mod[.]geode | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

mod.geode
Size

1.1MB
MD5

39b079a96604e79fd423ff38fde29859
SHA1

3754ba053aca3926a6453a65590420fdfb5de0de
SHA256

214c60d3c4ab90575b6f8ed64dd6d6dfcafb522360ca05bd6dc6252725f10a5d
SHA512

ce4bd754b6dc39ebc5a59429621db420ed626fcaf405d5abb9988d623e4a2f8d93134ec13abe5a9bebeb5d43f02e2e5d6e7d3fb57c28de8d7eee98006275f94c
SSDEEP

24576:yNEVJGi0cKAUhQaW07fbiLADZ8jy6GjckZxC9T3jm5:gEP3ih77fbwqGy6GjckO9T3m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/camila314.startswitcher.dll

Files

mod.geode
.zip
.geode_cache
about.md
camila314.startswitcher.dll
.dll windows:6 windows x86 arch:x86

1570002662a32ab754dc27257c2f89c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libcocos2d

?vec2FromString@DS_Dictionary@@AAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVCCPoint@cocos2d@@@Z
?create@CCLabelBMFont@cocos2d@@SAPAV12@PBD0@Z
?sharedDirector@CCDirector@cocos2d@@SAPAV12@XZ
?create@CCTintTo@cocos2d@@SAPAV12@MEEE@Z
?create@CCFadeTo@cocos2d@@SAPAV12@ME@Z
?createWithVariableList@CCSequence@cocos2d@@SAPAV12@PAVCCFiniteTimeAction@2@PAD@Z
?runAction@CCNode@cocos2d@@QAEPAVCCAction@2@PAV32@@Z
?retain@CCObject@cocos2d@@QAEXXZ
?addBoolValuesToMapForKey@DS_Dictionary@@QAEXAAV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_NU?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@std@@@2@@std@@PBD_N@Z
?addBoolValuesToMapForKeySpecial@DS_Dictionary@@QAEXAAV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_NU?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@std@@@2@@std@@PBD_N@Z
?addSuffix@CCFileUtils@cocos2d@@MAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@0@Z
?base64DecodeEnc@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@0@Z
?base64EncodeEnc@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@0@Z
?base64URLDecode@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@@Z
?base64URLEncode@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@@Z
?charForKey@CCDictionary@cocos2d@@QAEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?checkForGLExtension@CCConfiguration@cocos2d@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?cleanStringWhiteSpace@DS_Dictionary@@AAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
?compressString@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@_NH@Z
?create@CCEGLView@cocos2d@@SAPAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?create@CCString@cocos2d@@SAPAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?createCCArrayWithContentsOfFile@CCFileUtils@cocos2d@@MAEPAVCCArray@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?createCCDictionaryWithContentsOfFile@CCFileUtils@cocos2d@@MAEPAVCCDictionary@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?createWithFullScreen@CCEGLView@cocos2d@@SAPAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?createWithFullScreen@CCEGLView@cocos2d@@SAPAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABUGLFWvidmode@@PAUGLFWmonitor@@@Z
?createWithRect@CCEGLView@cocos2d@@SAPAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCCRect@2@M@Z
?decompressString2@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAE_NHH@Z
?decompressString@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@_NH@Z
?encryptDecrypt@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@H@Z
?encryptDecryptWKey@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@0@Z
?fullPathForFilename@CCFileUtils@cocos2d@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD_N@Z
?fullPathForFilename@CCFileUtilsWin32@cocos2d@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?getAllKeys@DS_Dictionary@@QAE?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?getAndroidPath@CCFileUtils@cocos2d@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getFirstKey@CCDictionary@cocos2d@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getFrameName@CCSpriteFrame@cocos2d@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getFullPathForDirectoryAndFilename@CCFileUtils@cocos2d@@MAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@0@Z
?getKey@DS_Dictionary@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?getNewFilename@CCFileUtils@cocos2d@@MAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?getPathForFilename@CCFileUtils@cocos2d@@MAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@00@Z
?getPathForFilename@CCFileUtilsWin32@cocos2d@@MAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@00@Z
?getResourceRootPath@CCApplication@cocos2d@@QAEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getResult@CCPrettyPrinter@cocos2d@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getSearchPaths@CCFileUtils@cocos2d@@UAEABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?getSearchResolutionsOrder@CCFileUtils@cocos2d@@UAEABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?getStartupScriptFilename@CCApplication@cocos2d@@QAEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getStringArrayForKey@DS_Dictionary@@QAE?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@PBD@Z
?getStringForKey@CCUserDefault@cocos2d@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?getStringForKey@CCUserDefault@cocos2d@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDABV34@@Z
?getStringForKey@DS_Dictionary@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?getWritablePath2@CCFileUtils@cocos2d@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getWritablePath2@CCFileUtilsWin32@cocos2d@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getWritablePath@CCFileUtilsWin32@cocos2d@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getXMLFilePath@CCUserDefault@cocos2d@@SAABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?hexToChar@ZipUtils@cocos2d@@SAEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?initWithFullScreen@CCEGLView@cocos2d@@IAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?initWithFullscreen@CCEGLView@cocos2d@@IAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABUGLFWvidmode@@PAUGLFWmonitor@@@Z
?initWithRect@CCEGLView@cocos2d@@IAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@VCCRect@2@M@Z
?isAbsolutePath@CCFileUtils@cocos2d@@UAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?isAbsolutePath@CCFileUtilsWin32@cocos2d@@UAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?isFileExist@CCFileUtilsWin32@cocos2d@@UAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?loadRootSubDictFromString@DS_Dictionary@@QAE_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?m_sFilePath@CCUserDefault@cocos2d@@0V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@A
?objectForKey@CCDictionary@cocos2d@@QAEPAVCCObject@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?parseCharacterDefinition@CCBMFontConfiguration@cocos2d@@AAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAU_BMFontDef@2@@Z
?parseCommonArguments@CCBMFontConfiguration@cocos2d@@AAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?parseImageFileName@CCBMFontConfiguration@cocos2d@@AAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?parseInfoArguments@CCBMFontConfiguration@cocos2d@@AAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?parseKerningEntry@CCBMFontConfiguration@cocos2d@@AAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?rectFromString@DS_Dictionary@@AAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVCCRect@cocos2d@@@Z
?removeObjectForKey@CCDictionary@cocos2d@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?saveRootSubDictToString@DS_Dictionary@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?setAndroidPath@CCFileUtils@cocos2d@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setBoolMapForKey@DS_Dictionary@@QAEXPBDAAV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_NU?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@std@@@2@@std@@@Z
?setFrameName@CCSpriteFrame@cocos2d@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setObject@CCDictionary@cocos2d@@QAEXPAVCCObject@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setObjectUnSafe@CCDictionary@cocos2d@@AAEXPAVCCObject@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setResourceRootPath@CCApplication@cocos2d@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setSearchPaths@CCFileUtils@cocos2d@@UAEXABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@Z
?setSearchResolutionsOrder@CCFileUtils@cocos2d@@UAEXABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@Z
?setStartupScriptFilename@CCApplication@cocos2d@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setStringArrayForKey@DS_Dictionary@@QAEXPBDABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@Z
?setStringArrayForKey@DS_Dictionary@@QAEXPBDABV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@_N@Z
?setStringForKey@CCUserDefault@cocos2d@@QAEXPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setStringForKey@DS_Dictionary@@QAEXPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setStringForKey@DS_Dictionary@@QAEXPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?showMessage@CCEGLView@cocos2d@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?split@DS_Dictionary@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@@Z
?splitWithForm@DS_Dictionary@@AAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@3@@Z
?urlDecode@ZipUtils@cocos2d@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?utf8Togbk@CCFileUtilsWin32@cocos2d@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?valueForKey@CCDictionary@cocos2d@@QAEPBVCCString@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?writeToFile@CCFileUtils@cocos2d@@MAE_NPAVCCDictionary@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

geode

??0ComponentTrait@log@geode@@QAE@XZ
?createWrapper@hook@geode@@YA?AV?$Result@PAXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@1tulip@@PAXABVWrapperMetadata@14@@Z
?addHook@Mod@geode@@QAE?AV?$Result@PAVHook@geode@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@PAVHook@2@@Z
?get@Loader@geode@@SAPAV12@XZ
?takeNextMod@Loader@geode@@IAEPAVMod@2@XZ
?push@Logger@log@geode@@SAX$$QAVLog@23@@Z
?createConvention@hook@geode@@YA?AV?$shared_ptr@VCallingConvention@hook@tulip@@@std@@W4TulipConvention@1tulip@@@Z
?create@Hook@geode@@SAPAV12@PAVMod@2@PAX1ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVHandlerMetadata@hook@tulip@@ABVHookMetadata@78@@Z
?getDisplayName@Hook@geode@@QBE?AV?$basic_string_view@DU?$char_traits@D@std@@@std@@XZ
??1ComponentTrait@log@geode@@UAE@XZ
??0Log@log@geode@@QAE@PAVMod@2@USeverity@2@@Z
??1Log@log@geode@@QAE@XZ
?addFormatNew@Log@log@geode@@QAE?AV?$Result@Umonostate@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@3@V?$basic_string_view@DU?$char_traits@D@std@@@std@@V?$span@PAUComponentTrait@log@geode@@$0PPPPPPPP@@6@@Z

kernel32

IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
TerminateProcess
GetModuleHandleA
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetSystemTimeAsFileTime

msvcp140

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Xlength_error@std@@YAXPBD@Z
?uncaught_exceptions@std@@YAHXZ

vcruntime140

memcpy
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memmove
memset
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_cexit
_seh_filter_dll
_configure_narrow_argv
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
camila314.startswitcher.dylib
.dylib macos arch:x64
logo.png
.png
mod.json

Sharing

General

Malware Config

Signatures

Files

1570002662a32ab754dc27257c2f89c0

Headers

DLL Characteristics

File Characteristics

Imports

libcocos2d

geode

kernel32

msvcp140

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 2KB