Новая сжатая ZIP-папка (1)[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Новая сжатая ZIP-папка (1).zip
Size

307KB
MD5

f7012e2fcda59ea6edeb0798666ea9bc
SHA1

6d9a357fc98adb1495027572c446b8b37f3ec203
SHA256

cf0c810ce23c72bb6cdd2c9bd621fd52a287f45ccefcac46225c91bd1de2d3ae
SHA512

c22af197594223f3c583c6e1a31dfc662ef35b5b5e7e4336eb8687e98fdba38e96b22ae46f3dd77490e733e71c64f2aac8e06d9ab32cdaaae85e3567374ec035
SSDEEP

6144:IR6OHbJWs26W6Q2If3oa29UQTCzgjswE7ljHu25uknvkyVzmCMJ8tjk7yU:Y/WN65CQaqUQWzDxzLvvqYjk7

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ /SinisterInjector.exe
unpack001/ /chams.exe
unpack001/ /coloraim.exe
unpack001/ /xray.dll

Files

Новая сжатая ZIP-папка (1).zip
.zip
 /SinisterInjector.exe
.exe windows:6 windows x64 arch:x64

0e2e0cb9dc7ca03cbbda4d0b79be2c53

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\stasi\Desktop\SC injector\x64\Release\Basejector.pdb

Imports

d3d9

Direct3DCreate9

kernel32

VerSetConditionMask
QueryPerformanceCounter
QueryPerformanceFrequency
FreeLibrary
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA
FreeConsole
GetFullPathNameW
CloseHandle
GetLastError
WaitForSingleObject
CreateRemoteThread
OpenProcess
VirtualAllocEx
WriteProcessMemory
MultiByteToWideChar
Process32FirstW
Process32NextW
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WideCharToMultiByte
GlobalFree
GlobalLock
GlobalAlloc
GlobalUnlock
GetSystemTimeAsFileTime
CreateToolhelp32Snapshot
InitializeSListHead
ReleaseSRWLockExclusive

user32

GetClientRect
AdjustWindowRectEx
SetCursorPos
SetForegroundWindow
GetCursorPos
ClientToScreen
ScreenToClient
WindowFromPoint
GetWindowLongW
SetWindowLongW
LoadCursorW
MonitorFromWindow
GetMonitorInfoW
EnumDisplayMonitors
SetWindowTextW
DispatchMessageW
PeekMessageW
PostQuitMessage
UpdateWindow
ReleaseDC
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
BringWindowToTop
IsIconic
SetWindowPos
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
IsChild
TranslateMessage
GetDC
OpenClipboard
CloseClipboard
CreateWindowExW
SetClipboardData
GetClipboardData
EmptyClipboard
TrackMouseEvent
DefWindowProcW
UnregisterClassW
RegisterClassExW
SetCursor

gdi32

GetDeviceCaps

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__C_specific_handler
__current_exception
__current_exception_context
__std_exception_copy
memcmp
_CxxThrowException
memset
memmove
memcpy
memchr
strstr
__std_terminate
__std_exception_destroy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-string-l1-1-0

strcmp
strncpy
strncmp
toupper

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
_wfopen
fwrite
fclose
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
__p__commode
_set_fmode
ftell
fseek
fread
fflush

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
_set_new_mode
free

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

cosf
sinf
acosf
sqrtf
atan2f
log
logf
pow
powf
fmodf
ceilf
floorf
__setusermatherr

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
terminate
_register_onexit_function
_crt_atexit
_cexit
system
_seh_filter_exe
_set_app_type
_invalid_parameter_noinfo_noreturn
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
exit
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
 /chams.exe
.exe windows:6 windows x64 arch:x64

4af990f8bc1ecccc7309961e22fe8c86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\stasi\Desktop\SC\chams.pdb

Imports

kernel32

CloseHandle
Sleep
OpenProcess
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
GetModuleHandleW
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
GetCurrentThreadId

msvcp140d

??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

vcruntime140d

memcmp
memcpy
__vcrt_LoadLibraryExW
__vcrt_GetModuleHandleW
__vcrt_GetModuleFileNameW
__current_exception_context
__current_exception
__std_type_info_destroy_list
__C_specific_handler_noexcept
__C_specific_handler
memmove
_CxxThrowException
memset
__std_exception_copy
__std_exception_destroy

vcruntime140_1d

__CxxFrameHandler4

ucrtbased

_free_dbg
strcpy_s
strcat_s
__stdio_common_vsprintf_s
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
_wmakepath_s
_wsplitpath_s
wcscpy_s
__p__commode
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_set_new_mode
__p___argc
_set_fmode
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_set_app_type
_seh_filter_exe
_CrtDbgReportW
malloc
_callnewh
strlen
_wcsicmp
system
_CrtDbgReport
_invalid_parameter
__p___argv
_configthreadlocale
__setusermatherr

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
 /coloraim.exe
.exe windows:6 windows x64 arch:x64

b28d6d751362f2800ef0f2ddd58a7f6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\stasi\Desktop\SC\coloraim.pdb

Imports

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
CreateThread
QueryPerformanceCounter
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext
GetModuleHandleW

user32

GetClientRect
mouse_event
GetDC
GetKeyState
FindWindowA
ReleaseDC

gdi32

CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetDIBits
GetDeviceCaps
DeleteDC
DeleteObject
BitBlt

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
__std_exception_destroy
__std_exception_copy
__C_specific_handler
_CxxThrowException
memset
__current_exception
memcpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
_set_fmode
__p__commode
__acrt_iob_func

api-ms-win-crt-runtime-l1-1-0

terminate
_register_onexit_function
__p___argc
_initialize_onexit_table
_crt_atexit
_initterm_e
_exit
exit
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_set_app_type
_seh_filter_exe
_register_thread_local_exe_atexit_callback
_c_exit
_invalid_parameter_noinfo_noreturn
_cexit
__p___argv

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
_set_new_mode

api-ms-win-crt-math-l1-1-0

sin
__setusermatherr
cos

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
 /xray.dll
.dll windows:6 windows x64 arch:x64

24368211ceeb1e89931ae2172eb20017

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Desktop\SCA\x64\Release\ZsFz4pKl3.pdb

Imports

opengl32

glLoadIdentity
glMatrixMode
glPopMatrix
glPushMatrix
glOrtho
glPushAttrib
glGetIntegerv
wglUseFontBitmapsW
wglGetCurrentDC
glGenLists
glCallLists
glColor3ub
glRasterPos2f
glListBase
glPolygonOffset
glVertex3f
glLoadMatrixf
glLineWidth
glBlendFunc
glColor4f
glDisable
glGetFloatv
glBegin
glEnd
glEnable
glPopAttrib
glViewport
glDepthFunc

kernel32

RtlVirtualUnwind
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GetSystemTimeAsFileTime
SetLastError
VirtualQueryEx
VirtualProtectEx
VirtualQuery
VirtualFree
VirtualProtect
VirtualAlloc
FlushInstructionCache
SetThreadContext
GetThreadContext
InitializeSListHead
GetCurrentThreadId
GetTickCount64
GetLastError
GetCurrentThread
CreateThread
GetProcAddress
GetModuleHandleW
QueryPerformanceCounter
GetTickCount
GetCurrentProcess
SuspendThread
ResumeThread
RtlCaptureContext

user32

CallNextHookEx
DispatchMessageW
WindowFromDC
TranslateMessage
SetWindowsHookExW
GetMessageW
GetWindowThreadProcessId

gdi32

CreateFontA
SelectObject
DeleteObject

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

winmm

timeGetTime

vcruntime140

_CxxThrowException
__C_specific_handler
memset
memcpy
__std_exception_copy
__std_type_info_destroy_list
__std_exception_destroy
memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_cexit
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_initialize_narrow_environment
_execute_onexit_table
_configure_narrow_argv
_seh_filter_dll
_register_onexit_function
_crt_atexit

api-ms-win-crt-string-l1-1-0

strcmp

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e2e0cb9dc7ca03cbbda4d0b79be2c53

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d9

kernel32

user32

gdi32

imm32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 388KB - Virtual size: 388KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 1KB - Virtual size: 4KB

.pdata Size: 18KB - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 256B

4af990f8bc1ecccc7309961e22fe8c86

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcp140d

vcruntime140d

vcruntime140_1d

ucrtbased

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 61KB - Virtual size: 60KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 1KB - Virtual size: 3KB

.pdata Size: 10KB - Virtual size: 10KB

.idata Size: 7KB - Virtual size: 6KB

.msvcjmc Size: 1024B - Virtual size: 552B

.00cfg Size: 512B - Virtual size: 373B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 851B

b28d6d751362f2800ef0f2ddd58a7f6f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 552B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 88B

24368211ceeb1e89931ae2172eb20017

.text
Size: 388KB - Virtual size: 388KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 1KB - Virtual size: 4KB

.pdata
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 256B

.textbss
Size: - Virtual size: 64KB

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 1KB - Virtual size: 3KB

.pdata
Size: 10KB - Virtual size: 10KB

.idata
Size: 7KB - Virtual size: 6KB

.msvcjmc
Size: 1024B - Virtual size: 552B

.00cfg
Size: 512B - Virtual size: 373B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 851B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 552B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 88B

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 1KB

.detourc
Size: 9KB - Virtual size: 8KB

.detourd
Size: 512B - Virtual size: 24B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1KB - Virtual size: 1KB