I:\build\trunk_cn_9.0build\simulator\bin\dnplycore.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5968a2df39c661364b738d581ea12ecc32632a5bc5c8c2af679cc161ac266cd5.dll
Resource
win7-20240419-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
5968a2df39c661364b738d581ea12ecc32632a5bc5c8c2af679cc161ac266cd5.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
5968a2df39c661364b738d581ea12ecc32632a5bc5c8c2af679cc161ac266cd5
-
Size
997KB
-
MD5
50d7507abb6b00df3b7e91de59100c33
-
SHA1
b20347363bc7035e60e8fb6a09504983f81571dd
-
SHA256
5968a2df39c661364b738d581ea12ecc32632a5bc5c8c2af679cc161ac266cd5
-
SHA512
32a653908abe1759ff51b7bc5c91320aeb3a236c080b782d35d2b96529880ce53e50234b3b0784a340ee7e83d27f0f10bfc81b40f9c6a8c8f5f84ad30ff8c61c
-
SSDEEP
24576:U+92iP64llJeVnMzNuAL87q3K0gSyYVjOImd:4gleKNuAL873OyUjjU
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5968a2df39c661364b738d581ea12ecc32632a5bc5c8c2af679cc161ac266cd5
Files
-
5968a2df39c661364b738d581ea12ecc32632a5bc5c8c2af679cc161ac266cd5.dll windows:6 windows x86 arch:x86
336a6fdf120a7546bb70fad434acc91b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
cximagecrt
?GetHeight@CxImage@@QBEIXZ
?DestroyFrames@CxImage@@QAE_NXZ
?Destroy@CxImage@@QAE_NXZ
?GetWidth@CxImage@@QBEIXZ
??0CxImage@@QAE@ABV0@_N11@Z
?Scanf@CxMemFile@@UAEHPBDPAX@Z
?GetS@CxMemFile@@UAEPADPADH@Z
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@HH_N@Z
?Load@CxImage@@QAE_NPB_WI@Z
??0CxImage@@QAE@I@Z
?Write@CxMemFile@@UAEIPBXII@Z
??0CxMemFile@@QAE@PAEI@Z
??1CxMemFile@@UAE@XZ
?Close@CxMemFile@@UAE_NXZ
?Read@CxMemFile@@UAEIPAXII@Z
?Resample@CxImage@@QAE_NHHHPAV1@@Z
?Seek@CxMemFile@@UAE_NHH@Z
?Tell@CxMemFile@@UAEHXZ
?Size@CxMemFile@@UAEHXZ
?Flush@CxMemFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Error@CxMemFile@@UAEHXZ
?PutC@CxMemFile@@UAE_NE@Z
?GetC@CxMemFile@@UAEHXZ
hid
HidP_GetUsageValue
HidP_GetCaps
HidP_GetButtonCaps
HidP_GetUsages
HidP_GetValueCaps
xinput1_3
ord4
ord5
ord2
winmm
timeEndPeriod
timeKillEvent
timeGetTime
timeBeginPeriod
timeGetDevCaps
timeSetEvent
kernel32
ReleaseMutex
DisableThreadLibraryCalls
LoadLibraryW
GetProcAddress
GetModuleFileNameA
CopyFileW
GetTickCount
GetLocalTime
GetUserDefaultUILanguage
OutputDebugStringA
GetCurrentProcessId
LocalFree
GetModuleFileNameW
lstrcmpW
lstrlenW
CreateFileMappingA
lstrcpyW
GlobalAlloc
GetVersionExW
GlobalFree
GetCurrentThreadId
GetFileSize
CreateFileW
SetPriorityClass
SetThreadPriority
GetModuleHandleW
GlobalUnlock
OpenProcess
ReleaseSemaphore
CreateSemaphoreW
TerminateProcess
GlobalMemoryStatusEx
GetSystemInfo
VirtualQuery
FindResourceW
LoadResource
CreateProcessW
SizeofResource
GetFileAttributesW
MoveFileW
DeleteCriticalSection
DeleteFileW
SetFileAttributesW
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
WaitForMultipleObjects
CreateEventW
EnterCriticalSection
DebugBreak
GetLastError
QueryPerformanceFrequency
ReadFile
LeaveCriticalSection
InitializeCriticalSection
WriteFile
ConnectNamedPipe
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
TerminateThread
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetExitCodeProcess
CreateThread
GetSystemDirectoryW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
SetEvent
WaitForSingleObject
OpenEventW
OpenFileMappingW
CreateFileMappingW
OpenMutexW
Sleep
QueryPerformanceCounter
UnmapViewOfFile
MapViewOfFile
CreateMutexW
GetOverlappedResult
ResetEvent
CreateNamedPipeA
CloseHandle
LockResource
GlobalLock
user32
ClientToScreen
GetMessageExtraInfo
SetCapture
TrackMouseEvent
GetCapture
InflateRect
SendMessageW
FindWindowExW
IsWindow
EmptyClipboard
GetClassNameW
MessageBoxW
GetParent
DispatchMessageW
PeekMessageW
MessageBoxA
TranslateMessage
MsgWaitForMultipleObjects
wsprintfW
SetCursorPos
SystemParametersInfoW
MonitorFromWindow
GetDesktopWindow
GetKeyState
MapVirtualKeyW
GetWindowThreadProcessId
RegisterClassExW
SetClipboardData
ReleaseCapture
GetMonitorInfoW
SetCursor
SendInput
LoadImageW
PostMessageW
GetClipCursor
ShowCursor
DestroyCursor
ClipCursor
DestroyWindow
CloseClipboard
LoadCursorW
SetFocus
GetWindowLongW
GetClipboardData
SetWindowLongW
GetCursorPos
ShowWindow
CreateWindowExW
OpenClipboard
RegisterClassW
GetKeyboardLayoutList
DefWindowProcW
ActivateKeyboardLayout
MoveWindow
DrawTextW
GetDC
ReleaseDC
GetSystemMetrics
GetKeyNameTextW
GetRawInputData
IsIconic
PtInRect
GetRegisteredRawInputDevices
GetRawInputDeviceInfoW
GetRawInputDeviceList
SetTimer
ScreenToClient
GetWindowRect
KillTimer
GetFocus
WindowFromPoint
GetClientRect
GetForegroundWindow
ChangeDisplaySettingsW
EnumWindows
GetKeyboardLayout
GetAsyncKeyState
GetAncestor
RegisterRawInputDevices
GetWindowTextW
gdi32
GetTextFaceW
CreateFontW
Rectangle
CreateCompatibleDC
SetTextColor
DeleteDC
CreateDIBSection
CreateSolidBrush
GetStockObject
CreatePen
CreateDCW
GetDeviceCaps
SetBkMode
DeleteObject
SelectObject
advapi32
RegCloseKey
RegOpenKeyExW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ole32
CoCreateGuid
CoInitializeEx
CoGetClassObject
CoUninitialize
oleaut32
SysAllocStringLen
SysAllocString
SysStringLen
SafeArrayGetLBound
SafeArrayGetUBound
SysFreeString
SysStringByteLen
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayAccessData
SysAllocStringByteLen
SafeArrayUnaccessData
msvcp120
?_Throw_Cpp_error@std@@YAXH@Z
_Thrd_current
_Thrd_equal
?_Launch@_Pad@std@@QAEXPAU_Thrd_imp_t@@@Z
??1_Pad@std@@QAE@XZ
?_Release@_Pad@std@@QAEXXZ
??0_Pad@std@@QAE@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?_Make_dir@sys@tr2@std@@YAHPB_W@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Unlink@sys@tr2@std@@YAHPB_W@Z
_Mtx_current_owns
_Cnd_timedwait
_Thrd_join
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
_Cnd_init
?_Throw_C_error@std@@YAXH@Z
?_Throw_future_error@std@@YAXABVerror_code@1@@Z
?_Future_error_map@std@@YAPBDH@Z
?_Stat@sys@tr2@std@@YA?AW4file_type@123@PB_WAAH@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
_Cnd_destroy
_Cnd_register_at_thread_exit
_Cnd_unregister_at_thread_exit
_Mtx_destroy
_Mtx_unlock
_Cnd_broadcast
_Cnd_wait
_Mtx_lock
_Mtx_init
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_BADOFF@std@@3_JB
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??Bios_base@std@@QBE_NXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Rename@sys@tr2@std@@YAHPB_W0@Z
?_Close_dir@sys@tr2@std@@YAXPAX@Z
?_Read_dir@sys@tr2@std@@YAPA_WAAY0BAE@_WPAXAAW4file_type@123@@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Open_dir@sys@tr2@std@@YAPAXAAY0BAE@_WPB_WAAHAAW4file_type@123@@Z
?uncaught_exception@std@@YA_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
_Xtime_get_ticks
ws2_32
ntohs
accept
listen
send
closesocket
__WSAFDIsSet
socket
bind
recv
setsockopt
htons
WSAGetLastError
select
htonl
inet_addr
connect
ioctlsocket
ntohl
dsound
ord1
ord3
ord8
ord6
msvcr120
memset
memcpy
_setjmp3
_libm_sse2_sqrt_precise
_libm_sse2_sin_precise
_libm_sse2_log10_precise
_libm_sse2_cos_precise
_libm_sse2_asin_precise
__CxxFrameHandler3
_CxxThrowException
_CIatan2
_stricmp
_strnicmp
__clean_type_info_names_internal
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
_vsnprintf_s
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
vsprintf_s
_wcsicmp
_wcsnicmp
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
_snprintf_s
printf
sprintf_s
??_V@YAXPAX@Z
longjmp
realloc
_beginthreadex
wcstoul
_swprintf
_invalid_parameter_noinfo_noreturn
strchr
strrchr
strtoul
?__ExceptionPtrToBool@@YA_NPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
??0exception@std@@QAE@ABQBDH@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??1critical_section@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
?set@event@Concurrency@@QAEXXZ
?wait@event@Concurrency@@QAEII@Z
??1event@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
?Free@Concurrency@@YAXPAX@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
swprintf_s
rand
_time64
strncmp
wcschr
strstr
wcsstr
tolower
wcstod
wcsncmp
fscanf
fputc
sprintf
feof
fflush
_wfopen
fgets
wcsrchr
fread
ferror
fwrite
ftell
fseek
fclose
getc
_snwprintf_s
?terminate@@YAXXZ
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
_unlock_file
ungetc
fgetpos
_fseeki64
fgetc
fsetpos
setvbuf
_lock_file
memcpy_s
??8type_info@@QBE_NABV0@@Z
_localtime64_s
memchr
atoi
strtol
strncpy
isspace
fopen_s
isalpha
isdigit
wcstol
wcsncpy
_vswprintf
_waccess
_snprintf
wcstoull
?_wopen@@YAHPB_WHH@Z
wprintf
_wcslwr
_read
srand
_write
_close
vswprintf_s
_vswprintf_c_l
_except1
iphlpapi
GetAdaptersInfo
imm32
ImmGetCompositionStringW
ImmGetProperty
ImmGetContext
ImmIsIME
ImmReleaseContext
ImmSetConversionStatus
ImmAssociateContext
ImmGetConversionStatus
ImmSetCompositionWindow
shlwapi
PathFileExistsW
wininet
InternetCloseHandle
HttpQueryInfoW
InternetReadFile
HttpSendRequestW
InternetCrackUrlW
InternetOpenW
InternetConnectW
HttpOpenRequestW
shell32
SHGetFolderPathW
ord165
ShellExecuteExW
ShellExecuteW
Exports
Exports
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEHXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEHXZ
?GetExifInfo@CxImage@@QAEPAUtag_ExifInfo@@XZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPB_W0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEHPBDPAX@Z
?Seek@CxIOFile@@UAE_NHH@Z
?Size@CxIOFile@@UAEHXZ
?Tell@CxIOFile@@UAEHXZ
?Write@CxIOFile@@UAEIPBXII@Z
createVBoxClient
initVbox
uninitVbox
Sections
.text Size: 747KB - Virtual size: 747KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 173KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 30KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ