General

Malware Config

Signatures

Files

• 159bd024c6c5e2ed3e9f7a8d0ff5b983742fc5e9707edc44baee99555c00faf8

  .zip
• saints4tr20/SaintsRIV+20Tr-LNG_UD-30_Aug_2013.exe

  .exe windows x86

  879d43c9616e39b2ee3753b166d65751

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvbvm60

  __vbaStrFixstr

  kernel32

  CreateFileA

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  winmm

  waveOutClose

  user32

  MessageBoxA

  Exports

  Exports

  �E86υ‚f�<ppDh��I���-*�kA�p$�l���F�_7_����5�a�ax�s�b�.�s1��P~f:�5 yt'�rQ<���+!�ȩ�r�4�3�Xk2�%S�BG��`;'�� ּ�6���V��%��°"�F����Q78 5�2��
  2*�l�ϻz �Q!�(���-Аj:Cb���_qoA4���� �ݼ�Հ����°�R5o�W�ٮ����P���R]ТT��h@p�F��<��@������p��݊:Nv#x�G�<}�gY/���,�{Bܖ6�!��`w��(��ȁ��"زR� �_�Bx�sP�B�npBd�HɍT"�cOΕA�1���A�)|�k�Ka�@,G���Y�D t��f�2��:�� �(�M%|7��>�O� �>���Of��d@�F��4�<�4�>�s���z�pI�7벻�?'�� �?��Ҏ$D��4��l���5�9���"��.�R&N�%C>е9uhò�w<I�Q�+=��s��h/]�ޮ[M��v�e)b=��U_U{�@��v���K,;Ѵu�$���”���T�=U �q�~��T'x������{h��vB��ɦ��ce�~a�����;�$B#��5>R(O�T�����دa��p��
  ��N^�Te�0���̱|K$A�D%YSq�&� �v��XV�u�x �?�����.���a����Ҍ�6z�%��}bz�X�W]�*p��Fs��K��H` PȻ
  [� �R$u�{���˟���-S ]�|)?%��k���G���~��R��d B�{��>��\e�A�z]�{ ��^��i4�<\�e�!pƓB�(��g6v��~3���
  '����&a���y�����A��᩷\�_^$0�.�G=e%W*����]��p%/p�Hj�~����B��l��(��'�/�/{���@�.�Ga�=O��:��^i���{ ������-�h��j\��'sdR�d�ڎ�l̃��5�5���>Tӫ��!��ܪ��<s���gnh~��<���?�L�|�7�n��2d��d��˫�D���L�+�.�19��JvFP�L�<E�ݬr�v�@׼u�8�T��a��� z7�q����eIT�pJ���@?�V�����S����g.�Ƭ��J���N|%t���vN���E����:T&KɈ&Ȳ���e����I�k��u�"!� -����Uc�#I3ȹ�^ݴ�>Aݏ!D�O�),6!Si<�lܺ�����G��h�DIoG�Pq���9�eû�X��t��MS+}xD�I������SV)C���!����]�ly�l��v�4&������Y�0.FF�K��p�ÅA}�:9
  �ގc�˫��'t[4�i��ġ�NI�q�l�0���HW�Ec6��Y=��\VZ\vs��ˋ�7�觹�PX���ޭڻ̂:5��աO��¹ 9��OԞjz�T��R)!��|~,X.��+����x�E��K{m��ޅ������!�R\��ȳ˶F44���29�k“⻆�V{�<�Ł��m[�.Q_����r~�ø1p$��[e80gYJ�q4o^3�K+�w�ژf^��y� o��@ }Vv��̇e�_���8SG ��i�0܃����[J�����giL���ű�ePjڊ�)�ff��qb�e����S v�wj�up���1�k��ۑ.��E.���E��0iS�����-H�j�7��֌�-O������~s�� ����X�\U`���Ţ p�P����7Ĭe�gɹ��P�� y!���m�ܓ���s���C����(s/�2kΉWS��$�6�O��5���k����������m�f�~�U0TT
  .78<?Gp�ܙX���u��:K���id��6��2�ٙ+��0��^���̟�[y�9��Fx�E"X������5M|��y_W��,le���6[��\(�9��K�j��m�����dX���T�p!E��-���R Fs����%���l�o6.�Ʋ�[�U���~:��8�=��alQ%\V�#�/W?(�NJxW��Tս��Ƌ4ԕ�=����G0�F����qn��ܹf>�'��h<5�&���j\�J�H���J;�qv���B�������������h��DKsR&�eW��e��ә�g�?�&8,��b���* M ea�HQ�R��:��b��Gvs�l�B�7�>|��3
  ��L���q�
  D����ʐ<ńY��& �����Ր}�rΥ8��tmִzG&�4�-6)�CX �7m�<��R�q�����,+��w���D��D@�y+O"�ϙ���z2™���=�wYt�~���)u��c�C�2�� ���0dH�_0ѩƠ�=b/=�1?�Ċ]}c�7)�����+��i��]����n&A�_���)$��Y<��Bt����g.t��Ot��1�1˃^]�IS�!V��[I�̣�Yl�=���~;s\��G���,�q�r���Wt^q�F����K�����IP��7�����1�x
  s�>!E2�v�f6Ҹ؞�S��-�����%���1���d��E�n����$�|��<F2^</�#j�(��w|%7�m,�f-��+��lxH��Ä�:���E�=)`�|Z�7!�*�܏���R�t_W�� q8�lbtq����IΦ���)�.� �k���>����3&\��#�:��ڴ������o�GM����/�F�(0������@,���B���������j�Z{=�P��yS�|u�� %����1l�� ��#nrѤ�.3�j!�E�J^��k�De���2/�u��u��H&��8��܅��0"^j�8���������A�tsX��6فc}��� �&��������xc����������ou�RE(��A�N�c"N��3ԝ���S�� �| X���3J1ԡ�b�*�H��3]��\׶�5mђ~��Fӥ%�-��v���O0դ�מ��1�)׶�@?��'�ȩ���5_�����ˠ�����X���l��Ngѭ�-X}䀣4aB0��(�$�B�_���1`ppcJMbj�� /�%Td>�CZ ��P��#Q{

  Sections

  .text

  Size: - Virtual size: 4.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 84KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 21KB - Virtual size: 952KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .VCrypt0

  Size: - Virtual size: 1.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  .tls

  Size: 512B - Virtual size: 24B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .VCrypt1

  Size: 2.1MB - Virtual size: 2.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

• saints4tr20/˵.txt
• saints4tr20/.url

  .url
• 黑道圣徒4修改器+20下载v1.03_ 西西软件下载.url

  .url