RUST ЧИТЫ_hbrRU2GCTXXr9Mu[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

RUST ЧИТЫ_hbrRU2GCTXXr9Mu.rar
Size

6.6MB
MD5

a9ee98ef4aa524f493eb5081652fc7ea
SHA1

828c4b6a98d68e88ff7144b33baea49f19e12fdc
SHA256

347e6615cba0c37183f46571a210ed670f32959784818f42f8874b18e145bbdf
SHA512

86c5e2a1156f06664c5cbc2d076e5d5b50b749a4a0e366053a7606024712a60e0009ddbd78d1a2e43e4a7db5fc07bcfda031e8fdcba8ca0fcea3e6a05c502f7d
SSDEEP

98304:f/6Jg2qrwflCqATgv4OVGanSrJmoGbyE3OkydUBo7H7Jz7H7J4rWEHONCI9LXkC:fSm2qrMm44ONox2nOoORzR4rW9CIR9

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BIG-DICK_FREE/BIG-DICK_FREE.dll
unpack001/HYDRA/HYDRA.dll
unpack001/HitScan/HitScan.dll
unpack001/Xenos injector/Xenos64.exe

Files

RUST ЧИТЫ_hbrRU2GCTXXr9Mu.rar
.rar
BIG-DICK_FREE/BIG-DICK_FREE.dll
.dll windows:6 windows x64

136147a4b501bb58044fa78cbe7f8b4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-memory-l1-1-0

VirtualFree
VirtualProtect
VirtualAlloc
VirtualQuery

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
GetProcAddress
GetModuleHandleA
DisableThreadLibraryCalls

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics

api-ms-win-core-heap-l2-1-0

GlobalFree
GlobalAlloc

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalLock

d3dcompiler_47

D3DCompile

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo

api-ms-win-core-heap-l1-1-0

HeapCreate
HeapFree
HeapReAlloc
HeapAlloc

api-ms-win-core-processthreads-l1-1-0

OpenThread
SuspendThread
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
ResumeThread

api-ms-win-core-toolhelp-l1-1-0

Thread32Next
CreateToolhelp32Snapshot
Thread32First

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-processthreads-l1-1-1

GetThreadContext
SetThreadContext
FlushInstructionCache

msvcp140

_Xtime_get_ticks
_Query_perf_counter
_Thrd_sleep
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Query_perf_frequency
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

d3d11

D3D11CreateDeviceAndSwapChain

winmm

PlaySoundA

user32

CallWindowProcW
GetKeyState
SetWindowLongPtrW
GetAsyncKeyState
GetCapture
FindWindowA
GetClipboardData
ScreenToClient
ClientToScreen
IsChild
EmptyClipboard
GetForegroundWindow
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
GetClientRect
SetCursor
SetCapture
LoadCursorW
SetClipboardData

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

kernel32

WakeAllConditionVariable
ReleaseSRWLockExclusive
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SleepConditionVariableSRW
AcquireSRWLockExclusive
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext

vcruntime140

memchr
__std_type_info_destroy_list
memset
memcmp
__C_specific_handler
memmove
_CxxThrowException
strstr
memcpy
__std_exception_destroy
__std_exception_copy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vsprintf
_wfopen
fclose
fread
fseek
fflush
ftell
__stdio_common_vswprintf
__stdio_common_vfprintf
fwrite
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

strncpy
strcmp

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-utility-l1-1-0

srand
rand
qsort

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-convert-l1-1-0

atof

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-math-l1-1-0

powf
acosf
atan2f
fmodf

Sections

.text
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HYDRA/HYDRA.dll
.dll windows:6 windows x64

136147a4b501bb58044fa78cbe7f8b4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-memory-l1-1-0

VirtualFree
VirtualProtect
VirtualAlloc
VirtualQuery

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
GetProcAddress
GetModuleHandleA
DisableThreadLibraryCalls

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics

api-ms-win-core-heap-l2-1-0

GlobalFree
GlobalAlloc

api-ms-win-core-heap-obsolete-l1-1-0

GlobalUnlock
GlobalLock

d3dcompiler_47

D3DCompile

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo

api-ms-win-core-heap-l1-1-0

HeapCreate
HeapFree
HeapReAlloc
HeapAlloc

api-ms-win-core-processthreads-l1-1-0

OpenThread
SuspendThread
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
ResumeThread

api-ms-win-core-toolhelp-l1-1-0

Thread32Next
CreateToolhelp32Snapshot
Thread32First

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-processthreads-l1-1-1

GetThreadContext
SetThreadContext
FlushInstructionCache

msvcp140

_Xtime_get_ticks
_Query_perf_counter
_Thrd_sleep
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Query_perf_frequency
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

d3d11

D3D11CreateDeviceAndSwapChain

winmm

PlaySoundA

user32

CallWindowProcW
GetKeyState
SetWindowLongPtrW
GetAsyncKeyState
GetCapture
FindWindowA
GetClipboardData
ScreenToClient
ClientToScreen
IsChild
EmptyClipboard
GetForegroundWindow
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
GetClientRect
SetCursor
SetCapture
LoadCursorW
SetClipboardData

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

kernel32

WakeAllConditionVariable
ReleaseSRWLockExclusive
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SleepConditionVariableSRW
AcquireSRWLockExclusive
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext

vcruntime140

memchr
__std_type_info_destroy_list
memset
memcmp
__C_specific_handler
memmove
_CxxThrowException
strstr
memcpy
__std_exception_destroy
__std_exception_copy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vsprintf
_wfopen
fclose
fread
fseek
fflush
ftell
__stdio_common_vswprintf
__stdio_common_vfprintf
fwrite
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

strncpy
strcmp

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-utility-l1-1-0

srand
rand
qsort

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-convert-l1-1-0

atof

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-math-l1-1-0

powf
acosf
atan2f
fmodf

Sections

.text
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HitScan/HitScan.dll
.dll windows:6 windows x64

85abe990112c7394b5d3bbb05cb2e647

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcp140

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Xout_of_range@std@@YAXPEBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
_Cnd_destroy_in_situ
_Cnd_broadcast
_Mtx_unlock
_Thrd_join
_Xtime_get_ticks
_Thrd_id
_Cnd_do_broadcast_at_thread_exit
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
_Cnd_timedwait
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_init_in_situ
_Mtx_current_owns
?_Xlength_error@std@@YAXPEBD@Z

user32

GetCursorPos
EnumWindows
GetAsyncKeyState
GetKeyState
ScreenToClient
GetCapture
ClientToScreen
TrackMouseEvent
GetForegroundWindow
LoadCursorW
SetCapture
SetCursor
GetClientRect
IsWindowUnicode
ReleaseCapture
SetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
GetSystemMetrics
SetWindowLongPtrW
MessageBoxW
CallWindowProcW
GetWindowThreadProcessId
SetClipboardData

d3d11

D3D11CreateDeviceAndSwapChain

urlmon

URLDownloadToFileA

kernel32

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetFileSizeEx
CreateFileA
SetLastError
OpenThread
SetThreadContext
FlushInstructionCache
GetModuleHandleW
GetThreadContext
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
GetCurrentThreadId
SetUnhandledExceptionFilter
Thread32Next
GetCurrentProcess
VirtualProtect
HeapCreate
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualFree
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
QueryPerformanceCounter
CreateDirectoryA
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
GetProcAddress
Beep
HeapDestroy
SetFileAttributesA
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
UnhandledExceptionFilter
LocalFree
FormatMessageA
GetLocaleInfoEx
FindFirstFileW
FindFirstFileExW
FindNextFileW
Thread32First
CreateThread
OutputDebugStringW
GetFileInformationByHandleEx
AreFileApisANSI
GetFileAttributesExW
ReadFile
WriteFile
PeekNamedPipe
CreateFileW
GetLastError
CloseHandle
GetCurrentProcessId
WaitNamedPipeW
lstrlenW
GetModuleFileNameW
MultiByteToWideChar
SizeofResource
GetVolumeInformationW
FindFirstFileA
HeapFree
FindNextFileA
InitializeCriticalSectionEx
FindClose
GetModuleHandleA
HeapSize
Sleep
GetCurrentThread
LockResource
QueryPerformanceFrequency
HeapReAlloc
RaiseException

advapi32

GetUserNameA
RegSetValueExW
RegCreateKeyExW
RegCloseKey

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

winmm

PlaySoundA

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow

d3dcompiler_47

D3DCompile

vcruntime140

memcpy
strrchr
longjmp
memmove
memchr
memcmp
__intrinsic_setjmp
memset
strstr
_purecall
__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__C_specific_handler

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initterm_e
system
_initterm
terminate
_beginthreadex
_cexit
_errno
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_invalid_parameter_noinfo

api-ms-win-crt-time-l1-1-0

asctime
_localtime64
_time64

api-ms-win-crt-stdio-l1-1-0

fseek
ftell
__stdio_common_vsscanf
_wfopen
fwrite
__stdio_common_vsprintf_s
__acrt_iob_func
fflush
fread
__stdio_common_vfprintf
fputs
fclose
fopen_s
__stdio_common_vswprintf
__stdio_common_vsprintf

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-string-l1-1-0

strncpy
strcmp
strncmp
strcpy_s

api-ms-win-crt-filesystem-l1-1-0

_stat64i32
remove
_mkdir

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-convert-l1-1-0

strtol
atof

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

api-ms-win-crt-math-l1-1-0

acosf
atan2f
powf
fmodf
asinf

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Xenos injector/Changelog.txt
Xenos injector/Readme.txt
Xenos injector/Xenos.log
Xenos injector/Xenos64.exe
.exe windows:4 windows x86

d5d9d937853db8b666bd4b525813d7bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA

kernel32

LockResource
lstrlenA
CloseHandle
CreateFileA
ExitProcess
FindResourceA
FreeResource
GetCommandLineA
GetEnvironmentVariableA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
HeapAlloc
HeapFree
LoadLibraryA
LoadResource
lstrcpynA
RtlMoveMemory
SetFileAttributesA
SizeofResource
WriteFile
lstrcatA
lstrcpyA

user32

CreateWindowExA
DefWindowProcA
DispatchMessageA
GetMessageA
LoadCursorA
LoadIconA
MessageBoxA
PostQuitMessage
RegisterClassExA
SendMessageA
ShowWindow
TranslateMessage
UpdateWindow

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Xenos injector/XenosCurrentProfile.xpr
ПРОЧИТЫЙ ПЕРЕД УСТАНОВКОЙ .txt

Sharing

General

Malware Config

Signatures

Files

136147a4b501bb58044fa78cbe7f8b4c

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-memory-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-ntuser-sysparams-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-heap-obsolete-l1-1-0

d3dcompiler_47

api-ms-win-core-string-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-toolhelp-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-processthreads-l1-1-1

msvcp140

d3d11

winmm

user32

imm32

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

vcruntime140_1

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 374KB - Virtual size: 373KB

.rdata Size: 217KB - Virtual size: 216KB

.data Size: 1.1MB - Virtual size: 1.1MB

.pdata Size: 13KB - Virtual size: 13KB

_RDATA Size: 9KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 364B

136147a4b501bb58044fa78cbe7f8b4c

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-core-memory-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-ntuser-sysparams-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-heap-obsolete-l1-1-0

d3dcompiler_47

api-ms-win-core-string-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-toolhelp-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-processthreads-l1-1-1

msvcp140

d3d11

winmm

user32

imm32

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

.text
Size: 374KB - Virtual size: 373KB

.rdata
Size: 217KB - Virtual size: 216KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.pdata
Size: 13KB - Virtual size: 13KB

_RDATA
Size: 9KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 364B

.text
Size: 374KB - Virtual size: 373KB

.rdata
Size: 217KB - Virtual size: 216KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.pdata
Size: 13KB - Virtual size: 13KB

_RDATA
Size: 9KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 364B

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 303KB - Virtual size: 524KB

.pdata
Size: 46KB - Virtual size: 46KB

.detourc
Size: 9KB - Virtual size: 8KB

.detourd
Size: 512B - Virtual size: 24B

_RDATA
Size: 9KB - Virtual size: 8KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 53KB

.rsrc
Size: 3.7MB - Virtual size: 3.7MB