Nowy folder skompresowany (zip)[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Nowy folder skompresowany (zip).zip
Size

26.3MB
MD5

31fb61a23cdf5ade0e98f9f419b2472b
SHA1

8b7d2b2a1c46e80e0b005adb5433a1c2ddcf97d8
SHA256

24e0dcc3cb43e84fc482585b1bb8dbbbf587a5d2a7da4cc7118553c46573cd0d
SHA512

dd94235f1bcdd73462906b33a1e7ad5a1faeb8f6682450581c8ad8a54492fb6c699e41a23d73e27dbcb028592a1d0891918d432fc2063624117167c120179c0f
SSDEEP

786432:jHMAShqwXS5r2NRaexqtFcT/p2Q7a3NC50lWl+q:jHMfcwXSILaIAFczslNRlWl+q

Score

N/A

Malware Config

Signatures

Files

Nowy folder skompresowany (zip).zip
.zip
SkyrimSE.exe
.exe windows x64

6de04530e3121baf67de28c7d1e63f90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentDirectoryA
IsDebuggerPresent
DebugBreak
OutputDebugStringA
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventA
LocalFileTimeToFileTime
GetLocalTime
SystemTimeToFileTime
DeleteFileA
CreateDirectoryA
GetDriveTypeA
SetUnhandledExceptionFilter
MulDiv
GetLogicalDriveStringsA
CopyFileA
TryEnterCriticalSection
QueryPerformanceFrequency
InitializeCriticalSectionAndSpinCount
FindNextFileA
GetFullPathNameA
OutputDebugStringW
GetCurrentProcess
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryW
RaiseException
CreateThread
GetExitCodeThread
GetSystemInfo
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateSemaphoreA
CloseHandle
FileTimeToSystemTime
FormatMessageA
LocalFree
GetLastError
FindFirstFileA
CreateSemaphoreW
FindClose
HeapAlloc
FileTimeToLocalFileTime
SetFileAttributesA
HeapFree
GetProcessHeap
GlobalMemoryStatusEx
VirtualAlloc
VirtualFree
GetFileAttributesA
GetCurrentThread
SetThreadPriority
ExitThread
ResumeThread
CompareFileTime
QueryPerformanceCounter
CreateFileW
TlsFree
ReadFile
WriteFile
TerminateThread
GetCommandLineA
GetComputerNameA
SuspendThread
SetThreadAffinityMask
GetModuleFileNameA
GetModuleHandleA
SwitchToThread
SystemTimeToTzSpecificLocalTime
CreateFileA
FlushFileBuffers
GetFileSizeEx
GetFileTime
ReadFileEx
SetEndOfFile
SetFilePointerEx
SetFileTime
WriteFileEx
SleepEx
MoveFileA
WaitForMultipleObjects
TlsSetValue
TlsGetValue
TlsAlloc
WaitForSingleObject
ReleaseSemaphore
GetTickCount
ReleaseMutex
CreateMutexA
OpenEventA
OpenMutexA
GetDiskFreeSpaceExA
GetFileAttributesExA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileInformationByHandle
GetFileInformationByHandleEx
SetThreadIdealProcessor
GetTimeZoneInformation
GetTickCount64
CreateMutexW
CreateEventW
GetCurrentThreadId
GetGeoInfoW
GetUserGeoID
GetThreadId
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
LoadLibraryA
AcquireSRWLockExclusive
AcquireSRWLockShared
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
GetSystemDirectoryA
lstrlenW
GetVolumeInformationA
WideCharToMultiByte
RtlCaptureStackBackTrace
GetModuleHandleW
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep

user32

ShowCursor
GetCursorPos
GetWindowInfo
GetKeyboardLayout
GetWindowRect
FindWindowA
MessageBoxA
SetForegroundWindow
GetSystemMetrics
GetAsyncKeyState
GetActiveWindow
SetWindowPos
DefWindowProcA
PeekMessageA
DispatchMessageA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetClassNameA
EnumChildWindows
GetWindowTextA
GetDlgItem
GetClientRect
MapVirtualKeyA
ToUnicode
GetKeyState
TranslateMessage
RegisterClassA
UnregisterClassA
CreateWindowExA
DestroyWindow
ShowWindow
SetWindowTextA
SetRect
SetFocus
GetForegroundWindow
IsIconic
AdjustWindowRect

advapi32

GetUserNameA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetFolderPathA
ShellExecuteA

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoCreateGuid
CoInitializeSecurity
CoSetProxyBlanket
CoInitialize
CoUninitialize

x3daudio1_7

X3DAudioCalculate
X3DAudioInitialize

xinput1_3

ord2
ord4
ord3

dinput8

DirectInput8Create

ws2_32

gethostbyname
socket
setsockopt
send
select
recv
ntohs
listen
inet_ntoa
inet_addr
htons
ioctlsocket
GetAddrInfoW
closesocket
bind
accept
__WSAFDIsSet
WSAWaitForMultipleEvents
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
shutdown
gethostname
FreeAddrInfoW
ntohl
WSAStartup
WSACleanup
WSAGetLastError
connect
htonl
WSAAsyncSelect

bink2w64

BinkSetSoundSystem
BinkOpen
BinkDoFrame
BinkNextFrame
BinkWait
BinkClose
BinkCopyToBufferRect
BinkPause
BinkOpenDirectSound

winhttp

WinHttpSetTimeouts
WinHttpSetOption
WinHttpSendRequest
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpCloseHandle
WinHttpSetStatusCallback
WinHttpReceiveResponse
WinHttpConnect
WinHttpWriteData
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpOpen

iphlpapi

GetAdaptersAddresses

steam_api64

SteamFriends
SteamUserStats
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RunCallbacks
SteamApps
SteamUser
SteamAPI_Init
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback

msvcp140

?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?eof@ios_base@std@@QEBA_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Xbad_alloc@std@@YAXXZ
_Mbrtowc
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
?_Xout_of_range@std@@YAXPEBD@Z
_Xtime_get_ticks
_Query_perf_counter
_Query_perf_frequency
_Thrd_sleep
_Lock_shared_ptr_spin_lock
_Unlock_shared_ptr_spin_lock
?_Random_device@std@@YAIXZ
?flags@ios_base@std@@QEBAHXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?good@ios_base@std@@QEBA_NXZ

setupapi

SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

vcruntime140

_purecall
__CxxFrameHandler3
__RTDynamicCast
strstr
__intrinsic_setjmp
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
__std_type_info_compare
wcschr
longjmp
_CxxThrowException
memchr
__std_terminate
memcpy
memmove
memset
strrchr
strchr
memcmp
__C_specific_handler
__std_type_info_name

api-ms-win-crt-runtime-l1-1-0

_set_app_type
abort
_get_narrow_winmain_command_line
_endthreadex
_beginthreadex
_initterm
_initterm_e
_exit
_c_exit
_register_thread_local_exe_atexit_callback
exit
_wassert
_beginthread
_endthread
_invalid_parameter_noinfo
_errno
terminate
_cexit
_invalid_parameter_noinfo_noreturn
_crt_at_quick_exit
_execute_onexit_table
_seh_filter_exe
_register_onexit_function
_crt_atexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table

api-ms-win-crt-string-l1-1-0

wcsnlen
wcsncpy_s
strnlen
isxdigit
_wcsicmp
towlower
isupper
toupper
tolower
_strlwr_s
isspace
strcpy_s
_stricmp
strspn
isalnum
isdigit
strcmp
strncpy_s
strncpy
wcscat_s
wcscpy_s
strcspn
strncmp
strtok_s
_strnicmp
isalpha
strpbrk
strcat_s
wcscoll
_wcsicoll
_strupr_s

api-ms-win-crt-stdio-l1-1-0

fgets
__stdio_common_vsscanf
fclose
__stdio_common_vsnprintf_s
_wfopen_s
fopen_s
__stdio_common_vswscanf
__p__commode
__stdio_common_vsprintf_s
feof
__stdio_common_vsprintf
_getcwd
__stdio_common_vswprintf
__stdio_common_vfwprintf
__stdio_common_vfwprintf_s
__stdio_common_vfwprintf_p
__stdio_common_vfwscanf
__stdio_common_vswprintf_s
__stdio_common_vsnwprintf_s
_set_fmode
__acrt_iob_func
__stdio_common_vswprintf_p
__stdio_common_vfprintf_s
__stdio_common_vfprintf_p
fwrite
ftell
fseek
fread
fopen
__stdio_common_vfprintf
__stdio_common_vfscanf
__stdio_common_vsprintf_p
fflush
rewind

api-ms-win-crt-math-l1-1-0

tanf
atan2f
expf
acosf
sinf
__setusermatherr
cosf
floorf
cos
sin
logf
_isnan
fminf
atanf
_finite
_fdtest
modff
floor
fmod
sqrtf
log2
fmodf
powf
sqrt
asinf
log10f
atan2
ceilf
acos
asin
atan
ceil
exp
log
pow
tan

api-ms-win-crt-convert-l1-1-0

atof
strtod
strtol
_strtoui64
mbstowcs
_itow_s
strtoul
_itoa_s
atol
wcstombs_s
mbstowcs_s
atoi
_wtoi
_strtoi64
wcsrtombs_s
mbsrtowcs_s

api-ms-win-crt-filesystem-l1-1-0

_makepath_s
_access
_splitpath_s
_stat64i32
rename
_wstat64

api-ms-win-crt-utility-l1-1-0

qsort
srand
bsearch_s
bsearch
rand

api-ms-win-crt-time-l1-1-0

strftime
_time64
_ftime64
_gmtime64
_localtime64_s

api-ms-win-crt-heap-l1-1-0

malloc
_set_new_mode
_aligned_malloc
_aligned_free
_msize
free
calloc

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
localeconv

d3dx9_42

D3DXMatrixMultiplyTranspose
D3DXMatrixInverse
D3DXMatrixTranspose
D3DXPlaneNormalize
D3DXVec3TransformCoord
D3DXMatrixMultiply
D3DXVec3TransformNormal
D3DXVec3Normalize
D3DXPlaneTransform

d3d11

D3D11CreateDeviceAndSwapChain

hid

HidD_GetAttributes
HidP_GetCaps
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_GetSerialNumberString
HidD_GetProductString
HidD_GetManufacturerString
HidD_SetFeature
HidD_GetFeature
HidD_FreePreparsedData
HidP_GetValueCaps

winmm

timeGetDevCaps
timeGetTime
timeEndPeriod
timeBeginPeriod

dxgi

CreateDXGIFactory

gdi32

GetStockObject

oleaut32

VariantClear

Sections

.text
Size: 22.0MB - Virtual size: 22.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8.3MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 22.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 587KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bind
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
SkyrimSELauncher.exe
.exe windows x64

abc27a0ce6b6aab5629e5985f7909fb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

steam_api64

SteamAPI_Init
SteamApps
SteamAPI_Shutdown

kernel32

CreateDirectoryW
GetCurrentProcess
lstrlenW
GetModuleFileNameW
CreateMutexW
GetLastError
GetCurrentDirectoryW
GetModuleHandleW
CopyFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
OutputDebugStringW
GetPrivateProfileStringW
SetFileAttributesW
GetFileAttributesW
GetSystemTimeAsFileTime
GetPrivateProfileIntW
WritePrivateProfileStringW
CloseHandle
GetCurrentThreadId
CreateFileW
WriteFile
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
InitializeSListHead
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
GetCurrentProcessId

user32

DestroyWindow
GetDC
LoadStringW
ReleaseDC
CheckDlgButton
EnableWindow
CreateDialogParamW
ChildWindowFromPointEx
ShowWindow
GetSysColor
GetClientRect
GetDesktopWindow
InvalidateRect
LoadImageW
MessageBoxW
GetSystemMetrics
PeekMessageW
EnumDisplayDevicesW
SetProcessDPIAware
GetMessageW
DefWindowProcW
RegisterClassExW
DispatchMessageW
TranslateMessage
LoadIconW
LoadCursorW
PostQuitMessage
GetWindowRect
GetDlgItem
GetWindowInfo
SetWindowTextW
EndDialog
SendMessageW
SetWindowPos
ScreenToClient
UpdateWindow
SetWindowLongW

gdi32

GetTextExtentPoint32W
GetStockObject
SetTextColor
SetBkMode
SetBkColor

advapi32

RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteKeyW

shell32

ShellExecuteExW
SHGetFolderPathW
ShellExecuteW

ole32

CoUninitialize
CoInitialize

msvcp140

??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@I@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
??Bid@locale@std@@QEAA_KXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@M@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?_BADOFF@std@@3_JB
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ

comctl32

PropertySheetW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

dsound

ord11

vcruntime140

__std_exception_destroy
__std_exception_copy
__CxxFrameHandler3
__C_specific_handler
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
_CxxThrowException
memset
__std_terminate
memmove
memcpy
strstr

api-ms-win-crt-convert-l1-1-0

_wtof
_itow_s

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_get_narrow_winmain_command_line
_initterm
_initterm_e
_exit
_invalid_parameter_noinfo_noreturn
_c_exit
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_cexit
exit
terminate
_configure_narrow_argv
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment

api-ms-win-crt-string-l1-1-0

_stricmp
strncmp
tolower

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__stdio_common_vswscanf
__stdio_common_vswprintf_s
__p__commode

api-ms-win-crt-filesystem-l1-1-0

_waccess
_wchdir

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode
_callnewh

api-ms-win-crt-math-l1-1-0

floorf
fmodf
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6de04530e3121baf67de28c7d1e63f90

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

x3daudio1_7

xinput1_3

dinput8

ws2_32

bink2w64

winhttp

iphlpapi

steam_api64

msvcp140

setupapi

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

d3dx9_42

d3d11

hid

winmm

dxgi

gdi32

oleaut32

Sections

.text Size: 22.0MB - Virtual size: 22.0MB

.rdata Size: 8.3MB - Virtual size: 8.3MB

.data Size: 1.1MB - Virtual size: 22.9MB

.pdata Size: 1.3MB - Virtual size: 1.3MB

.text Size: 6KB - Virtual size: 6KB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 587KB - Virtual size: 586KB

.reloc Size: 333KB - Virtual size: 333KB

.bind Size: 231KB - Virtual size: 231KB

abc27a0ce6b6aab5629e5985f7909fb0

Headers

DLL Characteristics

File Characteristics

Imports

steam_api64

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcp140

comctl32

version

dsound

vcruntime140

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 82KB - Virtual size: 81KB

.text
Size: 22.0MB - Virtual size: 22.0MB

.rdata
Size: 8.3MB - Virtual size: 8.3MB

.data
Size: 1.1MB - Virtual size: 22.9MB

.pdata
Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 6KB - Virtual size: 6KB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 587KB - Virtual size: 586KB

.reloc
Size: 333KB - Virtual size: 333KB

.bind
Size: 231KB - Virtual size: 231KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 2KB - Virtual size: 6KB

.pdata
Size: 3KB - Virtual size: 2KB

.gfids
Size: 512B - Virtual size: 64B

.rsrc
Size: 4.0MB - Virtual size: 4.0MB