D:\Share\Develope\20190514_AMPV_1.0.29.0_WebAgreement_1.0.23.0_CommonForSamsungHP\Release_Samsung\MIFAgent.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2025-01-28_8151ddfe3c9a90fbef4d064a8912e772_bkransomware_floxif.exe
Resource
win7-20240903-en
windows7-x64
10 signatures
150 seconds
General
-
Target
2025-01-28_8151ddfe3c9a90fbef4d064a8912e772_bkransomware_floxif
-
Size
810KB
-
MD5
8151ddfe3c9a90fbef4d064a8912e772
-
SHA1
63d05a974b0972501881d9f4a09773ed0e51e4c1
-
SHA256
4724b7b26f08518e125265bd2f8ea1958d970388bdac0cab8f40dc7ebed5bd99
-
SHA512
be3fc63a91804801f04ad6b1378dee3df2bd2250816250084f743c72517d743f2d0f4cbe425909dca28bc7596ea26c5739c434fa4db329174e7326bda10b2d08
-
SSDEEP
24576:8Ke0obHxcNH9OhQATWNsHaVaOm1bNGarEH7n:8mxYSAGsHaVaVhNGB
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2025-01-28_8151ddfe3c9a90fbef4d064a8912e772_bkransomware_floxif
Files
-
2025-01-28_8151ddfe3c9a90fbef4d064a8912e772_bkransomware_floxif.exe windows:5 windows x86 arch:x86
6a46353c7ac104da717d2ac7f5d65ad5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
kernel32
CreateProcessA
GetLastError
WaitForMultipleObjects
CreateMutexA
OutputDebugStringA
ReleaseMutex
OpenFileMappingA
CreateThread
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
MultiByteToWideChar
GetFileAttributesW
LoadLibraryW
OutputDebugStringW
LocalAlloc
SetFileAttributesW
LocalFree
CreateFileW
CreateMutexW
EnterCriticalSection
LeaveCriticalSection
GetFileSize
DeleteFileW
MoveFileW
InitializeCriticalSectionAndSpinCount
GetLocalTime
GetTickCount
GetCurrentThreadId
GlobalFree
SetLastError
GlobalAlloc
IsDBCSLeadByte
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
CreateEventW
ReadFile
GetOverlappedResult
CreateEventA
ResetEvent
lstrcmpiW
DeviceIoControl
GetModuleHandleW
GetCurrentProcess
GetModuleFileNameW
GetUserGeoID
GetGeoInfoW
LoadLibraryExW
DeleteCriticalSection
CreateDirectoryW
GetTimeZoneInformation
WriteFile
InterlockedDecrement
FindFirstFileW
GetPrivateProfileStringW
FindClose
DecodePointer
RaiseException
GetCommandLineW
FlushInstructionCache
MulDiv
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ExitProcess
GetModuleHandleExW
GetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
EncodePointer
GetFileType
RtlUnwind
GetConsoleMode
SetFilePointerEx
CancelIo
Sleep
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
SetEvent
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
SetEnvironmentVariableA
WriteConsoleW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetConsoleCP
FreeEnvironmentStringsW
LoadLibraryA
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
EnumSystemLocalesW
GetProcAddress
GetSystemDirectoryA
WideCharToMultiByte
FreeLibrary
CloseHandle
GetVersionExW
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
InterlockedIncrement
VirtualFree
user32
UnregisterClassW
SetWindowLongW
EndDialog
SetFocus
SetDlgItemTextW
CreateWindowExW
MessageBeep
CharNextW
ShowWindow
IsWindowVisible
RedrawWindow
InvalidateRect
GetWindowTextW
DialogBoxParamW
GetActiveWindow
DestroyWindow
DefWindowProcW
EnableWindow
GetWindowTextLengthW
GetDlgItem
SetWindowTextW
SendMessageW
GetSystemMetrics
LoadImageW
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
MessageBoxW
IsWindow
SetCursor
LoadCursorW
winspool.drv
WritePrinter
ord203
EnumPrintersW
StartDocPrinterW
StartPagePrinter
EndPagePrinter
EndDocPrinter
EnumPrinterDriversW
EnumJobsW
EnumPortsW
XcvDataW
GetPrinterW
ClosePrinter
OpenPrinterW
advapi32
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
FreeSid
SetFileSecurityW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegEnumKeyW
shell32
CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ole32
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoInitializeEx
CoCreateInstance
oleaut32
VarUI4FromStr
shlwapi
PathAppendW
PathCombineW
comctl32
InitCommonControlsEx
setupapi
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInterfaceRegKey
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
ws2_32
getservbyname
__WSAFDIsSet
WSASetLastError
closesocket
gethostbyaddr
gethostbyname
WSAStartup
WSACleanup
ntohl
socket
bind
getservbyport
setsockopt
ntohs
htons
WSAGetLastError
select
htonl
inet_addr
recvfrom
inet_ntoa
gethostname
ioctlsocket
connect
shutdown
send
sendto
wininet
InternetSetOptionW
InternetCloseHandle
InternetQueryOptionW
InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
HttpAddRequestHeadersA
Exports
Exports
??0Counter@@QAE@AAV0@@Z
??0Counter@@QAE@I@Z
??0Counter@@QAE@XZ
??0Gauge@@QAE@AAV0@@Z
??0Gauge@@QAE@I@Z
??0Gauge@@QAE@XZ
??0IPAddress@@QAE@AAV0@@Z
??0IPAddress@@QAE@PAD@Z
??0IPAddress@@QAE@XZ
??0IPXAddress@@QAE@AAV0@@Z
??0IPXAddress@@QAE@PAD0@Z
??0IPXAddress@@QAE@PAD@Z
??0IPXAddress@@QAE@XZ
??0IPv6Address@@QAE@ABV0@@Z
??0IPv6Address@@QAE@PAD@Z
??0IPv6Address@@QAE@XZ
??0Integer@@QAE@AAV0@@Z
??0Integer@@QAE@H@Z
??0Integer@@QAE@XZ
??0NetworkAddress@@QAE@ABV0@@Z
??0NetworkAddress@@QAE@XZ
??0Null@@QAE@AAV0@@Z
??0Null@@QAE@XZ
??0OID@@QAE@AAV0@@Z
??0OID@@QAE@PAD@Z
??0OID@@QAE@XZ
??0OctetString@@QAE@AAV0@@Z
??0OctetString@@QAE@PADI@Z
??0OctetString@@QAE@XZ
??0PhysAddress@@QAE@AAV0@@Z
??0PhysAddress@@QAE@PAD@Z
??0PhysAddress@@QAE@XZ
??0Printer@@QAE@AAV0@@Z
??0Printer@@QAE@AAVNetworkAddress@@@Z
??0Printer@@QAE@XZ
??0ReqRespPDU@@QAE@AAV0@@Z
??0ReqRespPDU@@QAE@PAVVarBind@@H@Z
??0ReqRespPDU@@QAE@XZ
??0SNMPDataType@@QAE@ABV0@@Z
??0SNMPDataType@@QAE@XZ
??0SNMPManager@@QAE@XZ
??0Target@@QAE@AAV0@@Z
??0Target@@QAE@AAVNetworkAddress@@@Z
??0Target@@QAE@AAVNetworkAddress@@PAD1@Z
??0Target@@QAE@XZ
??0TimeTicks@@QAE@AAV0@@Z
??0TimeTicks@@QAE@I@Z
??0TimeTicks@@QAE@XZ
??0TrapPDU@@QAE@AAV0@@Z
??0TrapPDU@@QAE@XZ
??0VarBind@@QAE@AAV0@@Z
??0VarBind@@QAE@AAVOID@@@Z
??0VarBind@@QAE@XZ
??1Counter@@UAE@XZ
??1Gauge@@UAE@XZ
??1IPAddress@@UAE@XZ
??1IPXAddress@@UAE@XZ
??1IPv6Address@@UAE@XZ
??1Integer@@UAE@XZ
??1NetworkAddress@@UAE@XZ
??1Null@@UAE@XZ
??1OID@@UAE@XZ
??1OctetString@@UAE@XZ
??1PhysAddress@@UAE@XZ
??1Printer@@UAE@XZ
??1ReqRespPDU@@QAE@XZ
??1SNMPDataType@@UAE@XZ
??1SNMPManager@@QAE@XZ
??1Target@@UAE@XZ
??1TimeTicks@@UAE@XZ
??1TrapPDU@@QAE@XZ
??1VarBind@@QAE@XZ
??4Counter@@QAEAAV0@AAV0@@Z
??4Gauge@@QAEAAV0@AAV0@@Z
??4IPAddress@@QAEAAV0@AAV0@@Z
??4IPXAddress@@QAEAAV0@AAV0@@Z
??4IPv6Address@@QAEAAV0@AAV0@@Z
??4Integer@@QAEAAV0@AAV0@@Z
??4NetworkAddress@@QAEAAV0@ABV0@@Z
??4Null@@QAEAAV0@AAV0@@Z
??4OID@@QAEAAV0@AAV0@@Z
??4OctetString@@QAEAAV0@AAV0@@Z
??4PhysAddress@@QAEAAV0@AAV0@@Z
??4Printer@@QAEAAV0@AAV0@@Z
??4ReqRespPDU@@QAEAAV0@AAV0@@Z
??4SNMPDataType@@QAEAAV0@ABV0@@Z
??4SNMPManager@@QAEAAV0@ABV0@@Z
??4Target@@QAEAAV0@AAV0@@Z
??4TimeTicks@@QAEAAV0@AAV0@@Z
??4TrapPDU@@QAEAAV0@AAV0@@Z
??4VarBind@@QAEAAV0@AAV0@@Z
??_7Counter@@6B@
??_7Gauge@@6B@
??_7IPAddress@@6B@
??_7IPXAddress@@6B@
??_7IPv6Address@@6B@
??_7Integer@@6B@
??_7NetworkAddress@@6B@
??_7Null@@6B@
??_7OID@@6B@
??_7OctetString@@6B@
??_7PhysAddress@@6B@
??_7Printer@@6B@
??_7SNMPDataType@@6B@
??_7Target@@6B@
??_7TimeTicks@@6B@
?AtoH@OctetString@@AAEXPAD0K@Z
?BtoH@OctetString@@AAEED@Z
?HtoA@OctetString@@AAEXPAD0H@Z
?HtoA@SNMPManager@@AAEXPAD0H@Z
?HtoB@OctetString@@AAEEE@Z
?HtoB@SNMPManager@@AAEEE@Z
?ResolveAddress@Target@@QAEHXZ
?SNMPCleanup@@YAXXZ
?SNMPStartup@@YAHXZ
?_register@SNMPManager@@QAEHPADP6AXAAVTrapPDU@@@Z@Z
?accessSharedMem@SNMPManager@@AAEHHPAU_MESSAGE@@PAX@Z
?addVarBind@ReqRespPDU@@QAEHAAVVarBind@@@Z
?addVarBind@TrapPDU@@AAEHAAVVarBind@@@Z
?broadcast@SNMPManager@@QAEHAAVReqRespPDU@@PADHP6AX0PAVNetworkAddress@@@ZP6AXW4EnumDetectionStatType@@@Z@Z
?broadcast@SNMPManager@@QAEHAAVReqRespPDU@@PADP6AX0PAVNetworkAddress@@@ZP6AXW4EnumDetectionStatType@@@Z@Z
?broadcast@SNMPManager@@QAEHAAVReqRespPDU@@PADP6AX0PAVNetworkAddress@@@ZP6AXW4EnumDetectionStatType@@@ZW4EnumPDUType@@H@Z
?decodePacket@SNMPManager@@AAEHPADHAAVReqRespPDU@@@Z
?decodeSAPPacket@SNMPManager@@AAEHPADHAAVPrinter@@@Z
?decodeTrapPacket@SNMPManager@@AAEHPAU_MESSAGE@@AAVTrapPDU@@@Z
?deepCopy@IPAddress@@AAEHPAD@Z
?deepCopy@IPv6Address@@AAEHPAD@Z
?deepCopy@OID@@AAEHPAD@Z
?deepCopy@OctetString@@AAEHPADI@Z
?deepCopy@PhysAddress@@AAEHPAD@Z
?deleteVarBind@ReqRespPDU@@QAEHI@Z
?detectHPPrinters@SNMPManager@@QAEHPAVIPAddress@@PAH@Z
?encodePacket@SNMPManager@@AAEHAAVReqRespPDU@@AAVTarget@@PAD@Z
?errorToString@SNMPManager@@QAEPADH@Z
?get@SNMPManager@@QAEHAAVReqRespPDU@@AAVTarget@@@Z
?getAddressType@IPAddress@@UAE?AW4EnumAddressType@@XZ
?getAddressType@IPXAddress@@UAE?AW4EnumAddressType@@XZ
?getAddressType@IPv6Address@@UAE?AW4EnumAddressType@@XZ
?getAddressType@PhysAddress@@UAE?AW4EnumAddressType@@XZ
?getAvailableProtocols@SNMPManager@@QAEKXZ
?getDataType@Counter@@UAE?AW4EnumDataType@@XZ
?getDataType@Gauge@@UAE?AW4EnumDataType@@XZ
?getDataType@IPAddress@@UAE?AW4EnumDataType@@XZ
?getDataType@IPXAddress@@UAE?AW4EnumDataType@@XZ
?getDataType@IPv6Address@@UAE?AW4EnumDataType@@XZ
?getDataType@Integer@@UAE?AW4EnumDataType@@XZ
?getDataType@Null@@UAE?AW4EnumDataType@@XZ
?getDataType@OID@@UAE?AW4EnumDataType@@XZ
?getDataType@OctetString@@UAE?AW4EnumDataType@@XZ
?getDataType@PhysAddress@@UAE?AW4EnumDataType@@XZ
?getDataType@TimeTicks@@UAE?AW4EnumDataType@@XZ
?getDescription@Printer@@QAEAAVOctetString@@XZ
?getEnterprise@TrapPDU@@QAEAAVOID@@XZ
?getErrorIndex@ReqRespPDU@@QAEHXZ
?getErrorStatus@ReqRespPDU@@QAEHXZ
?getFirstAddress@Target@@QAEPAVNetworkAddress@@XZ
?getIPAddress@Target@@QAEAAVIPAddress@@XZ
?getIPXAddress@Target@@QAEAAVIPXAddress@@XZ
?getIPv6Address@Target@@QAEAAVIPv6Address@@H@Z
?getIPv6AddressCount@Target@@QAEHXZ
?getName@Printer@@QAEAAVOctetString@@XZ
?getNext@SNMPManager@@QAEHAAVReqRespPDU@@AAVTarget@@@Z
?getNextAddress@Target@@QAEPAVNetworkAddress@@XZ
?getOID@VarBind@@QAEAAVOID@@XZ
?getPDUType@ReqRespPDU@@QAE?AW4EnumPDUType@@XZ
?getPhysAddress@Target@@QAEAAVPhysAddress@@XZ
?getReadCommunity@Target@@QAEPADXZ
?getRetryCount@Target@@QAEHXZ
?getSourceAddress@TrapPDU@@QAEAAVNetworkAddress@@XZ
?getStatus@Printer@@QAEAAVInteger@@XZ
?getTimeout@Target@@QAEHXZ
?getTrapCode@TrapPDU@@QAEHXZ
?getTrapTime@TrapPDU@@QAEAAVTimeTicks@@XZ
?getTrapType@TrapPDU@@QAEHXZ
?getValue@Counter@@QAEIXZ
?getValue@Gauge@@QAEIXZ
?getValue@IPAddress@@UAEPADXZ
?getValue@IPXAddress@@UAEPADXZ
?getValue@IPv6Address@@UAEPADXZ
?getValue@Integer@@QAEHXZ
?getValue@Null@@QAEPADXZ
?getValue@OID@@QAEPADXZ
?getValue@OctetString@@QAEPBDAAI@Z
?getValue@PhysAddress@@UAEPADXZ
?getValue@TimeTicks@@QAEIXZ
?getValue@VarBind@@QAEAAVSNMPDataType@@XZ
?getVarBind@ReqRespPDU@@QAEAAVVarBind@@I@Z
?getVarBindCount@ReqRespPDU@@QAEHXZ
?getVarBindCount@TrapPDU@@QAEHXZ
?getVarBindList@ReqRespPDU@@QAEPAVVarBind@@XZ
?getVarBindList@TrapPDU@@QAEPAVVarBind@@XZ
?getWriteCommunity@Target@@QAEPADXZ
?initializeObject@Target@@AAEXXZ
?isAddressResolved@Target@@QAEHXZ
?isTrapServerRunning@SNMPManager@@AAEHXZ
?isValid@Counter@@UAEHXZ
?isValid@Gauge@@UAEHXZ
?isValid@IPAddress@@UAEHXZ
?isValid@IPXAddress@@UAEHXZ
?isValid@IPv6Address@@UAEHXZ
?isValid@Integer@@UAEHXZ
?isValid@Null@@UAEHXZ
?isValid@OID@@UAEHXZ
?isValid@OctetString@@UAEHXZ
?isValid@PhysAddress@@UAEHXZ
?isValid@Printer@@QAEHXZ
?isValid@ReqRespPDU@@QAEHXZ
?isValid@Target@@QAEHXZ
?isValid@TimeTicks@@UAEHXZ
?isValid@TrapPDU@@QAEHXZ
?isValid@VarBind@@QAEHXZ
?isValidAddress@IPAddress@@AAEHPAD@Z
?isValidAddress@IPXAddress@@AAEHPADH@Z
?isValidAddress@IPv6Address@@AAEHPAD@Z
?isValidAddress@PhysAddress@@AAEHPAD@Z
?isValidCommunity@Target@@AAEHPAD@Z
?isValidIPv4Address@Target@@SAHPAD@Z
?isValidIPv6Address@Target@@SAHPAD@Z
?isValidValue@Counter@@AAEHI@Z
?isValidValue@Gauge@@AAEHI@Z
?isValidValue@Integer@@AAEHH@Z
?isValidValue@OID@@AAEHPAD@Z
?isValidValue@OctetString@@AAEHPADI@Z
?isValidValue@TimeTicks@@AAEHI@Z
?isValidVarBindList@ReqRespPDU@@AAEHPAVVarBind@@H@Z
?isValidVarBindList@TrapPDU@@AAEHPAVVarBind@@H@Z
?keepAlive@SNMPManager@@QAEXAAVReqRespPDU@@PADK@Z
?makePrinterObject@SNMPManager@@AAEHAAVReqRespPDU@@AAVPrinter@@@Z
?operateBroadcast@SNMPManager@@AAEHAAVReqRespPDU@@PAUBCastOptions@@W4EnumPDUType@@@Z
?operateUnicast@SNMPManager@@AAEHAAVReqRespPDU@@AAVTarget@@W4EnumPDUType@@@Z
?set@SNMPManager@@QAEHAAVReqRespPDU@@AAVTarget@@@Z
?setAgentAddress@Target@@QAEHPAD@Z
?setIPAddress@Target@@QAEHAAVIPAddress@@@Z
?setIPAddressOrder@Target@@QAEXH@Z
?setIPXAddress@Target@@QAEHAAVIPXAddress@@@Z
?setIPv6Address@Target@@QAEHAAVIPv6Address@@@Z
?setNetworkAddress@Target@@AAEHAAVNetworkAddress@@@Z
?setOID@VarBind@@QAEHAAVOID@@@Z
?setPhysAddress@Target@@QAEHAAVPhysAddress@@@Z
?setReadCommunity@Target@@QAEHPAD@Z
?setRetryCount@Target@@QAEHH@Z
?setSourceAddress@TrapPDU@@AAEHAAVNetworkAddress@@@Z
?setTimeout@Target@@QAEHH@Z
?setValue@Counter@@QAEHI@Z
?setValue@Gauge@@QAEHI@Z
?setValue@IPAddress@@UAEHPAD@Z
?setValue@IPXAddress@@QAEHPAD0@Z
?setValue@IPXAddress@@UAEHPAD@Z
?setValue@IPv6Address@@UAEHPAD@Z
?setValue@Integer@@QAEHH@Z
?setValue@Null@@QAEHXZ
?setValue@OID@@QAEHPAD@Z
?setValue@OctetString@@QAEHPADI@Z
?setValue@PhysAddress@@UAEHPAD@Z
?setValue@TimeTicks@@QAEHI@Z
?setValue@VarBind@@QAEHAAVSNMPDataType@@@Z
?setVarBind@ReqRespPDU@@QAEHIAAVVarBind@@@Z
?setVarBind@TrapPDU@@AAEHAAVVarBind@@I@Z
?setVarBindList@ReqRespPDU@@QAEHPAVVarBind@@H@Z
?setVarBindList@TrapPDU@@AAEHPAVVarBind@@H@Z
?setWriteCommunity@Target@@QAEHPAD@Z
?toDateAndTimeString@OctetString@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?toDateAndTimeString@OctetString@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBEI@Z
?toFormattedString@TimeTicks@@QAEPADXZ
?toHexString@IPAddress@@QAEPADXZ
?toHexString@OctetString@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?toString@Counter@@UAEPADXZ
?toString@Gauge@@UAEPADXZ
?toString@IPAddress@@UAEPADXZ
?toString@IPXAddress@@UAEPADXZ
?toString@IPv6Address@@UAEPADXZ
?toString@Integer@@UAEPADXZ
?toString@Null@@UAEPADXZ
?toString@OID@@UAEPADXZ
?toString@OctetString@@UAEPADXZ
?toString@PhysAddress@@UAEPADXZ
?toString@TimeTicks@@UAEPADXZ
?unregister@SNMPManager@@QAEHXZ
Sections
.text Size: 506KB - Virtual size: 506KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 109KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 50KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ