All-In-One[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

All-In-One.exe
Size

5.1MB
MD5

a48e3197ab0f64c4684f0828f742165c
SHA1

f935c3d6f9601c795f2211e34b3778fad14442b4
SHA256

baecc747370a4c396ef5403a3a2b286465d8fe4677bf1bfd23b8164ef5c22bbb
SHA512

e0b0b73c39850a30aac89f84f721c79f863612f596d6ff3df0860a9faf743a81364656773c99708e9c0656c74b6a278b6bf7e648f7ff1b9080f9a21e10515a59
SSDEEP

98304:Vhphy6SpVKfHLZlIPxxme7wltblhyATyK5lzalYQ:jPErMsPx+tblhyQalYQ

Score

1^/10

Malware Config

Signatures

Files

All-In-One.exe
.exe windows:5 windows x86 arch:x86

536c0336bf2ae0c077da66c0a0c192d5

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12-03-2019 00:00

Not After

31-12-2028 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2d:88:e7:0f:c2:35:00:ba:74:a8:06:a9:58:8f:3c:6b
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12-01-2021 00:00

Not After

12-01-2024 23:59

Subject

CN=Xenarmor Global Security Solutions Private Limited,O=Xenarmor Global Security Solutions Private Limited,POSTALCODE=560087,STREET=Balagere Road+STREET=No 201 A Block Vaishno Silverbells Apartment,L=Varthur,ST=Karnataka,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:1d:f0:fb:15:59:fd:b5:ed:41:ce:83:4c:e1:9b:d8:5a:7c:19:9a:d0:5b:10:73:8d:8b:fd:b9:09:2c:bf:9e
Signer

Actual PE Digest

33:1d:f0:fb:15:59:fd:b5:ed:41:ce:83:4c:e1:9b:d8:5a:7c:19:9a:d0:5b:10:73:8d:8b:fd:b9:09:2c:bf:9e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\projects\windows\XenArmorAllInOnePasswordRecoveryPro_pvt_2021_v7\Release\AllInOnePasswordRecoveryPro.pdb

Imports

kernel32

FindFirstFileExA
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStdHandle
SetStdHandle
IsValidCodePage
GetCommandLineW
VirtualQuery
VirtualAlloc
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedPushEntrySList
RtlUnwind
QueryPerformanceFrequency
GetStringTypeW
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
ResetEvent
GetUserDefaultLCID
GetProfileIntA
SearchPathA
GetTempFileNameA
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
SetErrorMode
FindResourceExW
VerifyVersionInfoA
VerSetConditionMask
lstrcpyA
GetACP
GetThreadLocale
FileTimeToSystemTime
GetCPInfo
GetOEMCP
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventA
SetEvent
MulDiv
GlobalFree
GlobalSize
CompareStringA
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeResource
GetSystemDirectoryW
SetLastError
EncodePointer
DosDateTimeToFileTime
CreateDirectoryA
GetFileType
DuplicateHandle
GetCurrentDirectoryA
SetFileTime
FlushFileBuffers
QueryPerformanceCounter
CreateFileMappingW
FormatMessageA
GetSystemTimeAsFileTime
GetCurrentProcessId
LockFileEx
UnlockFile
HeapCompact
LoadLibraryW
GetSystemInfo
DeleteFileW
WaitForSingleObjectEx
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetDiskFreeSpaceA
FormatMessageW
HeapValidate
GetVersionExW
GetCurrentThreadId
GetFileAttributesW
CreateFileW
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
InitializeCriticalSection
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
InterlockedCompareExchange
WriteFile
GetFullPathNameW
HeapCreate
TryEnterCriticalSection
AreFileApisANSI
SetDllDirectoryA
GetSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetTickCount
GetPrivateProfileStringA
MapViewOfFile
WideCharToMultiByte
ExitProcess
GetFileSize
LocalFree
CreateFileMappingA
GetLocalTime
FindResourceW
DeleteFileA
GetSystemDirectoryA
CreateFileA
CopyFileA
GetTempPathA
Sleep
GetCommandLineA
OpenProcess
UnmapViewOfFile
WaitForSingleObject
GetVolumeInformationA
FindClose
FindNextFileA
FindFirstFileA
SizeofResource
ReadFile
GetModuleFileNameA
FreeLibrary
lstrcpynA
LoadLibraryA
MultiByteToWideChar
GlobalUnlock
CreateProcessA
lstrcmpiA
GlobalLock
GetProcAddress
LoadResource
GetWindowsDirectoryA
CloseHandle
Process32Next
GlobalAlloc
LockResource
GetVersionExA
GetCurrentThread
GetFileAttributesA
CreateToolhelp32Snapshot
GetSystemWindowsDirectoryA
GetModuleHandleA
FindResourceA
ExpandEnvironmentStringsA
GetDriveTypeA
GetCurrentProcess
Process32First
GetLogicalDrives
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapFree
GetLastError
HeapSize
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
HeapQueryInformation

user32

SystemParametersInfoA
GetMenuItemInfoA
DestroyMenu
GetSystemMetrics
MapDialogRect
SetWindowContextHelpId
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
GetWindowThreadProcessId
ShowOwnedPopups
PostQuitMessage
TranslateMessage
GetMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
EnableMenuItem
CheckMenuItem
FillRect
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
MapVirtualKeyA
GetKeyNameTextA
IsDialogMessageA
SetWindowTextA
IsWindowEnabled
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
CallNextHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
EqualRect
CopyRect
MapWindowPoints
ScreenToClient
MessageBoxA
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
IntersectRect
CopyImage
GetSysColorBrush
UnregisterClassA
SetClipboardData
GetSysColor
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
RegisterWindowMessageA
UnhookWindowsHookEx
InflateRect
PostMessageA
RealChildWindowFromPoint
GetAsyncKeyState
DeleteMenu
SetTimer
KillTimer
WaitMessage
LoadCursorW
CharUpperA
CharNextA
CopyAcceleratorTableA
InvalidateRgn
SetRect
IsRectEmpty
MessageBeep
TrackMouseEvent
LoadImageW
GetIconInfo
WindowFromPoint
OffsetRect
GetCapture
DestroyIcon
SetLayeredWindowAttributes
EnumDisplayMonitors
IsZoomed
SetWindowRgn
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
SetMenuDefaultItem
EmptyClipboard
CloseClipboard
OpenClipboard
EnableWindow
SendMessageA
LoadImageA
GetCursorPos
ReleaseDC
InvalidateRect
UpdateWindow
GetClientRect
AppendMenuA
LoadIconA
LoadIconW
LoadBitmapW
RegisterHotKey
GetActiveWindow
GetSubMenu
SetMenuItemBitmaps
IsWindowVisible
GetDC
LoadMenuW
UnregisterHotKey
GetSystemMenu
GetWindowRect
ReleaseCapture
PtInRect
GetParent
SetCursor
SetCapture
SetWindowLongA
RedrawWindow
LoadCursorA
DrawStateA
DrawEdge
SubtractRect
GetNextDlgGroupItem
SetRectEmpty
CreateMenu
DestroyCursor
GetWindowLongA
ClientToScreen
GetWindowRgn
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
GetDoubleClickTime
MapVirtualKeyExA
IsCharLowerA
GetComboBoxInfo
PostThreadMessageA
ModifyMenuA
CharUpperBuffA
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
DrawIcon
FrameRect
CopyIcon
SetCursorPos
DrawFrameControl
SetParent
SetClassLongA
InvertRect
HideCaret
DrawIconEx
DrawFocusRect
RegisterClipboardFormatA
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
UpdateLayeredWindow
EnableScrollBar
UnionRect
MonitorFromPoint

gdi32

GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32A
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
CreateDIBSection
EnumFontFamiliesExA
SetLayout
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
SetPixel
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
Polygon
Polyline
LPtoDP
OffsetRgn
Rectangle
RoundRect
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
PatBlt
CreateRectRgnIndirect
SetTextColor
SetBkColor
SelectObject
SetDIBitsToDevice
SetStretchBltMode
CreateFontIndirectA
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
GetStockObject
GetObjectA
DeleteObject
CreatePalette
CreateFontA
DeleteDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

ImpersonateLoggedOnUser
CryptReleaseContext
OpenThreadToken
CryptGetHashParam
CryptImportKey
CryptSetKeyParam
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RevertToSelf
LsaFreeMemory
CredEnumerateA
CredFree
GetUserNameA
LookupAccountNameA
CryptDeriveKey
GetTokenInformation
RegEnumValueA
LsaRetrievePrivateData
LsaOpenPolicy
LsaClose
RegEnumKeyExA
CryptDestroyKey
AdjustTokenPrivileges
CryptAcquireContextA
RegCloseKey
RegQueryValueExA
CryptEncrypt
LookupPrivilegeValueA
CryptDecrypt
CryptCreateHash
CryptHashData
LookupAccountSidA
CryptDestroyHash
OpenProcessToken
RegOpenKeyExA

shell32

DragFinish
ShellExecuteA
SHGetFolderPathA
DragAcceptFiles
SHAppBarMessage
DragQueryFileA
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetFileInfoA
SHGetPathFromIDListA
SHBrowseForFolderA

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Draw

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveExtensionA
PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA

uxtheme

IsAppThemed
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
GetThemeSysColor

ole32

RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateStreamOnHGlobal
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CoCreateGuid
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize
CoLockObjectExternal
StgCreateDocfileOnILockBytes

oleaut32

VariantInit
VariantClear
GetErrorInfo
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringByteLen
SysFreeString
VariantChangeType

oledlg

ord8

gdiplus

GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipDrawImageRectI
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

userenv

ExpandEnvironmentStringsForUserA

netapi32

Netbios

rasapi32

RasEnumEntriesA
RasGetEntryDialParamsA

crypt32

CryptUnprotectData

rpcrt4

UuidFromStringA

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

536c0336bf2ae0c077da66c0a0c192d5

Code Sign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

2d:88:e7:0f:c2:35:00:ba:74:a8:06:a9:58:8f:3c:6bCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

33:1d:f0:fb:15:59:fd:b5:ed:41:ce:83:4c:e1:9b:d8:5a:7c:19:9a:d0:5b:10:73:8d:8b:fd:b9:09:2c:bf:9eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

userenv

netapi32

rasapi32

crypt32

rpcrt4

oleacc

imm32

winmm

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 488KB - Virtual size: 487KB

.data Size: 94KB - Virtual size: 184KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2.0MB - Virtual size: 2.0MB

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

2d:88:e7:0f:c2:35:00:ba:74:a8:06:a9:58:8f:3c:6b
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

33:1d:f0:fb:15:59:fd:b5:ed:41:ce:83:4c:e1:9b:d8:5a:7c:19:9a:d0:5b:10:73:8d:8b:fd:b9:09:2c:bf:9e
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 488KB - Virtual size: 487KB

.data
Size: 94KB - Virtual size: 184KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2.0MB - Virtual size: 2.0MB