9ad41ad2e727670024ad33b766c7e8d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9ad41ad2e727670024ad33b766c7e8d5_JaffaCakes118
Size

2.1MB
MD5

9ad41ad2e727670024ad33b766c7e8d5
SHA1

1986aa2c62c26f538bbc5eabb3e81a34129c6a85
SHA256

1d28b7d161b2bd5caae8c33b6040c07a8974c9d367d7fee8bee2fce09e4cffd2
SHA512

bd0ccf966040ded37d7ec2074583fd8f6bac604b910ddb280a9b6d182fa5a41dc84e79312278033b1b797b6a2d30513c72efd4c7ca60f4a5f3eacdb8b2f7b838
SSDEEP

49152:+JCP54ykw3IagDOsLF51J24g3nak3f+sBEhtA1f4X5K:8+VIakOsLF51JW3R3f+sBEht8F

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/QQ?????1.3.3/QQ?????1.3.3.exe	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQ?????1.3.3/QQ?????1.3.3.exe

Files

9ad41ad2e727670024ad33b766c7e8d5_JaffaCakes118
.zip
????.txt
??ucbug??,???????.url
.url
QQ?????1.3.3/??.txt
QQ?????1.3.3/????.txt
QQ?????1.3.3/QQ?????1.3.3.exe
.exe windows:5 windows x86 arch:x86

ce20923728e90210ca1c14d893d54601

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
IsValidLocale
GetProcessHeap
SetEnvironmentVariableA
EnumSystemLocalesA
GetLocaleInfoA
CreateFileA
GetConsoleMode
GetStringTypeW
GetConsoleCP
LCMapStringW
IsProcessorFeaturePresent
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
GetSystemTimeAsFileTime
VirtualQuery
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
FindResourceExW
VirtualProtect
GetUserDefaultLCID
SearchPathW
GetTempPathW
GetTempFileNameW
GetNumberFormatW
SetErrorMode
lstrcpyW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
GlobalFlags
CreateMutexW
lstrlenA
GetProfileIntW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DeleteFileW
lstrcmpiW
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringA
CreateEventW
SuspendThread
SetEvent
SetThreadPriority
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
lstrcmpW
CopyFileW
FormatMessageW
LocalFree
GetCurrentProcessId
GetModuleFileNameW
FreeResource
InitializeCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FindClose
FindFirstFileW
FreeLibrary
GetWindowsDirectoryW
MulDiv
GlobalSize
GlobalReAlloc
lstrlenW
ActivateActCtx
GetProcAddress
GetModuleHandleW
LoadLibraryW
DeactivateActCtx
GetVersionExW
SetFileTime
WriteFile
GetFileAttributesW
LocalFileTimeToFileTime
GetCurrentDirectoryW
SystemTimeToFileTime
ReadFile
SetFilePointer
CreateFileW
SleepEx
ResumeThread
SetLastError
ReleaseMutex
WaitForSingleObject
CreateDirectoryW
ExitProcess
TerminateThread
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedExchange
GetTickCount
GetLastError
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
CreateThread
CloseHandle
SizeofResource
Sleep
QueryPerformanceCounter
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

IsZoomed
PostQuitMessage
ValidateRect
CharNextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
UpdateWindow
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
GetWindow
MapVirtualKeyW
GetKeyNameTextW
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindowThreadProcessId
GetLastActivePopup
TranslateMDISysAccel
RedrawWindow
GetWindowDC
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMessageW
ClientToScreen
CopyRect
IsWindowVisible
GetDoubleClickTime
CopyIcon
GetCapture
ClipCursor
InvertRect
GetFocus
GetMessagePos
IsClipboardFormatAvailable
ScreenToClient
IntersectRect
DefWindowProcW
GetClassInfoW
GetKeyState
DispatchMessageW
TranslateMessage
OffsetRect
IsRectEmpty
DrawFrameControl
SetRect
DrawEdge
FrameRect
SystemParametersInfoW
wsprintfW
SetCapture
ReleaseCapture
WindowFromPoint
PtInRect
GetCursorPos
MapWindowPoints
TrackMouseEvent
SetCursor
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
ShowCursor
ReleaseDC
EnableWindow
GetDC
SendMessageW
SetTimer
CreateIconIndirect
GetIconInfo
DrawIconEx
InflateRect
GetParent
FillRect
GetSysColorBrush
IsWindow
LoadImageW
LoadCursorW
GetSysColor
DestroyIcon
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
PostMessageW
DrawIcon
GetClientRect
MessageBeep
WaitMessage
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
GetMenuItemInfoW
DestroyMenu
CharUpperW
RegisterClipboardFormatW
RealChildWindowFromPoint
CopyAcceleratorTableW
GetSystemMetrics
IsIconic
LoadMenuW
AppendMenuW
GetSystemMenu
LoadIconW
KillTimer
InvalidateRect
MessageBoxW
SetForegroundWindow
SetActiveWindow
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
CharUpperBuffW
BeginPaint
GetUpdateRect
MapVirtualKeyExW
IsCharLowerW
GetWindowRect
SetMenuDefaultItem
UpdateLayeredWindow
UnionRect
SetCursorPos
EnableScrollBar
HideCaret
DrawFocusRect
GetMenuDefaultItem
UnregisterClassW
GetNextDlgGroupItem
EmptyClipboard
CloseClipboard
SetClipboardData
CopyImage
OpenClipboard
DrawStateW
EnumChildWindows
LockWindowUpdate
IsMenu
MonitorFromPoint
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
SetClassLongW
SetParent
CreatePopupMenu
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableW
LoadAcceleratorsW
DestroyAcceleratorTable
GetAsyncKeyState
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
PostThreadMessageW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
DeleteMenu
EndPaint
InvalidateRgn

gdi32

GetTextMetricsW
PatBlt
SaveDC
RestoreDC
SetBkColor
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
CreateHatchBrush
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
GetTextColor
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetRgnBox
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
OffsetRgn
CreateRoundRectRgn
RealizePalette
SetPixel
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
EnumFontFamiliesExW
GetWindowOrgEx
LPtoDP
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
GetViewportOrgEx
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
GetBkColor
GetDeviceCaps
GetCurrentObject
SetDIBits
GetDIBits
Rectangle
CreatePen
CreateFontIndirectW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetBoundsRect
BitBlt
CreateCompatibleBitmap
CreateFontW
CreateDIBSection
GetObjectW
SetDIBColorTable
GetDIBColorTable
StretchBlt
SelectObject
DeleteDC
DeleteObject
GetTextExtentPoint32W
GetObjectType
CreateCompatibleDC
CreateSolidBrush

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW

shell32

SHAppBarMessage
Shell_NotifyIconW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteW
DragQueryFileW
DragFinish
SHBrowseForFolderW

comctl32

InitCommonControlsEx
ImageList_GetIconSize

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathRemoveFileSpecW

ole32

CoInitializeEx
OleDestroyMenuDescriptor
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoUninitialize
CoInitialize
CoRevokeClassObject
CoRegisterMessageFilter
OleCreateMenuDescriptor
OleLockRunning
CoTaskMemFree
CreateStreamOnHGlobal
IsAccelerator
OleTranslateAccelerator

oleaut32

VariantChangeType
VariantInit
OleCreateFontIndirect
SysAllocString
VariantCopy
SysAllocStringLen
SafeArrayDestroy
SysStringLen
VarBstrFromDate
VarUdateFromDate
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantClear

oledlg

OleUIBusyW

gdiplus

GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown
GdipCreateBitmapFromScan0

ws2_32

WSASetLastError
inet_ntoa
send
sendto
recv
WSAGetLastError
recvfrom
select
__WSAFDIsSet
connect
socket
getpeername
closesocket
shutdown
accept
gethostbyname
inet_addr
ntohs
htons
htonl
WSACleanup
WSAStartup
ntohl

winmm

PlaySoundW
sndPlaySoundW

wininet

InternetOpenW
DeleteUrlCacheEntryW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
HttpQueryInfoW
InternetQueryDataAvailable
InternetGetCookieW
HttpQueryInfoA
HttpSendRequestW
InternetSetOptionW
HttpOpenRequestW
InternetConnectW
HttpAddRequestHeadersW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Exports

Exports

��it�羥��Zς�fX��v�R��.!��8E �l:��:�ۻ�&�s��Ö�?��b�C�@xem��-vWȱ��ȫ�;d��}�m4#�_�(�FI�%�L�q�k@a�i��Pqc��Y��r�7O d��/�(Ϣ,�J��-�-#c��`�Q�H<99TA�;pp��R�^�N��|Z�F0��~<�_�n�&+�4��fH�Q#e�g=f `�� M��r��HP��ˍ�\ԝC�I��]�pɵ�f�p�_�3�\ê/�^PDV?Y��nk� $�.ӻxآ�8Ȯ�T@SI�Q��E�J��Y�W.��Ǐ��Y=�Mm܀m��=罠 ��H jw�[F3��W��U�XA\@ ��Y�]�}r��Ǽ,#o�jgh�LT�z��i�H;��al/��Y5��`�q�(�|�Q��*�~Qw}0��"��(Tr�{|=�;�4��Tp��N�U��#x.�>h=��:k3�ס�s��/O��r� /��T��9O~��8��"ʫ�W�"*��r�ʱe.4�i�m<=Č��W^�i��&�ۼT��8�l��+0��y��~o*�d�9O(�R�dǞ+oE��' &h{e��B>�g\'(\ӵF{{� ��J��n֓��g�C�s�V�P�G"'��q�ţ�d�)�GF��Ѱ}[O+�Ģ��1̨_e>�:��.ݿ́��,b�м�d�?�^C�'v/Ä��#t�4�\�B�֕��Ĭ�Ͻ�62m�M��><GR� ��Wڤ*�� >hs^�� H�P��'7��B'=�F�M�%Ö�v��-$��a��} ��²�dy��Mި��H��a�ư۹&��1;�0,�Ek��L��Ԛ=��( dJ!#��Uq��B��*ߓ�6e�fgn5�w��U�� 2-�)��S��f�&:�@S��oy)]t/o�wa��n��w��pfD9-��S��߱]e-荦D��)e�%H9�D�Y|nF>��pG 0j8�;A��4GدG�P�u% ��x��џ�Ǆ� _@�@�Sx�CC�j,"ʿ��ŀJ1;��:_�ב��m�^��b�x��?�rEQ��r+��E"�g��l��գ*��(2Zߺ�y��<��I�k]�!�zVA��""&/�ە��T�3F\.��N�>$r�!��R��3��AN��3��/Y?�3ޢ�~�b��u�'��ca��=|��$a�V�y��uBڪ�v"�h`Ar��!,3 |��G �\$�X��>hx=��9��JY"3��Ι ;e��O��'z�z�g��>H�\p�v>��@·��X�B��q��#��b��H'2�?am`L��k�ߩ )-��0�26��:�:�H�s��&��R3�B��Z��A�z�ڒf&m��sq�G}f��Χ��oߔ��.�1X�Ll0��/��e�c$h��[�&+�i�Hl�; �K3��u�� c�I~j�3�CD��P��a�}��cpj�҃鳛?��Htp*@G�.�K܀}��ĥ?�/M�ɺNE��tF/�k9p��G��KNN@m5x̼�_]�m]�3��qgu��%�9#��]8ݫ��`(�e��@�jF �k]��V.�PP�H�-(T9t�21*�rOW��:U��շ�op��j6��"��^�%��]��߂;�r��p$��^��Nr鿔��[ Ri��Ɇ�J� ��m�ԁ�z�p�Ρ�5�>$|�u8��[}as��Z~�}p:dgs��%��Z�Y}�#�� sZ -c�)�k�tY¿Ė3�4��|9�Ti��~Gz��y� ��AYIm��#��X��i۫��z~�=�4�d�%��;�V�de��(��yn��WG�e̼ĥ��7*W`2�C��va��;vE��y��p7)-�rn�ǡ�>Ɩ�'�o�o(n�?㨿�9/�Rp��$k�X�^�/8�b�M�$jB��a�X"�V��NZy��^��V�#N�G&=�P6�l. Ʊ��j�,�RE\�qۚ��x�A�7��Y��D{��#�Z�z��v��2}%��0�!Yfξ��B#��嵮�k�2:�ao\sCл�[9�A�c�/�{��e�w8i�Hъ��˼X0�(��f\�&۩6�Q��ns��T��SA`�>m��2��oa�f3ɕ�w�K��X�`�=P�#/w�e��saF=��Lj�Sax�iQn�i��Y�3��J��e�A%��g��#��i��[�I�f��G�˽!C�=��ԋ�TBp��o�b��u4]W��#M1�c��\�ڽ�#�P�\sb`��Q��t��[��?��헉��p�{f��7_�u�t z�� ˊf�nL��_�C��@=��o�0��mymH��t_bA�( >L��H��K8 �O�QF�1f��~�6S��G-�g$y\F7.?��(��?�>蚄i��t�s�i��O�0b�?�X�+��h�ߑ.�Us�we˯��?�~�5�M��N��>� ��OgV�1��p�6�h��W�y��k��9f�jH�$��}��KmA��5�=�b��d��g_be��)�U�q�Lż ��꬯�G��c~��Ǯ��M��dq��U�O��[(nU��Xd)��m��+�9�!;�qӞ�F�XRp�.��ᶼ�h`�v��S��N��#1�b�T�D�X�4e��\�spL��<{�/~.��j�圝V��K�A4�Y��_�vAxҖg9wc�f��'M��7��'P,��ӳa�-9�W�˭>�r��5=��=I�Q*�%k�g;��Հ߶*�:7ޛ��8��-��ve�

Sections

.text
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 606KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
QQ?????1.3.3/xml/DallyTask.xml
QQ?????1.3.3/xml/SpecialGuest.xml
QQ?????1.3.3/xml/items.xml
.xml
QQ?????1.3.3/xml/promotion.xml
ucbug???-www.ucbug.com.url
.url

Sharing

General

Malware Config

Signatures

Files

ce20923728e90210ca1c14d893d54601

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

ws2_32

winmm

wininet

oleacc

imm32

Exports

Exports

Sections

.text Size: - Virtual size: 3.2MB

.rdata Size: - Virtual size: 606KB

.data Size: - Virtual size: 88KB

.vmp0 Size: - Virtual size: 402KB

.tls Size: 512B - Virtual size: 24B

.vmp1 Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 512B - Virtual size: 184B

.rsrc Size: 22KB - Virtual size: 38KB

.text
Size: - Virtual size: 3.2MB

.rdata
Size: - Virtual size: 606KB

.data
Size: - Virtual size: 88KB

.vmp0
Size: - Virtual size: 402KB

.tls
Size: 512B - Virtual size: 24B

.vmp1
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 512B - Virtual size: 184B

.rsrc
Size: 22KB - Virtual size: 38KB