97a7e6f79cec564ad8741186d504f7f5

Sharing

Copy URL Twitter E-mail

General

Target

97a7e6f79cec564ad8741186d504f7f5
Size

419KB
MD5

97a7e6f79cec564ad8741186d504f7f5
SHA1

4d08ec421782650915b6b7c41bb3f45bc970cebf
SHA256

78f117389fc69bcdcd4cbbc56ec971a2735b714bcbc7e11455e3da637618481a
SHA512

67afd0f49381da9158fd8ad8d2ee45bcfb03ab903a710cb776cb092c5300f65ab3a889caddc3acd6628e757389515c0e63e7aacd7f0cc5da7ba35f068c966cda
SSDEEP

6144:zna9UYHdOhkB/HAPvspQeeaQee4QeesQeeKmQeehQeeD7P4Q6eL42Vt5JB57hAOC:W9UY946cPP4oVJB57hzA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97a7e6f79cec564ad8741186d504f7f5

Files

97a7e6f79cec564ad8741186d504f7f5
.dll windows:5 windows x86 arch:x86

7dd22752aaa567bd3311873a3b3f7ef7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Cheat Damage\Kumpulan SC\Cheat Ane\WH Privasi\Release\X-BH.pdb

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
VirtualFree
VirtualAlloc
OutputDebugStringA
GetSystemInfo
IsProcessorFeaturePresent
WriteFile
GetLastError
CreateFileA
CloseHandle
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
InterlockedIncrement
InterlockedDecrement
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
RtlUnwind
GetModuleHandleW
GetVersionExA
LCMapStringA
LCMapStringW
GetCPInfo
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapCreate
HeapDestroy
HeapReAlloc
ReadFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
SetFilePointer
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
VirtualQuery
LoadLibraryA
GetProcAddress
GetCurrentProcess
FlushInstructionCache
SetLastError
CreateThread
VirtualProtect
GetModuleHandleA
Beep
Sleep
IsBadReadPtr
RaiseException
ExitProcess

user32

GetSystemMetrics
DestroyWindow
RegisterClassExA
GetAsyncKeyState
MessageBoxA
CreateWindowExA
DefWindowProcA
GetDesktopWindow

d3d9

Direct3DCreate9

gdi32

SetBkColor
GetCharacterPlacementA
SelectObject
SetBkMode
GetTextMetricsW
GetCharacterPlacementW
SetTextColor
ExtTextOutW
MoveToEx
ExtTextOutA
CreateCompatibleDC
SetMapMode
SetTextAlign
CreateFontIndirectW
CreateFontIndirectA
DeleteObject
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetObjectW
GetObjectA
GetFontLanguageInfo

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7dd22752aaa567bd3311873a3b3f7ef7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

d3d9

gdi32

advapi32

Sections

.text Size: 229KB - Virtual size: 229KB

.rdata Size: 112KB - Virtual size: 112KB

.data Size: 46KB - Virtual size: 65KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 229KB - Virtual size: 229KB

.rdata
Size: 112KB - Virtual size: 112KB

.data
Size: 46KB - Virtual size: 65KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 29KB - Virtual size: 28KB