C:\buildslave\unity\build\build\WindowsStandaloneSupport\Variations\win32_nondevelopment_mono\player_win_x86.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2600f79d6bcd1a381738c2662b38c2cda86aae082c3f8ab56671984318eb0736.exe
Resource
win7-20240729-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
2600f79d6bcd1a381738c2662b38c2cda86aae082c3f8ab56671984318eb0736.exe
Resource
win10v2004-20240730-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2600f79d6bcd1a381738c2662b38c2cda86aae082c3f8ab56671984318eb0736.exe
-
Size
17.8MB
-
MD5
80c8582a126e195f8d3e1ccc81344db7
-
SHA1
065dd6916ee54b97b4ea8e9734ac2535039d4188
-
SHA256
2600f79d6bcd1a381738c2662b38c2cda86aae082c3f8ab56671984318eb0736
-
SHA512
e122be9cd1b124263de87faada794c867122de1bec0428c4144541beb1f2a413e60b2cd5db9a094e710e95315abbe386211239c509e78fb912488b8a26ca7ac1
-
SSDEEP
393216:sAtpYqVPwjpOyf1B6sAccGfwlMwb/3TE3weIglzymmDwlqxyG8JKNIV0K:sWs4GqQKNImK
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2600f79d6bcd1a381738c2662b38c2cda86aae082c3f8ab56671984318eb0736.exe
Files
-
2600f79d6bcd1a381738c2662b38c2cda86aae082c3f8ab56671984318eb0736.exe.exe windows:5 windows x86 arch:x86
6318a75714d2b167850e3efbde24fcdc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
GetLocalTime
GetTimeZoneInformation
LocalFree
TerminateThread
GetSystemInfo
GetSystemTimeAsFileTime
GetModuleFileNameW
InitializeCriticalSection
ResetEvent
ReadFile
SetFilePointerEx
WriteFile
SetFilePointer
SetEndOfFile
GetFileAttributesExW
CreateFileW
SetFileAttributesW
GetFileAttributesW
CopyFileW
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
FindFirstFileExW
ReplaceFileW
GetTempFileNameW
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
CreateEventW
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
RemoveDirectoryW
DeleteFileW
SetFileTime
GetSystemTime
GetDiskFreeSpaceExA
lstrcpynA
lstrcpyA
lstrcpynW
GetCommandLineW
CancelIo
GetOverlappedResult
ExpandEnvironmentStringsW
SetLastError
ResumeThread
GetThreadContext
SuspendThread
OutputDebugStringA
GetEnvironmentVariableA
GetFileAttributesA
GetModuleFileNameA
GetVersionExA
GetCurrentDirectoryA
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
GlobalMemoryStatusEx
GetUserDefaultUILanguage
GetComputerNameW
GetTempPathW
LocalAlloc
SetUnhandledExceptionFilter
GetCurrentDirectoryW
OpenEventW
DebugBreak
GetFileSize
FileTimeToDosDateTime
FileTimeToLocalFileTime
lstrlenA
GetFileTime
VirtualQuery
GlobalMemoryStatus
SetErrorMode
HeapAlloc
GetCurrentProcess
RtlUnwind
HeapReAlloc
DecodePointer
EncodePointer
HeapQueryInformation
HeapSize
DuplicateHandle
SystemTimeToFileTime
SetConsoleCtrlHandler
MapViewOfFile
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
GetLocaleInfoW
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
InterlockedExchange
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileA
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
GetProcessAffinityMask
InterlockedExchangeAdd
VirtualProtect
VirtualAlloc
VirtualFree
SwitchToThread
SetThreadAffinityMask
InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList
InterlockedFlushSList
GetThreadPriority
OpenEventA
SetWaitableTimer
CreateWaitableTimerA
GetSystemDirectoryA
GetDriveTypeW
PeekNamedPipe
GetFileInformationByHandle
FindFirstFileExA
GetDriveTypeA
FileTimeToSystemTime
SetConsoleMode
ReadConsoleInputA
GetFullPathNameA
GetDateFormatA
GetTimeFormatA
CreateSemaphoreW
FlushInstructionCache
CreateMutexW
SignalObjectAndWait
VerifyVersionInfoA
ExpandEnvironmentStringsA
FlushConsoleInputBuffer
GetVersion
GetCurrentProcessId
GetFullPathNameW
GetModuleHandleW
GetCurrentThreadId
SetThreadPriority
FormatMessageA
ExitProcess
CreateFileMappingA
CreateThread
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
UnmapViewOfFile
CreateMutexA
ReleaseMutex
WaitForSingleObject
GetWindowsDirectoryW
IsDebuggerPresent
ExitThread
GetCurrentThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
RaiseException
SleepEx
QueryPerformanceFrequency
QueryPerformanceCounter
SetHandleInformation
FormatMessageW
SetDllDirectoryW
LoadLibraryW
GetLastError
CreateDirectoryW
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
InterlockedCompareExchange
CreateEventA
SetEvent
ReleaseSemaphore
WaitForSingleObjectEx
Sleep
CloseHandle
CreateSemaphoreA
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
HeapFree
user32
MessageBoxW
IsWindowVisible
ScreenToClient
WindowFromPoint
GetCursorPos
GetCaretBlinkTime
EnumDisplaySettingsA
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
CreateIconIndirect
ReleaseDC
GetDC
GetSystemMetrics
SetCursor
wvsprintfA
CloseClipboard
UpdateWindow
MonitorFromWindow
ValidateRect
SetTimer
GetWindowLongW
RegisterClassExW
DialogBoxParamW
EndDialog
LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
MessageBoxA
CopyRect
OffsetRect
GetAncestor
UnregisterClassW
ClipCursor
GetDesktopWindow
AdjustWindowRectEx
GetWindowPlacement
ChangeDisplaySettingsA
GetDlgItem
SetWindowLongA
CreateDialogParamA
SetWindowPos
GetWindowRect
GetParent
GetThreadDesktop
GetUserObjectInformationA
EnumWindows
RegisterWindowMessageA
SendMessageA
SendMessageTimeoutA
ShowWindow
SetForegroundWindow
PeekMessageA
GetMessageA
KillTimer
LoadImageW
DialogBoxParamA
CheckDlgButton
CreateDialogParamW
IsDialogMessageW
PeekMessageW
DispatchMessageW
MsgWaitForMultipleObjects
EnableWindow
CopyImage
IsDlgButtonChecked
SetWindowLongW
SetWindowTextW
LoadCursorA
DestroyCursor
DestroyIcon
SetCapture
ReleaseCapture
UnregisterDeviceNotification
DispatchMessageA
TranslateMessage
PtInRect
GetClientRect
GetProcessWindowStation
GetUserObjectInformationW
IsIconic
GetWindowLongA
GetMessageExtraInfo
RegisterDeviceNotificationW
SystemParametersInfoW
ClientToScreen
DefWindowProcW
DestroyWindow
CreateWindowExW
GetAsyncKeyState
GetKeyState
wsprintfA
RegisterRawInputDevices
GetRawInputData
GetRawInputDeviceInfoW
GetRawInputDeviceList
SetCursorPos
ShowCursor
GetFocus
SetFocus
EnumDisplayDevicesA
EnumDisplayMonitors
GetMonitorInfoA
RegisterClassW
PostQuitMessage
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA
shlwapi
PathCanonicalizeW
PathFileExistsW
SHDeleteKeyW
advapi32
CryptGetHashParam
RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptImportKey
CryptVerifySignatureA
CryptDestroyKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyW
OpenProcessToken
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
GetUserNameA
GetSidSubAuthority
GetTokenInformation
gdi32
SwapBuffers
DeleteObject
CreateBitmap
CreateDIBSection
SetPixelFormat
ChoosePixelFormat
GetDeviceCaps
GetObjectA
shell32
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteW
SHFileOperationW
opengl32
wglGetCurrentContext
wglCreateContext
wglMakeCurrent
wglDeleteContext
wglGetProcAddress
wglGetCurrentDC
winmm
timeBeginPeriod
waveInGetNumDevs
timeEndPeriod
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutClose
waveOutOpen
waveOutUnprepareHeader
waveOutWrite
waveOutReset
timeGetTime
waveOutGetNumDevs
waveInAddBuffer
waveInPrepareHeader
waveInUnprepareHeader
waveInGetDevCapsA
waveInGetDevCapsW
waveInStart
waveInOpen
waveInClose
waveInReset
waveOutPrepareHeader
waveOutGetPosition
ws2_32
WSAAsyncGetHostByName
ntohs
gethostname
socket
WSAGetLastError
connect
WSACancelAsyncRequest
WSAStartup
inet_ntoa
closesocket
WSACleanup
htonl
bind
htons
inet_addr
getsockopt
WSAEventSelect
WSACloseEvent
WSACreateEvent
WSAWaitForMultipleEvents
WSAResetEvent
WSAEnumNetworkEvents
WSASetEvent
getpeername
getprotobyname
recv
gethostbyname
ntohl
shutdown
getnameinfo
getaddrinfo
WSAIoctl
recvfrom
sendto
send
select
__WSAFDIsSet
freeaddrinfo
WSASocketA
WSASetLastError
setsockopt
ioctlsocket
listen
getsockname
accept
oleaut32
VariantClear
SysAllocString
SysFreeString
VariantChangeType
VariantInit
imm32
ImmReleaseContext
ImmSetOpenStatus
ImmGetConversionStatus
ImmGetCompositionStringW
ImmAssociateContextEx
ImmAssociateContext
ImmGetContext
ImmSetCompositionStringW
Exports
Exports
??0ErrorHandler@shdfnd@physx@@QAE@XZ
??0FPUGuard@shdfnd@physx@@QAE@XZ
??0Foundation@shdfnd@physx@@AAE@AAVPxErrorCallback@2@AAVPxAllocatorCallback@2@@Z
??0MutexImpl@shdfnd@physx@@QAE@XZ
??0PAUtils@shdfnd@physx@@QAE@XZ
??0SListImpl@shdfnd@physx@@QAE@XZ
??4Allocator@shdfnd@physx@@QAEAAV012@ABV012@@Z
??4PxFoundation@physx@@QAEAAV01@ABV01@@Z
??4ThreadImpl@shdfnd@physx@@QAEAAV012@ABV012@@Z
??4Time@shdfnd@physx@@QAEAAV012@ABV012@@Z
??_7Foundation@shdfnd@physx@@6B@
??_7PxFoundation@physx@@6B@
??_FAllocator@shdfnd@physx@@QAEXXZ
??_FTempAllocator@shdfnd@physx@@QAEXXZ
?MAX_LISTENER_COUNT@ErrorHandler@shdfnd@physx@@2IB
?PxDiagonalize@physx@@YA?AVPxVec3@1@ABVPxMat33@1@AAVPxQuat@1@@Z
?PxShortestRotation@physx@@YA?AVPxQuat@1@ABVPxVec3@1@0@Z
?PxTransformFromPlaneEquation@physx@@YA?AVPxTransform@1@ABVPxPlane@1@@Z
?PxTransformFromSegment@physx@@YA?AVPxTransform@1@ABVPxVec3@1@0PAM@Z
?TlsAlloc@shdfnd@physx@@YAIXZ
?TlsFree@shdfnd@physx@@YAXI@Z
?TlsGet@shdfnd@physx@@YAPAXI@Z
?TlsSet@shdfnd@physx@@YAIIPAX@Z
?allocate@Allocator@shdfnd@physx@@QAEPAXIPBDH@Z
?allocate@TempAllocator@shdfnd@physx@@QAEPAXIPBDH@Z
?atomicAdd@shdfnd@physx@@YAHPCHH@Z
?atomicCompareExchange@shdfnd@physx@@YAHPCHHH@Z
?atomicCompareExchangePointer@shdfnd@physx@@YAPAXPAPCXPAX1@Z
?atomicDecrement@shdfnd@physx@@YAHPCH@Z
?atomicExchange@shdfnd@physx@@YAHPCHH@Z
?atomicIncrement@shdfnd@physx@@YAHPCH@Z
?atomicMax@shdfnd@physx@@YAHPCHH@Z
?computeQuatFromNormal@shdfnd@physx@@YA?AVPxQuat@2@ABVPxVec3@2@@Z
?createInstance@Foundation@shdfnd@physx@@SAPAV123@IAAVPxErrorCallback@3@AAVPxAllocatorCallback@3@@Z
?deallocate@Allocator@shdfnd@physx@@QAEXPAX@Z
?deallocate@TempAllocator@shdfnd@physx@@QAEXPAX@Z
?debugEvent@PAUtils@shdfnd@physx@@QAEXGII@Z
?decRefCount@Foundation@shdfnd@physx@@SAXXZ
?destroyInstance@Foundation@shdfnd@physx@@SAXXZ
?disableFPExceptions@shdfnd@physx@@YAXXZ
?enableFPExceptions@shdfnd@physx@@YAXXZ
?error@Foundation@shdfnd@physx@@QAAXW4Enum@PxErrorCode@3@PBDH1ZZ
?errorImpl@Foundation@shdfnd@physx@@QAEXW4Enum@PxErrorCode@3@PBDH1PAD@Z
?flush@SListImpl@shdfnd@physx@@QAEPAVSListEntry@23@XZ
?getAllocator@Foundation@shdfnd@physx@@UBEAAVPxBroadcastingAllocator@3@XZ
?getAllocator@shdfnd@physx@@YAAAVPxAllocatorCallback@2@XZ
?getAllocatorCallback@Foundation@shdfnd@physx@@UBEAAVPxAllocatorCallback@3@XZ
?getBootCounterFrequency@Time@shdfnd@physx@@SAABUCounterFrequencyToTensOfNanos@23@XZ
?getCallbackCount@ErrorHandler@shdfnd@physx@@QBEIXZ
?getCheckedAllocator@Foundation@shdfnd@physx@@QAEAAVPxAllocatorCallback@3@XZ
?getCounterFrequency@Time@shdfnd@physx@@SA?AUCounterFrequencyToTensOfNanos@23@XZ
?getCurrentCounterValue@Time@shdfnd@physx@@SA_KXZ
?getCurrentTimeInTensOfNanoSeconds@Time@shdfnd@physx@@SA_KXZ
?getDefaultStackSize@ThreadImpl@shdfnd@physx@@SAIXZ
?getElapsedSeconds@Time@shdfnd@physx@@QAENXZ
?getErrorCallback@ErrorHandler@shdfnd@physx@@QBEPAVPxErrorCallback@3@H@Z
?getErrorCallback@Foundation@shdfnd@physx@@UBEAAVPxErrorCallback@3@XZ
?getErrorHandler@Foundation@shdfnd@physx@@QAEAAVErrorHandler@23@XZ
?getErrorLevel@Foundation@shdfnd@physx@@UBE?AW4Enum@PxErrorCode@3@XZ
?getErrorMutex@Foundation@shdfnd@physx@@QAEAAV?$MutexT@V?$ReflectionAllocator@VMutexImpl@shdfnd@physx@@@shdfnd@physx@@@23@XZ
?getId@ThreadImpl@shdfnd@physx@@SAIXZ
?getInstance@Foundation@shdfnd@physx@@SAAAV123@XZ
?getLastTime@Time@shdfnd@physx@@QBENXZ
?getMaxCallbackNum@ErrorHandler@shdfnd@physx@@QBEIXZ
?getNamedAllocMap@Foundation@shdfnd@physx@@QAEAAV?$HashMap@PBVNamedAllocator@shdfnd@physx@@PBDU?$Hash@PBVNamedAllocator@shdfnd@physx@@@23@VNonTrackingAllocator@23@@23@XZ
?getNamedAllocMutex@Foundation@shdfnd@physx@@QAEAAV?$MutexT@V?$ReflectionAllocator@VMutexImpl@shdfnd@physx@@@shdfnd@physx@@@23@XZ
?getNbPhysicalCores@ThreadImpl@shdfnd@physx@@SAIXZ
?getPAUtils@Foundation@shdfnd@physx@@QAEAAVPAUtils@23@XZ
?getPriority@ThreadImpl@shdfnd@physx@@SA?AW4Enum@ThreadPriority@23@I@Z
?getReportAllocationNames@Foundation@shdfnd@physx@@UBE_NXZ
?getSize@MutexImpl@shdfnd@physx@@SAABIXZ
?getSize@SListImpl@shdfnd@physx@@SAABIXZ
?getSize@SyncImpl@shdfnd@physx@@SAABIXZ
?getSize@ThreadImpl@shdfnd@physx@@SAABIXZ
?getTempAllocFreeTable@Foundation@shdfnd@physx@@QAEAAV?$Array@PATTempAllocatorChunk@shdfnd@physx@@VAllocator@23@@23@XZ
?getTempAllocMutex@Foundation@shdfnd@physx@@QAEAAV?$MutexT@V?$ReflectionAllocator@VMutexImpl@shdfnd@physx@@@shdfnd@physx@@@23@XZ
?getWarnOnceTimestamp@Foundation@shdfnd@physx@@SAIXZ
?incRefCount@Foundation@shdfnd@physx@@SAXXZ
?integrateTransform@shdfnd@physx@@YAXABVPxTransform@2@ABVPxVec3@2@1MAAV32@@Z
?isEnabled@PAUtils@shdfnd@physx@@QAE_NXZ
?isEventEnabled@PAUtils@shdfnd@physx@@QAE_NG@Z
?kill@ThreadImpl@shdfnd@physx@@QAEXXZ
?lock@MutexImpl@shdfnd@physx@@QAEXXZ
?lock@PAUtils@shdfnd@physx@@QAE_NXZ
?lockReader@ReadWriteLock@shdfnd@physx@@QAEXXZ
?lockWriter@ReadWriteLock@shdfnd@physx@@QAEXXZ
?mInstance@Foundation@shdfnd@physx@@0PAV123@A
?mRefCount@Foundation@shdfnd@physx@@0IA
?mWarnOnceTimestap@Foundation@shdfnd@physx@@0IA
?optimizeBoundingBox@shdfnd@physx@@YA?AVPxVec3@2@AAVPxMat33@2@@Z
?peekElapsedSeconds@Time@shdfnd@physx@@QAENXZ
?pop@SListImpl@shdfnd@physx@@QAEPAVSListEntry@23@XZ
?push@SListImpl@shdfnd@physx@@QAEXPAVSListEntry@23@@Z
?quit@ThreadImpl@shdfnd@physx@@QAEXXZ
?quitIsSignalled@ThreadImpl@shdfnd@physx@@QAE_NXZ
?rawEvent@PAUtils@shdfnd@physx@@QAEXGIIE@Z
?rawEventWithTimestamp@PAUtils@shdfnd@physx@@QAE_NG_KIIE@Z
?registerErrorCallback@ErrorHandler@shdfnd@physx@@QAEHAAVPxErrorCallback@3@@Z
?registerEvent@PAUtils@shdfnd@physx@@QAEGPBD@Z
?release@Foundation@shdfnd@physx@@UAEXXZ
?reportError@ErrorHandler@shdfnd@physx@@QAEXW4Enum@PxErrorCode@3@PBD1H@Z
?reset@SyncImpl@shdfnd@physx@@QAEXXZ
?sNumTensOfNanoSecondsInASecond@Time@shdfnd@physx@@2_KB
?set@SyncImpl@shdfnd@physx@@QAEXXZ
?setAffinityMask@ThreadImpl@shdfnd@physx@@QAEII@Z
?setErrorLevel@Foundation@shdfnd@physx@@UAEXW4Enum@PxErrorCode@3@@Z
?setName@ThreadImpl@shdfnd@physx@@QAEXPBD@Z
?setPriority@ThreadImpl@shdfnd@physx@@QAEXW4Enum@ThreadPriority@23@@Z
?setReportAllocationNames@Foundation@shdfnd@physx@@UAEX_N@Z
?signalQuit@ThreadImpl@shdfnd@physx@@QAEXXZ
?sleep@ThreadImpl@shdfnd@physx@@SAXI@Z
?slerp@shdfnd@physx@@YA?AVPxQuat@2@MABV32@0@Z
?start@ThreadImpl@shdfnd@physx@@QAEXIPAVRunnable@23@@Z
?startEvent@PAUtils@shdfnd@physx@@QAEXGG@Z
?statEvent@PAUtils@shdfnd@physx@@QAEXGI@Z
?statEvent@PAUtils@shdfnd@physx@@QAEXGII@Z
?stopEvent@PAUtils@shdfnd@physx@@QAEXGG@Z
?trylock@MutexImpl@shdfnd@physx@@QAE_NXZ
?unRegisterErrorCallback@ErrorHandler@shdfnd@physx@@QAEXAAVPxErrorCallback@3@@Z
?unRegisterErrorCallback@ErrorHandler@shdfnd@physx@@QAEXH@Z
?unlock@MutexImpl@shdfnd@physx@@QAEXXZ
?unlock@PAUtils@shdfnd@physx@@QAE_NXZ
?unlockReader@ReadWriteLock@shdfnd@physx@@QAEXXZ
?unlockWriter@ReadWriteLock@shdfnd@physx@@QAEXXZ
?wait@SyncImpl@shdfnd@physx@@QAE_NI@Z
?waitForQuit@ThreadImpl@shdfnd@physx@@QAE_NXZ
?waitForever@SyncImpl@shdfnd@physx@@2IB
?yield@ThreadImpl@shdfnd@physx@@SAXXZ
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
PxCreateFoundation
PxGetFoundation
Sections
.text Size: 14.1MB - Virtual size: 14.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 238KB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rodata Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.trace Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data1 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ