D:\Jenkins\jobs\classin-package-windows-x64-release\workspace\qrelease\EeoNoticeEngine.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0b4675cdffe54751e10dfa2b727f37b3beb06e1f9724f7beb9c01016f1539428_NeikiAnalytics.dll
Resource
win7-20240508-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
0b4675cdffe54751e10dfa2b727f37b3beb06e1f9724f7beb9c01016f1539428_NeikiAnalytics.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
0b4675cdffe54751e10dfa2b727f37b3beb06e1f9724f7beb9c01016f1539428_NeikiAnalytics.exe
-
Size
108KB
-
MD5
78d8884a85a664bae247f95c818413a0
-
SHA1
7a485d1676d7c6113e318c14c9af479f50fe6f63
-
SHA256
0b4675cdffe54751e10dfa2b727f37b3beb06e1f9724f7beb9c01016f1539428
-
SHA512
977bb9973910c43d2897a6cd006de7206843c7cb04ae32ae4f395683d0f87a522a35c96398452648ad60068ab6fc36823f4ae69e3dad0fd6b3b0e0dbf570d7c1
-
SSDEEP
3072:VQSHLh6t4Mo5C1W5eYpT4XDL9jKLdc78Zxo:VQYXM7W4YpT4XljKLdc78Z
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0b4675cdffe54751e10dfa2b727f37b3beb06e1f9724f7beb9c01016f1539428_NeikiAnalytics.exe
Files
-
0b4675cdffe54751e10dfa2b727f37b3beb06e1f9724f7beb9c01016f1539428_NeikiAnalytics.exe.dll windows:6 windows x64 arch:x64
e45403f005ba3ff54e333f359adec3ee
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
eeoserverproxy
?GetResponseCode@MessageProcessor@@QEAAIXZ
?GetSourceUID@MessageProcessor@@QEAA_KXZ
??0GetRecvRequestInfoByTimeTagRequest@@QEAA@XZ
??1GetRecvRequestInfoByTimeTagRequest@@UEAA@XZ
?Send@GetRecvRequestInfoByTimeTagRequest@@QEAAHXZ
?SetParams@GetRecvRequestInfoByTimeTagRequest@@QEAA_N_K@Z
??0GetSendRequestInfoByTimeTagRequest@@QEAA@XZ
??1GetSendRequestInfoByTimeTagRequest@@UEAA@XZ
?Send@GetSendRequestInfoByTimeTagRequest@@QEAAHXZ
?SetParams@GetSendRequestInfoByTimeTagRequest@@QEAA_N_K@Z
??1ContactAddInformResponse@@UEAA@XZ
?GetSourceUID@ContactAddInformResponse@@QEAA_KXZ
?GetRequestMsg@ContactAddInformResponse@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetTimeStamp@ContactAddInformResponse@@QEAAIXZ
??0ContactAddInformResponse@@QEAA@AEBV0@@Z
??1GetRecvRequestInfoByTimeTagResponse@@UEAA@XZ
?GetNextTimeTag@GetRecvRequestInfoByTimeTagResponse@@QEAA_KXZ
?GetLastTimeTag@GetRecvRequestInfoByTimeTagResponse@@QEAA_KXZ
?GetFragmentNum@GetRecvRequestInfoByTimeTagResponse@@QEAAGXZ
?GetFragmentIndex@GetRecvRequestInfoByTimeTagResponse@@QEAAGXZ
?RequestInfoByTimeTagList@GetRecvRequestInfoByTimeTagResponse@@QEAA?AV?$vector@URequestInfoByTimeTag@GetRecvRequestInfoByTimeTagResponse@@V?$allocator@URequestInfoByTimeTag@GetRecvRequestInfoByTimeTagResponse@@@std@@@std@@XZ
??0GetRecvRequestInfoByTimeTagResponse@@QEAA@AEBV0@@Z
??1GetSendRequestInfoByTimeTagResponse@@UEAA@XZ
?GetNextTimeTag@GetSendRequestInfoByTimeTagResponse@@QEAA_KXZ
?GetLastTimeTag@GetSendRequestInfoByTimeTagResponse@@QEAA_KXZ
?GetFragmentNum@GetSendRequestInfoByTimeTagResponse@@QEAAGXZ
?GetFragmentIndex@GetSendRequestInfoByTimeTagResponse@@QEAAGXZ
?RequestInfoByTimeTagList@GetSendRequestInfoByTimeTagResponse@@QEAA?AV?$vector@URequestInfoByTimeTag@GetSendRequestInfoByTimeTagResponse@@V?$allocator@URequestInfoByTimeTag@GetSendRequestInfoByTimeTagResponse@@@std@@@std@@XZ
??0GetSendRequestInfoByTimeTagResponse@@QEAA@AEBV0@@Z
??0ContactAddReplyRequest@@QEAA@XZ
??1ContactAddReplyRequest@@UEAA@XZ
?Send@ContactAddReplyRequest@@QEAAHXZ
?SetParams@ContactAddReplyRequest@@QEAA_N_KEV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@1@Z
??1ContactAddReplyInformResponse@@UEAA@XZ
?GetContactTargetUID@ContactAddReplyInformResponse@@QEAA_KXZ
?GetResponseMsg@ContactAddReplyInformResponse@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??0ContactAddReplyInformResponse@@QEAA@AEBV0@@Z
??1ContactAddConfirmInformResponse@@UEAA@XZ
?GetSourceUID@ContactAddConfirmInformResponse@@QEAA_KXZ
??0ContactAddConfirmInformResponse@@QEAA@AEBV0@@Z
??0ContactDeleteReqRequest@@QEAA@XZ
??1ContactDeleteReqRequest@@UEAA@XZ
?Send@ContactDeleteReqRequest@@QEAAHXZ
?SetParams@ContactDeleteReqRequest@@QEAA_NEAEBV?$vector@_KV?$allocator@_K@std@@@std@@@Z
??1ContactDeleteReqResponse@@UEAA@XZ
??0ContactDeleteReqResponse@@QEAA@AEBV0@@Z
??1ContactorRequestInfoChangeInformResponse@@UEAA@XZ
?GetRequestInfoList@ContactorRequestInfoChangeInformResponse@@QEAA?AV?$vector@URequestInfo@ContactorRequestInfoChangeInformResponse@@V?$allocator@URequestInfo@ContactorRequestInfoChangeInformResponse@@@std@@@std@@XZ
??0ContactorRequestInfoChangeInformResponse@@QEAA@AEBV0@@Z
??0CustomMsgRequest@@QEAA@XZ
??1CustomMsgRequest@@UEAA@XZ
?Send@CustomMsgRequest@@QEAAHXZ
?SetParams@CustomMsgRequest@@QEAA_NAEBV?$vector@_KV?$allocator@_K@std@@@std@@IIIPEBDV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@3@II2@Z
??1CustomMsgResponse@@UEAA@XZ
?GetTargetUIDList@CustomMsgResponse@@QEAA?AV?$vector@_KV?$allocator@_K@std@@@std@@XZ
?GetTag@CustomMsgResponse@@QEAAIXZ
??0CustomMsgResponse@@QEAA@AEBV0@@Z
??1CustomMessageInformResponse@@UEAA@XZ
?GetTag@CustomMessageInformResponse@@QEAAIXZ
?GetAppendixData@CustomMessageInformResponse@@QEAA?AUbinary_s@MessageProcessor@@XZ
?GetMessageData@CustomMessageInformResponse@@QEAA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??0CustomMessageInformResponse@@QEAA@AEBV0@@Z
eeoutils
?instance@EeoSettings@@SAPEAV1@AEBVQString@@@Z
?getWebUseLang@EeoSettings@@QEAA?AVQString@@XZ
eeocoreengine
?staticMetaObject@ServerProxySignals@@2UQMetaObject@@B
?instance@ServerProxySignals@@SAPEAV1@XZ
?responseCustomMsgResponse@ServerProxySignals@@QEAAXVCustomMsgResponse@@@Z
?responseContactAdd@ServerProxySignals@@QEAAXVContactAddInformResponse@@@Z
?responseDelRecvFriendRequest@ServerProxySignals@@QEAAXVContactDeleteReqResponse@@@Z
?contactorRequestInfoChangeInform@ServerProxySignals@@QEAAXVContactorRequestInfoChangeInformResponse@@@Z
?responseGetSendFriendRequestInfoByTimeTag@ServerProxySignals@@QEAAXVGetSendRequestInfoByTimeTagResponse@@@Z
?responseGetRecvFriendRequestInfoByTimeTag@ServerProxySignals@@QEAAXVGetRecvRequestInfoByTimeTagResponse@@@Z
?responseBeforeMaintenanceInform@ServerProxySignals@@QEAAXVCustomMessageInformResponse@@@Z
?responseFreeMeetingJoinInform@ServerProxySignals@@QEAAXVCustomMessageInformResponse@@@Z
?responseContactsAddReply@ServerProxySignals@@QEAAXVContactAddReplyInformResponse@@@Z
?responseContactsAddConfirm@ServerProxySignals@@QEAAXVContactAddConfirmInformResponse@@@Z
?instance@CoreEngine@EeoEngine@@SAPEAV12@XZ
eeocommonengine
??1GroupNoticeInfo@EeoEngine@@QEAA@XZ
??0GroupNoticeInfo@EeoEngine@@QEAA@AEBV01@@Z
??0GroupNoticeInfo@EeoEngine@@QEAA@XZ
?setUnread@FriendRequestInfo@EeoEngine@@QEAAX_N@Z
?setDate@FriendRequestInfo@EeoEngine@@QEAAX_K@Z
?setMessage@FriendRequestInfo@EeoEngine@@QEAAXVQString@@@Z
?setStatus@FriendRequestInfo@EeoEngine@@QEAAXH@Z
?setTargetId@FriendRequestInfo@EeoEngine@@QEAAX_K@Z
?setSourceId@FriendRequestInfo@EeoEngine@@QEAAX_K@Z
?date@FriendRequestInfo@EeoEngine@@QEBA_KXZ
?message@FriendRequestInfo@EeoEngine@@QEBA?AVQString@@XZ
?status@FriendRequestInfo@EeoEngine@@QEBAHXZ
??0FriendRequestInfo@EeoEngine@@QEAA@XZ
??1UserInfo@EeoEngine@@QEAA@XZ
?nickname@UserInfo@EeoEngine@@QEBA?AVQString@@XZ
??0UserInfo@EeoEngine@@QEAA@_K@Z
??1FriendRequestInfo@EeoEngine@@QEAA@XZ
??0FriendRequestInfo@EeoEngine@@QEAA@AEBV01@@Z
?sourceId@FriendRequestInfo@EeoEngine@@QEBA_KXZ
?targetId@FriendRequestInfo@EeoEngine@@QEBA_KXZ
eeodatabaseengine
?instance@DataBaseEngine@EeoEngine@@SAPEAV12@XZ
qt5core
?addYears@QDateTime@@QEBA?AV1@H@Z
?shared_null@QMapDataBase@@2U1@B
?shared_null@QHashData@@2U1@B
??0QMessageLogger@@QEAA@XZ
?noDebug@QMessageLogger@@QEBA?AVQNoDebug@@XZ
?tr@QMetaObject@@QEBA?AVQString@@PEBD0H@Z
??0QObject@@QEAA@PEAV0@@Z
??1QObject@@UEAA@XZ
?setObjectName@QObject@@QEAAXAEBVQString@@@Z
?moveToThread@QObject@@QEAAXPEAVQThread@@@Z
??0QDeadlineTimer@@QEAA@W4ForeverConstant@0@W4TimerType@Qt@@@Z
??0QThread@@QEAA@PEAVQObject@@@Z
?detach_helper@QHashData@@QEAAPEAU1@P6AXPEAUNode@1@PEAX@ZP6AX0@ZHH@Z
?start@QThread@@QEAAXW4Priority@1@@Z
?quit@QThread@@QEAAXXZ
?wait@QThread@@QEAA_NVQDeadlineTimer@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?event@QThread@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?metaObject@QThread@@UEBAPEBUQMetaObject@@XZ
?qt_metacall@QThread@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QThread@@UEAAPEAXPEBD@Z
?run@QThread@@MEAAXXZ
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?qtTrId@@YA?AVQString@@PEBDH@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?info@QMessageLogger@@QEBA?AVQDebug@@XZ
??0QByteArray@@QEAA@PEBDH@Z
??0QByteArray@@QEAA@AEBV0@@Z
??1QByteArray@@QEAA@XZ
?data@QByteArray@@QEAAPEADXZ
?constData@QByteArray@@QEBAPEBDXZ
?length@QByteArray@@QEBAHXZ
??0QString@@QEAA@XZ
??0QString@@QEAA@AEBV0@@Z
??4QString@@QEAAAEAV0@AEBV0@@Z
?toUtf8@QString@@QEGBA?AVQByteArray@@XZ
?toUtf8@QString@@QEHAA?AVQByteArray@@XZ
?number@QString@@SA?AV1@_KH@Z
??M@YA_NAEBVQString@@0@Z
?toMSecsSinceEpoch@QDateTime@@QEBA_JXZ
??8QString@@QEBA_NPEBD@Z
?fromStdString@QString@@SA?AV1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?toStdString@QString@@QEBA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?detach@QListData@@QEAAPEAUData@1@H@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?realloc@QListData@@QEAAXH@Z
?dispose@QListData@@QEAAXXZ
?dispose@QListData@@SAXPEAUData@1@@Z
?append@QListData@@QEAAPEAPEAXXZ
?begin@QListData@@QEBAPEAPEAXXZ
?end@QListData@@QEBAPEAPEAXXZ
?toSecsSinceEpoch@QDateTime@@QEBA_JXZ
?normalizedType@QMetaObject@@SA?AVQByteArray@@PEBD@Z
??1Connection@QMetaObject@@QEAA@XZ
?registerNormalizedType@QMetaType@@SAHAEBVQByteArray@@P6AXPEAX@ZP6APEAX1PEBX@ZHV?$QFlags@W4TypeFlag@QMetaType@@@@PEBUQMetaObject@@@Z
?registerNormalizedTypedef@QMetaType@@SAHAEBVQByteArray@@H@Z
?connectImpl@QObject@@CA?AVConnection@QMetaObject@@PEBV1@PEAPEAX01PEAVQSlotObjectBase@QtPrivate@@W4ConnectionType@Qt@@PEBHPEBU3@@Z
??0QVariant@@QEAA@XZ
??1QVariant@@QEAA@XZ
??0QVariant@@QEAA@AEBV0@@Z
??4QVariant@@QEAAAEAV0@AEBV0@@Z
?toString@QVariant@@QEBA?AVQString@@XZ
?toMap@QVariant@@QEBA?AV?$QMap@VQString@@VQVariant@@@@XZ
??0QDebug@@QEAA@AEBV0@@Z
??1QDebug@@QEAA@XZ
?nospace@QDebug@@QEAAAEAV1@XZ
?maybeSpace@QDebug@@QEAAAEAV1@XZ
?autoInsertSpaces@QDebug@@QEBA_NXZ
?setAutoInsertSpaces@QDebug@@QEAAX_N@Z
??6QDebug@@QEAAAEAV0@D@Z
??6QDebug@@QEAAAEAV0@PEBD@Z
??6QDebug@@QEAAAEAV0@AEBVQString@@@Z
??1QJsonObject@@QEAA@XZ
?toVariantMap@QJsonObject@@QEBA?AV?$QMap@VQString@@VQVariant@@@@XZ
??1QJsonDocument@@QEAA@XZ
?fromJson@QJsonDocument@@SA?AV1@AEBVQByteArray@@PEAUQJsonParseError@@@Z
?isObject@QJsonDocument@@QEBA_NXZ
?object@QJsonDocument@@QEBA?AVQJsonObject@@XZ
?shared_null@QListData@@2UData@1@B
?activate@QMetaObject@@SAXPEAVQObject@@PEBU1@HPEAPEAX@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?qt_metacast@QObject@@UEAAPEAXPEBD@Z
?qt_metacall@QObject@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?staticMetaObject@QObject@@2UQMetaObject@@B
?qBadAlloc@@YAXXZ
??1QDateTime@@QEAA@XZ
?unlock@QReadWriteLock@@QEAAXXZ
?lockForWrite@QReadWriteLock@@QEAAXXZ
?lockForRead@QReadWriteLock@@QEAAXXZ
??1QReadWriteLock@@QEAA@XZ
??0QReadWriteLock@@QEAA@W4RecursionMode@0@@Z
?free_helper@QHashData@@QEAAXP6AXPEAUNode@1@@Z@Z
??4QString@@QEAAAEAV0@PEBD@Z
?willGrow@QHashData@@QEAA_NXZ
?data@QArrayData@@QEAAPEAXXZ
?allocate@QArrayData@@SAPEAU1@_K00V?$QFlags@W4AllocationOption@QArrayData@@@@@Z
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
?sharedNull@QArrayData@@SAPEAU1@XZ
??1QString@@QEAA@XZ
??0QString@@QEAA@PEBD@Z
?color@QMapNodeBase@@QEBA?AW4Color@1@XZ
?setColor@QMapNodeBase@@QEAAXW4Color@1@@Z
?setParent@QMapNodeBase@@QEAAXPEAU1@@Z
?freeNodeAndRebalance@QMapDataBase@@QEAAXPEAUQMapNodeBase@@@Z
?recalcMostLeftNode@QMapDataBase@@QEAAXXZ
?createNode@QMapDataBase@@QEAAPEAUQMapNodeBase@@HHPEAU2@_N@Z
?freeTree@QMapDataBase@@QEAAXPEAUQMapNodeBase@@H@Z
?createData@QMapDataBase@@SAPEAU1@XZ
?freeData@QMapDataBase@@SAXPEAU1@@Z
?allocateNode@QHashData@@QEAAPEAXH@Z
??1QThread@@UEAA@XZ
msvcp140
?_Xlength_error@std@@YAXPEBD@Z
vcruntime140
memcpy
memmove
__std_exception_copy
__std_exception_destroy
__C_specific_handler
__current_exception
__current_exception_context
memset
__std_type_info_destroy_list
_CxxThrowException
_purecall
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-heap-l1-1-0
free
_callnewh
malloc
api-ms-win-crt-string-l1-1-0
strcmp
api-ms-win-crt-runtime-l1-1-0
_invalid_parameter_noinfo_noreturn
terminate
_initterm_e
_initterm
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_cexit
kernel32
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Exports
Exports
??0NoticeEngine@EeoEngine@@QEAA@PEAVQObject@@@Z
??1NoticeEngine@EeoEngine@@UEAA@XZ
??_7NoticeEngine@EeoEngine@@6B@
??_FNoticeEngine@EeoEngine@@QEAAXXZ
?instance@NoticeEngine@EeoEngine@@SAPEAV12@XZ
?m_lock@NoticeEngine@EeoEngine@@0VQReadWriteLock@@A
?m_pInstance@NoticeEngine@EeoEngine@@0PEAV12@EA
?m_pThread@NoticeEngine@EeoEngine@@0PEAVQThread@@EA
?metaObject@NoticeEngine@EeoEngine@@UEBAPEBUQMetaObject@@XZ
?qt_metacall@NoticeEngine@EeoEngine@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@NoticeEngine@EeoEngine@@UEAAPEAXPEBD@Z
?qt_static_metacall@NoticeEngine@EeoEngine@@CAXPEAVQObject@@W4Call@QMetaObject@@HPEAPEAX@Z
?release@NoticeEngine@EeoEngine@@SAXXZ
?signalContactorAddNotice@NoticeEngine@EeoEngine@@QEAAXVFriendRequestInfo@2@@Z
?signalContactorAddReplyNotice@NoticeEngine@EeoEngine@@QEAAXVFriendRequestInfo@2@@Z
?signalContactsAddConfirmNotice@NoticeEngine@EeoEngine@@QEAAXVFriendRequestInfo@2@@Z
?signalDeleteOneAddNotice@NoticeEngine@EeoEngine@@QEAAX_K@Z
?signalFreeMeetingJoinNotice@NoticeEngine@EeoEngine@@QEAAX_KVQByteArray@@@Z
?signalFriendRequestErrorNotice@NoticeEngine@EeoEngine@@QEAAXAEBVQString@@@Z
?signalInitUiData@NoticeEngine@EeoEngine@@QEAAXXZ
?signalPopContactorAddNotice@NoticeEngine@EeoEngine@@QEAAXVFriendRequestInfo@2@@Z
?signalPopContactorOffLineAddNotice@NoticeEngine@EeoEngine@@QEAAXVFriendRequestInfo@2@@Z
?signalServerInMaintenance@NoticeEngine@EeoEngine@@QEAAXAEBVQString@@_N@Z
?signalSetFriendRequestOverdue@NoticeEngine@EeoEngine@@QEAAXVFriendRequestInfo@2@@Z
?staticMetaObject@NoticeEngine@EeoEngine@@2UQMetaObject@@B
?tr@NoticeEngine@EeoEngine@@SA?AVQString@@PEBD0H@Z
?trUtf8@NoticeEngine@EeoEngine@@SA?AVQString@@PEBD0H@Z
?updateUnreadNoticeCount@NoticeEngine@EeoEngine@@QEAAXXZ
Sections
.text Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 31KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 376B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ