d:\LocalSvnForDailyBuild\guanxi_de\bin_de\de_release\bin\CabalRider.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
c26c66ff68ee83f320104a0fab938e0f_JaffaCakes118.exe
Resource
win7-20240708-en
windows7-x64
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
c26c66ff68ee83f320104a0fab938e0f_JaffaCakes118.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
c26c66ff68ee83f320104a0fab938e0f_JaffaCakes118
-
Size
1.4MB
-
MD5
c26c66ff68ee83f320104a0fab938e0f
-
SHA1
0df292679d2d079f423388f4d202428ffc6fbcd6
-
SHA256
fc783ad49af7c367c74bcedbd8d9a3dc2863d07fae8646b21c76d8ef2effa233
-
SHA512
3088862c980e8f14c62583bb91ab762f5d00ea136fd81a30dfb7b92be476eca5db29494f8a7510fa584380563ecc9335e19bd3bb21b761bb177448a7c5d8f4bd
-
SSDEEP
24576:GYXUzsET/U8qxFq+kzYBf/X+cJm5AyPyJs2As+:GuUzsET/U8qxcDzYB3aOyPV2h+
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c26c66ff68ee83f320104a0fab938e0f_JaffaCakes118
Files
-
c26c66ff68ee83f320104a0fab938e0f_JaffaCakes118.exe windows:4 windows x86 arch:x86
007c595a2571ba984e371496f4b8e4b1
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
imagehlp
CheckSumMappedFile
psapi
GetModuleInformation
kernel32
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileTime
SetErrorMode
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
CreateThread
ExitProcess
HeapReAlloc
HeapAlloc
VirtualAlloc
TlsGetValue
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
WriteConsoleW
GetFileType
GetStdHandle
HeapSize
SetStdHandle
HeapDestroy
HeapCreate
VirtualFree
GetTimeZoneInformation
GetACP
IsValidCodePage
SetHandleCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LoadLibraryW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
CreateFileW
SetEnvironmentVariableA
RaiseException
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GetThreadLocale
GlobalFree
GlobalAlloc
FormatMessageA
LocalFree
lstrcmpA
GlobalLock
GlobalUnlock
MulDiv
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
SetLastError
lstrcmpW
CreateFileA
GetFileSize
GetThreadContext
FlushInstructionCache
SetThreadContext
CreateRemoteThread
GetCurrentProcessId
InterlockedCompareExchange
VirtualProtectEx
ReadProcessMemory
VirtualAllocEx
WriteProcessMemory
Module32First
Module32Next
IsBadReadPtr
Thread32First
OpenThread
SuspendThread
Thread32Next
GetVersionExA
WaitForSingleObject
GetLocalTime
WritePrivateProfileStringA
GetPrivateProfileIntA
QueryPerformanceCounter
CreateMutexA
ReleaseMutex
CreateSemaphoreA
ReleaseSemaphore
GetCurrentThreadId
InterlockedIncrement
OpenFileMappingA
CopyFileA
GetProcAddress
LoadLibraryA
GetTickCount
InterlockedDecrement
lstrlenA
GetLastError
MultiByteToWideChar
CompareStringW
GetVersion
CompareStringA
FindResourceA
WinExec
Sleep
ResumeThread
LockResource
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateProcessA
GetModuleHandleA
CreateFileMappingA
VirtualProtect
OpenProcess
GetModuleFileNameA
TerminateProcess
GetTempPathA
WideCharToMultiByte
Process32Next
CreateToolhelp32Snapshot
SizeofResource
InterlockedExchange
GetCurrentProcess
LoadResource
GetModuleFileNameW
GetSystemInfo
user32
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableA
LoadCursorA
GetSysColorBrush
DestroyMenu
SetCursor
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
RegisterClipboardFormatA
PostQuitMessage
CharNextA
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
SetCapture
GetFocus
SetFocus
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetParent
UnregisterClassA
EqualRect
MessageBeep
GetNextDlgGroupItem
PostThreadMessageA
EndPaint
ReleaseCapture
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetClassNameW
GetWindowTextW
SetWindowTextW
IsWindow
EnumChildWindows
CharUpperA
IsIconic
MessageBoxA
PostMessageA
LoadIconA
GetClientRect
GetWindowThreadProcessId
GetSystemMetrics
SetTimer
SetForegroundWindow
ShowWindow
FindWindowA
CopyRect
EnableWindow
SendMessageA
RemovePropA
InvalidateRgn
GetWindowTextA
gdi32
GetStockObject
GetDeviceCaps
GetBkColor
CreateRectRgnIndirect
GetMapMode
GetRgnBox
ScaleViewportExtEx
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetBkColor
SetTextColor
GetClipBox
GetTextColor
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
comdlg32
GetFileTitleA
winspool.drv
ClosePrinter
OpenPrinterA
DocumentPropertiesA
advapi32
RegOpenKeyA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegEnumValueA
RegQueryInfoKeyA
shell32
SHFileOperationA
comctl32
InitCommonControlsEx
shlwapi
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA
oledlg
ord8
ole32
CLSIDFromString
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
oleaut32
SysAllocStringLen
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnaccessData
LoadRegTypeLi
DispCallFunc
OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
SysFreeString
VariantCopy
VariantClear
VariantInit
VariantChangeType
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
ws2_32
connect
closesocket
recv
send
select
WSACleanup
inet_addr
socket
gethostbyname
gethostname
htons
setsockopt
WSAIoctl
bind
WSAStartup
WSASetLastError
wininet
InternetQueryDataAvailable
HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
Exports
Exports
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@V?$vector@VPromotionRule@@V?$allocator@VPromotionRule@@@std@@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VChangePassEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VChangePassTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VEffectivOnline_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VExtendTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserLogin_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VFreshUserRegist_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VGetUserInfoEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VGetUserInfoTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLogOffEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLogOffTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLoginCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VOnlineEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VOnlineTrasaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VPromotionRule@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VReadConfigEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VReadConfigFile_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VRegEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VRegNewCustomerTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VShareHitchAcount@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VShareUserInfo@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VSimpleLoginTrans_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestLargeDataSend_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestOnlineSession_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VTestTransaction_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadGameOnlineUserEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadGameOnlineUser_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadScriptEcho@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoadScript_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VUpLoad_C_S@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@V?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@V?$vector@VPromotionRule@@V?$allocator@VPromotionRule@@@std@@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VChangePassEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VChangePassTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VEffectivOnline_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VExtendEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VExtendTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserLogin_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VFreshUserRegist_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VGetUserInfoEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VGetUserInfoTrans_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLogOffTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLoginCustomerTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VOnlineEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VPromotionRule@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VReadConfigEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VReadConfigFile_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VRegEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VRegNewCustomerTransaction_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VShareHitchAcount@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VShareUserInfo@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VSimpleLoginEcho@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VSimpleLoginTrans_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VUpLoadGameOnlineUser_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VUpLoadScript_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VUpLoad_C@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
Sections
.text Size: 772KB - Virtual size: 769KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 148KB - Virtual size: 145KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 36KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 32KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: 400KB - Virtual size: 396KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ