Win32[.]FASTCash[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Win32.FASTCash.zip
Size

558KB
MD5

7441af195c3eeaefe1cc6f2d9ea237b6
SHA1

a03a59f5618fdee1da3be360ee01dd8de2b6fe98
SHA256

91068a22e9d4ba1d94024e85fb5ef85fd1760848bf0baf05977f30bdf942ffd3
SHA512

489b1cce17be0a894e0db19445ec86f3b57226ac2a577dca9f9755b6af00821a1233ab4424e78dee0f369f7890267b3b24ec3cf1ae679e681e049f3cb4cc3f94
SSDEEP

12288:x9LI++4VIMxMwy0u8hmbUwHzttu6D4iBAyO5rqV9Ek/n/KpwSW/o9:x9LI+uMxhu8hmbU8UIBA3+VX/nS1W4

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/129b8825eaf61dcc2321aad7b84632233fa4bbc7e24bdf123b507157353930f0
unpack001/9a776b895e93926e2a758c09e341accb9333edc1243d216a5e53f47c6043c852
unpack001/9ea5aa00e0a738b74066c61b1d35331170a9e0a84df1cc6cef58fd46a8ec5a2e
unpack001/a917c1cc198cf36c0f2f6c24652e5c2e94e28d963b128d54f00144d216b2d118
unpack001/efd470cfa90b918e5d558e5c8c3821343af06eedfd484dfeb20c4605f9bdc30e.bin

Files

Win32.FASTCash.zip
.zip

Password: infected
129b8825eaf61dcc2321aad7b84632233fa4bbc7e24bdf123b507157353930f0
.dll windows:5 windows x86 arch:x86

0ab159bd939411cb8df935bd9e7b5835

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
DisableThreadLibraryCalls
GetLocalTime
GetCurrentProcessId
GetCurrentThreadId
GetProcAddress
GetModuleHandleA
GetCurrentThread
GlobalAlloc
GlobalFree
GetLastError
Sleep
CreateDirectoryA
VirtualQuery
InterlockedCompareExchange
VirtualProtect
ResumeThread
FlushInstructionCache
GetCurrentProcess
SetThreadContext
GetThreadContext
VirtualFree
SuspendThread
DebugBreak
VirtualAlloc
SetLastError
SetEndOfFile
CreateFileW
HeapSize
HeapReAlloc
CreateFileA
HeapFree
HeapAlloc
DecodePointer
GetCommandLineA
RtlUnwind
IsProcessorFeaturePresent
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleHandleW
ExitProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LCMapStringW
MultiByteToWideChar
HeapCreate
HeapDestroy
GetModuleFileNameW
ReadFile
SetFilePointer
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
RaiseException
WriteConsoleW
SetStdHandle
FlushFileBuffers
LoadLibraryW
GetStringTypeW
GetProcessHeap

ws2_32

send
recv
WSAGetLastError
inet_ntoa
WSASetLastError
getpeername
ntohs

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
9a776b895e93926e2a758c09e341accb9333edc1243d216a5e53f47c6043c852
.exe windows:5 windows x86 arch:x86

6b8fa355d78d649f199232a25e22d630

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CreateFileW
FlushFileBuffers
FindClose
CloseHandle
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
HeapDestroy
HeapCreate
WideCharToMultiByte
MultiByteToWideChar
WriteFile
GetTimeZoneInformation
CreateThread
GetDriveTypeW
SetEnvironmentVariableA
WaitForSingleObject
CompareStringW
WriteConsoleW
SetStdHandle
GetCurrentDirectoryW
CreateFileA
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
SetFilePointer
GetConsoleMode
GetConsoleCP
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitThread
Sleep
GetTickCount
ExpandEnvironmentStringsA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
InitializeCriticalSection
FormatMessageA
IsProcessorFeaturePresent
RtlUnwind
HeapSize
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
GetStringTypeW
SetEndOfFile

advapi32

CryptAcquireContextA
CryptEncrypt
CryptImportKey
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW
CryptGetHashParam
CryptDestroyKey

shlwapi

StrTrimA

ws2_32

recv
bind
socket
__WSAFDIsSet
ntohs
htons
getsockopt
WSACleanup
gethostname
freeaddrinfo
WSASetLastError
closesocket
send
setsockopt
shutdown
getsockname
WSAGetLastError
select
getaddrinfo
WSAStartup
connect
WSAIoctl
ioctlsocket
getpeername

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
9ea5aa00e0a738b74066c61b1d35331170a9e0a84df1cc6cef58fd46a8ec5a2e
.dll windows:6 windows x64 arch:x64

b113cba285f3c4ed179422f54692f4e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsA

kernel32

DeleteFileA
CreateThread
GetLocalTime
GlobalLock
RemoveDirectoryA
WinExec
CreateDirectoryA
GlobalUnlock
GetLastError
ReadFile
WriteFile
SetFilePointer
CloseHandle
SystemTimeToFileTime
UnmapViewOfFile
TerminateThread
CreateFileMappingA
MapViewOfFile
GetTickCount
SetEndOfFile
HeapSize
WriteConsoleW
FlushFileBuffers
CreateFileW
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetTempPathA
Sleep
MultiByteToWideChar
FindClose
InitializeCriticalSection
LeaveCriticalSection
FindNextFileA
FindFirstFileA
EnterCriticalSection
FileTimeToSystemTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlPcToFileHeader
EncodePointer
RaiseException
GetModuleFileNameW
RtlUnwindEx
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
DeleteCriticalSection
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
WideCharToMultiByte
HeapFree
HeapAlloc
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetStdHandle
GetFileType
SetStdHandle
CompareStringW
LCMapStringW
DeleteFileW
GetTimeZoneInformation
GetACP
GetConsoleCP
GetStringTypeW
HeapReAlloc
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetCPInfo

user32

GetDC
EnumDisplayMonitors
GetSystemMetrics
GetKeyState
GetAsyncKeyState
GetDesktopWindow
CloseClipboard
MapVirtualKeyA
GetForegroundWindow
GetClipboardData
GetKeyNameTextW
GetWindowTextW
OpenClipboard

gdi32

CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetDIBits
GetDeviceCaps
DeleteDC
DeleteObject
BitBlt

advapi32

SystemFunction036
GetUserNameA

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
a917c1cc198cf36c0f2f6c24652e5c2e94e28d963b128d54f00144d216b2d118
.exe windows:5 windows x86 arch:x86

3415ed7e09a44243bcabe4422aeef7dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CreateFileW
FlushFileBuffers
FindClose
CloseHandle
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
HeapDestroy
HeapCreate
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetTimeZoneInformation
CreateThread
SetEnvironmentVariableA
CompareStringW
WriteFile
WaitForSingleObject
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitThread
Sleep
EnterCriticalSection
GetTickCount
ExpandEnvironmentStringsA
VerSetConditionMask
VerifyVersionInfoA
SleepEx
FormatMessageA
SetEndOfFile
WriteConsoleW
SetStdHandle
CreateFileA
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
GetDriveTypeW
FreeEnvironmentStringsW
GetModuleFileNameA
EncodePointer
DecodePointer
GetLastError
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
IsProcessorFeaturePresent
GetStdHandle
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetHandleCount
GetFileType
SetFilePointer
LoadLibraryW

advapi32

CryptDestroyKey
CryptImportKey
CryptGenRandom
CryptAcquireContextA
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptReleaseContext
CryptAcquireContextW
CryptGetHashParam
CryptEncrypt

shlwapi

StrTrimA

ws2_32

bind
socket
freeaddrinfo
WSASetLastError
closesocket
WSACleanup
htonl
htons
ntohs
recv
send
__WSAFDIsSet
getsockopt
getpeername
gethostname
setsockopt
shutdown
getsockname
WSAGetLastError
select
getaddrinfo
WSAStartup
WSAIoctl
ioctlsocket
connect

Sections

.text
Size: 326KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
efd470cfa90b918e5d558e5c8c3821343af06eedfd484dfeb20c4605f9bdc30e.bin
.dll windows:5 windows x64 arch:x64

f0faa229b086ea5053b4268855f0c8ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsA

kernel32

Sleep
RemoveDirectoryA
CreateFileA
WriteFile
GlobalLock
GlobalUnlock
GetLocalTime
GetCurrentThreadId
TerminateThread
GetLastError
SetFilePointer
ReadFile
SystemTimeToFileTime
FileTimeToSystemTime
FindClose
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTickCount
CreateFileW
GetProcessHeap
SetEndOfFile
HeapReAlloc
GetStringTypeW
HeapSize
FlushFileBuffers
WriteConsoleW
LoadLibraryW
FindNextFileA
FindFirstFileA
CreateThread
CreateDirectoryA
GetTempPathA
CloseHandle
CompareStringW
UnhandledExceptionFilter
HeapFree
HeapAlloc
DeleteFileA
GetSystemTimeAsFileTime
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
SetEnvironmentVariableA
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
DecodePointer
EncodePointer
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcAddress
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileType
SetHandleCount
GetStartupInfoW
DeleteCriticalSection
MultiByteToWideChar
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetTimeZoneInformation
RaiseException
RtlPcToFileHeader
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId

user32

GetSystemMetrics
EnumDisplayMonitors
GetDC
GetKeyNameTextA
GetKeyState
GetDesktopWindow
GetAsyncKeyState
GetWindowTextA
GetForegroundWindow
CloseClipboard
GetClipboardData
OpenClipboard
MapVirtualKeyA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
GetDIBits
SelectObject
DeleteObject
DeleteDC
BitBlt

Exports

Exports

Process

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

0ab159bd939411cb8df935bd9e7b5835

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 7KB - Virtual size: 18KB

.reloc Size: 7KB - Virtual size: 7KB

6b8fa355d78d649f199232a25e22d630

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

ws2_32

Sections

.text Size: 194KB - Virtual size: 193KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 5KB - Virtual size: 17KB

.reloc Size: 9KB - Virtual size: 8KB

b113cba285f3c4ed179422f54692f4e3

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 3KB - Virtual size: 8KB

.pdata Size: 8KB - Virtual size: 7KB

.gfids Size: 512B - Virtual size: 228B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

3415ed7e09a44243bcabe4422aeef7dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

ws2_32

Sections

.text Size: 326KB - Virtual size: 325KB

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 6KB - Virtual size: 39KB

.reloc Size: 15KB - Virtual size: 14KB

f0faa229b086ea5053b4268855f0c8ba

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 6KB - Virtual size: 14KB

.pdata Size: 5KB - Virtual size: 5KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 7KB - Virtual size: 18KB

.reloc
Size: 7KB - Virtual size: 7KB

.text
Size: 194KB - Virtual size: 193KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 17KB

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 8KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 228B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 326KB - Virtual size: 325KB

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 6KB - Virtual size: 39KB

.reloc
Size: 15KB - Virtual size: 14KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 6KB - Virtual size: 14KB

.pdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1KB - Virtual size: 1KB