62cf575dca227a45c7e266a305366822cd956641626885936ee2e8303f4c331e_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

62cf575dca227a45c7e266a305366822cd956641626885936ee2e8303f4c331e_NeikiAnalytics.exe
Size

6.0MB
MD5

8338382fd5b23a2d667fec78ea143e30
SHA1

026d17155d92f6da67009cebadf47a23c0c5d5eb
SHA256

62cf575dca227a45c7e266a305366822cd956641626885936ee2e8303f4c331e
SHA512

b96045e68e853f46dfc84e8254213a5fa6bd6aa5eae08b14d7252c3bc16832cc4b6c7c4bb316fddac2d06e5fa194fbf0dfa248e950fd8599dc788cf111023a32
SSDEEP

98304:dG/CGv97vtGnYBefcVAWMBomsaW6moumYEFMWrk5j1jhQae:dG/P5NAymstTwFK2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62cf575dca227a45c7e266a305366822cd956641626885936ee2e8303f4c331e_NeikiAnalytics.exe

Files

62cf575dca227a45c7e266a305366822cd956641626885936ee2e8303f4c331e_NeikiAnalytics.exe
.exe windows:4 windows x64 arch:x64

c61064ef0abceb172b50da5ad16a5f66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libgcc_s_seh-1

_Unwind_Resume
__emutls_get_address
__udivti3

gdi32

ChoosePixelFormat
CreateBitmap
CreateDCW
CreateDIBSection
CreateRectRgn
DeleteDC
DeleteObject
DescribePixelFormat
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
SetPixelFormat
SwapBuffers

kernel32

AttachConsole
CloseHandle
ConvertFiberToThread
ConvertThreadToFiber
CreateFiber
CreateFileA
DeleteCriticalSection
DeleteFiber
EnterCriticalSection
FormatMessageW
FreeLibrary
GetCommandLineW
GetFileSize
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetSystemInfo
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
SetThreadExecutionState
SetUnhandledExceptionFilter
Sleep
SwitchToFiber
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VerSetConditionMask
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleW
WriteFile
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_close
_commode
_dup
_dup2
_errno
_fdopen
_fileno
_fmode
_get_osfhandle
_initterm
_isatty
_lock
_onexit
_open
_pipe
_read
_strtoi64
_strtoui64
_unlock
_write
abort
atof
calloc
exit
fclose
feof
ferror
fflush
fgetc
fopen
fprintf
fputc
fread
free
freopen
fseek
ftell
fwrite
getc
getenv
isspace
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
qsort
realloc
signal
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strspn
strstr
strtok
strtol
strtoul
tolower
toupper
ungetc
vfprintf
wcscmp
wcscpy
wcslen

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize
OleInitialize
OleUninitialize

libwinpthread-1

pthread_cond_timedwait
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
SHCreateItemFromParsingName
SHGetKnownFolderPath
ShellExecuteW

libstdc++-6

_ZNKSt10filesystem7__cxx1118directory_iteratordeEv
_ZNKSt10filesystem7__cxx1128recursive_directory_iteratordeEv
_ZNKSt10filesystem7__cxx114path11parent_pathEv
_ZNKSt10filesystem7__cxx114path17_M_find_extensionEv
_ZNKSt10filesystem7__cxx114path5_List13_Impl_deleterclEPNS2_5_ImplE
_ZNKSt10filesystem7__cxx114path5_List3endEv
_ZNKSt10filesystem7__cxx114path7compareERKS1_
_ZNKSt13runtime_error4whatEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE10do_unshiftERiPcS2_RS2_
_ZNKSt25__codecvt_utf8_utf16_baseIwE11do_encodingEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE13do_max_lengthEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE16do_always_noconvEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE5do_inERiPKcS3_RS3_PwS5_RS5_
_ZNKSt25__codecvt_utf8_utf16_baseIwE6do_outERiPKwS3_RS3_PcS5_RS5_
_ZNKSt25__codecvt_utf8_utf16_baseIwE9do_lengthERiPKcS3_y
_ZNKSt3_V214error_category10_M_messageB5cxx11Ei
_ZNKSt3_V214error_category10equivalentERKSt10error_codei
_ZNKSt3_V214error_category10equivalentEiRKSt15error_condition
_ZNKSt3_V214error_category23default_error_conditionEi
_ZNKSt5ctypeIcE13_M_widen_initEv
_ZNKSt6locale2id5_M_idEv
_ZNKSt6localeeqERKS_
_ZNKSt9type_infoeqERKS_
_ZNSi10_M_extractIbEERSiRT_
_ZNSi10_M_extractIfEERSiRT_
_ZNSirsERi
_ZNSo3putEc
_ZNSo5flushEv
_ZNSo5writeEPKcx
_ZNSt10filesystem18create_directoriesERKNS_7__cxx114pathE
_ZNSt10filesystem6statusERKNS_7__cxx114pathE
_ZNSt10filesystem7__cxx1116filesystem_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESt10error_code
_ZNSt10filesystem7__cxx1116filesystem_errorD1Ev
_ZNSt10filesystem7__cxx1118directory_iteratorC1ERKNS0_4pathENS_17directory_optionsEPSt10error_code
_ZNSt10filesystem7__cxx1118directory_iteratorppEv
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorC1ERKNS0_4pathENS_17directory_optionsEPSt10error_code
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorD1Ev
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorppEv
_ZNSt10filesystem7__cxx114path14_M_split_cmptsEv
_ZNSt10filesystem7__cxx114path5_ListC1ERKS2_
_ZNSt10filesystem7__cxx114path5_ListC1Ev
_ZNSt10filesystem7__cxx114pathdVERKS1_
_ZNSt10filesystem9file_sizeERKNS_7__cxx114pathE
_ZNSt12__basic_fileIcED1Ev
_ZNSt12system_errorD1Ev
_ZNSt13basic_filebufIcSt11char_traitsIcEE4openEPKcSt13_Ios_Openmode
_ZNSt13basic_filebufIcSt11char_traitsIcEE4openEPKwSt13_Ios_Openmode
_ZNSt13basic_filebufIcSt11char_traitsIcEE5closeEv
_ZNSt13basic_filebufIcSt11char_traitsIcEEC1Ev
_ZNSt13basic_filebufIcSt11char_traitsIcEED1Ev
_ZNSt13runtime_errorC1EPKc
_ZNSt13runtime_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNSt13runtime_errorC1ERKS_
_ZNSt13runtime_errorC2EPKc
_ZNSt13runtime_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNSt13runtime_errorD1Ev
_ZNSt13runtime_errorD2Ev
_ZNSt14basic_ifstreamIcSt11char_traitsIcEED1Ev
_ZNSt14basic_ofstreamIcSt11char_traitsIcEEC1EPKwSt13_Ios_Openmode
_ZNSt14basic_ofstreamIcSt11char_traitsIcEED1Ev
_ZNSt15basic_streambufIcSt11char_traitsIcEE4syncEv
_ZNSt15basic_streambufIcSt11char_traitsIcEE5imbueERKSt6locale
_ZNSt15basic_streambufIcSt11char_traitsIcEE5uflowEv
_ZNSt15basic_streambufIcSt11char_traitsIcEE6setbufEPcx
_ZNSt15basic_streambufIcSt11char_traitsIcEE6xsgetnEPcx
_ZNSt15basic_streambufIcSt11char_traitsIcEE7seekoffExSt12_Ios_SeekdirSt13_Ios_Openmode
_ZNSt15basic_streambufIcSt11char_traitsIcEE7seekposESt4fposIiESt13_Ios_Openmode
_ZNSt15basic_streambufIcSt11char_traitsIcEE9pbackfailEi
_ZNSt15basic_streambufIcSt11char_traitsIcEE9showmanycEv
_ZNSt15basic_streambufIcSt11char_traitsIcEE9underflowEv
_ZNSt16invalid_argumentC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNSt16invalid_argumentD1Ev
_ZNSt18condition_variable10notify_oneEv
_ZNSt18condition_variable4waitERSt11unique_lockISt5mutexE
_ZNSt18condition_variableC1Ev
_ZNSt18condition_variableD1Ev
_ZNSt25__codecvt_utf8_utf16_baseIwED2Ev
_ZNSt3_V214error_categoryD2Ev
_ZNSt3_V216generic_categoryEv
_ZNSt5ctypeIcE2idE
_ZNSt6chrono3_V212steady_clock3nowEv
_ZNSt6chrono3_V212system_clock3nowEv
_ZNSt6locale5facetD2Ev
_ZNSt6locale7classicEv
_ZNSt6localeC1EPKc
_ZNSt6localeC1ERKS_
_ZNSt6localeC1Ev
_ZNSt6localeD1Ev
_ZNSt6thread15_M_start_threadESt10unique_ptrINS_6_StateESt14default_deleteIS1_EEPFvvE
_ZNSt6thread4joinEv
_ZNSt6thread6_StateD2Ev
_ZNSt6thread6detachEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEyyPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_M_constructEyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE14_M_replace_auxEyyyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE15_M_replace_coldEPcyPKcyy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERyy
_ZNSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEE7_M_syncEPcyy
_ZNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt7__cxx118numpunctIcE2idE
_ZNSt7__cxx118numpunctIwE2idE
_ZNSt7codecvtIDiciE2idE
_ZNSt7codecvtIwciEC2Ey
_ZNSt8__detail15_List_node_base7_M_hookEPS0_
_ZNSt8ios_baseC2Ev
_ZNSt8ios_baseD2Ev
_ZNSt8time_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZNSt9basic_iosIcSt11char_traitsIcEE4initEPSt15basic_streambufIcS1_E
_ZNSt9basic_iosIcSt11char_traitsIcEE5clearESt12_Ios_Iostate
_ZNSt9basic_iosIcSt11char_traitsIcEE5imbueERKSt6locale
_ZNSt9exceptionD2Ev
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_x
_ZSt16__throw_bad_castv
_ZSt17__throw_bad_allocv
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPKSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base
_ZSt19__throw_logic_errorPKc
_ZSt19__throw_range_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt20__throw_out_of_rangePKc
_ZSt20__throw_system_errori
_ZSt24__throw_invalid_argumentPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt25__throw_bad_function_callv
_ZSt28_Rb_tree_rebalance_for_erasePSt18_Rb_tree_node_baseRS_
_ZSt28__throw_bad_array_new_lengthv
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_
_ZSt7getlineIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RNSt7__cxx1112basic_stringIS4_S5_T1_EES4_
_ZSt9terminatev
_ZStrsIcSt11char_traitsIcEERSt13basic_istreamIT_T0_ES6_RS3_
_ZTISt15basic_streambufIcSt11char_traitsIcEE
_ZTTNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEEE
_ZTTSt14basic_ifstreamIcSt11char_traitsIcEE
_ZTTSt14basic_ofstreamIcSt11char_traitsIcEE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVNSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEEE
_ZTVNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEEE
_ZTVSo
_ZTVSt12system_error
_ZTVSt13basic_filebufIcSt11char_traitsIcEE
_ZTVSt14basic_ifstreamIcSt11char_traitsIcEE
_ZTVSt14basic_ofstreamIcSt11char_traitsIcEE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZdaPv
_ZdlPvy
_Znay
_Znwy
__cxa_allocate_exception
__cxa_begin_catch
__cxa_call_terminate
__cxa_end_catch
__cxa_free_exception
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__cxa_throw
__dynamic_cast
__gxx_personality_seh0

user32

AdjustWindowRectEx
BringWindowToTop
CallWindowProcA
CallWindowProcW
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CloseClipboard
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DestroyIcon
DestroyWindow
DispatchMessageW
EmptyClipboard
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsExW
EnumDisplaySettingsW
FlashWindow
GetActiveWindow
GetClassLongPtrW
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetKeyState
GetLayeredWindowAttributes
GetMessageExtraInfo
GetMessageTime
GetMonitorInfoW
GetPropA
GetPropW
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetSystemMetrics
GetWindowLongA
GetWindowLongPtrA
GetWindowLongPtrW
GetWindowLongW
GetWindowPlacement
GetWindowRect
IsIconic
IsWindowVisible
IsZoomed
KillTimer
LoadCursorW
LoadImageW
MapVirtualKeyW
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PtInRect
RegisterClassExW
RegisterDeviceNotificationW
RegisterRawInputDevices
ReleaseCapture
ReleaseDC
RemovePropA
RemovePropW
ScreenToClient
SendMessageW
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetPropA
SetPropW
SetRect
SetTimer
SetWindowLongA
SetWindowLongPtrA
SetWindowLongPtrW
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
ToUnicode
TrackMouseEvent
TranslateMessage
UnregisterClassW
UnregisterDeviceNotification
WaitMessage
WindowFromPoint

libmpv-2

FT_Add_Default_Modules
FT_Done_Face
FT_Done_Library
FT_Get_Char_Index
FT_GlyphSlot_Embolden
FT_GlyphSlot_Oblique
FT_Load_Glyph
FT_New_Library
FT_New_Memory_Face
FT_Render_Glyph
FT_Request_Size
FT_Select_Charmap
mpv_command
mpv_command_async
mpv_command_string
mpv_create
mpv_create_client
mpv_destroy
mpv_error_string
mpv_free
mpv_free_node_contents
mpv_get_property
mpv_get_property_string
mpv_initialize
mpv_load_config_file
mpv_observe_property
mpv_render_context_create
mpv_render_context_free
mpv_render_context_render
mpv_render_context_report_swap
mpv_render_context_set_update_callback
mpv_render_context_update
mpv_request_log_messages
mpv_set_option
mpv_set_option_string
mpv_set_property
mpv_set_property_string
mpv_set_wakeup_callback
mpv_terminate_destroy
mpv_unobserve_property
mpv_wait_event

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c61064ef0abceb172b50da5ad16a5f66

Headers

DLL Characteristics

File Characteristics

Imports

libgcc_s_seh-1

gdi32

kernel32

msvcrt

ole32

libwinpthread-1

shell32

libstdc++-6

user32

libmpv-2

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.data Size: 205KB - Virtual size: 205KB

.rdata Size: 2.6MB - Virtual size: 2.6MB

.pdata Size: 33KB - Virtual size: 32KB

.xdata Size: 70KB - Virtual size: 70KB

.bss Size: - Virtual size: 40KB

.idata Size: 22KB - Virtual size: 21KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 3KB

/4 Size: 3KB - Virtual size: 3KB

/19 Size: 243KB - Virtual size: 243KB

/31 Size: 23KB - Virtual size: 23KB

/45 Size: 64KB - Virtual size: 63KB

/57 Size: 9KB - Virtual size: 9KB

/70 Size: 1KB - Virtual size: 1KB

/81 Size: 15KB - Virtual size: 15KB

/97 Size: 86KB - Virtual size: 85KB

/113 Size: 4KB - Virtual size: 3KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 205KB - Virtual size: 205KB

.rdata
Size: 2.6MB - Virtual size: 2.6MB

.pdata
Size: 33KB - Virtual size: 32KB

.xdata
Size: 70KB - Virtual size: 70KB

.bss
Size: - Virtual size: 40KB

.idata
Size: 22KB - Virtual size: 21KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 3KB

/4
Size: 3KB - Virtual size: 3KB

/19
Size: 243KB - Virtual size: 243KB

/31
Size: 23KB - Virtual size: 23KB

/45
Size: 64KB - Virtual size: 63KB

/57
Size: 9KB - Virtual size: 9KB

/70
Size: 1KB - Virtual size: 1KB

/81
Size: 15KB - Virtual size: 15KB

/97
Size: 86KB - Virtual size: 85KB

/113
Size: 4KB - Virtual size: 3KB