7a0e956be15d382ec3230275c9c575d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7a0e956be15d382ec3230275c9c575d3_JaffaCakes118
Size

633KB
MD5

7a0e956be15d382ec3230275c9c575d3
SHA1

67af3e7860800d487dbb3055f26988a97efac95a
SHA256

aa35b972f4362fbf6ddbba202fd547cbf8b235fda3e24277fc111e92bd149ff3
SHA512

787d492913b06b2e4f0d56b507f7a47c3c86e67d1f1c19dac5a2fe397da6256b0a922eff15b2e1b52b9b0c1efcd68531d6215c481544dde0397884fd8edeca5e
SSDEEP

12288:c1A+RheHo1fpwE+VgHX5yob2dGD+LoDpc7Gn3IQL/uICReaRmOg6TAsUpa/kIpu:yA+RheHQfuvcJyoIikGYHRwaEOg60sKR

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BuddyCadShell.exe
unpack001/binview.exe
unpack001/pcbview.exe
unpack001/schview.exe

Files

7a0e956be15d382ec3230275c9c575d3_JaffaCakes118
.zip
Apps.xml
BYCADWIN.CFG
BuddyCadShell.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 466KB - Virtual size: 465KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BuddyCadShell.exe.config
.xml
EN/COMMANDS.TXT
EN/COPY.TXT
EN/PROMPT.ZIP
.zip
EN/README.TXT
EN/WINMENU.ZIP
.zip
RU/BINEDIT.ZIP
.zip
RU/BINVIEW.ZIP
.zip
RU/BYCAD.ZIP
.zip
RU/BYWIN.TXT
RU/COMMANDS.TXT
RU/COPY.TXT
RU/MENU.ZIP
.zip
RU/PROMPT.ZIP
.zip
RU/README.TXT
RU/WINMENU.ZIP
.zip
binview.exe
.exe windows:5 windows x64 arch:x64

4696b869d656050cdf3538038f6e0c80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

memcpy
sqrt
atan
cos
sin
memset
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
strncpy
__C_specific_handler
_unlock
__dllonexit
_lock
_onexit
rename
__getmainargs
_XcptFilter
_exit
_cexit
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
__crt_debugger_hook
?terminate@@YAXXZ
sscanf
putchar
malloc
free
calloc
clock
fsetpos
fgetpos
fseek
ftell
fwrite
fread
fputs
fgetc
fclose
fopen
__iob_func
atof
atoi
exit
fprintf
strncmp
strchr
sprintf
__CxxFrameHandler3
strstr
strrchr
system
_amsg_exit
fflush
_unlink
_kbhit
_getch
_getcwd

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
WriteFile
SetFileTime
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileA
SetFilePointer
GetFileAttributesA
GetLocalTime
GetCurrentProcessId
SetCurrentDirectoryA
GetCurrentDirectoryA
GetSystemTimeAsFileTime

user32

wsprintfA

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pcbview.exe
.exe windows:5 windows x64 arch:x64

1433ba005a07089019b971ee0f1a2e95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ResetEvent
WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
EncodePointer
SetFileTime
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
GlobalReAlloc
SetFilePointer
WriteFile
CreateMutexA
SetEvent
CreateFileA
GetFileSize
CloseHandle
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
Sleep
CreateEventA
CreateThread
WaitForMultipleObjects
ReleaseMutex
GetLastError
FormatMessageA
LocalFree
GetFileAttributesA
GetLocalTime
GetCurrentProcessId
SetCurrentDirectoryA
GetCurrentDirectoryA

user32

CreateWindowExA
GetSystemMenu
SetWindowLongA
GetDC
ReleaseDC
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
BeginPaint
PostQuitMessage
GetAsyncKeyState
GetClientRect
SetCursorPos
FillRect
GetWindowLongA
LoadCursorA
CreateCursor
SetCursor
DialogBoxParamA
MessageBoxA
DestroyMenu
CreateMenu
CreatePopupMenu
AppendMenuA
GetDlgItem
SendMessageA
GetDlgItemTextA
SetDlgItemTextA
EndDialog
SetWindowTextA
EnableMenuItem
SetMenu
GetSystemMetrics
SystemParametersInfoA
GetDesktopWindow
GetWindowRect
UnregisterClassA
InvalidateRect
wsprintfA
RegisterClassExA
EndPaint

gdi32

CreateDIBitmap
SelectPalette
RealizePalette
GetDIBits
GetSystemPaletteEntries
CreatePalette
GetTextExtentPoint32A
CreateFontA
SetTextAlign
GetStockObject
StartDocA
StartPage
TextOutA
StretchBlt
EndPage
EndDoc
SetBitmapBits
GetBitmapBits
SetTextColor
SelectObject
GetDeviceCaps
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
DeleteDC
SetPixelV
Pie
LineTo
FloodFill
Polygon
Ellipse
DPtoLP
GetClipRgn
Rectangle
Polyline
GetCurrentObject
Arc
LPtoDP
ExtCreatePen
SetROP2
CreateRectRgn
SelectClipRgn
SetViewportOrgEx
CreateSolidBrush
CreateHatchBrush
CreateBitmap
CreatePatternBrush
SetBkColor
MoveToEx
GetCurrentPositionEx
GetPixel

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

msvcr100

?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_cexit
_exit
_XcptFilter
__getmainargs
_amsg_exit
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
tan
??0exception@std@@QEAA@AEBV01@@Z
_CxxThrowException
??2@YAPEAX_K@Z
memmove
??3@YAXPEAX@Z
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
??0exception@std@@QEAA@AEBQEBD@Z
atan
memcpy
isdigit
fsetpos
fgetpos
fseek
ftell
_unlink
_kbhit
_getch
__CxxFrameHandler3
sprintf
sscanf
strchr
strncpy
printf
atoi
fprintf
_getcwd
__iob_func
exit
fflush
cos
sin
atan2
sqrt
rand
srand
memset
strrchr
strstr
strncmp
atof
fwrite
fread
fputs
fgetc
fclose
fopen
rename
putchar
malloc
free
calloc
clock

msvcp100

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_BADOFF@std@@3_JB
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Ios_base_dtor@ios_base@std@@CAXPEAV12@@Z
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Orphan_all@_Container_base12@std@@QEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1_Container_base12@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
schview.exe
.exe windows:5 windows x64 arch:x64

1433ba005a07089019b971ee0f1a2e95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ResetEvent
WaitForSingleObject
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
EncodePointer
SetFileTime
CreateDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
GlobalReAlloc
SetFilePointer
WriteFile
CreateMutexA
SetEvent
CreateFileA
GetFileSize
CloseHandle
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
Sleep
CreateEventA
CreateThread
WaitForMultipleObjects
ReleaseMutex
GetLastError
FormatMessageA
LocalFree
GetFileAttributesA
GetLocalTime
GetCurrentProcessId
SetCurrentDirectoryA
GetCurrentDirectoryA

user32

CreateWindowExA
GetSystemMenu
SetWindowLongA
GetDC
ReleaseDC
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
BeginPaint
PostQuitMessage
GetAsyncKeyState
GetClientRect
SetCursorPos
FillRect
GetWindowLongA
LoadCursorA
CreateCursor
SetCursor
DialogBoxParamA
MessageBoxA
DestroyMenu
CreateMenu
CreatePopupMenu
AppendMenuA
GetDlgItem
SendMessageA
GetDlgItemTextA
SetDlgItemTextA
EndDialog
SetWindowTextA
EnableMenuItem
SetMenu
GetSystemMetrics
SystemParametersInfoA
GetDesktopWindow
GetWindowRect
UnregisterClassA
InvalidateRect
wsprintfA
RegisterClassExA
EndPaint

gdi32

CreateDIBitmap
SelectPalette
RealizePalette
GetDIBits
GetSystemPaletteEntries
CreatePalette
GetTextExtentPoint32A
CreateFontA
SetTextAlign
GetStockObject
StartDocA
StartPage
TextOutA
StretchBlt
EndPage
EndDoc
SetBitmapBits
GetBitmapBits
SetTextColor
SelectObject
GetDeviceCaps
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteObject
DeleteDC
SetPixelV
Pie
LineTo
FloodFill
Polygon
Ellipse
DPtoLP
GetClipRgn
Rectangle
Polyline
GetCurrentObject
Arc
LPtoDP
ExtCreatePen
SetROP2
CreateRectRgn
SelectClipRgn
SetViewportOrgEx
CreateSolidBrush
CreateHatchBrush
CreateBitmap
CreatePatternBrush
SetBkColor
MoveToEx
GetCurrentPositionEx
GetPixel

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

msvcr100

?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
_cexit
_exit
_XcptFilter
__getmainargs
_amsg_exit
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
tan
??0exception@std@@QEAA@AEBV01@@Z
_CxxThrowException
??2@YAPEAX_K@Z
memmove
??3@YAXPEAX@Z
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
??0exception@std@@QEAA@AEBQEBD@Z
atan
memcpy
isdigit
fsetpos
fgetpos
fseek
ftell
_unlink
_kbhit
_getch
__CxxFrameHandler3
sprintf
sscanf
strchr
strncpy
printf
atoi
fprintf
_getcwd
__iob_func
exit
fflush
cos
sin
atan2
sqrt
rand
srand
memset
strrchr
strstr
strncmp
atof
fwrite
fread
fputs
fgetc
fclose
fopen
rename
putchar
malloc
free
calloc
clock

msvcp100

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_BADOFF@std@@3_JB
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Ios_base_dtor@ios_base@std@@CAXPEAV12@@Z
??_7ios_base@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Orphan_all@_Container_base12@std@@QEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1_Container_base12@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 466KB - Virtual size: 465KB

.rsrc Size: 1KB - Virtual size: 1KB

4696b869d656050cdf3538038f6e0c80

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

user32

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 512B - Virtual size: 6KB

.pdata Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 328B

1433ba005a07089019b971ee0f1a2e95

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

msvcr100

msvcp100

ole32

oleaut32

Sections

.text Size: 333KB - Virtual size: 333KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 10KB - Virtual size: 70KB

.pdata Size: 17KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

1433ba005a07089019b971ee0f1a2e95

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

msvcr100

msvcp100

ole32

oleaut32

Sections

.text Size: 328KB - Virtual size: 328KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 10KB - Virtual size: 69KB

.pdata Size: 16KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 466KB - Virtual size: 465KB

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 512B - Virtual size: 6KB

.pdata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 328B

.text
Size: 333KB - Virtual size: 333KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 10KB - Virtual size: 70KB

.pdata
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 328KB - Virtual size: 328KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 10KB - Virtual size: 69KB

.pdata
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB