1b1ad53c16c19859a9784e7ce8c87e60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b1ad53c16c19859a9784e7ce8c87e60_JaffaCakes118
Size

1.4MB
MD5

1b1ad53c16c19859a9784e7ce8c87e60
SHA1

32243679ef46d95d87b63b399147dc7c70d2d7c9
SHA256

8d3f4494a3c15423bdef2a15eb65d945e29f31afd1a643a8b6780de18c552ec7
SHA512

fef89a3b08c322edaf38df6d820ccd792e6e0416df5b61bbc5ae28b2438f162976fbab004c8ce310987906cbd2c7fcf6b8655ad82abd788255c950c255fc0b78
SSDEEP

24576:WFC7PC4AuNF2HDsnCyp7400UiCfSrDqvpZC9aJz4w24Yq8O+0Am6SoiwLwOsR7x:KGNF2HAn7u0TiUYDqhZIaN72btd3iwLC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Power Notes/Notes.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Power Notes/Notes.CHS
unpack001/Power Notes/Notes.exe
unpack002/out.upx

Files

1b1ad53c16c19859a9784e7ce8c87e60_JaffaCakes118
.rar
Power Notes/Lang/ChineseSmpl.txt
Power Notes/Lang/English.txt
Power Notes/Notes.CHS
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Power Notes/Notes.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 939KB - Virtual size: 940KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$16Cspin@TCSpinEdit
@$xp$16Ehsbase@TehsBase
@$xp$17TPerformanceGraph
@$xp$18Cspin@TCSpinButton
@$xp$22Ehswhatsthis@TF1Action
@$xp$23Cspin@TTimerSpeedButton
@$xp$23Ehshelprouter@THelpType
@$xp$23Ehshelprouter@TShowType
@$xp$23Ehswhatsthis@TWhatsThis
@$xp$25Ehshelprouter@THelpRouter
@$xp$25Ehshelprouter@THtmlOption
@$xp$25Ehswhatsthis@TWTHelpEvent
@$xp$26Ehshelprouter@THtmlOptions
@$xp$26Ehswhatsthis@TWTPopupEvent
@$xp$27Ehswhatsthis@TWhatsThisMode
@$xp$28Ehswhatsthis@TF1KeyDownEvent
@$xp$29Ehscontextmap@THelpContextMap
@$xp$29Ehswhatsthis@TWhatsThisOption
@$xp$30Ehswhatsthis@TWhatsThisOptions
@$xp$32Ehswhatsthis@TWTHelpContextEvent
@$xp$7TCGauge
@$xp$ynpqqrp14System@TObject21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii$v
@$xp$ynpqqrp14System@TObject46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii$v
@$xp$ynpqqrp14System@TObjectrc$v
@$xp$ynpqqrp14System@TObjectrp20Controls@TDragObject$v
@$xp$ynpqqrp14System@TObjectrp24Controls@TDragDockObject$v
@$xp$ynpqqrp14System@TObjectrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%$v
@$xp$ynpqqrp14System@TObjectt1ii$v
@$xp$ynpqqrp14System@TObjectt1ii19Controls@TDragStatero$v
@@Actions@Finalize
@@Actions@Initialize
@@Cgauges@Finalize
@@Cgauges@Initialize
@@Cspin@Finalize
@@Cspin@Initialize
@@Kms@Finalize
@@Kms@Initialize
@@Messageclose@Finalize
@@Messageclose@Initialize
@@Mhides@Finalize
@@Mhides@Initialize
@@Nagscr@Finalize
@@Nagscr@Initialize
@@New_note@Finalize
@@New_note@Initialize
@@Note_list@Finalize
@@Note_list@Initialize
@@Options@Finalize
@@Options@Initialize
@@Perfgrap@Finalize
@@Perfgrap@Initialize
@@Psfreecomparing@Finalize
@@Psfreecomparing@Initialize
@@Psmainvars@Finalize
@@Psmainvars@Initialize
@@Psmessagedlg@Finalize
@@Psmessagedlg@Initialize
@@Psnoteanimationprocess@Finalize
@@Psnoteanimationprocess@Initialize
@@Psnoteseditor@Finalize
@@Psnoteseditor@Initialize
@@Psnoteseditorform@Finalize
@@Psnoteseditorform@Initialize
@@Psnotesfolderselect@Finalize
@@Psnotesfolderselect@Initialize
@@Psnotesheaders@Finalize
@@Psnotesheaders@Initialize
@@Psnotesver@Finalize
@@Psnotesver@Initialize
@@Psoptions@Finalize
@@Psoptions@Initialize
@@Psskin@Finalize
@@Psskin@Initialize
@@Psstructs@Finalize
@@Psstructs@Initialize
@@Pssystemmessage@Finalize
@@Pssystemmessage@Initialize
@@Registr@Finalize
@@Registr@Initialize
@@Remindf@Finalize
@@Remindf@Initialize
@@Sdialog@Finalize
@@Sdialog@Initialize
@@Sellang@Finalize
@@Sellang@Initialize
@@Unit1@Finalize
@@Unit1@Initialize
@@Unit3@Finalize
@@Unit3@Initialize
@@Vief@Finalize
@@Vief@Initialize
@Cspin@TCSpinButton@
@Cspin@TCSpinButton@$bctr$qqrp18Classes@TComponent
@Cspin@TCSpinButton@$bdtr$qqrv
@Cspin@TCSpinButton@AdjustSize$qqrrit1
@Cspin@TCSpinButton@BtnClick$qqrp14System@TObject
@Cspin@TCSpinButton@BtnMouseDown$qqrp14System@TObject21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Cspin@TCSpinButton@CreateButton$qqrv
@Cspin@TCSpinButton@Dispatch$qqrpv
@Cspin@TCSpinButton@GetDownGlyph$qqrv
@Cspin@TCSpinButton@GetUpGlyph$qqrv
@Cspin@TCSpinButton@KeyDown$qqrrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@Cspin@TCSpinButton@Loaded$qqrv
@Cspin@TCSpinButton@SetBounds$qqriiii
@Cspin@TCSpinButton@SetDownGlyph$qqrp16Graphics@TBitmap
@Cspin@TCSpinButton@SetFocusBtn$qqrp23Cspin@TTimerSpeedButton
@Cspin@TCSpinButton@SetUpGlyph$qqrp16Graphics@TBitmap
@Cspin@TCSpinButton@WMGetDlgCode$qqrr20Messages@TWMNoParams
@Cspin@TCSpinButton@WMKillFocus$qqrr21Messages@TWMKillFocus
@Cspin@TCSpinButton@WMSetFocus$qqrr20Messages@TWMSetFocus
@Cspin@TCSpinButton@WMSize$qqrr16Messages@TWMSize
@Cspin@TCSpinEdit@
@Cspin@TCSpinEdit@$bctr$qqrp18Classes@TComponent
@Cspin@TCSpinEdit@$bdtr$qqrv
@Cspin@TCSpinEdit@CMEnter$qqrr20Messages@TWMNoParams
@Cspin@TCSpinEdit@CMExit$qqrr20Messages@TWMNoParams
@Cspin@TCSpinEdit@CheckValue$qqrl
@Cspin@TCSpinEdit@CreateParams$qqrr22Controls@TCreateParams
@Cspin@TCSpinEdit@CreateWnd$qqrv
@Cspin@TCSpinEdit@Dispatch$qqrpv
@Cspin@TCSpinEdit@DownClick$qqrp14System@TObject
@Cspin@TCSpinEdit@GetChildren$qqrynpqqrp18Classes@TComponent$vp18Classes@TComponent
@Cspin@TCSpinEdit@GetMinHeight$qqrv
@Cspin@TCSpinEdit@GetValue$qqrv
@Cspin@TCSpinEdit@IsValidChar$qqrc
@Cspin@TCSpinEdit@KeyDown$qqrrus46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%
@Cspin@TCSpinEdit@KeyPress$qqrrc
@Cspin@TCSpinEdit@SetEditRect$qqrv
@Cspin@TCSpinEdit@SetValue$qqrl
@Cspin@TCSpinEdit@UpClick$qqrp14System@TObject
@Cspin@TCSpinEdit@WMCut$qqrr20Messages@TWMNoParams
@Cspin@TCSpinEdit@WMPaste$qqrr20Messages@TWMNoParams
@Cspin@TCSpinEdit@WMSize$qqrr16Messages@TWMSize
@Cspin@TTimerSpeedButton@
@Cspin@TTimerSpeedButton@$bctr$qqrp18Classes@TComponent
@Cspin@TTimerSpeedButton@$bdtr$qqrv
@Cspin@TTimerSpeedButton@MouseDown$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Cspin@TTimerSpeedButton@MouseUp$qqr21Controls@TMouseButton46System@%Set$t18Classes@Classes__1$iuc$0$iuc$6%ii
@Cspin@TTimerSpeedButton@Paint$qqrv
@Cspin@TTimerSpeedButton@TimerExpired$qqrp14System@TObject
@Ehsbase@Finalization$qqrv
@Ehsbase@TehsBase@
@Ehsbase@TehsBase@$bdtr$qqrv
@Ehsbase@TehsBase@Loaded$qqrv
@Ehsbase@TehsBase@WndProc$qqrr17Messages@TMessage
@Ehsbase@initialization$qqrv
@Ehscontextmap@Finalization$qqrv
@Ehscontextmap@THelpContextMap@
@Ehscontextmap@THelpContextMap@$bctr$qqrp18Classes@TComponent
@Ehscontextmap@THelpContextMap@$bdtr$qqrv
@Ehscontextmap@THelpContextMap@DefineProperties$qqrp14Classes@TFiler
@Ehscontextmap@THelpContextMap@GetContext$qqr17System@AnsiString
@Ehscontextmap@THelpContextMap@ReadFileData$qqrp15Classes@TStream
@Ehscontextmap@THelpContextMap@SetFileName$qqr17System@AnsiString
@Ehscontextmap@THelpContextMap@WriteFileData$qqrp15Classes@TStream
@Ehscontextmap@initialization$qqrv
@Ehshelprouter@Finalization$qqrv
@Ehshelprouter@GLOBAL_HELPROUTER
@Ehshelprouter@THelpRouter@
@Ehshelprouter@THelpRouter@$bctr$qqrp18Classes@TComponent
@Ehshelprouter@THelpRouter@$bdtr$qqrv
@Ehshelprouter@THelpRouter@CurrentForm$qqrv
@Ehshelprouter@THelpRouter@FindHandle$qqrv
@Ehshelprouter@THelpRouter@FindHelpfile$qqrv
@Ehshelprouter@THelpRouter@HTMLhelpInstalled$qqrv
@Ehshelprouter@THelpRouter@HelpALink$qqr17System@AnsiString
@Ehshelprouter@THelpRouter@HelpContent$qqrv
@Ehshelprouter@THelpRouter@HelpJump$qqr17System@AnsiStringt1
@Ehshelprouter@THelpRouter@HelpKLink$qqr17System@AnsiString
@Ehshelprouter@THelpRouter@HelpKeyword$qqr17System@AnsiString
@Ehshelprouter@THelpRouter@HelpPopup$qqriii17System@AnsiString
@Ehshelprouter@THelpRouter@OnRouteHelp$qqrusiro
@Ehshelprouter@THelpRouter@SetHelpType$qqr23Ehshelprouter@THelpType
@Ehshelprouter@THelpRouter@ValidateHTMLID$qqr17System@AnsiString
@Ehshelprouter@initialization$qqrv
@Ehshshtb@Finalization$qqrv
@Ehshshtb@GetHashValue$qqr17System@AnsiString
@Ehshshtb@initialization$qqrv
@Ehswhatsthis@Finalization$qqrv
@Ehswhatsthis@HelpItemClick$qqrp14System@TObject
@Ehswhatsthis@Keyboard_Proc$qqsiii
@Ehswhatsthis@Mouse_Proc$qqsiii
@Ehswhatsthis@TWhatsThis@
@Ehswhatsthis@TWhatsThis@$bctr$qqrp18Classes@TComponent
@Ehswhatsthis@TWhatsThis@$bdtr$qqrv
@Ehswhatsthis@TWhatsThis@Activate$qqrv
@Ehswhatsthis@TWhatsThis@CancelContextHelp$qqrv
@Ehswhatsthis@TWhatsThis@ContextHelp$qqrv
@Ehswhatsthis@TWhatsThis@ControlFromHandle$qqrui
@Ehswhatsthis@TWhatsThis@ControlFromPoint$qqruirx12Types@TPoint
@Ehswhatsthis@TWhatsThis@Deactivate$qqrv
@Ehswhatsthis@TWhatsThis@DoOnHelp$qqrp14System@TObjectoiiiro
@Ehswhatsthis@TWhatsThis@FindMenuItem$qqruiii
@Ehswhatsthis@TWhatsThis@HookCallWnd$qqrv
@Ehswhatsthis@TWhatsThis@HookWindow$qqrui
@Ehswhatsthis@TWhatsThis@InvokeHelp$qqrii
@Ehswhatsthis@TWhatsThis@Loaded$qqrv
@Ehswhatsthis@TWhatsThis@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Ehswhatsthis@TWhatsThis@SetActive$qqro
@Ehswhatsthis@TWhatsThis@SetHelpContextMap$qqrp29Ehscontextmap@THelpContextMap
@Ehswhatsthis@TWhatsThis@SetMode$qqr27Ehswhatsthis@TWhatsThisMode
@Ehswhatsthis@TWhatsThis@SetPopupCaption$qqr17System@AnsiString
@Ehswhatsthis@TWhatsThis@SetPopupHelpContext$qqri
@Ehswhatsthis@TWhatsThis@SetWTAction$qqrp16Actnlist@TAction
@Ehswhatsthis@TWhatsThis@SetWTMenuItem$qqrp15Menus@TMenuItem
@Ehswhatsthis@TWhatsThis@SetWTToolbarButton$qqrp17Controls@TControl
@Ehswhatsthis@TWhatsThis@UnhookCallWnd$qqrv
@Ehswhatsthis@TWhatsThis@UnhookWindow$qqrv
@Ehswhatsthis@TWhatsThis@UpdateControlEvents$qqro
@Ehswhatsthis@TWhatsThis@UpdateControls$qqro
@Ehswhatsthis@TWhatsThis@WhatsThisMenuClick$qqrp14System@TObject
@Ehswhatsthis@TWhatsThis@WindowHookProc$qqrr17Messages@TMessage
@Ehswhatsthis@TWhatsThis@WndProc$qqrr17Messages@TMessage
@Ehswhatsthis@initialization$qqrv
@TCGauge@
@TCGauge@$bctr$qqrp18Classes@TComponent
@TCGauge@AddProgress$qqrl
@TCGauge@GetPercentDone$qqrv
@TCGauge@Paint$qqrv
@TCGauge@PaintAsBar$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsNeedle$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsNothing$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsPie$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsText$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintBackground$qqrp16Graphics@TBitmap
@TCGauge@SeTCGaugeKind$qqr11TCGaugeKind
@TCGauge@SetBackColor$qqr15Graphics@TColor
@TCGauge@SetBorderStyle$qqr22Forms@TFormBorderStyle
@TCGauge@SetForeColor$qqr15Graphics@TColor
@TCGauge@SetMaxValue$qqrl
@TCGauge@SetMinValue$qqrl
@TCGauge@SetProgress$qqrl
@TCGauge@SetShowText$qqro
@TPerformanceGraph@
@TPerformanceGraph@$bctr$qqrp18Classes@TComponent
@TPerformanceGraph@$bdtr$qqrv
@TPerformanceGraph@DataPoint$qqr15Graphics@TColorl
@TPerformanceGraph@DisplayPoints$qqrl
@TPerformanceGraph@Initialize$qqrl
@TPerformanceGraph@Paint$qqrv
@TPerformanceGraph@PaintBar$qqr15Graphics@TColorll
@TPerformanceGraph@PaintLine$qqr15Graphics@TColorll
@TPerformanceGraph@ReallocHistory$qqrv
@TPerformanceGraph@Replay$qqrv
@TPerformanceGraph@ScrollGraph$qqrv
@TPerformanceGraph@SetBackColor$qqr15Graphics@TColor
@TPerformanceGraph@SetForeColor$qqr15Graphics@TColor
@TPerformanceGraph@SetGradient$qqrl
@TPerformanceGraph@SetGraphKind$qqr10TGraphKind
@TPerformanceGraph@SetGridSize$qqrl
@TPerformanceGraph@SetGridlines$qqro
@TPerformanceGraph@SetPenWidth$qqrl
@TPerformanceGraph@SetScale$qqrl
@TPerformanceGraph@SetStepSize$qqrl
@TPerformanceGraph@Update$qqrv
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 233KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Power Notes/Sound/Later.wav
Power Notes/Sound/VIP.wav
Power Notes/Sound/late.wav
Power Notes/Sound/user.wav
Power Notes/disclink.dat
Power Notes/file_id.diz
Power Notes/help.chm
.chm
Power Notes/license.txt
Power Notes/readme.txt
Power Notes/syslink.dat
Power Notes/新云软件.url
.url
Power Notes/汉化说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 10KB - Virtual size: 10KB

DATA Size: 512B - Virtual size: 176B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 834B

.reloc Size: 1024B - Virtual size: 752B

.rsrc Size: 1.3MB - Virtual size: 1.3MB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.5MB

UPX1 Size: 939KB - Virtual size: 940KB

.rsrc Size: 356KB - Virtual size: 356KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.data Size: 233KB - Virtual size: 272KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 15KB - Virtual size: 16KB

.edata Size: 13KB - Virtual size: 16KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 115KB - Virtual size: 116KB

CODE
Size: 10KB - Virtual size: 10KB

DATA
Size: 512B - Virtual size: 176B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 834B

.reloc
Size: 1024B - Virtual size: 752B

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

UPX0
Size: - Virtual size: 2.5MB

UPX1
Size: 939KB - Virtual size: 940KB

.rsrc
Size: 356KB - Virtual size: 356KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 233KB - Virtual size: 272KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 15KB - Virtual size: 16KB

.edata
Size: 13KB - Virtual size: 16KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 115KB - Virtual size: 116KB