41dad012a22cb57d2cd38adf995f30ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

41dad012a22cb57d2cd38adf995f30ef_JaffaCakes118
Size

159KB
MD5

41dad012a22cb57d2cd38adf995f30ef
SHA1

87a7f362cae17992644207cc1046d64fca257b27
SHA256

ecd75549ab1a13ed37bd9e44a39e760f0ab6e6d195d153f1cd4587ff2d826be7
SHA512

6b0cfb28e9df2618ed9b759e8be1dcde2cacb427694ca22f017c52497e3db173f11c99cf2ce333c0de5defd310336c982f3a0f9bb737d062bf536ced42223a95
SSDEEP

3072:Qm7LIY4KKhWeaAN3xWy8CHF9Tks6A6CYdGvbcqx69pP:P7dCW7KXH6T5dmbfk9pP

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/迷你测网速软件/Interop.IWshRuntimeLibrary.dll
unpack001/迷你测网速软件/Interop.SHDocVw.dll
unpack001/迷你测网速软件/config.exe
unpack001/迷你测网速软件/inetmib1.dll
unpack001/迷你测网速软件/msreg.dll
unpack001/迷你测网速软件/nsl.exe
unpack001/迷你测网速软件/nslu.exe
unpack001/迷你测网速软件/update.exe

Files

41dad012a22cb57d2cd38adf995f30ef_JaffaCakes118
.rar
迷你测网速软件/AnalogX Website.URL
.url
迷你测网速软件/Interop.IWshRuntimeLibrary.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
迷你测网速软件/Interop.SHDocVw.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
迷你测网速软件/config.exe
.exe windows:1 windows x86 arch:x86

fdde492e067a5c1d828e260be526d61a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
Shell_NotifyIconA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegSetValueExA

gdi32

AddFontResourceA
BitBlt
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
DeleteObject
ExtTextOutA
GetTextExtentPoint32A
GetTextMetricsA
RemoveFontResourceA
SelectObject
SetBkMode
SetTextColor

user32

BeginPaint
BringWindowToTop
CallWindowProcA
CharUpperBuffA
CloseClipboard
CreateWindowExA
DefWindowProcA
DeleteMenu
DestroyIcon
DestroyMenu
DialogBoxParamA
DispatchMessageA
DrawFrameControl
EnableWindow
EndDialog
EndPaint
FindWindowA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetMenu
GetMenuItemInfoA
GetMessageA
GetParent
GetSubMenu
GetSysColorBrush
GetSystemMetrics
GetUpdateRect
GetWindowLongA
GetWindowRect
InsertMenuItemA
InvalidateRect
IsIconic
LoadCursorA
LoadIconA
LoadMenuA
MessageBoxA
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
RegisterClassExA
RegisterHotKey
RegisterWindowMessageA
SendDlgItemMessageA
SendMessageA
SetDlgItemInt
SetDlgItemTextA
SetForegroundWindow
SetMenuItemInfoA
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TrackPopupMenu
TranslateMessage
UnregisterClassA
UnregisterHotKey
UpdateWindow

kernel32

AllocConsole
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
ExitThread
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetSystemDirectoryA
GetTempPathA
GetTickCount
GetTimeZoneInformation
GetVersionExA
GetVersion
GetWindowsDirectoryA
GlobalLock
GlobalSize
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MoveFileA
MultiByteToWideChar
ReadConsoleInputA
ReadFile
ReleaseMutex
ResetEvent
SetConsoleCtrlHandler
SetConsoleMode
SetConsoleTitleA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteFile

comctl32

InitCommonControlsEx

snmpapi

SnmpUtilVarBindFree

comdlg32

GetOpenFileNameA
GetSaveFileNameA

wsock32

WSACleanup
WSAStartup
gethostname
getservbyport
gethostbyname
gethostbyaddr
getpeername
getsockname
recv
send
ntohs
recvfrom
sendto
accept
listen
bind
select
connect
htons
shutdown
setsockopt
inet_ntoa
closesocket
socket
WSAGetLastError
getsockopt
__WSAFDIsSet

Sections

AUTO
Size: 88KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 13KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 9KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
迷你测网速软件/inetmib1.dll
.dll windows:5 windows x86 arch:x86

350aa6a1428aee89a9a1a8fd82868815

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt

printf

kernel32

GetComputerNameA
GetProcessHeap
GetProcAddress
LoadLibraryA
FreeLibrary
GetLastError
HeapFree
HeapAlloc
SetEvent
CreateEventA
CreateMutexA
ReleaseMutex
ResetEvent
WaitForSingleObject
GetTickCount
GetVersionExA
CloseHandle
HeapReAlloc

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

wsock32

htonl
ntohs
htons

user32

SetTimer
KillTimer

snmpapi

SnmpSvcGetEnterpriseOID
SnmpUtilMemFree
SnmpUtilMemAlloc
SnmpUtilOidCpy

Exports

Exports

SnmpExtensionInit
SnmpExtensionInitEx
SnmpExtensionQuery
SnmpExtensionTrap

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
迷你测网速软件/msreg.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\项目\域名劫持\BHO\obj\Debug\msreg.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
迷你测网速软件/nsl.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\项目\域名劫持\setup\setupBHO\setupBHO\obj\Debug\插件.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
迷你测网速软件/nsl.txt
迷你测网速软件/nslu.exe
.exe windows:1 windows x86 arch:x86

948d4bc0546bff8137199e297ae63d77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
CoInitialize
CoUninitialize
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegSetValueExA

gdi32

AddFontResourceA
CreateFontIndirectA
DeleteObject
ExtTextOutA
GetDeviceCaps
GetTextExtentPoint32A
GetTextMetricsA
RemoveFontResourceA
SelectObject
SetBkMode
SetTextColor

user32

BringWindowToTop
CharUpperBuffA
CreateDialogParamA
DeleteMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowA
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetMenuItemInfoA
GetMessageA
GetParent
GetWindowRect
InsertMenuItemA
IsIconic
MessageBoxA
PeekMessageA
RegisterHotKey
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemInt
SetDlgItemTextA
SetMenuItemInfoA
SetWindowPos
SetWindowTextA
ShowWindow
ShowWindowAsync
TranslateMessage
UnregisterHotKey

kernel32

AllocConsole
CloseHandle
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetTimeZoneInformation
GetVersionExA
GetVersion
GetWindowsDirectoryA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LocalFileTimeToFileTime
MoveFileA
MultiByteToWideChar
OpenProcess
ReadConsoleInputA
ReadFile
ReleaseMutex
RemoveDirectoryA
SetConsoleCtrlHandler
SetConsoleMode
SetConsoleTitleA
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteFile

comctl32

InitCommonControlsEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA

wsock32

WSACleanup
WSAStartup
gethostname
getservbyport
gethostbyname
gethostbyaddr
getpeername
getsockname
recv
send
ntohs
recvfrom
sendto
accept
listen
bind
select
connect
htons
shutdown
setsockopt
inet_ntoa
closesocket
socket
WSAGetLastError
getsockopt
__WSAFDIsSet

Sections

AUTO
Size: 68KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 16KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 12KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
迷你测网速软件/readme.txt
迷你测网速软件/update.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

RegAsm.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
迷你测网速软件/新云软件.url
.url
迷你测网速软件/绿盟.url

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 36KB - Virtual size: 34KB

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 4KB - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 116KB - Virtual size: 114KB

.rsrc Size: 4KB - Virtual size: 824B

.reloc Size: 4KB - Virtual size: 12B

fdde492e067a5c1d828e260be526d61a

Headers

File Characteristics

Imports

shell32

advapi32

gdi32

user32

kernel32

comctl32

snmpapi

comdlg32

wsock32

Sections

AUTO Size: 88KB - Virtual size:

.idata Size: 5KB - Virtual size:

DGROUP Size: 13KB - Virtual size:

.bss Size: 9KB - Virtual size:

.reloc Size: 6KB - Virtual size:

.rsrc Size: 10KB - Virtual size:

350aa6a1428aee89a9a1a8fd82868815

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

wsock32

user32

snmpapi

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 20KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 4KB - Virtual size: 1KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 4KB - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

.text
Size: 36KB - Virtual size: 34KB

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 116KB - Virtual size: 114KB

.rsrc
Size: 4KB - Virtual size: 824B

.reloc
Size: 4KB - Virtual size: 12B

AUTO
Size: 88KB - Virtual size:

.idata
Size: 5KB - Virtual size:

DGROUP
Size: 13KB - Virtual size:

.bss
Size: 9KB - Virtual size:

.reloc
Size: 6KB - Virtual size:

.rsrc
Size: 10KB - Virtual size:

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 12B

AUTO
Size: 68KB - Virtual size:

.idata
Size: 5KB - Virtual size:

DGROUP
Size: 16KB - Virtual size:

.bss
Size: 12KB - Virtual size:

.reloc
Size: 4KB - Virtual size:

.rsrc
Size: 5KB - Virtual size:

.text
Size: 40KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B