegisterWindowMessageW
DrawTextA
LoadBitmapW
SetActiveWindow
InvalidateRect
ClientToScreen
GetMessageW
TranslateMessage
DispatchMessageW
PostThreadMessageW
DrawTextW
CopyRect
DrawIconEx
DestroyIcon
ReleaseDC
PtInRect
SetWindowsHookExW
GetActiveWindow
LoadIconW
IsWindowVisible
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
GetClientRect
MapWindowPoints
SendMessageW
DialogBoxParamW
DestroyMenu
IsMenu
GetKeyState
CharLowerW
PostMessageW
EndPaint
BeginPaint
SetWindowPos
IsWindow
GetDlgItem
ShowWindow
GetDC
SetWindowTextW
EndDialog
CharNextW
CallWindowProcW
GetWindowLongW
GetCursorPos
ScreenToClient
DefWindowProcW
CreateWindowExW
GetClassInfoExW
RegisterClassExW
DestroyWindow
FindWindowExW
EnumChildWindows
SendMessageA
GetUpdateRect
GetTopWindow
MenuItemFromPoint
GetMenuItemID
GetDlgItemTextW
AdjustWindowRect
GetWindowDC
CreateDialogParamW
SetDlgItemTextW
RedrawWindow
EnumWindows
UnregisterClassA
IsDialogMessageW
LoadImageW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharUpperW
CreateMenu
InsertMenuW
TrackPopupMenu
MonitorFromPoint
RemoveMenu
AppendMenuW
CreatePopupMenu
UnhookWindowsHookEx
CallNextHookEx
EnableWindow
RegisterClipboardFormatW
GetAsyncKeyState
LoadStringW
LoadCursorW
KillTimer
SetTimer
SetWindowLongW
CharLowerBuffW
GetMessagePos
IsRectEmpty
GetScrollInfo
SetScrollPos
DrawFocusRect
FrameRect
GetSystemMetrics

gdi32

ExtCreateRegion
CombineRgn
SetStretchBltMode
GetDIBits
StretchBlt
PatBlt
GetTextColor
CreateRoundRectRgn
FillRgn
CreateRectRgn
TextOutW
GetTextMetricsW
GetPixel
SetPixel
GetObjectW
CreatePen
LineTo
MoveToEx
SelectObject
SetROP2
CreateDCW
CreateDIBSection
CreateBitmap
ExcludeClipRect
DPtoLP
Rectangle
Polygon
GetDeviceCaps
RoundRect
RestoreDC
SaveDC
GetCurrentObject
CreatePolygonRgn
CreateSolidBrush
GetTextExtentPoint32W
ExtTextOutW
DeleteObject
GetStockObject
SetBkColor
SetBkMode
DeleteDC
GetTextExtentPointW
CreateFontIndirectW
SetTextColor
CreateCompatibleDC
SetViewportOrgEx
CreateCompatibleBitmap
GetClipBox
BitBlt
CreateFontW

advapi32

RegDeleteKeyW
RegOpenKeyExA
RegQueryValueExA
GetSecurityDescriptorSacl
SetSecurityInfo
EqualSid
GetUserNameW
RegSetKeySecurity
RegEnumKeyW
AllocateAndInitializeSid
InitializeAcl
AddAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegGetKeySecurity
GetTokenInformation
CopySid
RegCreateKeyW
OpenProcessToken
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumValueW
CreateProcessAsUserW
SetTokenInformation
GetLengthSid
ConvertStringSidToSidW
DuplicateTokenEx

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
DragQueryFileA
DuplicateIcon
SHFileOperationW
ShellExecuteExW
SHCreateDirectoryExW
SHGetMalloc
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
ExtractIconW
ShellExecuteW

ole32

OleUninitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
OleDraw
RegisterDragDrop
OleDuplicateData
DoDragDrop
ReleaseStgMedium
OleInitialize
CLSIDFromProgID
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoCreateGuid
RevokeDragDrop

oleaut32

SysAllocStringByteLen
SysStringByteLen
VariantCopy
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
SysAllocString
LoadRegTypeLi
VarBstrCat
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocStringLen
VariantClear
VariantInit
SysFreeString
VarBstrCmp
VarUI4FromStr
SetErrorInfo
VariantChangeType
SysStringLen
GetErrorInfo
CreateErrorInfo

msimg32

AlphaBlend
GradientFill

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToStream
GdipSaveImageToFile
GdipCloneImage
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHICON
GdipDisposeImage
GdipAlloc
GdipFree
GdipCreateFromHDC
GdipDrawImage
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDrawImageI
GdipDrawImageRectI
GdipDrawImageRectRectI

uxtheme

DrawThemeBackground
OpenThemeData
CloseThemeData

netapi32

NetApiBufferFree
NetWkstaTransportEnum
Netbios

Exports

Exports

BDNotify
ClearDefSearch
ClearHomePage
CloseIEUpdate
DllCanUnloadNow
DllCreateObject
DllGetClassObject
DllRegisterServer
IstAntiVirus
MyCopyFile
PushTipInfo
RunOnceRemove
RunOnceUpdate
SVCUninstall
SetDefSearch
SetHomePageToBaidu
Uninstall
UpdateBaiduToolbar
UpdateBaiduToolbarWithUI

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 373KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Shared
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2906c63559070ba8b3efdc059deff16

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fdCertificate

Extended Key Usages

Key Usages

61:0c:12:06:00:00:00:00:00:1bCertificate

Key Usages

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3aCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

e0:e6:b1:90:82:33:3a:72:63:eb:35:aa:e4:3a:a9:94:42:8b:70:dcSigner

Headers

File Characteristics

PDB Paths

Imports

setupapi

version

imm32

shlwapi

wininet

urlmon

rpcrt4

iphlpapi

ws2_32

winmm

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

gdiplus

uxtheme

netapi32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 373KB - Virtual size: 372KB

.data Size: 33KB - Virtual size: 48KB

.Shared Size: 512B - Virtual size: 4B

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 121KB - Virtual size: 121KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

56:65:97:19:56:9b:e0:7b:77:5a:1b:22:75:e2:d8:3a
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

e0:e6:b1:90:82:33:3a:72:63:eb:35:aa:e4:3a:a9:94:42:8b:70:dc
Signer

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 373KB - Virtual size: 372KB

.data
Size: 33KB - Virtual size: 48KB

.Shared
Size: 512B - Virtual size: 4B

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 121KB - Virtual size: 121KB