Static task
static1
Behavioral task
behavioral1
Sample
427e31adf36a6dbc42cc76629038e22f_JaffaCakes118.exe
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral2
Sample
427e31adf36a6dbc42cc76629038e22f_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
General
-
Target
427e31adf36a6dbc42cc76629038e22f_JaffaCakes118
-
Size
554KB
-
MD5
427e31adf36a6dbc42cc76629038e22f
-
SHA1
1d4c77f6f989f4c824a25218327609e6b07433d1
-
SHA256
6f5e51691b83d940936c26df6350d0c82c334bc72c080cfeafee07797c61e7be
-
SHA512
c8cfd697bef524bef958c6d985ac6213c55a1b0f7604341baf2e0258b87e44bc8265b274417fc227beb362528f203dca6e32b723b88463982904d3788c2cc203
-
SSDEEP
6144:NtKxrd6ecvlyx91fzsgSELo9I8WqEiwmfRdhcNlch4/9uKkO0CKavtzdtEVEmRmO:NtC8lCLMpWywBcm/t1zdtQZQO+V
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 427e31adf36a6dbc42cc76629038e22f_JaffaCakes118
Files
-
427e31adf36a6dbc42cc76629038e22f_JaffaCakes118.exe windows:4 windows x86 arch:x86
37437421d3e469ae7b64acbd2ba93af6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
wsock32
bind
getsockopt
__WSAFDIsSet
WSASetLastError
recv
gethostbyname
ord1107
htons
WSAAsyncGetProtoByNumber
WSAAsyncGetServByName
WSAAsyncGetServByPort
ord1141
WSAAsyncSelect
WSASetBlockingHook
gethostname
ord1112
WSAAsyncGetHostByAddr
ntohs
WSAIsBlocking
send
ord1118
ord1142
WSACancelBlockingCall
htonl
ord1115
getsockname
ord1120
ord1109
getservbyport
ord1106
ord1116
ord1108
connect
recvfrom
ord1117
ord1111
shutdown
select
ord1113
ord1119
closesocket
WSAAsyncGetHostByName
getservbyname
WSAUnhookBlockingHook
ioctlsocket
getprotobyname
WEP
gethostbyaddr
inet_ntoa
WSACleanup
accept
ntohl
ord1114
ord1000
listen
inet_addr
ord1130
WSAGetLastError
ord1110
WSACancelAsyncRequest
socket
ord1140
getprotobynumber
kernel32
ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
AddAtomW
MoveFileExA
OpenSemaphoreA
GetCalendarInfoW
SetConsoleActiveScreenBuffer
GlobalUnfix
OpenFileMappingW
GetProcessHeaps
SetConsoleTextAttribute
InitializeCriticalSection
DeleteFileA
SetFileAttributesW
EnumCalendarInfoExA
GlobalHandle
ReleaseSemaphore
GetLargestConsoleWindowSize
SetTimeZoneInformation
OpenSemaphoreW
VirtualQueryEx
CreateSemaphoreW
LockResource
Heap32ListNext
EnumSystemLocalesA
GetDiskFreeSpaceA
SuspendThread
GetEnvironmentVariableW
UpdateResourceA
LoadModule
GetNamedPipeInfo
SetFilePointer
LocalFileTimeToFileTime
GetThreadLocale
GlobalReAlloc
FindFirstFileW
WaitCommEvent
SetFileTime
GetStdHandle
FreeResource
GetPrivateProfileStringA
EnumDateFormatsA
GlobalGetAtomNameW
FindResourceExW
SetEnvironmentVariableA
TlsAlloc
SetLastError
GetProfileSectionW
HeapCompact
ResetWriteWatch
SetThreadAffinityMask
CreateDirectoryExA
lstrcpynW
DefineDosDeviceA
GetLocaleInfoW
FormatMessageW
ResumeThread
ResetEvent
CreateMailslotA
GetComputerNameW
FindFirstChangeNotificationA
Heap32First
GetHandleInformation
GetPrivateProfileSectionNamesW
FindResourceExA
GetCurrentDirectoryW
EnumDateFormatsExW
OpenProcess
FindNextChangeNotification
WriteConsoleOutputCharacterW
GetProcessPriorityBoost
OpenFile
GetSystemTimeAdjustment
TlsSetValue
GetStartupInfoW
FindAtomA
OpenMutexA
VirtualLock
SetThreadPriorityBoost
WaitNamedPipeA
GetQueuedCompletionStatus
RemoveDirectoryW
FindResourceA
SleepEx
GetThreadPriority
GetCompressedFileSizeA
LocalFree
EraseTape
GlobalFree
WritePrivateProfileStructW
GetFileInformationByHandle
WritePrivateProfileSectionW
GetFileAttributesA
GetConsoleCursorInfo
GetConsoleTitleW
CompareFileTime
ConvertDefaultLocale
GetDiskFreeSpaceW
SetSystemTimeAdjustment
SetConsoleCursorPosition
GetCurrencyFormatW
GetProcAddress
GetEnvironmentStringsW
SetEndOfFile
GetVersion
BeginUpdateResourceA
LocalUnlock
CloseHandle
ReadConsoleInputA
WriteConsoleOutputW
CreateProcessA
EnumResourceTypesA
WritePrivateProfileStringA
SetLocaleInfoW
GetUserDefaultLCID
CreateMailslotW
GetFileType
FindNextFileA
lstrcatA
FindAtomW
GetFileAttributesW
lstrcpyn
GlobalFindAtomA
GetTimeZoneInformation
SetThreadContext
CompareStringA
VirtualProtect
GetProfileSectionA
GetComputerNameA
GetLocalTime
GetProcessShutdownParameters
CreateDirectoryExW
GetWriteWatch
LockFileEx
GetVolumeInformationA
WriteConsoleA
LocalCompact
OutputDebugStringA
PeekConsoleInputW
CopyFileExA
GetSystemDefaultLCID
lstrlenW
CreateSemaphoreA
DebugBreak
lstrcpyW
ReadFile
CreateFileA
GetNumberFormatW
CreateFileW
OpenWaitableTimerW
GetDateFormatW
lstrcmpiA
ReadProcessMemory
DisableThreadLibraryCalls
SignalObjectAndWait
TlsGetValue
FoldStringA
EnterCriticalSection
EnumResourceLanguagesW
TryEnterCriticalSection
Module32First
GetLongPathNameA
FileTimeToLocalFileTime
WinExec
WriteConsoleInputA
SetThreadIdealProcessor
ReadConsoleOutputW
GetNamedPipeHandleStateW
LocalReAlloc
InterlockedCompareExchange
FlushInstructionCache
PeekNamedPipe
DisconnectNamedPipe
OpenWaitableTimerA
InterlockedIncrement
GetPrivateProfileStringW
CreateMutexW
SearchPathW
GetEnvironmentStrings
GetStringTypeExA
EnumDateFormatsExA
GetTempFileNameA
ReadFileScatter
VirtualProtectEx
Thread32Next
ReadFileEx
LoadLibraryExW
WriteConsoleOutputA
EnumSystemCodePagesW
GetTempFileNameW
IsValidLocale
CreateDirectoryA
EnumResourceTypesW
lstrcmpi
GetExitCodeThread
GetProcessTimes
FoldStringW
GetModuleFileNameW
EnumResourceLanguagesA
GlobalFlags
CreateNamedPipeW
ReadConsoleOutputA
GetDriveTypeW
GlobalFix
ReadConsoleW
GetExitCodeProcess
WaitForMultipleObjects
EnumResourceNamesW
GetNumberOfConsoleMouseButtons
FillConsoleOutputCharacterA
SetConsoleWindowInfo
CreateEventW
CreateProcessW
lstrcmpiW
GetProfileStringA
UnhandledExceptionFilter
WriteFileGather
GetConsoleCP
WaitForSingleObject
VirtualFreeEx
GetConsoleOutputCP
GetSystemTime
EnumCalendarInfoW
HeapUnlock
EnumCalendarInfoExW
FreeLibrary
GlobalCompact
GlobalUnWire
FindClose
EnumCalendarInfoA
GetTempPathA
GetWindowsDirectoryW
EnumTimeFormatsA
GetPrivateProfileSectionW
SetEvent
HeapLock
GetStringTypeA
WriteProfileStringW
WaitNamedPipeW
FreeConsole
GetProcessAffinityMask
GetLogicalDriveStringsW
FindResourceW
GetShortPathNameA
GetMailslotInfo
GetUserDefaultLangID
FindFirstFileExW
GetProfileStringW
SetThreadExecutionState
EnumSystemLocalesW
RtlMoveMemory
ConnectNamedPipe
CreatePipe
SetEnvironmentVariableW
GetVersionExW
WriteConsoleOutputAttribute
SetVolumeLabelA
SetConsoleCursorInfo
ReadConsoleA
RtlZeroMemory
GetNamedPipeHandleStateA
LocalShrink
GetThreadTimes
LoadLibraryW
GetProcessHeap
GetShortPathNameW
GetConsoleScreenBufferInfo
GetDiskFreeSpaceExW
LocalLock
GetLongPathNameW
GlobalAddAtomA
WideCharToMultiByte
DuplicateHandle
lstrlenA
VirtualUnlock
SetCriticalSectionSpinCount
EnumTimeFormatsW
GlobalGetAtomNameA
GetNumberOfConsoleInputEvents
GetSystemDirectoryA
CreateFileMappingA
ReadConsoleOutputCharacterA
ExitThread
CreateMutexA
LeaveCriticalSection
GetThreadSelectorEntry
GetAtomNameW
OpenMutexW
WriteConsoleW
FindNextFileW
GetProfileIntA
ReadDirectoryChangesW
SetThreadLocale
SetPriorityClass
CreateDirectoryW
HeapCreate
SetHandleCount
GetCommandLineW
GetFullPathNameW
GetProfileIntW
GlobalAddAtomW
EnumSystemCodePagesA
WriteProfileSectionA
OpenEventA
VirtualAllocEx
FileTimeToDosDateTime
FillConsoleOutputAttribute
FindFirstFileA
WaitForDebugEvent
lstrcmpA
GlobalAlloc
GetModuleHandleW
GetCommandLineA
FormatMessageA
SetConsoleTitleW
CreateThread
lstrlen
GlobalWire
WriteFile
user32
RegisterClipboardFormatW
DispatchMessageW
LoadImageW
GetTopWindow
SetCapture
GetUpdateRgn
RegisterClipboardFormatA
GrayStringA
BlockInput
GetWindowPlacement
DdeImpersonateClient
ReplyMessage
ReuseDDElParam
GetClassNameW
CharLowerBuffA
GetProcessDefaultLayout
SendDlgItemMessageW
GetMenuContextHelpId
GetGUIThreadInfo
RealGetWindowClass
OpenWindowStationW
CharPrevExA
SetCaretPos
IsMenu
VkKeyScanA
OpenClipboard
SendNotifyMessageA
GetMenuStringW
ShowCursor
DdeQueryNextServer
CallMsgFilter
ChangeMenuA
ClientToScreen
GetIconInfo
GetWindowWord
CopyRect
DdeAddData
DrawCaption
GetWindowThreadProcessId
GetWindowLongW
GetMessagePos
GetCapture
DestroyCaret
OemToCharA
wsprintfW
GetClassLongW
TabbedTextOutA
LoadCursorW
GetMenuItemInfoA
WaitForInputIdle
IsWindowUnicode
DrawTextExW
SetLastErrorEx
LoadBitmapW
DestroyCursor
EndPaint
GetClipboardFormatNameA
WINNLSGetIMEHotkey
CallMsgFilterA
GetAsyncKeyState
SetRectEmpty
EnumPropsA
ClipCursor
ChangeDisplaySettingsA
GetWindowInfo
ShowOwnedPopups
EnumWindows
SetMessageExtraInfo
GetQueueStatus
InvalidateRgn
WinHelpA
RedrawWindow
UnionRect
GetKeyboardLayoutNameA
SetProcessDefaultLayout
GetTitleBarInfo
GetKeyNameTextA
ToUnicodeEx
SendInput
SystemParametersInfoW
PeekMessageA
TrackPopupMenu
InsertMenuItemW
GetWindowRgn
IsCharUpperA
GetDlgItemTextW
ValidateRect
GetInputState
DestroyIcon
GetDialogBaseUnits
EnumChildWindows
CheckRadioButton
DdeQueryConvInfo
GetWindowModuleFileNameW
VkKeyScanExA
SendMessageTimeoutW
RegisterClassW
DefFrameProcW
CharUpperA
ShowCaret
CharPrevW
PackDDElParam
InSendMessage
DdeFreeStringHandle
SetDeskWallpaper
ExitWindowsEx
CloseClipboard
ImpersonateDdeClientWindow
FillRect
GetUserObjectInformationW
DdeCreateStringHandleW
CloseWindow
SetScrollRange
EnumDisplaySettingsA
SetDlgItemInt
ScrollWindowEx
SetWindowsHookW
RegisterClassA
GetKeyNameTextW
IsCharAlphaNumericA
DlgDirSelectExA
SendDlgItemMessageA
CreateCaret
CharLowerBuffW
RegisterWindowMessageW
CascadeChildWindows
DragObject
InSendMessageEx
GetKeyboardLayoutList
DrawFrameControl
DdeInitializeA
CallWindowProcA
GetKeyboardLayoutNameW
ToUnicode
SetForegroundWindow
IsDialogMessageW
CreateAcceleratorTableW
DrawMenuBar
GetNextDlgTabItem
VkKeyScanW
GetProcessWindowStation
GetOpenClipboardWindow
DlgDirListComboBoxA
EnableMenuItem
GetForegroundWindow
CharNextW
CreateMenu
GetClassInfoExW
GetWindowTextLengthA
CloseDesktop
IntersectRect
GetFocus
GetActiveWindow
ToAsciiEx
ChangeClipboardChain
GetWindow
SetDoubleClickTime
MapDialogRect
FindWindowA
EnumThreadWindows
InternalGetWindowText
SetWindowWord
SetDebugErrorLevel
GetWindowContextHelpId
IsCharLowerW
PeekMessageW
LockWindowUpdate
GetMenuItemRect
TranslateAcceleratorA
ArrangeIconicWindows
InsertMenuA
GetComboBoxInfo
BeginDeferWindowPos
DestroyAcceleratorTable
GetCaretPos
SetTimer
SetPropW
SetUserObjectInformationW
DdeDisconnect
GetClipboardFormatNameW
ToAscii
GetMenuCheckMarkDimensions
RealChildWindowFromPoint
GetClipCursor
DrawIconEx
MapVirtualKeyExW
RegisterDeviceNotificationW
GetMenuItemCount
WinHelpW
DialogBoxIndirectParamW
PostThreadMessageA
ShowWindowAsync
SwitchDesktop
GetThreadDesktop
SetActiveWindow
OemToCharBuffA
DdeUnaccessData
CopyImage
DefMDIChildProcW
InvalidateRect
EndTask
SetProcessWindowStation
SetSysColors
DrawEdge
DestroyWindow
TabbedTextOutW
DrawIcon
IsCharAlphaNumericW
DrawStateA
MessageBeep
LoadKeyboardLayoutA
EnumDesktopWindows
ScrollWindow
GetKeyState
EnumDisplaySettingsExA
EndDeferWindowPos
FindWindowExW
OpenIcon
FreeDDElParam
LoadIconA
wvsprintfA
GetUserObjectInformationA
SetClassLongW
DefWindowProcA
MapVirtualKeyA
LoadMenuIndirectA
GetWindowTextLengthW
BeginPaint
DlgDirSelectComboBoxExW
CheckMenuItem
DdeNameService
GetKeyboardState
RemoveMenu
CopyAcceleratorTableW
CreateWindowStationA
GetListBoxInfo
CharUpperBuffW
EnumDisplayDevicesA
SendIMEMessageExW
FindWindowW
SetMessageQueue
DrawStateW
SetWindowsHookA
GetCursorInfo
MsgWaitForMultipleObjectsEx
AdjustWindowRectEx
CreateDialogParamW
GetWindowDC
CreateIconFromResourceEx
EndDialog
LoadMenuW
SetMenuItemInfoA
DefWindowProcW
FlashWindowEx
EnumClipboardFormats
MoveWindow
SetWindowPos
TranslateAccelerator
SetKeyboardState
RemovePropW
DdeAccessData
LoadMenuIndirectW
DdeCmpStringHandles
MessageBoxIndirectW
GetDCEx
GetWindowModuleFileNameA
GetCaretBlinkTime
OemKeyScan
SetParent
DdeAbandonTransaction
LoadAcceleratorsW
EnableWindow
GetMessageTime
DdeFreeDataHandle
CharLowerA
LoadImageA
DdeClientTransaction
SetMenuItemBitmaps
LookupIconIdFromDirectory
GetKeyboardLayout
SubtractRect
TrackMouseEvent
DdeSetUserHandle
FrameRect
IsWindowVisible
DdeCreateDataHandle
MapVirtualKeyExA
DdeGetLastError
IsChild
GetClassInfoExA
GetWindowRect
DeleteMenu
OpenInputDesktop
InflateRect
UnhookWindowsHookEx
PtInRect
GrayStringW
WaitMessage
CheckDlgButton
GetSysColorBrush
DdeInitializeW
DdeConnect
KillTimer
SetScrollInfo
InsertMenuItemA
CharNextA
DefDlgProcA
GetClipboardSequenceNumber
LoadAcceleratorsA
CreateDialogIndirectParamA
CharUpperBuffA
GetMenuStringA
GetSubMenu
OpenDesktopA
IsRectEmpty
UnpackDDElParam
SetWindowContextHelpId
CloseWindowStation
SetScrollPos
OpenWindowStationA
BringWindowToTop
OffsetRect
DrawTextExA
DdeUninitialize
SetThreadDesktop
ChildWindowFromPoint
IsDlgButtonChecked
UnregisterClassA
EqualRect
NotifyWinEvent
EnumWindowStationsA
VkKeyScanExW
LoadStringW
CharUpperW
DdeKeepStringHandle
InsertMenuW
GetMenuInfo
AdjustWindowRect
SetMenuItemInfoW
GetDoubleClickTime
CreateAcceleratorTableA
DialogBoxIndirectParamA
SetWindowsHookExA
CreateDialogParamA
PostMessageW
MessageBoxIndirectA
ModifyMenuW
RegisterClassExW
DlgDirListComboBoxW
CharPrevA
SwitchToThisWindow
CopyIcon
GetClipboardOwner
SendMessageW
SetClassWord
SetMenuDefaultItem
SetSystemCursor
UnhookWinEvent
ValidateRgn
GetUpdateRect
CallMsgFilterW
DialogBoxParamW
RegisterClassExA
TranslateMDISysAccel
LoadMenuA
OemToCharW
wsprintfA
wvsprintfW
LoadKeyboardLayoutW
EmptyClipboard
GetSysColor
GetUserObjectSecurity
DrawTextA
MonitorFromRect
GetInputDesktop
EnumDisplayDevicesW
DdeConnectList
CountClipboardFormats
IsCharAlphaW
IsDialogMessageA
BroadcastSystemMessageW
GetScrollBarInfo
MsgWaitForMultipleObjects
DragDetect
CreateIconFromResource
ShowScrollBar
GetMenuState
GetWindowTextA
GetClassNameA
EditWndProc
AppendMenuA
IsWindow
CreateDesktopA
ReleaseCapture
TileChildWindows
DrawTextW
SetWindowTextA
GetLastActivePopup
DdeReconnect
SetMenuInfo
GetDlgItem
DdeQueryStringW
EnumDesktopsA
GetMonitorInfoW
TrackPopupMenuEx
CopyAcceleratorTableA
CheckMenuRadioItem
DdeQueryStringA
GetKeyboardType
GetWindowTextW
GetClipboardData
EndMenu
GetPropW
ScreenToClient
SetWindowRgn
LoadStringA
UpdateWindow
MessageBoxW
PostThreadMessageW
DispatchMessageA
ModifyMenuA
GetDC
LoadIconW
DialogBoxParamA
GetSystemMenu
DrawAnimatedRects
WindowFromDC
CharToOemA
GetPropA
PostQuitMessage
IsCharAlphaA
GetWindowLongA
UnloadKeyboardLayout
GetClassInfoW
SetWinEventHook
DefMDIChildProcA
SetWindowLongA
GetAltTabInfo
DdeSetQualityOfService
EnumPropsExA
LoadCursorFromFileW
ExcludeUpdateRgn
RegisterHotKey
DdeDisconnectList
GetParent
SetUserObjectInformationA
UnregisterHotKey
GetDesktopWindow
SetMenuContextHelpId
SetCaretBlinkTime
CharToOemBuffA
SetWindowTextW
GetKBCodePage
EnumWindowStationsW
DeferWindowPos
MonitorFromPoint
CharToOemW
WINNLSGetEnableStatus
IsDialogMessage
EnumDisplaySettingsW
WINNLSEnableIME
CallWindowProcW
GetTabbedTextExtentW
GetDlgCtrlID
LookupIconIdFromDirectoryEx
GetClassInfoA
CreatePopupMenu
GetMonitorInfoA
EnumDisplayMonitors
LoadCursorFromFileA
CreateWindowExW
UnregisterDeviceNotification
EnumDisplaySettingsExW
ChangeDisplaySettingsW
DefFrameProcA
PostMessageA
SetPropA
IsCharUpperW
DdeGetData
DdePostAdvise
SetCursor
CreateIcon
GetMessageExtraInfo
SetWindowPlacement
GetMenuDefaultItem
RegisterDeviceNotificationA
EnumPropsExW
OpenDesktopW
SendMessageTimeoutA
MessageBoxExA
GetMenuItemInfoW
ChildWindowFromPointEx
SetRect
SetDlgItemTextW
MapVirtualKeyW
MenuItemFromPoint
GetMenu
LoadBitmapA
SendIMEMessageExA
SetDlgItemTextA
comdlg32
ChooseColorW
ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetOpenFileNameW
PrintDlgA
PageSetupDlgW
ChooseFontW
GetSaveFileNameW
PrintDlgW
FindTextA
shell32
SHFileOperationA
SheChangeDirExW
SHGetDiskFreeSpaceA
DragFinish
DragQueryPoint
SHFileOperationW
ShellExecuteEx
ExtractIconEx
DragQueryFileA
SHBrowseForFolderW
SHFreeNameMappings
InternalExtractIconListW
SHUpdateRecycleBinIcon
ShellExecuteA
SHQueryRecycleBinA
SHFileOperation
SHGetMalloc
SHBrowseForFolderA
SHGetSettings
SHEmptyRecycleBinA
SHBrowseForFolder
SHGetFileInfoA
FindExecutableA
ShellExecuteExA
SHGetFileInfoW
SHGetPathFromIDListA
FindExecutableW
SHGetFileInfo
DragQueryFileAorW
SHGetDataFromIDListA
RealShellExecuteW
SHGetSpecialFolderLocation
DuplicateIcon
SHInvokePrinterCommandA
SHGetInstanceExplorer
SHEmptyRecycleBinW
RealShellExecuteA
CheckEscapesW
SHFormatDrive
ExtractIconExW
SHGetDataFromIDListW
SHAddToRecentDocs
DragQueryFileW
ShellAboutA
ExtractIconA
ExtractAssociatedIconA
SHGetSpecialFolderPathW
ExtractAssociatedIconExW
DoEnvironmentSubstW
SHLoadInProc
SheChangeDirA
ExtractAssociatedIconW
SHAppBarMessage
Sections
.text Size: 138KB - Virtual size: 138KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 176KB - Virtual size: 175KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: 239KB - Virtual size: 238KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE