F:\Build\PLI\rover\client\appmanager\current\Build\AdAppMgrSvc\release\AdAppMgrSvc.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
48125f2feeab5eef6da5ff4afd5961b0dfa17c9ceeecf0333263615752998756N.exe
Resource
win7-20240903-en
windows7-x64
0 signatures
120 seconds
Behavioral task
behavioral2
Sample
48125f2feeab5eef6da5ff4afd5961b0dfa17c9ceeecf0333263615752998756N.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
1 signatures
120 seconds
General
-
Target
48125f2feeab5eef6da5ff4afd5961b0dfa17c9ceeecf0333263615752998756N.exe
-
Size
1.1MB
-
MD5
f8394266a874593e2acee473534dc420
-
SHA1
1594c2edb479a817247c39d70a6ec7175ca4c812
-
SHA256
48125f2feeab5eef6da5ff4afd5961b0dfa17c9ceeecf0333263615752998756
-
SHA512
da03edf3cd032ae496e83672ebcba7cba3d1ea4134433b77a521a35abe18bbf996632f2f7de9d43f4f02eabbe3ea5a8a5fa3625dd163c5c7461d7c6fcae00bbc
-
SSDEEP
24576:/vHmyWDRZ44p7dipo2cWetFaFSzQ8spJQlWbFCvlYr8knG7dO7D:WZ44VdipNcWcoGQ8spGlWb4CQp7dO
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 48125f2feeab5eef6da5ff4afd5961b0dfa17c9ceeecf0333263615752998756N.exe
Files
-
48125f2feeab5eef6da5ff4afd5961b0dfa17c9ceeecf0333263615752998756N.exe.exe windows:6 windows x86 arch:x86
bf0670cb2135f5d5558c5b15c805717b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
shell32
SHFileOperationW
SHGetFolderPathW
advapi32
OpenProcessToken
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetTokenInformation
ConvertSidToStringSidW
kernel32
CreateProcessW
CreateMutexW
ReleaseMutex
OutputDebugStringA
SetFilePointer
ReplaceFileW
MoveFileW
GetCurrentProcess
SetLastError
GetTempPathW
RemoveDirectoryW
GetFileAttributesExW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CreateDirectoryW
WriteFile
ReadFile
CreateThread
Sleep
WaitForSingleObject
CloseHandle
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetModuleFileNameW
GetModuleHandleA
SetEvent
CreateEventW
LocalFree
TlsAlloc
TlsGetValue
GetLastError
LoadLibraryExW
GetProcAddress
FreeLibrary
CreateNamedPipeW
TlsSetValue
GetVersionExW
GetNativeSystemInfo
GetModuleHandleW
InterlockedExchangeAdd
CreateFileW
TlsFree
InterlockedCompareExchange
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
qtsolutions_service-head
??0QtServiceBase@@QAE@HPAPADABVQString@@@Z
?processCommand@QtServiceBase@@MAEXH@Z
?resume@QtServiceBase@@MAEXXZ
?pause@QtServiceBase@@MAEXXZ
?stop@QtServiceBase@@MAEXXZ
?exec@QtServiceBase@@QAEHXZ
??1QtServiceBase@@UAE@XZ
?setServiceDescription@QtServiceBase@@QAEXABVQString@@@Z
qjson0
??0Serializer@QJson@@QAE@XZ
??1Parser@QJson@@QAE@XZ
?serialize@Serializer@QJson@@QAE?AVQByteArray@@ABVQVariant@@PA_N@Z
??1Serializer@QJson@@QAE@XZ
?parse@Parser@QJson@@QAE?AVQVariant@@ABVQByteArray@@PA_N@Z
??0Parser@QJson@@QAE@XZ
logging
?init@Logging@@QAEXABVQString@@W4LOG_LEVEL@@@Z
?LogMessage@Logging@@QAEXW4LOG_LEVEL@@PBDABHABVQString@@@Z
?instance@Logging@@SAAAV1@XZ
adupdatecondition
AdUpdateCheckCondition
AdUpdateCheckVerification
qtxmlpatternsadsk4
?bindVariable@QXmlQuery@@QAEXABVQString@@PAVQIODevice@@@Z
?evaluateTo@QXmlQuery@@QBE_NPAVQString@@@Z
??0QXmlQuery@@QAE@XZ
?setQuery@QXmlQuery@@QAEXABVQString@@ABVQUrl@@@Z
??1QXmlQuery@@QAE@XZ
qtxmladsk4
?firstChildElement@QDomNode@@QBE?AVQDomElement@@ABVQString@@@Z
?toElement@QDomNode@@QBE?AVQDomElement@@XZ
??1QDomNodeList@@QAE@XZ
??1QDomNode@@QAE@XZ
??1QDomElement@@QAE@XZ
?length@QDomNodeList@@QBEIXZ
??0QDomDocument@@QAE@XZ
??1QDomDocument@@QAE@XZ
?at@QDomNodeList@@QBE?AVQDomNode@@H@Z
?documentElement@QDomDocument@@QBE?AVQDomElement@@XZ
?setContent@QDomDocument@@QAE_NABVQString@@PAV2@PAH2@Z
?attribute@QDomElement@@QBE?AVQString@@ABV2@0@Z
?isNull@QDomNode@@QBE_NXZ
?elementsByTagName@QDomElement@@QBE?AVQDomNodeList@@ABVQString@@@Z
qtnetworkadsk4
?qt_metacast@QLocalServer@@UAEPAXPBD@Z
?qt_metacall@QLocalServer@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?nextPendingConnection@QLocalServer@@UAEPAVQLocalSocket@@XZ
?metaObject@QLocalServer@@UBEPBUQMetaObject@@XZ
?incomingConnection@QLocalServer@@MAEXI@Z
?hasPendingConnections@QLocalServer@@UBE_NXZ
?flush@QLocalSocket@@QAE_NXZ
?setMaxPendingConnections@QLocalServer@@QAEXH@Z
?listen@QLocalServer@@QAE_NABVQString@@@Z
?errorString@QLocalServer@@QBE?AVQString@@XZ
??1QLocalServer@@UAE@XZ
??0QLocalServer@@QAE@PAVQObject@@@Z
?waitForConnected@QLocalSocket@@QAE_NH@Z
?disconnectFromServer@QLocalSocket@@QAEXXZ
?connectToServer@QLocalSocket@@QAEXABVQString@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??1QLocalSocket@@UAE@XZ
??0QLocalSocket@@QAE@PAVQObject@@@Z
?staticMetaObject@QLocalSocket@@2UQMetaObject@@B
qtcoreadsk4
?activate@QMetaObject@@SAXPAVQObject@@PBU1@HPAPAX@Z
??1QUrl@@QAE@XZ
??0QUrl@@QAE@XZ
?open@QBuffer@@UAE_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?setData@QBuffer@@QAEXABVQByteArray@@@Z
??1QBuffer@@UAE@XZ
??0QBuffer@@QAE@PAVQObject@@@Z
?arg@QString@@QBE?AV1@HHHABVQChar@@@Z
?arg@QString@@QBE?AV1@KHHABVQChar@@@Z
??0QChar@@QAE@UQLatin1Char@@@Z
?shared_null@QHashData@@2U1@A
?setIniCodec@QSettings@@QAEXPBD@Z
?childGroups@QSettings@@QBE?AVQStringList@@XZ
?endGroup@QSettings@@QAEXXZ
?beginGroup@QSettings@@QAEXABVQString@@@Z
?sync@QSettings@@QAEXXZ
?currentDateTime@QDateTime@@SA?AV1@XZ
?toString@QDateTime@@QBE?AVQString@@W4DateFormat@Qt@@@Z
??1QDateTime@@QAE@XZ
?remove@QDir@@QAE_NABVQString@@@Z
?exists@QDir@@QBE_NXZ
?mkpath@QDir@@QBE_NABVQString@@@Z
?entryInfoList@QDir@@QBE?AV?$QList@VQFileInfo@@@@V?$QFlags@W4Filter@QDir@@@@V?$QFlags@W4SortFlag@QDir@@@@@Z
?toNativeSeparators@QDir@@SA?AVQString@@ABV2@@Z
??1QDir@@QAE@XZ
??0QDir@@QAE@ABVQString@@@Z
?isFile@QFileInfo@@QBE_NXZ
?fileName@QFileInfo@@QBE?AVQString@@XZ
?absoluteFilePath@QFileInfo@@QBE?AVQString@@XZ
??1QFileInfo@@QAE@XZ
??0QFileInfo@@QAE@ABV0@@Z
?QStringList_join@QtPrivate@@YA?AVQString@@PBVQStringList@@ABV2@@Z
?isNull@QVariant@@QBE_NXZ
?nextNode@QHashData@@SAPAUNode@1@PAU21@@Z
?free_helper@QHashData@@QAEXP6AXPAUNode@1@@Z@Z
?rehash@QHashData@@QAEXH@Z
?detach_helper2@QHashData@@QAEPAU1@P6AXPAUNode@1@PAX@ZP6AX0@ZHH@Z
?allocateNode@QHashData@@QAEPAXH@Z
?qHash@@YAIABVQString@@@Z
?start@QTimer@@QAEXH@Z
?singleShot@QTimer@@SAXHPAVQObject@@PBD@Z
??1QTimer@@UAE@XZ
??0QTimer@@QAE@PAVQObject@@@Z
?addPath@QFileSystemWatcher@@QAEXABVQString@@@Z
??1QFileSystemWatcher@@UAE@XZ
??0QFileSystemWatcher@@QAE@PAVQObject@@@Z
?erase@QListData@@QAEPAPAXPAPAX@Z
?realloc@QListData@@QAEXH@Z
?toStdWString@QString@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
??9QString@@QBE_NPBD@Z
??4QString@@QAEAAV0@PBD@Z
?toULongLong@QString@@QBE_KPA_NH@Z
?split@QString@@QBE?AVQStringList@@ABVQChar@@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z
?split@QString@@QBE?AVQStringList@@ABV1@W4SplitBehavior@1@W4CaseSensitivity@Qt@@@Z
?lastIndexOf@QString@@QBEHVQChar@@HW4CaseSensitivity@Qt@@@Z
?indexOf@QString@@QBEHVQChar@@HW4CaseSensitivity@Qt@@@Z
??0QChar@@QAE@D@Z
?qt_metacast@QSettings@@UAEPAXPBD@Z
?qt_metacall@QSettings@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?metaObject@QSettings@@UBEPBUQMetaObject@@XZ
?qt_metacast@QObject@@UAEPAXPBD@Z
?event@QObject@@UAE_NPAVQEvent@@@Z
?value@QSettings@@QBE?AVQVariant@@ABVQString@@ABV2@@Z
??1QSettings@@UAE@XZ
??0QSettings@@QAE@ABVQString@@W4Format@0@PAVQObject@@@Z
?applicationDirPath@QCoreApplication@@SA?AVQString@@XZ
?write@QIODevice@@QAE_JPBD_J@Z
?readAll@QIODevice@@QAE?AVQByteArray@@XZ
?sender@QObject@@IBEPAV1@XZ
?deleteLater@QObject@@QAEXXZ
?connect@QObject@@SA_NPBV1@PBD01W4ConnectionType@Qt@@@Z
??1QObject@@UAE@XZ
??0QObject@@QAE@PAV0@@Z
?cast@QMetaObject@@QBEPAVQObject@@PAV2@@Z
?remove@QByteArray@@QAEAAV1@HH@Z
?endsWith@QByteArray@@QBE_ND@Z
?shared_null@QMapData@@2U1@A
?shared_null@QListData@@2UData@1@A
?createUuid@QUuid@@SA?AU1@XZ
?toString@QUuid@@QBE?AVQString@@XZ
?cmp@QVariant@@IBE_NABV1@@Z
?toMap@QVariant@@QBE?AV?$QMap@VQString@@VQVariant@@@@XZ
?toList@QVariant@@QBE?AV?$QList@VQVariant@@@@XZ
?toString@QVariant@@QBE?AVQString@@XZ
?canConvert@QVariant@@QBE_NW4Type@1@@Z
??4QVariant@@QAEAAV0@ABV0@@Z
??0QVariant@@QAE@ABV?$QMap@VQString@@VQVariant@@@@@Z
??0QVariant@@QAE@ABV?$QList@VQVariant@@@@@Z
??0QVariant@@QAE@PBD@Z
??0QVariant@@QAE@H@Z
?remove@QListData@@QAEXH@Z
?append@QListData@@QAEPAPAXXZ
?detach_grow@QListData@@QAEPAUData@1@PAHH@Z
?detach@QListData@@QAEPAUData@1@H@Z
??8QString@@QBE_NPBD@Z
??8QString@@QBE_NABV0@@Z
?toInt@QString@@QBEHPA_NH@Z
?compare@QString@@QBEHABV1@W4CaseSensitivity@Qt@@@Z
?toUpper@QString@@QBE?AV1@XZ
?endsWith@QString@@QBE_NABV1@W4CaseSensitivity@Qt@@@Z
?startsWith@QString@@QBE_NABV1@W4CaseSensitivity@Qt@@@Z
?mid@QString@@QBE?AV1@HH@Z
?left@QString@@QBE?AV1@H@Z
?section@QString@@QBE?AV1@ABV1@HHV?$QFlags@W4SectionFlag@QString@@@@@Z
?contains@QString@@QBE?AVQBool@@ABV1@W4CaseSensitivity@Qt@@@Z
?indexOf@QString@@QBEHABV1@HW4CaseSensitivity@Qt@@@Z
?qt_metacall@QObject@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?qFree@@YAXPAX@Z
?shared_null@QString@@0UData@1@A
?fromStdWString@QString@@SA?AV1@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??4QString@@QAEAAV0@ABVQByteArray@@@Z
??0QString@@QAE@ABVQByteArray@@@Z
?toLatin1@QString@@QBE?AVQByteArray@@XZ
?toAscii@QString@@QBE?AVQByteArray@@XZ
??4QString@@QAEAAV0@ABV0@@Z
?fromBase64@QByteArray@@SA?AV1@ABV1@@Z
?toBase64@QByteArray@@QBE?AV1@XZ
?detach@QByteArray@@QAEXXZ
??4QVariant@@QAEAAV0@$$QAV0@@Z
??0QVariant@@QAE@ABVQString@@@Z
??0QVariant@@QAE@ABV0@@Z
??1QVariant@@QAE@XZ
??0QVariant@@QAE@XZ
?staticMetaObject@QObject@@2UQMetaObject@@B
?event@QSettings@@MAE_NPAVQEvent@@@Z
?node_delete@QMapData@@QAEXQAPAUNode@1@HPAU21@@Z
?node_create@QMapData@@QAEPAUNode@1@QAPAU21@HH@Z
?continueFreeData@QMapData@@QAEXH@Z
?createData@QMapData@@SAPAU1@H@Z
?unlock@QMutexLocker@@QAEXXZ
??1QMutexLocker@@QAE@XZ
??0QMutexLocker@@QAE@PAVQMutex@@@Z
??1QMutex@@QAE@XZ
??0QMutex@@QAE@W4RecursionMode@0@@Z
??MQString@@QBE_NABV0@@Z
?fromUtf8@QString@@SA?AV1@PBDH@Z
?toUtf8@QString@@QBE?AVQByteArray@@XZ
??4QString@@QAEAAV0@$$QAV0@@Z
??0QByteArray@@QAE@PBDH@Z
?codecForCStrings@QString@@0PAVQTextCodec@@A
?codecForName@QTextCodec@@SAPAV1@ABVQByteArray@@@Z
?fromAscii_helper@QString@@CAPAUData@1@PBDH@Z
?fromAscii@QString@@SA?AV1@PBDH@Z
?append@QString@@QAEAAV1@ABV1@@Z
??0QString@@QAE@ABV0@@Z
??1QByteArray@@QAE@XZ
??0QByteArray@@QAE@PBD@Z
?winEventFilter@QCoreApplication@@UAE_NPAUtagMSG@@PAJ@Z
?timerEvent@QObject@@MAEXPAVQTimerEvent@@@Z
?qt_metacast@QCoreApplication@@UAEPAXPBD@Z
?qt_metacall@QCoreApplication@@UAEHW4Call@QMetaObject@@HPAPAX@Z
?notify@QCoreApplication@@UAE_NPAVQObject@@PAVQEvent@@@Z
?metaObject@QCoreApplication@@UBEPBUQMetaObject@@XZ
?eventFilter@QObject@@UAE_NPAV1@PAVQEvent@@@Z
?event@QCoreApplication@@MAE_NPAVQEvent@@@Z
?disconnectNotify@QObject@@MAEXPBD@Z
?customEvent@QObject@@MAEXPAVQEvent@@@Z
?connectNotify@QObject@@MAEXPBD@Z
?compressEvent@QCoreApplication@@MAE_NPAVQEvent@@PAVQObject@@PAVQPostEventList@@@Z
?childEvent@QObject@@MAEXPAVQChildEvent@@@Z
?exec@QCoreApplication@@SAHXZ
??1QCoreApplication@@UAE@XZ
??0QCoreApplication@@QAE@AAHPAPADH@Z
??1QString@@QAE@XZ
?truncate@QString@@QAEXH@Z
msvcp110
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
?_BADOFF@std@@3_JB
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Add_vtordisp1@?$basic_ios@DU?$char_traits@D@std@@@std@@UAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Add_vtordisp2@?$basic_ostream@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?_Orphan_all@_Container_base12@std@@QAEXXZ
??1_Container_base12@std@@QAE@XZ
??0_Container_base12@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
msvcr110
_fileno
rand
srand
_time64
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
??_V@YAXPAX@Z
free
malloc
__RTDynamicCast
_snprintf
memset
_errno
_wfopen
fclose
feof
fflush
fread
fseek
fwrite
_vsprintf_p
_vscprintf_p
strerror
_commit
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_XcptFilter
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
_cexit
_configthreadlocale
__setusermatherr
wcscat_s
_initterm
__initenv
_fmode
_commode
_vsnprintf
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
wcsrchr
__iob_func
fprintf
_localtime64_s
_initterm_e
wevtapi
EvtRender
EvtSubscribe
EvtClose
crypt32
CryptUnprotectData
CryptProtectData
oleaut32
SysStringLen
winmm
timeGetTime
user32
MessageBoxW
Sections
.text Size: 245KB - Virtual size: 245KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 55KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 244KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 596KB - Virtual size: 600KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE