E:\source\NetMon\NetMonitor\Bin\client\Client.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-10-14_af2a4f223820c544681044d2d3e2478c_hijackloader_mafia.exe
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-10-14_af2a4f223820c544681044d2d3e2478c_hijackloader_mafia.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2024-10-14_af2a4f223820c544681044d2d3e2478c_hijackloader_mafia
-
Size
4.7MB
-
MD5
af2a4f223820c544681044d2d3e2478c
-
SHA1
8098f161cd536b083885b9c582bf0f6032c97426
-
SHA256
4d8d5c9422433782bc4da2aa1943745b5a05bc899d6bef378293bf31c1a7f4a3
-
SHA512
fd70a3984357dc95d3af5e3406c466c578e0db9cbcc107d38bb56fc19e4abee3dd34bddd71c241c3808eebd2b99ebaa33bf58723c1bbdb051764a86112c1d1e9
-
SSDEEP
98304:czq0roB8o2oC7wNiJDZ1pmbOVJ2XM/NlqXfRqOIFv6cgal+0+b0hlIOsv/p:czxroB8ofWwNi97lgqBTZ+b0hlpsvR
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-10-14_af2a4f223820c544681044d2d3e2478c_hijackloader_mafia
Files
-
2024-10-14_af2a4f223820c544681044d2d3e2478c_hijackloader_mafia.exe windows:5 windows x86 arch:x86
282dfc751d8ed84125daa079df7f6823
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
htmlayout
HTMLayoutSwapElements
HTMLayoutGetElementLocation
HTMLayoutGetGraphin
HTMLayoutClearAttributes
HTMLayoutCloneElement
HTMLayoutProcessUIEvent
HTMLayoutDataReady
ValueIntData
HTMLayoutGetElementInnerTextCB
HTMLayoutLoadHtmlEx
HTMLayoutGetMinWidth
HTMLayoutGetMinHeight
HTMLayoutWindowDetachEventHandler
HTMLayoutGetElementHtmlCB
HTMLayoutControlGetType
HTMLayoutGetElementHwnd
HTMLayoutSelectElements
HTMLayoutScrollToView
HTMLayoutAttachEventHandlerEx
HTMLayoutAttachEventHandler
HTMLayoutSetElementState
HTMLayoutGetElementState
ValueStringData
ValueCopy
ValueToString
HTMLayoutControlGetValue
ValueIntDataSet
HTMLayoutControlSetValue
HTMLayoutGetNthAttribute
HTMLayoutGetAttributeCount
HTMLayoutUpdateElement
HTMLayoutGetElementHtml
HTMLayoutSetElementHtml
HTMLayoutUpdateElementEx
HTMLayoutSetAttributeByName
HTMLayoutGetElementIndex
HTMLayoutVisitElements
HTMLayoutGetRootElement
HTMLayoutDeleteElement
HTMLayoutInsertElement
HTMLayoutGetElementInnerText
HTMLayoutGetElementInnerText16
HTMLayoutGetElementType
HTMLayoutGetStyleAttribute
HTMLayoutGetAttributeByName
HTMLayoutGetChildrenCount
HTMLayoutGetNthChild
HTMLayoutGetParentElement
HTMLayoutCreateElement
HTMLayoutLoadHtml
HTMLayoutSetCallback
HTMLayoutWindowAttachEventHandler
HTMLayoutSetOption
HTMLayoutProcND
HTMLayoutSetStyleAttribute
HTMLayoutCallBehaviorMethod
HTMLayout_UseElement
HTMLayout_UnuseElement
HTMLayoutSetElementInnerText16
HTMLayoutSetElementInnerText
ValueInit
ValueStringDataSet
ValueClear
HTMLayoutLoadFile
libvlc
libvlc_media_player_release
libvlc_media_release
libvlc_media_player_set_position
libvlc_media_player_set_rate
libvlc_media_player_set_hwnd
libvlc_media_player_set_media
libvlc_media_parse
libvlc_media_player_get_position
libvlc_media_player_get_time
libvlc_release
libvlc_media_player_play
libvlc_media_player_get_length
libvlc_new
libvlc_media_player_new
libvlc_media_new_location
libvlc_media_get_state
libvlc_media_player_pause
libvlc_media_player_stop
ws2_32
WSACleanup
inet_ntoa
gethostbyname
gethostname
WSAStartup
freeaddrinfo
closesocket
connect
socket
getaddrinfo
ioctlsocket
setsockopt
recv
send
WSAGetLastError
select
htons
inet_addr
ntohs
__WSAFDIsSet
WSASetLastError
getsockopt
htonl
recvfrom
getsockname
sendto
WSACloseEvent
WSARecv
WSASend
accept
WSAIoctl
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSASocketA
WSACreateEvent
WSAEventSelect
bind
listen
getpeername
winmm
PlaySoundA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveInClose
waveInUnprepareHeader
waveInReset
waveInStop
waveOutWrite
waveInStart
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveInGetNumDevs
wldap32
ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord32
ord35
ord79
ord200
ord33
ord301
ord27
ord41
ord46
kernel32
GetFileSize
CreateFileA
WriteFile
ReadFile
RemoveDirectoryA
lstrcpyA
SetCurrentDirectoryA
InterlockedIncrement
PostQueuedCompletionStatus
GetSystemInfo
CreateIoCompletionPort
GetQueuedCompletionStatus
InterlockedExchange
CancelIo
DeactivateActCtx
ActivateActCtx
GlobalUnlock
GlobalLock
CreateFileW
SetEndOfFile
FlushViewOfFile
CreatePipe
GetExitCodeProcess
ReleaseMutex
WritePrivateProfileStringW
GetPrivateProfileStringW
GetSystemDirectoryA
CreateMutexW
GetTempFileNameA
GetTempPathA
GlobalSize
LocalSize
GetVersion
QueryPerformanceCounter
FreeResource
lstrcmpW
LoadLibraryW
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
MulDiv
lstrlenW
CreateActCtxW
ReleaseActCtx
GetStringTypeExA
GetThreadLocale
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetFullPathNameA
GetShortPathNameA
lstrcmpA
GetModuleHandleW
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
SetThreadPriority
GetUserDefaultLCID
SystemTimeToFileTime
ReplaceFileA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
InitializeCriticalSectionAndSpinCount
GlobalFlags
GetACP
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
GetFileAttributesExA
LocalFileTimeToFileTime
GetFileSizeEx
GetNumberFormatA
GetProfileIntA
SearchPathA
VirtualProtect
FindResourceExW
FindFirstFileExA
RtlUnwind
SetEnvironmentVariableA
GetCurrentDirectoryW
RaiseException
HeapFree
HeapAlloc
ExitThread
GetTimeFormatA
GetDateFormatA
DecodePointer
EncodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
FindFirstFileA
VirtualQuery
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
FindClose
UnhandledExceptionFilter
IsDebuggerPresent
GetDriveTypeW
SetHandleCount
GetConsoleCP
GetConsoleMode
HeapCreate
HeapDestroy
IsValidCodePage
LCMapStringW
GetStringTypeW
GetLocaleInfoW
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
CompareStringW
WriteConsoleW
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
SleepEx
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
InterlockedCompareExchange
LocalFree
lstrlenA
GetDiskFreeSpaceExA
VirtualAlloc
VirtualFree
lstrcatA
WinExec
GetWindowsDirectoryA
FindResourceW
FindResourceA
LoadResource
LockResource
SizeofResource
GetFullPathNameW
SetUnhandledExceptionFilter
CreateFileMappingA
MapViewOfFile
GetCurrentThreadId
UnmapViewOfFile
GetStartupInfoA
GetCurrentThread
SetLastError
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
Sleep
ReleaseSemaphore
GetSystemTimeAsFileTime
CreateSemaphoreA
DeleteCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameW
GetShortPathNameW
InterlockedDecrement
CreateProcessW
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
TerminateProcess
Process32Next
GlobalAlloc
GetVolumeInformationA
GlobalFree
GetCurrentProcess
GetCurrentDirectoryA
GetModuleFileNameA
GetLogicalDriveStringsA
GetModuleHandleA
OpenProcess
CreateProcessA
OutputDebugStringA
CreateMutexA
SetFilePointer
GetLastError
GetVersionExA
FormatMessageA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateDirectoryA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
CopyFileA
CopyFileW
GetFileAttributesA
HeapReAlloc
FindNextFileA
GetFileAttributesW
MoveFileA
MoveFileW
DeleteFileA
DeleteFileW
CreateThread
ResumeThread
SetEvent
WaitForSingleObject
TerminateThread
CloseHandle
CreateEventA
LocalAlloc
FileTimeToLocalFileTime
IsProcessorFeaturePresent
FileTimeToSystemTime
GetDriveTypeA
GetFileInformationByHandle
lstrcpynA
user32
EnableScrollBar
NotifyWinEvent
CopyImage
SetWindowRgn
DestroyAcceleratorTable
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
RegisterClipboardFormatA
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UpdateLayeredWindow
MonitorFromPoint
IsMenu
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
GetUpdateRect
CharUpperBuffA
GetDoubleClickTime
SubtractRect
DrawIcon
GetWindowRgn
IntersectRect
IsWindowVisible
CheckMenuRadioItem
SetClassLongA
PostQuitMessage
IsZoomed
CreatePopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadStringW
SetWindowTextW
LoadIconW
LoadBitmapW
GetSystemMenu
AppendMenuA
CheckMenuItem
MessageBeep
DrawEdge
SystemParametersInfoA
CharNextA
HideCaret
DeleteMenu
GetMenuItemCount
EnableMenuItem
GetCursorPos
GetFocus
InvertRect
GetAsyncKeyState
GetMenuDefaultItem
IsClipboardFormatAvailable
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
LoadAcceleratorsW
UnionRect
SetParent
IsRectEmpty
SetLayeredWindowAttributes
EnumDisplayMonitors
UnregisterClassA
GetSysColorBrush
RealChildWindowFromPoint
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
ValidateRect
GetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
DispatchMessageA
TranslateMessage
GetMessageA
SendMessageTimeoutA
GetWindowTextA
SendMessageA
GetWindowThreadProcessId
CreateWindowExA
LoadImageA
GetSystemMetrics
LoadCursorA
LoadIconA
DestroyWindow
wsprintfW
MessageBoxA
EnableWindow
SetRect
SetForegroundWindow
MessageBoxW
PostMessageA
GetDesktopWindow
IsWindow
DefWindowProcA
DestroyMenu
DestroyCursor
DestroyIcon
GetWindowLongA
GetNextDlgTabItem
GetParent
SetCursor
InvalidateRect
GetActiveWindow
WindowFromPoint
ClientToScreen
GetSubMenu
GetWindowRect
DrawFocusRect
InflateRect
CopyRect
GetClientRect
OffsetRect
DrawStateA
FillRect
GetSysColor
ReleaseDC
GetDC
GetIconInfo
LoadMenuA
CharUpperA
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
IsIconic
InsertMenuItemA
TranslateAcceleratorA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
TabbedTextOutA
GetMenuStringA
InsertMenuA
RemoveMenu
IsDialogMessageA
SetDlgItemTextA
DrawIconEx
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetClassInfoExA
RegisterClassA
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcA
GetMenuState
GetMenu
IsWindowEnabled
EndDialog
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
LoadBitmapA
GetDlgItem
MoveWindow
DrawTextW
GetClipboardData
DrawTextA
LoadMenuW
wsprintfA
GetDlgCtrlID
FrameRect
KillTimer
SetTimer
SetWindowLongA
CreateDialogIndirectParamA
SetWindowPos
AdjustWindowRectEx
SetWindowTextA
ShowWindow
GetAncestor
BringWindowToTop
SetCapture
RedrawWindow
ReleaseCapture
PtInRect
CopyIcon
SetActiveWindow
UpdateWindow
ScreenToClient
LoadCursorW
GetWindow
GetKeyState
SetRectEmpty
DrawFrameControl
GetCursor
GetClassInfoA
advapi32
RegCloseKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
RegEnumKeyExA
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExW
RegSetValueA
CryptReleaseContext
CryptAcquireContextA
RegQueryValueA
OpenProcessToken
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
ole32
CoTaskMemFree
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
DoDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
StringFromCLSID
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateGuid
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoUninitialize
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
shell32
SHGetSpecialFolderPathA
SHGetFileInfoA
ShellExecuteA
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
ord71
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
Shell_NotifyIconA
ExtractIconA
DragFinish
SHBrowseForFolderA
DragQueryFileA
oleaut32
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocString
OleCreateFontIndirect
SysAllocStringByteLen
shlwapi
PathCompactPathW
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathRemoveFileSpecA
PathAppendA
PathIsDirectoryA
SHAutoComplete
PathFindFileNameW
psapi
EnumProcessModules
GetProcessImageFileNameW
iphlpapi
GetAdaptersInfo
pgdlltunnel
ord2
ord3
ord6
ord12
ord16
ord1
gdi32
SetStretchBltMode
SetPixelV
PatBlt
CreateSolidBrush
StretchBlt
PtInRegion
Rectangle
PlgBlt
FillRgn
TextOutW
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
TextOutA
SetBkMode
CreateFontA
CreatePen
CreateDIBSection
StretchDIBits
ExtTextOutA
GetDeviceCaps
CopyMetaFileA
CreateDCA
SaveDC
RestoreDC
PtVisible
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
GetTextFaceA
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
OffsetRgn
SetDIBColorTable
Polygon
Ellipse
Polyline
CreateEllipticRgn
CreateRoundRectRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetRgnBox
GetTextColor
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
GetBkColor
GetCharWidthA
GetTextMetricsA
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateHatchBrush
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetTextAlign
DeleteObject
GetStockObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
SetTextColor
SetBkColor
SelectObject
CreateBitmap
SetPixel
GetPixel
GetObjectA
CreateFontIndirectA
GetTextExtentPoint32A
CreatePolygonRgn
msimg32
TransparentBlt
AlphaBlend
comdlg32
GetOpenFileNameW
GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA
winspool.drv
OpenPrinterA
ClosePrinter
DocumentPropertiesA
comctl32
ImageList_GetIconSize
_TrackMouseEvent
oledlg
ord8
pdh
PdhCloseQuery
PdhAddCounterA
PdhOpenQueryA
PdhGetFormattedCounterValue
PdhCollectQueryData
avifil32
AVIStreamRelease
AVIFileRelease
AVIStreamWrite
AVIFileCreateStreamA
AVIStreamSetFormat
AVIFileExit
AVIFileInit
AVIFileOpenA
msvfw32
DrawDibOpen
DrawDibClose
ICDecompress
ICSeqCompressFrameStart
ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
DrawDibDraw
oleacc
AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject
gdiplus
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipDeleteGraphics
GdipCloneImage
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipGetImageEncodersSize
GdipDisposeImage
GdipFree
GdiplusStartup
GdipAlloc
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusShutdown
GdipSaveImageToFile
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipGetImageEncoders
imm32
ImmGetOpenStatus
ImmReleaseContext
ImmGetContext
Exports
Exports
curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 586KB - Virtual size: 586KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 49KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 310KB - Virtual size: 310KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ