d:\Case\Fs4\Prog\GameLoader\GameLoader\Release\GameLoader.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
5c165d937bd5e216553ca96d8273ea9f_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
5c165d937bd5e216553ca96d8273ea9f_JaffaCakes118.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
5c165d937bd5e216553ca96d8273ea9f_JaffaCakes118
-
Size
876KB
-
MD5
5c165d937bd5e216553ca96d8273ea9f
-
SHA1
0e9f0e5aaa09c183fde3e569f76fc951695d5d4b
-
SHA256
1b459d78865d05fdcc223bc153893248a5cee48d7de6a399bba3567b62b0bff4
-
SHA512
3821577438b8cadfb5ce2399378936457fb9b8077c968bd6b341511cc42677f7edb047720cd03e5cdceff3c2591a4ac2ffaa724b998e920f2aed131e05d5acc5
-
SSDEEP
24576:od4VMkz7l9LhHIOx6zakdERhdjZgnUeXEh3Lx4r:JVMkzBzoFURhdjUUeXKNA
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5c165d937bd5e216553ca96d8273ea9f_JaffaCakes118
Files
-
5c165d937bd5e216553ca96d8273ea9f_JaffaCakes118.exe windows:4 windows x86 arch:x86
b8f72db1123182e847f7257552755d0a
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
wininet
InternetCheckConnectionA
xerces-c_2_7
?resolveEntity@SAXParser@xercesc_2_7@@UAEPAVInputSource@2@QBG00@Z
?resolveEntity@SAXParser@xercesc_2_7@@UAEPAVInputSource@2@PAVXMLResourceIdentifier@2@@Z
?resetEntities@SAXParser@xercesc_2_7@@UAEXXZ
?expandSystemId@SAXParser@xercesc_2_7@@UAE_NQBGAAVXMLBuffer@2@@Z
?endInputSource@SAXParser@xercesc_2_7@@UAEXABVInputSource@2@@Z
?resetErrors@SAXParser@xercesc_2_7@@UAEXXZ
?error@SAXParser@xercesc_2_7@@UAEXIQBGW4ErrTypes@XMLErrorReporter@2@000JJ@Z
?elementTypeInfo@XMLDocumentHandler@xercesc_2_7@@UAEXQBG0@Z
?XMLDecl@SAXParser@xercesc_2_7@@UAEXQBG000@Z
?startEntityReference@SAXParser@xercesc_2_7@@UAEXABVXMLEntityDecl@2@@Z
?startElement@SAXParser@xercesc_2_7@@UAEXABVXMLElementDecl@2@IQBGABV?$RefVectorOf@VXMLAttr@xercesc_2_7@@@2@I_N3@Z
?startDocument@SAXParser@xercesc_2_7@@UAEXXZ
?attDef@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@ABVDTDAttDef@2@_N@Z
?doctypeComment@SAXParser@xercesc_2_7@@UAEXQBG@Z
?doctypeDecl@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@QBG1_N2@Z
?doctypePI@SAXParser@xercesc_2_7@@UAEXQBG0@Z
?doctypeWhitespace@SAXParser@xercesc_2_7@@UAEXQBGI@Z
?elementDecl@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@_N@Z
?endAttList@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@@Z
?endIntSubset@SAXParser@xercesc_2_7@@UAEXXZ
?endExtSubset@SAXParser@xercesc_2_7@@UAEXXZ
?entityDecl@SAXParser@xercesc_2_7@@UAEXABVDTDEntityDecl@2@_N1@Z
?resetDocType@SAXParser@xercesc_2_7@@UAEXXZ
?notationDecl@SAXParser@xercesc_2_7@@UAEXABVXMLNotationDecl@2@_N@Z
?startAttList@SAXParser@xercesc_2_7@@UAEXABVDTDElementDecl@2@@Z
?startIntSubset@SAXParser@xercesc_2_7@@UAEXXZ
?startExtSubset@SAXParser@xercesc_2_7@@UAEXXZ
?TextDecl@SAXParser@xercesc_2_7@@UAEXQBG0@Z
?makeStream@MemBufInputSource@xercesc_2_7@@UBEPAVBinInputStream@2@XZ
?getEncoding@InputSource@xercesc_2_7@@UBEPBGXZ
?getPublicId@InputSource@xercesc_2_7@@UBEPBGXZ
?getSystemId@InputSource@xercesc_2_7@@UBEPBGXZ
?getIssueFatalErrorIfNotFound@InputSource@xercesc_2_7@@UBE_NXZ
?setEncoding@InputSource@xercesc_2_7@@UAEXQBG@Z
?setPublicId@InputSource@xercesc_2_7@@UAEXQBG@Z
?setSystemId@InputSource@xercesc_2_7@@UAEXQBG@Z
?setIssueFatalErrorIfNotFound@InputSource@xercesc_2_7@@UAEX_N@Z
?fgXercescDefaultLocale@XMLUni@xercesc_2_7@@2QBDB
?Initialize@XMLPlatformUtils@xercesc_2_7@@SAXQBD0QAVPanicHandler@2@QAVMemoryManager@2@_N@Z
?getDOMImplementation@DOMImplementationRegistry@xercesc_2_7@@SAPAVDOMImplementation@2@PBG@Z
?fgMemoryManager@XMLPlatformUtils@xercesc_2_7@@2PAVMemoryManager@2@A
?Terminate@XMLPlatformUtils@xercesc_2_7@@SAXXZ
?fgDOMNamespaces@XMLUni@xercesc_2_7@@2QBGB
?fgXercesSchema@XMLUni@xercesc_2_7@@2QBGB
?fgXercesSchemaFullChecking@XMLUni@xercesc_2_7@@2QBGB
?startInputSource@SAXParser@xercesc_2_7@@UAEXABVInputSource@2@@Z
?fgDOMDatatypeNormalization@XMLUni@xercesc_2_7@@2QBGB
??1HandlerBase@xercesc_2_7@@UAE@XZ
??0HandlerBase@xercesc_2_7@@QAE@XZ
?resolveEntity@HandlerBase@xercesc_2_7@@UAEPAVInputSource@2@QBG0@Z
?notationDecl@HandlerBase@xercesc_2_7@@UAEXQBG00@Z
?unparsedEntityDecl@HandlerBase@xercesc_2_7@@UAEXQBG000@Z
?resetDocType@HandlerBase@xercesc_2_7@@UAEXXZ
?endDocument@HandlerBase@xercesc_2_7@@UAEXXZ
?resetDocument@SAXParser@xercesc_2_7@@UAEXXZ
?ignorableWhitespace@SAXParser@xercesc_2_7@@UAEXQBGI_N@Z
?endEntityReference@SAXParser@xercesc_2_7@@UAEXABVXMLEntityDecl@2@@Z
?endElement@SAXParser@xercesc_2_7@@UAEXABVXMLElementDecl@2@I_NQBG@Z
?endDocument@SAXParser@xercesc_2_7@@UAEXXZ
?docPI@SAXParser@xercesc_2_7@@UAEXQBG0@Z
?docComment@SAXParser@xercesc_2_7@@UAEXQBG@Z
?docCharacters@SAXParser@xercesc_2_7@@UAEXQBGI_N@Z
?setXMLEntityResolver@SAXParser@xercesc_2_7@@UAEXQAVXMLEntityResolver@2@@Z
?setPSVIHandler@SAXParser@xercesc_2_7@@UAEXQAVPSVIHandler@2@@Z
?parse@SAXParser@xercesc_2_7@@UAEXABVInputSource@2@@Z
?parse@SAXParser@xercesc_2_7@@UAEXQBG@Z
?parse@SAXParser@xercesc_2_7@@UAEXQBD@Z
?setErrorHandler@SAXParser@xercesc_2_7@@UAEXQAVErrorHandler@2@@Z
?setDocumentHandler@SAXParser@xercesc_2_7@@UAEXQAVDocumentHandler@2@@Z
?setDTDHandler@SAXParser@xercesc_2_7@@UAEXQAVDTDHandler@2@@Z
?setEntityResolver@SAXParser@xercesc_2_7@@UAEXQAVEntityResolver@2@@Z
??3XMemory@xercesc_2_7@@SAXPAX@Z
?getErrorCount@SAXParser@xercesc_2_7@@QBEHXZ
??0MemBufInputSource@xercesc_2_7@@QAE@QBEIQBD_NQAVMemoryManager@1@@Z
?setValidationSchemaFullChecking@SAXParser@xercesc_2_7@@QAEX_N@Z
?setDoSchema@SAXParser@xercesc_2_7@@QAEX_N@Z
?setDoNamespaces@SAXParser@xercesc_2_7@@QAEX_N@Z
?setValidationScheme@SAXParser@xercesc_2_7@@QAEXW4ValSchemes@12@@Z
??0SAXParser@xercesc_2_7@@QAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??2XMemory@xercesc_2_7@@SAPAXI@Z
??1SAXParser@xercesc_2_7@@UAE@XZ
??1MemBufInputSource@xercesc_2_7@@UAE@XZ
?endElement@HandlerBase@xercesc_2_7@@UAEXQBG@Z
?processingInstruction@HandlerBase@xercesc_2_7@@UAEXQBG0@Z
?resetDocument@HandlerBase@xercesc_2_7@@UAEXXZ
?setDocumentLocator@HandlerBase@xercesc_2_7@@UAEXQBVLocator@2@@Z
?startDocument@HandlerBase@xercesc_2_7@@UAEXXZ
?resetErrors@HandlerBase@xercesc_2_7@@UAEXXZ
?transcode@XMLString@xercesc_2_7@@SAPADQBG@Z
?compareIString@XMLString@xercesc_2_7@@SAHQBD0@Z
?release@XMLString@xercesc_2_7@@SAXPAPAD@Z
?fgDOMValidateIfSchema@XMLUni@xercesc_2_7@@2QBGB
kernel32
GetDiskFreeSpaceExA
GetDriveTypeA
GetLogicalDrives
GetSystemTime
DeleteFileA
GetSystemDirectoryA
GlobalUnlock
GlobalFree
GlobalLock
GlobalAlloc
GetModuleFileNameA
LocalFree
lstrcpynA
FormatMessageA
GlobalSize
MulDiv
CopyFileA
SetLastError
LoadLibraryA
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
GetProcAddress
GetModuleHandleA
lstrcmpA
GlobalDeleteAtom
FreeLibrary
GetCurrentThreadId
GetCurrentThread
GlobalAddAtomA
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventA
lstrcmpW
lstrcatA
GlobalFindAtomA
GlobalGetAtomNameA
FreeResource
InterlockedDecrement
FindClose
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
VirtualProtect
GetFileAttributesA
SetFileTime
GetFileTime
GetTempFileNameA
GetFullPathNameA
GetDiskFreeSpaceA
InterlockedIncrement
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SystemTimeToFileTime
MoveFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
CreateFileA
GetShortPathNameA
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFlags
GetCPInfo
GetOEMCP
FindResourceExA
LocalFileTimeToFileTime
SetErrorMode
LocalUnlock
LocalLock
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
CreateDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
SetFileAttributesA
MoveFileExA
FileTimeToDosDateTime
RemoveDirectoryA
GetComputerNameA
GetTickCount
GetLastError
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
GetVersion
GetEnvironmentVariableW
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
OpenProcess
TerminateProcess
GetCurrentDirectoryA
CreateThread
TerminateThread
Sleep
CreateProcessA
CloseHandle
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GlobalMemoryStatus
user32
UnregisterClassA
GetWindowPlacement
GetClassInfoA
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetSysColor
ShowScrollBar
SetForegroundWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
IsChild
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
MapDialogRect
SetWindowContextHelpId
FindWindowA
IsRectEmpty
FillRect
DrawIcon
SetWindowRgn
ClientToScreen
SetCapture
ReleaseCapture
GetAsyncKeyState
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
GetKeyNameTextA
MapVirtualKeyA
CopyAcceleratorTableA
InvalidateRgn
TranslateAcceleratorA
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
ReuseDDElParam
SetWindowPlacement
DestroyMenu
LoadMenuA
TabbedTextOutA
DrawTextExA
GrayStringA
GetWindowDC
CharNextA
GetSysColorBrush
WindowFromPoint
WaitMessage
DeleteMenu
DestroyIcon
InflateRect
GetMenuItemInfoA
GetNextDlgGroupItem
MessageBeep
GetDialogBaseUnits
RegisterClipboardFormatA
UnionRect
IsClipboardFormatAvailable
GetTabbedTextExtentA
PostThreadMessageA
GetDCEx
LockWindowUpdate
GetSystemMenu
SetParent
CopyRect
GetWindow
GetWindowTextLengthA
GetWindowTextA
ScrollWindowEx
SetFocus
ShowWindow
MoveWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
GetParent
GetLastActivePopup
IsWindowEnabled
DefWindowProcA
CallWindowProcA
OffsetRect
IntersectRect
UnpackDDElParam
IsIconic
ShowOwnedPopups
SetCursor
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
IsWindow
GetClientRect
SendMessageA
InvalidateRect
wvsprintfA
LoadBitmapA
PtInRect
PostMessageA
CharUpperA
CharUpperW
CharLowerA
CharLowerW
EnableWindow
GetWindowThreadProcessId
SetTimer
GetDC
ReleaseDC
KillTimer
ValidateRect
BeginPaint
LoadImageA
DrawTextA
EndPaint
PostQuitMessage
GetWindowLongA
GetMenu
AdjustWindowRectEx
SetWindowPos
SystemParametersInfoA
GetWindowRect
SetRect
LoadIconA
LoadCursorA
GetSystemMetrics
wsprintfA
MessageBoxA
GetDlgItem
UpdateWindow
RegisterClassA
gdi32
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
PolyBezierTo
TextOutA
GetTextColor
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
ExtTextOutA
GetBkColor
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesExA
SetRectRgn
SetAbortProc
AbortDoc
EndDoc
CombineRgn
GetMapMode
StretchDIBits
GetCharWidthA
CreateFontA
RectVisible
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
CreateCompatibleBitmap
GetRgnBox
PatBlt
CreateRectRgnIndirect
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateCompatibleDC
SelectObject
BitBlt
GetBkMode
SetBkMode
DeleteObject
DeleteDC
EndPage
StartPage
comdlg32
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
PrintDlgA
PageSetupDlgA
FindTextA
ReplaceTextA
GetFileTitleA
winspool.drv
OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetJobA
advapi32
GetUserNameA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
IsTextUnicode
RegSetValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
shell32
ShellExecuteA
DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
SHGetPathFromIDListA
SHBrowseForFolderA
comctl32
ord17
DestroyPropertySheetPage
CreatePropertySheetPageA
ord13
ImageList_Read
ImageList_Write
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Draw
ImageList_GetImageInfo
PropertySheetA
shlwapi
PathStripToRootA
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathIsUNCA
oledlg
ord8
ole32
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
StringFromGUID2
CoDisconnectObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoUninitialize
CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoTaskMemFree
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateBindCtx
CoTaskMemAlloc
ReleaseStgMedium
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
CoGetMalloc
oleaut32
SystemTimeToVariantTime
VariantChangeType
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
SysStringLen
LoadTypeLi
OleCreateFontIndirect
SafeArrayCreateVector
VarBstrFromDate
VarBstrFromCy
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
VarCyFromStr
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromDec
VarDecFromStr
SafeArrayDestroy
ws2_32
WSAGetLastError
WSAStartup
inet_addr
gethostbyname
ioctlsocket
WSACleanup
WSAAsyncSelect
socket
closesocket
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
send
recv
WSACreateEvent
WSAEventSelect
gethostbyaddr
getpeername
getsockname
inet_ntoa
gethostname
accept
listen
htonl
bind
htons
setsockopt
connect
WSACloseEvent
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
Sections
.text Size: 600KB - Virtual size: 597KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 176KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 20KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ