Setup-app[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

Setup-app.7z
Size

116.3MB
MD5

19a53c88b57e9f330250bd8a72ff6694
SHA1

31fcff8753ee1ce1738ae3d040e1cca293aa4cb1
SHA256

2efc288f7eca7bc4f1d38b06adcaf6ad70dbf4dc258350ff8621f0a3b378d392
SHA512

ee14bc08cc3e7e4ec28d442ade22b16b195ff17624cd663dbc7b9cab6d5e38efea8168fad167c5d9c87c12168a013e8878399a46e49c428a656d86bf91ccbba0
SSDEEP

3145728:RwxAsSR/f8ntHCrjS9F10RN0WnfLD40KSdVEkSzjRdpsKo:AAsOH6tSS9FG4aDxKSdV0RjE

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe
unpack001/data/7za.dll
unpack001/data/7za.exe
unpack001/mapistub.dll

Files

Setup-app.7z
.7z
Setup.exe
.exe windows:10 windows x64 arch:x64

d8314833ef52a5350cf45df946c73dd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

fixmapi.pdb

Imports

kernel32

GetLastError
LoadLibraryA
GetProcAddress
LoadLibraryW
FreeLibrary
lstrcmpiA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
IsDebuggerPresent

user32

MessageBoxA
DispatchMessageA
GetMessageA
PostQuitMessage

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
_c_exit
_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o___std_exception_copy
_o___std_exception_destroy
_o___stdio_common_vsprintf_s
_o__callnewh
_o__cexit
_o__configthreadlocale
_o__configure_narrow_argv
_o__crt_atexit
_o__exit
_o__get_narrow_winmain_command_line
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__register_onexit_function
_o__seh_filter_exe
_o__set_app_type
_o__set_fmode
_o_exit
_o_free
_o_malloc
_o_strtok
_o_terminate
__C_specific_handler
__CxxFrameHandler3
__current_exception
__current_exception_context
_CxxThrowException
_o___p__commode
_o__set_new_mode
memcpy

api-ms-win-crt-string-l1-1-0

memset

ole32

HWND_UserFree64
CoRegisterPSClsid
CoUninitialize
CoInitialize
HWND_UserFree
HWND_UserSize64
HWND_UserUnmarshal
CoRegisterClassObject
HWND_UserSize
HWND_UserMarshal
HWND_UserMarshal64
HWND_UserUnmarshal64
CoRevokeClassObject

rpcrt4

NdrDllGetClassObject
NdrOleFree
NdrOleAllocate

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/7za.dll
.dll windows:4 windows x86 arch:x86

edb01ced967d1545f46e4d8d004d088e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen
VariantCopy
VariantClear

user32

CharUpperW

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler3
_beginthreadex
realloc
memset
strlen
wcscmp
memcpy
memmove
free
_CxxThrowException
malloc
memcmp
_purecall
__CxxFrameHandler

kernel32

GetTempPathW
InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
SetEvent
CreateEventW
SetThreadAffinityMask
ResumeThread
WaitForSingleObject
InterlockedIncrement
GetVersion
IsProcessorFeaturePresent
GetModuleHandleW
VirtualFree
VirtualAlloc
LoadLibraryW
FreeLibrary
QueryPerformanceCounter
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
GlobalMemoryStatus
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
WriteFile
ReadFile
GetLastError
CloseHandle
SetFileTime
CreateFileW
SetFileAttributesW
CreateDirectoryW
DeleteFileW
SetLastError
GetCurrentDirectoryW
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetFileInformationByHandle
FindClose
FindFirstFileW
GetProcAddress
GetModuleHandleA
GetFileAttributesW

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetModuleProp
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/7za.exe
.exe windows:4 windows x86 arch:x86

6f18dc28cf1faef40cedf506a5685aac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopy
SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen
VariantClear

user32

CharPrevExA
CharUpperW

advapi32

OpenProcessToken
GetFileSecurityW
SetFileSecurityW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_beginthreadex
realloc
_ftol
memset
strlen
wcscmp
wcsstr
strcmp
memmove
fputs
fputc
fflush
fgetc
_iob
free
malloc
memcmp
_purecall
memcpy
_CxxThrowException
__CxxFrameHandler
_isatty
_fileno

kernel32

SetThreadAffinityMask
CreateEventW
SetEvent
ResetEvent
CreateSemaphoreW
ReleaseSemaphore
InitializeCriticalSection
WaitForSingleObject
CreateHardLinkW
InterlockedIncrement
GetVersion
VirtualFree
VirtualAlloc
GetOEMCP
LocalFileTimeToFileTime
SetConsoleMode
GetConsoleMode
GetVersionExW
SetFileApisToOEM
GetCommandLineW
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
DeleteCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetProcessTimes
OpenEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetProcessAffinityMask
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
IsProcessorFeaturePresent
GlobalMemoryStatus
GetSystemInfo
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
GetModuleHandleW
GetCurrentProcess
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
CloseHandle
SetFileTime
CreateFileW
SetFileAttributesW
RemoveDirectoryW
MoveFileW
CreateDirectoryW
DeleteFileW
SetLastError
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetFileInformationByHandle
GetStdHandle
FindClose
FindFirstFileW
FindNextFileW
GetProcAddress
GetModuleHandleA
GetFileAttributesW
GetLogicalDriveStringsW
GetFileSize
SetFilePointer
DeviceIoControl
ReadFile
WriteFile
SetEndOfFile
ResumeThread

Sections

.text
Size: 703KB - Virtual size: 702KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/bin
.zip
data/brotli/LICENSE.txt
data/brotli/README.md
data/brotli/decode.h
data/brotli/encode.h
data/brotli/port.h
data/brotli/shared_dictionary.h
data/brotli/types.h
data/cacert/LICENSE.url
data/curl/curl.h
data/curl/curlver.h
data/curl/easy.h
data/curl/header.h
data/curl/mprintf.h
data/curl/multi.h
data/curl/options.h
data/curl/stdcheaders.h
data/curl/system.h
data/curl/typecheck-gcc.h
data/curl/urlapi.h
data/curl/websockets.h
data/gkcc.dll
data/gkv.dll
data/libbrotlicommon.a
.js
data/libbrotlidec.a
data/libcrypto.a
data/libcurl.a
data/libcurl.dll.a
data/libnghttp2.a
data/libnghttp3.a
data/libngtcp2.a
data/libngtcp2_crypto_quictls.a
data/libpsl.a
data/libpsl.h
data/libpsl/AUTHORS.txt
data/libpsl/COPYING.txt
data/libpsl/NEWS.txt
data/libressl/COPYING.txt
data/libressl/ChangeLog.txt
data/libressl/README.md
data/libssh2.a
data/libssh2.h
data/libssh2/COPYING.txt
data/libssh2/NEWS.txt
data/libssh2/README.txt
data/libssh2/RELEASE-NOTES.txt
data/libssh2/docs/AUTHORS.txt
data/libssh2/docs/HACKING-CRYPTO.txt
data/libssh2/docs/INSTALL_AUTOTOOLS.txt
data/libssh2/docs/TODO.txt
data/libssh2_publickey.h
data/libssh2_sftp.h
data/libssl.a
data/libz.a
data/libzstd.a
data/nghttp2/AUTHORS.txt
data/nghttp2/COPYING.txt
data/nghttp2/ChangeLog.txt
data/nghttp2/README.rst
data/nghttp2/nghttp2.h
data/nghttp2/nghttp2ver.h
data/nghttp3/AUTHORS.txt
data/nghttp3/COPYING.txt
data/nghttp3/ChangeLog.txt
data/nghttp3/README.rst
data/nghttp3/nghttp3.h
data/nghttp3/version.h
data/ngtcp2/AUTHORS.txt
data/ngtcp2/COPYING.txt
data/ngtcp2/ChangeLog.txt
data/ngtcp2/README.rst
data/ngtcp2/ngtcp2.h
data/ngtcp2/ngtcp2_crypto.h
data/ngtcp2/ngtcp2_crypto_quictls.h
data/ngtcp2/version.h
data/openssl/aes.h
data/openssl/asn1.h
data/openssl/asn1t.h
data/openssl/bio.h
data/openssl/blowfish.h
data/openssl/bn.h
data/openssl/buffer.h
data/openssl/camellia.h
data/openssl/cast.h
data/openssl/chacha.h
data/openssl/cmac.h
data/openssl/cms.h
data/openssl/comp.h
data/openssl/conf.h
data/openssl/crypto.h
data/openssl/ct.h
data/openssl/curve25519.h
data/openssl/des.h
data/openssl/dh.h
data/openssl/dsa.h
data/openssl/dtls1.h
data/openssl/ec.h
data/openssl/ecdh.h
data/openssl/ecdsa.h
data/openssl/engine.h
data/openssl/err.h
data/openssl/evp.h
data/openssl/hkdf.h
data/openssl/hmac.h
data/openssl/idea.h
data/openssl/kdf.h
data/openssl/lhash.h
data/openssl/md4.h
data/openssl/md5.h
data/openssl/modes.h
data/openssl/obj_mac.h
data/openssl/objects.h
data/openssl/ocsp.h
data/openssl/opensslconf.h
data/openssl/opensslfeatures.h
data/openssl/opensslv.h
data/openssl/ossl_typ.h
data/openssl/pem.h
data/openssl/pkcs12.h
data/openssl/pkcs7.h
data/openssl/poly1305.h
data/openssl/posix_time.h
data/openssl/rand.h
data/openssl/rc2.h
data/openssl/rc4.h
data/openssl/ripemd.h
data/openssl/rsa.h
data/openssl/safestack.h
data/openssl/sha.h
data/openssl/sm3.h
data/openssl/sm4.h
data/openssl/srtp.h
data/openssl/ssl.h
data/openssl/ssl3.h
data/openssl/stack.h
data/openssl/tls1.h
data/openssl/ts.h
data/openssl/txt_db.h
data/openssl/ui.h
data/openssl/x509.h
data/openssl/x509_vfy.h
data/openssl/x509v3.h
data/zconf.h
data/zdict.h
data/zlib/ChangeLog.txt
mapistub.dll
.dll windows:6 windows x64 arch:x64

55c215be0298065cf040f435fff93712

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

MessageBoxW

kernel32

LoadLibraryExW
CloseHandle
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
SetEndOfFile
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
RtlUnwind
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
VirtualProtect
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
CreateFileW
HeapSize
WriteConsoleW

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fptable
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8314833ef52a5350cf45df946c73dd9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-string-l1-1-0

ole32

rpcrt4

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 1KB

.pdata Size: 4KB - Virtual size: 804B

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 336B

edb01ced967d1545f46e4d8d004d088e

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 242KB - Virtual size: 241KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 512B - Virtual size: 22KB

.sxdata Size: 512B - Virtual size: 4B

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 10KB - Virtual size: 9KB

6f18dc28cf1faef40cedf506a5685aac

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 703KB - Virtual size: 702KB

.rdata Size: 90KB - Virtual size: 89KB

.data Size: 2KB - Virtual size: 48KB

.sxdata Size: 512B - Virtual size: 4B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 29KB - Virtual size: 29KB

55c215be0298065cf040f435fff93712

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 5KB - Virtual size: 10KB

.pdata Size: 10KB - Virtual size: 9KB

.fptable Size: 512B - Virtual size: 256B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 1KB

.pdata
Size: 4KB - Virtual size: 804B

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 336B

.text
Size: 242KB - Virtual size: 241KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 512B - Virtual size: 22KB

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 10KB - Virtual size: 9KB

.text
Size: 703KB - Virtual size: 702KB

.rdata
Size: 90KB - Virtual size: 89KB

.data
Size: 2KB - Virtual size: 48KB

.sxdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 29KB - Virtual size: 29KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 5KB - Virtual size: 10KB

.pdata
Size: 10KB - Virtual size: 9KB

.fptable
Size: 512B - Virtual size: 256B

.reloc
Size: 2KB - Virtual size: 2KB