C:\Telegram\twin\out\Release\Telegram.exe.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-08-08_325c8701a1ad2c12e5d53c9d2aa19751_avoslocker.exe
Resource
win7-20240708-en
windows7-x64
22 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-08-08_325c8701a1ad2c12e5d53c9d2aa19751_avoslocker.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
10 signatures
150 seconds
General
-
Target
2024-08-08_325c8701a1ad2c12e5d53c9d2aa19751_avoslocker
-
Size
46.8MB
-
MD5
325c8701a1ad2c12e5d53c9d2aa19751
-
SHA1
72c9566c8de09565975aaaa7e77ba128104e5683
-
SHA256
e9cec263422bce7e6fedd2bb850fa6172ebefe0e0255193908e64a0a5db22a28
-
SHA512
019c19407f19e12d829f5a15c43d651ff513e6adaaa7bd8cd7e089cb1f10ea22a97452eea414ee85dd811e5c9d7522e2f646c0c0803577a60ed5839d37d76917
-
SSDEEP
786432:OKlSTdYqw3DaNhgbV1BAlaH6cnhQgJfF3hm:OKlAdYqw3ONuhfv6cnhQ2h
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-08-08_325c8701a1ad2c12e5d53c9d2aa19751_avoslocker
Files
-
2024-08-08_325c8701a1ad2c12e5d53c9d2aa19751_avoslocker.exe windows:5 windows x86 arch:x86
09a80ae4f00a5d4dde22e21ca3fa855b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
winmm
timeGetTime
waveOutWrite
waveOutGetErrorTextW
waveOutGetNumDevs
waveOutGetDevCapsW
waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutOpen
waveOutPrepareHeader
waveInClose
waveInStop
waveInPrepareHeader
PlaySoundW
waveInGetErrorTextW
waveInGetNumDevs
waveInReset
waveInUnprepareHeader
waveInGetDevCapsW
waveInOpen
waveInStart
waveInAddBuffer
ws2_32
WSACleanup
WSASetLastError
shutdown
gethostname
inet_addr
__WSAFDIsSet
bind
WSAStringToAddressA
closesocket
select
ntohl
getaddrinfo
WSAStartup
getsockname
WSAAddressToStringA
send
socket
connect
recvfrom
recv
freeaddrinfo
sendto
ioctlsocket
setsockopt
WSAGetLastError
ntohs
htons
WSAAsyncSelect
WSASocketW
WSASendTo
WSASend
gethostbyaddr
gethostbyname
getpeername
listen
WSAAccept
WSAConnect
WSAHtonl
WSAIoctl
WSANtohl
WSANtohs
WSARecv
htonl
WSARecvFrom
getsockopt
kernel32
LockFile
UnlockFile
SleepEx
SetLastError
Sleep
TryEnterCriticalSection
IsDebuggerPresent
OutputDebugStringA
GetStdHandle
ResetEvent
WaitForSingleObjectEx
GetCurrentThread
GetModuleHandleA
WaitForMultipleObjectsEx
WideCharToMultiByte
CreateEventA
SetEvent
GetCurrentThreadId
CreateSemaphoreW
SetThreadPriority
CreateSemaphoreA
ReleaseSemaphore
GetVersionExA
FormatMessageA
GetVersion
DeleteCriticalSection
CreateThread
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
FindClose
FindNextFileW
WriteConsoleW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
SetEnvironmentVariableW
GetFileAttributesW
FindFirstFileExW
GetFileInformationByHandle
GetCurrentProcess
WinExec
FormatMessageW
GetTickCount
InterlockedPushEntrySList
GetEnvironmentVariableW
GetProcAddress
RaiseException
GetModuleHandleW
GetCommandLineW
ReadConsoleInputW
SetConsoleMode
HeapQueryInformation
HeapSize
HeapReAlloc
EnumSystemLocalesW
HeapAlloc
GetFileSizeEx
HeapFree
ReadConsoleW
GetConsoleMode
SetFileAttributesW
GetCommandLineA
GetConsoleCP
SetStdHandle
GetModuleHandleExW
SetConsoleCtrlHandler
RtlUnwind
FreeLibrary
InitializeSListHead
VirtualProtect
GetVersionExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
SetThreadAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
RegisterWaitForSingleObject
UnregisterWaitEx
LocalFree
GetUserDefaultUILanguage
GetLocaleInfoW
VerifyVersionInfoW
VerSetConditionMask
CloseHandle
WriteFile
CreateFileW
QueryDepthSList
QueryPerformanceCounter
QueryPerformanceFrequency
DeleteFileW
GetLastError
CopyFileW
GetModuleFileNameW
InterlockedFlushSList
GetUserDefaultLCID
InterlockedPopEntrySList
CreateTimerQueue
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
InitializeCriticalSectionAndSpinCount
DecodePointer
EncodePointer
CreateMutexW
GlobalSize
GlobalLock
GlobalUnlock
GlobalAlloc
CheckRemoteDebuggerPresent
GetUserDefaultLangID
CreateProcessW
ExpandEnvironmentStringsW
IsValidLocale
IsValidLanguageGroup
VirtualAlloc
VirtualFree
DebugBreak
SwitchToThread
TlsGetValue
TlsSetValue
FindFirstFileW
VirtualQuery
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
MultiByteToWideChar
CreateEventW
GetSystemInfo
WaitForMultipleObjects
ExitThread
GetExitCodeThread
TlsAlloc
TlsFree
GetSystemTimeAsFileTime
GetFileType
GetCurrentProcessId
LoadLibraryA
GlobalMemoryStatus
FlushConsoleInputBuffer
MoveFileExA
MoveFileExW
ReleaseMutex
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetProcessAffinityMask
GetSystemDirectoryW
LoadLibraryExA
LoadLibraryExW
CreateMutexA
RtlCaptureContext
GetProcessId
ResumeThread
TerminateThread
VirtualQueryEx
SetUnhandledExceptionFilter
DuplicateHandle
WaitNamedPipeW
ConnectNamedPipe
CreateNamedPipeW
GetOverlappedResult
DisconnectNamedPipe
GlobalFree
SetHandleInformation
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
OpenProcess
lstrcmpW
GetConsoleWindow
ExitProcess
CompareStringW
GetNativeSystemInfo
GetSystemTime
GetLocalTime
OutputDebugStringW
GetThreadPriority
ReadFileEx
PeekNamedPipe
CancelIo
WriteFileEx
LCMapStringW
GetStartupInfoW
FlushFileBuffers
GetLogicalDrives
ReadFile
SetEndOfFile
SetFilePointerEx
SetErrorMode
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
GetFileAttributesExW
GetFullPathNameW
RemoveDirectoryW
GetTempPathW
DeviceIoControl
MoveFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDateFormatW
GetTimeFormatW
GetCurrencyFormatW
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
GetExitCodeProcess
user32
ShowWindow
GetWindowRect
UpdateLayeredWindow
DestroyWindow
SetForegroundWindow
SendMessageW
RegisterWindowMessageW
SetWindowPos
SetWindowLongW
GetWindowLongW
GetSystemMenu
GetMenuItemInfoW
DefWindowProcW
GetSystemMetrics
GetDC
DrawIconEx
ReleaseDC
RegisterClassExW
DestroyMenu
TrackPopupMenu
GetMenuItemCount
InsertMenuItemW
CreatePopupMenu
CopyImage
CreateWindowExW
HideCaret
SetMenuItemInfoW
MonitorFromPoint
GetWindowPlacement
wsprintfW
GetLastInputInfo
MonitorFromWindow
EnumWindows
SetFocus
GetWindowTextW
GetMessageA
PeekMessageA
PostThreadMessageA
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
GetDesktopWindow
EnableMenuItem
GetSysColor
SystemParametersInfoW
SetWindowRgn
MessageBoxW
CreateIconIndirect
GetIconInfo
TranslateMessage
DispatchMessageW
PeekMessageW
PostMessageW
RegisterClassW
UnregisterClassW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
GetDoubleClickTime
GetCaretBlinkTime
MessageBeep
IsChild
MoveWindow
SetWindowPlacement
IsWindowVisible
IsIconic
GetCapture
SetCapture
ReleaseCapture
BeginPaint
EndPaint
GetUpdateRect
InvalidateRect
SetWindowTextW
SetCursor
ClientToScreen
ScreenToClient
GetParent
SetParent
DestroyCursor
GetAncestor
GetKeyboardLayoutList
GetClassInfoW
GetFocus
GetCursorPos
ChildWindowFromPointEx
GetSysColorBrush
LoadImageW
EnumDisplayMonitors
LoadIconW
SetClipboardViewer
ChangeClipboardChain
RegisterClipboardFormatW
GetAsyncKeyState
GetKeyboardLayout
CreateCaret
DestroyCaret
GetClientRect
SetCaretPos
IsZoomed
GetKeyState
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
NotifyWinEvent
GetClipboardFormatNameW
SetCursorPos
GetCursor
LoadCursorW
CreateCursor
GetCursorInfo
TrackMouseEvent
GetMessageExtraInfo
RealGetWindowClassW
GetWindowThreadProcessId
FlashWindowEx
GetForegroundWindow
GetMonitorInfoW
MonitorFromRect
AdjustWindowRectEx
DestroyIcon
gdi32
SetTextColor
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetTextMetricsW
SetTextAlign
SetWorldTransform
ExtTextOutW
GetTextExtentPoint32W
GetGlyphOutlineW
GetCharABCWidthsI
SetBkMode
GetOutlineTextMetricsW
RemoveFontMemResourceEx
DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
BitBlt
GetBitmapBits
GetDeviceCaps
CombineRgn
CreateRectRgn
GetRegionData
SelectClipRgn
CreateDIBSection
GdiFlush
CreateBitmap
GetDIBits
GetObjectW
OffsetRgn
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW
RemoveFontResourceExW
AddFontMemResourceEx
SetGraphicsMode
advapi32
CryptExportKey
RegQueryValueExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
DeregisterEventSource
RegisterEventSourceA
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
CopySid
RegNotifyChangeKeyValue
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetLengthSid
FreeSid
AllocateAndInitializeSid
AddAccessAllowedAce
OpenProcessToken
CryptGenRandom
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
RegOpenKeyExW
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
shell32
SHFileOperationW
CommandLineToArgvW
ord155
SHOpenFolderAndSelectItems
ord190
ExtractIconW
SHGetFolderPathW
SHBrowseForFolderW
ShellExecuteW
SHGetPathFromIDListW
SHGetMalloc
SHGetFileInfoW
Shell_NotifyIconW
SHGetSpecialFolderPathW
ole32
CreateBindCtx
CoGetMalloc
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CoCreateGuid
StringFromGUID2
StringFromCLSID
ReleaseStgMedium
CoInitialize
CoInitializeEx
PropVariantClear
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
shlwapi
ord487
iphlpapi
GetAdaptersInfo
GetAdaptersAddresses
gdiplus
GdipDrawLineI
GdipSetCompositingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipFillRectangleI
GdipSetSolidFillColor
GdipCreateSolidFill
GdipCloneBrush
GdipDeleteBrush
GdipAlloc
GdipFree
GdipCreatePen1
GdiplusStartup
crypt32
CertCreateCertificateContext
CertGetCertificateChain
CertFreeCertificateContext
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertFreeCertificateChain
imm32
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmGetDefaultIMEWnd
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetVirtualKey
ImmGetCompositionStringW
oleaut32
SysFreeString
SysStringLen
VariantInit
VariantChangeType
SystemTimeToVariantTime
SysAllocStringLen
SysAllocString
Exports
Exports
??0Animation@rlottie@@AAE@XZ
??0Surface@rlottie@@QAE@PAIIII@Z
??0Surface@rlottie@@QAE@XZ
??1Animation@rlottie@@QAE@XZ
??4Surface@rlottie@@QAEAAV01@$$QAV01@@Z
??4Surface@rlottie@@QAEAAV01@ABV01@@Z
?buffer@Surface@rlottie@@QBEPAIXZ
?bytesPerLine@Surface@rlottie@@QBEIXZ
?configureModelCacheSize@@YAXI@Z
?drawRegionHeight@Surface@rlottie@@QBEIXZ
?drawRegionPosX@Surface@rlottie@@QBEIXZ
?drawRegionPosY@Surface@rlottie@@QBEIXZ
?drawRegionWidth@Surface@rlottie@@QBEIXZ
?duration@Animation@rlottie@@QBENXZ
?frameAtPos@Animation@rlottie@@QAEIN@Z
?frameRate@Animation@rlottie@@QBENXZ
?height@Surface@rlottie@@QBEIXZ
?layers@Animation@rlottie@@QBEABV?$vector@V?$tuple@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@std@@V?$allocator@V?$tuple@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@std@@@2@@std@@XZ
?loadFromData@Animation@rlottie@@SA?AV?$unique_ptr@VAnimation@rlottie@@U?$default_delete@VAnimation@rlottie@@@std@@@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@ABV54@1_NABV?$vector@U?$pair@II@std@@V?$allocator@U?$pair@II@std@@@2@@4@@Z
?loadFromFile@Animation@rlottie@@SA?AV?$unique_ptr@VAnimation@rlottie@@U?$default_delete@VAnimation@rlottie@@@std@@@std@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@_N@Z
?render@Animation@rlottie@@QAE?AV?$future@VSurface@rlottie@@@std@@IVSurface@2@_N@Z
?renderSync@Animation@rlottie@@QAEXIVSurface@2@_N@Z
?renderTree@Animation@rlottie@@QBEPBULOTLayerNode@@III@Z
?setDrawRegion@Surface@rlottie@@QAEXIIII@Z
?setValue@Animation@rlottie@@AAEXUColor_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUColor@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUColor_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UColor@2@@Z
?setValue@Animation@rlottie@@AAEXUFloat_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6AMABUFrameInfo@rlottie@@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUFloat_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@M@Z
?setValue@Animation@rlottie@@AAEXUPoint_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUPoint@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUPoint_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UPoint@2@@Z
?setValue@Animation@rlottie@@AAEXUSize_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@$$QAV?$function@$$A6A?AUSize@rlottie@@ABUFrameInfo@2@@Z@6@@Z
?setValue@Animation@rlottie@@AAEXUSize_Type@2@W4Property@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@USize@2@@Z
?size@Animation@rlottie@@QBEXAAI0@Z
?totalFrame@Animation@rlottie@@QBEIXZ
?width@Surface@rlottie@@QBEIXZ
alAuxiliaryEffectSlotf
alAuxiliaryEffectSlotfv
alAuxiliaryEffectSloti
alAuxiliaryEffectSlotiv
alBuffer3f
alBuffer3i
alBufferData
alBufferSamplesSOFT
alBufferStorageSOFT
alBufferSubDataSOFT
alBufferSubSamplesSOFT
alBufferf
alBufferfv
alBufferi
alBufferiv
alDeferUpdatesSOFT
alDeleteAuxiliaryEffectSlots
alDeleteBuffers
alDeleteEffects
alDeleteFilters
alDeleteSources
alDisable
alDistanceModel
alDopplerFactor
alDopplerVelocity
alEffectf
alEffectfv
alEffecti
alEffectiv
alEnable
alEventCallbackSOFT
alEventControlSOFT
alFilterf
alFilterfv
alFilteri
alFilteriv
alFlushMappedBufferSOFT
alGenAuxiliaryEffectSlots
alGenBuffers
alGenEffects
alGenFilters
alGenSources
alGetAuxiliaryEffectSlotf
alGetAuxiliaryEffectSlotfv
alGetAuxiliaryEffectSloti
alGetAuxiliaryEffectSlotiv
alGetBoolean
alGetBooleanv
alGetBuffer3f
alGetBuffer3i
alGetBufferSamplesSOFT
alGetBufferf
alGetBufferfv
alGetBufferi
alGetBufferiv
alGetDouble
alGetDoublev
alGetEffectf
alGetEffectfv
alGetEffecti
alGetEffectiv
alGetEnumValue
alGetError
alGetFilterf
alGetFilterfv
alGetFilteri
alGetFilteriv
alGetFloat
alGetFloatv
alGetInteger
alGetInteger64SOFT
alGetInteger64vSOFT
alGetIntegerv
alGetListener3f
alGetListener3i
alGetListenerf
alGetListenerfv
alGetListeneri
alGetListeneriv
alGetPointerSOFT
alGetPointervSOFT
alGetProcAddress
alGetSource3dSOFT
alGetSource3f
alGetSource3i
alGetSource3i64SOFT
alGetSourcedSOFT
alGetSourcedvSOFT
alGetSourcef
alGetSourcefv
alGetSourcei
alGetSourcei64SOFT
alGetSourcei64vSOFT
alGetSourceiv
alGetString
alGetStringiSOFT
alIsAuxiliaryEffectSlot
alIsBuffer
alIsBufferFormatSupportedSOFT
alIsEffect
alIsEnabled
alIsExtensionPresent
alIsFilter
alIsSource
alListener3f
alListener3i
alListenerf
alListenerfv
alListeneri
alListeneriv
alMapBufferSOFT
alProcessUpdatesSOFT
alSource3dSOFT
alSource3f
alSource3i
alSource3i64SOFT
alSourcePause
alSourcePausev
alSourcePlay
alSourcePlayv
alSourceQueueBufferLayersSOFT
alSourceQueueBuffers
alSourceRewind
alSourceRewindv
alSourceStop
alSourceStopv
alSourceUnqueueBuffers
alSourcedSOFT
alSourcedvSOFT
alSourcef
alSourcefv
alSourcei
alSourcei64SOFT
alSourcei64vSOFT
alSourceiv
alSpeedOfSound
alUnmapBufferSOFT
alcCaptureCloseDevice
alcCaptureOpenDevice
alcCaptureSamples
alcCaptureStart
alcCaptureStop
alcCloseDevice
alcCreateContext
alcDestroyContext
alcDevicePauseSOFT
alcDeviceResumeSOFT
alcGetContextsDevice
alcGetCurrentContext
alcGetEnumValue
alcGetError
alcGetInteger64vSOFT
alcGetIntegerv
alcGetProcAddress
alcGetString
alcGetStringiSOFT
alcGetThreadContext
alcIsExtensionPresent
alcIsRenderFormatSupportedSOFT
alcLoopbackOpenDeviceSOFT
alcMakeContextCurrent
alcOpenDevice
alcProcessContext
alcRenderSamplesSOFT
alcResetDeviceSOFT
alcSetThreadContext
alcSuspendContext
alsoft_get_version
Sections
.text Size: 25.1MB - Virtual size: 25.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rodata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 17.4MB - Virtual size: 17.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2.1MB - Virtual size: 5.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qtmetad Size: 1024B - Virtual size: 568B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 363KB - Virtual size: 363KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE