Manalyze report for a00126cbe67b21cd0a354bed43c8a35a

Summary

Architecture	`IMAGE_FILE_MACHINE_AMD64`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
Compilation Date	2023-Sep-13 08:09:35
TLS Callbacks	2 callback(s) detected.
Debug artifacts	Embedded COFF debugging symbols

Plugin Output

Suspicious	The PE is possibly packed.	`Unusual section name found: .xdata` `Unusual section name found: /4` `Unusual section name found: /19` `Unusual section name found: /31` `Unusual section name found: /45` `Unusual section name found: /57` `Unusual section name found: /70` `Unusual section name found: /81`
Suspicious	The file contains overlay data.	`25414 bytes of data starting at offset 0x5600.`
Malicious	VirusTotal score: 5/72 (Scanned on 2023-10-24 12:18:53)	`Bkav: W64.AIDetectMalware` `Google: Detected` `Ikarus: Trojan.Win64.Rozena` `McAfee: Artemis!A00126CBE67B` `Skyhigh: Artemis`

Hashes

MD5	`a00126cbe67b21cd0a354bed43c8a35a`
SHA1	`4de3c8fa29771575156f0640027d84c67fdf4357`
SHA256	`0ca4c1a8d1ebe487ef3b3fcdbb7c440849a2332f0c26f30567665c5b71b77246`
SHA3	`3cc70d8be3a9519a2db47dbc7f268a5f78bfd37512c89f3a325de377a8882b2d`
SSDeep	`384:eKeAKbsa8oileaeg91ben5rx9tyBHsYt9bsgsJjIrfauRzp1MELhwiRM:L7xleXac5rx9tuMYLbsgsdIWg/Nw4M`
Imports Hash	`355685fd71556efcb81a635c7c92f03d`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_AMD64`
NumberofSections	`17`
TimeDateStamp	2023-Sep-13 08:09:35
PointerToSymbolTable	`0x5600`
NumberOfSymbols	`1080`
SizeOfOptionalHeader	`0xf0`
Characteristics	`IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LARGE_ADDRESS_AWARE` `IMAGE_FILE_LINE_NUMS_STRIPPED`

Image Optional Header

Magic	`PE32+`
LinkerVersion	`2.0`
SizeOfCode	`0x1800`
SizeOfInitializedData	`0x3400`
SizeOfUninitializedData	`0x200`
AddressOfEntryPoint	`0x00000000000013F0 (Section: .text)`
BaseOfCode	`0x1000`
ImageBase	`0x140000000`
SectionAlignment	`0x1000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`5.2`
Win32VersionValue	`0`
SizeOfImage	`0x13000`
SizeOfHeaders	`0x600`
Checksum	`0x1b925`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_CUI`
DllCharacteristics	`IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE` `IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA` `IMAGE_DLLCHARACTERISTICS_NX_COMPAT`
SizeofStackReserve	`0x200000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`5ad810bb739f42a0690c9e076ecf4c7d`
SHA1	`8ad2b8d098dc3e19880a5439e0a02ab5f281f7a3`
SHA256	`216c24c0606c6b07df77de425f9a9da3c802ba4aad75f0ca780d756dc9948772`
SHA3	`043bc121754ed6fea713452be1e7f547f447aba753c52dafd873c4d49056f7b5`
VirtualSize	`0x1800`
VirtualAddress	`0x1000`
SizeOfRawData	`0x1800`
PointerToRawData	`0x600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.0059`

.data

MD5	`52d3820a170df99fa7f376bcfa723c9a`
SHA1	`dd474fee7075108407dc64c89bacb003e7118147`
SHA256	`d8841b052603c6588c356e53416b2c3097e2afbac3089b7e91e59c0d571474bb`
SHA3	`aff4d9c52f522e549687a262dd4df750e3c888ea3ac5edb41bfa77a9680746ca`
VirtualSize	`0xd0`
VirtualAddress	`0x3000`
SizeOfRawData	`0x200`
PointerToRawData	`0x1e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`1.14185`

.rdata

MD5	`d081b67dbcc28e7eb33c3f55f51cd814`
SHA1	`9817cbc38a0bacab2a7a0fdb2417e5c15268166f`
SHA256	`4307d77451dcc8bc8b978a589c4958d43f9762242d225994498c8f34e86222da`
SHA3	`4bd0d61012727f98288f266ec742b9f83bf98eb9b3462161f0c35a6acd613f22`
VirtualSize	`0x5a8`
VirtualAddress	`0x4000`
SizeOfRawData	`0x600`
PointerToRawData	`0x2000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`4.18074`

.pdata

MD5	`47eb22fe52a3fd7c6296032af4d5118d`
SHA1	`6c084fb523d51ec2ff727e3b84ff55b393e9c3ab`
SHA256	`87b849297d22f9e6bbb5caf74198ffc8e8a2a4460e00ed84224ef3072a1adb20`
SHA3	`54b491a770f605edde353eedc2b5f837c32ba15301f9e10902e1bdb281d3011e`
VirtualSize	`0x258`
VirtualAddress	`0x5000`
SizeOfRawData	`0x400`
PointerToRawData	`0x2600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`2.51347`

.xdata

MD5	`a928167fc0050d8ffe7558dbae6c099c`
SHA1	`01e62f4ee617c5dd6b96bce7dc1e6aaef8cc5a6c`
SHA256	`dbc4698513f5c58b102c1dc79c738c902877684231dae5cbeac5de98f7f199d8`
SHA3	`828f21d3aabd782962d23ba530dbb516ad39e7f23995866ffb55c2967dc2d203`
VirtualSize	`0x1a8`
VirtualAddress	`0x6000`
SizeOfRawData	`0x200`
PointerToRawData	`0x2a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`3.12402`

.bss

MD5	`d41d8cd98f00b204e9800998ecf8427e`
SHA1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`
SHA3	`a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a`
VirtualSize	`0x180`
VirtualAddress	`0x7000`
SizeOfRawData	`0`
PointerToRawData	`0`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_UNINITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`

.idata

MD5	`c5ed5de568a08ad6a9b9275eb40c96ef`
SHA1	`d3ef04591558460d5ed4e59c2c11cb681bc5ce3f`
SHA256	`0fed7d62015fa0abaedd71d79544ea9cab6e3189c00d133339f06b06415eaea4`
SHA3	`968072a6f989663879299393f9b5abf808982af79d2a3569538b3dfb0db5b8b8`
VirtualSize	`0x680`
VirtualAddress	`0x8000`
SizeOfRawData	`0x800`
PointerToRawData	`0x2c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.47398`

.CRT

MD5	`5a50fb93b9f31742109bbd98a60ba117`
SHA1	`0688435b8b03d202cca700b1bb3dd60089e01361`
SHA256	`5089770e8341f8515b753c1e20a297d46d9f3aa73190b49dee5ba7ecc1c725dd`
SHA3	`2ccb2febd0d9bcaf2cae97635bd577ccf59f1ccf9b4cb87f326bc50e7206b688`
VirtualSize	`0x60`
VirtualAddress	`0x9000`
SizeOfRawData	`0x200`
PointerToRawData	`0x3400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0.285085`

.tls

MD5	`bf619eac0cdf3f68d496ea9344137e8b`
SHA1	`5c3eb80066420002bc3dcc7ca4ab6efad7ed4ae5`
SHA256	`076a27c79e5ace2a3d47f9dd2e83e4ff6ea8872b3c2218f66c92b89b55f36560`
SHA3	`622de1e1568ddef36c4b89b706b05201c13481c3575d0fc804ff8224787fcb59`
VirtualSize	`0x10`
VirtualAddress	`0xa000`
SizeOfRawData	`0x200`
PointerToRawData	`0x3600`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`0`

.reloc

MD5	`01ebdfddb5a38f32bbb889f4fa78ae82`
SHA1	`d08526e8ccb63e4ab0c932cbec6b67c0d87cd5b3`
SHA256	`fb4de27469d19b4a42d96a562e6cf8d7aeea899268dcfc2a555fa43e37f3109d`
SHA3	`d682e622819a2ccb88bd7cd2f9ec97309065226d8610a7855583e8165fb22145`
VirtualSize	`0x80`
VirtualAddress	`0xb000`
SizeOfRawData	`0x200`
PointerToRawData	`0x3800`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`1.50312`

/4

MD5	`912c48ad1decbf49ce380d912a72b159`
SHA1	`7e8cc193cc02a1207de4a85e208836f074b673d5`
SHA256	`66d72c85c5bd20731849c52ff721da918bb62620f3a5c6e82c2fca7a05318d8f`
SHA3	`2472450dbc2e3353b5a4697bec906bb6583ba612cfa05857955f8bb0c382a955`
VirtualSize	`0x50`
VirtualAddress	`0xc000`
SizeOfRawData	`0x200`
PointerToRawData	`0x3a00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.236539`

/19

MD5	`a4981daf879cbcae21a8f2a249a8263c`
SHA1	`7f9667a4b33f3a754bd03a9e42037c23f781028d`
SHA256	`8c61df19658055b350ed175792d275575f87b215ff8a8ba46e8e072c90122d48`
SHA3	`8c08d9bf88b7ae736eedc3cabceff1b6c06dadfc613af773735e1a28c4dcba3c`
VirtualSize	`0xfdd`
VirtualAddress	`0xd000`
SizeOfRawData	`0x1000`
PointerToRawData	`0x3c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`5.24882`

/31

MD5	`3926a4e9348a2d2f293d468143da249a`
SHA1	`427b6ff38a8342550083c4131e1639c4076334f7`
SHA256	`a50238fc47f9f54df2bd53a74f1ef7318b6bc09d391ab0ed61687bdb5bad4c57`
SHA3	`7b27c0ca26b6f05e9ed4accdb48fc14b8cd39065d5470d1cf1ab954f53708a4a`
VirtualSize	`0xaf`
VirtualAddress	`0xe000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4c00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`2.12863`

/45

MD5	`8eadeefd26f6baae88f8592767e83cb4`
SHA1	`bee786620039e077c50f5a74abc20500b35ac17e`
SHA256	`8eed3d6457a84cfd25871ae0fae92ee08e2bd26e13fab69bd8758f820537bf04`
SHA3	`0d6aa238bb4c03b8b31b9153698904f329fe43a35a0767955a1d68f265a5723d`
VirtualSize	`0xa4`
VirtualAddress	`0xf000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`1.48529`

/57

MD5	`28b14eb00feb9e48cf56c90b2e974ce0`
SHA1	`21bc22e93f7cca73352c6ea2565050adc3f050fb`
SHA256	`7dfd0bc0f1ac359c55144143bdcd2ba4fa758662719a8a1464b938a08902c571`
SHA3	`e68793204d36fa5936a04a55d87119fb74f95eda1b4a1f04a138096fe2b17da3`
VirtualSize	`0x48`
VirtualAddress	`0x10000`
SizeOfRawData	`0x200`
PointerToRawData	`0x5000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.706994`

/70

MD5	`21afeb662543fc77c242d20d5412b7e9`
SHA1	`5d097ff32131c3472aa9883d3fb17d45b6b885bc`
SHA256	`e21f90cbfd9527cd3d55b185212b292dd0802391460fdd6a7866337176e274ac`
SHA3	`71ba070e20c25a7af0da1d9476d73e2352115a1812e47faa5686f2c1f5ac772f`
VirtualSize	`0xa5`
VirtualAddress	`0x11000`
SizeOfRawData	`0x200`
PointerToRawData	`0x5200`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`2.49797`

/81

MD5	`f265cdfcfe7fbcb3ff22cdb66422c85b`
SHA1	`3fd06abf6b8040b069fce4f2ab8796d074bec7f9`
SHA256	`e92e532f8d9df4cf9e4d65d9265f184ff2516b31d00fcebc9495b5de7981b328`
SHA3	`73368fec968f24ad4878857202fbcc40d08981269aafc2d130dc5f3132d64614`
VirtualSize	`0x1fe`
VirtualAddress	`0x12000`
SizeOfRawData	`0x200`
PointerToRawData	`0x5400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`4.85429`

Imports

KERNEL32.dll	`DeleteCriticalSection` `EnterCriticalSection` `GetLastError` `InitializeCriticalSection` `LeaveCriticalSection` `SetUnhandledExceptionFilter` `Sleep` `TlsGetValue` `VirtualProtect` `VirtualQuery`
msvcrt.dll	`__C_specific_handler` `__getmainargs` `__initenv` `__iob_func` `__set_app_type` `__setusermatherr` `_amsg_exit` `_cexit` `_commode` `_fmode` `_initterm` `_onexit` `abort` `calloc` `exit` `fprintf` `free` `fwrite` `malloc` `memcpy` `signal` `strlen` `strncmp` `vfprintf`
libstdc++-6.dll	`_ZNKSt5ctypeIcE13_M_widen_initEv` `_ZNSo3putEc` `_ZNSo5flushEv` `_ZSt16__throw_bad_castv` `_ZSt4cout` `_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc` `_ZdlPvy`

Delayed Imports

Version Info

TLS Callbacks

StartAddressOfRawData	`0x14000a000`
EndAddressOfRawData	`0x14000a008`
AddressOfIndex	`0x14000706c`
AddressOfCallbacks	`0x140009038`
SizeOfZeroFill	`0`
Characteristics	`IMAGE_SCN_TYPE_REG`
Callbacks	`0x0000000140001610` `0x00000001400015E0`

Load Configuration

RICH Header

Errors

[*] Warning: Tried to read outside the COFF string table to get the name of section /4!
[*] Warning: Tried to read outside the COFF string table to get the name of section /19!
[*] Warning: Tried to read outside the COFF string table to get the name of section /31!
[*] Warning: Tried to read outside the COFF string table to get the name of section /45!
[*] Warning: Tried to read outside the COFF string table to get the name of section /57!
[*] Warning: Tried to read outside the COFF string table to get the name of section /70!
[*] Warning: Tried to read outside the COFF string table to get the name of section /81!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF symbol's section number is bigger than the number of sections!
[*] Warning: COFF String Table's reported size is bigger than the remaining bytes!
[*] Warning: Section .bss has a size of 0!