113fb4f1f038f00f1ffa34b5cd8b73cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

113fb4f1f038f00f1ffa34b5cd8b73cf_JaffaCakes118
Size

1.7MB
MD5

113fb4f1f038f00f1ffa34b5cd8b73cf
SHA1

1f39c961c09dcecb31d9b8cbc19d6a0471df045f
SHA256

fe8d5dedabee055044fa6383ba18e62d966a1d1fe16b883494d75430b3c72738
SHA512

5e63387cc5b43e06286cc13a258fe9d14db5764d728a1c5a7dd884f04c22e71e7d08f2e91c0e4a9afbc8a264b9848a9f98fe80103499cdffcc02bd839752cfaf
SSDEEP

49152:i5K2ZQ04i3OhlkxUqKi4REZt35hDUlzfsxF1+z+:6Tz4YOQxUqKi4MzsIy+

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/NBA 2K13 Turbo v1.3正式版/NBA 2K13 Turbo1.3.exe	aspack_v212_v242

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NBA 2K13 Turbo v1.3正式版/NBA 2K13 Turbo1.3.exe
unpack001/NBA 2K13 Turbo v1.3正式版/NBA2K13Turbo12.exe
unpack001/NBA 2K13 Turbo v1.3正式版/Plugins/Rozj.dll

Files

113fb4f1f038f00f1ffa34b5cd8b73cf_JaffaCakes118
.rar
NBA 2K13 Turbo v1.3正式版/NBA 2K13 Turbo1.3.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 333KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 336KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NBA 2K13 Turbo v1.3正式版/NBA2K13Turbo12.exe
.exe windows:5 windows x86 arch:x86

1028982eb0397550050b341ed059651c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\CM\CheatMaker\Release\Runner.pdb

Imports

mfc90u

ord611
ord4741
ord3992
ord4934
ord4508
ord2275
ord1666
ord4653
ord959
ord2614
ord2637
ord2632
ord3234
ord3492
ord436
ord686
ord2100
ord1688
ord1769
ord2103
ord1601
ord4510
ord2277
ord1668
ord4654
ord3497
ord616
ord4265
ord2595
ord4815
ord1313
ord4543
ord3528
ord654
ord1783
ord1716
ord3651
ord775
ord1678
ord1779
ord1708
ord3627
ord750
ord2286
ord1786
ord1722
ord4663
ord3278
ord3661
ord785
ord4268
ord430
ord683
ord4009
ord1686
ord4547
ord4618
ord5106
ord3070
ord5105
ord4785
ord5228
ord3551
ord4693
ord3251
ord2481
ord5616
ord1440
ord3681
ord2646
ord2645
ord2647
ord2644
ord2643
ord5656
ord5601
ord1753
ord6410
ord3354
ord4378
ord5293
ord5296
ord4800
ord4805
ord4802
ord4820
ord4823
ord4807
ord5209
ord5016
ord4596
ord4589
ord5418
ord4810
ord5214
ord4622
ord5224
ord4865
ord4866
ord4109
ord5349
ord4945
ord4946
ord5356
ord4987
ord5487
ord4861
ord4789
ord4927
ord5279
ord5407
ord4955
ord4904
ord5408
ord4942
ord5384
ord4707
ord4797
ord4798
ord5400
ord5230
ord5142
ord5239
ord5491
ord5401
ord5079
ord5382
ord4933
ord5397
ord4549
ord1376
ord2194
ord4550
ord4521
ord812
ord4492
ord663
ord404
ord1329
ord1250
ord1254
ord6096
ord3489
ord337
ord2593
ord1063
ord1248
ord1088
ord3741
ord3749
ord6187
ord3543
ord2106
ord1183
ord333
ord2592
ord4044
ord692
ord595
ord3562
ord3286
ord5664
ord4657
ord1493
ord6411
ord3355
ord1695
ord1602
ord2105
ord6791
ord1488
ord6703
ord2081
ord5867
ord2479
ord2504
ord4518
ord4405
ord4519
ord1108
ord4442
ord938
ord2537
ord310
ord601
ord818
ord1608
ord305
ord3221
ord814
ord1599
ord266
ord899
ord2676
ord6164
ord277
ord4494
ord2597
ord1333
ord3399
ord2209
ord2490
ord665
ord406
ord935
ord1315
ord813
ord664
ord405
ord811
ord799
ord12404
ord13194
ord9972
ord10457
ord10304
ord13136
ord12165
ord12617
ord7766
ord9965
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord6018
ord3115
ord4905
ord4681
ord9272
ord8452
ord5663
ord285
ord3220
ord1607
ord1113
ord1220
ord1098
ord4211
ord7332
ord7138
ord4043
ord265
ord286
ord296
ord600
ord280
ord5632
ord5324
ord2208
ord1810
ord4652
ord1665
ord2274
ord5938
ord4490
ord1354
ord3537
ord1581
ord936
ord6697
ord6013
ord293
ord290
ord1556
ord5737
ord5559
ord690
ord441
ord1314
ord2326
ord6415
ord5939
ord2478
ord6687
ord3515
ord1486
ord6579
ord2725
ord4131
ord6203
ord2901
ord2470
ord4398
ord3953
ord4351
ord2360
ord6065
ord4530
ord4527
ord6604
ord6311
ord4159
ord1603
ord4774
ord6577
ord5194
ord744
ord524
ord2084
ord613
ord1809
ord1675
ord3353
ord6408
ord1754
ord1751
ord4345
ord1492
ord4664
ord5602
ord2074
ord5512
ord6800
ord4603
ord5653
ord3743
ord5154
ord1728
ord6466
ord5685
ord5683
ord3488
ord960
ord965
ord969
ord967
ord778
ord3654
ord4660
ord1719
ord971
ord2615
ord2635
ord2619
ord2625
ord2623
ord2621
ord2638
ord2633
ord2617
ord2640
ord2628
ord2610
ord2612
ord2630
ord2375
ord2368
ord1641
ord6802
ord4174
ord6804
ord3682
ord5404
ord6376
ord3226
ord1442
ord5625
ord2139
ord1792
ord1791
ord1727
ord5650
ord2771
ord2983
ord3112
ord4728
ord2966
ord3140
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4910
ord4682
ord4702
ord2069
ord4631
ord1137
ord5008
ord4000
ord639
ord374
ord2283
ord316
ord821
ord5979
ord2082
ord1272
ord3794
ord2969
ord801

msvcr90

_CxxThrowException
memcpy
__RTDynamicCast
memset
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_purecall
_gcvt_s
_wtof
_wtol
_wcsicmp
strcpy_s
_beginthreadex
calloc
_recalloc
vsprintf_s
_itoa_s
atol
strtol
memmove_s
wcstoul
_wtoi
_msize
ftell
realloc
malloc
toupper
free
fread
fseek
swscanf_s
fclose
fwrite
_wfopen_s
memcpy_s
?what@exception@std@@UBEPBDXZ
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
exit
wcscpy_s
__CxxFrameHandler3

kernel32

lstrlenW
SetLastError
LoadLibraryW
GetProcAddress
lstrcpyW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
FindFirstFileW
MulDiv
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
WideCharToMultiByte
CreateEventW
GlobalLock
GlobalUnlock
GlobalFree
ResumeThread
GlobalAlloc
LoadResource
SizeofResource
LockResource
WaitForSingleObject
SetEvent
CreateDirectoryW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CloseHandle
CreateFileW
CopyFileW
GetTempFileNameW
GetModuleFileNameW
GetLastError
GetSystemDirectoryW
GetTempPathW
RemoveDirectoryW
DeleteFileW
GetFileAttributesW
GetModuleHandleW
CreateThread
ExitThread
TerminateThread
FindResourceW
GetCurrentProcessId
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
Sleep
GetCurrentThreadId
GetTickCount
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetLocalTime
QueryPerformanceCounter
LocalFree
FormatMessageW
GetProcessHandleCount
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
OpenProcess
GetCurrentProcess
MultiByteToWideChar
lstrlenA
FreeLibrary
ResetEvent

user32

CopyImage
CloseWindow
BringWindowToTop
LoadIconW
DestroyIcon
PostMessageW
GetClientRect
GetFocus
GetNextDlgTabItem
UnregisterHotKey
GetSystemMetrics
GetWindowRect
SetParent
PtInRect
SetActiveWindow
RegisterHotKey
GetWindowTextW
GetClassNameW
EnumWindows
GetWindowThreadProcessId
GetParent
IsWindowVisible
InvalidateRect
IsWindow
SetRect
GetActiveWindow
CreateIconFromResource
CreateIconFromResourceEx
FillRect
GetSysColor
CopyRect
DrawFocusRect
SendMessageW
ReleaseDC
GetDC
GetKeyState
GetDesktopWindow
MessageBoxW
GetClassInfoW
EnableWindow
SetLayeredWindowAttributes
KillTimer
LoadCursorW
SetCursor
SetTimer
GetWindowLongW
SetWindowLongW
IsRectEmpty

gdi32

CreateFontIndirectW
SelectObject
CreateSolidBrush
BitBlt
DeleteDC
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
GetObjectW
GetStockObject
DeleteObject
GetTextExtentPoint32W
CreateCompatibleDC
CreateFontW
GetDeviceCaps

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

comctl32

InitCommonControlsEx

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

msvcp90

?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW
GetModuleFileNameExW

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NBA 2K13 Turbo v1.3正式版/Plugins/Rozj.dll
.dll windows:5 windows x86 arch:x86

b31d6915486ed991fa537b1c10624c40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
HeapAlloc
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
WriteFile
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount

Exports

Exports

GetInfo
GetName
GetVer
InitPlgFunc
IsDynamic
IsPlugin
ReadValueEnd
WriteValueBegin

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NBA 2K13 Turbo v1.3正式版/Turbo by rozj1.3正式版.txt
NBA 2K13 Turbo v1.3正式版/使用&运行失败请看此.txt
访问零度软件园获取更多资源.url
重要说明@www.05sun.com.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 333KB - Virtual size: 764KB

.rdata Size: 336KB - Virtual size: 516KB

.data Size: 30KB - Virtual size: 344KB

.rsrc Size: 15KB - Virtual size: 44KB

.aspack Size: 16KB - Virtual size: 16KB

.adata Size: - Virtual size: 4KB

1028982eb0397550050b341ed059651c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc90u

msvcr90

kernel32

user32

gdi32

advapi32

comctl32

ole32

oleaut32

msvcp90

psapi

Sections

.text Size: 288KB - Virtual size: 287KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

b31d6915486ed991fa537b1c10624c40

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 333KB - Virtual size: 764KB

.rdata
Size: 336KB - Virtual size: 516KB

.data
Size: 30KB - Virtual size: 344KB

.rsrc
Size: 15KB - Virtual size: 44KB

.aspack
Size: 16KB - Virtual size: 16KB

.adata
Size: - Virtual size: 4KB

.text
Size: 288KB - Virtual size: 287KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 5KB