3317c5a7ff3d9f467c8eef0d57ce78a49ebeae2fe422565afefaabcf06a55685

Sharing

Copy URL Twitter E-mail

General

Target

3317c5a7ff3d9f467c8eef0d57ce78a49ebeae2fe422565afefaabcf06a55685
Size

402KB
MD5

dbcc1271947edec963464cc17d0d80c9
SHA1

fd8fba8dad85f76d6eea0d0af400056a43e6655a
SHA256

3317c5a7ff3d9f467c8eef0d57ce78a49ebeae2fe422565afefaabcf06a55685
SHA512

060e709fa7a886056de2c93c7f1d22749d0b0e95edda88296bdf40432f5d0e02d76b923ebe9e973c2126cf4de55cced909e5c758e37b02d0690450ff83bb0088
SSDEEP

12288:TkxQxrVIuQ2XG6oDcbi810TRPhXaGlAwOF8REgkk:xpIuRWR6310lhcqEM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/red4ext/plugins/input_loader/input_loader.dll

Files

3317c5a7ff3d9f467c8eef0d57ce78a49ebeae2fe422565afefaabcf06a55685
.zip
engine/config/platform/pc/input_loader.ini
r6/cache/inputContexts.xml
.xml
r6/cache/inputUserMappings.xml
.xml
red4ext/plugins/input_loader/inputUserMappings.xml
.xml
red4ext/plugins/input_loader/input_loader.dll
.dll windows:6 windows x64 arch:x64

8f37ab822d3180ab4529e96806544b0a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\cyberpunk2077-input-loader\cyberpunk2077-input-loader\build\input_loader.pdb

Imports

kernel32

GetModuleHandleW
CreateFileW
GetFileSizeEx
ReadFile
SetFilePointerEx
CloseHandle
GetLastError
GetCurrentProcess
TerminateProcess
SwitchToThread
GetModuleHandleA
GetProcAddress
GetModuleFileNameA
GetModuleFileNameW
WriteConsoleW
FlushFileBuffers
GetFileAttributesW
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetDynamicTimeZoneInformation
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CreateSymbolicLinkW
GetFileInformationByHandleEx
CreateHardLinkW
MoveFileExW
CopyFileW
CreateDirectoryExW
DeviceIoControl
AreFileApisANSI
GetTempPathW
SetFileTime
SetFileInformationByHandle
SetFileAttributesW
GetFullPathNameW
GetFinalPathNameByHandleW
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetLocaleInfoEx
FormatMessageA
LocalFree
InitOnceComplete
InitOnceBeginInitialize
InitializeSListHead

user32

MessageBoxA

msvcp140

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAHH@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?id@?$numpunct@D@std@@2V0locale@2@A
?id@?$numpunct@_W@std@@2V0locale@2@A
_Xtime_get_ticks
_Mtx_lock
_Mtx_unlock
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
_Thrd_join
_Thrd_id
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_signal
_Cnd_do_broadcast_at_thread_exit
?eof@ios_base@std@@QEBA_NXZ
?fail@ios_base@std@@QEBA_NXZ
?bad@ios_base@std@@QEBA_NXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?write@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@PEB_W_J@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?gcount@?$basic_istream@DU?$char_traits@D@std@@@std@@QEBA_JXZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?read@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@PEA_W_J@Z
?gcount@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEBA_JXZ
?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Xbad_alloc@std@@YAXXZ
_Mbrtowc
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
?uncaught_exceptions@std@@YAHXZ
?_Xlength_error@std@@YAXPEBD@Z
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?setf@ios_base@std@@QEAAHH@Z
?setf@ios_base@std@@QEAAHHH@Z
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
__current_exception_context
__current_exception
strstr
strchr
memcmp
memchr
memset
memmove
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__std_terminate
_purecall
memcpy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc
calloc

api-ms-win-crt-runtime-l1-1-0

terminate
_beginthreadex
_initterm_e
_initterm
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_errno
abort

api-ms-win-crt-math-l1-1-0

fmod
_dsign
ceil
_isnan
_dclass
floor
_finite
ceilf
_ldclass
_fdclass

api-ms-win-crt-convert-l1-1-0

mbstowcs
_ecvt_s
strtod

api-ms-win-crt-stdio-l1-1-0

fclose
_wfsopen
fflush
_isatty
fread
fopen_s
ferror
_filelengthi64
__stdio_common_vsnprintf_s
__stdio_common_vfprintf
fwrite
fputc
_fileno
__acrt_iob_func
_ftelli64
_fseeki64
_wfopen_s
_get_osfhandle

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func

api-ms-win-crt-string-l1-1-0

isdigit

api-ms-win-crt-filesystem-l1-1-0

_wremove
_wrename
_wmkdir

api-ms-win-crt-environment-l1-1-0

getenv_s

api-ms-win-crt-time-l1-1-0

_time64
_localtime64_s
_gmtime64_s
strftime

Exports

Exports

Add
Main
Query
Supports

Sections

.text
Size: 1006KB - Virtual size: 1005KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 799B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
red4ext/plugins/input_loader/license.md
red4ext/plugins/input_loader/readme.md

Sharing

General

Malware Config

Signatures

Files

8f37ab822d3180ab4529e96806544b0a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: 1006KB - Virtual size: 1005KB

.rdata Size: 161KB - Virtual size: 160KB

.data Size: 19KB - Virtual size: 22KB

.pdata Size: 59KB - Virtual size: 58KB

.idata Size: 17KB - Virtual size: 16KB

.tls Size: 1024B - Virtual size: 799B

.00cfg Size: 512B - Virtual size: 373B

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 1006KB - Virtual size: 1005KB

.rdata
Size: 161KB - Virtual size: 160KB

.data
Size: 19KB - Virtual size: 22KB

.pdata
Size: 59KB - Virtual size: 58KB

.idata
Size: 17KB - Virtual size: 16KB

.tls
Size: 1024B - Virtual size: 799B

.00cfg
Size: 512B - Virtual size: 373B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 5KB - Virtual size: 5KB