09e6991638b26cf170ecb873a8c19d27d1fce28489b8e967a949cf2f73dd90ad

Sharing

Copy URL Twitter E-mail

General

Target

09e6991638b26cf170ecb873a8c19d27d1fce28489b8e967a949cf2f73dd90ad
Size

2.8MB
MD5

00df3cdfa2ef1a8779af60a28ca31344
SHA1

904f8870b23bd0c10bdaddfa5a26e18c17b5f862
SHA256

09e6991638b26cf170ecb873a8c19d27d1fce28489b8e967a949cf2f73dd90ad
SHA512

c82e1a0198e8caad799788e6bb32fc88dee4e81caf61b1fcecb2fa1ae3071f9131bbfa8921adc2c867cba529605d757673dac6e44949f34d28dd0eb49165d25b
SSDEEP

49152:naPB8+nY3cJVfD8vr3E5RKfg7LiT3VsDeaAZCxSMF7hVXs7tTBB/DETNYKFC:nalY3crfD83E5Mfg/iT3VsDeaAZCxSM6

Score

1^/10

Malware Config

Signatures

Files

09e6991638b26cf170ecb873a8c19d27d1fce28489b8e967a949cf2f73dd90ad
.exe windows:6 windows x86 arch:x86

856c02a148fce6bb9f72075d0bcc742f

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9a:8b:48:ea:9c:67:b1:7a:b9:c6:67:ed:8c:77:00:d4:b5:48:26:6f:67:fa:6d:9f:88:e1:98:0b:52:07:44:51
Signer

Actual PE Digest

9a:8b:48:ea:9c:67:b1:7a:b9:c6:67:ed:8c:77:00:d4:b5:48:26:6f:67:fa:6d:9f:88:e1:98:0b:52:07:44:51

Digest Algorithm

sha256

PE Digest Matches

true

7f:c1:70:02:67:49:8d:d7:c8:4e:e6:41:2f:49:a6:99:72:10:69:77
Signer

Actual PE Digest

7f:c1:70:02:67:49:8d:d7:c8:4e:e6:41:2f:49:a6:99:72:10:69:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
GetSystemTimeAsFileTime
SetStdHandle
GlobalHandle
GlobalFree
CreateDirectoryTransactedA
GetFileTime
FindFirstVolumeW
GetCurrentThread
ExitThread
GlobalFlags
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GlobalFindAtomW
GlobalDeleteAtom
CreateToolhelp32Snapshot
LeaveCriticalSection
DuplicateHandle
LoadLibraryW
InitializeCriticalSectionAndSpinCount
GetEnvironmentStringsW
TlsFree
GlobalLock
VirtualProtect
LoadLibraryExW
GenerateConsoleCtrlEvent
MultiByteToWideChar
GetNLSVersionEx
GetFileAttributesExW
SetErrorMode
GetModuleHandleW
HeapAlloc
FlushFileBuffers
GetEnvironmentVariableW
CreateDirectoryW
MoveFileExW
ResumeThread
CommConfigDialogA
lstrcmpA
GetFullPathNameW
TerminateProcess
GetWindowsDirectoryW
FreeEnvironmentStringsW
InitializeSListHead
VerifyVersionInfoW
SleepEx
WritePrivateProfileStructA
SignalObjectAndWait
GlobalAddAtomW
GetVolumeInformationW
CreateProcessW
IsValidCodePage
TlsAlloc
RtlUnwind
CancelSynchronousIo
SetFilePointerEx
EncodePointer
SetEvent
GetFileType
GetConsoleMode
GetOEMCP
FindFirstFileW
GlobalReAlloc
VirtualAlloc
FindNextFileW
GetFileAttributesW
WritePrivateProfileStringW
GlobalAlloc
GetProcessHeap
SetUnhandledExceptionFilter
SetEnvironmentVariableW
lstrcpyW
TlsSetValue
CloseHandle
GetCommandLineW
CompareStringW
GetStringTypeW
FindClose
Process32FirstW
GetUserDefaultUILanguage
Sleep
GetModuleHandleA
GetACP
CompareStringA
ResetEvent
HeapQueryInformation
SizeofResource
LoadResource
FindResourceW
GetCurrentDirectoryW
InitializeCriticalSection
UnlockFile
LeaveCriticalSectionWhenCallbackReturns
CreateThread
CreateDirectoryExA
CreateEventExW
LocalAlloc
WideCharToMultiByte
GetCurrentProcessId
GetDriveTypeW
GetShortPathNameW
lstrcmpW
MulDiv
HeapSize
LocalReAlloc
DeleteCriticalSection
TlsGetValue
FindResourceExW
QueryPerformanceFrequency
GetPrivateProfileIntW
ReadFile
GlobalUnlock
WriteConsoleW
GetDriveTypeA
ReadConsoleW
FreeLibraryAndExitThread
SetEndOfFile
OpenEventA
VerSetConditionMask
VerifyVersionInfoA
Thread32Next
GetAtomNameA
OutputDebugStringA
Process32NextW
HeapReAlloc
WaitForSingleObject
CopyFileW
GetTimeZoneInformation
FreeLibrary
GetCommandLineA
GetSystemDirectoryA
DecodePointer
GetConsoleTitleA
WaitForMultipleObjects
LCMapStringW
OpenProcess
FormatMessageW
GetCPInfo
ExpandEnvironmentStringsA
InitializeCriticalSectionEx
DeleteFileW
CreateEventW
RemoveDirectoryW
GetFileSize
GetFileSizeEx
EnterCriticalSection
QueryFullProcessImageNameW
GetStdHandle
GetTickCount64
GetConsoleCP
DisassociateCurrentThreadFromCallback
OutputDebugStringW
lstrcmpiW
HeapFree
AddVectoredContinueHandler
GetModuleHandleExW
LocalFree
GlobalGetAtomNameW
GetSystemDirectoryW
SetThreadpoolThreadMinimum
GetCurrentProcess
SetupComm
GetPrivateProfileStringW
GetFileInformationByHandle
FormatMessageA
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError
WriteFile
SetThreadPriority
GetSystemInfo
SearchPathW
ExitProcess
GetTickCount
VirtualQuery
GetLocaleInfoW
GetSystemDefaultUILanguage
GetTempFileNameW
GetVersionExW
GetProcAddress
UnhandledExceptionFilter
GlobalSize
GetModuleFileNameW
LoadLibraryA
FileTimeToSystemTime
SetFilePointer
RaiseException
LockResource
FileTimeToLocalFileTime
CreateFileW
GetProfileIntW
GetCurrentThreadId
GetTempPathW
FindFirstFileExW
QueryPerformanceCounter
GetStartupInfoW
WaitForSingleObjectEx
LockFile
GetLastError

user32

SetClassLongW
RedrawWindow
SetMenu
SetWindowPlacement
IsWindowVisible
GetMenuItemCount
SetClipboardData
LoadImageW
OpenClipboard
BringWindowToTop
SetWindowLongW
RegisterClipboardFormatW
ReleaseDC
SubtractRect
CreatePopupMenu
GetCapture
EnableMenuItem
SetForegroundWindow
EqualRect
IsCharAlphaW
KillTimer
TranslateAcceleratorW
FrameRect
IsZoomed
GetMessagePos
EnumDisplayMonitors
UnregisterClassW
IsCharLowerW
SetWindowTextW
DefWindowProcW
PeekMessageW
GetSubMenu
GetClassInfoW
TrackPopupMenu
InsertMenuW
IntersectRect
GetDoubleClickTime
CreateAcceleratorTableW
HideCaret
GetSysColorBrush
IsDialogMessageW
DrawStateW
EndDeferWindowPos
DrawTextExW
BroadcastSystemMessageExW
RemovePropW
TranslateMDISysAccel
IsWindow
DrawTextW
CreateDialogIndirectParamW
SetDlgItemTextW
IsWindowEnabled
FindWindowExW
UnhookWindowsHookEx
LoadBitmapW
SetPropW
ScrollWindow
GetSysColor
GetSystemMetrics
SetScrollInfo
BeginPaint
MoveWindow
GetTopWindow
EmptyClipboard
GetWindowPlacement
PostQuitMessage
GetMenuDefaultItem
PostThreadMessageW
PtInRect
GetAsyncKeyState
EnableWindow
SetMenuItemInfoW
GetLastActivePopup
DestroyWindow
IsCharLowerA
DispatchMessageW
GetKeyNameTextW
CharUpperW
GetKeyboardLayout
SetParent
MapVirtualKeyExW
GetDC
SendMessageA
InsertMenuItemW
NotifyWinEvent
EnableScrollBar
GetUpdateRect
UnionRect
LoadCursorW
GetDlgItem
ValidateRect
GetWindowTextW
ClientToScreen
InflateRect
CallNextHookEx
GetMessageW
ShowOwnedPopups
GetKeyboardState
PostMessageW
RealChildWindowFromPoint
UnpackDDElParam
SetTimer
GetKeyState
GetWindowRect
OemKeyScan
GetMenuItemInfoW
SetLayeredWindowAttributes
GetComboBoxInfo
LoadIconW
SetWindowRgn
SendDlgItemMessageA
DeleteMenu
IsRectEmpty
WinHelpW
TrackMouseEvent
MonitorFromWindow
LockWindowUpdate
MessageBoxW
IsChild
GetWindowThreadProcessId
DefFrameProcW
DrawEdge
SendMessageW
DrawIcon
GetWindow
CloseClipboard
CheckDlgButton
GetDlgCtrlID
GetWindowTextLengthW
GetMonitorInfoW
GetMenuState
GetScrollPos
CopyImage
OpenIcon
WaitMessage
GetFocus
DestroyMenu
SetScrollRange
UpdateLayeredWindow
GrayStringW
CheckMenuItem
IsMenu
CharUpperBuffW
GetMessageTime
DefMDIChildProcW
GetClientRect
SetCursor
ShowScrollBar
DestroyAcceleratorTable
DeferWindowPos
SetWindowPos
EndPaint
SystemParametersInfoW
CopyAcceleratorTableW
WindowFromPoint
SetFocus
SetCapture
GetNextDlgGroupItem
DestroyIcon
SetMenuDefaultItem
GetWindowLongW
SetCursorPos
AdjustWindowRectEx
ReleaseCapture
EndDialog
GetMenu
EnumChildWindows
IsIconic
DrawMenuBar
GetMenuStringW
LoadAcceleratorsW
GetNextDlgTabItem
SetActiveWindow
CreateIconFromResourceEx
DestroyCursor
DrawFrameControl
CreateDesktopA
TranslateMessage
GetDesktopWindow
SetScrollPos
ReuseDDElParam
MapVirtualKeyW
ShowWindow
CreateWindowExW
GetPropW
AppendMenuW
GetActiveWindow
GetSystemMenu
IsGUIThread
ScreenToClient
TabbedTextOutW
GetMenuItemID
CallWindowProcW
GetClassInfoExW
GetMenuCheckMarkDimensions
MapWindowPoints
SetMenuItemBitmaps
InvertRect
GetWindowContextHelpId
UpdateWindow
RegisterWindowMessageW
FillRect
GetParent
GetClassLongW
GetWindowRgn
BeginDeferWindowPos
GetCursorPos
OffsetRect
SetRect
GetForegroundWindow
GetClassNameW
SetWindowsHookExW
SetRectEmpty
InvalidateRect
IsClipboardFormatAvailable
GetIconInfo
DrawIconEx
ToUnicodeEx
GetScrollInfo
ModifyMenuW
RemoveMenu
DrawFocusRect
RegisterClassW
MapDialogRect
GetWindowDC
LoadMenuW
MonitorFromPoint
GetScrollRange
MessageBeep
CopyIcon
CopyRect
CreateMenu

gdi32

SetMapMode
CreateRectRgnIndirect
ExcludeClipRect
GetDIBits
EnumFontFamiliesExW
SelectClipRgn
FillRgn
GetBkColor
SetTextColor
PtInRegion
CreateHatchBrush
CreateFontIndirectW
ExtSelectClipRgn
GetRgnBox
OffsetViewportOrgEx
OffsetWindowOrgEx
SetLayout
SetRectRgn
ExtTextOutW
ScaleWindowExtEx
CreateCompatibleBitmap
CombineRgn
GetViewportExtEx
CreatePalette
CreateDIBitmap
CreateEllipticRgn
Polyline
DeleteObject
SaveDC
GetViewportOrgEx
CreatePatternBrush
RealizePalette
GetClipBox
GetPaletteEntries
GetObjectW
SetPolyFillMode
CreateBitmap
GetPixel
DeleteDC
GetDeviceCaps
RoundRect
SetBkMode
TextOutW
OffsetRgn
ExtFloodFill
Rectangle
DPtoLP
Polygon
RestoreDC
SetPixel
SelectObject
CreateSolidBrush
MoveToEx
SetPaletteEntries
LPtoDP
GetObjectType
Escape
GetLayout
GetWindowOrgEx
GetSystemPaletteEntries
LineTo
CreatePolygonRgn
Ellipse
SetROP2
PatBlt
GetTextExtentPoint32W
SetViewportExtEx
SetPixelV
FrameRgn
CreateDIBSection
GetTextColor
CreateCompatibleDC
PtVisible
CreateRoundRectRgn
SetDIBColorTable
SetWindowExtEx
GetTextFaceW
IntersectClipRect
RectVisible
GetStockObject
BitBlt
CopyMetaFileW
StretchBlt
GetWindowExtEx
GetNearestPaletteIndex
SetBkColor
GetBoundsRect
CreateRectRgn
GetTextCharsetInfo
CreatePen
SetTextAlign
ScaleViewportExtEx
SetWindowOrgEx
CreateDCW
SetViewportOrgEx
SelectPalette
EnumFontFamiliesW
GetTextMetricsW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
FindFirstFreeAce
RegCreateKeyExW
DestroyPrivateObjectSecurity
RegEnumKeyExW
AllocateAndInitializeSid
RegReplaceKeyW
CryptCreateHash
ObjectDeleteAuditAlarmA
LookupPrivilegeValueW
CryptGetHashParam
OpenProcessToken
BackupEventLogW
RegCloseKey
CryptImportKey
BuildImpersonateTrusteeA
RegConnectRegistryExW
CryptHashData
RegDeleteKeyW
AddAuditAccessAce
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorA
ObjectCloseAuditAlarmW
AdjustTokenGroups
IsTokenRestricted
RegDeleteKeyTransactedA
CryptEncrypt
RegOpenKeyExW
PerfStartProvider
BuildTrusteeWithSidA
CryptDestroyHash
RegSetValueA
RegEnumKeyW
CryptReleaseContext
RegDeleteValueW
CryptAcquireContextA
RegSetValueExW
RegQueryValueExW
CryptDestroyKey
RegEnumValueW
AdjustTokenPrivileges
CryptGenRandom
ObjectPrivilegeAuditAlarmW
RegSetKeySecurity
OpenEncryptedFileRawA

shell32

SHAppBarMessage
DragQueryFileW
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderPathW
SHBrowseForFolderW
CommandLineToArgvW
SHGetDataFromIDListA
SHGetPathFromIDListW
ShellExecuteExW
ord63
DragFinish
ord42
SHGetSpecialFolderLocation
ShellExecuteW
SHGetFileInfoW
ExtractIconExW

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
UrlIsW
PathRelativePathToA
PathStripPathW
PathRemoveFileSpecW
PathAppendW
StrFormatKBSizeW
ord15
ord462
ColorHLSToRGB
PathFileExistsW
PathStripToRootW
StrCatW
UrlIsNoHistoryW
PathIsUNCW
StrSpnW
PathIsRootW
PathFindFileNameW

uxtheme

GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
DrawThemeText
OpenThemeData
IsAppThemed
DrawThemeParentBackground
GetThemeSysColor
GetCurrentThemeName
CloseThemeData
DrawThemeBackground

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize
OleLockRunning
CoInitializeSecurity
CoLockObjectExternal
ReleaseStgMedium
CoCreateGuid
OleDuplicateData
CoDisconnectObject
OleGetClipboard
OleCreateMenuDescriptor
DoDragDrop
IsAccelerator
RevokeDragDrop
OleDestroyMenuDescriptor
CoInitializeEx
RegisterDragDrop
OleTranslateAccelerator
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
VarI8FromCy
VarI4FromUI4
VarI2FromI8
VarUI1FromUI2
VariantChangeTypeEx
SafeArrayGetVartype
SafeArrayDestroy
VarCyMul
VarDecAdd
VarXor
VariantTimeToSystemTime
VariantInit
VariantCopy
VarBstrFromDate
VariantClear
VariantChangeType
SysStringLen
LoadTypeLi
SystemTimeToVariantTime

gdiplus

GdipSetInterpolationMode
GdipGetImagePaletteSize
GdiplusStartup
GdipGetImageWidth
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipAlloc
GdipBitmapUnlockBits
GdipFree
GdipCreateFromHDC
GdipDisposeImage
GdipGetImageGraphicsContext
GdipCreateBitmapFromHBITMAP
GdipBitmapLockBits
GdipDrawImageRectI
GdipCloneImage
GdipGetImageHeight
GdiplusShutdown
GdipDeleteGraphics
GdipGetImagePixelFormat
GdipDrawImageI
GdipCreateBitmapFromStream

ws2_32

ntohl
htonl
gethostname
ioctlsocket
sendto
recvfrom
listen
accept
getaddrinfo
WSAIoctl
freeaddrinfo
socket
setsockopt
ntohs
htons
getsockopt
WSAStartup
WSACleanup
WSAGetLastError
__WSAFDIsSet
select
WSASetLastError
recv
send
bind
closesocket
connect
getpeername
getsockname

crypt32

CertFreeCertificateContext

wldap32

ord79
ord200
ord33
ord32
ord27
ord35
ord30
ord301
ord26
ord22
ord41
ord50
ord45
ord60
ord46
ord143
ord211

normaliz

IdnToAscii

wtsapi32

WTSEnumerateProcessesW
WTSVirtualChannelRead
WTSShutdownSystem
WTSVirtualChannelPurgeInput
WTSVirtualChannelClose

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.fdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 425KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

856c02a148fce6bb9f72075d0bcc742f

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

9a:8b:48:ea:9c:67:b1:7a:b9:c6:67:ed:8c:77:00:d4:b5:48:26:6f:67:fa:6d:9f:88:e1:98:0b:52:07:44:51Signer

7f:c1:70:02:67:49:8d:d7:c8:4e:e6:41:2f:49:a6:99:72:10:69:77Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

ws2_32

crypt32

wldap32

normaliz

wtsapi32

oleacc

imm32

winmm

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.text1 Size: 3KB - Virtual size: 2KB

.text2 Size: 6KB - Virtual size: 5KB

.mdata Size: 4KB - Virtual size: 3KB

.text3 Size: 1KB - Virtual size: 1KB

.fdata Size: 2KB - Virtual size: 2KB

.rdata Size: 425KB - Virtual size: 425KB

.data Size: 21KB - Virtual size: 39KB

.rsrc Size: 348KB - Virtual size: 348KB

.reloc Size: 151KB - Virtual size: 151KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

9a:8b:48:ea:9c:67:b1:7a:b9:c6:67:ed:8c:77:00:d4:b5:48:26:6f:67:fa:6d:9f:88:e1:98:0b:52:07:44:51
Signer

7f:c1:70:02:67:49:8d:d7:c8:4e:e6:41:2f:49:a6:99:72:10:69:77
Signer

.text
Size: 1.8MB - Virtual size: 1.8MB

.text1
Size: 3KB - Virtual size: 2KB

.text2
Size: 6KB - Virtual size: 5KB

.mdata
Size: 4KB - Virtual size: 3KB

.text3
Size: 1KB - Virtual size: 1KB

.fdata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 425KB - Virtual size: 425KB

.data
Size: 21KB - Virtual size: 39KB

.rsrc
Size: 348KB - Virtual size: 348KB

.reloc
Size: 151KB - Virtual size: 151KB