1588cd8ad912fbce0017c09d3f8fdea3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1588cd8ad912fbce0017c09d3f8fdea3_JaffaCakes118
Size

912KB
MD5

1588cd8ad912fbce0017c09d3f8fdea3
SHA1

555a36b4409a0c2a423a8efc0cde6dd2a6c217a4
SHA256

735caf3bfab16fdcf12092cfb8c404e80e9359f8fb3a10a0ff45a10a72f3809c
SHA512

a43dd2afedd9cbb2b489fc29e5039a0525ee5144a718cfdfb05169cf97a898e2f961acad7ee545dd35d9e268aeb34015f4956ec2c52cf8855b6e0c46a3c6910c
SSDEEP

12288:Vi4DJL6d+uoHZKyqKjbx8AtIRIjnOBPWfBMR1W0dq5VoRa8MYB9/z6ou2Pskfo37:g65KyfyYIR64WfBi1WUq51mXz6XgoIjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/480926264/LevelEdit.exe
unpack001/480926264/PacCheat.exe
unpack001/480926264/PacMan.exe

Files

1588cd8ad912fbce0017c09d3f8fdea3_JaffaCakes118
.rar
480926264/Clock.ctl
480926264/EditMod.bas
.vbs
480926264/Editor.frm
.vbs
480926264/Editor.frx
480926264/FrmGroup.frm
.vbs
480926264/Images.bas
.vbs
480926264/LevelEdit VB5.vbp
480926264/LevelEdit.exe
.exe windows:4 windows x86 arch:x86

2b50d4929b1af4b98300b55383d6d63a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
ord588
__vbaStrVarMove
__vbaLineInputStr
__vbaLenBstr
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
ord518
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaLateMemSt
__vbaVarForInit
__vbaExitProc
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord520
ord309
__vbaBoolVarNull
_CIsin
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord529
__vbaStrCmp
__vbaVarTstEq
__vbaObjVar
__vbaVarLateMemSt
__vbaVarOr
__vbaCastObjVar
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
EVENT_SINK_Release
__vbaNew
_CIsqrt
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
ord530
__vbaFPException
ord533
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
__vbaR8Str
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaVarNot
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
__vbaLateMemCall
__vbaVarAdd
__vbaVarDup
ord613
__vbaFpI2
__vbaVarLateMemCallLd
__vbaVarTstGe
__vbaVarCopy
__vbaR8IntI2
__vbaLateMemCallLd
ord617
_CIatan
__vbaCastObj
__vbaStrMove
__vbaStrVarCopy
ord619
_allmul
_CItan
__vbaFPInt
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
480926264/LevelEdit.vbw
480926264/MdiForm.frm
480926264/MdiForm.frx
480926264/OpenDlg.frm
.vbs
480926264/OpenDlg.frx
480926264/OptFrm.frm
480926264/OptFrm.frx
480926264/OptFrm.log
480926264/OptionsFrm.frm
.vbs
480926264/OptionsFrm.frx
480926264/PACMAN PROJECT GROUP VB5.vbg
480926264/PacCheat.exe
.exe windows:4 windows x86 arch:x86

b13132f0dcd121c35c0b4f350a728fa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaFreeVar
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
__vbaOnError
ord595
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord530
__vbaFPException
ord533
_CIlog
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarDup
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
480926264/PacCheatSource.zip
.zip
PacCheat.frm
PacCheat.frx
PacCheat.vbp
PacCheat.vbw
PacManLogo.gif
.gif
480926264/PacFrm.frm
.vbs
480926264/PacFrm.frx
480926264/PacMan VB5.vbp
480926264/PacMan.exe
.exe windows:4 windows x86 arch:x86

48b1916a4f3fefa1367563f21e80e6f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
ord690
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaLineInputStr
__vbaLenBstr
__vbaStrVarMove
ord588
__vbaLateIdCall
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaVarTstLe
__vbaLateMemSt
__vbaExitProc
ord593
__vbaVarForInit
ord594
ord595
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord598
__vbaFpR4
ord520
__vbaFpR8
__vbaBoolVarNull
__vbaVarTstLt
_CIsin
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaVarTstEq
__vbaObjVar
__vbaI2I4
DllFunctionCall
__vbaVarLateMemSt
ord670
__vbaCastObjVar
_adj_fpatan
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaStrR8
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
ord530
ord608
__vbaFPException
ord533
__vbaStrVarVal
__vbaVarCat
ord535
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
__vbaR8Str
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaVarNot
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaI4Var
ord689
__vbaVarCmpEq
__vbaLateMemCall
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord613
__vbaFpI2
__vbaFpI4
ord616
__vbaVarCopy
__vbaVarLateMemCallLd
__vbaR8IntI2
ord617
__vbaLateMemCallLd
_CIatan
__vbaCastObj
__vbaStrMove
ord619
__vbaR8IntI4
_allmul
__vbaLateIdSt
_CItan
__vbaFPInt
__vbaVarForNext
_CIexp
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
480926264/PacMan.frx
480926264/PacMan.vbw
480926264/PacMod.bas
.vbs
480926264/Progbar.frm
480926264/Progbar.frx
480926264/RepFrm.frm
480926264/RepFrm.frx
480926264/RndButton.ctl
480926264/SaveDlg.frm
.vbs
480926264/SaveDlg.frx
480926264/Scheme.bas
.vbs
480926264/Shaper.bas
480926264/TABCTL32.OCX
.dll regsvr32 windows:4 windows x86 arch:x86

aa8b0ec5b7d56e08d6614ae243221096

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
ExitProcess
RaiseException
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
GetCommandLineA
lstrcpynA
GetFileAttributesA
GetVersion
DisableThreadLibraryCalls
FindResourceA
LoadResource
LockResource
GetLastError
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetLocaleInfoA
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
MultiByteToWideChar
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
lstrcmpiA
lstrlenA
GlobalSize
IsDBCSLeadByte
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
HeapFree
WideCharToMultiByte
lstrlenW
HeapAlloc
lstrcpyA
EnterCriticalSection
HeapReAlloc
lstrcmpA
GetProcessHeap
InitializeCriticalSection
lstrcatA

user32

SetFocus
MoveWindow
GetWindow
ShowWindow
IsWindowEnabled
PtInRect
IsWindowVisible
GetParent
SetWindowRgn
GetSysColor
CopyRect
DrawFocusRect
DestroyWindow
GetWindowDC
GetWindowRect
CreateWindowExA
SetWindowLongA
CallWindowProcA
GetWindowLongA
SetRectEmpty
SetWindowPos
OffsetRect
WinHelpA
GetNextDlgTabItem
CharNextA
GetClipboardFormatNameA
ScreenToClient
MapWindowPoints
SetCursorPos
RegisterClipboardFormatA
UnregisterClassA
InvalidateRect
ReleaseCapture
CreateDialogIndirectParamA
IsChild
SetParent
EndPaint
IsDialogMessageA
FillRect
InflateRect
EndDialog
GetActiveWindow
DialogBoxParamA
GetCursorPos
LockWindowUpdate
EqualRect
IsWindow
MessageBeep
MessageBoxA
GetDlgItemInt
GetDlgItemTextA
IsDlgButtonChecked
SendDlgItemMessageA
SetDlgItemTextA
SetDlgItemInt
CheckDlgButton
GetDlgItem
wsprintfA
GetKeyState
DefWindowProcA
SetCursor
PeekMessageA
SendMessageA
GetFocus
GetDC
ReleaseDC
SetRect
IsCharAlphaNumericA
VkKeyScanA
CreateAcceleratorTableA
EnableWindow
LoadCursorA
RegisterClassA
DestroyAcceleratorTable
LoadStringA
GetSystemMetrics
ClientToScreen
GetClientRect
BeginPaint
IntersectRect

ole32

ReleaseStgMedium
DoDragDrop
RegisterDragDrop
RevokeDragDrop
CreateOleAdviseHolder
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleSaveToStream
OleLoadFromStream

advapi32

RegEnumKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocStringLen
OleCreatePropertyFrame
LoadTypeLi
SafeArrayCopy
SafeArrayRedim
SafeArrayPutElement
SafeArrayGetElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantCopyInd
VariantCopy
LoadTypeLibEx
UnRegisterTypeLi
RegisterTypeLi
CreateErrorInfo
SetErrorInfo
VariantChangeType
VariantInit
SysStringLen
OleTranslateColor
GetErrorInfo
OleLoadPicture
SysAllocStringByteLen
SysStringByteLen
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
OleCreatePictureIndirect
SysAllocString
SysFreeString

gdi32

LPtoDP
GetViewportExtEx
CreateRectRgnIndirect
GetWindowExtEx
SetMapMode
GetNearestColor
CreatePalette
GetBitmapBits
CreateDIBitmap
GetDIBits
CopyEnhMetaFileA
CopyMetaFileA
CreateDCA
SetWindowOrgEx
SetViewportOrgEx
SetWindowExtEx
SetViewportExtEx
GetDeviceCaps
DeleteDC
DeleteObject
StretchBlt
SelectObject
CreateBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
GetOutlineTextMetricsA
BitBlt
CreateCompatibleBitmap
SetTextColor
SetBkColor
CreateRectRgn
CreateFontIndirectA
GetObjectA
SelectClipRgn
CombineRgn
CreatePolygonRgn
SetBkMode
CreatePen
TextOutA
GetTextColor
LineTo
MoveToEx
GetTextExtentPoint32A
GetCharWidthA
GetCurrentPositionEx
SetTextAlign
GetStockObject
CreateSolidBrush
OffsetRgn
SetBrushOrgEx
UnrealizeObject
CreateICA
GetPaletteEntries

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
480926264/images/food/1up.Img
.gif
480926264/images/food/Beer.Img
.gif
480926264/images/food/Berry.Img
.gif
480926264/images/food/Cherry.Img
.gif
480926264/images/food/Protect.Img
.gif
480926264/images/food/Shield2.Img
.gif
480926264/images/food/ShieldMsk2.Img
.gif
480926264/images/schemes/ChocolateBack.img
.gif
480926264/images/schemes/ChocolateFood.img
.gif
480926264/images/schemes/ChocolateWall.img
.gif
480926264/images/schemes/ChristmasBack.img
.gif
480926264/images/schemes/ChristmasFood.img
.gif
480926264/images/schemes/ChristmasWall.img
.gif
480926264/images/schemes/ChristmasWall2.img
.gif
480926264/images/schemes/MetalBack.img
.gif
480926264/images/schemes/MetalFood.img
.gif
480926264/images/schemes/MetalWall.img
.gif
480926264/images/schemes/MetalWall2.img
.gif
480926264/images/schemes/SkyBack.img
.jpg
480926264/images/schemes/SkyFood.img
.gif
480926264/images/schemes/SkyWall.img
.gif
480926264/images/schemes/SpaceBack.img
.gif
480926264/images/schemes/SpaceFood.img
.gif
480926264/images/schemes/SpaceWall.img
.gif
480926264/images/schemes/SpaceWall2.img
.gif
480926264/images/schemes/StdBack.img
.gif
480926264/images/schemes/StdFood.img
.gif
480926264/images/schemes/StdWall.img
.gif
480926264/images/sprites/Ghoul1.Img
.gif
480926264/images/sprites/Ghoul2.Img
.gif
480926264/images/sprites/Ghoul3.Img
.gif
480926264/images/sprites/Ghoul4.Img
.gif
480926264/images/sprites/PacDn.Img
.gif
480926264/images/sprites/PacDnClosed.Img
.gif
480926264/images/sprites/PacLeft.Img
.gif
480926264/images/sprites/PacLeftClosed.Img
.gif
480926264/images/sprites/PacRight.Img
.gif
480926264/images/sprites/PacRightClosed.Img
.gif
480926264/images/sprites/PacUp.Img
.gif
480926264/images/sprites/PacUpClosed.Img
.gif
480926264/images/sprites/Skull.Img
.gif
480926264/images/titles/EndGameCon.img
.jpg
480926264/images/titles/EndGameOver.img
.jpg
480926264/images/titles/LoadingScreen.img
.jpg
480926264/images/titles/MainPic.img
.jpg
480926264/images/titles/PacManLogo.img
.gif
480926264/images/titles/Score.img
.gif
480926264/images/usercontrols/GreenIn.Img
.jpg
480926264/images/usercontrols/GreenOut.Img
.jpg
480926264/images/usercontrols/ShieldTimer0.Img
.gif
480926264/images/usercontrols/ShieldTimer1.Img
.gif
480926264/images/usercontrols/ShieldTimer2.Img
.gif
480926264/images/usercontrols/ShieldTimer3.Img
.gif
480926264/images/usercontrols/ShieldTimer4.Img
.gif
480926264/images/usercontrols/ShieldTimer5.Img
.gif
480926264/images/usercontrols/ShieldTimer6.Img
.gif
480926264/images/usercontrols/Timer0.Img
.gif
480926264/images/usercontrols/Timer1.Img
.gif
480926264/images/usercontrols/Timer2.Img
.gif
480926264/images/usercontrols/Timer3.Img
.gif
480926264/images/usercontrols/Timer4.Img
.gif
480926264/images/usercontrols/Timer5.Img
.gif
480926264/images/usercontrols/Timer6.Img
.gif
480926264/levels/Level1.PML
480926264/levels/Level2.PML
480926264/levels/Level3.PML
480926264/levels/Level4.PML
480926264/levels/Level5.PML
480926264/levels/Level6.PML
480926264/levels/Level7.PML
480926264/levels/Level8.PML
480926264/levels/Level9.PML
480926264/levels/New Folder/Level1.PML
480926264/levels/New Folder/Level2.PML
480926264/levels/New Folder/Level3.PML
480926264/levels/New Folder/Level4.PML
480926264/levels/New Folder/Level5.PML
480926264/levels/New Folder/Level6.PML
480926264/levels/New Folder/Level7.PML
480926264/levels/New Folder/Level8.PML
480926264/levels/New Folder/Level9.PML
480926264/levels/Tmp123Lev
480926264/下载说明.htm
.html .js polyglot
480926264/吃豆子游戏.txt

Sharing

General

Malware Config

Signatures

Files

2b50d4929b1af4b98300b55383d6d63a

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 116KB - Virtual size: 113KB

.data Size: 4KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 2KB

b13132f0dcd121c35c0b4f350a728fa3

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

48b1916a4f3fefa1367563f21e80e6f9

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 140KB - Virtual size: 136KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 2KB

aa8b0ec5b7d56e08d6614ae243221096

Code Sign

Signer

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 136KB - Virtual size: 135KB

.data Size: 14KB - Virtual size: 13KB

.rsrc Size: 39KB - Virtual size: 39KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 116KB - Virtual size: 113KB

.data
Size: 4KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 140KB - Virtual size: 136KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 136KB - Virtual size: 135KB

.data
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 39KB - Virtual size: 39KB

.reloc
Size: 8KB - Virtual size: 7KB