0e5963a056e3e3fa3b3a70dc0bb936d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e5963a056e3e3fa3b3a70dc0bb936d9_JaffaCakes118
Size

15.7MB
MD5

0e5963a056e3e3fa3b3a70dc0bb936d9
SHA1

8865b095d3d5e02c8d5e3ab259e0c4f808ea3738
SHA256

c8d58733183b7fe4cf80519ed0714d3cbba126482440d786b8637490f0c2045b
SHA512

782fcb5d96c10e53800cb21c560cbd112e4ff79d81570ad0ca1cf83585c19f95ce10447bcbb3a46ffdc4c22aca9f4737c2c79df7341770696957beada11747f7
SSDEEP

393216:trZmmqag++fG0BbiGNh1xXq5yfY2SbJBrmrUR:rOvB9mcYld

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/antivir-workstation-prof-2.1.4-11/smcpkg/en/uxwks.dll

Files

0e5963a056e3e3fa3b3a70dc0bb936d9_JaffaCakes118
.gz
sample
.tar
antivir-workstation-prof-2.1.4-11/.installrc
antivir-workstation-prof-2.1.4-11/LICENSE
antivir-workstation-prof-2.1.4-11/LICENSE.DE
antivir-workstation-prof-2.1.4-11/README
antivir-workstation-prof-2.1.4-11/bin/freebsd/antivir
.elf linux x86
antivir-workstation-prof-2.1.4-11/bin/freebsd/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/freebsd5/antivir
.elf linux x86
antivir-workstation-prof-2.1.4-11/bin/freebsd5/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/linux_glibc20/antivir
.elf linux x86
antivir-workstation-prof-2.1.4-11/bin/linux_glibc20/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/linux_glibc22/antivir
.elf linux x86
antivir-workstation-prof-2.1.4-11/bin/linux_glibc22/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/linux_glibc22_s390/antivir
.elf linux s390
antivir-workstation-prof-2.1.4-11/bin/linux_glibc22_s390/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/linux_libc5/antivir
.elf linux x86
antivir-workstation-prof-2.1.4-11/bin/linux_libc5/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/openbsd/antivir
antivir-workstation-prof-2.1.4-11/bin/openbsd/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/openbsd_elf/antivir
.elf linux x86
antivir-workstation-prof-2.1.4-11/bin/openbsd_elf/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/solaris_sparc/antivir
.elf linux sparc
antivir-workstation-prof-2.1.4-11/bin/solaris_sparc/antivir.asc
antivir-workstation-prof-2.1.4-11/bin/solaris_sparc/dazuko
.elf linux
antivir-workstation-prof-2.1.4-11/bin/solaris_sparc/dazuko.conf
antivir-workstation-prof-2.1.4-11/bin/solaris_x86/antivir
.elf linux x86
antivir-workstation-prof-2.1.4-11/bin/solaris_x86/antivir.asc
antivir-workstation-prof-2.1.4-11/contrib/dazuko/HOWTO-Dazuko
antivir-workstation-prof-2.1.4-11/contrib/dazuko/dazuko-2.1.0-pre9.tar.gz
.gz
dazuko-2.1.0-pre9.tar
.tar
dazuko-2.1.0-pre9/COPYING
dazuko-2.1.0-pre9/LICENSE.BSD
dazuko-2.1.0-pre9/LICENSE.GPL
dazuko-2.1.0-pre9/README
dazuko-2.1.0-pre9/README.linux26
dazuko-2.1.0-pre9/README.trusted
dazuko-2.1.0-pre9/configure
.sh linux
dazuko-2.1.0-pre9/dazuko_call.h
dazuko-2.1.0-pre9/dazuko_core.c
dazuko-2.1.0-pre9/dazuko_core.h
dazuko-2.1.0-pre9/dazuko_dummyos.c
dazuko-2.1.0-pre9/dazuko_dummyos.h
dazuko-2.1.0-pre9/dazuko_events.h
dazuko-2.1.0-pre9/dazuko_freebsd.c
dazuko-2.1.0-pre9/dazuko_freebsd.h
dazuko-2.1.0-pre9/dazuko_freebsd5.c
dazuko-2.1.0-pre9/dazuko_freebsd5.h
dazuko-2.1.0-pre9/dazuko_linux.c
dazuko-2.1.0-pre9/dazuko_linux.h
dazuko-2.1.0-pre9/dazuko_linux26.c
dazuko-2.1.0-pre9/dazuko_linux26.h
dazuko-2.1.0-pre9/dazuko_linux26_lsm.c
dazuko-2.1.0-pre9/dazuko_linux26_lsm.h
dazuko-2.1.0-pre9/dazuko_platform.h
dazuko-2.1.0-pre9/dazuko_rsbac.c
dazuko-2.1.0-pre9/dazuko_rsbac.h
dazuko-2.1.0-pre9/dazuko_transport.c
dazuko-2.1.0-pre9/dazuko_transport.h
dazuko-2.1.0-pre9/dazuko_version.h
dazuko-2.1.0-pre9/dazukoio.h
dazuko-2.1.0-pre9/dazukoio_core.c
dazuko-2.1.0-pre9/dazukoio_core.h
dazuko-2.1.0-pre9/dazukoio_dummyos.c
dazuko-2.1.0-pre9/dazukoio_dummyos.h
dazuko-2.1.0-pre9/dazukoio_linux_compat1.c
dazuko-2.1.0-pre9/dazukoio_linux_compat1.h
dazuko-2.1.0-pre9/dazukoio_platform.h
dazuko-2.1.0-pre9/dazukoio_trusted.h
dazuko-2.1.0-pre9/dazukoio_trusted_core.c
dazuko-2.1.0-pre9/dazukoio_unix.c
dazuko-2.1.0-pre9/dazukoio_unix.h
dazuko-2.1.0-pre9/example_c/example.c
dazuko-2.1.0-pre9/example_c/example_mt.c
dazuko-2.1.0-pre9/example_java/Example.java
dazuko-2.1.0-pre9/example_java/README
dazuko-2.1.0-pre9/example_java/dazuko_jni.c
dazuko-2.1.0-pre9/example_java/org/dazuko/Dazuko.java
.java .js
dazuko-2.1.0-pre9/example_java/org/dazuko/DazukoAccess.java
dazuko-2.1.0-pre9/example_java/org_dazuko_Dazuko.h
dazuko-2.1.0-pre9/example_lua/Makefile
dazuko-2.1.0-pre9/example_lua/README
dazuko-2.1.0-pre9/example_lua/config.lua
.js
dazuko-2.1.0-pre9/example_lua/dazuko.lua
dazuko-2.1.0-pre9/example_lua/example.c
dazuko-2.1.0-pre9/example_lua/example.lua
dazuko-2.1.0-pre9/example_lua/libdazuko.c
dazuko-2.1.0-pre9/example_perl/Access.pm
dazuko-2.1.0-pre9/example_perl/Example.pl
.pl .sh linux
dazuko-2.1.0-pre9/example_perl/ExampleOO.pl
.pl .sh linux
dazuko-2.1.0-pre9/example_perl/ExampleThr.pl
.pl .sh linux
dazuko-2.1.0-pre9/example_perl/IO.pm
dazuko-2.1.0-pre9/example_perl/IO.xs
dazuko-2.1.0-pre9/example_perl/Makefile.PL
dazuko-2.1.0-pre9/example_perl/Obj.pm
.js
dazuko-2.1.0-pre9/example_perl/README
dazuko-2.1.0-pre9/example_perl/t/autounblock.inc
.sh .vbs linux polyglot
dazuko-2.1.0-pre9/example_perl/t/t01.t
.sh .vbs linux polyglot
dazuko-2.1.0-pre9/example_perl/t/t02.t
.sh .vbs linux polyglot
dazuko-2.1.0-pre9/example_perl/t/t03.t
.sh .vbs linux polyglot
dazuko-2.1.0-pre9/example_perl/t/t04.t
.sh .vbs linux polyglot
dazuko-2.1.0-pre9/example_perl/t/t05.t
.sh .vbs linux polyglot
dazuko-2.1.0-pre9/example_php/README
dazuko-2.1.0-pre9/example_python/MANIFEST
dazuko-2.1.0-pre9/example_python/README
dazuko-2.1.0-pre9/example_python/dazukomodule.c
dazuko-2.1.0-pre9/example_python/example.py
.py .sh linux
dazuko-2.1.0-pre9/example_python/setup.py
dazuko-2.1.0-pre9/example_ruby/Dazuko.c
dazuko-2.1.0-pre9/example_ruby/README
dazuko-2.1.0-pre9/example_ruby/example.rb
.sh linux
dazuko-2.1.0-pre9/example_ruby/extconf.rb
.sh linux
dazuko-2.1.0-pre9/example_ruby/test.rb
.sh linux
dazuko-2.1.0-pre9/linux_conf.c
dazuko-2.1.0-pre9/linux_lsm_conf
.sh linux
dazuko-2.1.0-pre9/patch_dpath.diff
antivir-workstation-prof-2.1.4-11/contrib/dazuko/dazuko-2.1.0-pre9.tar.gz.asc
antivir-workstation-prof-2.1.4-11/doc/CHANGELOG
antivir-workstation-prof-2.1.4-11/doc/MANUAL
antivir-workstation-prof-2.1.4-11/doc/avserver_de.pdf
.pdf
- http://HTTPProxyServerproxy.domain.com
- http://antivir.de
- http://apple.zip
- http://eicar.com
- http://file1.zip
- http://filename.zip
- http://forum.antivir.de
- http://proxy.domain.com
- http://proxy.domain.com:8080
- http://samba-vscan-0.3.5.tar.bz
- http://seed.zip
- http://vscan-antivir.so
- http://www.amavis.org
- http://www.antivir.de
- http://www.antivir.de/dateien/antivir/handbuch/pdf/eula_antivir.pdf
- http://www.antivir.de/infos/virenkunde.htm
- http://www.dazuko.org
- http://www.eicar.org
- http://www.gnupg.org
- http://www.hbedv.com
- http://www.openantivirus.org/projects.php
- http://www.tldp.org/HOWTO/Kernel-HOWTO.html
- http://wwwkeys.pgp.net
- Show all
antivir-workstation-prof-2.1.4-11/etc/antivir.conf
antivir-workstation-prof-2.1.4-11/etc/avguard.conf
antivir-workstation-prof-2.1.4-11/etc/avguard.conf-gui
antivir-workstation-prof-2.1.4-11/gui/antivir-logo.png
.png
antivir-workstation-prof-2.1.4-11/gui/gui_workstation_common.tgz
.gz
gui_workstation_common.tgz
.tar
agent/rcscript
.sh linux
gui/cert/cacert.jks
gui/cert/cacert.pem
gui/cert/client.jks
gui/cert/server.pem
gui/legal/LICENSE.apache
gui/legal/LICENSE.cpl
gui/legal/LICENSE.gsoap
gui/legal/LICENSE.lgpl
gui/legal/LICENSE.md5
gui/legal/LICENSE.nanoxml
gui/legal/LICENSE.sixlegs
gui/legal/LICENSE.skinlf
gui/legal/LICENSE.sun
gui/legal/README
gui/lib/antivirskin.jar
.jar
gui/lib/de_antivir_avguard_local.jar
.jar
gui/lib/de_antivir_avguard_media.jar
.jar
gui/lib/de_antivir_avguard_messages.jar
.jar
gui/lib/de_antivir_avguard_panel.jar
.jar
gui/lib/de_antivir_avscanner_local.jar
.jar
gui/lib/de_antivir_avscanner_media.jar
.jar
gui/lib/de_antivir_avscanner_messages.jar
.jar
gui/lib/de_antivir_avscanner_panel.jar
.jar
gui/lib/de_antivir_common_local.jar
.zip
de/antivir/common/local/AVComputerListDiff.class
de/antivir/common/local/AVComputerListDiffList.class
de/antivir/common/local/AWTPoster$DummyComponentEvent.class
de/antivir/common/local/AWTPoster$DummyListener.class
de/antivir/common/local/AWTPoster.class
de/antivir/common/local/ActionTranslator.class
de/antivir/common/local/ColorGenerator.class
de/antivir/common/local/ComputerActionThread$ActionObject.class
de/antivir/common/local/ComputerActionThread.class
de/antivir/common/local/LineReader.class
de/antivir/common/local/LocalAction.class
de/antivir/common/local/LocalManager.class
de/antivir/common/local/MD5CheckSum$MD5_CTX.class
de/antivir/common/local/MD5CheckSum.class
de/antivir/common/local/Notification.class
de/antivir/common/local/RealtimeObject.class
de/antivir/common/local/RealtimeThread.class
de/antivir/common/local/StarterStopper.class
de/antivir/common/local/ThreadTracker.class
de/antivir/common/local/config/AntivirDetectElement.class
de/antivir/common/local/config/ConfigEntry.class
de/antivir/common/local/config/ConfigObject.class
de/antivir/common/local/config/ConfigParser.class
de/antivir/common/local/config/ConfigReader.class
de/antivir/common/local/config/ConfigWriter.class
de/antivir/common/local/config/IMAGES.class
de/antivir/common/local/config/PrefixPanel$ButtonEvents.class
de/antivir/common/local/config/PrefixPanel.class
de/antivir/common/local/config/ReaderAntivir__Config.class
de/antivir/common/local/config/RowAnalyser.class
de/antivir/common/local/config/SendConfig.class
de/antivir/common/local/config/VersionReader$AntivirInfo.class
de/antivir/common/local/config/VersionReader$PrefixInfo.class
de/antivir/common/local/config/VersionReader$ProductInfo.class
de/antivir/common/local/config/VersionReader.class
de/antivir/common/local/config/WriteConfig.class
de/antivir/common/local/javacsoap/JavaCSoap$MyReceiverPoster.class
de/antivir/common/local/javacsoap/JavaCSoap$WorkerThread.class
de/antivir/common/local/javacsoap/JavaCSoap.class
de/antivir/common/local/javacsoap/JavaCSoapReceiver.class
de/antivir/common/local/javacsoap/JavaCSoapRequester.class
de/antivir/common/local/log/Log$GetBoundaryDateStringFunctor.class
de/antivir/common/local/log/Log$GetEntryStringFunctor.class
de/antivir/common/local/log/Log$StringFunctor.class
de/antivir/common/local/log/Log.class
de/antivir/common/local/log/LogParser.class
de/antivir/common/local/log/Logger$AVLogParameters.class
de/antivir/common/local/log/Logger.class
de/antivir/common/local/log/SendLog.class
de/antivir/common/local/log/SendLogAttributes.class
de/antivir/common/local/template/Template.class
de/antivir/common/local/template/TemplateObject.class
de/antivir/common/local/template/TemplateUtils$TemplateDiff.class
de/antivir/common/local/template/TemplateUtils$TemplateDiffList.class
de/antivir/common/local/template/TemplateUtils$TemplateFileFilter.class
de/antivir/common/local/template/TemplateUtils.class
de/antivir/common/local/template/UnknownTemplatePartException.class
gui/lib/de_antivir_common_media.jar
.jar
gui/lib/de_antivir_common_messages.jar
.zip
de/antivir/common/messages/ConfigMessage.class
de/antivir/common/messages/NotificationMessage.class
de/antivir/common/messages/RealtimeMessage.class
de/antivir/common/messages/RequestMessage.class
de/antivir/common/messages/log/LogAttributesMessage.class
de/antivir/common/messages/log/LogMessage.class
de/antivir/common/messages/log/LogRequestMessage.class
de/antivir/common/messages/resources/res_de.properties
de/antivir/common/messages/resources/res_en.properties
gui/lib/de_antivir_common_panel.jar
.zip
gui/lib/de_antivir_framework.jar
.zip
gui/lib/de_antivir_framework_media.jar
.jar
gui/lib/ext/activation.jar
.jar
gui/lib/ext/axis.jar
.jar
gui/lib/ext/commons-discovery.jar
.jar
gui/lib/ext/commons-logging.jar
.jar
gui/lib/ext/jaxrpc.jar
.jar
gui/lib/ext/mail.jar
.jar
gui/lib/ext/saaj.jar
.jar
gui/lib/ext/skinlf.jar
.jar
gui/lib/ext/wsdl4j.jar
.jar
gui/resources/framework.properties
gui/resources/modules.properties
antivir-workstation-prof-2.1.4-11/gui/gui_workstation_linux_glibc22.tgz
.gz
antivir-workstation-prof-2.1.4-11/gui/gui_workstation_linux_glibc22_s390.tgz
.gz
antivir-workstation-prof-2.1.4-11/gui/gui_workstation_solaris_sparc.tgz
.gz
antivir-workstation-prof-2.1.4-11/install
.sh linux
antivir-workstation-prof-2.1.4-11/legal/LICENSE.apache
antivir-workstation-prof-2.1.4-11/legal/LICENSE.bsd
antivir-workstation-prof-2.1.4-11/legal/LICENSE.dazuko
antivir-workstation-prof-2.1.4-11/legal/LICENSE.gsoap
antivir-workstation-prof-2.1.4-11/legal/LICENSE.pcre
antivir-workstation-prof-2.1.4-11/pgp/README
antivir-workstation-prof-2.1.4-11/pgp/antivir.gpg
antivir-workstation-prof-2.1.4-11/script/antivir-gui
.sh linux
antivir-workstation-prof-2.1.4-11/script/avguard
.sh linux
antivir-workstation-prof-2.1.4-11/script/avupdater
.sh linux
antivir-workstation-prof-2.1.4-11/script/configantivir
.sh linux
antivir-workstation-prof-2.1.4-11/script/echo_sunos
antivir-workstation-prof-2.1.4-11/script/getsysteminfo
.sh linux
antivir-workstation-prof-2.1.4-11/script/rcscript
.sh linux
antivir-workstation-prof-2.1.4-11/script/sh.avinstall
.sh linux
antivir-workstation-prof-2.1.4-11/smcpkg/en/uxwks-upd.conf
antivir-workstation-prof-2.1.4-11/smcpkg/en/uxwks.conf
.xml
antivir-workstation-prof-2.1.4-11/smcpkg/en/uxwks.dll
.dll windows:4 windows x86 arch:x86

d56c4ba03b4b01e30b69052cb2a42bb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Antivir\smc-plugins-win\Release English Ux-Workstation\Ux-Workstation Reporting Plugin.pdb

Imports

common

?trim@@YAAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV12@H@Z
??0CLibraryInfo@@QAE@XZ
?SetDllName@CLibraryInfo@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetProductVersion@CLibraryInfo@@QAE_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?string_replace@@YAXAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@1I@Z
??1CLibraryInfo@@UAE@XZ
?Split@@YAHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@DAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@2@@Z
?Num2Str@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?_Nomemory@std@@YAXXZ

msvcr71

??1type_info@@UAE@XZ
??1exception@@UAE@XZ
??0exception@@QAE@XZ
__CxxFrameHandler
??3@YAXPAX@Z
??0exception@@QAE@ABV0@@Z
_CxxThrowException
atoi
??_V@YAXPAX@Z
asctime
localtime
memmove
??0exception@@QAE@ABQBD@Z
malloc
_callnewh
__CppXcptFilter
?terminate@@YAXXZ
_except_handler3
__security_error_handler
__dllonexit
_onexit
free
_initterm
_adjust_fdiv

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
ExitProcess

Exports

Exports

??0CLibraryInfo@@QAE@ABV0@@Z
??4CLibraryInfo@@QAEAAV0@ABV0@@Z
??_7CLibraryInfo@@6B@
ExchangeReportVersion
GetReport
GetReportInfos

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
antivir-workstation-prof-2.1.4-11/smcpkg/en/uxwks.pkg
antivir-workstation-prof-2.1.4-11/smcpkg/libuxwks.so.linux_glibc22
.elf linux x86
antivir-workstation-prof-2.1.4-11/smcpkg/setup.inf
antivir-workstation-prof-2.1.4-11/vdf/antivir.vdf

Sharing

General

Malware Config

Signatures

Files

d56c4ba03b4b01e30b69052cb2a42bb7

Headers

File Characteristics

PDB Paths

Imports

common

msvcp71

msvcr71

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB