70d56fc02f1261c03e07bd5ef61c5ea4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70d56fc02f1261c03e07bd5ef61c5ea4_JaffaCakes118
Size

6.6MB
MD5

70d56fc02f1261c03e07bd5ef61c5ea4
SHA1

4eaff05959fd960abfc481829c4b0711d0a6320c
SHA256

d154c46ff2e3848e9c75b986cd0e8dc57f49673ab8dd314f6529dba72fa5c194
SHA512

5aa3878aa997522ea9e1f4daad0ee95807026a92a26912fc27e8e95810637ed9867d56703bda1afda6af6b66bc4bba95164ecfd0ee5f77cb9df8f5183f638e0e
SSDEEP

196608:01QojRR+hOxKjJ/69ndm59xj+zsZKQM6zZDiUyt:cYg29UQJYv

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
70d56fc02f1261c03e07bd5ef61c5ea4_JaffaCakes118
unpack001/$PLUGINSDIR/NJaFfZKlVbN.dll
unpack001/$PLUGINSDIR/nMIAnjbTcjj.dll
unpack001/$PLUGINSDIR/uokFCXyLmye.dll

Files

70d56fc02f1261c03e07bd5ef61c5ea4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ed8375c88e76a1c84a0e0edcf922e78a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryW
CreateDirectoryW
GetFullPathNameW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
SearchPathW
MoveFileW
MultiByteToWideChar
WideCharToMultiByte
GetFileSize
GetTickCount
GetModuleFileNameW
GetCurrentProcess
ExitProcess
SetErrorMode
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
CopyFileW
GlobalLock
GlobalUnlock
CreateThread
lstrcpynA
lstrcpynW
lstrlenW
LoadLibraryW
GetDiskFreeSpaceW
GetProcAddress
GetVersion
OpenProcess
lstrcmpiA
lstrcpyA
lstrcpyW
lstrcatW
LoadLibraryA
GetModuleHandleA
CreateProcessW
GetSystemDirectoryW
GetTempFileNameW
RemoveDirectoryW
CreateFileW
GetVersionExW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
ReadFile
WritePrivateProfileStringW
LCMapStringW
HeapSize
GetStringTypeW
HeapReAlloc
HeapAlloc
RtlUnwind
OutputDebugStringW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
HeapFree
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
GetProcessHeap
GetStdHandle
GetModuleHandleExW
DecodePointer
EncodePointer
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
GetStartupInfoW
WriteConsoleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetModuleHandleW
LoadLibraryExW
lstrlenA
WriteFile
lstrcmpiW
lstrcmpW
CompareFileTime
MulDiv
CloseHandle
SetFileTime
FindClose
SetFilePointer
Sleep
WaitForSingleObject
GetLastError
GetExitCodeProcess
GetShortPathNameW
GlobalFree
GlobalAlloc
FreeLibrary

user32

BeginPaint
DrawTextW
DefWindowProcW
EmptyClipboard
EndPaint
MessageBoxIndirectW
CharPrevW
CharNextA
CharUpperW
GetDlgItemTextW
GetClientRect
FillRect
wsprintfW
SendMessageW
SetDlgItemTextW
PeekMessageW
DispatchMessageW
wsprintfA
SystemParametersInfoW
LoadCursorW
LoadBitmapW
SetClassLongW
GetWindowLongW
GetSysColor
ScreenToClient
GetWindowRect
TrackPopupMenu
AppendMenuW
EnableMenuItem
CreatePopupMenu
GetSystemMenu
GetSystemMetrics
IsWindowEnabled
SetCursor
SetClipboardData
CloseClipboard
OpenClipboard
CheckDlgButton
EndDialog
DialogBoxParamW
IsWindowVisible
SetWindowPos
CreateWindowExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessagePos
CharNextW
ExitWindowsEx
SetWindowTextW
SetTimer
CreateDialogParamW
DestroyWindow
LoadImageW
FindWindowExW
SetWindowLongW
InvalidateRect
GetDC
SetForegroundWindow
EnableWindow
GetDlgItem
ShowWindow
IsWindow
PostQuitMessage
SendMessageTimeoutW

gdi32

SelectObject
CreateBrushIndirect
SetBkMode
SetTextColor
GetDeviceCaps
CreateFontIndirectW
DeleteObject
SetBkColor

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

ole32

CoCreateInstance
OleInitialize
CoTaskMemFree
OleUninitialize

advapi32

RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

comctl32

ImageList_Destroy
ImageList_Create
ord17
ImageList_AddMasked

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 804KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 13.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NJaFfZKlVbN.dll
.dll windows:5 windows x86 arch:x86

8c73a005fc309cc0d77173ba799953c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
CreateSemaphoreW
GetConsoleCP
MultiByteToWideChar
FlushFileBuffers
WriteFile
SetStdHandle
GetStringTypeW
GetFileType
GetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
OpenJobObjectW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileA
FindClose
LCMapStringW
CompareStringW
GetTimeZoneInformation
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
VirtualQuery
VirtualAlloc
VerifyVersionInfoW
GetFileAttributesA
BeginUpdateResourceW
FindResourceExW
OutputDebugStringW
LoadLibraryW
OpenEventW
MulDiv
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GetThreadPriority
RaiseException
GetExitCodeProcess
GetBinaryTypeA
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetEnvironmentStringsW
DecodePointer
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedFlushSList
VirtualProtect
OpenThread
GetSystemTime
OpenMutexA
CreateWaitableTimerW
LoadLibraryA
BeginUpdateResourceA
GetDriveTypeA
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
FindFirstFileExA
GetPriorityClass
SetFilePointer
lstrcmpW
CreateFileW
GlobalFree
lstrcpynW
WideCharToMultiByte
EraseTape
GetProcAddress
GetPrivateProfileStructA
FreeLibrary
CreateMutexA
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetSystemInfo

user32

ArrangeIconicWindows
CreateMDIWindowW
DeferWindowPos
CharNextA
DeleteMenu
DispatchMessageA
CreateMDIWindowA
CreateIconIndirect
CreateMenu
DestroyAcceleratorTable
CharUpperW
BroadcastSystemMessageExA
CreatePopupMenu

gdi32

Rectangle
PolyPolygon
CreateCompatibleBitmap

oleaut32

VarBstrCmp
VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear
VariantCopy
VarCmp
VarUI1FromR4
DispCallFunc
VarDateFromBool
GetErrorInfo
VarI2FromR8
VarUI1FromUI2
VarR4FromI4

rtutils

TraceDeregisterExW
RouterLogRegisterA
LogEventA
RouterLogEventValistExW
TraceDeregisterA

snmpapi

SnmpSvcSetLogLevel
SnmpSvcInitUptime
SnmpUtilOidAppend
SnmpUtilUnicodeToUTF8
SnmpSvcAddrIsIpx
SnmpUtilOctetsCpy
SnmpUtilAnsiToUnicode
SnmpUtilOctetsFree
SnmpUtilOidNCmp
SnmpUtilAsnAnyFree
SnmpUtilPrintAsnAny
SnmpSvcSetLogType

authz

AuthzEnumerateSecurityEventSources
AuthzFreeAuditEvent
AuthzInitializeResourceManager
AuthzInitializeContextFromToken
AuthzAddSidsToContext
AuthzFreeContext
AuthzRegisterSecurityEventSource
AuthzOpenObjectAudit
AuthzAccessCheck
AuthzFreeResourceManager
AuthzReportSecurityEventFromParams
AuthzInitializeContextFromSid
AuthzCachedAccessCheck

imgutil

ComputeInvCMAP
SniffStream
GetMaxMIMEIDBytes
IdentifyMIMEType
CreateDDrawSurfaceOnDIB
DecodeImage
CreateMIMEMap
DitherTo8

Exports

Exports

KPzIiCmhwa
XGfCKO
bhObVumIlUVgTvP
jMRyvmL
xxdRCLSVXTNvytXvfDbX

Sections

.text
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nMIAnjbTcjj.dll
.dll windows:5 windows x86 arch:x86

03e25545f353744c46f43a2161ce923e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadLibraryA
SizeofResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcAddress
LockResource
DecodePointer
CloseHandle
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
SetStdHandle
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
MultiByteToWideChar
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
InterlockedFlushSList
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage

user32

wsprintfW

comdlg32

CommDlgExtendedError
GetFileTitleW
ReplaceTextW
GetOpenFileNameW
ChooseFontW
ChooseFontA
FindTextW
GetSaveFileNameA
GetFileTitleA
GetSaveFileNameW
GetOpenFileNameA
PageSetupDlgA
ChooseColorW
PrintDlgA

advapi32

GetAclInformation
QueryServiceStatus
RegDeleteValueA
CreateServiceW
MapGenericMask
ObjectOpenAuditAlarmA
GetFileSecurityW
SetSecurityDescriptorOwner
QueryServiceLockStatusA

rtutils

RouterLogEventA
MprSetupProtocolEnum
TraceDeregisterW
TraceDumpExW
TracePutsExA
RouterLogDeregisterW
TraceGetConsoleW
TraceRegisterExA
RouterLogEventStringW
LogEventW
TraceRegisterExW
TraceDeregisterA
RouterLogEventStringA

dsprop

BringSheetToForeground
ADsPropSetHwndWithTitle
ADsPropCreateNotifyObj
ADsPropSendErrorMessage
ADsPropCheckIfWritable

Exports

Exports

dVtVCsqFfnOzokxlkH
hemnAtBrLrGPFafeV
vbYVyAIXjxDHtkI
xYeVDNv

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nay.wav
$PLUGINSDIR/uokFCXyLmye.dll
.dll windows:5 windows x86 arch:x86

037977e1f3ac47eafe6c718653885cf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
GetProcAddress
SetEnvironmentVariableA
CompareStringW
GetStringTypeW
LCMapStringW
HeapReAlloc
IsValidCodePage
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
LoadLibraryA
WideCharToMultiByte
GlobalFree
lstrcpynW
GlobalAlloc
MultiByteToWideChar
DecodePointer
EncodePointer
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
GetLastError
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetTimeZoneInformation
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
WriteFile
GetStdHandle
GetModuleFileNameW
ExitProcess
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetCPInfo
GetACP
GetOEMCP
GetProcessHeap

oleaut32

SysAllocString
VariantTimeToSystemTime
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VarCyFromI4
SystemTimeToVariantTime

dsprop

ADsPropSendErrorMessage
ADsPropCreateNotifyObj
ADsPropSetHwndWithTitle

user32

wsprintfW

Exports

Exports

CRokNLWspDqqAo
TRLMfHKUDOaK
ZNrQmlarClECO
dZiWtkvthNUfb
kZq
ufDoJWPjrapDjyHhsPj

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/ejrURMkKbyI.js
.js

Sharing

General

Malware Config

Signatures

Files

ed8375c88e76a1c84a0e0edcf922e78a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

advapi32

comctl32

version

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 7KB - Virtual size: 3.7MB

.ndata Size: - Virtual size: 804KB

.rsrc Size: 69KB - Virtual size: 13.2MB

8c73a005fc309cc0d77173ba799953c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

rtutils

snmpapi

authz

imgutil

Exports

Exports

Sections

.text Size: 436KB - Virtual size: 435KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 6KB - Virtual size: 9KB

.gfids Size: 512B - Virtual size: 276B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 21KB - Virtual size: 21KB

03e25545f353744c46f43a2161ce923e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

rtutils

dsprop

Exports

Exports

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 2KB - Virtual size: 20KB

.gfids Size: 512B - Virtual size: 272B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 21KB - Virtual size: 20KB

037977e1f3ac47eafe6c718653885cf3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

dsprop

user32

Exports

Exports

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 52KB - Virtual size: 52KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 7KB - Virtual size: 3.7MB

.ndata
Size: - Virtual size: 804KB

.rsrc
Size: 69KB - Virtual size: 13.2MB

.text
Size: 436KB - Virtual size: 435KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 6KB - Virtual size: 9KB

.gfids
Size: 512B - Virtual size: 276B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 21KB - Virtual size: 21KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 2KB - Virtual size: 20KB

.gfids
Size: 512B - Virtual size: 272B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 21KB - Virtual size: 20KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 15KB - Virtual size: 15KB