0x[.]zip | Triage

Resubmissions

09-10-2024 17:53

241009-wgghtsvdje 3

09-10-2024 17:52

241009-wfpg2szhln 3

Sharing

Copy URL

Twitter E-mail

General

Target

0x.zip
Size

25.0MB
MD5

9109b1ecfa7613d2b446f564148bff7c
SHA1

c177db2fb97d0c887f71f13def23f08cd5b6bcd8
SHA256

d7eb1234984d97281da6c5c953e8cf09f1fcb496a3dc13f208d9ac79f2395769
SHA512

fbef5d6d1a19c5091e7525754b4b481f410c3a998f5414dd9c4212f1aea4c820a67a5b6b793bceefdda551769f35b8bb9bfe415779877caeba18d78db4d5bea3
SSDEEP

393216:27YmubvcoR1iBoV8mXMU6t+wZwTBp6TdTqM1CrSQCW3Q3a5utyh07WiMMWkkV/:cgj1UmcRt+wZCWTlq7+u3Cj0tPMKV/

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0x.AI/extra/gfx/dxshot.pyd
unpack002/tensorrt/tensorrt.cp311-win_amd64.pyd
unpack001/0x.AI/extra/pyarmor_runtime_000000/pyarmor_runtime.pyd

Files

0x.zip
.zip
0x.AI/0x.bat
0x.AI/extra/gfx/dxshot.pyd
.dll windows:4 windows x64 arch:x64

261e3b31ffbd3a766b5ba2edc52c411a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CopyFileW
CreateFileMappingW
CreateFileW
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
FindResourceA
FormatMessageA
FreeLibrary
GetCurrentProcessId
GetFileSize
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetProcAddress
GetSystemTimeAsFileTime
GetTempPathW
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadResource
LockResource
MapViewOfFile
MultiByteToWideChar
ReadFile
SetErrorMode
Sleep
TlsGetValue
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_amsg_exit
_errno
_initterm
_lock
_strdup
_unlock
_wcsicmp
_wrename
abort
calloc
fputc
free
fwrite
localeconv
malloc
mbstowcs
memcmp
memcpy
memset
puts
realloc
strchr
strcmp
strerror
strlen
strncmp
strncpy
strrchr
vfprintf
wcslen

shell32

SHGetFolderPathW

python311

PyObject_GC_Del
_PyObject_GC_Resize
PyIter_Send
PyIter_Next
PyObject_GetIter
PyObject_IsSubclass
PyObject_IsInstance
PyMapping_Size
PyMapping_Check
PySequence_Contains
PySequence_List
PySequence_Tuple
PySequence_InPlaceConcat
PySequence_Check
PyNumber_ToBase
PyNumber_Float
PyNumber_Long
PyNumber_AsSsize_t
PyNumber_Negative
PyNumber_InPlaceMultiply
PyNumber_InPlaceAdd
PyNumber_InPlaceLshift
PyNumber_InPlaceOr
PyNumber_FloorDivide
PyNumber_Add
PyNumber_Subtract
PyBuffer_Release
PyObject_GetBuffer
PyObject_SetItem
PyObject_GetItem
PyObject_LengthHint
_PyObject_HasLen
PyBool_Type
_Py_FalseStruct
_Py_TrueStruct
_PyByteArray_empty_string
PyByteArray_Type
PyByteArray_FromStringAndSize
PyByteArray_FromObject
PyBytes_Type
_PyBytes_Resize
PyBytes_FromStringAndSize
PyObject_CallFunctionObjArgs
PyObject_CallMethodObjArgs
PyObject_CallFunction
PyObject_CallObject
_PyFunction_Vectorcall
PyObject_Call
PyCapsule_New
PyMethod_Type
PyCode_Type
PyCode_Addr2Line
PyCode_NewWithPosOnlyArgs
PyComplex_Type
PyComplex_FromDoubles
PyDescr_IsData
PyDictItems_Type
PyDictKeys_Type
PyDictValues_Type
PyDict_Type
PyDict_SetItemString
PyDict_GetItemString
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_Clear
PyDict_DelItem
PyDict_SetItem
PyDict_GetItem
_PyDict_NewPresized
_PyDict_MaybeUntrack
PyDict_New
PyEnum_Type
PyExc_ImportWarning
PyExc_Exception
PyExc_KeyError
PyExc_RuntimeError
PyExc_UnboundLocalError
PyExc_AttributeError
PyExc_ZeroDivisionError
PyExc_ValueError
PyExc_BaseException
PyExc_OverflowError
PyExc_StopIteration
PyExc_StopAsyncIteration
PyExc_TypeError
PyExc_NameError
PyExc_IndexError
PyExc_ImportError
PyExc_SystemError
PyExc_GeneratorExit
PyException_SetContext
PyException_GetContext
PyException_SetCause
PyFloat_Type
PyFloat_FromString
PyFloat_FromDouble
PyFrame_Type
PyFrame_GetBack
PyFunction_Type
Py_GenericAliasType
Py_GenericAlias
_PyAsyncGenWrappedValue_Type
PyCoro_Type
PyGen_Type
PyAsyncGen_Type
_PyGen_FetchStopIterationValue
_PyGen_SetStopIterationValue
PySeqIter_Type
PyCallIter_Type
PyList_Type
PyList_Sort
PyList_Append
PyList_SetItem
PyList_New
PyLong_Type
PyLong_FromUnicodeObject
PyLong_FromString
PyLong_FromSsize_t
PyLong_FromLongLong
PyLong_AsSsize_t
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_FromUnsignedLongLong
PyLong_FromLong
_PyLong_Copy
_PyLong_New
PyCFunction_Type
PyCMethod_New
PyModule_Type
PyModuleDef_Type
PyModule_GetDef
PyModule_GetFilenameObject
PyModule_GetName
PyModule_GetDict
PyModule_ExecDef
PyModule_FromDefAndSpec2
PyModule_Create2
PyModule_NewObject
_Py_NoneStruct
_Py_NotImplementedStruct
PyCallable_Check
PyObject_IsTrue
PyObject_GenericSetAttr
PyObject_SelfIter
PyObject_SetAttr
PyObject_GetAttr
PyObject_SetAttrString
PyObject_HasAttrString
PyObject_GetAttrString
PyObject_RichCompareBool
_PyObject_FunctionStr
PyObject_Str
PyObject_Repr
_PyObject_New
PyObject_InitVar
PyObject_Free
PyObject_Realloc
PyObject_Malloc
PyMem_Free
PyMem_Realloc
PyMem_Calloc
PyMem_Malloc
PyRange_Type
PyFrozenSet_Type
PySet_Type
_PySet_NextEntry
PySet_Add
PyFrozenSet_New
PySet_New
PySlice_Type
_Py_EllipsisObject
PyEllipsis_Type
PyStructSequence_InitType
PyStructSequence_New
PyTuple_Type
PyTuple_Pack
_PyTuple_MaybeUntrack
PyTuple_New
PyBaseObject_Type
PyType_Type
PyType_Ready
_PyType_Lookup
PyType_IsSubtype
PyUnicode_Type
PyUnicode_InternInPlace
PyUnicode_Format
PyUnicode_RPartition
PyUnicode_Partition
PyUnicode_Substring
PyUnicode_Concat
PyUnicode_RichCompare
PyUnicode_Compare
PyUnicode_Join
PyUnicode_FindChar
PyUnicode_Find
PyUnicode_DecodeUTF8
PyUnicode_GetLength
PyUnicode_AsUnicode
PyUnicode_AsUTF8
PyUnicode_FromEncodedObject
PyUnicode_FromOrdinal
PyUnicode_AsWideCharString
PyUnicode_FromFormat
PyUnicode_FromString
PyUnicode_FromStringAndSize
PyUnicode_FromWideChar
_PyUnicode_Ready
PyUnicode_New
_PyWeakref_CallableProxyType
_PyWeakref_ProxyType
_PyWeakref_RefType
PyObject_ClearWeakRefs
_PyWeakref_ClearRef
PyErr_WarnEx
PyEval_GetFuncName
PyEval_EvalCode
Py_MakePendingCalls
PyEval_RestoreThread
PyEval_SaveThread
PyEval_AcquireThread
PyErr_WriteUnraisable
_PyErr_WriteUnraisableMsg
PyErr_Format
PyErr_SetFromErrno
PyErr_NoMemory
PyErr_BadArgument
_PyErr_FormatFromCause
_PyErr_NormalizeException
PyErr_ExceptionMatches
PyImport_FrozenModules
_PyArg_NoKeywords
PyArg_UnpackTuple
PyArg_ParseTupleAndKeywords
PyArg_ParseTuple
PyImport_ImportModule
PyImport_ImportFrozenModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModule
_PyImport_FixupExtensionObject
PyImport_GetModuleDict
PyMarshal_ReadObjectFromString
_Py_PackageContext
Py_BuildValue
PyOS_snprintf
_PyRuntime
Py_Exit
Py_CompileStringExFlags
PyErr_Print
PyErr_PrintEx
PySys_GetObject
PyTraceBack_Type

Exports

Exports

PyInit_dxshot

Sections

.text
Size: 935KB - Virtual size: 934KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
0x.AI/extra/gfx/pyins.exe
.exe windows:6 windows x86 arch:x86

f57d7a40ebfca87e6f8082251d937ed8

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17-01-2022 00:00

Not After

15-01-2025 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:d9:9a:35:3b:84:6b:6c:e2:68:c1:65:f7:9d:38:9d:01:78:b3:2d:eb:b9:86:83:fe:d8:77:c9:0f:d3:38:b5
Signer

Actual PE Digest

4c:d9:9a:35:3b:84:6b:6c:e2:68:c1:65:f7:9d:38:9d:01:78:b3:2d:eb:b9:86:83:fe:d8:77:c9:0f:d3:38:b5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\138\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
CloseEventLog
OpenEventLogW
ReportEventW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateWellKnownSid
InitializeAcl
DecryptFileW
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

PeekMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
GetMessageW
TranslateMessage
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW

oleaut32

VariantInit
SysAllocString
VariantClear
SysFreeString

gdi32

DeleteDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
CreateCompatibleDC

shell32

CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCPInfo
GetOEMCP
GetACP
CreateFileW
CloseHandle
GetLastError
HeapSetInformation
GetModuleHandleW
GetProcAddress
LocalFree
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
ExpandEnvironmentStringsW
CreateDirectoryW
GetFullPathNameW
GetTempFileNameW
GetTempPathW
Sleep
GetLocalTime
GetModuleFileNameW
CompareStringW
CreateFileA
SetFilePointer
WriteFile
GetCurrentProcessId
GetSystemDirectoryW
LoadLibraryW
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetCommandLineA
SetCurrentDirectoryW
GetCurrentDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
RemoveDirectoryW
SetFileAttributesW
MoveFileExW
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetCurrentProcess
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
GetVolumePathNameW
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetWindowsDirectoryW
GetNativeSystemInfo
GetCommandLineW
FreeLibrary
GetModuleHandleExW
GetComputerNameW
VerifyVersionInfoW
GetDateFormatW
GetUserDefaultUILanguage
GetUserDefaultLangID
GetSystemDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
LoadLibraryExW
CreateEventW
ProcessIdToSessionId
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
WaitForSingleObject
GetProcessId
OpenProcess
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
LocalFileTimeToFileTime
SetEndOfFile
SetFileTime
ResetEvent
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
CreateMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetThreadLocale
IsValidCodePage
FindFirstFileExW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileSizeEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GetTimeZoneInformation
GetSystemInfo
VirtualProtect
VirtualQuery
GetSystemWow64DirectoryW
GetProcessHeap
GetFileType
ExitProcess
GetStdHandle
InitializeCriticalSectionAndSpinCount
SetLastError
RtlUnwind
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
0x.AI/extra/gfx/tensorrt-8.6.1-cp311-none-win_amd64.whl
.zip
tensorrt-8.6.1.dist-info/LICENSE.txt
tensorrt-8.6.1.dist-info/METADATA
tensorrt-8.6.1.dist-info/RECORD
tensorrt-8.6.1.dist-info/WHEEL
tensorrt-8.6.1.dist-info/top_level.txt
tensorrt-8.6.1.dist-info/zip-safe
tensorrt/__init__.py
tensorrt/tensorrt.cp311-win_amd64.pyd
.dll windows:6 windows x64 arch:x64

59a5391c6347bd83a5f12fffd33e8e9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

nvinfer

createInferBuilder_INTERNAL
createInferRefitter_INTERNAL
getPluginRegistry
getBuilderPluginRegistry
createInferRuntime_INTERNAL

nvonnxparser

getNvOnnxParserVersion
createNvOnnxParser_INTERNAL

nvparsers

?shutdownProtobufLibrary@nvcaffeparser1@@YAXXZ
??0FieldMap@nvuffparser@@QEAA@PEBDPEBXW4FieldType@1@H@Z
?createUffParser@nvuffparser@@YAPEAVIUffParser@1@XZ
?createCaffeParser@nvcaffeparser1@@YAPEAVICaffeParser@1@XZ

nvinfer_plugin

initLibNvInferPlugins

python311

_Py_NotImplementedStruct
PyByteArray_Type
_Py_FalseStruct
_Py_TrueStruct
PyFloat_Type
PyCFunction_Type
PyModule_Type
PyMethod_Type
PyInstanceMethod_Type
PyCapsule_Type
PyProperty_Type
PyExc_BufferError
PyExc_IndexError
PyExc_MemoryError
PyExc_OverflowError
PyExc_RuntimeError
PyExc_SystemError
PyExc_TypeError
PyExc_ValueError
PyObject_CheckBuffer
PyObject_SetItem
PyObject_RichCompareBool
PyLong_FromLong
PyLong_FromSize_t
PyLong_AsUnsignedLongLong
PyFloat_AsDouble
PyList_Append
PyDict_Contains
PyEval_RestoreThread
PyObject_CallFunctionObjArgs
PyNumber_Invert
PyNumber_And
PyNumber_Xor
PyNumber_Or
PyNumber_Float
PyDict_Type
PySlice_Unpack
PySlice_AdjustIndices
PyImport_ImportModule
PyObject_Call
PySlice_Type
PyMemoryView_FromObject
PyMemoryView_FromBuffer
PyMemoryView_Type
PyModule_AddObject
PyLong_AsLongLong
PyObject_GetIter
PyIter_Check
PyIter_Next
PyObject_LengthHint
PyExc_StopIteration
PyModule_Create2
Py_GetVersion
PyExc_ImportError
PyErr_WarnEx
PyExc_DeprecationWarning
PySequence_Size
PyObject_GetItem
PyObject_CallObject
PyEval_AcquireThread
PyEval_SaveThread
PyEval_GetLocals
PyEval_GetBuiltins
PyThread_tss_get
PyThread_tss_set
PyThread_tss_create
PyThread_tss_alloc
PyErr_WriteUnraisable
PyErr_Format
PyException_SetContext
PyException_SetCause
PyException_SetTraceback
PyErr_NormalizeException
PySequence_Check
PyErr_Fetch
PyBaseObject_Type
PyErr_Occurred
PyErr_SetString
PyWeakref_NewRef
PyThreadState_DeleteCurrent
_PyThreadState_UncheckedGet
PyGILState_GetThisThreadState
PyGILState_Release
PyGILState_Ensure
PyThreadState_GetFrame
PyThreadState_Get
PyThreadState_Clear
PyThreadState_New
PyFrame_GetBack
PyFrame_GetCode
PyFrame_GetLineNumber
PyCapsule_SetContext
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_GetContext
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_New
PyInstanceMethod_New
PyCMethod_New
PyObject_GenericGetDict
PyDict_DelItemString
PyDict_Copy
PyDict_Size
PyDict_Next
PyDict_GetItemWithError
PyDict_New
PyList_GetItem
PyList_Size
PyList_New
PyTuple_SetItem
PyTuple_GetItem
PyTuple_Size
PyTuple_New
PyFloat_FromDouble
PyLong_FromUnsignedLongLong
PyLong_FromLongLong
PyLong_AsUnsignedLong
PyLong_AsLong
PyLong_FromSsize_t
PyUnicode_AsUTF8AndSize
PyUnicode_AsUTF8String
PyUnicode_DecodeUTF8
PyUnicode_AsEncodedString
PyUnicode_FromFormat
PyUnicode_FromString
PyBytes_AsStringAndSize
PyBytes_AsString
PyBytes_Size
PyByteArray_AsString
PyByteArray_Size
PyObject_Malloc
_PyObject_GetDictPtr
_PyType_Lookup
_Py_Dealloc
PyObject_ClearWeakRefs
PyCallable_Check
PyObject_GenericSetDict
PyObject_SetAttr
PyObject_HasAttrString
PyObject_SetAttrString
PyObject_GetAttrString
PyObject_Str
PyObject_Repr
PyType_Ready
PyType_IsSubtype
PyBuffer_Release
PyMem_Free
PyMem_Calloc
PyNumber_Long
PyIndex_Check
_Py_NoneStruct
PyType_Type
PyObject_IsInstance
PySequence_Tuple
PyErr_Clear
PySequence_GetItem
PyErr_Restore
PyNumber_Check
PyObject_GetBuffer

kernel32

RtlPcToFileHeader
EncodePointer
DecodePointer
RaiseException
GetLastError
CreateFileW
GetOEMCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetModuleHandleExW
ExitProcess
LoadLibraryExW
ResetEvent
WaitForSingleObjectEx
WideCharToMultiByte
InitializeSListHead
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
CreateEventW
IsDebuggerPresent
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetEvent
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
CloseHandle
GetCPInfo
GetModuleHandleW
GetStringTypeW
GetProcAddress
GetLocaleInfoW
LCMapStringW
CompareStringW

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InterlockedPushEntrySList

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind
RtlUnwindEx

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
GetModuleFileNameW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapReAlloc
HeapSize
HeapFree

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetCommandLineA
GetStdHandle

api-ms-win-core-file-l1-1-0

SetFilePointerEx
FindFirstFileExW
FlushFileBuffers
FindClose
FindNextFileW
GetFileType
ReadFile
WriteFile

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformation

api-ms-win-core-console-l1-1-0

GetConsoleMode
ReadConsoleW
GetConsoleCP
WriteConsoleW

api-ms-win-core-localization-l1-2-0

IsValidCodePage
GetACP

Exports

Exports

PyInit_tensorrt

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 620KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
0x.AI/extra/main.py
0x.AI/extra/pyarmor_runtime_000000/__init__.py
0x.AI/extra/pyarmor_runtime_000000/__pycache__/__init__.cpython-311.pyc
0x.AI/extra/pyarmor_runtime_000000/pyarmor_runtime.pyd
.dll windows:4 windows x64 arch:x64

44e184920399a8d878fd36078912fe2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

python311

PyBuffer_FillInfo
PyBuffer_Release
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_FromStringAndSize
PyBytes_Type
PyCFunction_GetSelf
PyCFunction_Type
PyCMethod_New
PyCell_Get
PyCell_New
PyCell_Set
PyCode_GetCode
PyCode_Type
PyComplex_FromCComplex
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyDict_Copy
PyDict_DelItem
PyDict_GetItem
PyDict_GetItemString
PyDict_New
PyDict_Next
PyDict_SetItem
PyDict_Type
PyDict_Update
PyErr_CheckSignals
PyErr_Clear
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_GivenExceptionMatches
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Restore
PyErr_SetFromWindowsErr
PyErr_SetImportError
PyErr_SetObject
PyErr_SetString
PyEval_EvalCode
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetGlobals
PyExc_AttributeError
PyExc_EOFError
PyExc_ImportError
PyExc_NotImplementedError
PyExc_RuntimeError
PyExc_StopIteration
PyExc_SystemExit
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_ValueError
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFloat_FromDouble
PyFloat_Pack8
PyFloat_Type
PyFloat_Unpack8
PyFrame_GetCode
PyFrozenSet_New
PyFrozenSet_Type
PyFunction_GetCode
PyFunction_NewWithQualName
PyImport_ExecCodeModuleObject
PyImport_GetModule
PyImport_GetModuleDict
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyIter_Next
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_New
PyList_Sort
PyList_Type
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsVoidPtr
PyLong_FromLong
PyLong_FromVoidPtr
PyLong_Type
PyMarshal_WriteObjectToString
PyMem_Free
PyMem_Malloc
PyMem_Realloc
PyMemoryView_FromBuffer
PyMethod_Function
PyMethod_Type
PyModule_Create2
PyModule_GetDict
PyModule_GetFilenameObject
PyModule_GetName
PyModule_Type
PyNumber_Add
PyNumber_And
PyNumber_AsSsize_t
PyNumber_FloorDivide
PyNumber_InPlaceAdd
PyNumber_InPlaceAnd
PyNumber_InPlaceFloorDivide
PyNumber_InPlaceLshift
PyNumber_InPlaceMatrixMultiply
PyNumber_InPlaceMultiply
PyNumber_InPlaceOr
PyNumber_InPlacePower
PyNumber_InPlaceRemainder
PyNumber_InPlaceRshift
PyNumber_InPlaceSubtract
PyNumber_InPlaceTrueDivide
PyNumber_InPlaceXor
PyNumber_Invert
PyNumber_Lshift
PyNumber_MatrixMultiply
PyNumber_Multiply
PyNumber_Negative
PyNumber_Or
PyNumber_Positive
PyNumber_Power
PyNumber_Remainder
PyNumber_Rshift
PyNumber_Subtract
PyNumber_TrueDivide
PyNumber_Xor
PyOS_double_to_string
PyOS_string_to_double
PyObject_ASCII
PyObject_Call
PyObject_CallFunction
PyObject_CallFunctionObjArgs
PyObject_CallMethod
PyObject_CheckBuffer
PyObject_DelItem
PyObject_Format
PyObject_GetAttr
PyObject_GetAttrString
PyObject_GetBuffer
PyObject_GetItem
PyObject_GetIter
PyObject_IsTrue
PyObject_Repr
PyObject_RichCompare
PyObject_SetAttr
PyObject_SetItem
PyObject_Str
PySequence_Check
PySequence_Contains
PySequence_List
PySet_Add
PySet_New
PySet_Type
PySlice_New
PySys_GetObject
PyThreadState_Get
PyTraceBack_Here
PyTuple_GetItem
PyTuple_GetSlice
PyTuple_New
PyTuple_Pack
PyTuple_SetItem
PyTuple_Size
PyTuple_Type
PyType_IsSubtype
PyUnicode_AsEncodedString
PyUnicode_AsUTF8
PyUnicode_AsUTF8AndSize
PyUnicode_DecodeUTF8
PyUnicode_FromFormat
PyUnicode_FromKindAndData
PyUnicode_FromString
PyUnicode_InternInPlace
PyUnicode_New
PyUnicode_Type
Py_BuildValue
Py_DecRef
Py_IncRef
Py_InspectFlag
_PyArg_ParseTuple_SizeT
_PyBytes_Resize
_PyCode_New
_PyCode_Validate
_PyDict_GetItemWithError
_PyErr_Clear
_PyErr_ExceptionMatches
_PyErr_Format
_PyErr_GetTopmostException
_PyErr_Restore
_PyErr_SetObject
_PyErr_SetString
_PyList_Extend
_PyLong_AsInt
_PyLong_FromByteArray
_PyLong_New
_PyModuleSpec_IsInitializing
_PyObject_CallFunction_SizeT
_PyObject_CallMethod
_PyObject_CallMethod_SizeT
_PyObject_FastCall
_PyObject_LookupAttr
_PyObject_LookupSpecialId
_PyObject_MakeTpCall
_PyRuntime
_PySet_NextEntry
_PyUnicode_JoinArray
_Py_BuildValue_SizeT
_Py_CheckFunctionResult
_Py_Dealloc
_Py_EllipsisObject
_Py_FalseStruct
_Py_NoneStruct
_Py_TrueStruct
_Py_hashtable_compare_direct
_Py_hashtable_destroy
_Py_hashtable_hash_ptr
_Py_hashtable_new_full
_Py_hashtable_set

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegEnumKeyExA
RegGetValueA
RegOpenKeyExA

iphlpapi

GetAdaptersAddresses
GetNetworkParams

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
FlushViewOfFile
FormatMessageA
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalFree
HeapAlloc
HeapFree
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LocalFree
MapViewOfFile
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualLock
VirtualProtect
VirtualQuery
VirtualUnlock

msvcrt

__iob_func
_amsg_exit
_errno
_get_osfhandle
_initterm
_lock
_mktime64
_snprintf
_stat64
_time64
_unlock
_vsnprintf
abort
calloc
clock
exit
fprintf
fputc
fread
free
fwrite
getc
getenv
isprint
isxdigit
malloc
memcmp
memcpy
memmove
memset
rand
realloc
signal
sprintf
srand
strchr
strcmp
strerror
strlen
strncmp
strncpy
strrchr
strstr
toupper
vfprintf

user32

wsprintfA

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
closesocket
connect
gethostbyname
htons
inet_ntoa
ioctlsocket
ntohl
recv
recvfrom
select
send
sendto
setsockopt
socket

Exports

Exports

PyInit_pyarmor_runtime

Sections

.text
Size: 513KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

261e3b31ffbd3a766b5ba2edc52c411a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

shell32

python311

Exports

Exports

Sections

.text Size: 935KB - Virtual size: 934KB

.data Size: 12KB - Virtual size: 12KB

.rdata Size: 30KB - Virtual size: 30KB

.eh_fram Size: 512B - Virtual size: 4B

.pdata Size: 8KB - Virtual size: 7KB

.xdata Size: 11KB - Virtual size: 10KB

.bss Size: - Virtual size: 20KB

.edata Size: 512B - Virtual size: 91B

.idata Size: 12KB - Virtual size: 12KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 1KB - Virtual size: 1KB

f57d7a40ebfca87e6f8082251d937ed8

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:ddCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

4c:d9:9a:35:3b:84:6b:6c:e2:68:c1:65:f7:9d:38:9d:01:78:b3:2d:eb:b9:86:83:fe:d8:77:c9:0f:d3:38:b5Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

user32

oleaut32

gdi32

shell32

ole32

kernel32

rpcrt4

Sections

.text Size: 295KB - Virtual size: 294KB

.rdata Size: 125KB - Virtual size: 124KB

.data Size: 3KB - Virtual size: 6KB

.wixburn Size: 512B - Virtual size: 56B

.rsrc Size: 89KB - Virtual size: 89KB

.reloc Size: 15KB - Virtual size: 15KB

59a5391c6347bd83a5f12fffd33e8e9d

Headers

DLL Characteristics

File Characteristics

Imports

nvinfer

nvonnxparser

nvparsers

nvinfer_plugin

python311

kernel32

api-ms-win-core-interlocked-l1-1-0

.text
Size: 935KB - Virtual size: 934KB

.data
Size: 12KB - Virtual size: 12KB

.rdata
Size: 30KB - Virtual size: 30KB

.eh_fram
Size: 512B - Virtual size: 4B

.pdata
Size: 8KB - Virtual size: 7KB

.xdata
Size: 11KB - Virtual size: 10KB

.bss
Size: - Virtual size: 20KB

.edata
Size: 512B - Virtual size: 91B

.idata
Size: 12KB - Virtual size: 12KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 1KB - Virtual size: 1KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

4c:d9:9a:35:3b:84:6b:6c:e2:68:c1:65:f7:9d:38:9d:01:78:b3:2d:eb:b9:86:83:fe:d8:77:c9:0f:d3:38:b5
Signer

.text
Size: 295KB - Virtual size: 294KB

.rdata
Size: 125KB - Virtual size: 124KB

.data
Size: 3KB - Virtual size: 6KB

.wixburn
Size: 512B - Virtual size: 56B

.rsrc
Size: 89KB - Virtual size: 89KB

.reloc
Size: 15KB - Virtual size: 15KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 620KB - Virtual size: 620KB

.data
Size: 21KB - Virtual size: 28KB

.pdata
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 513KB - Virtual size: 513KB

.data
Size: 17KB - Virtual size: 17KB

.rdata
Size: 49KB - Virtual size: 49KB

.pdata
Size: 9KB - Virtual size: 8KB

.xdata
Size: 10KB - Virtual size: 9KB

.bss
Size: - Virtual size: 25KB

.edata
Size: 512B - Virtual size: 93B

.idata
Size: 13KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 1024B - Virtual size: 676B