628e414d57d285d63a08a0ba8629c7f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

628e414d57d285d63a08a0ba8629c7f2_JaffaCakes118
Size

1.0MB
MD5

628e414d57d285d63a08a0ba8629c7f2
SHA1

753ee523997ab171c8ce33ebdb1020f5212b8fa5
SHA256

90a0aaa05d3f86d1f66fe7cb1b86a0ef10c2be64f6c09fd89aa91162d2c1cc6d
SHA512

329244a6e0f29a3876a48abc6910a8657b2c4537ef1a541a28eef6ab944dacfe704d373f8f7c4e375c62399004ed888fe958af0678ad22101e01e8088f81a1ec
SSDEEP

24576:f+ZGPpAddPdAZH6PGS989H+sr1AWGbBL90:fqrDPdS8GS+GWyBG

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/按键机器人/AutoKey.exe
unpack001/按键机器人/Update.exe
unpack001/按键机器人/dll.dll
unpack001/按键机器人/net.dll
unpack001/按键机器人/pic.dll
unpack001/按键机器人/scSock.dll

Files

628e414d57d285d63a08a0ba8629c7f2_JaffaCakes118
.rar
按键机器人/AutoKey.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 35B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
按键机器人/FunHelp.txt
按键机器人/FunTree.txt
.vbs
按键机器人/UpBack.bmp
按键机器人/Update.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 601KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
按键机器人/Update.ini
按键机器人/dll.dll
.dll windows:4 windows x86 arch:x86

b2e50cc60a521158b3ea2d099cbea42b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

??0CDll@@QAE@XZ
??4CDll@@QAEAAV0@ABV0@@Z
?nDll@@3HA
?ndll@@3HA
SetFun
fndll
fndll2

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
按键机器人/net.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ForceDirectories
GetTxt
ReplaceSpace

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
按键机器人/pic.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CreateDestopLink
DrawText
ForceDirectories
RegisterAutoRun
RegisterFileType
ReplaceImg
ReplaceSpace

Sections

CODE
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
按键机器人/scSock.dll
.dll windows:4 windows x86 arch:x86

bb5138dc4bdb9c485bed095f81a111dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
CloseHandle
SetFileTime
CreateFileA
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
SetEvent
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
GetExitCodeThread
WaitForMultipleObjects
WaitForSingleObject
CreateThread
CreateEventA
InterlockedIncrement
ResetEvent
Sleep
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
RtlUnwind
GetLastError
MoveFileA
DeleteFileA
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
MultiByteToWideChar

user32

SendMessageA
MessageBoxA

netapi32

Netbios

wsock32

gethostbyaddr
gethostbyname
htons
connect
ioctlsocket
setsockopt
recv
closesocket
WSAStartup
socket
WSACleanup
__WSAFDIsSet
select
send

Exports

Exports

??0CscGetWebSource@@QAE@XZ
??0CscSock@@QAE@XZ
??1CscGetWebSource@@QAE@XZ
??1CscSock@@QAE@XZ
?Auth@CscGetWebSource@@AAE_NID@Z
?Auth@CscSock@@AAE_NID@Z
?CloseConnect@CscGetWebSource@@QAEHXZ
?CloseConnect@CscSock@@QAEHXZ
?Download@CscGetWebSource@@QAEHPAD0PAXFAAPAXAAF1@Z
?Download@CscSock@@QAEHPAD0FAAPAXAAFPAX3@Z
?DownloadNoThread@CscGetWebSource@@QAEHPADAAPADPAX@Z
?DownloadNoThread@CscSock@@QAEHPAD0PAX@Z
?FreeGetWebSource@CscGetWebSource@@QAEXXZ
?FreeSource@CscGetWebSource@@QAEXXZ
?GetFileSize@CscSock@@QAEIPAD@Z
?GetModifyTime@CscSock@@QAEHPADAAU_SYSTEMTIME@@@Z
?GetSource@CscGetWebSource@@QAEPADXZ
?GetString@CscSock@@AAEPADPBD0H@Z
?GetThreadCount@CscSock@@QAEHXZ
?SetModifyTime@CscSock@@QAEHPADAAU_SYSTEMTIME@@@Z
?SetTimeOut@CscGetWebSource@@QAEHH@Z
?SetTimeOut@CscSock@@QAEHH@Z
?StopThread@CscSock@@QAEHPAX@Z
?getmac_one@@YAXHPAD@Z
?iHaveData@CscGetWebSource@@AAEHXZ
?iHaveData@CscSock@@AAEHXZ
?socksconnect@CscGetWebSource@@AAE_NIPAUsockaddr_in@@@Z
?socksconnect@CscSock@@AAE_NIPAUsockaddr_in@@@Z
Download
DownloadNoThread
DownloadWebSource
DownloadWebSourceNoThread
FreeAllThread
IsDownload
IsNetReg
SetBuffer
SetLicenseKey
SetMaxThreadCount
SetNotifyMsg
SetOption
SetProxy
SetTimeOut
SetfunStatus
StopAllThread
_GetThreadCount@0

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
按键机器人/set.ini
按键机器人/set/API.fls
按键机器人/set/AddMsg.fls
按键机器人/set/HotKey_.txt
按键机器人/set/ICO16.ico
按键机器人/set/MsgPop_.fls
按键机器人/set/Msg_.fls
按键机器人/set/SoftTitle_.txt
按键机器人/set/code.txt
按键机器人/set/control.txt
按键机器人/set/test.mdb
按键机器人/set/winmine.bmp
按键机器人/set/图象工具.fls
按键机器人/set/图象工具.取点颜色.fls
按键机器人/set/图象工具.屏幕截图.fls
按键机器人/set/图象工具.屏幕截图_Bak.fls
按键机器人/set/外部文件.fls
按键机器人/set/按键工具.fls
按键机器人/set/按键工具.取热键虚拟码.fls
按键机器人/set/按键工具.录制按键.fls
按键机器人/set/搜索狂.fls
按键机器人/set/搜索狂.阿里巴巴企业名录.fls
按键机器人/set/游戏工具.fls
按键机器人/set/游戏工具.开心网偷菜.fls
按键机器人/set/游戏工具.开心网偷菜/买房子.bmp
按键机器人/set/游戏工具.开心网偷菜/偷果实.bmp
按键机器人/set/游戏工具.开心网偷菜/好友花园.bmp
按键机器人/set/游戏工具.开心网偷菜/好友花园2.bmp
按键机器人/set/游戏工具.开心网偷菜/展开.bmp
按键机器人/set/游戏工具.开心网偷菜/已成熟.bmp
按键机器人/set/游戏工具.开心网偷菜/花园.bmp
按键机器人/set/游戏工具.开心网偷菜/花园2.bmp
按键机器人/set/游戏工具.开心网偷菜/花园左角.bmp
按键机器人/set/游戏工具.开心网偷菜/花园左角2.bmp
按键机器人/set/游戏工具.开心网偷菜/花园左角3.bmp
按键机器人/set/系统工具.fls
按键机器人/set/系统工具.一键隐藏及显示.fls
按键机器人/set/系统工具.一键隐藏及显示管理.fls
按键机器人/set/系统工具.定时关机.fls
按键机器人/set/系统工具.快捷键管理.fls
按键机器人/set/编程例子.Delphi控件属性事件查看器.fls
按键机器人/set/编程例子.fls
按键机器人/set/编程例子.按键.打开扫雷游戏，并且找笑脸.fls
按键机器人/set/编程例子.数据库.fls
按键机器人/set/编程例子.界面.托盘闪动图标.fls
按键机器人/set/编程例子.界面.树视图控件.fls
按键机器人/set/编程例子.界面.浏览器.fls
按键机器人/set/编程例子.界面.窗口及控件综合学习例子.fls
按键机器人/set/编程例子.界面.类似QQ的弹出消息窗口.fls
按键机器人/set/编程例子.界面.菜单.fls
按键机器人/set/编程例子.界面.选择文件.fls
按键机器人/set/编程例子.绘图.动画.fls
按键机器人/set/编程例子.绘图.射线.fls
按键机器人/set/编程例子.绘图.顺时针画圆.fls
按键机器人/set/编程例子.难点.全局热键.fls
按键机器人/set/编程例子.难点.字符串集合类.fls
按键机器人/set/编程例子.难点.应用程序消息.fls
按键机器人/set/编程例子.难点.自定义消息.fls
按键机器人/set/编程例子.难点.调用回调函数.fls
按键机器人/set/自启动.fls
按键机器人/set/自定义消息.fls
按键机器人/set/证券工具.fls
按键机器人/set/证券工具.股票行情.fls
按键机器人/set/证券工具.股票行情/CurCode.txt
按键机器人/set/证券工具.股票行情/jkCode.txt
按键机器人/set/选号.fls
按键机器人/set/选号.我的公式.fls
按键机器人/使用说明.txt
按键机器人/按键机器人主页.url
按键机器人/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 1.6MB - Virtual size: 1.6MB

DATA Size: 21KB - Virtual size: 20KB

BSS Size: - Virtual size: 7KB

.idata Size: 12KB - Virtual size: 12KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 35B

.reloc Size: 116KB - Virtual size: 115KB

.rsrc Size: 90KB - Virtual size: 90KB

Headers

File Characteristics

Sections

CODE Size: 601KB - Virtual size: 600KB

DATA Size: 9KB - Virtual size: 9KB

BSS Size: - Virtual size: 8KB

.idata Size: 9KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 46KB - Virtual size: 46KB

.rsrc Size: 49KB - Virtual size: 49KB

b2e50cc60a521158b3ea2d099cbea42b

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 28KB - Virtual size: 28KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 115B

.reloc Size: 3KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 272KB - Virtual size: 271KB

DATA Size: 5KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 5KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 218B

.reloc Size: 14KB - Virtual size: 14KB

.rsrc Size: 10KB - Virtual size: 10KB

bb5138dc4bdb9c485bed095f81a111dc

Headers

File Characteristics

Imports

kernel32

user32

netapi32

wsock32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 18KB

.reloc Size: 8KB - Virtual size: 4KB

CODE
Size: 1.6MB - Virtual size: 1.6MB

DATA
Size: 21KB - Virtual size: 20KB

BSS
Size: - Virtual size: 7KB

.idata
Size: 12KB - Virtual size: 12KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 35B

.reloc
Size: 116KB - Virtual size: 115KB

.rsrc
Size: 90KB - Virtual size: 90KB

CODE
Size: 601KB - Virtual size: 600KB

DATA
Size: 9KB - Virtual size: 9KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 46KB - Virtual size: 46KB

.rsrc
Size: 49KB - Virtual size: 49KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

CODE
Size: 28KB - Virtual size: 28KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 115B

.reloc
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 4KB

CODE
Size: 272KB - Virtual size: 271KB

DATA
Size: 5KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 5KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 218B

.reloc
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 10KB - Virtual size: 10KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 18KB

.reloc
Size: 8KB - Virtual size: 4KB