f5f2bae8cd368397b152170771968df0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5f2bae8cd368397b152170771968df0_JaffaCakes118
Size

691KB
MD5

f5f2bae8cd368397b152170771968df0
SHA1

2a0ff07aced7ef97004f36e02c28d9fc0cd309bd
SHA256

bf719d35a92b0593d950c97195d75c29b18d5ad827ecbec67845f33cfc7067c5
SHA512

e0b4dbfef922989ead6b6255f347cd7c14539089abe5bc2fa9ea4fe2de1652b97d4460902bd059321a78797331afb1d1f0a97c817de7f264abd2c43aa1d92ee4
SSDEEP

12288:/gzJk9fUouH0qNIxEPQ5HxuRCCQT8HmhoW5INO02/Azmsszu+FZ:ou9fDuLNkHAnQoGhdGO0meizjFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/优漫下载器绿色版/Skin.dll
unpack001/优漫下载器绿色版/UpDate.exe
unpack001/优漫下载器绿色版/优漫下载器.exe

Files

f5f2bae8cd368397b152170771968df0_JaffaCakes118
.rar
优漫下载器绿色版/Config.Bin
优漫下载器绿色版/Help.chm
.chm
优漫下载器绿色版/Skin.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

LoadSkin

Sections

CODE
Size: 535KB - Virtual size: 535KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
优漫下载器绿色版/Skin.skn
优漫下载器绿色版/UpDate.exe
.exe windows:4 windows x86 arch:x86

c60969e3c0eab8d300202afab9731ef4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3698
ord800
ord765
ord2614
ord540
ord567
ord4275
ord860
ord2379
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord3706
ord3571
ord3626
ord3663
ord755
ord640
ord5785
ord2414
ord6172
ord5781
ord1641
ord5875
ord2818
ord858
ord2754
ord6194
ord1640
ord323
ord470
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord2982
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord641
ord2514
ord2621
ord1134
ord5265
ord4998
ord6052
ord1775
ord5280
ord4425
ord3597
ord1146
ord1168
ord324
ord2302
ord4234
ord2915
ord535
ord941
ord5710
ord4376
ord1200
ord6877
ord537
ord4710
ord1988
ord2393
ord1997
ord6392
ord690
ord798
ord5194
ord533
ord4129
ord2763
ord4277
ord386
ord2764
ord5353
ord5356
ord5808
ord1075
ord5204
ord3229
ord1228
ord939
ord6334
ord389
ord924
ord922
ord1105
ord6657
ord6881
ord6199
ord3092
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord3402
ord823
ord5199
ord825
ord1576

msvcrt

_isctype
_mbscmp
_mbsnbcpy
_ftol
atoi
_purecall
tolower
toupper
??0exception@@QAE@ABQBD@Z
memmove
??1exception@@UAE@XZ
_CxxThrowException
isspace
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
_splitpath
rename
_except_handler3
??1type_info@@UAE@XZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_setmbcp
__setusermatherr

kernel32

Sleep
DeleteFileA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LoadLibraryA
FreeLibrary
VirtualQuery
GetSystemInfo
GetVersionExA
VirtualFree
GetProcAddress
VirtualProtect
VirtualAlloc

user32

KillTimer
PostMessageA
IsIconic
GetSystemMetrics
DrawIcon
SendMessageA
SetTimer
EnableWindow
GrayStringA
DrawTextA
TabbedTextOutA
RedrawWindow
IsWindow
GetClientRect
InvalidateRect
GetSysColor
LoadIconA

gdi32

ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
BitBlt
Escape

shell32

ShellExecuteA

msvcp60

??_7logic_error@std@@6B@
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0logic_error@std@@QAE@ABV01@@Z
?what@logic_error@std@@UBEPBDXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??0bad_alloc@std@@QAE@ABV01@@Z
??1bad_alloc@std@@UAE@XZ
??0bad_alloc@std@@QAE@PBD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPAD0@Z
wctype
??_7bad_alloc@std@@6B@
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??_7out_of_range@std@@6B@
??1out_of_range@std@@UAE@XZ
??0out_of_range@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Xlen@std@@YAXXZ
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIID@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z

Sections

.text
Size: 188KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
优漫下载器绿色版/优漫下载器.exe
.exe windows:4 windows x86 arch:x86

267e6a51efbc08d84466cdb5ceb4fed7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord641
ord567
ord540
ord324
ord825
ord795
ord2302
ord4234
ord2379
ord4853
ord4376
ord4299
ord6880
ord6199
ord4710
ord1200
ord2915
ord939
ord537
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord693
ord656
ord2621
ord1134
ord3584
ord543
ord803
ord3610
ord2582
ord4402
ord3370
ord3640
ord1146
ord1168
ord823
ord2086
ord3996
ord6215
ord3092
ord860
ord4160
ord2863
ord6197
ord755
ord470
ord535
ord858
ord1105
ord2642
ord4129
ord5710
ord926
ord2764
ord3874
ord1988
ord2393
ord690
ord2763
ord4277
ord386
ord5353
ord5356
ord6657
ord6881
ord800
ord1075
ord5204
ord3229
ord1228
ord389
ord922
ord4278
ord6877
ord6888
ord6907
ord3998
ord3301
ord6675
ord941
ord2818
ord6779
ord924
ord4220
ord2584
ord3654
ord2438
ord6270
ord1644
ord3663
ord6663
ord2645
ord354
ord6334
ord1997
ord6392
ord798
ord5194
ord533
ord4275
ord3619
ord283
ord3626
ord2414
ord1641
ord2860
ord5678
ord3797
ord5789
ord5787
ord5875
ord5873
ord6172
ord5736
ord1948
ord5303
ord4699
ord5715
ord817
ord565
ord2726
ord4226
ord809
ord2614
ord556
ord2864
ord1088
ord2122
ord6358
ord5572
ord538
ord3698
ord765
ord3706
ord3571
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5794
ord5579
ord5571
ord6061
ord5864
ord3596
ord1576
ord5785
ord5781
ord2754
ord6194
ord1640
ord323
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord5265
ord3721
ord4424
ord3402
ord5290
ord1776
ord6055
ord5808
ord640

msvcrt

_setmbcp
strncmp
strchr
_mbclen
fwrite
fread
ftell
fseek
fopen
fclose
fflush
strncpy
isspace
toupper
tolower
_purecall
_isctype
_mbsnbcpy
strtol
memmove
_mbsstr
_except_handler3
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
sprintf
atof
strtoul
strstr
atoi
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_mbscmp
_splitpath
__CxxFrameHandler
_ftol
__dllonexit
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GetProcAddress
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrlenA
GetVersionExA
GetACP
FormatMessageA
GetLastError
VirtualProtect
VirtualAlloc
VirtualFree
GetSystemInfo
VirtualQuery
GetModuleHandleA
GetStartupInfoA
GetFileAttributesA
Sleep
CreateDirectoryA
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
FreeLibrary
LoadLibraryA

user32

SetTimer
EnableWindow
MessageBeep
InvalidateRect
GetSystemMetrics
GetWindowRect
LoadIconA
SendMessageA
SetWindowPos
GrayStringA
DrawTextA
TabbedTextOutA
CopyIcon
GetParent
InflateRect
IsWindow
SetWindowLongA
SetCursor
PtInRect
ReleaseCapture
SetCapture
LoadCursorA
RedrawWindow
FillRect
GetSysColor
SetMenuDefaultItem
GetCursorPos
SetForegroundWindow
TrackPopupMenu
LoadStringA
GetMessagePos
LoadMenuA
GetSubMenu
PostMessageA
MessageBoxA
IsIconic
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SystemParametersInfoA

gdi32

ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
CreateRectRgn
BitBlt
GetStockObject
GetObjectA
CreateFontIndirectA
Escape

advapi32

RegQueryValueA
RegOpenKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
SHGetMalloc

ole32

CoTaskMemFree

urlmon

URLDownloadToFileA

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@
??0logic_error@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@UAE@XZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??_7?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@6B@
??0?$basic_stringbuf@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0ios_base@std@@IAE@XZ
??_8?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@7B@
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIID@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??_7bad_alloc@std@@6B@
wctype
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPAD0@Z
??0bad_alloc@std@@QAE@PBD@Z
??1bad_alloc@std@@UAE@XZ
??0bad_alloc@std@@QAE@ABV01@@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??_7logic_error@std@@6B@
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
??1Init@ios_base@std@@QAE@XZ
?what@logic_error@std@@UBEPBDXZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD0@Z

Sections

.text
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 535KB - Virtual size: 535KB

DATA Size: 5KB - Virtual size: 5KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 68B

.reloc Size: 31KB - Virtual size: 31KB

.rsrc Size: 26KB - Virtual size: 26KB

c60969e3c0eab8d300202afab9731ef4

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

shell32

msvcp60

Sections

.text Size: 188KB - Virtual size: 185KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 4KB

267e6a51efbc08d84466cdb5ceb4fed7

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

ole32

urlmon

msvcp60

Sections

.text Size: 280KB - Virtual size: 277KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 20KB - Virtual size: 17KB

.rsrc Size: 196KB - Virtual size: 193KB

CODE
Size: 535KB - Virtual size: 535KB

DATA
Size: 5KB - Virtual size: 5KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 68B

.reloc
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 26KB - Virtual size: 26KB

.text
Size: 188KB - Virtual size: 185KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 4KB

.text
Size: 280KB - Virtual size: 277KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 20KB - Virtual size: 17KB

.rsrc
Size: 196KB - Virtual size: 193KB