SA_-_Essentials_Pack_JC[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

SA_-_Essentials_Pack_JC.zip
Size

10.4MB
MD5

4cfd483f450d5ff6276c8b4d5b0fb6c3
SHA1

f9ee14c174bb7323976545a9c6121fb61d5c64cb
SHA256

525358e1496f7d61713f9ff5350146e3ee2bffb7fa5b0afb8d116cd6075ae642
SHA512

10f737a2153b6d6a8559527fe7c0a6bc0c7f0c2c48b1c06f62d83c4b0797a0dfb82c88ca4d13a3f883b81b999ef82ed1060ce606d5f200425f2f965482c1030b
SSDEEP

196608:Bd5bBAlX3O5X1RXMufMvAa23ixbk4LbxUG3QQyeUqjoZSVy07ez3G9j2wHucMDA5:FbBAlXeBgvb23ixlpfQzeMZSVy07ezcR

Score

3^/10

Malware Config

Signatures

Unsigned PE 28 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CLEO.asi
unpack001/CLEO/FileSystemOperations.cleo
unpack001/CLEO/IniFiles.cleo
unpack001/CLEO/IntOperations.cleo
unpack001/_noDEP.asi
unpack001/bass.dll
unpack001/gta_sa.exe
unpack001/libcurl.dll
unpack001/modloader.asi
unpack001/modloader/.data/plugins/gta3/std.asi.dll
unpack001/modloader/.data/plugins/gta3/std.bank.dll
unpack001/modloader/.data/plugins/gta3/std.data.dll
unpack001/modloader/.data/plugins/gta3/std.fx.dll
unpack001/modloader/.data/plugins/gta3/std.movies.dll
unpack001/modloader/.data/plugins/gta3/std.scm.dll
unpack001/modloader/.data/plugins/gta3/std.sprites.dll
unpack001/modloader/.data/plugins/gta3/std.stream.dll
unpack001/modloader/.data/plugins/gta3/std.text.dll
unpack001/modloader/.data/plugins/gta3/std.tracks.dll
unpack001/modloader/_ESSENTIALS/RunDLL32 Fix/rundll32exefix.asi
unpack001/modloader/_ESSENTIALS/SilentPatch/SilentPatchSA.asi
unpack001/modloader/_ESSENTIALS/Widescreen Fix by ThirteenAG/GTASA.WidescreenFix.asi
unpack001/modloader/_ESSENTIALS/Widescreen HOR+ Support by Wesser/wshps.asi
unpack001/modloader/_ESSENTIALS/Windowed Mode/III.VC.SA.CoordsManager.exe
unpack001/modloader/_ESSENTIALS/Windowed Mode/III.VC.SA.WindowedMode.asi
unpack001/vorbisFile.dll
unpack001/vorbisHooked.dll
unpack001/zlib1.dll

Files

SA_-_Essentials_Pack_JC.zip
.zip
(ESSENTIALS README)/CLEO (Leiame - PT).txt
(ESSENTIALS README)/CLEO (Readme - EN).txt
(ESSENTIALS README)/CLEO+ (Leiame - PT).txt
(ESSENTIALS README)/CLEO+ (Readme - EN).txt
(ESSENTIALS README)/CLEO+.url
.url
(ESSENTIALS README)/CLEO.url
.url
(ESSENTIALS README)/CrashInfo (Leiame - EN).txt
(ESSENTIALS README)/CrashInfo (Leiame - PT).txt
(ESSENTIALS README)/CrashInfo.url
.url
(ESSENTIALS README)/EXE 1.0 US Hoodlum (Leiame - PT).txt
(ESSENTIALS README)/EXE 1.0 US Hoodlum (Readme - EN).txt
(ESSENTIALS README)/Framerate Vigilante (Leiame - PT).txt
(ESSENTIALS README)/Framerate Vigilante (Readme - EN).txt
(ESSENTIALS README)/Framerate Vigilante.url
.url
(ESSENTIALS README)/ModLoader (Leiame - PT).txt
(ESSENTIALS README)/ModLoader (Readme - EN).txt
(ESSENTIALS README)/ModLoader.url
.url
(ESSENTIALS README)/NoDEP (Leiame - PT).txt
(ESSENTIALS README)/NoDEP (Readme - EN).txt
(ESSENTIALS README)/NoDEP.url
.url
(ESSENTIALS README)/RepairGTA (Leiame - PT).txt
(ESSENTIALS README)/RepairGTA (Readme - EN).txt
(ESSENTIALS README)/RepairGTA.url
.url
(ESSENTIALS README)/RunDLL32 Fix.url
.url
(ESSENTIALS README)/Silent ASI Loader (Readme - EN).txt
(ESSENTIALS README)/Silent ASI Loader.url
.url
(ESSENTIALS README)/SilentPatch (Leiame - PT).txt
(ESSENTIALS README)/SilentPatch (Readme - EN).txt
(ESSENTIALS README)/SilentPatch.url
.url
(ESSENTIALS README)/Widescreen Fix HOR+ Support (Leiame - PT).txt
(ESSENTIALS README)/Widescreen Fix HOR+ Support (Readme - EN).txt
(ESSENTIALS README)/Widescreen Fix by ThirteenAG (Leiame - PT).txt
(ESSENTIALS README)/Widescreen Fix by ThirteenAG (Readme - EN).txt
(ESSENTIALS README)/Widescreen Fix.url
.url
(ESSENTIALS README)/Windowed Mode (Leiame - PT).txt
(ESSENTIALS README)/Windowed Mode (Readme - EN).txt
(ESSENTIALS README)/Windowed Mode.url
.url
(ESSENTIALS README)/_ Primeiros passos - First steps.url
.url
(fix dependencies)/(remove GameUX)/GameUX_DisableShims.reg
(fix dependencies)/(remove GameUX)/Leiame (ou morra).txt
(fix dependencies)/(remove GameUX)/Readme (or die).txt
(fix dependencies)/(remove GameUX)/gameux_delet.bat
(fix dependencies)/Redistributables, DirectX etc.url
.url
CLEO.asi
.dll windows x86

3891fb167d3b92a882ea14c7a56d54a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bass

BASS_Free
BASS_Set3DPosition
BASS_Apply3D
BASS_ChannelSet3DAttributes
BASS_GetInfo
BASS_Init
BASS_ChannelGetLength
BASS_ErrorGetCode
BASS_ChannelGetAttribute
BASS_GetDeviceInfo
BASS_ChannelBytes2Seconds
BASS_Set3DFactors
BASS_GetVersion
BASS_StreamFree
BASS_ChannelIsActive
BASS_ChannelSetAttribute
BASS_ChannelSet3DPosition
BASS_StreamCreateFile
BASS_ChannelSetPosition
BASS_StreamCreateURL
BASS_ChannelFlags
BASS_ChannelPlay
BASS_StreamCreate
BASS_ChannelPause

kernel32

VirtualProtect
OutputDebugStringA
GetModuleHandleA
GetLocalTime
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateDirectoryA
WriteConsoleW
SetEndOfFile
HeapSize
CreateFileW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringEx
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ReadFile
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetDriveTypeW
GetFullPathNameW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
SetFilePointerEx
GetConsoleMode
ReadConsoleW
FlushFileBuffers
WriteFile
GetConsoleCP
CloseHandle
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileSizeEx
HeapReAlloc
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle

user32

GetKeyState
MessageBoxA

Exports

Exports

_CLEO_AddScriptDeleteDelegate@4
_CLEO_CreateCustomScript@12
_CLEO_GetFloatOpcodeParam@4
_CLEO_GetGameVersion@0
_CLEO_GetIntOpcodeParam@4
_CLEO_GetInternalAudioStream@8
_CLEO_GetLastCreatedCustomScript@0
_CLEO_GetOperandType@4
_CLEO_GetPointerToScriptVariable@4
_CLEO_GetScriptTextureById@8
_CLEO_GetVersion@0
_CLEO_ReadStringOpcodeParam@12
_CLEO_ReadStringPointerOpcodeParam@12
_CLEO_RecordOpcodeParams@8
_CLEO_RegisterOpcode@8
_CLEO_RemoveScriptDeleteDelegate@4
_CLEO_RetrieveOpcodeParams@8
_CLEO_SetFloatOpcodeParam@8
_CLEO_SetIntOpcodeParam@8
_CLEO_SetThreadCondResult@8
_CLEO_SkipOpcodeParams@8
_CLEO_ThreadJumpAtLabelPtr@8
_CLEO_WriteStringOpcodeParam@8
missionLocals
opcodeParams
staticThreads

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CLEO/CLEO+.cleo
.dll windows x86

af8b9a1135046c22bc21a90218f057ca

Code Sign

1c:9a:c2:ed:a2:78:3f:a8:a2:ad:76:7c:a5:da:63:72
Certificate

Issuer

CN=JuniorDjjr,O=MixMods,C=55,1.2.840.113549.1.9.1=#0c16636f6e7461746f406d69786d6f64732e636f6d2e6272

Not Before

30/03/2021, 08:35

Not After

31/03/2024, 08:35

Subject

CN=JuniorDjjr,O=MixMods,C=55,1.2.840.113549.1.9.1=#0c16636f6e7461746f406d69786d6f64732e636f6d2e6272

Key Usages

KeyUsageDigitalSignature
KeyUsageDataEncipherment
KeyUsageKeyAgreement

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a8:5c:23:a0:07:e4:1e:a9:64:ff:9f:c5:05:3c:eb:ce:25:8f:25:f8
Signer

Actual PE Digest

a8:5c:23:a0:07:e4:1e:a9:64:ff:9f:c5:05:3c:eb:ce:25:8f:25:f8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cleo.asi

ord10
ord22
ord11
ord3
ord8
ord25
ord5
ord1
ord20
ord19
ord6
ord15
ord13
ord4
ord23
ord24
ord21

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress
GlobalAlloc
GetLocalTime
GlobalLock
GlobalUnlock
CreateFileW
SetFilePointerEx
GetFileSizeEx
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetConsoleMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
InterlockedFlushSList
RaiseException
GetLastError
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
ExitProcess
WriteFile
OutputDebugStringW
HeapFree
HeapAlloc
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
DecodePointer

user32

EmptyClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
GetKeyState
MessageBoxA
SetClipboardData
CloseClipboard

Exports

Exports

GetCleoPlusVersion

Sections

.text
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CLEO/FileSystemOperations.cleo
.dll windows x86

dffc22e192845817859859bcb035ab68

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cleo.asi

ord8
ord6
ord3
ord5
ord12

kernel32

MoveFileA
FindFirstFileA
FindNextFileA
FindClose
CopyFileA
GetFileAttributesA
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
CreateFileW
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
DecodePointer
WriteConsoleW

user32

MessageBoxA

Sections

.text
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CLEO/IniFiles.cleo
.dll windows x86

cebde476285745a8946f05941d9663bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cleo.asi

ord10
ord15
ord12
ord11
ord8
ord1
ord3
ord13
ord5
ord4
ord20

kernel32

GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
CreateFileW
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
DecodePointer
WriteConsoleW

user32

MessageBoxA

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CLEO/IntOperations.cleo
.dll windows x86

cde885c3c2ca26d4a18ae494285a2c31

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cleo.asi

ord11
ord8
ord3
ord5
ord19

user32

MessageBoxA

kernel32

DecodePointer
WriteConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW
CloseHandle

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrashInfo.SA.asi
.dll windows x86

41646e430631b168e8265f6fd1bb1967

Code Sign

1c:9a:c2:ed:a2:78:3f:a8:a2:ad:76:7c:a5:da:63:72
Certificate

Issuer

CN=JuniorDjjr,O=MixMods,C=55,1.2.840.113549.1.9.1=#0c16636f6e7461746f406d69786d6f64732e636f6d2e6272

Not Before

30/03/2021, 08:35

Not After

31/03/2024, 08:35

Subject

CN=JuniorDjjr,O=MixMods,C=55,1.2.840.113549.1.9.1=#0c16636f6e7461746f406d69786d6f64732e636f6d2e6272

Key Usages

KeyUsageDigitalSignature
KeyUsageDataEncipherment
KeyUsageKeyAgreement

32:cd:f5:ed:00:87:88:bd:c9:45:74:3a:5e:a4:43:1f:29:db:33:8d
Signer

Actual PE Digest

32:cd:f5:ed:00:87:88:bd:c9:45:74:3a:5e:a4:43:1f:29:db:33:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDefaultUILanguage
lstrlenA
GetModuleHandleA
GetModuleHandleExA
MoveFileExA
WritePrivateProfileStringA
CreateDirectoryA
GetCurrentProcess
GetCurrentThread
VirtualQuery
SetUnhandledExceptionFilter
GetModuleHandleExW
GetModuleFileNameW
GetModuleHandleW
HeapSize
GetProcessHeap
VirtualProtect
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
OutputDebugStringW
ReadConsoleW
GetTimeZoneInformation
ReadFile
SetStdHandle
SetEnvironmentVariableW
GetModuleFileNameA
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetLocaleInfoEx
CompareStringEx
GetCPInfo
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetProcAddress
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
InterlockedFlushSList
RaiseException
GetLastError
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetStdHandle
WriteConsoleW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapFree
HeapAlloc
GetCurrentDirectoryW
GetFullPathNameW
GetDateFormatW
SetEndOfFile

user32

GetDlgItem
SendMessageA
SetFocus
MessageBoxA
SetWindowTextA
GetWindowTextA
DialogBoxParamA
EndDialog
GetActiveWindow
ShowCursor

shell32

ShellExecuteA

dbghelp

SymCleanup
SymInitialize
StackWalk64
SymSetOptions
SymFromAddr

comctl32

ord17

libcurl

curl_easy_init
curl_easy_perform
curl_global_init
curl_global_cleanup
curl_easy_cleanup
curl_easy_setopt

Sections

.text
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrashInfo.ini
CrashList.txt
Essentials (Leiame - PT).txt
Essentials (Readme - EN).txt
Essentials Pack.url
.url
_noDEP.asi
.dll windows x86

731589af4659b5cd5f8bccdfe3894ad2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
IsProcessorFeaturePresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bass.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelFlags
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttribute
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelGetTags
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelLock
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttribute
BASS_ChannelSetDSP
BASS_ChannelSetDevice
BASS_ChannelSetFX
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttribute
BASS_ChannelStop
BASS_ChannelUpdate
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXReset
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetConfigPtr
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceInfo
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicLoad
BASS_Pause
BASS_PluginFree
BASS_PluginGetInfo
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceInfo
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetChannels
BASS_SampleGetData
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetData
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetConfigPtr
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamPutData
BASS_StreamPutFileData
BASS_Update
_

Sections

Size: 100KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 576B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gta_sa.exe
.exe windows x86

83fa14dca08906691b3ff3778b54b308

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps

vorbisfile

ov_open_callbacks
ov_clear
ov_time_total
ov_time_tell
ov_read
ov_info
ov_time_seek

ws2_32

recv
send
closesocket
htons
inet_addr
connect
WSAGetLastError
WSAStartup
WSACleanup
socket

eax

ord6

kernel32

VirtualProtect
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetCPInfo
GetDateFormatA
VirtualQuery
GetTickCount
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetFileSize
CloseHandle
LocalFree
WaitForSingleObjectEx
GetOverlappedResult
WaitForSingleObject
ReleaseSemaphore
SetFilePointer
GetLastError
ReadFile
SetLastError
CreateFileA
ResumeThread
SetThreadPriority
GetThreadPriority
GetCurrentThread
CreateThread
LocalAlloc
CreateSemaphoreA
GetDiskFreeSpaceA
Sleep
QueryPerformanceCounter
InterlockedIncrement
InterlockedDecrement
lstrcpyA
lstrcatA
lstrlenA
DeleteCriticalSection
SuspendThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
MultiByteToWideChar
DeleteFileA
TerminateThread
FindClose
FindNextFileA
GetFileAttributesA
FindFirstFileA
FreeLibrary
QueryPerformanceFrequency
OutputDebugStringA
GetLocalTime
CreateDirectoryA
GetUserDefaultLCID
SetStdHandle
CreateEventA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
SetErrorMode
GlobalMemoryStatus
GetVersionExA
GetCommandLineA
GetFullPathNameA
WideCharToMultiByte
lstrcmpiA
GetSystemInfo
IsProcessorFeaturePresent
LockResource
LoadResource
SizeofResource
FindResourceA
FindResourceW
MapViewOfFile
CreateFileMappingA
CreateFileW
UnmapViewOfFile
ReleaseMutex
CreateMutexA
GetCurrentProcessId
GetSystemDirectoryA
GetModuleFileNameA
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
LCMapStringW
LCMapStringA
WriteFile
FatalAppExitA
SetUnhandledExceptionFilter
HeapSize
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
GetStartupInfoA
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
RaiseException
InterlockedExchange
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetConsoleCtrlHandler
GetTimeFormatA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTimeZoneInformation
SetEndOfFile
GetLocaleInfoW
GetCurrentDirectoryA
GetSystemDefaultLCID
SetCurrentDirectoryA
GetEnvironmentStrings

user32

wsprintfA
IsIconic
GetWindowLongA
GetMenu
AdjustWindowRectEx
SystemParametersInfoA
DestroyWindow
SetWindowLongA
ShowWindow
LoadIconA
LoadCursorA
RegisterClassA
ReleaseCapture
GetWindowPlacement
SetTimer
ClipCursor
PostQuitMessage
SetCursor
SetCapture
DefWindowProcA
MapVirtualKeyA
UpdateWindow
GetKeyState
FindWindowA
SetForegroundWindow
PeekMessageA
DispatchMessageA
TranslateMessage
GetKeyboardLayout
DialogBoxParamA
EndDialog
GetDlgItem
SetFocus
SendMessageA
SetWindowPos
AdjustWindowRect
CreateWindowExA
ShowCursor
GetWindowRect
MessageBoxA
SetWindowTextA
ClientToScreen
SetCursorPos
GetClientRect

gdi32

DeleteObject

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_rwcseg
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 301KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_rwdseg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HOODLUM
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
gta_sa.pdb
libcurl.dll
.dll windows x86

5413fa7222d9f3dacc0955d34de16287

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wldap32

ord45
ord50
ord41
ord60
ord46
ord22
ord26
ord27
ord32
ord33
ord211
ord143
ord79
ord30
ord200
ord301
ord35

ws2_32

getaddrinfo
inet_pton
WSAIoctl
gethostname
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
bind
WSAGetLastError
freeaddrinfo
listen
accept
closesocket
recv
send
socket
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSASetEvent
WSAWaitForMultipleEvents
ioctlsocket
ntohl
__WSAFDIsSet
select
htonl
WSAStartup
WSACleanup
recvfrom
sendto
WSASetLastError

advapi32

CryptHashData
CryptReleaseContext
CryptDestroyKey
CryptImportKey
CryptEncrypt
CryptGetHashParam
CryptGenRandom
CryptDestroyHash
CryptAcquireContextA
CryptCreateHash

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CryptStringToBinaryA
CertOpenStore
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CertFreeCertificateContext

zlib1

zlibVersion
inflateInit_
inflateEnd
inflate
inflateInit2_

kernel32

FormatMessageW
SetLastError
GetLastError
MoveFileExA
Sleep
GetEnvironmentVariableA
WaitForSingleObjectEx
CloseHandle
GetSystemDirectoryA
FreeLibrary
MultiByteToWideChar
SleepEx
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceFrequency
GetModuleHandleA
LoadLibraryA
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
VerSetConditionMask
VerifyVersionInfoA
CreateFileA
GetFileSizeEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
GetProcAddress
GetStdHandle

vcruntime140

memcpy
strchr
strrchr
memmove
strstr
memchr
_except_handler4_common
__std_type_info_destroy_list
memset

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_getpid
strerror
__sys_nerr
_beginthreadex
_errno
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table

api-ms-win-crt-string-l1-1-0

isupper
strncmp
_strdup
tolower
strspn
strncpy
strcspn
strpbrk

api-ms-win-crt-stdio-l1-1-0

fopen
__acrt_iob_func
fputs
__stdio_common_vsscanf
_lseeki64
__stdio_common_vsprintf
fputc
feof
fflush
fclose
fread
fseek
_close
_open
fwrite
_read
_write
ftell
fgets

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_access
_unlink
_stat64

api-ms-win-crt-heap-l1-1-0

malloc
free
realloc
calloc

api-ms-win-crt-convert-l1-1-0

atoi
strtoul
wcstombs
strtol
strtoll

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

_fdopen

Exports

Exports

curl_dbg_accept
curl_dbg_calloc
curl_dbg_fclose
curl_dbg_fdopen
curl_dbg_fopen
curl_dbg_free
curl_dbg_log
curl_dbg_malloc
curl_dbg_mark_sclose
curl_dbg_memdebug
curl_dbg_memlimit
curl_dbg_realloc
curl_dbg_recv
curl_dbg_sclose
curl_dbg_send
curl_dbg_socket
curl_dbg_strdup
curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_perform_ev
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader.asi
.dll windows x86

72a576cffac57403f641046958e1ff3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dbghelp

SymFromAddr
SymInitialize
SymCleanup
SymSetOptions
StackWalk64

kernel32

TlsGetValue
SetEndOfFile
ReadConsoleW
ReadFile
LocalFree
GetCommandLineW
WideCharToMultiByte
VirtualQuery
GetCurrentProcess
SetUnhandledExceptionFilter
GetCurrentThread
GetModuleFileNameA
GetModuleHandleExA
VirtualProtect
HeapCreate
HeapDestroy
HeapAlloc
ExitProcess
CloseHandle
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetModuleHandleA
GetUserDefaultLCID
GetLastError
FindClose
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
GetFileAttributesA
FindFirstFileA
FindNextFileA
CopyFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
GetOverlappedResult
ResumeThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateEventA
CreateFileA
CancelIo
ReadDirectoryChangesW
HeapSize
WriteConsoleW
SetFilePointerEx
CreateFileW
SetStdHandle
QueryPerformanceCounter
QueryPerformanceFrequency
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
MultiByteToWideChar
EncodePointer
DecodePointer
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
TerminateProcess
RaiseException
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
GetSystemInfo
VirtualAlloc
HeapFree
HeapReAlloc
GetModuleHandleExW
GetStdHandle
GetFileType
GetACP
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
IsValidLocale
EnumSystemLocalesW
GetProcessHeap
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW

user32

MessageBoxA

shell32

SHGetFolderPathA
CommandLineToArgvW

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 468KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/CHANGELOG.md
modloader/.data/Command Line Arguments.md
modloader/.data/LICENSE
modloader/.data/Leia-me.md
modloader/.data/Profiles.md
modloader/.data/Readme.md
modloader/.data/config.ini.0
modloader/.data/licenses/boost.txt
modloader/.data/licenses/cereal.txt
modloader/.data/licenses/tinympl.txt
modloader/.data/licenses/utf8-cpp.txt
modloader/.data/modloader.ini.0
modloader/.data/plugins.ini.0
modloader/.data/plugins/gta3/std.asi.dll
.dll windows x86

bd525ac79c60869c7cf38ab7292fb4dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
VirtualProtect
GetCurrentProcessId
GetLastError
SetLastError
FindClose
CloseHandle
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleExA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileAttributesA
GetFileAttributesW
GetFileAttributesExA
FindFirstFileA
FindNextFileA
CreateToolhelp32Snapshot
Module32First
Module32Next
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
RtlUnwind
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW
CreateFileW

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.asi.md
modloader/.data/plugins/gta3/std.bank.dll
.dll windows x86

3579926e526f30844ca2e7ad42972e6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThread
SetThreadPriority
GetThreadPriority
ResumeThread
ReleaseSemaphore
WaitForSingleObject
Sleep
GetFileSize
ReadFile
CloseHandle
CreateSemaphoreA
GetModuleHandleA
CreateFileA
GetFileAttributesA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
CreateThread
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetStdHandle
GetFileType
GetACP
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
CreateFileW
HeapSize
HeapReAlloc
WriteConsoleW
SetEndOfFile
DecodePointer
GetModuleHandleExW
VirtualProtect

advapi32

SystemFunction036

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.bank.md
modloader/.data/plugins/gta3/std.data.dll
.dll windows x86

3654917fdb6018cf5686907c7d00ff0f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
GetModuleHandleA
CreateDirectoryA
GetFileAttributesA
GetFileAttributesExA
DeleteFileA
FindFirstFileA
FindNextFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
CopyFileA
RemoveDirectoryA
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
InitializeSListHead
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
GetLastError
GetModuleFileNameW
VirtualQuery
FreeLibrary
LoadLibraryExW
GetSystemInfo
VirtualAlloc
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
CloseHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
GetACP
ReadConsoleW
GetProcessHeap
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
CreateFileW
HeapSize
SetEndOfFile
RtlUnwind
VirtualProtect

advapi32

SystemFunction036

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 520KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.data.md
modloader/.data/plugins/gta3/std.fx.dll
.dll windows x86

9fa1386f2626bf194c0274f8a604567b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetFileAttributesA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetModuleHandleA
GetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
HeapSize
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW
CloseHandle
CreateFileW
GetACP
VirtualProtect

advapi32

SystemFunction036

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.fx.md
modloader/.data/plugins/gta3/std.movies.dll
.dll windows x86

4df6cce7e08661b5fdef6fb6198cfcd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetModuleHandleA
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW
CloseHandle
CreateFileW
GetACP
VirtualProtect

advapi32

SystemFunction036

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.movies.md
modloader/.data/plugins/gta3/std.scm.dll
.dll windows x86

4df6cce7e08661b5fdef6fb6198cfcd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetModuleHandleA
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW
CloseHandle
CreateFileW
GetACP
VirtualProtect

advapi32

SystemFunction036

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.scm.md
modloader/.data/plugins/gta3/std.sprites.dll
.dll windows x86

408cc465fcecb8c701dea527387318ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
EncodePointer
DecodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
VirtualQuery
FreeLibrary
LoadLibraryExW
GetModuleHandleA
VirtualAlloc
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
HeapSize
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
CloseHandle
CreateFileW
GetSystemInfo
VirtualProtect

advapi32

SystemFunction036

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.sprites.md
modloader/.data/plugins/gta3/std.stream.dll
.dll windows x86

d6ffbc1b425279c5131bf01cb526043b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetFileAttributesA
FreeLibrary
GetProcAddress
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CloseHandle
CreateSemaphoreA
GetModuleHandleExA
GetLastError
GetOverlappedResult
ReadFile
CreateFileA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
RtlUnwind
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetACP
GetConsoleMode
ReadConsoleW
GetStdHandle
GetFileType
GetStringTypeW
SetFilePointerEx
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
CreateFileW
HeapSize
HeapReAlloc
WriteConsoleW
SetEndOfFile
DecodePointer

Exports

Exports

CdStreamRaceConditionAware
GetLoaderVersion
GetPluginData
StreamRefresherCreate

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.stream.md
modloader/.data/plugins/gta3/std.text.dll
.dll windows x86

707ff9b7979ef00506c10723ba05d2e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
CloseHandle
GetStdHandle
GetModuleHandleA
GetACP
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
CreateFileW
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
ReadFile
ReadConsoleW
SetEndOfFile
DecodePointer
GetFileType
VirtualProtect

advapi32

SystemFunction036

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.text.md
modloader/.data/plugins/gta3/std.tracks.dll
.dll windows x86

f513fba78f6b4666c2733fe3dd270598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetFileAttributesA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
EncodePointer
RaiseException
RtlUnwind
GetLastError
GetModuleFileNameW
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetModuleHandleA
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW
CloseHandle
CreateFileW
GetACP
VirtualProtect

advapi32

SystemFunction036

Exports

Exports

GetLoaderVersion
GetPluginData

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/.data/plugins/gta3/std.tracks.md
modloader/.data/text/1033/menu.fxt
modloader/.data/text/1046/menu.fxt
modloader/.data/text/2070/menu.fxt
modloader/_ESSENTIALS/FramerateVigilante/Framerate Vigilante.url
.url
modloader/_ESSENTIALS/FramerateVigilante/FramerateVigilante.SA.asi
.dll windows x86

12091010546df298836adb442c4683a6

Code Sign

1c:9a:c2:ed:a2:78:3f:a8:a2:ad:76:7c:a5:da:63:72
Certificate

Issuer

CN=JuniorDjjr,O=MixMods,C=55,1.2.840.113549.1.9.1=#0c16636f6e7461746f406d69786d6f64732e636f6d2e6272

Not Before

30/03/2021, 08:35

Not After

31/03/2024, 08:35

Subject

CN=JuniorDjjr,O=MixMods,C=55,1.2.840.113549.1.9.1=#0c16636f6e7461746f406d69786d6f64732e636f6d2e6272

Key Usages

KeyUsageDigitalSignature
KeyUsageDataEncipherment
KeyUsageKeyAgreement

8c:62:45:a6:b4:79:33:40:0c:d2:41:03:17:d9:ce:42:ae:9d:61:5d
Signer

Actual PE Digest

8c:62:45:a6:b4:79:33:40:0c:d2:41:03:17:d9:ce:42:ae:9d:61:5d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
VirtualProtect
GetModuleHandleA
GetModuleHandleExA
HeapSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
InterlockedFlushSList
RaiseException
GetLastError
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
ExitProcess
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapFree
HeapAlloc
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
ReadConsoleW
OutputDebugStringW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
CreateFileW
SetEndOfFile

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/_ESSENTIALS/FramerateVigilante/FramerateVigilante.ini
modloader/_ESSENTIALS/RepairGTA/RepairGTA.SA.asi
.dll windows x86

15d1bb3f287aa71318c84a3ae5fe1828

Code Sign

1c:9a:c2:ed:a2:78:3f:a8:a2:ad:76:7c:a5:da:63:72
Certificate

Issuer

CN=JuniorDjjr,O=MixMods,C=55,1.2.840.113549.1.9.1=#0c16636f6e7461746f406d69786d6f64732e636f6d2e6272

Not Before

30/03/2021, 08:35

Not After

31/03/2024, 08:35

Subject

CN=JuniorDjjr,O=MixMods,C=55,1.2.840.113549.1.9.1=#0c16636f6e7461746f406d69786d6f64732e636f6d2e6272

Key Usages

KeyUsageDigitalSignature
KeyUsageDataEncipherment
KeyUsageKeyAgreement

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

41:7f:76:8e:5f:9a:4b:4b:d2:fd:b3:23:f7:b2:70:5d:17:d0:8b:7b
Signer

Actual PE Digest

41:7f:76:8e:5f:9a:4b:4b:d2:fd:b3:23:f7:b2:70:5d:17:d0:8b:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetModuleHandleA
HeapSize
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringEx
GetStringTypeW
GetCPInfo
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
InterlockedFlushSList
RaiseException
GetLastError
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
ExitProcess
GetFileSizeEx
SetFilePointerEx
HeapAlloc
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
ReadConsoleW
OutputDebugStringW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
CreateFileW
SetEndOfFile

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/_ESSENTIALS/RepairGTA/RepairGTA.url
.url
modloader/_ESSENTIALS/RunDLL32 Fix/RunDLL32 Fix.url
.url
modloader/_ESSENTIALS/RunDLL32 Fix/rundll32exefix.asi
.dll windows x86

4ed18356972be7c2c427767009dd2b8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
OpenProcess
Sleep
TerminateProcess
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
CloseHandle
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
GetCurrentThreadId

user32

EnumWindows
GetWindowThreadProcessId
PostMessageW

msvcp100

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??3@YAXPAX@Z
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
memmove
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_malloc_crt
__clean_type_info_names_internal
??2@YAPAXI@Z
memcpy
_CxxThrowException
free
__CxxFrameHandler3

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/_ESSENTIALS/SilentPatch/SilentPatch.url
.url
modloader/_ESSENTIALS/SilentPatch/SilentPatchSA.asi
.dll windows x86

5ebfa6e778d00971e6c9dace8014d389

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleW
CloseHandle
SetFilePointerEx
ReadFile
GetFileSizeEx
VirtualProtect
LoadLibraryW
FreeLibrary
GetCurrentProcess
GetModuleFileNameW
GetModuleHandleExW
CreateDirectoryA
QueryPerformanceCounter
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
GetOverlappedResult
CreateSemaphoreW
WaitForSingleObject
ReleaseSemaphore
InitializeCriticalSection
QueryPerformanceFrequency
GetLocaleInfoW
GetFileAttributesW
FindResourceW
LockResource
LoadResource
SizeofResource
GetCommandLineW
LocalFree
GetPrivateProfileSectionW
VirtualQuery
GetPrivateProfileIntW
WriteConsoleW
RaiseException
GetLastError
GetSystemInfo
LoadLibraryExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
CreateFileW
MultiByteToWideChar
InterlockedFlushSList
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlUnwind
ExitProcess
GetModuleFileNameA
WideCharToMultiByte
GetFileType
GetACP
HeapAlloc
HeapReAlloc
HeapFree
LCMapStringW
GetStdHandle
GetStringTypeW
DecodePointer
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
GetConsoleMode
HeapSize
FlushFileBuffers
WriteFile
GetConsoleCP

user32

MessageBoxW
GetWindowRect
GetDesktopWindow

Exports

Exports

DeleteSpecialVehicleFeature
DisableStockVehiclesForSpecialVehicleFeature
GetBuildNumber
RegisterSpecialVehicleFeature

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/_ESSENTIALS/SilentPatch/SilentPatchSA.ini
modloader/_ESSENTIALS/Widescreen Fix by ThirteenAG/GTASA.WidescreenFix.asi
.dll windows x86

f6d1c89726150a3fa26d3f59b922d55a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetModuleHandleExA
Sleep
VirtualProtect
GetModuleHandleA
SetEndOfFile
CreateThread
CreateFileW
WriteConsoleW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
CloseHandle
HeapSize
GetModuleHandleW
GetLastError
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetProcAddress
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
SetFilePointerEx
HeapReAlloc
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

user32

MonitorFromWindow
GetWindowLongW
GetDesktopWindow
GetMonitorInfoW

Sections

.text
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/_ESSENTIALS/Widescreen Fix by ThirteenAG/GTASA.WidescreenFix.ini
modloader/_ESSENTIALS/Widescreen Fix by ThirteenAG/Widescreen Fix.url
.url
modloader/_ESSENTIALS/Widescreen HOR+ Support by Wesser/Widescreen Fix.url
.url
modloader/_ESSENTIALS/Widescreen HOR+ Support by Wesser/wshps.asi
.dll windows x86

47840d12135e9d96be25da3f603bcd73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetLastError
GetModuleFileNameW
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
HeapReAlloc
GetStdHandle
GetFileType
LCMapStringW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetCommandLineA
GetCommandLineW
GetStringTypeW
SetStdHandle
HeapSize
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW
CloseHandle
RaiseException
CreateFileW
GetACP
VirtualProtect

advapi32

SystemFunction036

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/_ESSENTIALS/Windowed Mode/III.VC.SA.CoordsManager.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/_ESSENTIALS/Windowed Mode/III.VC.SA.WindowedMode.asi
.dll windows x86

0f7f7c66914a7329883fcbdcfd4f4595

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
VirtualProtect
GetModuleHandleA
GetTickCount
GetModuleFileNameA
GetModuleHandleExA
WritePrivateProfileStringA
SetEndOfFile
HeapSize
WriteConsoleW
CreateFileW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
HeapReAlloc
SetFilePointerEx
ReadConsoleW
ReadFile
GetConsoleMode
GetLastError
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
HeapFree
GetACP
HeapAlloc
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP

user32

MonitorFromWindow
EnumWindows
GetDesktopWindow
SetWindowLongW
GetWindowLongW
ScreenToClient
GetCursorPos
ShowCursor
AdjustWindowRectEx
GetWindowRect
GetMonitorInfoW
GetWindowTextA
SetWindowTextA
SetForegroundWindow
GetForegroundWindow
AppendMenuA
CreateMenu
SetMenu
GetMenu
GetKeyState
SetWindowPos
CallWindowProcW
SendMessageW
GetClientRect

shell32

ShellExecuteExA

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modloader/_ESSENTIALS/Windowed Mode/III.VC.SA.WindowedMode.ini
vorbisFile.dll
.dll windows x86

4a741a307d02d26b0e6221b1a174adbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
LoadLibraryA
FindNextFileA
FindFirstFileA
VirtualProtect
SetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleFileNameA
GetProcAddress
GetStartupInfoA
GetModuleHandleA
GetCurrentThreadId
DecodePointer
GetCommandLineA
HeapAlloc
GetLastError
HeapFree
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
GetModuleFileNameW
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
CloseHandle
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapReAlloc
LoadLibraryW
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
CreateFileA
HeapSize
IsProcessorFeaturePresent
WriteConsoleW
SetFilePointer
SetEndOfFile
GetProcessHeap
CreateFileW

Exports

Exports

ov_clear
ov_info
ov_open_callbacks
ov_read
ov_time_seek
ov_time_seek_page
ov_time_tell
ov_time_total

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vorbisHooked.dll
.dll windows x86

8ec5f91b35a203372803c35e3faa6597

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ogg

ogg_sync_clear
ogg_stream_init
ogg_sync_wrote
ogg_sync_buffer
ogg_sync_init
ogg_stream_packetout
ogg_stream_pagein
ogg_stream_reset_serialno
ogg_page_serialno
ogg_sync_pageseek
ogg_sync_reset
ogg_page_granulepos
ogg_page_eos
ogg_stream_reset
ogg_page_continued
ogg_stream_packetpeek
ogg_stream_clear

vorbis

vorbis_synthesis_headerin
vorbis_block_clear
vorbis_comment_init
vorbis_info_clear
vorbis_comment_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis_halfrate
vorbis_synthesis_halfrate_p
vorbis_synthesis_restart
vorbis_synthesis_read
vorbis_synthesis_pcmout
vorbis_synthesis_blockin
vorbis_synthesis_trackonly
vorbis_info_blocksize
vorbis_block_init
vorbis_synthesis_init
vorbis_synthesis
_analysis_output_always
vorbis_synthesis_lapout
vorbis_window
vorbis_dsp_clear

kernel32

RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
SetStdHandle
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetProcAddress
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
CloseHandle
ReadFile

Exports

Exports

ov_bitrate
ov_bitrate_instant
ov_clear
ov_comment
ov_crosslap
ov_halfrate
ov_halfrate_p
ov_info
ov_open
ov_open_callbacks
ov_pcm_seek
ov_pcm_seek_lap
ov_pcm_seek_page
ov_pcm_seek_page_lap
ov_pcm_tell
ov_pcm_total
ov_raw_seek
ov_raw_seek_lap
ov_raw_tell
ov_raw_total
ov_read
ov_read_float
ov_seekable
ov_serialnumber
ov_streams
ov_test
ov_test_callbacks
ov_test_open
ov_time_seek
ov_time_seek_lap
ov_time_seek_page
ov_time_seek_page_lap
ov_time_tell
ov_time_total

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib1.dll
.dll windows x86

ab93e46b72d29b4a79c7470b0b55fbb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

vcruntime140

__std_type_info_destroy_list
memchr
memset
_except_handler4_common
memcpy

api-ms-win-crt-stdio-l1-1-0

_wopen
_write
_read
_close
__stdio_common_vsprintf
_open
_lseeki64

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-convert-l1-1-0

wcstombs

api-ms-win-crt-runtime-l1-1-0

_cexit
_initialize_onexit_table
_execute_onexit_table
_errno
strerror
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

InitializeSListHead
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
IsDebuggerPresent
UnhandledExceptionFilter
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId

Exports

Exports

adler32
adler32_combine
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3891fb167d3b92a882ea14c7a56d54a5

Headers

DLL Characteristics

File Characteristics

Imports

bass

kernel32

user32

Exports

Exports

Sections

.text Size: 226KB - Virtual size: 225KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 6KB - Virtual size: 156KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 12KB

af8b9a1135046c22bc21a90218f057ca

Code Sign

1c:9a:c2:ed:a2:78:3f:a8:a2:ad:76:7c:a5:da:63:72Certificate

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

a8:5c:23:a0:07:e4:1e:a9:64:ff:9f:c5:05:3c:eb:ce:25:8f:25:f8Signer

Headers

DLL Characteristics

File Characteristics

Imports

cleo.asi

kernel32

user32

Exports

Exports

Sections

.text Size: 369KB - Virtual size: 369KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 117KB - Virtual size: 245KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 31KB - Virtual size: 31KB

dffc22e192845817859859bcb035ab68

Headers

DLL Characteristics

File Characteristics

Imports

cleo.asi

kernel32

user32

Sections

.text Size: 62KB - Virtual size: 62KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

cebde476285745a8946f05941d9663bf

Headers

DLL Characteristics

File Characteristics

Imports

cleo.asi

kernel32

user32

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

cde885c3c2ca26d4a18ae494285a2c31

Headers

DLL Characteristics

.text
Size: 226KB - Virtual size: 225KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 6KB - Virtual size: 156KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB

1c:9a:c2:ed:a2:78:3f:a8:a2:ad:76:7c:a5:da:63:72
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

a8:5c:23:a0:07:e4:1e:a9:64:ff:9f:c5:05:3c:eb:ce:25:8f:25:f8
Signer

.text
Size: 369KB - Virtual size: 369KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 117KB - Virtual size: 245KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 31KB - Virtual size: 31KB

.text
Size: 62KB - Virtual size: 62KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB

1c:9a:c2:ed:a2:78:3f:a8:a2:ad:76:7c:a5:da:63:72
Certificate

32:cd:f5:ed:00:87:88:bd:c9:45:74:3a:5e:a4:43:1f:29:db:33:8d
Signer

.text
Size: 334KB - Virtual size: 333KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 13KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 16KB - Virtual size: 15KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 576B - Virtual size: 4KB

.text
Size: 4.3MB - Virtual size: 4.3MB

_rwcseg
Size: 1KB - Virtual size: 4KB