2e900f75c260885b8f337aad918919c6ba4af3fd70fea4acfc9d66d57f97b0f7_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

2e900f75c260885b8f337aad918919c6ba4af3fd70fea4acfc9d66d57f97b0f7_NeikiAnalytics.exe
Size

177KB
MD5

301bb3b743dbd1abc378366df8939960
SHA1

fddc0486e1b4e44cdff5f30f637da5ccaeaebcdf
SHA256

2e900f75c260885b8f337aad918919c6ba4af3fd70fea4acfc9d66d57f97b0f7
SHA512

1da3fa465a72efccd8025986c5a6276489772229c3fe2d1921be784be5ac1e768fbe8eb3716fd73270f8865b2d8eb1865bce3b29beeaa4582682e8a73a2aa8db
SSDEEP

3072:EtzmD2n5/ACRcd087CpzkqSoxl5EK0GEf8exlwqxrHyokJP5L5Wis8ErN:AZcd0CqSoxl2KA8e/5EJP5L5Wis8EB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e900f75c260885b8f337aad918919c6ba4af3fd70fea4acfc9d66d57f97b0f7_NeikiAnalytics.exe

Files

2e900f75c260885b8f337aad918919c6ba4af3fd70fea4acfc9d66d57f97b0f7_NeikiAnalytics.exe
.exe windows:4 windows x64 arch:x64

cb217b36c512224202a5c27793a585d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_errno
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
fputc
free
fwrite
localeconv
malloc
memcmp
memcpy
memmove
memset
qsort
signal
strerror
strlen
strncmp
vfprintf
wcslen

libgcc_s_seh-1

_Unwind_Resume

libstdc++-6

_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE11_M_is_localEv
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7compareERKS4_
_ZNSt3_V215system_categoryEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_disposeEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEyyPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12_M_constructEyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE13_S_copy_charsEPcPKcS7_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4swapERS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6appendEPKc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6appendEyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6insertEyyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7_S_copyEPcPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7reserveEy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_appendEPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERyy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEC1EOS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEC1ERKS4_
_ZSt17__throw_bad_allocv
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPKSt18_Rb_tree_node_base
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt25__throw_bad_function_callv
_ZSt28__throw_bad_array_new_lengthv
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv119__pointer_type_infoE
_ZTVN10__cxxabiv120__function_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZdlPvy
_Znay
_Znwy
__cxa_begin_catch
__cxa_end_catch
__cxa_rethrow
__gxx_personality_seh0

libllvmaarch64desc

LLVMInitializeAArch64TargetMC

libllvmaarch64info

LLVMInitializeAArch64TargetInfo

libllvmamdgpudesc

LLVMInitializeAMDGPUTargetMC

libllvmamdgpuinfo

LLVMInitializeAMDGPUTargetInfo

libllvmarmdesc

LLVMInitializeARMTargetMC

libllvmarminfo

LLVMInitializeARMTargetInfo

libllvmdebuginfodwarf

_ZN4llvm12DWARFContext13getAppleNamesEv
_ZN4llvm12DWARFContext13getAppleTypesEv
_ZN4llvm12DWARFContext13getDebugNamesEv
_ZN4llvm12DWARFContext15getDIEForOffsetEy
_ZN4llvm12DWARFContext17getDIEsForAddressEyb
_ZN4llvm12DWARFContext18getAppleNamespacesEv
_ZN4llvm12DWARFContext19getLineTableForUnitEPNS_9DWARFUnitE
_ZN4llvm12DWARFContext23getCompileUnitForOffsetEy
_ZN4llvm12DWARFContext24getDWOCompileUnitForHashEy
_ZN4llvm12DWARFContext4dumpERNS_11raw_ostreamENS_13DIDumpOptionsESt5arrayISt8optionalIyELy28EE
_ZN4llvm12DWARFContext6createERKNS_6object10ObjectFileENS0_23ProcessDebugRelocationsEPKNS_16LoadedObjectInfoENSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESt8functionIFvNS_5ErrorEEESI_b
_ZN4llvm14DWARFDebugLine13SectionParser9parseNextENS_12function_refIFvNS_5ErrorEEEES5_PNS_11raw_ostreamEb
_ZN4llvm14DWARFDebugLine13SectionParserC1ERNS_18DWARFDataExtractorERKNS_12DWARFContextENS_14iterator_rangeIPSt10unique_ptrINS_9DWARFUnitESt14default_deleteIS9_EEEE
_ZN4llvm15DWARFDebugNames13ValueIterator4nextEv
_ZN4llvm15DWARFExpression9Operation7extractENS_13DataExtractorEhySt8optionalINS_5dwarf11DwarfFormatEE
_ZN4llvm21AppleAcceleratorTable5Entry7extractEPy
_ZN4llvm21AppleAcceleratorTable8Iterator21prepareNextEntryOrEndEv
_ZN4llvm21AppleAcceleratorTable8IteratorC1ERKS0_b
_ZN4llvm9DWARFUnit17getCompilationDirEv
_ZN4llvm9DWARFUnit19extractDIEsIfNeededEb
_ZN4llvm9DWARFUnit8parseDWOENS_9StringRefE
_ZNK4llvm14DWARFDebugLine8Prologue14hasFileAtIndexEy
_ZNK4llvm14DWARFDebugLine8Prologue18getFileNameByIndexEyNS_9StringRefENS_19DILineInfoSpecifier16FileLineInfoKindERNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEENS_3sys4path5StyleE
_ZNK4llvm14DWARFDebugLine8Prologue21getLastValidFileIndexEv
_ZNK4llvm14DWARFFormValue21getAsUnsignedConstantEv
_ZNK4llvm15DWARFDebugNames11equal_rangeENS_9StringRefE
_ZNK4llvm15DWARFDebugNames5Entry11getCUOffsetEv
_ZNK4llvm15DWARFDebugNames5Entry16getDIEUnitOffsetEv
_ZNK4llvm21AppleAcceleratorTable11equal_rangeENS_9StringRefE
_ZNK4llvm21AppleAcceleratorTable24readStringFromStrSectionEy
_ZNK4llvm21AppleAcceleratorTable5Entry19getDIESectionOffsetEv
_ZNK4llvm8DWARFDie10getSiblingEv
_ZNK4llvm8DWARFDie12getLocationsENS_5dwarf9AttributeE
_ZNK4llvm8DWARFDie12getShortNameEv
_ZNK4llvm8DWARFDie13getFirstChildEv
_ZNK4llvm8DWARFDie15findRecursivelyENS_8ArrayRefINS_5dwarf9AttributeEEE
_ZNK4llvm8DWARFDie16getAddressRangesEv
_ZNK4llvm8DWARFDie32getAttributeValueAsReferencedDieENS_5dwarf9AttributeE
_ZNK4llvm8DWARFDie4dumpERNS_11raw_ostreamEjNS_13DIDumpOptionsE
_ZNK4llvm8DWARFDie4findENS_5dwarf9AttributeE
_ZNK4llvm8DWARFDie7getNameENS_10DINameKindE
_ZNK4llvm8DWARFDie9getParentEv
_ZTVN4llvm15DWARFDebugNames5EntryE
_ZTVN4llvm21AppleAcceleratorTable5EntryE

libllvmmc

_ZN4llvm14TargetRegistry12lookupTargetENS_9StringRefERNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNK4llvm14MCRegisterInfo13getLLVMRegNumEjb

libllvmnvptxdesc

LLVMInitializeNVPTXTargetMC

libllvmnvptxinfo

LLVMInitializeNVPTXTargetInfo

libllvmobject

_ZN4llvm6object12createBinaryENS_15MemoryBufferRefEPNS_11LLVMContextEb
_ZN4llvm6object15MachOObjectFile13getArchTripleEjjPPKcS4_
_ZN4llvm6object15MachOObjectFile21findDsymObjectMembersB5cxx11ENS_9StringRefE
_ZN4llvm6object20MachOUniversalBinary13ObjectForArchC1EPKS1_j
_ZNK4llvm6object15MachOObjectFile11getHeader64Ev
_ZNK4llvm6object15MachOObjectFile13getArchTripleEPPKc
_ZNK4llvm6object15MachOObjectFile9getHeaderEv
_ZNK4llvm6object20MachOUniversalBinary13ObjectForArch12getAsArchiveEv
_ZNK4llvm6object20MachOUniversalBinary13ObjectForArch15getAsObjectFileEv
_ZNK4llvm6object6Binary7getDataEv
_ZNK4llvm6object7Archive11child_beginERNS_5ErrorEb
_ZNK4llvm6object7Archive5Child18getMemoryBufferRefEv
_ZNK4llvm6object7Archive5Child7getNameEv
_ZNK4llvm6object7Archive5Child7getNextEv
_ZNK4llvm6object7Archive9child_endEv

libllvmsupport

_ZN4llvm11raw_ostream14flush_nonemptyEv
_ZN4llvm11raw_ostream16SetBufferAndModeEPcyNS0_10BufferKindE
_ZN4llvm11raw_ostream5writeEPKcy
_ZN4llvm11raw_ostream5writeEh
_ZN4llvm11raw_ostreamD2Ev
_ZN4llvm11raw_ostreamlsERKNS_15FormattedStringE
_ZN4llvm11raw_ostreamlsERKNS_18format_object_baseE
_ZN4llvm11raw_ostreamlsERKNS_19formatv_object_baseE
_ZN4llvm11raw_ostreamlsEm
_ZN4llvm11raw_ostreamlsEy
_ZN4llvm12DenseMapInfoINS_9StringRefEvE12getHashValueES1_
_ZN4llvm12MemoryBuffer14getFileOrSTDINERKNS_5TwineEbbSt8optionalINS_5AlignEE
_ZN4llvm13ErrorInfoBase2IDE
_ZN4llvm13StringMapImpl11RehashTableEj
_ZN4llvm13StringMapImpl15LookupBucketForENS_9StringRefE
_ZN4llvm14ToolOutputFile16CleanupInstallerD1Ev
_ZN4llvm14ToolOutputFileC1ENS_9StringRefERSt10error_codeNS_3sys2fs9OpenFlagsE
_ZN4llvm14raw_fd_ostreamD1Ev
_ZN4llvm15MemoryBufferRefC1ERKNS_12MemoryBufferE
_ZN4llvm15SmallVectorBaseIjE13mallocForGrowEPvyyRy
_ZN4llvm15SmallVectorBaseIjE8grow_podEPvyy
_ZN4llvm15SmallVectorBaseIyE8grow_podEPvyy
_ZN4llvm15allocate_bufferEyy
_ZN4llvm16errorCodeToErrorESt10error_code
_ZN4llvm16getColorCategoryEv
_ZN4llvm17createStringErrorESt10error_codePKc
_ZN4llvm17deallocate_bufferEPvyy
_ZN4llvm18format_object_base4homeEv
_ZN4llvm19SmallPtrSetImplBase8CopyFromERKS0_
_ZN4llvm20getAsUnsignedIntegerENS_9StringRefEjRy
_ZN4llvm21logAllUnhandledErrorsENS_5ErrorERNS_11raw_ostreamENS_5TwineE
_ZN4llvm22inconvertibleErrorCodeEv
_ZN4llvm2cl10SubCommand11getTopLevelEv
_ZN4llvm2cl14OptionCategory16registerCategoryEv
_ZN4llvm2cl17basic_parser_impl6anchorEv
_ZN4llvm2cl18GenericOptionValue6anchorEv
_ZN4llvm2cl18getGeneralCategoryEv
_ZN4llvm2cl20HideUnrelatedOptionsENS_8ArrayRefIPKNS0_14OptionCategoryEEERNS0_10SubCommandE
_ZN4llvm2cl23ParseCommandLineOptionsEiPKPKcNS_9StringRefEPNS_11raw_ostreamES2_b
_ZN4llvm2cl3optINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEELb0ENS0_6parserIS7_EEE15setInitialValueERKS7_
_ZN4llvm2cl6Option11addArgumentEv
_ZN4llvm2cl6Option11addCategoryERNS0_14OptionCategoryE
_ZN4llvm2cl6Option13addOccurrenceEjNS_9StringRefES2_b
_ZN4llvm2cl6Option5errorERKNS_5TwineENS_9StringRefERNS_11raw_ostreamE
_ZN4llvm2cl6Option6anchorEv
_ZN4llvm2cl6Option9setArgStrENS_9StringRefE
_ZN4llvm2cl6parserIyE5parseERNS0_6OptionENS_9StringRefES5_Ry
_ZN4llvm2cl9extrahelpC1ENS_9StringRefE
_ZN4llvm3sys4path11is_relativeERKNS_5TwineENS1_5StyleE
_ZN4llvm3sys4path6appendERNS_15SmallVectorImplIcEERKNS_5TwineES7_S7_S7_
_ZN4llvm3sys4path8filenameENS_9StringRefENS1_5StyleE
_ZN4llvm4errsEv
_ZN4llvm4json5Value7destroyEv
_ZN4llvm4json5Value8moveFromEOKS1_
_ZN4llvm4json6isUTF8ENS_9StringRefEPy
_ZN4llvm4json7OStream11objectBeginEv
_ZN4llvm4json7OStream12attributeEndEv
_ZN4llvm4json7OStream14attributeBeginENS_9StringRefE
_ZN4llvm4json7OStream5valueERKNS0_5ValueE
_ZN4llvm4json7OStream9objectEndEv
_ZN4llvm4json7fixUTF8B5cxx11ENS_9StringRefE
_ZN4llvm4jsoneqERKNS0_5ValueES3_
_ZN4llvm4outsEv
_ZN4llvm5RegexC1ENS_9StringRefENS0_10RegexFlagsE
_ZN4llvm5RegexD1Ev
_ZN4llvm5nullsEv
_ZN4llvm6detail14format_adapter6anchorEv
_ZN4llvm8InitLLVMC1ERiRPPKcb
_ZN4llvm8InitLLVMD1Ev
_ZN4llvm8toStringB5cxx11ENS_5ErrorE
_ZN4llvm9ErrorList2IDE
_ZN4llvm9WithColor19defaultErrorHandlerENS_5ErrorE
_ZN4llvm9WithColor21defaultWarningHandlerENS_5ErrorE
_ZN4llvm9WithColor5errorEv
_ZN4llvm9WithColor7warningEv
_ZNK4llvm13StringMapImpl7FindKeyENS_9StringRefE
_ZNK4llvm2cl17basic_parser_impl14getOptionWidthERKNS0_6OptionE
_ZNK4llvm2cl17basic_parser_impl15printOptionInfoERKNS0_6OptionEy
_ZNK4llvm2cl17basic_parser_impl15printOptionNameERKNS0_6OptionEy
_ZNK4llvm2cl6parserIyE15printOptionDiffERKNS0_6OptionEyNS0_11OptionValueIyEEy
_ZNK4llvm5Regex5matchENS_9StringRefEPNS_15SmallVectorImplIS1_EEPNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNK4llvm5Regex7isValidERNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNK4llvm5Twine3strB5cxx11Ev
_ZNK4llvm5Twine5printERNS_11raw_ostreamE
_ZNK4llvm9StringRef5lowerB5cxx11Ev
_ZTVN4llvm13ErrorInfoBaseE
_ZTVN4llvm18raw_string_ostreamE
_ZTVN4llvm2cl11OptionValueINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEE
_ZTVN4llvm2cl17basic_parser_implE
_ZTVN4llvm2cl3optINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEELb0ENS0_6parserIS7_EEEE
_ZTVN4llvm2cl3optIbLb0ENS0_6parserIbEEEE
_ZTVN4llvm2cl3optIjLb0ENS0_6parserIjEEEE
_ZTVN4llvm2cl5aliasE
_ZTVN4llvm2cl6OptionE
_ZTVN4llvm2cl6parserINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEE
_ZTVN4llvm2cl6parserIbEE
_ZTVN4llvm2cl6parserIjEE
_ZTVN4llvm2cl6parserIyEE
_ZTVN4llvm6detail14format_adapterE
_ZTVN4llvm9ErrorListE
_ZTVN4llvm9FileErrorE

libllvmtargetparser

_ZN4llvm6Triple5setOSENS0_6OSTypeE
_ZN4llvm6Triple7setArchENS0_8ArchTypeENS0_11SubArchTypeE
_ZN4llvm6Triple9setVendorENS0_10VendorTypeE
_ZN4llvm6TripleC1ERKNS_5TwineE
_ZNK4llvm6Triple11getArchNameEv

libllvmwebassemblydesc

LLVMInitializeWebAssemblyTargetMC

libllvmwebassemblyinfo

LLVMInitializeWebAssemblyTargetInfo

libllvmx86desc

LLVMInitializeX86TargetMC

libllvmx86info

LLVMInitializeX86TargetInfo

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb217b36c512224202a5c27793a585d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

libgcc_s_seh-1

libstdc++-6

libllvmaarch64desc

libllvmaarch64info

libllvmamdgpudesc

libllvmamdgpuinfo

libllvmarmdesc

libllvmarminfo

libllvmdebuginfodwarf

libllvmmc

libllvmnvptxdesc

libllvmnvptxinfo

libllvmobject

libllvmsupport

libllvmtargetparser

libllvmwebassemblydesc

libllvmwebassemblyinfo

libllvmx86desc

libllvmx86info

Sections

.text Size: 111KB - Virtual size: 110KB

.data Size: 13KB - Virtual size: 13KB

.rdata Size: 16KB - Virtual size: 16KB

/4 Size: 512B - Virtual size: 4B

.pdata Size: 6KB - Virtual size: 5KB

.xdata Size: 8KB - Virtual size: 8KB

.bss Size: - Virtual size: 2KB

.idata Size: 18KB - Virtual size: 18KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 1024B - Virtual size: 620B

.text
Size: 111KB - Virtual size: 110KB

.data
Size: 13KB - Virtual size: 13KB

.rdata
Size: 16KB - Virtual size: 16KB

/4
Size: 512B - Virtual size: 4B

.pdata
Size: 6KB - Virtual size: 5KB

.xdata
Size: 8KB - Virtual size: 8KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 18KB - Virtual size: 18KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 1024B - Virtual size: 620B