GMod-SDK-x64[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

GMod-SDK-x64.dll
Size

869KB
MD5

e3560668ae4dc28fb2300a3ee545f351
SHA1

09b27916588decab0679e508fc25b67eea7e6501
SHA256

ed63ae0433748898e29f6b332491fa3adec7ac738c4b0c2e081e64274971f83a
SHA512

53b37955868f683bed279c5368e5e3e024b1a31ab6db03efc6ace609b4193f6fb5ff2e6244cefdfd8ecd69141419f11381e05753e2d12eb2a0f83df67f1d8d21
SSDEEP

12288:vIVSpSe6ie3jSYw5SNAYsDPoNi+zRTsH/0F3gJzIK9IpLD2RHMnL:gVSpSe6iezbOPo8mTsHMFQJp9IZ2ZMn

Score

N/A

Malware Config

Signatures

Files

GMod-SDK-x64.dll
.dll windows x64

76c16ab745a0d2b79e5ed1f64558da66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GlobalLock
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
K32GetModuleInformation
GlobalAlloc
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcAddress
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GlobalFree
GetModuleHandleA
VirtualProtect
TerminateProcess
CreateDirectoryW

user32

SetCursor
GetKeyState
LoadCursorW
FindWindowA
GetClientRect
MessageBoxA
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
CallWindowProcW
GetForegroundWindow
GetWindowRect
GetAsyncKeyState
GetDesktopWindow
SetWindowLongPtrA
ClientToScreen
ScreenToClient
SetCapture
GetCapture

comdlg32

GetOpenFileNameA

msvcp140

??0_Lockit@std@@QEAA@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xbad_function_call@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_init_in_situ
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
_Mtx_unlock
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?bad@ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??1_Lockit@std@@QEAA@XZ

d3dx9_43

D3DXCreateFontW
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateLine

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
__std_exception_destroy
__std_exception_copy
memcpy
__std_terminate
memcmp
memchr
strstr
__C_specific_handler
__current_exception
__current_exception_context
__std_type_info_destroy_list
memset
memmove

api-ms-win-crt-stdio-l1-1-0

fputc
__stdio_common_vfprintf
fseek
__stdio_common_vsscanf
fflush
ftell
_get_stream_buffer_pointers
fclose
_fseeki64
fread
fsetpos
ungetc
setvbuf
fgetpos
__stdio_common_vsprintf
fgetc
fwrite
_wfopen

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-utility-l1-1-0

qsort
srand
rand

api-ms-win-crt-math-l1-1-0

fmodf
pow
_dclass
sinf
powf
_hypotf
sqrtf
ceilf
cos
_dsign
asinf
sin
cosf
floorf
atan2f

api-ms-win-crt-convert-l1-1-0

strtod
strtoull
strtoll
atof

api-ms-win-crt-runtime-l1-1-0

_cexit
_beginthreadex
_initterm_e
_crt_atexit
terminate
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
_invalid_parameter_noinfo_noreturn
_initterm

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-string-l1-1-0

strncpy
strcmp
strcpy_s

Sections

.text
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 383KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76c16ab745a0d2b79e5ed1f64558da66

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

msvcp140

d3dx9_43

imm32

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-string-l1-1-0

Sections

.text Size: 461KB - Virtual size: 460KB

.rdata Size: 383KB - Virtual size: 382KB

.data Size: 6KB - Virtual size: 137KB

.pdata Size: 16KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 1024B - Virtual size: 860B

.text
Size: 461KB - Virtual size: 460KB

.rdata
Size: 383KB - Virtual size: 382KB

.data
Size: 6KB - Virtual size: 137KB

.pdata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1024B - Virtual size: 860B