General

Malware Config

Signatures

Files

• 87bf55705ad9cae6c95af0beb715e526f7f48720a3bf9454a0698e4fe740e249

  .rar
• Crack/3dmgame.dll

  .dll windows x64

  86f44917bc2809b617d12d8f6c44cb0f

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  GetCurrentProcess

  GetModuleHandleW

  VirtualFree

  InitializeCriticalSection

  Sleep

  LeaveCriticalSection

  SetThreadPriority

  FlushInstructionCache

  GetProcAddress

  VirtualAlloc

  EnterCriticalSection

  VirtualProtectEx

  OpenThread

  GetSystemInfo

  GetThreadPriority

  GetCurrentThreadId

  CloseHandle

  GetCurrentProcessId

  SuspendThread

  ResumeThread

  CreateFileA

  VirtualQuery

  MapViewOfFile

  UnmapViewOfFile

  SetEnvironmentVariableW

  QueryPerformanceCounter

  GetTickCount

  LoadLibraryW

  GetVersionExW

  DisableThreadLibraryCalls

  LoadLibraryA

  CreateFileMappingW

  GetModuleFileNameA

  GetModuleHandleA

  VirtualProtect

  GetCurrentDirectoryA

  QueryPerformanceFrequency

  GetFileInformationByHandle

  lstrcpyW

  CreateThread

  GetThreadContext

  GetFileSize

  GetStdHandle

  GetFileType

  MultiByteToWideChar

  GetVersion

  GetLastError

  GetSystemTimeAsFileTime

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  TerminateProcess

  DecodePointer

  GetCurrentThread

  EncodePointer

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  GetProcessWindowStation

  GetUserObjectInformationW

  GetMessageW

  UnregisterClassW

  PostMessageW

  FindWindowExA

  TranslateMessage

  RegisterClassExW

  ShowWindow

  CreateWindowExW

  MessageBoxW

  MessageBoxExW

  DefWindowProcW

  DispatchMessageW

  GetDesktopWindow

  shell32

  SHGetSpecialFolderPathW

  SHCreateDirectoryExW

  msvcr100

  fflush

  _snprintf

  printf

  free

  malloc

  strtoul

  sprintf

  ??_U@YAPEAX_K@Z

  strstr

  _access

  _wfopen

  wcsstr

  fopen

  fread

  rand

  srand

  ??3@YAXPEAX@Z

  fwrite

  ftell

  fseek

  fclose

  _time64

  _malloc_crt

  _initterm

  _initterm_e

  _encoded_null

  _amsg_exit

  __C_specific_handler

  __CppXcptFilter

  __crt_debugger_hook

  __clean_type_info_names_internal

  _unlock

  __dllonexit

  _lock

  _onexit

  raise

  _exit

  vfprintf

  _vsnwprintf

  getenv

  sscanf

  __iob_func

  _wassert

  realloc

  memcpy

  memset

  strcmp

  ferror

  _setmode

  memcmp

  _fileno

  feof

  fgets

  memmove

  psapi

  GetMappedFileNameW

  shlwapi

  PathAppendW

  PathAddBackslashW

  PathFileExistsW

  advapi32

  ReportEventW

  RegisterEventSourceW

  DeregisterEventSource

  Sections

  .text

  Size: - Virtual size: 139KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 746KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 227KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 436B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .3dm0

  Size: - Virtual size: 9KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .3dm1

  Size: - Virtual size: 506KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .3dm2

  Size: 965KB - Virtual size: 965KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 512B - Virtual size: 24B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Crack/3dmgame.ini
• Crack/Launcher.exe

  .exe windows x64

  27832b03245210305d132e03a450e4fa

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  lstrcpyA

  lstrlenA

  GetStartupInfoA

  CreateProcessA

  VirtualAllocEx

  WriteProcessMemory

  GetProcAddress

  GetModuleHandleA

  CreateRemoteThread

  WaitForSingleObject

  VirtualFreeEx

  ResumeThread

  GetCurrentDirectoryA

  GetPrivateProfileStringA

  GetCurrentProcessId

  GetCurrentThreadId

  GetTickCount

  QueryPerformanceCounter

  DecodePointer

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  GetSystemTimeAsFileTime

  TerminateProcess

  EncodePointer

  Sleep

  msvcr100

  __crt_debugger_hook

  ?terminate@@YAXXZ

  _unlock

  __dllonexit

  _lock

  _onexit

  __set_app_type

  _fmode

  _commode

  _configthreadlocale

  _initterm_e

  _initterm

  __initenv

  exit

  _cexit

  _exit

  _XcptFilter

  __C_specific_handler

  __getmainargs

  _amsg_exit

  sprintf

  __setusermatherr

  Sections

  .text

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 512B - Virtual size: 276B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 494KB - Virtual size: 494KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 60B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ