5438ee5d8f61eb817222d63baa358b55_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5438ee5d8f61eb817222d63baa358b55_JaffaCakes118
Size

465KB
MD5

5438ee5d8f61eb817222d63baa358b55
SHA1

db2f449dae3cf233edb2b597497d40a4c002fcf6
SHA256

b03b60757607c19985d4d9a017de9eaf4f776a3ad68a2ae8d887fac6b1ded760
SHA512

d690f8b28e2869b348ff5b1a5b25ce8e21975d1dfaa09c6ed31b6288f2915fe92eb5573798c975e73fb6040742c669eef431e886e413018994a2d521ab4a6fa4
SSDEEP

12288:DL0NBYWNgfhmcXsQsm4MLZNilak6fwzNbhYrC:v0NBGp6QR9N6ak6fwJbYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Magebot/magebotv55.exe
unpack001/Magebot/magebotv55_SAFEMODE.exe
unpack001/Magebot/packet.dll
unpack001/Magebot/server.exe
unpack001/Magebot/uninstall.exe

Files

5438ee5d8f61eb817222d63baa358b55_JaffaCakes118
.rar
Magebot/Current.wav
Magebot/SETTINGS.txt
Magebot/blkktiles.bin
Magebot/blktiles.bin
Magebot/blktilesbin.txt
Magebot/config.txt
Magebot/customhotkeys.txt
Magebot/enemies.txt
Magebot/fltiles.bin
Magebot/friends.txt
Magebot/how to use.txt
Magebot/itenids.txt
Magebot/knightSETTINGS.txt
Magebot/lognoobs.txt
Magebot/lvl01_al_dee_rook.sav
Magebot/lvl01_premrook.sav
Magebot/lvl12_darashia_rotworm_farwestfull.sav
Magebot/lvl12_darashia_rotworm_farwestfull.savd
Magebot/lvl12_darashia_rotworm_north.sav
Magebot/lvl12_darashia_rotworm_north.savd
Magebot/lvl12_darashia_rotworm_northeast_full.sav
Magebot/lvl12_darashia_rotworm_northeast_full.savd
Magebot/lvl12_darashia_rotworm_westfull.sav
Magebot/lvl12_darashia_rotworm_westfull.savd
Magebot/lvl12_gs tomb.sav
Magebot/lvl12_larvafarne.sav
Magebot/lvl15_libertyrotworm.sav
Magebot/lvl15_libertyrotworm.savd
Magebot/lvl15_venoreswamptrolls.sav
Magebot/lvl16_larvafarnefull.sav
Magebot/lvl16_larvanw.sav
Magebot/lvl16_larvawestfull.sav
Magebot/lvl25_tarpit_floor1_ghoul.sav
Magebot/lvl30_gs_tomb_2nd_floor.sav
Magebot/lvl35_lscarabhidden_floor3_PALADIN.sav
Magebot/lvl40_chakoya.sav
Magebot/lvl40_dgkaz_islandmine.sav
Magebot/lvl40_dgkaz_mazemine.sav
Magebot/lvl40_tarpit_2ndfloor.sav
Magebot/lvl45_dgkaz_hellmine.sav
Magebot/lvl50_deeptarpitsmall.sav
Magebot/lvl55_ghost tomb small.sav
Magebot/lvl60_city tomb 3rd level.sav
Magebot/lvl60_ghost tomb 4 spawn.sav
Magebot/lvl65_dara_vamp.sav
Magebot/lvl65_ghost tomb 6 spawn.sav
Magebot/lvl65_stone tomb past coinl.sav
Magebot/lvl70_edron drag main room and holes.sav
Magebot/lvl70_edron drags 5 spawns.sav
Magebot/lvl75_edron drags all.sav
Magebot/lvl75_tarpit_past_coinl.sav
Magebot/lvl80_venore drags lots.sav
Magebot/lvl80_venore drags mmore than more.sav
Magebot/lvl85_vendragsall.sav
Magebot/magebotv55.exe
.exe windows:4 windows x86 arch:x86

5e9b2556752f5a2ae8d601d761fd7c27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

recv
closesocket
connect
WSACleanup
inet_ntoa
ioctlsocket
WSAGetLastError
WSAStartup
gethostbyname
socket
htons
send

kernel32

HeapSize
RaiseException
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
Beep
WriteProcessMemory
ReadProcessMemory
CloseHandle
OpenProcess
Sleep
GetTickCount
VirtualProtectEx
CreateThread
GetCurrentDirectoryA
GetProcAddress
LoadLibraryA
WriteConsoleA
WaitForSingleObject
CreateRemoteThread
VirtualAllocEx
GetModuleHandleA
SetPriorityClass
GetCurrentProcess
GetStdHandle
AllocConsole
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetFileType
SetHandleCount
CreateFileA
SetFilePointer
ReadFile
TerminateProcess
WriteFile
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
IsBadReadPtr
IsBadCodePtr
GetVolumeInformationA
SetConsoleCtrlHandler
LCMapStringW
LCMapStringA
GetStringTypeW
GetLocalTime
GetSystemTime
GetStringTypeA
MultiByteToWideChar
GetSystemTimeAsFileTime
GetLastError
DeleteFileA
GetTimeZoneInformation

user32

EnumWindows
FindWindowA
GetDC
ReleaseDC
DialogBoxParamA
SetDlgItemInt
CreateWindowExA
SetTimer
EndDialog
GetDlgItemTextA
IsDlgButtonChecked
GetDlgItemInt
GetDlgItem
EnableWindow
MessageBoxA
PostMessageA
SetDlgItemTextA
mouse_event
GetCursorPos
SetCursorPos
GetAsyncKeyState
GetWindowRect
SendMessageA
GetForegroundWindow
GetWindowTextA
GetWindowThreadProcessId
SetWindowTextA
CheckDlgButton

gdi32

TextOutA
GetStockObject
SetBkMode

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

ShellExecuteA

winmm

PlaySoundA

Sections

.text
Size: 360KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 156.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Magebot/magebotv55_SAFEMODE.exe
.exe windows:4 windows x86 arch:x86

5e9b2556752f5a2ae8d601d761fd7c27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

recv
closesocket
connect
WSACleanup
inet_ntoa
ioctlsocket
WSAGetLastError
WSAStartup
gethostbyname
socket
htons
send

kernel32

HeapSize
RaiseException
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
Beep
WriteProcessMemory
ReadProcessMemory
CloseHandle
OpenProcess
Sleep
GetTickCount
VirtualProtectEx
CreateThread
GetCurrentDirectoryA
GetProcAddress
LoadLibraryA
WriteConsoleA
WaitForSingleObject
CreateRemoteThread
VirtualAllocEx
GetModuleHandleA
SetPriorityClass
GetCurrentProcess
GetStdHandle
AllocConsole
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
IsBadWritePtr
HeapReAlloc
VirtualAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetFileType
SetHandleCount
CreateFileA
SetFilePointer
ReadFile
TerminateProcess
WriteFile
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
IsBadReadPtr
IsBadCodePtr
GetVolumeInformationA
SetConsoleCtrlHandler
LCMapStringW
LCMapStringA
GetStringTypeW
GetLocalTime
GetSystemTime
GetStringTypeA
MultiByteToWideChar
GetSystemTimeAsFileTime
GetLastError
DeleteFileA
GetTimeZoneInformation

user32

EnumWindows
FindWindowA
GetDC
ReleaseDC
DialogBoxParamA
SetDlgItemInt
CreateWindowExA
SetTimer
EndDialog
GetDlgItemTextA
IsDlgButtonChecked
GetDlgItemInt
GetDlgItem
EnableWindow
MessageBoxA
PostMessageA
SetDlgItemTextA
mouse_event
GetCursorPos
SetCursorPos
GetAsyncKeyState
GetWindowRect
SendMessageA
GetForegroundWindow
GetWindowTextA
GetWindowThreadProcessId
SetWindowTextA
CheckDlgButton

gdi32

TextOutA
GetStockObject
SetBkMode

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

ShellExecuteA

winmm

PlaySoundA

Sections

.text
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 156.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Magebot/mtiles.bin
Magebot/noobSETTINGS.txt
Magebot/otitenids.txt
Magebot/packet.dll
.dll windows:4 windows x86 arch:x86

479ef362a40fc7ed393ba707cedc0a56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleA
VirtualProtectEx
GetCurrentProcess
CloseHandle
DisconnectNamedPipe
ReadFile
GetLastError
ConnectNamedPipe
Sleep
Beep
CreateNamedPipeA
CreateThread
GetProcAddress
LoadLibraryA
GetSystemTimeAsFileTime
DeleteFileA
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapFree
InitializeCriticalSection
ExitProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
CreateFileA
GetCPInfo
GetACP
GetOEMCP
RtlUnwind
SetEndOfFile
LCMapStringA
LCMapStringW

user32

GetAsyncKeyState
SetWindowLongA
CallWindowProcA

Exports

Exports

?fnPacket@@YAHPBDHH@Z
?nPacket@@3HA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Magebot/paladinSETTINGS.txt
Magebot/pzzones.txt
Magebot/record.sav
Magebot/recordnons.dat
Magebot/safelist.txt
Magebot/safemode1st.txt
Magebot/server.exe
.exe windows:4 windows x86 arch:x86

ae548d936ad547695426c33bd611184d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

shutdown
closesocket
WSAGetLastError
select
__WSAFDIsSet
accept
ntohs
inet_addr
inet_ntoa
send
recv
getsockopt
ioctlsocket
socket
bind
listen
htons
WSAStartup
WSACleanup

kernel32

VirtualAlloc
GetLocaleInfoW
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
CreateFileA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
HeapFree
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
LCMapStringA
LCMapStringW
GetCPInfo
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
HeapSize
GetProcAddress
GetModuleHandleA
GetLastError
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
FlushFileBuffers
CloseHandle
IsValidLocale

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Magebot/sorcererSETTINGS.txt
Magebot/stoptiles.bin
Magebot/targeting.txt
Magebot/tradehelper.txt
Magebot/uninstall.exe
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e9b2556752f5a2ae8d601d761fd7c27

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

shell32

winmm

Sections

.text Size: 360KB - Virtual size: 356KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 40KB - Virtual size: 156.4MB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 136KB - Virtual size: 133KB

5e9b2556752f5a2ae8d601d761fd7c27

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

shell32

winmm

Sections

.text Size: 356KB - Virtual size: 355KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 40KB - Virtual size: 156.4MB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 136KB - Virtual size: 132KB

479ef362a40fc7ed393ba707cedc0a56

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 295KB

.reloc Size: 8KB - Virtual size: 4KB

ae548d936ad547695426c33bd611184d

Headers

File Characteristics

Imports

wsock32

kernel32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 26KB

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 153KB

.text
Size: 360KB - Virtual size: 356KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 40KB - Virtual size: 156.4MB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 136KB - Virtual size: 133KB

.text
Size: 356KB - Virtual size: 355KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 40KB - Virtual size: 156.4MB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 136KB - Virtual size: 132KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 295KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 26KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 153KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 3KB - Virtual size: 2KB