mainB
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
RSMBPro_64.dll
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
RSMBPro_64.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
10 signatures
150 seconds
General
-
Target
RSMBPro_64.aex
-
Size
12.6MB
-
MD5
c8782eeb911d1dc5c75a0ce6c08ddfd0
-
SHA1
1151574cf256a1fea0ee507074e7f270cf175d24
-
SHA256
c8725c5eae423a33b894c1deb63439382a5ad35d52561ee377368a7e57747644
-
SHA512
c448f61bf26beb18e8a7b15d79f7b47a3915af7d7289289b47839ca1a6e77efa36a3ceb3543a7070474adba88b416ed307b760f08af1e97935c212cd939687e6
-
SSDEEP
196608:4vAcj2ai73c+V7IBJj507qPKL3glRCYEEaDgeR33JvE20rKQCII:/78Jj507qPKa4ZR33JvEjrKz
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource RSMBPro_64.aex
Files
-
RSMBPro_64.aex.dll windows:6 windows x64 arch:x64
eee5b560f7fd36fa5ea9593a5e329102
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
ws2_32
accept
connect
__WSAFDIsSet
WSAIoctl
getaddrinfo
closesocket
bind
freeaddrinfo
ntohs
getsockname
getpeername
WSASetLastError
gethostname
WSAGetLastError
WSACleanup
WSAStartup
getservbyname
gethostbyname
socket
setsockopt
sendto
send
select
recvfrom
recv
ntohl
listen
inet_addr
htons
htonl
getsockopt
ioctlsocket
inet_ntoa
rpcrt4
UuidCreate
UuidToStringA
RpcStringFreeA
winmm
timeGetTime
timeBeginPeriod
timeEndPeriod
timeGetDevCaps
opengl32
glGetString
wglGetCurrentDC
wglGetProcAddress
glBegin
glBindTexture
glBlendFunc
glClear
glClearColor
glDeleteTextures
glDisable
glDisableClientState
glDrawBuffer
glDrawElements
glEnable
glEnableClientState
glEnd
glFinish
glGenTextures
glGetError
glGetIntegerv
glLoadIdentity
glMatrixMode
glOrtho
glPopAttrib
glPopMatrix
glPushAttrib
glPushMatrix
glReadBuffer
glTexCoord2f
glTexCoordPointer
glTexImage2D
glTexParameteri
glVertex2f
glVertexPointer
glViewport
wglGetCurrentContext
glGetTexLevelParameteriv
glTexParameterf
wglMakeCurrent
wglCreateContext
wglDeleteContext
kernel32
GetModuleHandleW
CreateFileW
OutputDebugStringW
OpenEventA
GetProcessHeap
HeapFree
ExpandEnvironmentStringsA
VerifyVersionInfoW
LoadLibraryW
VerSetConditionMask
SetLastError
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
GlobalFree
GetSystemDirectoryW
GetVersionExW
GetCurrentThreadId
OutputDebugStringA
GetCurrentProcessId
GetDynamicTimeZoneInformation
GetEnvironmentVariableW
CloseHandle
GetLastError
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetComputerNameExA
GetTickCount
MultiByteToWideChar
GetEnvironmentVariableA
ReleaseSemaphore
GetSystemInfo
GetProcAddress
WaitForMultipleObjects
CreateSemaphoreA
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetStdHandle
Sleep
FreeConsole
SetConsoleTitleA
AllocConsole
SetConsoleCtrlHandler
WriteConsoleA
QueryPerformanceCounter
QueryPerformanceFrequency
SetErrorMode
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
SleepEx
CreateEventA
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetThreadPriorityBoost
GetThreadPriority
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetPriorityClass
GetVersionExA
VirtualQuery
GlobalMemoryStatus
GetProcessWorkingSetSize
FormatMessageA
GetComputerNameA
SetStdHandle
FindClose
FindFirstFileA
FindNextFileA
GetLogicalDrives
ExitProcess
GetSystemDirectoryA
CopyFileA
FileTimeToSystemTime
CreateToolhelp32Snapshot
Process32First
Process32Next
GetModuleFileNameA
MoveFileExA
RaiseException
LoadLibraryExA
WaitForSingleObjectEx
GetModuleFileNameW
WideCharToMultiByte
CreateDirectoryW
SetFileAttributesW
DeleteFileW
DecodePointer
LocalAlloc
LocalFree
InitializeCriticalSectionAndSpinCount
user32
LoadCursorA
GetDC
DestroyWindow
LoadIconA
EnumDisplaySettingsA
FindWindowA
ExitWindowsEx
ReleaseDC
SetWindowPos
GetDlgItem
SetDlgItemTextA
GetActiveWindow
GetClientRect
GetWindowRect
MessageBoxA
SetWindowLongPtrA
SetClassLongPtrA
GetParent
FindWindowExA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
DefWindowProcA
RegisterClassA
UnregisterClassA
GetClassInfoA
CreateWindowExA
gdi32
SetPixelFormat
CreateSolidBrush
ChoosePixelFormat
DescribePixelFormat
advapi32
SetEntriesInAclW
RegOpenKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
ChangeServiceConfigW
RegQueryValueExW
StartServiceA
OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
GetUserNameA
CryptAcquireContextW
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptImportKey
CryptEncrypt
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
shell32
SHGetSpecialFolderPathW
SHGetFolderPathW
ole32
CoInitializeEx
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
oleaut32
VariantClear
SafeArrayGetElement
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
msvcr120
fflush
fgets
fopen
fputc
fwrite
_errno
_dsign
_dtest
_ldtest
strchr
strerror_s
strncpy
??0exception@std@@QEAA@XZ
??0exception@std@@QEAA@AEBQEBD@Z
??0exception@std@@QEAA@AEBV01@@Z
??1exception@std@@UEAA@XZ
isspace
isprint
tolower
localeconv
_wassert
strftime
_gmtime64_s
_localtime64_s
_time64
?what@exception@std@@UEBAPEBDXZ
memcmp
_vsnwprintf
mbstowcs
wcstombs
wcsncat
?terminate@@YAXXZ
??0exception@std@@QEAA@AEBQEBDH@Z
??0bad_cast@std@@QEAA@PEBD@Z
_localtime64
_mktime64
??0bad_cast@std@@QEAA@AEBV01@@Z
??1bad_cast@std@@UEAA@XZ
getenv
strcmp
printf
sprintf
atoi
strstr
_vacopy
_beginthread
_endthread
sscanf
exit
memchr
fread
_fstat64i32
vsprintf
realloc
strerror
strncmp
fgetc
rewind
atof
_ctime64
isdigit
isxdigit
_beginthreadex
_endthreadex
_control87
_fileno
freopen
fseek
remove
rename
_unlink
setvbuf
_stricmp
_stat64i32
_stat64
isalpha
isupper
_mkdir
_rmdir
_access
_chmod
_get_osfhandle
_getpid
_statusfp
signal
_wstat64i32
_mkgmtime64
wcsrchr
memcpy_s
fgetpos
fsetpos
_fseeki64
ungetc
_lock_file
_unlock_file
??8type_info@@QEBA_NAEBV0@@Z
??9type_info@@QEBA_NAEBV0@@Z
wcscpy_s
_wcsdup
wcsstr
wcstoull
_wcstoui64
vsprintf_s
wcscmp
iswalnum
towupper
_wfopen_s
isalnum
_strdup
__C_specific_handler
wcsnlen
abort
ferror
ftell
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_vsnprintf_s
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCaptureCurrentContext
__crtCapturePreviousContext
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
?_name_internal_method@type_info@@QEBAPEBDPEAU__type_info_node@@@Z
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
fclose
tanf
atanf
asinf
floor
_finite
calloc
tan
atan
_hypotf
logf
qsort
expf
powf
pow
log2f
log
exp
ceil
??_U@YAPEAX_K@Z
??_V@YAXPEAX@Z
sqrt
sin
memset
fmodf
fmod
cos
atan2f
atan2
asin
acosf
acos
_isnan
_finitef
floorf
ceilf
sqrtf
srand
rand
cosf
memcpy
__CxxFrameHandler3
_CxxThrowException
memmove
_hypot
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
_purecall
malloc
free
fprintf
__iob_func
_getcwd
_close
_open
_read
_write
_aligned_free
_aligned_malloc
_invalid_parameter_noinfo_noreturn
__RTDynamicCast
memmove_s
strtoul
wcschr
wcsncpy
strpbrk
strrchr
strtol
strtoll
wcspbrk
__sys_nerr
_gmtime64
feof
sinf
msvcp120
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?get@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QEBA?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEB_W4@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?exceptions@ios_base@std@@QEAAXH@Z
?_Getcat@?$codecvt@DDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDH@std@@QEBAHAEAHPEAD1AEAPEAD@Z
?out@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@H@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@H@2@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?_BADOFF@std@@3_JB
??_7_Facet_base@std@@6B@
?set_new_handler@std@@YAP6AXXZP6AXXZ@Z
?_Orphan_all@_Container_base0@std@@QEAAXXZ
?_Orphan_all@_Container_base12@std@@QEAAXXZ
??0_Container_base12@std@@QEAA@XZ
??1_Container_base12@std@@QEAA@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@H@2@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?id@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@2V0locale@2@A
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
?id@?$codecvt@_WDH@std@@2V0locale@2@A
??_7codecvt_base@std@@6B@
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@AEAH@Z
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??_7facet@locale@std@@6B@
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Ios_base_dtor@ios_base@std@@CAXPEAV12@@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$codecvt@_WDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$codecvt@_WDH@std@@QEAA@_K@Z
?in@?$codecvt@_WDH@std@@QEBAHAEAHPEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??Bid@locale@std@@QEAA_KXZ
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
_Mtx_destroy
_Mtx_init
?_Xbad_function_call@std@@YAXXZ
_Xtime_get_ticks
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uncaught_exception@std@@YA_NXZ
?_Winerror_map@std@@YAPEBDH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
iphlpapi
GetAdaptersInfo
GetIpAddrTable
winhttp
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetTimeouts
WinHttpGetProxyForUrl
WinHttpCloseHandle
WinHttpOpen
crypt32
CertFreeCertificateContext
shlwapi
PathAppendW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
Exports
Exports
Sections
.text Size: 8.8MB - Virtual size: 8.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.1MB - Virtual size: 5.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 269KB - Virtual size: 269KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 864B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ