TGN_X_V5[.]7[.]8_Full_Release_V2[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

TGN_X_V5.7.8_Full_Release_V2.rar
Size

32.2MB
MD5

3b5946e5328bc7d47b821c3da00d6c64
SHA1

bd818f6e9515b758fd1870fe3109466845d6a8de
SHA256

cea40a9b29c34e19f05893b70cf45ffbf70b3b2ae662a4eb6815583c27ae0f13
SHA512

7bcfcf2a3dde370897db30a3fd33c91c3cc34bc072fb5c7552f1f39bf1add20e5249efef8cdf926e16974b808250e34fc6e8683f12b3e5bad7ca13285f883cc4
SSDEEP

786432:EYrVm/EieiYt+1d+lQmo1IS/L8LbdottksMgmp7wmERRUVDLlCOBUDJp:/P9+Dko1IALs+ttksMBBE3UVDLXBmX

Score

8^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/TGN X V5.7.8 Full Release V2/bin/ZeusInjector.exe	vmprotect

Files

TGN_X_V5.7.8_Full_Release_V2.rar
.rar
TGN X V5.7.8 Full Release V2/CSharpDiscordWebhook.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/DiscordRPC.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/ICSharpCode.AvalonEdit.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 601KB - Virtual size: 601KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/Newtonsoft.Json.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

27/04/2018, 12:41

Not After

27/04/2028, 12:41

Subject

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7e
Certificate

Issuer

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

Not Before

25/10/2018, 00:00

Not After

29/10/2021, 12:00

Subject

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:83:93:14:a9:06:f5:64:04:02:a1:dc:eb:a3:1a:a7:e9:21:c8:88:2c:dd:c2:3c:e4:c0:45:50:4c:ee:75:10
Signer

Actual PE Digest

2e:83:93:14:a9:06:f5:64:04:02:a1:dc:eb:a3:1a:a7:e9:21:c8:88:2c:dd:c2:3c:e4:c0:45:50:4c:ee:75:10

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=US

17/03/2021, 20:03
Valid: true

Chain 1

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=US

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 675KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/TGN EXPLOIT X.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/TGN EXPLOIT X.exe.config
.xml
TGN X V5.7.8 Full Release V2/TGN EXPLOIT X.pdb
TGN X V5.7.8 Full Release V2/WRDAPICONF.json
TGN X V5.7.8 Full Release V2/WeAreDevs_API.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 605KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/Zeus.dll
.dll windows x86

2d894b22264fba8546c879006d6a7bf4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AllocConsole
AreFileApisANSI
CloseHandle
ConnectNamedPipe
ConvertFiberToThread
ConvertThreadToFiberEx
CopyFileA
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiberEx
CreateFileA
CreateFileW
CreateNamedPipeA
CreateRemoteThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFiber
DisableThreadLibraryCalls
DisconnectNamedPipe
EnterCriticalSection
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FormatMessageA
FormatMessageW
FreeConsole
FreeLibrary
GetACP
GetConsoleMode
GetConsoleWindow
GetCurrentConsoleFontEx
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetEnvironmentVariableW
GetFileAttributesExW
GetFileInformationByHandleEx
GetFileSizeEx
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetStdHandle
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount64
GetTickCount
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitOnceBeginInitialize
InitOnceComplete
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
IsDebuggerPresent
IsProcessorFeaturePresent
K32EnumProcessModules
K32GetModuleFileNameExA
K32GetModuleInformation
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
Module32FirstW
Module32NextW
MoveFileExA
MultiByteToWideChar
OpenProcess
PeekNamedPipe
Process32First
Process32Next
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleA
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ResetEvent
SetConsoleMode
SetConsoleTextAttribute
SetConsoleTitleA
SetCurrentConsoleFontEx
SetEvent
SetFileInformationByHandle
SetLastError
SetUnhandledExceptionFilter
Sleep
SleepEx
SwitchToFiber
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualAllocEx
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteFile
WriteProcessMemory
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

CryptAcquireContextA
CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptEnumProvidersW
CryptExportKey
CryptGenRandom
CryptGetHashParam
CryptGetProvParam
CryptGetUserKey
CryptHashData
CryptImportKey
CryptReleaseContext
CryptSetHashParam
CryptSignHashW
DeregisterEventSource
GetCurrentHwProfileA
RegisterEventSourceW
ReportEventW

shell32

ShellExecuteA

user32

CallWindowProcA
ClientToScreen
CloseClipboard
CreateWindowExA
DefWindowProcA
DeleteMenu
DestroyWindow
EmptyClipboard
GetCapture
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetForegroundWindow
GetProcessWindowStation
GetSystemMenu
GetSystemMetrics
GetUserObjectInformationW
GetWindowLongA
GetWindowRect
IsChild
LoadCursorA
MapVirtualKeyA
MessageBoxA
MessageBoxW
MonitorFromPoint
MonitorFromWindow
OpenClipboard
RegisterClassExA
RegisterClipboardFormatA
ReleaseCapture
ReleaseDC
ScreenToClient
SendInput
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetProcessDPIAware
SetWindowLongA
ShowWindow
TrackMouseEvent
UnregisterClassA
keybd_event
mouse_event

dbghelp

StackWalk
SymCleanup
SymFunctionTableAccess
SymGetLineFromAddr
SymGetModuleBase
SymGetSymFromAddr
SymInitialize
UnDecorateSymbolName

gdi32

CreateRectRgn
DeleteObject
GetDeviceCaps

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSAResetEvent
WSASetLastError
WSAStartup
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyaddr
gethostbyname
gethostname
getpeername
getservbyname
getservbyport
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
inet_ntop
inet_pton
ioctlsocket
listen
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

shlwapi

PathMatchSpecA

crypt32

CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertDuplicateCertificateContext
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetCertificateContextProperty
CertGetNameStringA
CertOpenStore
CryptDecodeObjectEx
CryptQueryObject
CryptStringToBinaryA
PFXImportCertStore

msvcp140

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0facet@locale@std@@IAE@I@Z
??0ios_base@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Id_cnt@id@locale@std@@0HA
?_Incref@facet@locale@std@@UAEXXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Random_device@std@@YAIXZ
?_Syserror_map@std@@YAPBDH@Z
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Winerror_map@std@@YAHH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xbad_function_call@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?fail@ios_base@std@@QBE_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?good@ios_base@std@@QBE_NXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?init@?$basic_ios@DU?$char_traits@D@std@@@std@@IAEXPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@_N@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uncaught_exception@std@@YA_NXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
_Cnd_destroy_in_situ
_Cnd_do_broadcast_at_thread_exit
_Cnd_init_in_situ
_Cnd_signal
_Cnd_timedwait
_Cnd_wait
_Mtx_current_owns
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Mtx_lock
_Mtx_unlock
_Query_perf_counter
_Query_perf_frequency
_Thrd_detach
_Thrd_id
_Thrd_join
_Thrd_sleep
_Tolower
_Toupper
_Xtime_get_ticks

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

d3dcompiler_47

D3DCompile

dwmapi

DwmEnableBlurBehindWindow
DwmGetColorizationColor
DwmIsCompositionEnabled

wldap32

ord301
ord45
ord22
ord32
ord26
ord30
ord35
ord143
ord200
ord41
ord33
ord27
ord50
ord211
ord60
ord217
ord46
ord79

normaliz

IdnToAscii

bcrypt

BCryptGenRandom

vcruntime140

_CxxThrowException
__CxxFrameHandler3
__RTDynamicCast
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_destroy_list
_except_handler3
_except_handler4_common
_purecall
memchr
memcmp
memcpy
memmove
memset
strchr
strrchr
strstr
wcsstr

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
_close
_fileno
_fseeki64
_get_stream_buffer_pointers
_lseeki64
_open
_read
_setmode
_wfopen
_write
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fopen_s
fputc
fputs
fread
freopen_s
fseek
fsetpos
ftell
fwrite
puts
setvbuf
ungetc

api-ms-win-crt-runtime-l1-1-0

__sys_errlist
__sys_nerr
_beginthreadex
_cexit
_configure_narrow_argv
_crt_atexit
_errno
_execute_onexit_table
_exit
_getpid
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_seh_filter_dll
abort
exit
raise
signal
strerror
strerror_s
system
terminate

api-ms-win-crt-filesystem-l1-1-0

_access
_fstat64
_lock_file
_stat64
_stat64i32
_unlink
_unlock_file

api-ms-win-crt-utility-l1-1-0

_byteswap_uint64
_byteswap_ulong
qsort
rand

api-ms-win-crt-heap-l1-1-0

_callnewh
calloc
free
malloc
realloc

api-ms-win-crt-math-l1-1-0

_dsign
_dtest
_fdopen
acos
asin
atan
atan2
ceil
cos
cosh
exp
exp2
floor
fmod
frexp
ldexp
log
log10
log2
modf
pow
round
sin
sinh
sqrt
tan
tanh

api-ms-win-crt-time-l1-1-0

_gmtime64
_gmtime64_s
_localtime64
_time64
strftime

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
localeconv

api-ms-win-crt-convert-l1-1-0

atof
atoi
strtod
strtol
strtoll
strtoul
strtoull
wcstombs

api-ms-win-crt-string-l1-1-0

_strdup
isalnum
isalpha
isdigit
isspace
isupper
strcat
strcat_s
strcmp
strcpy_s
strcspn
strlen
strncat
strncmp
strncpy
strncpy_s
strnlen
strpbrk
strspn
tolower
toupper
wcslen

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

ensure_injector
injector_call

Sections

.text
Size: - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Africa0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Africa1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Africa2
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 223B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/bin/268_kick_fixer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/bin/Albert_Einstein.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/bin/XInput1_4.dll
.dll windows x86

9d4058a503be3e4fedb4a5b9a6f0ca2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
CloseHandle
TerminateProcess
IsProcessorFeaturePresent
GetSystemWow64DirectoryW
GetCurrentProcess
SetUnhandledExceptionFilter
LoadLibraryW
VirtualProtect
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
UnhandledExceptionFilter
IsDebuggerPresent

user32

MessageBoxA

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW

msvcp140

?_Xlength_error@std@@YAXPBD@Z

dbghelp

ImageNtHeader

vcruntime140

_except_handler4_common
__CxxFrameHandler3
memmove
memcpy
__std_type_info_destroy_list
memset
__std_exception_destroy
_CxxThrowException
__std_exception_copy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
exit
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/bin/ZeusInjector.exe
.exe windows x86

fbc044e8233b0288216876d6de82327d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

msvcp140

?_Xlength_error@std@@YAXPBD@Z

shlwapi

PathAddBackslashA

vcruntime140

_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

wtsapi32

WTSSendMessageW

user32

GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

Sections

.text
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/bin/syntax.xshd
.xml
TGN X V5.7.8 Full Release V2/exploit-main.dll
.dll windows x86

56ae7b89b1ec8677dbc71ee5b162c56b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

__WSAFDIsSet
WSACleanup
WSAGetLastError
recv
send
closesocket
ioctlsocket
connect
listen
accept
sendto
recvfrom
select
WSACloseEvent
WSACreateEvent
WSASetLastError
WSAStartup
WSAEventSelect
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
bind
inet_addr
getsockname
socket
ntohs
htons
setsockopt
WSAResetEvent
getpeername
getsockopt
WSAIoctl
htonl
gethostname
gethostbyname
inet_ntoa
gethostbyaddr
getservbyport
getservbyname
shutdown
getaddrinfo
freeaddrinfo

dbghelp

UnDecorateSymbolName
StackWalk
SymGetLineFromAddr
SymCleanup
SymInitialize
SymGetSymFromAddr
SymFunctionTableAccess
SymGetModuleBase

kernel32

GetProcAddress
GetCurrentProcessId
GetConsoleWindow
SetConsoleTextAttribute
GetStdHandle
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
LoadLibraryA
QueryPerformanceFrequency
VerSetConditionMask
QueryPerformanceCounter
GetTickCount64
FormatMessageA
SetEvent
ResetEvent
SetConsoleTitleA
ReadFile
CreateNamedPipeA
SetConsoleMode
DisconnectNamedPipe
GetConsoleMode
DisableThreadLibraryCalls
FreeConsole
FreeLibrary
VerifyVersionInfoW
AllocConsole
ConnectNamedPipe
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetEnvironmentVariableA
CreateFileA
GetFileSizeEx
InitializeSRWLock
ReleaseSRWLockShared
AcquireSRWLockShared
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
WriteFile
GetModuleHandleW
GetEnvironmentVariableW
GetModuleHandleExW
GetSystemTimeAsFileTime
VirtualFree
GetACP
LoadLibraryW
FindClose
FindFirstFileW
FindNextFileW
ReadConsoleA
ReadConsoleW
LocalFree
CreateDirectoryW
CreateFileW
FindFirstFileExW
GetFileAttributesExW
Sleep
GetModuleHandleA
GetCurrentProcess
GetModuleFileNameA
CloseHandle
SetFileInformationByHandle
WaitForMultipleObjects
PeekNamedPipe
GetFileType
IsDebuggerPresent
CreateEventW
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitOnceBeginInitialize
InitOnceComplete
GetFileInformationByHandleEx
AreFileApisANSI
WaitForSingleObjectEx
MoveFileExA
FormatMessageW
SetLastError
GetTickCount
GetSystemDirectoryA
SleepEx
InitializeCriticalSectionEx
GetCurrentThread
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DeleteCriticalSection
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MessageBoxA
ShowWindow
RegisterClassExA
UnregisterClassA
CreateWindowExA
DefWindowProcA
GetWindowLongA
MessageBoxW
SetWindowLongA
DestroyWindow
GetWindowRect
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetUserObjectInformationW
GetCursorPos
SetCursorPos
CallWindowProcA
GetProcessWindowStation
ReleaseCapture
GetSystemMenu
MonitorFromPoint
DeleteMenu
keybd_event
GetSystemMetrics
MapVirtualKeyA
mouse_event
SendInput
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
TrackMouseEvent
GetForegroundWindow
SetCapture
SetCursor
GetClientRect

advapi32

CryptEncrypt
CryptAcquireContextW
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptSignHashW
CryptEnumProvidersW
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptImportKey
DeregisterEventSource
RegisterEventSourceW
CryptGetHashParam
GetCurrentHwProfileA
CryptReleaseContext
CryptAcquireContextA
ReportEventW

shell32

ShellExecuteA

msvcp140

?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Random_device@std@@YAIXZ
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
?_Xbad_function_call@std@@YAXXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
_Query_perf_frequency
_Query_perf_counter
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
_Xtime_get_ticks
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_init_in_situ
_Thrd_sleep
_Mtx_unlock
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

d3dcompiler_47

D3DCompile

bcrypt

BCryptGenRandom

vcruntime140

memcpy
__std_type_info_destroy_list
_CxxThrowException
__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
__std_terminate
strstr
_purecall
strchr
memset
memmove
strrchr
memchr
wcsstr
__current_exception
__current_exception_context
_except_handler4_common

api-ms-win-crt-heap-l1-1-0

realloc
malloc
free
_callnewh
calloc

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
terminate
_initialize_narrow_environment
__sys_nerr
__sys_errlist
_initialize_onexit_table
_seh_filter_dll
_cexit
_configure_narrow_argv
_initterm_e
_errno
_initterm
abort
_register_onexit_function
_execute_onexit_table
_crt_atexit
_getpid
system
_invalid_parameter_noinfo_noreturn
_exit
exit
raise
strerror_s
signal

api-ms-win-crt-string-l1-1-0

strcmp
_strdup
isspace
tolower
strnlen
isupper
isalnum
strspn
strcpy_s
isdigit
strcspn
strncat
strncmp
strpbrk
strncpy_s
strncpy
strcat_s

api-ms-win-crt-stdio-l1-1-0

fputc
__acrt_iob_func
fflush
feof
fclose
_lseeki64
freopen_s
_close
__stdio_common_vsscanf
ferror
__stdio_common_vsprintf
_wfopen
_open
_read
fseek
_write
ftell
__stdio_common_vsprintf_s
fopen
fgets
_get_stream_buffer_pointers
_fseeki64
fread
fsetpos
ungetc
fputs
__stdio_common_vswprintf
setvbuf
fgetpos
fwrite
_fileno
_setmode
__stdio_common_vfprintf
fgetc

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_localtime64
_gmtime64
_time64
strftime

api-ms-win-crt-filesystem-l1-1-0

_stat64
_fstat64
_lock_file
_unlink
_unlock_file
_stat64i32
_access

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

strtoull
wcstombs
strtol
atoi
strtod
strtoll
strtoul

api-ms-win-crt-math-l1-1-0

_CItanh
_dclass
_CIfmod
_libm_sse2_sin_precise
_CIatan2
_CIsinh
_libm_sse2_asin_precise
_libm_sse2_atan_precise
_libm_sse2_sqrt_precise
_libm_sse2_tan_precise
_libm_sse2_cos_precise
_libm_sse2_exp_precise
floor
_libm_sse2_log10_precise
log2
ldexp
round
_dsign
_libm_sse2_log_precise
ceil
_libm_sse2_acos_precise
_libm_sse2_pow_precise
_CIcosh
_fdopen

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
localeconv

api-ms-win-crt-environment-l1-1-0

getenv

crypt32

CertDuplicateCertificateContext
CertFreeCertificateChain
CertCloseStore
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertOpenStore
CertFindExtension

wldap32

ord211
ord60
ord45
ord32
ord41
ord22
ord26
ord27
ord143
ord46
ord50
ord217
ord33
ord301
ord200
ord30
ord79
ord35

normaliz

IdnToAscii

Exports

Exports

ensure_injector
injector_call

Sections

.text
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Africa0
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Africa1
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Africa2
Size: - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Africa0
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Africa1
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Africa2
Size: 9.5MB - Virtual size: 9.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/kernel64.sys.dll
.dll windows x86

570fb65637ec4da0d98ea7d107f41281

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_cexit

Exports

Exports

setup_the_bypass

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byp0
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.byp1
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byp2
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/krnl.dll
.dll windows x86

00ec22fbc2292b4b37170788fde1f037

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
sendto
recvfrom
listen
htonl
ntohl
WSAIoctl
ntohs
htons
getsockopt
getsockname
getpeername
bind
WSASetLastError
accept
select
WSAStartup
WSACleanup
closesocket
recv
__WSAFDIsSet
send
WSAGetLastError
connect
ioctlsocket
setsockopt
socket
freeaddrinfo
getaddrinfo

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertAddCertificateContextToStore
CryptStringToBinaryA
CertFindCertificateInStore
CertFreeCertificateChain
CertOpenStore

advapi32

CryptDestroyHash
CryptCreateHash
CryptGenRandom
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
CryptHashData
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegGetValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

kernel32

CloseHandle
GetProcAddress
GetCurrentProcessId
VirtualQuery
ReadFile
CreateNamedPipeA
DisconnectNamedPipe
ConnectNamedPipe
SetConsoleTitleA
LoadLibraryA
GlobalAlloc
GlobalLock
GetConsoleWindow
IsBadReadPtr
GlobalUnlock
FillConsoleOutputCharacterA
GetConsoleScreenBufferInfo
FreeConsole
FillConsoleOutputAttribute
GetSystemWow64DirectoryA
SetConsoleCursorPosition
AllocConsole
MultiByteToWideChar
GlobalFree
WideCharToMultiByte
QueryPerformanceFrequency
QueryPerformanceCounter
CreateMutexA
GetLastError
DisableThreadLibraryCalls
CreateThread
RaiseException
FormatMessageA
HeapCreate
HeapFree
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
Sleep
HeapReAlloc
HeapAlloc
GetModuleHandleW
FlushInstructionCache
SetThreadContext
OpenThread
VirtualFree
VirtualAlloc
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
GetEnvironmentStringsW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
ResetEvent
GetCommandLineW
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
VirtualProtect
GetCurrentProcess
GetModuleFileNameA
GetComputerNameA
GetModuleHandleA
GetVolumeInformationA
GetStdHandle
GetThreadContext
FlushFileBuffers
GetConsoleOutputCP
WriteFile
ReadConsoleW
GetConsoleMode
GetModuleFileNameW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
InitOnceBeginInitialize
InitOnceComplete
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
SetConsoleTextAttribute
SetEvent
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapSize
WriteConsoleW
TerminateProcess
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SleepEx
VerSetConditionMask
GetSystemDirectoryA
FreeLibrary
VerifyVersionInfoA
ExpandEnvironmentStringsA
WaitForSingleObjectEx
GetFileType
PeekNamedPipe
WaitForMultipleObjects
SetLastError
CreateFileA
GetFileSizeEx
FindClose
FindNextFileW
LocalFree
GetExitCodeThread
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindFirstFileExW
GetFileAttributesExW
GetFileInformationByHandle
GetFullPathNameW
SetEndOfFile
SetFileInformationByHandle
SetFilePointerEx
AreFileApisANSI
CopyFileW
GetFileInformationByHandleEx
RtlUnwind
VirtualQuery
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MessageBoxA
GetCursorPos
SetClipboardData
mouse_event
GetForegroundWindow
MapVirtualKeyA
GetWindowTextA
EmptyClipboard
CloseClipboard
OpenClipboard
ShowWindow
GetSystemMetrics
keybd_event
SetWindowPos
GetClipboardData
SetCursorPos
GetSystemMenu
EnableMenuItem
DestroyWindow
DefWindowProcA
CreateWindowExA
UnregisterClassA
RegisterClassExA
GetKeyState
LoadCursorA
ScreenToClient
ClientToScreen
IsChild
SetCursor
GetClientRect
GetProcessWindowStation
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW

dbghelp

UnDecorateSymbolName

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

d3dcompiler_47

D3DCompile

xinput1_4

ord2
ord4

wldap32

ord143
ord46
ord211
ord60
ord45
ord50
ord41
ord22
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301

wtsapi32

WTSSendMessageW

Sections

.text
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 637KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uo2s0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uo2s1
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TGN X V5.7.8 Full Release V2/logs/10-12-2022_19-07-25_Crash.txt
TGN X V5.7.8 Full Release V2/scripts/Aimbot 3.0.txt
.js
TGN X V5.7.8 Full Release V2/scripts/Aimbot.txt
.js
TGN X V5.7.8 Full Release V2/scripts/Alt+Print.txt
TGN X V5.7.8 Full Release V2/scripts/BloxHunt.txt
TGN X V5.7.8 Full Release V2/scripts/CBROKillAll.txt
TGN X V5.7.8 Full Release V2/scripts/CC Aimbot V2.txt
TGN X V5.7.8 Full Release V2/scripts/CC Aimbot.txt
.js
TGN X V5.7.8 Full Release V2/scripts/CTRL+Del.txt
TGN X V5.7.8 Full Release V2/scripts/Click TP Tool.txt
TGN X V5.7.8 Full Release V2/scripts/CocoHub.txt
TGN X V5.7.8 Full Release V2/scripts/Dark Hub.txt
TGN X V5.7.8 Full Release V2/scripts/DexV1.txt
TGN X V5.7.8 Full Release V2/scripts/DexV4.txt
TGN X V5.7.8 Full Release V2/scripts/DivineSisters.txt
TGN X V5.7.8 Full Release V2/scripts/EclipseMM2.txt
TGN X V5.7.8 Full Release V2/scripts/FPSBoost.txt
TGN X V5.7.8 Full Release V2/scripts/Flee The Facility.txt
TGN X V5.7.8 Full Release V2/scripts/Infinite Yield.txt
TGN X V5.7.8 Full Release V2/scripts/Invisible Fling.txt
TGN X V5.7.8 Full Release V2/scripts/Jailbreak.txt
TGN X V5.7.8 Full Release V2/scripts/Kraken Hub.txt
TGN X V5.7.8 Full Release V2/scripts/LucidityMM2.txt
TGN X V5.7.8 Full Release V2/scripts/MM2.txt
TGN X V5.7.8 Full Release V2/scripts/MM2Autofarm.txt
TGN X V5.7.8 Full Release V2/scripts/MheeHub.txt
TGN X V5.7.8 Full Release V2/scripts/NoClipKeybind.txt
TGN X V5.7.8 Full Release V2/scripts/OxieHub.txt
TGN X V5.7.8 Full Release V2/scripts/Prisonware.txt
TGN X V5.7.8 Full Release V2/scripts/Reviz Admin.txt
TGN X V5.7.8 Full Release V2/scripts/SharkBite.txt
TGN X V5.7.8 Full Release V2/scripts/ZyrexHub.txt
TGN X V5.7.8 Full Release V2/scripts/oofNotoriety.txt
TGN X V5.7.8 Full Release V2/scripts/script.txt
TGN X V5.7.8 Full Release V2/workspace/6Foot4Honda's Scripts/6FootHubData.txt
TGN X V5.7.8 Full Release V2/workspace/6Foot4Honda's Scripts/ZombieUprisingData.txt
TGN X V5.7.8 Full Release V2/workspace/IY_FE.iy
TGN X V5.7.8 Full Release V2/workspace/kinglegacysettingss.json

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 77KB - Virtual size: 77KB

.rsrc Size: 1024B - Virtual size: 916B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 601KB - Virtual size: 601KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23Certificate

Extended Key Usages

Key Usages

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7eCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

2e:83:93:14:a9:06:f5:64:04:02:a1:dc:eb:a3:1a:a7:e9:21:c8:88:2c:dd:c2:3c:e4:c0:45:50:4c:ee:75:10Signer

Signature Validations

Verification

17/03/2021, 20:03 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 675KB - Virtual size: 675KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

.text
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 1024B - Virtual size: 916B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 601KB - Virtual size: 601KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23
Certificate

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7e
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

2e:83:93:14:a9:06:f5:64:04:02:a1:dc:eb:a3:1a:a7:e9:21:c8:88:2c:dd:c2:3c:e4:c0:45:50:4c:ee:75:10
Signer

17/03/2021, 20:03
Valid: true

.text
Size: 675KB - Virtual size: 675KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3.2MB - Virtual size: 3.2MB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 605KB - Virtual size: 604KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 4.7MB

.rdata
Size: - Virtual size: 1.3MB

.data
Size: - Virtual size: 1.0MB

.00cfg
Size: - Virtual size: 8B

.tls
Size: - Virtual size: 9KB

Africa0
Size: - Virtual size: 2.0MB

Africa1
Size: 12KB - Virtual size: 12KB

Africa2
Size: 6.8MB - Virtual size: 6.8MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 223B

.text
Size: 21KB - Virtual size: 20KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB