valorant thingies[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

valorant thingies.zip
Size

917KB
MD5

170d7904478cc955aa1d41101ea95081
SHA1

adbfc126fdd2e03eb40cf73fcb62d6d4508d879f
SHA256

328332d2e2c3a988d96ccd5611aad26c93e04e705ac747786e475b5dc873a92f
SHA512

1da5c733be6d36e6769c1e05c1aedb45f1417518d8fa4fb887502820d8065eadd2d01111e86f347bc931ea69414c9ef42532b1a38098a540a48c8139f34101fd
SSDEEP

24576:rTv+e8f/77ZQMHWhm6PBBw0iPwaJul09QJ/kK7j2xG1O5HRQ8zjQj5:CXuM0xrg4EEsKPQG1OpG8zje5

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/valorant thingies/Oykyo.sys
unpack001/valorant thingies/TAE.exe
unpack001/valorant thingies/lenovo_mapper.exe

Files

valorant thingies.zip
.zip
valorant thingies/Oykyo.sys
.sys windows:10 windows x64 arch:x64

edb915081e609490d440e8edf913870f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\PC\Desktop\UC\kernelmode\aimdriver\x64\Release\aimdriver.pdb

Imports

ntoskrnl.exe

RtlInitUnicodeString
KeLowerIrql
KfRaiseIrql
KeAcquireSpinLockAtDpcLevel
KeReleaseSpinLockFromDpcLevel
IofCompleteRequest
IoCreateDevice
IoCreateSymbolicLink
IoReleaseRemoveLockEx
ObfDereferenceObject
IoCreateDriver
ObReferenceObjectByName
IoDriverObjectType

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 458B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
valorant thingies/TAE.exe
.exe windows:6 windows x64 arch:x64

8cbf6e587a25dbd95d3fa283783fb6bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\PC\Desktop\UCColor\x64\Release\TAE.pdb

Imports

d3d11

D3D11CreateDeviceAndSwapChain

d3dcompiler_43

D3DCompile

kernel32

QueryPerformanceFrequency
GetProcAddress
FreeLibrary
QueryPerformanceCounter
GetCurrentProcess
GetModuleHandleW
GetConsoleWindow
SetConsoleTitleW
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileW
FindClose
LocalFree
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetModuleHandleA
AreFileApisANSI
GetLastError
GetFileInformationByHandleEx
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
Sleep
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
FormatMessageA
GlobalAlloc
MultiByteToWideChar
GetExitCodeProcess
CreateProcessW
CloseHandle
CreateFileA
WaitForSingleObject
AcquireSRWLockExclusive
InitializeSListHead
ReleaseSRWLockExclusive
LoadLibraryA
DeviceIoControl
GetLocaleInfoEx
GetSystemTimeAsFileTime
GetCurrentThreadId

user32

GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetCursorPos
ReleaseDC
SetCursorPos
ReleaseCapture
GetClientRect
SetClipboardData
SetCapture
LoadCursorW
GetForegroundWindow
TrackMouseEvent
IsChild
ClientToScreen
GetCapture
ScreenToClient
GetDC
SetCursor
GetAsyncKeyState
ShowWindow
DefWindowProcW
GetWindowRect
DestroyWindow
GetSystemMetrics
CreateWindowExW
UnregisterClassW
UpdateWindow
RegisterClassExW
PtInRect
DispatchMessageW
PeekMessageW
TranslateMessage
LoadIconW
PostQuitMessage

gdi32

GetDIBits
DeleteObject
BitBlt
CreateCompatibleBitmap
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC

msvcp140

_Mtx_lock
_Cnd_do_broadcast_at_thread_exit
_Query_perf_counter
_Thrd_detach
_Mtx_unlock
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Random_device@std@@YAIXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
_Query_perf_frequency
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

d3dx11_43

D3DX11CreateShaderResourceViewFromMemory

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
__current_exception_context
__std_terminate
memset
__std_exception_destroy
strstr
__current_exception
memchr
memcmp
memmove
memcpy
__C_specific_handler
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_beginthreadex
terminate
abort
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
__p___argc
_configure_narrow_argv
_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
exit

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
malloc
free

api-ms-win-crt-string-l1-1-0

strncpy
strcpy_s
wcscpy_s
strcmp

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-stdio-l1-1-0

__p__commode
_get_stream_buffer_pointers
_fseeki64
fsetpos
ungetc
setvbuf
fgetpos
fflush
fgetc
__stdio_common_vsprintf_s
fputc
__acrt_iob_func
ftell
_set_fmode
fclose
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen
fwrite
fseek

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-math-l1-1-0

__setusermatherr
modf
acosf
ceilf
cosf
floorf
fmodf
pow
sqrt
sqrtf
sinf

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file
remove

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
___lc_codepage_func

Sections

.text
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 838KB - Virtual size: 838KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
valorant thingies/lenovo_mapper.exe
.exe windows:6 windows x64 arch:x64

07ab8447dacd558c9d18b755f877b180

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\ILLUSION\Downloads\lenovo_mapper-main\lenovo_mapper-main\output\build\lenovo_mapper.pdb

Imports

kernel32

CreateFileA
LocalFree
GetCurrentProcessId
CreateDirectoryA
HeapFree
DeviceIoControl
GetLastError
LoadLibraryA
HeapAlloc
GetProcAddress
GetProcessHeap
FreeLibrary
GetLocaleInfoEx
OpenProcess
GetCurrentDirectoryA
SetLastError
GetFileAttributesExA
CloseHandle
VirtualAlloc
GetCurrentProcess
GetCurrentThreadId
VirtualFree
CreateFileW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileAttributesExW
GetFullPathNameW
SetFileInformationByHandle
GetTempPathW
AreFileApisANSI
GetModuleHandleW
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
FormatMessageA

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
RegSetValueExA
OpenProcessToken
RegCreateKeyA

ole32

StringFromGUID2

msvcp140

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?uncaught_exceptions@std@@YAHXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Xlength_error@std@@YAXPEBD@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

ntdll

RtlAnsiStringToUnicodeString
NtUnloadDriver
NtQuerySystemInformation
NtLoadDriver
RtlInitAnsiString

dbghelp

SymCleanup
SymSetOptions
SymInitialize
SymFromName
SymUnloadModule64
SymGetTypeInfo
SymGetTypeFromName
SymLoadModuleEx

urlmon

URLDownloadToFileA

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
__current_exception_context
__current_exception
__C_specific_handler
strstr
_CxxThrowException
__std_exception_copy
__std_exception_destroy
memmove
memcmp
memcpy
__std_terminate

api-ms-win-crt-stdio-l1-1-0

_fseeki64
fread
fsetpos
ungetc
__stdio_common_vsprintf
_get_stream_buffer_pointers
setvbuf
fgetpos
fwrite
_set_fmode
__p__commode
fgetc
fputc
fclose
fflush

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
_set_new_mode

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_register_thread_local_exe_atexit_callback
_crt_atexit
_exit
_c_exit
_initialize_narrow_environment
exit
_initterm_e
__p___argv
_initialize_onexit_table
_configure_narrow_argv
_initterm
terminate
_invalid_parameter_noinfo_noreturn
system
_get_initial_narrow_environment
__p___argc
_set_app_type
_seh_filter_exe
_cexit

api-ms-win-crt-convert-l1-1-0

wcstombs_s
_itoa_s

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
___lc_codepage_func

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edb915081e609490d440e8edf913870f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1024B - Virtual size: 708B

.data Size: 512B - Virtual size: 80B

.pdata Size: 512B - Virtual size: 84B

INIT Size: 512B - Virtual size: 458B

8cbf6e587a25dbd95d3fa283783fb6bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d11

d3dcompiler_43

kernel32

user32

gdi32

msvcp140

imm32

d3dx11_43

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 327KB - Virtual size: 326KB

.rdata Size: 838KB - Virtual size: 838KB

.data Size: 5KB - Virtual size: 20KB

.pdata Size: 13KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 1024B - Virtual size: 704B

07ab8447dacd558c9d18b755f877b180

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

ole32

msvcp140

ntdll

dbghelp

urlmon

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 41KB - Virtual size: 42KB

.pdata Size: 3KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1024B - Virtual size: 708B

.data
Size: 512B - Virtual size: 80B

.pdata
Size: 512B - Virtual size: 84B

INIT
Size: 512B - Virtual size: 458B

.text
Size: 327KB - Virtual size: 326KB

.rdata
Size: 838KB - Virtual size: 838KB

.data
Size: 5KB - Virtual size: 20KB

.pdata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 1024B - Virtual size: 704B

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 41KB - Virtual size: 42KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 256B