Rocket-Launcher[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Rocket-Launcher.zip
Size

1.1MB
MD5

ed5ea6562cd69ee69f57f4169c3e16be
SHA1

46ec5cc0f24b7cdb77885557566443470e9d8293
SHA256

940d34bac77ed98a346f2a8ef0a8c57c95c9fb3e2bf61c91b0216296d9295d78
SHA512

ccd36eb63339862a738183891d3d7fb7e2ed0e7a3f25ef3bd6c28f14675b49d8562ef8834f0ced0cc8abce211deb5e14a2ba73932e754fa501d8e829f792f6a0
SSDEEP

24576:0Dhu42dYAnybrnMCslPKbhbJTUaH1oRtTxIk3TA1Hit:Ghu4w/4NbhbJT9H1iz33TA0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Injector.dll
unpack001/Newtonsoft.Json.dll
unpack001/PcapDotNet.Base.dll
unpack001/PcapDotNet.Core.Extensions.dll
unpack001/PcapDotNet.Core.dll
unpack001/PcapDotNet.Packets.dll
unpack001/Release/RLModding.dll
unpack001/Rocket Launcher.exe

Files

Rocket-Launcher.zip
.zip
Injector.dll
.dll windows:6 windows x86 arch:x86

1e759a180eea8b00baea097fd384636a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Taylors Repo\RLModding\Build\Injector.pdb

Imports

kernel32

WriteProcessMemory
GetFullPathNameW
WaitForSingleObject
GetModuleHandleA
OpenProcess
CreateToolhelp32Snapshot
GetExitCodeThread
Process32NextW
Process32FirstW
CloseHandle
Module32FirstW
GetProcAddress
VirtualAllocEx
GetModuleHandleW
CreateRemoteThread
Module32NextW
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
UnhandledExceptionFilter
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

shlwapi

StrStrIW

vcruntime140

__std_type_info_destroy_list
memmove
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memcpy
_except_handler4_common
memset

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

Eject
Inject
Inject_Beta

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Newtonsoft.Json.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Development\Releases\Json\Working\Newtonsoft.Json\Working-Signed\Src\Newtonsoft.Json\obj\Release\net45\Newtonsoft.Json.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 636KB - Virtual size: 635KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PcapDotNet.Base.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\GitHub\Pcap.Net\PcapDotNet\src\PcapDotNet.Base\obj\Release\PcapDotNet.Base.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PcapDotNet.Core.Extensions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\GitHub\Pcap.Net\PcapDotNet\src\PcapDotNet.Core.Extensions\obj\x86\Release\PcapDotNet.Core.Extensions.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PcapDotNet.Core.dll
.dll windows:6 windows x86 arch:x86

1b3103e13d5eda2515e4a6148ec1720b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\GitHub\Pcap.Net\PcapDotNet\bin\Release\PcapDotNet.Core.pdb

Imports

msvcr120

_except_handler4_common
_crt_debugger_hook
__clean_type_info_names_internal
__crtTerminateProcess
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
?terminate@@YAXXZ
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_purecall
__crtUnhandledException
__FrameUnwindFilter
_cexit
fclose
_wcserror_s
_get_osfhandle
_fileno
_wfopen_s
??_V@YAXPAX@Z
__CxxUnregisterExceptionObject
__CxxDetectRethrow
_CxxThrowException
__CxxRegisterExceptionObject
__CxxExceptionFilter
memmove
__CxxQueryExceptionSize
??2@YAPAXI@Z

kernel32

DecodePointer
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
Sleep
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer

wpcap

pcap_open_dead
pcap_dump_flush
pcap_dump_ftell
pcap_dump_close
pcap_dump
pcap_dump_open
pcap_sendqueue_alloc
pcap_sendqueue_queue
pcap_sendqueue_destroy
pcap_sendqueue_transmit
pcap_datalink_val_to_name
pcap_datalink_val_to_description
pcap_datalink_name_to_val
pcap_geterr
pcap_lib_version
pcap_compile
pcap_setfilter
pcap_freecode
pcap_offline_filter
pcap_sendpacket
pcap_loop
pcap_dispatch
pcap_setbuff
pcap_setnonblock
pcap_getnonblock
pcap_setmode
pcap_free_datalinks
pcap_list_datalinks
pcap_set_datalink
pcap_next_ex
pcap_close
pcap_breakloop
pcap_setsampling
pcap_minor_version
pcap_major_version
pcap_is_swapped
pcap_snapshot
pcap_datalink
pcap_open_offline
pcap_hopen_offline
pcap_open
pcap_stats_ex
pcap_freealldevs
pcap_findalldevs_ex
pcap_setmintocopy

msvcp120

?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
??0id@locale@std@@QAE@I@Z
?_Xlength_error@std@@YAXPBD@Z

mscoree

_CorDllMain

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PcapDotNet.Packets.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\GitHub\Pcap.Net\PcapDotNet\src\PcapDotNet.Packets\obj\Release\PcapDotNet.Packets.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 481KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Release/RLModding.dll
.dll windows:6 windows x86 arch:x86

ebb505fb4bd39be24fd7ae97d0d6bf9c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Taylors Repo\RLModding\Build\RLModding.pdb

Imports

kernel32

FormatMessageA
SetWaitableTimer
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
GetQueuedCompletionStatus
WaitForSingleObject
MultiByteToWideChar
TerminateThread
CloseHandle
QueueUserAPC
DeleteCriticalSection
VerSetConditionMask
VerifyVersionInfoW
CreateIoCompletionPort
HeapAlloc
GetStdHandle
SetStdHandle
DisableThreadLibraryCalls
CreateThread
GetWindowsDirectoryA
GetModuleHandleA
Sleep
GetProcAddress
GetModuleHandleW
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
TlsFree
LocalFree
WriteConsoleW
SetEndOfFile
AddVectoredExceptionHandler
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
GetTimeZoneInformation
GetProcessHeap
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetACP
GetFileType
TlsAlloc
GetLastError
PostQueuedCompletionStatus
SetErrorMode
LeaveCriticalSection
EnterCriticalSection
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetModuleFileNameA
HeapFree
ExitThread
HeapReAlloc
GetModuleHandleExW
ExitProcess
RaiseException
RtlUnwind
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
HeapSize
SetLastError
VirtualProtect
FlushInstructionCache
FreeLibrary
VirtualQuery
lstrcpyW
lstrlenW
K32GetModuleFileNameExW
CreateFileW
ReadFile
WriteFile
PeekNamedPipe
WaitNamedPipeW
GetCurrentProcessId
FormatMessageW
WideCharToMultiByte
GetStringTypeW
DuplicateHandle
WaitForSingleObjectEx
GetCurrentThread
GetCurrentThreadId
TryEnterCriticalSection
CreateEventW
TlsGetValue
TlsSetValue
GetSystemTimeAsFileTime
GetTickCount
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
InitializeSListHead
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList

user32

FindWindowA
MessageBoxW
MessageBoxA
CreateWindowExA
GetWindowPlacement
DestroyWindow
DefWindowProcW
SetWindowLongW
CallWindowProcW
GetClientRect
RegisterClassExA
SetCursor
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetKeyState

advapi32

RegCloseKey
RegCreateKeyExW
RegEnumValueA
RegOpenKeyExW
RegQueryValueExW
RegSetKeyValueW
RegOpenKeyExA

psapi

GetModuleInformation

ws2_32

WSAStartup
WSACleanup
WSAGetLastError
setsockopt
ioctlsocket
htons
htonl
getsockopt
WSARecv
connect
WSASocketW
WSAStringToAddressW
WSASetLastError
ntohl
select
WSASend
closesocket

imm32

ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 951KB - Virtual size: 950KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Rocket Launcher.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\scott\OneDrive\Documents\Visual Studio 2017\Projects\RocketLauncher_GUI\RocketLauncher_GUI\obj\Release\Rocket Launcher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e759a180eea8b00baea097fd384636a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcp140

shlwapi

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 572B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 636KB - Virtual size: 635KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 22KB - Virtual size: 22KB

.rsrc Size: 1024B - Virtual size: 960B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

1b3103e13d5eda2515e4a6148ec1720b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr120

kernel32

wpcap

msvcp120

mscoree

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 684B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 572B

.text
Size: 636KB - Virtual size: 635KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 1024B - Virtual size: 960B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 684B

.text
Size: 481KB - Virtual size: 481KB

.rsrc
Size: 1024B - Virtual size: 944B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 951KB - Virtual size: 950KB

.rdata
Size: 208KB - Virtual size: 208KB

.data
Size: 28KB - Virtual size: 260KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 56KB - Virtual size: 56KB

.text
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 12B