d:\LocalSvnForDailyBuild\dabingusa_beta\Bin\Release\Adapter.pdb
Behavioral task
behavioral1
Sample
674404ef3fece0bc517d45f50e4a4f10_JaffaCakes118.dll
Resource
win7-20240705-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
674404ef3fece0bc517d45f50e4a4f10_JaffaCakes118.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
4 signatures
150 seconds
General
-
Target
674404ef3fece0bc517d45f50e4a4f10_JaffaCakes118
-
Size
1.9MB
-
MD5
674404ef3fece0bc517d45f50e4a4f10
-
SHA1
15653219550a905c68f9133794445ec65e8d5611
-
SHA256
ddf1eec8e03b616fbd7eae799cb704ba62863c0c6a84c22f249e9db613564b6a
-
SHA512
5e34c52799c2186f02b3b13a2ede8cd406b26c21f6460f168cfbc17a8ce2a094b1fa6c306e95e501dd12b5091270425c1f6999fec3fafae2fbdf88858fa62afb
-
SSDEEP
49152:O6SNCmLUGLEgGwBIEm3xIoqBCJlE6MIEWn:OflIdjBhIoBJlE6M
Score
7/10
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 674404ef3fece0bc517d45f50e4a4f10_JaffaCakes118
Files
-
674404ef3fece0bc517d45f50e4a4f10_JaffaCakes118.dll windows:4 windows x86 arch:x86
7ffdd96f5956109786b1e3ecd4011de9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
psapi
GetProcessImageFileNameA
GetModuleFileNameExA
EnumProcessModules
EnumProcesses
GetModuleInformation
imagehlp
CheckSumMappedFile
kernel32
GetVolumeInformationA
GetFullPathNameA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
FreeResource
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
InterlockedIncrement
GetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
VirtualAlloc
FindClose
HeapReAlloc
RtlUnwind
RaiseException
WriteConsoleW
GetFileType
GetStdHandle
ExitProcess
HeapSize
SetStdHandle
VirtualFree
HeapDestroy
HeapCreate
GetTimeFormatA
GetDateFormatA
GetACP
IsValidCodePage
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetHandleCount
GetStartupInfoA
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LoadLibraryW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetThreadLocale
DeleteCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalUnlock
InterlockedDecrement
GetModuleFileNameW
SetLastError
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalLock
lstrcmpA
GlobalAlloc
GlobalAddAtomA
WriteFile
WinExec
GetWindowsDirectoryA
LoadLibraryExA
lstrcatA
MulDiv
GetLocalTime
CreateDirectoryA
QueryPerformanceCounter
CreateFileA
GetFileSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateThread
GetThreadContext
SetThreadContext
CreateMutexA
CreateSemaphoreA
ReleaseSemaphore
LocalAlloc
ResumeThread
Thread32First
OpenThread
SuspendThread
Thread32Next
GetVersionExA
WaitForSingleObject
WritePrivateProfileStringA
GetModuleFileNameA
lstrcpyA
GetUserDefaultLangID
GetSystemDefaultUILanguage
GetSystemDefaultLangID
CreateToolhelp32Snapshot
OpenProcess
FreeLibrary
LoadLibraryA
GetSystemInfo
Toolhelp32ReadProcessMemory
TerminateProcess
Module32First
Module32Next
Process32Next
Process32First
GetProcAddress
InterlockedExchange
lstrcmpiA
lstrlenA
GetVersion
CompareStringA
GetLastError
MultiByteToWideChar
CompareStringW
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
Sleep
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetTickCount
CloseHandle
LocalFree
FormatMessageA
HeapFree
GetProcessHeap
HeapAlloc
GetCommandLineA
GetCurrentProcessId
GetModuleHandleA
RemoveVectoredExceptionHandler
VirtualProtect
GetCurrentThreadId
IsBadWritePtr
IsBadReadPtr
FindNextFileA
FindFirstFileA
GetCurrentProcess
InterlockedCompareExchange
ReleaseMutex
CreateFileW
user32
GetSysColorBrush
UnregisterClassA
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
IsDialogMessageA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
SetActiveWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetScrollPos
SetForegroundWindow
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
AdjustWindowRectEx
CallWindowProcA
SetWindowPos
IsIconic
GetWindowPlacement
GetSubMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
GetLastActivePopup
PostQuitMessage
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
PeekMessageA
ValidateRect
FillRect
CreateIconIndirect
GetIconInfo
FindWindowA
GetWindowThreadProcessId
PostMessageA
GetWindowTextA
SetWindowTextA
MessageBoxA
CopyIcon
SystemParametersInfoA
DestroyIcon
DestroyCursor
LoadStringA
LoadImageA
CreatePopupMenu
AppendMenuA
SetCursor
GetMenuItemCount
SetRectEmpty
GetSystemMetrics
IsWindowEnabled
EqualRect
SetRect
OffsetRect
IsRectEmpty
GetSysColor
GetParent
LoadCursorA
SetWindowRgn
GetMenuItemID
ChildWindowFromPoint
PtInRect
GetMenuState
CopyRect
GetClassInfoA
ScreenToClient
RegisterClassA
CharUpperA
GetDesktopWindow
EnumThreadWindows
GetClassNameA
EnumChildWindows
SetTimer
KillTimer
SetWindowsHookExA
UnhookWindowsHookEx
GetWindowLongA
EnumWindows
CallNextHookEx
DefWindowProcA
GetWindow
GetKeyState
WindowFromPoint
GetClientRect
SetWindowLongA
IsWindowVisible
SendMessageA
CheckMenuItem
GetWindowRect
ClientToScreen
GetCursorPos
IsWindow
GetDlgCtrlID
EnableWindow
GetDC
ReleaseDC
GetDlgItem
gdi32
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
OffsetViewportOrgEx
DPtoLP
SetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
SetMapMode
GetDIBits
TextOutA
SetTextColor
CreateFontIndirectA
SetDIBits
SetBkMode
RestoreDC
SaveDC
GetClipBox
GetObjectA
CreateBitmap
CreateDIBSection
StretchBlt
GetDeviceCaps
CreatePen
SetTextJustification
GetTextExtentPoint32A
GetTextMetricsA
MoveToEx
LineTo
SetBkColor
CreateSolidBrush
CombineRgn
CreateRoundRectRgn
FillRgn
FrameRgn
SelectClipRgn
CreateRectRgn
CreatePolygonRgn
OffsetRgn
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
BitBlt
DeleteObject
comdlg32
GetFileTitleA
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
advapi32
RegOpenKeyA
SetSecurityInfo
AddAccessAllowedAce
AddAccessDeniedAce
InitializeAcl
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
FreeSid
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
shell32
ShellExecuteA
SHFileOperationA
comctl32
ImageList_GetImageCount
ImageList_GetIcon
ord17
shlwapi
PathFindFileNameA
PathFindExtensionA
PathStripToRootA
PathFileExistsA
PathIsUNCA
oleaut32
VariantClear
VariantChangeType
VariantInit
ws2_32
select
connect
inet_addr
htons
WSACleanup
WSAStartup
recv
send
closesocket
socket
wininet
HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetQueryDataAvailable
Exports
Exports
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@VCShareData@@V?$allocator@VCShareData@@@std@@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCConsoleLoginAckPack@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCConsoleOnlinePack@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCShareData@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCShareDataContainer@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VChangePassEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VChangePassTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendWithIP_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserLogin_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserRegist_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLogOffEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLogOffTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLoginCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VOnlineEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VOnlineTrasaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VReadConfigEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VReadConfigFile_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VRegEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VRegNewCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginWithGameAccountTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestLargeDataSend_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestOnlineSession_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadGameOnlineUserEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadGameOnlineUser_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadScriptEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadScript_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoad_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@UHeroInfo@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@V?$vector@VCShareData@@V?$allocator@VCShareData@@@std@@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCConsoleLoginAckPack@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCConsoleOnlinePack@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCShareData@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCShareDataContainer@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VCSharememContent@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VChangePassEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VChangePassTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VExtendEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VExtendWithIP_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserLogin_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserRegist_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLogOffTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLoginCustomerTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VOnlineEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VOnlineTrasaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VReadConfigEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VReadConfigFile_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VRegEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VRegNewCustomerTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VSimpleLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VSimpleLoginWithGameAccountTrans_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VUpLoadGameOnlineUser_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VUpLoadScript_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VUpLoad_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
SetVMFactory
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 232KB - Virtual size: 229KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 56KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 96KB - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vmp1 Size: 308KB - Virtual size: 307KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 64KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ