C:\Users\gabri\Desktop\nexus-cs2\x64\Distribution\cs2_imgui.pdb
Static task
static1
1 signatures
General
-
Target
gamesensecrack.dll
-
Size
3.3MB
-
MD5
89afc27f89bcc9be0d239f46eb0a7e58
-
SHA1
2bc2e5563992418b24b20f3a182ebd31e1000637
-
SHA256
11b3207b90102efa2a2c94cf99257cd838b3ef9fdd485c4040604ff8fa2c0c3f
-
SHA512
fb3eace91b1cd9565700b7d76d66cbfe07d451fd980a6dcdd9d8f0eb94e4f2d1e5f3895f80a9c73f3ce9c9ad3838bf5fff9efa427d63e7b9a75f0424121a31ed
-
SSDEEP
49152:mLeYhanjx6yZqy5jRYl3x44su6QCzrw5vkBKnwtNIiCCJK8/1eD0lKS78sI:maJRYl21kZAIZCI4I
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource gamesensecrack.dll
Files
-
gamesensecrack.dll.dll windows:6 windows x64 arch:x64
92276b75625c742d29d49c3838e79724
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
ws2_32
recv
getpeername
connect
ioctlsocket
gethostname
select
__WSAFDIsSet
WSACleanup
WSAStartup
htonl
WSAIoctl
setsockopt
freeaddrinfo
getaddrinfo
WSASetLastError
WSAWaitForMultipleEvents
WSAResetEvent
getsockopt
ntohs
listen
getsockname
accept
sendto
recvfrom
bind
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSAGetLastError
send
inet_ntop
inet_pton
socket
htons
closesocket
crypt32
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertOpenStore
CryptStringToBinaryW
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertCloseStore
CertFindExtension
CertGetNameStringW
CryptQueryObject
CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
kernel32
WriteConsoleW
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
GetModuleHandleA
Sleep
GetCurrentProcessId
GetConsoleWindow
GetProcAddress
GetStdHandle
WriteConsoleA
SetStdHandle
VirtualQuery
MultiByteToWideChar
LoadLibraryA
QueryPerformanceFrequency
VerSetConditionMask
FreeLibrary
QueryPerformanceCounter
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
CreateFileA
GetFileSizeEx
ReadFile
CloseHandle
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
MapViewOfFile
UnmapViewOfFile
FreeLibraryAndExitThread
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetLastError
SetLastError
FormatMessageW
MoveFileExW
GetFileType
PeekNamedPipe
WaitForMultipleObjects
GetEnvironmentVariableA
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
GetSystemDirectoryW
GetModuleHandleW
LoadLibraryW
SleepEx
WaitForSingleObjectEx
VerifyVersionInfoW
CreateFileW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
GetSystemInfo
VirtualAlloc
VirtualFree
OpenThread
SetThreadContext
FlushInstructionCache
GetThreadContext
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
Thread32First
Thread32Next
GetCurrentProcess
VirtualProtect
HeapCreate
GetCPInfo
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleOutputCP
FlushFileBuffers
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
EnumSystemLocalesW
GetTimeZoneInformation
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
HeapSize
DeleteFileW
CreateFileMappingA
LocalFree
FormatMessageA
GetCurrentDirectoryW
CreateDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
GetFullPathNameW
SetEndOfFile
SetFileInformationByHandle
SetFilePointerEx
AreFileApisANSI
GetFileInformationByHandleEx
GetCurrentThreadId
RtlPcToFileHeader
RaiseException
InitializeSRWLock
TryEnterCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetSystemTimeAsFileTime
IsValidCodePage
user32
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetKeyState
SetWindowLongPtrA
ScreenToClient
GetCapture
ClientToScreen
TrackMouseEvent
LoadCursorA
SetCapture
SetCursor
GetClientRect
IsWindowUnicode
ReleaseCapture
SetCursorPos
GetCursorPos
CallWindowProcA
GetWindowThreadProcessId
GetWindow
IsWindowVisible
EnumWindows
GetForegroundWindow
advapi32
CryptEncrypt
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptAcquireContextW
CryptImportKey
shell32
SHGetKnownFolderPath
d3d11
D3D11CreateDeviceAndSwapChain
bcrypt
BCryptGenRandom
d3dcompiler_47
D3DCompile
imm32
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 654KB - Virtual size: 654KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 601KB - Virtual size: 665KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 86KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ