be4e8c7ba574509a2cc8de1b0c195d51

Sharing

Copy URL Twitter E-mail

General

Target

be4e8c7ba574509a2cc8de1b0c195d51
Size

4.3MB
MD5

be4e8c7ba574509a2cc8de1b0c195d51
SHA1

82dfe558782928e48fc909a9f910a3eacf34bdbd
SHA256

e92cce404aa21e1da82d71aaf76095ceb90180a52c29b03b05982373c2045d2f
SHA512

f18074ebbd6d42497b82e8e83bb49a9ab4df0757c81a1a662fb95808895fbeb0d2d08bfced3e9f2d36e389f36719ef10d0a58bf27a04a43cb7f61fccbefff579
SSDEEP

98304:uCpVAjL190xPxGTfJybVpcP5Z69B3eLKLkWGY5SJgKKUs3XQRkB2uHKVW5AViqN4:uCpVAjL196P6f8BpcPv6QKLkZKFRf34G

Score

3^/10

Malware Config

Signatures

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
be4e8c7ba574509a2cc8de1b0c195d51
unpack001/$PLUGINSDIR/AdvSplash.dll
unpack001/$PLUGINSDIR/FTPul.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/ftp.exe
unpack001/$PLUGINSDIR/nsExec.dll
unpack001/addons/amx/dlls/amx_mm.dll
unpack001/addons/amx/examples/amx_compiler.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$PLUGINSDIR/nsExec.dll
unpack002/$PLUGINSDIR/sc.exe
unpack001/addons/amx/examples/sc.exe
unpack001/addons/amx/modules/VexdUM.dll
unpack001/addons/amx/modules/csstats.dll
unpack001/addons/amx/modules/fun.dll
unpack001/addons/amx/modules/geoip.dll
unpack001/addons/amx/modules/mysql.dll
unpack001/addons/amx/modules/sockets.dll
unpack001/addons/metamod/dlls/metamod.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/addons/amx/examples/amx_compiler.exe	nsis_installer_1

Files

be4e8c7ba574509a2cc8de1b0c195d51
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/AdvSplash.dll
.dll windows:4 windows x86 arch:x86

741b6bafe355b63a372d737b30543a95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
GetVersion
lstrcpyA
lstrcatA
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree

user32

LoadCursorA
RegisterClassA
SetWindowPos
SetWindowLongA
SystemParametersInfoA
EndPaint
GetClientRect
BeginPaint
DefWindowProcA
DestroyWindow
LoadImageA
CreateWindowExA
IsWindow
GetMessageA
DispatchMessageA
UnregisterClassA
wsprintfA
PostMessageA
SetWindowRgn
EnumDisplaySettingsA

gdi32

CombineRgn
CreateRectRgn
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
BitBlt
DeleteObject

winmm

timeSetEvent
PlaySoundA
timeKillEvent

Exports

Exports

show

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FTPul.dll
.dll windows:4 windows x86 arch:x86

a183c14be22a915065476e49da5a41a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2393
ord4129
ord858
ord5710
ord5683
ord6927
ord3215
ord353
ord5922
ord939
ord537
ord2818
ord389
ord823
ord540
ord825
ord5442
ord3789
ord5201
ord3663
ord1979
ord665
ord1228
ord800
ord5651
ord342
ord1116
ord1176
ord1575
ord1168
ord3127
ord3616
ord1577
ord1182
ord269
ord1243
ord1197
ord1570
ord1253
ord1255
ord6467
ord1578
ord600
ord826

kernel32

LocalAlloc
LocalFree
GlobalAlloc
GlobalFree
lstrcpyA
lstrcpynA
lstrcmpiA
GetTickCount
MulDiv
lstrlenA

user32

ShowWindow
FindWindowExA
GetDlgItem
GetFocus
IsWindowVisible
SendMessageA
GetClientRect
GetWindowRect
CreateWindowExA
GetWindowLongA
EnableWindow
DestroyWindow
CallWindowProcA
CharPrevA
wsprintfA
SetDlgItemTextA
SetWindowTextA
SetWindowLongA
RegisterWindowMessageA

msvcrt

free
strstr
__CxxFrameHandler
??1type_info@@UAE@XZ
_initterm
malloc
_adjust_fdiv
__dllonexit
_onexit

Exports

Exports

upload

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/amx.bmp
$PLUGINSDIR/amx_filelist.txt
$PLUGINSDIR/amx_ftp.txt
$PLUGINSDIR/config_filelist.txt
$PLUGINSDIR/ftp.exe
.exe windows:5 windows x86 arch:x86

72461fdf0a8e4b6e7a91d2e92630e1e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ftp.pdb

Imports

msvcrt

isdigit
sprintf
_write
strchr
_setjmp3
_isatty
clearerr
putchar
tolower
longjmp
exit
islower
toupper
_chdrive
fprintf
_errno
_getcwd
fflush
_mbslen
_mbsnbcnt
_mbsnbcat
printf
getenv
_tempnam
tmpnam
_mbsnbcpy
free
fopen
_unlink
vsprintf
vfprintf
_read
clock
_fstat
_fsopen
_c_exit
_exit
_XcptFilter
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_chdir
_cexit
fclose
_mbscmp
_mbscpy
_mbscat
_mbstrlen
_iob
fgets
_mbschr
atoi

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

ReadFile
GetConsoleMode
CreateFileA
Sleep
WriteFile
SetConsoleMode
HeapFree
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
HeapAlloc
FindFirstFileA
FindNextFileA
InterlockedExchange
IsDBCSLeadByteEx
GetEnvironmentVariableA
CreateProcessA
WaitForSingleObject
CloseHandle
LoadLibraryExA
GetLastError
GetCurrentDirectoryA
SetConsoleCtrlHandler
GetFileAttributesA
LocalFree
LocalAlloc
FormatMessageA
GetProcessHeap

user32

CharToOemBuffA
OemToCharBuffA
CharNextExA

ws2_32

getnameinfo
ntohs
setsockopt
send
accept
select
__WSAFDIsSet
recv
WSAStartup
getservbyname
socket
WSAGetLastError
htonl
bind
getsockname
connect
shutdown
closesocket
htons
gethostname
getaddrinfo
freeaddrinfo
listen

mswsock

s_perror

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ftp.ini
$PLUGINSDIR/ftp_amx.bat
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/meta_filelist.txt
$PLUGINSDIR/meta_ftp.txt
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/modullist.txt
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

f835ad7f9363dc017c6826af3baa9002

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GlobalLock
DeleteFileA
TerminateProcess
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
GetCommandLineA
Sleep
lstrcmpiA
GetExitCodeProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/pluginlist.txt
$PLUGINSDIR/sound_filelist.txt
$PLUGINSDIR/sound_ftp.txt
$PLUGINSDIR/type.ini
addons/amx/config/amx.cfg
addons/amx/config/clcmds.ini
addons/amx/config/cmds.ini
addons/amx/config/configs.ini
addons/amx/config/conmotd.txt
addons/amx/config/custom_menus.cfg
addons/amx/config/cvars.ini
addons/amx/config/language.ini
addons/amx/config/maps.ini
addons/amx/config/maps/de_dust.cfg
addons/amx/config/maps/prefix_de_.cfg
addons/amx/config/modules.ini
addons/amx/config/mysql.cfg
addons/amx/config/paths.ini
addons/amx/config/plugins.ini
addons/amx/config/speech.ini
addons/amx/config/stats.ini
addons/amx/config/users.ini
addons/amx/dlls/amx_mm.dll
.dll windows:4 windows x86 arch:x86

5f14d6919ae1e94fcda9f15adf0b2ad5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
FreeLibrary
GetAtomNameA
GetFileAttributesA
GetProcAddress
LoadLibraryA
Sleep
VirtualProtect

msvcrt

_mkdir
_stricmp
_strnicmp
__dllonexit
__mb_cur_max
_errno
_findclose
_findfirst
_findnext
_fullpath
_iob
_isctype
_pctype
_snprintf
_stricmp
_unlink
_vsnprintf
abort
acos
asin
atan
atan2
atof
atoi
calloc
ceil
clock
cos
cosh
exit
fclose
feof
fflush
fgetc
fgets
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
ftell
getc
ldexp
localtime
log
log10
malloc
memcpy
memmove
memset
mktime
rewind
sin
sinh
sprintf
sqrt
sscanf
strcat
strchr
strcmp
strcpy
strftime
strlen
strncmp
strstr
tan
tanh
time
tmpfile
tolower
toupper
ungetc
vsprintf
wcslen

user32

CharLowerA
CharUpperA

Exports

Exports

GetEngineFunctions
GetEngineFunctions_Post
GetEntityAPI2
GetEntityAPI2_Post
GetNewDLLFunctions
GiveFnptrsToDll
GiveFnptrsToDll@8
Meta_Attach
Meta_Detach
Meta_Query

Sections

.text
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 78KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 315B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
addons/amx/dlls/amx_mm_i386.so
.elf linux x86
addons/amx/docs/amxaddlangs.html
.html
addons/amx/docs/amxcfgmenu.html
.html
addons/amx/docs/amxclcmdmenu.html
.html
addons/amx/docs/amxcmdmenu.html
.html
addons/amx/docs/amxcommands.html
.html
addons/amx/docs/amxcompile.html
.html
addons/amx/docs/amxconfig.html
.html
addons/amx/docs/amxcvarsmenu.html
.html
addons/amx/docs/amxinstall.html
.html
addons/amx/docs/amxlangconf.html
.html
addons/amx/docs/amxmapconfigs.html
.html
addons/amx/docs/amxmapsmenu.html
.html
addons/amx/docs/amxmenus.html
.html
addons/amx/docs/amxmodules.html
.html
addons/amx/docs/amxmysql.html
.html
addons/amx/docs/amxpaths.html
.html
addons/amx/docs/amxplugins.html
.html
addons/amx/docs/amxsetup.html
.html
addons/amx/docs/amxspeechmenu.html
.html
addons/amx/docs/amxstats.html
.html
addons/amx/docs/amxusers.html
.html
addons/amx/docs/amxweaponrest.html
.html
addons/amx/docs/consolespeakvox.txt
addons/amx/docs/credit.html
.html
addons/amx/docs/index.html
.html
addons/amx/docs/metamod.html
.html
addons/amx/docs/misc.html
.html
addons/amx/docs/showhide.js
addons/amx/docs/style.css
addons/amx/docs/vexdum.html
.html
addons/amx/examples/amx_compiler.exe
.exe windows:4 windows x86 arch:x86

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
GetPrivateProfileIntA
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
MultiByteToWideChar
GlobalAlloc

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
MapWindowPoints
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
LoadIconA

gdi32

SetTextColor
GetObjectA
SelectObject
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
CreateCompatibleDC

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/compiler.ini
$PLUGINSDIR/include/VexdUM.inc
$PLUGINSDIR/include/VexdUM_const.inc
$PLUGINSDIR/include/VexdUM_stock.inc
$PLUGINSDIR/include/Vexd_Utilities.inc
$PLUGINSDIR/include/Xtrafun_to_Vexd.inc
$PLUGINSDIR/include/amxconst.inc
$PLUGINSDIR/include/amxmisc.inc
$PLUGINSDIR/include/amxmod.inc
$PLUGINSDIR/include/amxmodx_to_amx.inc
$PLUGINSDIR/include/core.inc
$PLUGINSDIR/include/csstats.inc
$PLUGINSDIR/include/cstrike.inc
$PLUGINSDIR/include/dodconst.inc
$PLUGINSDIR/include/dodstats.inc
$PLUGINSDIR/include/dodxmod.inc
$PLUGINSDIR/include/file.inc
$PLUGINSDIR/include/float.inc
$PLUGINSDIR/include/fun.inc
$PLUGINSDIR/include/geoip.inc
$PLUGINSDIR/include/maths.inc
$PLUGINSDIR/include/message_const.inc
$PLUGINSDIR/include/mysql.inc
$PLUGINSDIR/include/sockets.inc
$PLUGINSDIR/include/string.inc
$PLUGINSDIR/include/translator.inc
$PLUGINSDIR/include/vault.inc
$PLUGINSDIR/include/vector.inc
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

f835ad7f9363dc017c6826af3baa9002

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GlobalLock
DeleteFileA
TerminateProcess
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
GetCommandLineA
Sleep
lstrcmpiA
GetExitCodeProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/sc.exe
.exe windows:4 windows x86 arch:x86

60733544761ed1a89b88e369e982d309

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageA
PostMessageA
IsWindow

kernel32

GetOEMCP
RaiseException
SetEnvironmentVariableA
CompareStringW
GetModuleFileNameA
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetFileType
GetStartupInfoA
Sleep
CloseHandle
SetFilePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
DeleteFileA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringA
MultiByteToWideChar
LCMapStringW
ReadFile
GetFileAttributesA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetEndOfFile
CompareStringA

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
addons/amx/examples/compile
.sh linux
addons/amx/examples/compile.bat
addons/amx/examples/compile_drag&drop.bat
addons/amx/examples/include/VexdUM.inc
addons/amx/examples/include/VexdUM_const.inc
addons/amx/examples/include/VexdUM_stock.inc
addons/amx/examples/include/Vexd_Utilities.inc
addons/amx/examples/include/Xtrafun_to_Vexd.inc
addons/amx/examples/include/amxconst.inc
addons/amx/examples/include/amxmisc.inc
addons/amx/examples/include/amxmod.inc
addons/amx/examples/include/amxmodx_to_amx.inc
addons/amx/examples/include/core.inc
addons/amx/examples/include/csstats.inc
addons/amx/examples/include/cstrike.inc
addons/amx/examples/include/dodconst.inc
addons/amx/examples/include/dodstats.inc
addons/amx/examples/include/dodxmod.inc
addons/amx/examples/include/file.inc
addons/amx/examples/include/float.inc
addons/amx/examples/include/fun.inc
addons/amx/examples/include/geoip.inc
addons/amx/examples/include/maths.inc
addons/amx/examples/include/message_const.inc
addons/amx/examples/include/mysql.inc
addons/amx/examples/include/sockets.inc
addons/amx/examples/include/string.inc
addons/amx/examples/include/translator.inc
addons/amx/examples/include/vault.inc
addons/amx/examples/include/vector.inc
addons/amx/examples/sc
.elf linux x86
addons/amx/examples/sc.exe
.exe windows:4 windows x86 arch:x86

60733544761ed1a89b88e369e982d309

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageA
PostMessageA
IsWindow

kernel32

GetOEMCP
RaiseException
SetEnvironmentVariableA
CompareStringW
GetModuleFileNameA
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCurrentDirectoryA
SetCurrentDirectoryA
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetFileType
GetStartupInfoA
Sleep
CloseHandle
SetFilePointer
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
DeleteFileA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringA
MultiByteToWideChar
LCMapStringW
ReadFile
GetFileAttributesA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
LoadLibraryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
SetEndOfFile
CompareStringA

Sections

.text
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
addons/amx/examples/source/compile_drag&drop.bat
addons/amx/examples/source/default/admin.sma
addons/amx/examples/source/default/adminchat.sma
addons/amx/examples/source/default/admincmd.sma
addons/amx/examples/source/default/adminhelp.sma
addons/amx/examples/source/default/adminslots.sma
addons/amx/examples/source/default/adminvote.sma
addons/amx/examples/source/default/antiflood.sma
addons/amx/examples/source/default/cmdmenu.sma
addons/amx/examples/source/default/compile_drag&drop.bat
addons/amx/examples/source/default/csstats.sma
addons/amx/examples/source/default/ff_manager.sma
addons/amx/examples/source/default/imessage.sma
addons/amx/examples/source/default/language.sma
addons/amx/examples/source/default/mapchooser.sma
addons/amx/examples/source/default/mapconfig.sma
addons/amx/examples/source/default/mapsmenu.sma
addons/amx/examples/source/default/menufront.sma
addons/amx/examples/source/default/miscstats.sma
addons/amx/examples/source/default/nextmap.sma
addons/amx/examples/source/default/pausecfg.sma
addons/amx/examples/source/default/plmenu.sma
addons/amx/examples/source/default/plugmod_manager.sma
addons/amx/examples/source/default/restmenu.sma
addons/amx/examples/source/default/scrollmsg.sma
addons/amx/examples/source/default/stats_logging.sma
addons/amx/examples/source/default/statscfg.sma
addons/amx/examples/source/default/statsx.sma
addons/amx/examples/source/default/telemenu.sma
addons/amx/examples/source/default/timeleft.sma
addons/amx/examples/source/default/welcomemsg.sma
addons/amx/faq.txt
addons/amx/lang/adminbase.txt
addons/amx/lang/adminchat.txt
addons/amx/lang/admincmd.txt
addons/amx/lang/adminhelp.txt
addons/amx/lang/adminslots.txt
addons/amx/lang/adminvote.txt
addons/amx/lang/amxcore.txt
addons/amx/lang/antiflood.txt
addons/amx/lang/cmdmenu.txt
addons/amx/lang/common.txt
addons/amx/lang/csstats.txt
addons/amx/lang/ff_manager.txt
addons/amx/lang/imessage.txt
addons/amx/lang/langmngr.txt
.vbs
addons/amx/lang/mapchooser.txt
addons/amx/lang/mapconfig.txt
addons/amx/lang/mapsmenu.txt
addons/amx/lang/menufront.txt
addons/amx/lang/miscstats.txt
addons/amx/lang/nextmap.txt
addons/amx/lang/pausecfg.txt
addons/amx/lang/plmenu.txt
addons/amx/lang/plugmod_manager.txt
addons/amx/lang/restmenu.txt
addons/amx/lang/scrollmsg.txt
addons/amx/lang/statscfg.txt
addons/amx/lang/statslog.txt
addons/amx/lang/statsx.txt
.vbs
addons/amx/lang/telemenu.txt
addons/amx/lang/timeleft.txt
addons/amx/lang/welcomemsg.txt
addons/amx/modules/GeoIP.dat
addons/amx/modules/VexdUM.dll
.dll windows:4 windows x86 arch:x86

04536dc68ca1fbadc1324cedaf4d696f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

_stricmp
__dllonexit
_errno
_iob
_snprintf
_vsnprintf
abort
calloc
cos
fflush
fprintf
free
malloc
memcpy
sscanf
strcmp
strcpy
strlen
strncpy
vsprintf

Exports

Exports

AMX_Attach
AMX_Detach
AMX_PluginsLoaded
AMX_Query
GetEngineFunctions
GetEngineFunctions_Post
GetEntityAPI2
GetEntityAPI2_Post
GetNewDLLFunctions
GetNewDLLFunctions_Post
GiveFnptrsToDll
GiveFnptrsToDll@8
Meta_Attach
Meta_Detach
Meta_Query

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 439B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
addons/amx/modules/VexdUM_i386.so
.elf linux x86
addons/amx/modules/csstats.dll
.dll windows:4 windows x86 arch:x86

2804f1aa582ca21b2b0b6a85c8417379

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
_errno
_iob
_snprintf
_vsnprintf
abort
atoi
calloc
fclose
feof
fflush
fgets
fopen
fprintf
fputc
fputs
fread
free
fwrite
malloc
memcpy
memset
rewind
sscanf
strcmp
strcpy
strlen
strncpy
strstr

Exports

Exports

AMX_Attach
AMX_Detach
AMX_PluginsLoaded
AMX_Query
GetEngineFunctions
GetEngineFunctions_Post
GetEntityAPI2
GetEntityAPI2_Post
GetNewDLLFunctions
GetNewDLLFunctions_Post
GiveFnptrsToDll
GiveFnptrsToDll@8
Meta_Attach
Meta_Detach
Meta_Query

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 636KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
addons/amx/modules/csstats_i386.so
.elf linux x86
addons/amx/modules/fun.dll
.dll windows:4 windows x86 arch:x86

7cdd71d192caa080a8a37d6c2b80569b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

_stricmp
__dllonexit
_errno
_iob
_snprintf
_vsnprintf
abort
calloc
fflush
fprintf
free
malloc
memcpy
sscanf
strcmp
strcpy
strlen
strncpy

Exports

Exports

AMX_Attach
AMX_Detach
AMX_PluginsLoaded
AMX_Query
GetEngineFunctions
GetEngineFunctions_Post
GetEntityAPI2
GetEntityAPI2_Post
GetNewDLLFunctions
GetNewDLLFunctions_Post
GiveFnptrsToDll
GiveFnptrsToDll@8
Meta_Attach
Meta_Detach
Meta_Query

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
addons/amx/modules/fun_i386.so
.elf linux x86
addons/amx/modules/geoip.dll
.dll windows:4 windows x86 arch:x86

0802fed5d4c6878d3efb040bf804dfa4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetModuleFileNameA
GetModuleHandleA

msvcrt

_fileno
_fstat
_stat
__dllonexit
_errno
_iob
_snprintf
abort
atoi
calloc
fclose
fflush
fopen
fprintf
fread
free
fseek
malloc
memset
printf
realloc
strchr
strcpy
strlen

wsock32

WSAStartup
gethostbyname
htonl
inet_addr
ntohl

Exports

Exports

AMX_Attach
AMX_Detach
AMX_PluginsLoaded
AMX_Query

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 192B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
addons/amx/modules/geoip_i386.so
.elf linux x86
addons/amx/modules/mysql.dll
.dll windows:4 windows x86 arch:x86

34739051cc3f46d07149db86977e4854

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegEnumValueA
RegOpenKeyExA
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
RegCloseKey

kernel32

CloseHandle
SetNamedPipeHandleState
WaitNamedPipeA
CreateFileA
GetLastError
UnmapViewOfFile
WaitForSingleObject
SetEvent
MapViewOfFile
OpenFileMappingA
OpenEventA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
FindClose
FindNextFileA
FindFirstFileA
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
ReadFile
WriteFile
WaitForMultipleObjects
DeleteCriticalSection
TlsFree
InitializeCriticalSection
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedIncrement
CreateSemaphoreA
InterlockedDecrement
GetFileAttributesExA
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
SetEndOfFile
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
LoadLibraryW
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
DebugBreak
VirtualQuery
HeapValidate
IsBadReadPtr
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
WideCharToMultiByte
GetTimeZoneInformation
SetStdHandle
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
FatalAppExitA
GetModuleFileNameW
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
SetLastError
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
MultiByteToWideChar
RaiseException
SetFilePointer
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetEnvironmentVariableW

wsock32

inet_addr
WSAStartup
WSACleanup
gethostbyname
getpeername
shutdown
closesocket
setsockopt
send
recv
select
__WSAFDIsSet
inet_ntoa
getservbyname
ntohs
socket
WSAGetLastError
ioctlsocket
htons
connect

Exports

Exports

AMX_Attach
AMX_Detach
AMX_PluginsLoaded
AMX_Query

Sections

.text
Size: 500KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1004KB - Virtual size: 1015KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
addons/amx/modules/mysql_i386.so
.elf linux x86
addons/amx/modules/sockets.dll
.dll windows:4 windows x86 arch:x86

3ea967fd3c342220924661eae6b0372c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
_errno
_iob
abort
calloc
fflush
fprintf
free
malloc
memcpy
memset

wsock32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
inet_addr
recv
select
send
socket

Exports

Exports

AMX_Attach
AMX_Detach
AMX_PluginsLoaded
AMX_Query

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 160B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
addons/amx/modules/sockets_i386.so
.elf linux x86
addons/amx/plugins/admin.amx
addons/amx/plugins/adminchat.amx
addons/amx/plugins/admincmd.amx
addons/amx/plugins/adminhelp.amx
addons/amx/plugins/adminslots.amx
addons/amx/plugins/adminvote.amx
addons/amx/plugins/antiflood.amx
addons/amx/plugins/cmdmenu.amx
addons/amx/plugins/csstats.amx
addons/amx/plugins/ff_manager.amx
addons/amx/plugins/imessage.amx
addons/amx/plugins/language.amx
addons/amx/plugins/mapchooser.amx
addons/amx/plugins/mapconfig.amx
addons/amx/plugins/mapsmenu.amx
addons/amx/plugins/menufront.amx
addons/amx/plugins/miscstats.amx
addons/amx/plugins/nextmap.amx
addons/amx/plugins/pausecfg.amx
addons/amx/plugins/plmenu.amx
addons/amx/plugins/plugmod_manager.amx
addons/amx/plugins/restmenu.amx
addons/amx/plugins/scrollmsg.amx
addons/amx/plugins/stats_logging.amx
addons/amx/plugins/statscfg.amx
addons/amx/plugins/statsx.amx
addons/amx/plugins/telemenu.amx
addons/amx/plugins/timeleft.amx
addons/amx/plugins/welcomemsg.amx
addons/amx/readme.txt
addons/metamod/dlls/metamod.dll
.dll windows:4 windows x86 arch:x86

19360f36b1b608fa3c0c10b9ced03c59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FreeLibrary
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetProcAddress
IsBadCodePtr
IsBadReadPtr
IsBadStringPtrA
LoadLibraryA
MapViewOfFile
Sleep
UnmapViewOfFile
VirtualAlloc
VirtualProtect
VirtualQuery

msvcrt

_stat
__dllonexit
__mb_cur_max
_close
_errno
_getcwd
_isctype
_open
_pctype
_strdup
_stricmp
_strlwr
_strnicmp
_unlink
_vsnprintf
_write
atoi
calloc
ctime
exit
fclose
fflush
fgets
fopen
free
malloc
memcpy
memset
qsort
realloc
sscanf
strchr
strcmp
strerror
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtol
time
tolower

Exports

Exports

GetEntityAPI
GetEntityAPI2
GetNewDLLFunctions
GiveFnptrsToDll
GiveFnptrsToDll@8
adminmod_timer

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 207B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
addons/metamod/dlls/metamod_i386.so
.elf linux x86
addons/metamod/plugins.ini
cal_cs.cfg
calot_cs.cfg
cb_cs.cfg
ogl_cs.cfg
ogladv_cs.cfg
oglff_cs.cfg
oglot_cs.cfg
sound/djeyl/c4powa.wav
sound/djeyl/grenade.wav
sound/djeyl/laugh.wav
sound/djeyl/witch.wav
sound/misc/doublekill.wav
sound/misc/firstblood.wav
sound/misc/godlike.wav
sound/misc/headshot.wav
sound/misc/humiliation.wav
sound/misc/impressive.wav
sound/misc/killingspree.wav
sound/misc/maytheforce.wav
sound/misc/monsterkill.wav
sound/misc/multikill.wav
sound/misc/oneandonly.wav
sound/misc/prepare.wav
sound/misc/rampage.wav
sound/misc/ultrakill.wav
sound/misc/unstoppable.wav

Sharing

General

Malware Config

Signatures

Files

18bc6fa81e19f21156316b1ae696ed6b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 153KB

.ndata Size: - Virtual size: 44KB

.rsrc Size: 10KB - Virtual size: 9KB

741b6bafe355b63a372d737b30543a95

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 208B

.reloc Size: 512B - Virtual size: 412B

a183c14be22a915065476e49da5a41a4

Headers

File Characteristics

Imports

mfc42

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 12KB

.reloc Size: 1024B - Virtual size: 804B

57354bdeea3dfae6e948101add87501a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 954B

72461fdf0a8e4b6e7a91d2e92630e1e6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

user32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 153KB

.ndata
Size: - Virtual size: 44KB

.rsrc
Size: 10KB - Virtual size: 9KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 208B

.reloc
Size: 512B - Virtual size: 412B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 12KB

.reloc
Size: 1024B - Virtual size: 804B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 954B

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 1024B - Virtual size: 19KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 360B

.text
Size: 165KB - Virtual size: 165KB

.data
Size: 13KB - Virtual size: 12KB

.rdata
Size: 20KB - Virtual size: 19KB

.bss
Size: - Virtual size: 78KB

.edata
Size: 512B - Virtual size: 315B

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 11KB - Virtual size: 10KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 153KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 7KB - Virtual size: 7KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB