ModEngine-2[.]0[.]0-preview4-win64[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

ModEngine-2.0.0-preview4-win64.zip
Size

6.2MB
MD5

9daf6d77bbcfd1293812be71fa24a1da
SHA1

a047922df452205cd03ab636fa732a67897b9601
SHA256

5b75b06fe504fe39dfd51cfe2ed433a89a07696c1dc02c3dcd9a70ee6c74ffd5
SHA512

f5b4f2295437e8e092f28c2c43ab6bd181c6b7ec33f6039ff03088a2ef2c4b03f36e2527ec49548d956d054cf59b43b3adfee017392b0abc8ac0dc51177ddc33
SSDEEP

196608:mWdOSl3260o8X7aHiwJ6v2M6P8cS4PagTQu:LdOSNjBrCwtM9cS4ioh

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/modengine2/bin/lua.dll
unpack001/modengine2/bin/modengine2.dll
unpack001/modengine2/crashpad/crashpad_handler.exe
unpack001/modengine2/crashpad/zlib1.dll
unpack001/modengine2/tools/scyllahide/HookLibraryx64.dll
unpack001/modengine2/tools/scyllahide/InjectorCLIx64.exe
unpack001/modengine2_launcher.exe

Files

ModEngine-2.0.0-preview4-win64.zip
.zip
README.txt
config_darksouls3.toml
config_eldenring.toml
launchmod_darksouls3.bat
launchmod_eldenring.bat
modengine2/assets/debug_menu/adhoc/FontShader/debugFont_ps.ppo
modengine2/assets/debug_menu/adhoc/FontShader/debugFont_vs.vpo
modengine2/assets/debug_menu/font/DSFont24.ccm
modengine2/assets/debug_menu/font/DSFont24.tpf
modengine2/assets/debug_menu/font/TalkFont24.ccm
modengine2/assets/debug_menu/font/TalkFont24.tpf
modengine2/assets/debug_menu/font/dbgfont14h.ccm
modengine2/assets/debug_menu/font/dbgfont14h.tpf
modengine2/assets/debug_menu/paramdef/paramdef.paramdefbnd.dcx
modengine2/assets/debug_menu/stayparamdef/stayparamdef.parambnd.dcx
modengine2/assets/debug_menu/testdata/debugBootMenu.textlist
modengine2/assets/debug_menu/testdata/signboard/testsignboard.pwt
modengine2/bin/lua.dll
.dll windows:6 windows x64 arch:x64

a3334a4c6ae84c95b970e89aa0e15a8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
FreeLibrary
GetModuleFileNameA
GetProcAddress
LoadLibraryExA
FormatMessageA
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

vcruntime140

memchr
__intrinsic_setjmp
__C_specific_handler
memcmp
strrchr
__std_type_info_destroy_list
longjmp
memset
strchr
memcpy
strstr

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
exit
system
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
_initterm_e
_initterm
strerror
_errno

api-ms-win-crt-stdio-l1-1-0

getc
tmpnam
freopen
fread
fopen
fflush
__stdio_common_vfprintf
ferror
feof
fwrite
fgets
clearerr
fclose
_fseeki64
_ftelli64
_pclose
_popen
setvbuf
__stdio_common_vsprintf
tmpfile
ungetc
__acrt_iob_func

api-ms-win-crt-heap-l1-1-0

realloc
free

api-ms-win-crt-string-l1-1-0

strcoll
isalnum
tolower
iscntrl
strncmp
isgraph
ispunct
islower
isupper
isalpha
toupper
isdigit
strspn
isxdigit
isspace
strpbrk

api-ms-win-crt-math-l1-1-0

frexp
ldexp
tan
sin
pow
acos
asin
atan2
ceil
cos
exp
floor
fmod
log
log10
log2
sqrt

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale

api-ms-win-crt-time-l1-1-0

_gmtime64
_localtime64
strftime
clock
_mktime64
_time64
_difftime64

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-convert-l1-1-0

strtod

api-ms-win-crt-filesystem-l1-1-0

rename
remove

Exports

Exports

luaL_addgsub
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_buffinitsize
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_checkversion_
luaL_error
luaL_execresult
luaL_fileresult
luaL_getmetafield
luaL_getsubtable
luaL_gsub
luaL_len
luaL_loadbufferx
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffsize
luaL_pushresult
luaL_pushresultsize
luaL_ref
luaL_requiref
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_tolstring
luaL_traceback
luaL_typeerror
luaL_unref
luaL_where
lua_absindex
lua_arith
lua_atpanic
lua_callk
lua_checkstack
lua_close
lua_closeslot
lua_compare
lua_concat
lua_copy
lua_createtable
lua_dump
lua_error
lua_gc
lua_getallocf
lua_getfield
lua_getglobal
lua_gethook
lua_gethookcount
lua_gethookmask
lua_geti
lua_getinfo
lua_getiuservalue
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_iscfunction
lua_isinteger
lua_isnumber
lua_isstring
lua_isuserdata
lua_isyieldable
lua_len
lua_load
lua_newstate
lua_newthread
lua_newuserdatauv
lua_next
lua_pcallk
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawgetp
lua_rawlen
lua_rawset
lua_rawseti
lua_rawsetp
lua_resetthread
lua_resume
lua_rotate
lua_setallocf
lua_setcstacklimit
lua_setfield
lua_setglobal
lua_sethook
lua_seti
lua_setiuservalue
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_setwarnf
lua_status
lua_stringtonumber
lua_toboolean
lua_tocfunction
lua_toclose
lua_tointegerx
lua_tolstring
lua_tonumberx
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_warning
lua_xmove
lua_yieldk
luaopen_base
luaopen_coroutine
luaopen_debug
luaopen_io
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table
luaopen_utf8

Sections

.text
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modengine2/bin/modengine2.dll
.dll windows:6 windows x64 arch:x64

fe53deadc6c8c71a846eef9de7b074ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

lua

lua_rotate
lua_copy
lua_callk
lua_close
luaL_setfuncs
lua_setupvalue
luaL_openlibs
luaL_loadbufferx
luaL_newstate
luaL_ref
lua_pcallk
lua_absindex
lua_gettop
luaL_error
luaL_unref
luaL_newmetatable
lua_error
lua_setmetatable
lua_seti
lua_setfield
lua_settable
lua_setglobal
lua_getmetatable
lua_newuserdatauv
lua_createtable
lua_rawgeti
lua_rawget
lua_geti
lua_getfield
lua_getglobal
lua_pushlightuserdata
lua_pushboolean
lua_pushcclosure
lua_pushstring
lua_pushlstring
lua_pushinteger
lua_pushnumber
lua_pushnil
lua_rawequal
lua_touserdata
lua_tolstring
lua_toboolean
lua_tointegerx
lua_tonumberx
lua_type
lua_isinteger
lua_xmove
lua_pushvalue
lua_settop

kernel32

AreFileApisANSI
GetFileAttributesExW
FindNextFileW
FindFirstFileW
GetCurrentDirectoryW
GetLocaleInfoEx
GetFileInformationByHandleEx
InitOnceBeginInitialize
InitOnceComplete
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
ResetEvent
GetStdHandle
WriteFile
IsDebuggerPresent
DebugBreak
Sleep
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
VirtualQueryEx
GetModuleFileNameW
GetDynamicTimeZoneInformation
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetModuleHandleW
GetProcAddress
LoadLibraryW
K32EnumProcessModules
VirtualProtect
GetModuleHandleA
GetLastError
CreateThread
WideCharToMultiByte
TlsAlloc
TlsGetValue
TlsSetValue
GlobalAlloc
CloseHandle
WaitForSingleObject
CreateProcessW
GetSystemDirectoryA
GlobalUnlock
WaitForSingleObjectEx
GlobalFree
MultiByteToWideChar
VerSetConditionMask
QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryA
VerifyVersionInfoW
GetFileAttributesA
AllocConsole
SetLastError
VirtualQuery
TerminateProcess
ResumeThread
OpenProcess
VirtualProtectEx
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualFree
CreateDirectoryW
CreateFileW
DeleteFileW
GetFileAttributesW
LockFileEx
SetEndOfFile
UnlockFileEx
GetFileType
SetUnhandledExceptionFilter
SetEvent
SleepEx
CreateEventW
GetVersion
FindClose
ReadFile
SetFilePointerEx
InitializeCriticalSection
FormatMessageA
SetNamedPipeHandleState
TransactNamedPipe
CreateNamedPipeW
WaitNamedPipeW
LocalFree
FindFirstFileExW
RemoveDirectoryW
GetSystemTimeAsFileTime
OutputDebugStringW
GetLocalTime
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
GlobalLock
InitializeSListHead

user32

CallWindowProcA
EnumDisplayMonitors
GetMonitorInfoA
MonitorFromWindow
LoadCursorA
SetWindowLongW
SetWindowLongA
GetWindowLongW
WindowFromPoint
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetClientRect
SetWindowTextW
ReleaseDC
GetDC
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
GetKeyState
SetFocus
BringWindowToTop
IsIconic
SetWindowPos
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
IsChild
CreateWindowExA
RegisterClassExA
DefWindowProcA
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowLongPtrA

gdi32

GetDeviceCaps

advapi32

SystemFunction036
ConvertStringSecurityDescriptorToSecurityDescriptorW
BuildSecurityDescriptorW
BuildExplicitAccessWithNameW

ntdll

RtlImageNtHeader

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?pubsetbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAPEAV12@PEAD_J@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?uncaught_exceptions@std@@YAHXZ
?id@?$collate@_W@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
_Wcsxfrm
_Wcscoll
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?id@?$numpunct@_W@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Xbad_alloc@std@@YAXXZ
_Mbrtowc
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
_Xtime_get_ticks
_Thrd_join
_Thrd_id
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_destroy_in_situ
_Cnd_signal
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?id@?$numpunct@D@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPEBD@Z
_Query_perf_counter
_Query_perf_frequency
_Thrd_sleep
_Thrd_yield
_Cnd_do_broadcast_at_thread_exit
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z

msvcp140_atomic_wait

__std_bulk_submit_threadpool_work
__std_create_threadpool_work
__std_parallel_algorithms_hw_threads
__std_close_threadpool_work
__std_wait_for_threadpool_work_callbacks

concrt140

?_Internal_push_back@_Concurrent_vector_base_v4@details@Concurrency@@IEAAPEAX_KAEA_K@Z
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_Internal_capacity@_Concurrent_vector_base_v4@details@Concurrency@@IEBA_KXZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IEAA@XZ
?_Internal_clear@_Concurrent_vector_base_v4@details@Concurrency@@IEAA_KP6AXPEAX_K@Z@Z
?_Segment_index_of@_Concurrent_vector_base_v4@details@Concurrency@@KA_K_K@Z

d3dcompiler_47

D3DCompile

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

vcruntime140

__std_type_info_destroy_list
_purecall
__current_exception_context
__current_exception
__C_specific_handler
strstr
strchr
__std_terminate
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memset
memmove
memcmp
memchr
memcpy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-string-l1-1-0

strncpy
wcslen
strncmp
strcmp
_wcsicmp
isblank
strlen
isdigit
tolower

api-ms-win-crt-heap-l1-1-0

realloc
malloc
_callnewh
_aligned_free
free
calloc

api-ms-win-crt-runtime-l1-1-0

_initterm
_beginthreadex
_initterm_e
terminate
_errno
_invalid_parameter_noinfo_noreturn
abort
_configure_narrow_argv
_seh_filter_dll
_initialize_narrow_environment
_cexit
_crt_atexit
_execute_onexit_table
_initialize_onexit_table
_register_onexit_function
signal

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

acosf
_dsign
_ldsign
_fdsign
_dtest
fmodf
_fdtest
ceilf
powf
logf
atan2f
cosf
sqrtf
pow
_ldtest
fabs
floorf
llround
sinf
log

api-ms-win-crt-stdio-l1-1-0

ungetc
setvbuf
_fseeki64
fsetpos
_wfopen
fseek
ftell
__stdio_common_vsprintf
__stdio_common_vsscanf
fread
fputc
fgetpos
fgetc
fflush
fclose
_get_stream_buffer_pointers
__stdio_common_vswprintf_s
__stdio_common_vsnprintf_s
__stdio_common_vfprintf
__acrt_iob_func
freopen_s
_fsopen
fwrite
__stdio_common_vsprintf_p

api-ms-win-crt-time-l1-1-0

_localtime64_s
strftime
_time64
_mktime64
_gmtime64_s

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func

api-ms-win-crt-filesystem-l1-1-0

_mkdir
_lock_file
remove
_unlock_file
_wstat64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

atof

Exports

Exports

DirectInput8Create

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modengine2/crashpad/crashpad_handler.exe
.exe windows:6 windows x64 arch:x64

b6906ec4a77e0d72f9ab279d58e5584b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LockFileEx
SetEndOfFile
UnlockFileEx
GetLastError
GetStdHandle
GetFileType
CloseHandle
SetEvent
WaitForSingleObject
SleepEx
CreateEventW
Sleep
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
CreateThread
GetCurrentThreadId
CreateProcessW
OpenProcess
GetVersion
OutputDebugStringW
GetLocalTime
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleFileNameW
DuplicateHandle
ConnectNamedPipe
DisconnectNamedPipe
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
UnregisterWaitEx
GetFileAttributesW
GetFileInformationByHandleEx
SetLastError
IsWow64Process
GetModuleHandleW
FormatMessageA
ReadFile
SetFilePointerEx
WriteFile
InitializeCriticalSection
GetProcAddress
LoadLibraryW
GetSystemInfo
VirtualQueryEx
ReadProcessMemory
SetNamedPipeHandleState
TransactNamedPipe
CreateNamedPipeW
WaitNamedPipeW
ReleaseSemaphore
CreateSemaphoreW
LocalFree
RemoveDirectoryW
GetSystemTimeAsFileTime
GetProcessTimes
SuspendThread
ResumeThread
GetProcessId
GetThreadContext
Wow64GetThreadContext
IsProcessorFeaturePresent
GetVersionExW
GetTimeZoneInformation
GetThreadLocale
GetSystemDefaultLCID
GetUserDefaultLCID
WaitForSingleObjectEx
DeleteFileW
CreateFileW
CreateDirectoryW
SetConsoleCtrlHandler
SetProcessShutdownParameters
RegisterWaitForSingleObject
RtlCaptureContext
SetUnhandledExceptionFilter
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
ResetEvent

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
BuildExplicitAccessWithNameW
BuildSecurityDescriptorW
RevertToSelf
ImpersonateNamedPipeClient
SystemFunction036

user32

TranslateMessage
DispatchMessageW
PostMessageW
DefWindowProcW
GetMessageW
GetWindowLongPtrW
DestroyWindow
CreateWindowExW
UnregisterClassW
RegisterClassW
SetWindowLongPtrW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winhttp

WinHttpWriteData
WinHttpCrackUrl
WinHttpOpen
WinHttpCloseHandle
WinHttpSetTimeouts
WinHttpConnect
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpReadData

zlib1

deflateInit2_
zError
deflateEnd
deflate

powrprof

CallNtPowerInformation

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Xbad_alloc@std@@YAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?_Xout_of_range@std@@YAXPEBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memchr
memset
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__current_exception_context
__current_exception
__C_specific_handler
strchr
memmove
memcpy
__std_terminate
memcmp
_purecall

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
__p___wargv
__p___argc
_seh_filter_exe
_set_app_type
_errno
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
_crt_atexit
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
abort
_invoke_watson
terminate
_initialize_onexit_table
_register_onexit_function
signal

api-ms-win-crt-stdio-l1-1-0

fflush
_set_fmode
__stdio_common_vsprintf_p
__acrt_iob_func
__stdio_common_vfprintf
__p__commode
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

isspace
wcsnlen
strnlen
tolower
strncmp
_wcsicmp
wcsncmp

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-filesystem-l1-1-0

_wstat64

api-ms-win-crt-heap-l1-1-0

free
_aligned_free
_callnewh
malloc
_aligned_malloc
_set_new_mode

api-ms-win-crt-convert-l1-1-0

strtoull
strtoul

api-ms-win-crt-math-l1-1-0

_dclass
__setusermatherr

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 357KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modengine2/crashpad/zlib1.dll
.dll windows:6 windows x64 arch:x64

d879d2294039900ef484e0f01607f882

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memmove
memchr
memset
memcpy

api-ms-win-crt-stdio-l1-1-0

_wopen
_write
_read
_close
__stdio_common_vsprintf
_open
_lseeki64

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-convert-l1-1-0

wcstombs

api-ms-win-crt-runtime-l1-1-0

_errno
strerror
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit

kernel32

DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Exports

Exports

adler32
adler32_combine
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine_gen
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modengine2/include/MINT.h
modengine2/include/README.md
modengine2/include/fmt/args.h
modengine2/include/fmt/chrono.h
modengine2/include/fmt/color.h
modengine2/include/fmt/compile.h
modengine2/include/fmt/core.h
modengine2/include/fmt/format-inl.h
modengine2/include/fmt/format.h
modengine2/include/fmt/locale.h
modengine2/include/fmt/os.h
modengine2/include/fmt/ostream.h
modengine2/include/fmt/printf.h
modengine2/include/fmt/ranges.h
modengine2/include/fmt/xchar.h
modengine2/include/lauxlib.h
modengine2/include/lua.h
modengine2/include/lua.hpp
modengine2/include/luaconf.h
modengine2/include/lualib.h
modengine2/include/modengine/extension.h
modengine2/include/modengine/extension_logger.h
modengine2/include/modengine/game_type.h
modengine2/include/modengine/hook.h
modengine2/include/modengine/settings.h
modengine2/include/modengine/util/memory_scanner.h
modengine2/include/sol/config.hpp
modengine2/include/sol/forward.hpp
modengine2/include/sol/sol.hpp
modengine2/include/spdlog/async.h
modengine2/include/spdlog/async_logger-inl.h
modengine2/include/spdlog/async_logger.h
modengine2/include/spdlog/cfg/argv.h
modengine2/include/spdlog/cfg/env.h
modengine2/include/spdlog/cfg/helpers-inl.h
modengine2/include/spdlog/cfg/helpers.h
modengine2/include/spdlog/common-inl.h
modengine2/include/spdlog/common.h
modengine2/include/spdlog/details/backtracer-inl.h
modengine2/include/spdlog/details/backtracer.h
modengine2/include/spdlog/details/circular_q.h
modengine2/include/spdlog/details/console_globals.h
modengine2/include/spdlog/details/file_helper-inl.h
modengine2/include/spdlog/details/file_helper.h
modengine2/include/spdlog/details/fmt_helper.h
modengine2/include/spdlog/details/log_msg-inl.h
modengine2/include/spdlog/details/log_msg.h
modengine2/include/spdlog/details/log_msg_buffer-inl.h
modengine2/include/spdlog/details/log_msg_buffer.h
modengine2/include/spdlog/details/mpmc_blocking_q.h
modengine2/include/spdlog/details/null_mutex.h
modengine2/include/spdlog/details/os-inl.h
modengine2/include/spdlog/details/os.h
modengine2/include/spdlog/details/periodic_worker-inl.h
modengine2/include/spdlog/details/periodic_worker.h
modengine2/include/spdlog/details/registry-inl.h
modengine2/include/spdlog/details/registry.h
modengine2/include/spdlog/details/synchronous_factory.h
modengine2/include/spdlog/details/tcp_client-windows.h
modengine2/include/spdlog/details/tcp_client.h
modengine2/include/spdlog/details/thread_pool-inl.h
modengine2/include/spdlog/details/thread_pool.h
modengine2/include/spdlog/details/udp_client-windows.h
modengine2/include/spdlog/details/udp_client.h
modengine2/include/spdlog/details/windows_include.h
modengine2/include/spdlog/fmt/bin_to_hex.h
modengine2/include/spdlog/fmt/chrono.h
modengine2/include/spdlog/fmt/compile.h
modengine2/include/spdlog/fmt/fmt.h
modengine2/include/spdlog/fmt/ostr.h
modengine2/include/spdlog/fmt/ranges.h
modengine2/include/spdlog/fmt/xchar.h
modengine2/include/spdlog/formatter.h
modengine2/include/spdlog/fwd.h
modengine2/include/spdlog/logger-inl.h
modengine2/include/spdlog/logger.h
modengine2/include/spdlog/pattern_formatter-inl.h
modengine2/include/spdlog/pattern_formatter.h
modengine2/include/spdlog/sinks/android_sink.h
modengine2/include/spdlog/sinks/ansicolor_sink-inl.h
modengine2/include/spdlog/sinks/ansicolor_sink.h
modengine2/include/spdlog/sinks/base_sink-inl.h
modengine2/include/spdlog/sinks/base_sink.h
modengine2/include/spdlog/sinks/basic_file_sink-inl.h
modengine2/include/spdlog/sinks/basic_file_sink.h
modengine2/include/spdlog/sinks/daily_file_sink.h
modengine2/include/spdlog/sinks/dist_sink.h
modengine2/include/spdlog/sinks/dup_filter_sink.h
modengine2/include/spdlog/sinks/hourly_file_sink.h
modengine2/include/spdlog/sinks/mongo_sink.h
.js
modengine2/include/spdlog/sinks/msvc_sink.h
modengine2/include/spdlog/sinks/null_sink.h
modengine2/include/spdlog/sinks/ostream_sink.h
modengine2/include/spdlog/sinks/qt_sinks.h
modengine2/include/spdlog/sinks/ringbuffer_sink.h
modengine2/include/spdlog/sinks/rotating_file_sink-inl.h
modengine2/include/spdlog/sinks/rotating_file_sink.h
modengine2/include/spdlog/sinks/sink-inl.h
modengine2/include/spdlog/sinks/sink.h
modengine2/include/spdlog/sinks/stdout_color_sinks-inl.h
modengine2/include/spdlog/sinks/stdout_color_sinks.h
modengine2/include/spdlog/sinks/stdout_sinks-inl.h
modengine2/include/spdlog/sinks/stdout_sinks.h
modengine2/include/spdlog/sinks/syslog_sink.h
modengine2/include/spdlog/sinks/systemd_sink.h
modengine2/include/spdlog/sinks/tcp_sink.h
modengine2/include/spdlog/sinks/udp_sink.h
modengine2/include/spdlog/sinks/win_eventlog_sink.h
.js
modengine2/include/spdlog/sinks/wincolor_sink-inl.h
.vbs
modengine2/include/spdlog/sinks/wincolor_sink.h
modengine2/include/spdlog/spdlog-inl.h
modengine2/include/spdlog/spdlog.h
modengine2/include/spdlog/stopwatch.h
modengine2/include/spdlog/tweakme.h
modengine2/include/spdlog/version.h
modengine2/include/toml++/impl/array.h
modengine2/include/toml++/impl/array.inl
modengine2/include/toml++/impl/at_path.h
modengine2/include/toml++/impl/at_path.inl
modengine2/include/toml++/impl/date_time.h
modengine2/include/toml++/impl/formatter.h
modengine2/include/toml++/impl/formatter.inl
modengine2/include/toml++/impl/forward_declarations.h
modengine2/include/toml++/impl/header_end.h
modengine2/include/toml++/impl/header_start.h
modengine2/include/toml++/impl/json_formatter.h
modengine2/include/toml++/impl/json_formatter.inl
modengine2/include/toml++/impl/key.h
modengine2/include/toml++/impl/make_node.h
modengine2/include/toml++/impl/node.h
modengine2/include/toml++/impl/node.inl
modengine2/include/toml++/impl/node_view.h
modengine2/include/toml++/impl/node_view.inl
modengine2/include/toml++/impl/node_view_extern.inl
modengine2/include/toml++/impl/parse_error.h
modengine2/include/toml++/impl/parse_result.h
modengine2/include/toml++/impl/parser.h
modengine2/include/toml++/impl/parser.inl
.js
modengine2/include/toml++/impl/preprocessor.h
modengine2/include/toml++/impl/print_to_stream.h
modengine2/include/toml++/impl/print_to_stream.inl
modengine2/include/toml++/impl/simd.h
modengine2/include/toml++/impl/source_region.h
modengine2/include/toml++/impl/std_except.h
modengine2/include/toml++/impl/std_initializer_list.h
modengine2/include/toml++/impl/std_map.h
modengine2/include/toml++/impl/std_new.h
modengine2/include/toml++/impl/std_optional.h
modengine2/include/toml++/impl/std_string.h
modengine2/include/toml++/impl/std_string.inl
modengine2/include/toml++/impl/std_utility.h
modengine2/include/toml++/impl/std_vector.h
modengine2/include/toml++/impl/table.h
.js
modengine2/include/toml++/impl/table.inl
modengine2/include/toml++/impl/toml_formatter.h
modengine2/include/toml++/impl/toml_formatter.inl
modengine2/include/toml++/impl/unicode.h
modengine2/include/toml++/impl/unicode.inl
modengine2/include/toml++/impl/value.h
modengine2/include/toml++/impl/value.inl
modengine2/include/toml++/impl/value_extern.inl
modengine2/include/toml++/impl/version.h
modengine2/include/toml++/impl/yaml_formatter.h
modengine2/include/toml++/impl/yaml_formatter.inl
modengine2/include/toml++/toml.h
modengine2/lib/lua.lib
modengine2/lib/modengine2.lib
modengine2/share/cmake/modengine/ModEngineConfig.cmake
modengine2/share/cmake/modengine/ModEngineConfigVersion.cmake
modengine2/share/cmake/modengine/ModEngineTargets-minsizerel.cmake
modengine2/share/cmake/modengine/ModEngineTargets.cmake
modengine2/tools/scyllahide/HookLibraryx64.dll
.dll windows:5 windows x64 arch:x64

73b0a41dd52079dd6cc2d7796cae803b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ntdll

LdrGetProcedureAddress
RtlEqualUnicodeString
LdrGetDllHandle
DbgBreakPoint
RtlImageNtHeader
NtQueryObject
DbgPrint
NtOpenProcessToken
NtFreeVirtualMemory
NtOpenThread
RtlAllocateHeap
NtQuerySystemInformation
NtWriteFile
RtlTimeToTimeFields
NtQueryInformationProcess
NtOpenProcess
RtlInitUnicodeString
RtlDosPathNameToNtPathName_U
NtAllocateVirtualMemory
NtReadVirtualMemory
NtClose
RtlAdjustPrivilege
RtlFreeHeap
NtCreateDebugObject
NtPrivilegeCheck
NtSetInformationProcess
NtQueryInformationThread
NtCreateFile
NtTerminateProcess
LdrDisableThreadCalloutsForDll
memcpy
memset

Exports

Exports

HookDllData
HookedGetLocalTime
HookedGetSystemTime
HookedGetTickCount
HookedGetTickCount64
HookedKiUserExceptionDispatcher
HookedNativeCallInternal
HookedNtClose
HookedNtContinue
HookedNtCreateThread
HookedNtCreateThreadEx
HookedNtDuplicateObject
HookedNtGetContextThread
HookedNtQueryInformationProcess
HookedNtQueryObject
HookedNtQueryPerformanceCounter
HookedNtQuerySystemInformation
HookedNtQuerySystemTime
HookedNtResumeThread
HookedNtSetContextThread
HookedNtSetDebugFilterState
HookedNtSetInformationProcess
HookedNtSetInformationThread
HookedNtUserBlockInput
HookedNtUserBuildHwndList
HookedNtUserBuildHwndList_Eight
HookedNtUserFindWindowEx
HookedNtUserQueryWindow
HookedNtYieldExecution
HookedOutputDebugStringA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modengine2/tools/scyllahide/InjectorCLIx64.exe
.exe windows:5 windows x64 arch:x64

ef494800d4d6b3d20ea9129a8886c068

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlLookupFunctionEntry
RtlUnwindEx
RtlPcToFileHeader
RtlCaptureContext
RtlInitAnsiString
RtlEqualString
RtlGetVersion
LdrAccessResource
LdrFindResource_U
NtResumeThread
RtlFreeHeap
NtClose
RtlImageNtHeader
NtQueryInformationProcess
NtSuspendThread
NtQuerySystemInformation
RtlAllocateHeap
RtlVirtualUnwind
NtOpenThread
RtlUnwind

kernel32

GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
SetEndOfFile
ReadFile
WriteProcessMemory
CreateFileW
OpenProcess
CloseHandle
VirtualProtectEx
GetProcAddress
VirtualAllocEx
GetFileSize
GetCurrentProcessId
GetModuleHandleW
FreeLibrary
FreeEnvironmentStringsW
ReadProcessMemory
VirtualFree
VirtualAlloc
GetModuleHandleA
LoadLibraryA
GetCurrentProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
IsWow64Process
LoadLibraryExW
lstrlenW
GetModuleFileNameW
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
WriteFile
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetTimeZoneInformation
SetFilePointerEx
GetFileSizeEx
GetProcessHeap
SetEnvironmentVariableW
SetStdHandle
VirtualFreeEx
WriteConsoleW
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
HeapSize
GetDateFormatW
GetLastError
QueryPerformanceCounter
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentThreadId
InitializeSListHead
TerminateProcess
RaiseException
ExitProcess
GetModuleHandleExW
GetStdHandle
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree

user32

MessageBoxA

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW

psapi

EnumProcessModules
GetModuleFileNameExW

Sections

.text
Size: 426KB - Virtual size: 425KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
modengine2/tools/scyllahide/scylla_hide.ini
modengine2_launcher.exe
.exe windows:6 windows x64 arch:x64

6c1cb86934b3b4145042c701f7622458

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle
GetLastError
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
GetProcAddress
LoadLibraryW
GetDynamicTimeZoneInformation
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
OutputDebugStringA
SetLastError
TerminateProcess
ResumeThread
IsDebuggerPresent
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
IsWow64Process
MultiByteToWideChar
GetCurrentProcess
GetModuleHandleW
GetSystemTimeAsFileTime
WriteFile
SetEnvironmentVariableW
CreateProcessW
GetStdHandle
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetFileInformationByHandleEx
AreFileApisANSI
GetFullPathNameW
GetFileAttributesExW
FindFirstFileW
FindClose
CreateFileW
GetLocaleInfoEx
FormatMessageA
LocalFree
InitializeSListHead

advapi32

RegCreateKeyExW
RegCloseKey
RegGetValueW

msvcp140

?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Xbad_function_call@std@@YAXXZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$numpunct@D@std@@2V0locale@2@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Xtime_get_ticks
_Thrd_join
_Thrd_id
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_destroy_in_situ
_Cnd_signal
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?tolower@?$ctype@D@std@@QEBADD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??Bios_base@std@@QEBA_NXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

vcruntime140

__current_exception
_purecall
__std_terminate
memchr
memcmp
memcpy
memmove
memset
__std_exception_copy
__std_exception_destroy
__current_exception_context
_CxxThrowException
__C_specific_handler

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

exit
_exit
_initialize_onexit_table
_register_onexit_function
_initterm_e
_initterm
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_errno
_cexit
_seh_filter_exe
_set_app_type
_configure_narrow_argv
_get_initial_narrow_environment
_c_exit
terminate
__p___argc
__p___argv
_register_thread_local_exe_atexit_callback
_crt_atexit

api-ms-win-crt-string-l1-1-0

strlen
wcslen
wcscpy_s
isspace
isdigit

api-ms-win-crt-heap-l1-1-0

calloc
_callnewh
malloc
_set_new_mode
free

api-ms-win-crt-utility-l1-1-0

abs

api-ms-win-crt-convert-l1-1-0

strtoll
strtold

api-ms-win-crt-environment-l1-1-0

getenv
_dupenv_s

api-ms-win-crt-math-l1-1-0

_dsign
_dtest
_ldtest
_fdtest
ceilf
_ldsign
__setusermatherr
_fdsign

api-ms-win-crt-stdio-l1-1-0

_get_stream_buffer_pointers
fclose
fflush
fgetc
fgetpos
setvbuf
fputc
fread
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
fsetpos
__stdio_common_vsnprintf_s
__p__commode
_fseeki64
fwrite
ungetc
__acrt_iob_func
_set_fmode

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-time-l1-1-0

_localtime64_s
strftime
_gmtime64_s

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale
___lc_codepage_func

Sections

.text
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a3334a4c6ae84c95b970e89aa0e15a8f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Exports

Exports

Sections

.text Size: 181KB - Virtual size: 180KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 12KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1024B - Virtual size: 952B

fe53deadc6c8c71a846eef9de7b074ad

Headers

DLL Characteristics

File Characteristics

Imports

lua

kernel32

user32

gdi32

advapi32

ntdll

msvcp140

msvcp140_atomic_wait

concrt140

d3dcompiler_47

imm32

vcruntime140

vcruntime140_1

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 233KB - Virtual size: 233KB

.data Size: 23KB - Virtual size: 37KB

.pdata Size: 65KB - Virtual size: 64KB

.detourc Size: 8KB - Virtual size: 8KB

.detourd Size: 512B - Virtual size: 24B

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 6KB - Virtual size: 5KB

b6906ec4a77e0d72f9ab279d58e5584b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

version

.text
Size: 181KB - Virtual size: 180KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1024B - Virtual size: 952B

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 233KB - Virtual size: 233KB

.data
Size: 23KB - Virtual size: 37KB

.pdata
Size: 65KB - Virtual size: 64KB

.detourc
Size: 8KB - Virtual size: 8KB

.detourd
Size: 512B - Virtual size: 24B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 357KB - Virtual size: 356KB

.rdata
Size: 130KB - Virtual size: 130KB

.data
Size: 8KB - Virtual size: 10KB

.pdata
Size: 20KB - Virtual size: 20KB

CPADinfo
Size: 512B - Virtual size: 56B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 108B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 7KB

.pdata
Size: 1024B - Virtual size: 528B

.reloc
Size: 512B - Virtual size: 96B

.text
Size: 426KB - Virtual size: 425KB

.rdata
Size: 216KB - Virtual size: 215KB