J:\work\trunk_en_5.0\simulator\bin\dnplycore.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
da2fa7b1bebdb778f998604d33e9ee7597030394d352bbcfe3617882781bdfea.dll
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
da2fa7b1bebdb778f998604d33e9ee7597030394d352bbcfe3617882781bdfea.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
da2fa7b1bebdb778f998604d33e9ee7597030394d352bbcfe3617882781bdfea
-
Size
953KB
-
MD5
e9cc3d29cf3cefd0d71b4ebb92064bb2
-
SHA1
d85edeba346600c8fadea8170994c138e9439af4
-
SHA256
da2fa7b1bebdb778f998604d33e9ee7597030394d352bbcfe3617882781bdfea
-
SHA512
3daa339e2dc265ea092576fd08524a7db2413307739c436744e92ad5a25e38abf345ad1097d4b61f42a9c4a7e76e03d0a6a6569dd63048559fdbebb88325941f
-
SSDEEP
24576:Mxul+yRFy7Pgn5Zxtb+FzniwlMHykS3UR:Mul+6OPgn55oDiwqH9SkR
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource da2fa7b1bebdb778f998604d33e9ee7597030394d352bbcfe3617882781bdfea
Files
-
da2fa7b1bebdb778f998604d33e9ee7597030394d352bbcfe3617882781bdfea.dll windows:6 windows x86 arch:x86
fd141421c5a593f6b0ae0c280d6acc6b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
cximagecrt
?GetHeight@CxImage@@QBEIXZ
?DestroyFrames@CxImage@@QAE_NXZ
?Destroy@CxImage@@QAE_NXZ
?GetWidth@CxImage@@QBEIXZ
??0CxImage@@QAE@ABV0@_N11@Z
?Scanf@CxMemFile@@UAEHPBDPAX@Z
?GetS@CxMemFile@@UAEPADPADH@Z
?GetPixelColor@CxImage@@QAE?AUtagRGBQUAD@@HH_N@Z
?Load@CxImage@@QAE_NPB_WI@Z
??0CxImage@@QAE@I@Z
?Write@CxMemFile@@UAEIPBXII@Z
??0CxMemFile@@QAE@PAEI@Z
??1CxMemFile@@UAE@XZ
?Close@CxMemFile@@UAE_NXZ
?Read@CxMemFile@@UAEIPAXII@Z
?Resample@CxImage@@QAE_NHHHPAV1@@Z
?Seek@CxMemFile@@UAE_NHH@Z
?Tell@CxMemFile@@UAEHXZ
?Size@CxMemFile@@UAEHXZ
?Flush@CxMemFile@@UAE_NXZ
?Eof@CxMemFile@@UAE_NXZ
?Error@CxMemFile@@UAEHXZ
?PutC@CxMemFile@@UAE_NE@Z
?GetC@CxMemFile@@UAEHXZ
hid
HidP_GetValueCaps
HidP_GetUsages
HidP_GetButtonCaps
HidP_GetCaps
HidP_GetUsageValue
xinput1_3
ord4
ord5
ord2
winmm
timeEndPeriod
timeKillEvent
timeGetTime
timeBeginPeriod
timeGetDevCaps
timeSetEvent
kernel32
ReleaseMutex
DisableThreadLibraryCalls
LoadLibraryW
GetProcAddress
MultiByteToWideChar
GetModuleFileNameA
CopyFileW
OutputDebugStringA
GetCurrentProcessId
LocalFree
GetModuleFileNameW
lstrcmpW
lstrlenW
CreateFileMappingA
lstrcpyW
GetTickCount
GetCurrentThreadId
GetFileSize
CreateFileW
SetPriorityClass
GlobalLock
GetModuleHandleW
GetPriorityClass
GetVersionExW
GlobalUnlock
DeleteCriticalSection
GlobalAlloc
ReleaseSemaphore
CreateSemaphoreW
QueryPerformanceFrequency
GlobalMemoryStatusEx
GetSystemInfo
GetComputerNameA
WideCharToMultiByte
VirtualQuery
FindResourceW
LoadResource
CreateProcessW
SizeofResource
GetFileAttributesW
MoveFileW
LockResource
DeleteFileW
SetFileAttributesW
WaitForMultipleObjects
CreateEventW
EnterCriticalSection
CreateNamedPipeA
GetLastError
GetOverlappedResult
ReadFile
LeaveCriticalSection
InitializeCriticalSection
WriteFile
ConnectNamedPipe
SetEvent
WaitForSingleObject
OpenEventW
OpenFileMappingW
CreateFileMappingW
OpenMutexW
Sleep
QueryPerformanceCounter
UnmapViewOfFile
MapViewOfFile
CreateMutexW
ResetEvent
SetThreadPriority
GetCurrentThread
DebugBreak
TerminateProcess
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetUserDefaultUILanguage
CreateThread
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetExitCodeProcess
GetLocalTime
GetSystemDirectoryW
CloseHandle
OpenProcess
user32
MsgWaitForMultipleObjects
TranslateMessage
MessageBoxA
MessageBoxW
wsprintfW
GetDesktopWindow
GetKeyState
MapVirtualKeyW
DispatchMessageW
PeekMessageW
RegisterClassExW
GetWindowTextW
GetClassNameW
EmptyClipboard
IsWindow
FindWindowExW
SendMessageW
SetClipboardData
ClientToScreen
GetMessageExtraInfo
SetCapture
TrackMouseEvent
GetCapture
InflateRect
SetCursorPos
SystemParametersInfoW
MonitorFromWindow
ReleaseCapture
GetMonitorInfoW
SetCursor
SendInput
LoadImageW
PostMessageW
GetParent
GetClipCursor
ShowCursor
DestroyCursor
ClipCursor
DestroyWindow
CloseClipboard
LoadCursorW
SetFocus
GetWindowLongW
GetClipboardData
SetWindowLongW
GetCursorPos
ShowWindow
CreateWindowExW
OpenClipboard
RegisterClassW
GetKeyboardLayoutList
DefWindowProcW
ActivateKeyboardLayout
MoveWindow
DrawTextW
GetDC
ReleaseDC
ChangeDisplaySettingsW
GetSystemMetrics
GetKeyNameTextW
GetRawInputData
IsIconic
PtInRect
GetRegisteredRawInputDevices
GetRawInputDeviceInfoW
GetRawInputDeviceList
SetTimer
ScreenToClient
GetWindowRect
KillTimer
GetFocus
WindowFromPoint
GetClientRect
GetForegroundWindow
GetKeyboardLayout
GetAsyncKeyState
GetAncestor
RegisterRawInputDevices
GetWindowThreadProcessId
gdi32
CreateCompatibleDC
Rectangle
CreateFontW
GetTextFaceW
CreatePen
SetTextColor
SelectObject
GetDeviceCaps
CreateDCW
GetStockObject
DeleteObject
SetBkMode
CreateDIBSection
DeleteDC
CreateSolidBrush
advapi32
RegCloseKey
RegOpenKeyExW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ole32
CoUninitialize
CoInitializeEx
CoGetClassObject
oleaut32
SafeArrayGetUBound
SafeArrayAccessData
SysAllocString
SysAllocStringByteLen
SysStringLen
SafeArrayGetLBound
SysFreeString
SysStringByteLen
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayDestroy
msvcp120
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
_Thrd_equal
_Thrd_current
?_Throw_Cpp_error@std@@YAXH@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Launch@_Pad@std@@QAEXPAU_Thrd_imp_t@@@Z
??1_Pad@std@@QAE@XZ
?_Release@_Pad@std@@QAEXXZ
??0_Pad@std@@QAE@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEHXZ
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?_Make_dir@sys@tr2@std@@YAHPB_W@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??Bios_base@std@@QBE_NXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_function_call@std@@YAXXZ
??_7facet@locale@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7codecvt_base@std@@6B@
??_7_Facet_base@std@@6B@
??1?$codecvt@_WDH@std@@MAE@XZ
??0?$codecvt@_WDH@std@@QAE@I@Z
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?_Orphan_all@_Container_base0@std@@QAEXXZ
_Cnd_init
?_Throw_C_error@std@@YAXH@Z
?_Throw_future_error@std@@YAXABVerror_code@1@@Z
?_Future_error_map@std@@YAPBDH@Z
?_Stat@sys@tr2@std@@YA?AW4file_type@123@PB_WAAH@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
_Cnd_destroy
_Cnd_register_at_thread_exit
_Cnd_unregister_at_thread_exit
_Mtx_destroy
_Mtx_unlock
_Cnd_broadcast
_Cnd_wait
_Mtx_lock
_Mtx_init
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_BADOFF@std@@3_JB
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Rename@sys@tr2@std@@YAHPB_W0@Z
?_Close_dir@sys@tr2@std@@YAXPAX@Z
?_Read_dir@sys@tr2@std@@YAPA_WAAY0BAE@_WPAXAAW4file_type@123@@Z
?_Unlink@sys@tr2@std@@YAHPB_W@Z
?_Open_dir@sys@tr2@std@@YAPAXAAY0BAE@_WPB_WAAHAAW4file_type@123@@Z
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
_Xtime_get_ticks
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
_Mtx_current_owns
??Bid@locale@std@@QAEIXZ
_Thrd_join
_Cnd_timedwait
?always_noconv@codecvt_base@std@@QBE_NXZ
ws2_32
accept
ioctlsocket
ntohl
ntohs
connect
inet_addr
htonl
select
WSAGetLastError
htons
setsockopt
recv
bind
socket
__WSAFDIsSet
closesocket
send
listen
dsound
ord6
ord3
ord1
ord8
msvcr120
__CppXcptFilter
memset
memcpy
_setjmp3
_libm_sse2_sqrt_precise
_libm_sse2_sin_precise
_libm_sse2_log10_precise
_libm_sse2_cos_precise
_libm_sse2_asin_precise
__CxxFrameHandler3
_CxxThrowException
_CIatan2
_stricmp
_strnicmp
__clean_type_info_names_internal
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
_snprintf_s
printf
sprintf_s
longjmp
realloc
_beginthreadex
wcstoul
_swprintf
??_V@YAXPAX@Z
_invalid_parameter_noinfo_noreturn
strchr
strrchr
strtoul
?__ExceptionPtrToBool@@YA_NPBX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
??0exception@std@@QAE@ABQBDH@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?Alloc@Concurrency@@YAPAXI@Z
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??1critical_section@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
?set@event@Concurrency@@QAEXXZ
?wait@event@Concurrency@@QAEII@Z
??1event@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
?Free@Concurrency@@YAXPAX@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_ReportUnobservedException@details@Concurrency@@YAXXZ
strncmp
wcschr
strstr
wcsstr
rand
tolower
wcstod
wcsncmp
wcstol
fscanf
fputc
sprintf
feof
fflush
_wfopen
fgets
wcsrchr
fread
ferror
fwrite
ftell
fseek
fclose
getc
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
_unlock_file
_localtime64_s
ungetc
fgetpos
_fseeki64
fgetc
fsetpos
setvbuf
_lock_file
srand
memcpy_s
_time64
memchr
atoi
strtol
strncpy
isspace
fopen_s
isalpha
isdigit
swprintf_s
wcsncpy
_vswprintf
_snwprintf_s
_waccess
?terminate@@YAXXZ
_snprintf
wcstoull
?_wopen@@YAHPB_WHH@Z
wprintf
_wcslwr
_read
_write
_close
vswprintf_s
_wcsnicmp
_wcsicmp
vsprintf_s
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_vsnprintf_s
_except1
_amsg_exit
imm32
ImmAssociateContext
ImmSetConversionStatus
ImmGetCompositionStringW
ImmReleaseContext
ImmIsIME
ImmSetCompositionWindow
ImmGetConversionStatus
ImmGetProperty
ImmGetContext
shlwapi
PathFileExistsW
wininet
InternetCloseHandle
HttpQueryInfoW
InternetReadFile
HttpSendRequestW
InternetCrackUrlW
HttpOpenRequestW
InternetConnectW
InternetOpenW
shell32
ShellExecuteW
ShellExecuteExW
SHGetFolderPathW
ord165
Exports
Exports
??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEHXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEHXZ
?GetExifInfo@CxImage@@QAEPAUtag_ExifInfo@@XZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPB_W0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEHPBDPAX@Z
?Seek@CxIOFile@@UAE_NHH@Z
?Size@CxIOFile@@UAEHXZ
?Tell@CxIOFile@@UAEHXZ
?Write@CxIOFile@@UAEIPBXII@Z
createVBoxClient
initVbox
uninitVbox
Sections
.text Size: 719KB - Virtual size: 718KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 163KB - Virtual size: 162KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 27KB - Virtual size: 167KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ