2c1c86b5e02b7a22da3c64f9186380bd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2c1c86b5e02b7a22da3c64f9186380bd_JaffaCakes118
Size

1.8MB
MD5

2c1c86b5e02b7a22da3c64f9186380bd
SHA1

244942aa2050debb87efda827ba72f4d30dd3096
SHA256

4f8406b6537da0531838feba6fc870a4b5de85cb133017b9e8ad26be98bab01f
SHA512

b82b48ae629506ad6473b5ad197340cb6465ca3f04cfe603686b7fa2a3f815b2bba8ea24d25ad40543fa57f06ff9a98a42f4043783d4c2c5d901534cce62a2d1
SSDEEP

24576:Wco0DI7+5N9rL46OuC4lNeQjfA86eVY9SxyU1reYJvBpR2qw4FoTnGvql/NWmrYA:WcngkS26eVY9SxYYjpER4FoTll/sSKI

Score

1^/10

Malware Config

Signatures

Files

2c1c86b5e02b7a22da3c64f9186380bd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

de0f54c458140295e0c422baab2f210c

Code Sign

03:09:85:b5:a3:9f:75:a1:3a:49:7d:ab:8b:f6:11:f7
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-03-2013 00:00

Not After

26-03-2014 12:00

Subject

CN=InstallX\, LLC,O=InstallX\, LLC,L=Sartell,ST=Minnesota,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:f4:73:6f:af:ef:40:8a:1f:66:40:f2:65:d1:0a:c1
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-02-2011 12:00

Not After

10-02-2026 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

22:48:bc:f7:75:cc:25:7d:ec:b6:d8:36:0d:54:89:d6:a3:89:da:66
Signer

Actual PE Digest

22:48:bc:f7:75:cc:25:7d:ec:b6:d8:36:0d:54:89:d6:a3:89:da:66

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\tfs.vs2012\admin\windows\MAIN\Installer.Desktop.Application\ReleaseNoMFC\FreezeWrapWin.pdb

Imports

comctl32

ImageList_Create
InitCommonControlsEx
ImageList_Add

kernel32

InitializeCriticalSection
UnlockFileEx
LockFile
UnlockFile
InterlockedCompareExchange
UnmapViewOfFile
MapViewOfFile
GetFullPathNameW
FormatMessageW
GetFileAttributesW
GetTempPathW
LockFileEx
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
GetPrivateProfileStringA
GetPrivateProfileIntA
CopyFileA
SystemTimeToFileTime
GetLocalTime
WritePrivateProfileStringA
WaitForSingleObject
CreateMutexA
ReleaseMutex
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
GetTickCount
GetDiskFreeSpaceW
Sleep
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileMappingA
GetDiskFreeSpaceA
GetFileAttributesExW
SetEnvironmentVariableA
SetEndOfFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
LoadLibraryW
OutputDebugStringW
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetStringTypeW
DeleteFileW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetFileType
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
WideCharToMultiByte
GetCurrentThreadId
GetModuleHandleW
GetStartupInfoW
RaiseException
FormatMessageA
GetModuleHandleA
LocalAlloc
lstrlenA
LocalFree
BeginUpdateResourceA
HeapAlloc
GetProcessHeap
UpdateResourceA
HeapFree
EndUpdateResourceA
LoadLibraryA
EnumResourceNamesA
EnumResourceLanguagesA
FreeLibrary
FindResourceA
LoadLibraryExA
FindResourceExA
GetUserDefaultUILanguage
GetTempPathA
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
GetSystemTime
GetTempFileNameA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
GetFileAttributesA
MoveFileA
GetModuleFileNameA
GetCurrentDirectoryA
GetFullPathNameA
GetLongPathNameA
CloseHandle
GetPrivateProfileSectionNamesA
CreateProcessA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateProcess
GetExitCodeProcess
Module32First
Module32Next
GetProcAddress
GetCurrentProcessId
VirtualQuery
GetCurrentThread
GetCurrentProcess
CreateEventA
WaitForSingleObjectEx
ResetEvent
SetEvent
FileTimeToSystemTime
GetTimeZoneInformation
CreateFileA
GetFileTime
FileTimeToLocalFileTime
TzSpecificLocalTimeToSystemTime
GetFileSize
ReadFile
WriteFile
SetFilePointer
GetVersionExA
GetSystemInfo
GetWindowsDirectoryA
GetSystemDirectoryA
ExpandEnvironmentStringsA
GlobalMemoryStatus
CreateFileW
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
HeapReAlloc
HeapSize
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
AreFileApisANSI
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineA
CreateThread
ExitThread
LoadLibraryExW
GetSystemTimeAsFileTime
RtlUnwind
GetStdHandle
GetModuleFileNameW
SetLastError
InterlockedIncrement
UnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

user32

IsWindowEnabled
GetWindowThreadProcessId
FindWindowExA
GetClassNameA
EnumChildWindows
GetSystemMetrics
SystemParametersInfoA
GetShellWindow
FindWindowA
GetDesktopWindow
LoadCursorA
CreateWindowExA
GetClassInfoExA
RegisterClassExA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CallWindowProcA
DefWindowProcA
LoadBitmapA
LoadImageA
SetCursor
ReleaseCapture
GetKeyboardState
CreatePopupMenu
DestroyMenu
AppendMenuA
TrackPopupMenu
WaitForInputIdle
SetDlgItemTextA
AdjustWindowRectEx
OffsetRect
SetClassLongA
EnumWindows
DrawIcon
ReleaseDC
GetMessagePos
CopyRect
SendMessageW
GetDlgItem
EndDialog
CreateDialogParamA
DialogBoxParamA
GetWindowTextLengthA
SetWindowLongA
GetWindowLongA
PostMessageA
SendMessageA
LoadStringA
InflateRect
FrameRect
SetWindowTextA
BeginPaint
EndPaint
GetDlgCtrlID
ScreenToClient
ClientToScreen
GetCursorPos
EnableMenuItem
GetSystemMenu
SetWindowPos
LoadIconA
IsIconic
GetFocus
SetFocus
IsWindowVisible
SetTimer
KillTimer
GetParent
GetSysColor
LoadAcceleratorsA
DestroyWindow
MessageBoxA
MessageBoxExA
ShowWindow
GetSysColorBrush
GetWindowTextA
GetDC
PostQuitMessage
EnableWindow
SetForegroundWindow
UpdateWindow
IsWindow
InvalidateRgn
InvalidateRect
MoveWindow
GetClientRect
GetWindowRect
SetParent

shell32

SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteExA

ole32

CoTaskMemAlloc
CoUninitialize
CoInitialize
CoTaskMemFree
CoInitializeEx
StringFromGUID2
CoCreateInstance
OleInitialize
CoInitializeSecurity
OleUninitialize
CoCreateGuid

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysFreeString
SysAllocStringLen
SafeArrayDestroy

psapi

EnumProcesses
GetModuleFileNameExA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

userenv

ExpandEnvironmentStringsForUserA

wininet

InternetConnectA
HttpOpenRequestA
HttpAddRequestHeadersA
InternetOpenA
HttpSendRequestA
HttpQueryInfoA
InternetSetStatusCallback
InternetErrorDlg
InternetSetOptionA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetCombineUrlA
InternetGetCookieA
InternetSetCookieA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetCloseHandle
InternetReadFileExA

shlwapi

PathCombineA
PathFindExtensionA
PathRenameExtensionA
UrlEscapeA
SHDeleteEmptyKeyA
PathStripPathA
PathRemoveFileSpecA
PathIsDirectoryEmptyA

urlmon

IsValidURL

rpcrt4

UuidFromStringA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
SelectObject
GetObjectA
DeleteObject
BitBlt
SetWindowOrgEx
PatBlt
SetBkColor
DeleteDC

advapi32

RegDeleteKeyA
RegEnumValueA
RegEnumKeyExA
RevertToSelf
OpenProcessToken
GetTokenInformation
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
SetTokenInformation
LookupPrivilegeValueA
DuplicateTokenEx
ImpersonateLoggedOnUser
GetLengthSid
AdjustTokenPrivileges
RegOpenCurrentUser
RegOpenUserClassesRoot
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegQueryInfoKeyA

gdiplus

GdipSetCompositingMode
GdipDeleteGraphics
GdipCreateFromHDC

comdlg32

GetOpenFileNameA

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-de
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-ti
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 512B - Virtual size: 59B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text-co
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 371KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-de
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-ti
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data-co
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de0f54c458140295e0c422baab2f210c

Code Sign

03:09:85:b5:a3:9f:75:a1:3a:49:7d:ab:8b:f6:11:f7Certificate

Extended Key Usages

Key Usages

07:f4:73:6f:af:ef:40:8a:1f:66:40:f2:65:d1:0a:c1Certificate

Extended Key Usages

Key Usages

22:48:bc:f7:75:cc:25:7d:ec:b6:d8:36:0d:54:89:d6:a3:89:da:66Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

shell32

ole32

oleaut32

psapi

version

userenv

wininet

shlwapi

urlmon

rpcrt4

gdi32

advapi32

gdiplus

comdlg32

Sections

.text Size: 147KB - Virtual size: 146KB

.text-de Size: 99KB - Virtual size: 99KB

.text-co Size: 124KB - Virtual size: 123KB

.text-co Size: 77KB - Virtual size: 76KB

.text-co Size: 24KB - Virtual size: 23KB

.text-co Size: 12KB - Virtual size: 12KB

.text-ti Size: 42KB - Virtual size: 42KB

.text-co Size: 16KB - Virtual size: 15KB

.text-co Size: 512B - Virtual size: 59B

.text-co Size: 13KB - Virtual size: 12KB

.text-co Size: 17KB - Virtual size: 17KB

.text-co Size: 34KB - Virtual size: 33KB

.text-co Size: 51KB - Virtual size: 51KB

.text-co Size: 106KB - Virtual size: 106KB

.text-co Size: 108KB - Virtual size: 107KB

.text-co Size: 49KB - Virtual size: 49KB

.text-co Size: 33KB - Virtual size: 33KB

.text-co Size: 15KB - Virtual size: 15KB

.text-co Size: 257KB - Virtual size: 257KB

.rdata Size: 371KB - Virtual size: 370KB

.data Size: 14KB - Virtual size: 23KB

.data-de Size: 512B - Virtual size: 45B

.data-co Size: 512B - Virtual size: 176B

.data-co Size: 512B - Virtual size: 56B

.data-co Size: 512B - Virtual size: 48B

.data-co Size: 512B - Virtual size: 40B

.data-ti Size: 1KB - Virtual size: 1KB

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 4B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 44B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 80B

.data-co Size: 512B - Virtual size: 48B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 512B - Virtual size: 40B

.data-co Size: 3KB - Virtual size: 2KB

.rsrc Size: 233KB - Virtual size: 232KB

03:09:85:b5:a3:9f:75:a1:3a:49:7d:ab:8b:f6:11:f7
Certificate

07:f4:73:6f:af:ef:40:8a:1f:66:40:f2:65:d1:0a:c1
Certificate

22:48:bc:f7:75:cc:25:7d:ec:b6:d8:36:0d:54:89:d6:a3:89:da:66
Signer

.text
Size: 147KB - Virtual size: 146KB

.text-de
Size: 99KB - Virtual size: 99KB

.text-co
Size: 124KB - Virtual size: 123KB

.text-co
Size: 77KB - Virtual size: 76KB

.text-co
Size: 24KB - Virtual size: 23KB

.text-co
Size: 12KB - Virtual size: 12KB

.text-ti
Size: 42KB - Virtual size: 42KB

.text-co
Size: 16KB - Virtual size: 15KB

.text-co
Size: 512B - Virtual size: 59B

.text-co
Size: 13KB - Virtual size: 12KB

.text-co
Size: 17KB - Virtual size: 17KB

.text-co
Size: 34KB - Virtual size: 33KB

.text-co
Size: 51KB - Virtual size: 51KB

.text-co
Size: 106KB - Virtual size: 106KB

.text-co
Size: 108KB - Virtual size: 107KB

.text-co
Size: 49KB - Virtual size: 49KB

.text-co
Size: 33KB - Virtual size: 33KB

.text-co
Size: 15KB - Virtual size: 15KB

.text-co
Size: 257KB - Virtual size: 257KB

.rdata
Size: 371KB - Virtual size: 370KB

.data
Size: 14KB - Virtual size: 23KB

.data-de
Size: 512B - Virtual size: 45B

.data-co
Size: 512B - Virtual size: 176B

.data-co
Size: 512B - Virtual size: 56B

.data-co
Size: 512B - Virtual size: 48B

.data-co
Size: 512B - Virtual size: 40B

.data-ti
Size: 1KB - Virtual size: 1KB

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 4B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 44B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 80B

.data-co
Size: 512B - Virtual size: 48B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 512B - Virtual size: 40B

.data-co
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 233KB - Virtual size: 232KB