pvzUnnamed[.]zip

Resubmissions

28/03/2024, 15:46

240328-s7ym9aah36 7

28/03/2024, 15:44

240328-s6ztxshh91 7

Sharing

Copy URL Twitter E-mail

General

Target

pvzUnnamed.zip
Size

41.3MB
MD5

a06399d89a6897b1f96ad08644bca968
SHA1

b988ba06581ff583d8a467fcee0a0efa5cc02d56
SHA256

a3d67288dbfafe5b3ed5abb039b9f6c083b9464bcfca917ab7b8542d18f0fbdb
SHA512

85a262b19f7a57a4288f40c7d524dd37b0b87acb6b1b7bc43c1065beb01fd1665e2f91a1f54509e836c024eb0119e928716d1d563a8d5a422af36dfcc01ce557
SSDEEP

786432:+PuJUxJQIEb++g8wCWnSL3w8iM1BwtHVg2QVvecOuUU/hjPuW8vrrD22ko:+PugJQIUwk3biM1B12QVvPZjPuW8j3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/PvZ_Tools_v2.3.4.exe	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PlantsVsZombies unnamed.exe
unpack001/PlantsVsZombies.exe
unpack001/bass.dll
unpack001/beta6.30.exe
unpack001/gdi42.dll
unpack001/植物大战僵尸修改器v2.6.0.5.exe

Files

pvzUnnamed.zip
.zip
PVZ原版启动程序.exe
.exe windows:4 windows x86 arch:x86

33aada12073d335900f2dd1f5ac08eed

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:61:df:38:d5:bb:38:36:a8:b4:4b:98:5c:50:44:79
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

01/09/2006, 00:00

Not After

21/09/2009, 23:59

Subject

CN=PopCap Games,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=PopCap Games,L=Seattle,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Popcap\Lawn\releasefinal\PlantsVsZombies.pdb

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
GetModuleHandleA
WinExec
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
GetLocaleInfoW
WriteConsoleW
LoadLibraryA
FreeLibrary
GetProcAddress
InterlockedDecrement
GetLastError
CloseHandle
FindNextFileA
Sleep
SetThreadPriority
GlobalFree
GetCurrentThread
GlobalLock
WaitForSingleObject
FindClose
GlobalUnlock
CreateMutexA
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
GetVersionExA
FindFirstFileA
EnterCriticalSection
GetCommandLineA
MultiByteToWideChar
DeleteFileA
FileTimeToSystemTime
GetFileTime
GetSystemDirectoryA
CreateFileA
MulDiv
SetUnhandledExceptionFilter
GetCurrentProcess
OpenFileMappingA
IsBadWritePtr
UnmapViewOfFile
DeleteCriticalSection
CreateThread
GetThreadPriority
VirtualQuery
SetErrorMode
InitializeCriticalSection
InterlockedIncrement
GetCurrentDirectoryW
LoadLibraryW
GetWindowsDirectoryA
SetEvent
CreateEventA
LockResource
SizeofResource
LoadResource
GetFileSize
FindResourceA
WideCharToMultiByte
InterlockedExchange
InterlockedCompareExchange
GetLocaleInfoA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitProcess
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
ExitThread
ResumeThread
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
HeapReAlloc
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
HeapSize
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
GetCurrentDirectoryA
SetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
RemoveDirectoryA

user32

ShowCaret
CloseClipboard
TranslateMessage
DialogBoxIndirectParamA
RegisterWindowMessageA
DefWindowProcA
AdjustWindowRect
ShowWindow
EndDialog
GetDC
IsWindowEnabled
GetClipboardData
SetClipboardData
DispatchMessageA
EnumDisplaySettingsA
SetForegroundWindow
GetWindowTextA
IsIconic
GetWindowLongA
GetDlgItem
SetFocus
ChangeDisplaySettingsA
GetClientRect
GetWindowPlacement
SetWindowTextA
GetWindowRect
ScreenToClient
GetCursorPos
PostMessageA
EmptyClipboard
SetTimer
DestroyWindow
SetCaretPos
ReleaseDC
GetSystemMetrics
PeekMessageA
InvalidateRect
DefWindowProcW
CreateWindowExA
LoadIconA
CreateCursor
ReleaseCapture
WindowFromPoint
ClientToScreen
MoveWindow
EnumWindows
SystemParametersInfoA
MessageBoxW
SetWindowLongA
BeginPaint
EndPaint
OpenClipboard
RegisterClassA
DestroyCursor
SetCapture
SetActiveWindow
AdjustWindowRectEx
OffsetRect
GetWindowInfo
FillRect
DrawTextExA
GetSysColorBrush
DrawTextA
GetMessageA
IsDialogMessageA
GetFocus
GetSysColor
CreateWindowExW
GetDesktopWindow
IsWindow
PostThreadMessageA
HideCaret
CreateCaret
DestroyCaret
IsWindowVisible
SetCursor
MessageBoxA
SendMessageA
LoadCursorA
GetActiveWindow

wininet

InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
HttpSendRequestA
InternetOpenA

winmm

timeGetTime
timeBeginPeriod
mixerGetLineControlsA
mixerOpen
mixerGetControlDetailsA
mixerSetControlDetails
timeEndPeriod
PlaySoundA
mixerGetDevCapsA
mixerGetLineInfoA
mixerClose

wsock32

inet_ntoa
recv
WSACleanup
select
htons
WSAGetLastError
socket
gethostbyname
ioctlsocket
closesocket
send
WSAStartup
__WSAFDIsSet
connect

gdi42

CreateCompatibleDC
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
DeleteObject
IntersectClipRect
CreateSolidBrush
TextOutA
SetBkMode
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 787KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PlantsVsZombies unnamed.1DA793D4881D3AA.crash.dmp
PlantsVsZombies unnamed.exe
.exe windows:4 windows x86 arch:x86

33aada12073d335900f2dd1f5ac08eed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
GetModuleHandleA
WinExec
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
GetLocaleInfoW
WriteConsoleW
LoadLibraryA
FreeLibrary
GetProcAddress
InterlockedDecrement
GetLastError
CloseHandle
FindNextFileA
Sleep
SetThreadPriority
GlobalFree
GetCurrentThread
GlobalLock
WaitForSingleObject
FindClose
GlobalUnlock
CreateMutexA
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
GetVersionExA
FindFirstFileA
EnterCriticalSection
GetCommandLineA
MultiByteToWideChar
DeleteFileA
FileTimeToSystemTime
GetFileTime
GetSystemDirectoryA
CreateFileA
MulDiv
SetUnhandledExceptionFilter
GetCurrentProcess
OpenFileMappingA
IsBadWritePtr
UnmapViewOfFile
DeleteCriticalSection
CreateThread
GetThreadPriority
VirtualQuery
SetErrorMode
InitializeCriticalSection
InterlockedIncrement
GetCurrentDirectoryW
LoadLibraryW
GetWindowsDirectoryA
SetEvent
CreateEventA
LockResource
SizeofResource
LoadResource
GetFileSize
FindResourceA
WideCharToMultiByte
InterlockedExchange
InterlockedCompareExchange
GetLocaleInfoA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitProcess
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
ExitThread
ResumeThread
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
HeapReAlloc
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
HeapSize
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
GetCurrentDirectoryA
SetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
RemoveDirectoryA

user32

ShowCaret
CloseClipboard
TranslateMessage
DialogBoxIndirectParamA
RegisterWindowMessageA
DefWindowProcA
AdjustWindowRect
ShowWindow
EndDialog
GetDC
IsWindowEnabled
GetClipboardData
SetClipboardData
DispatchMessageA
EnumDisplaySettingsA
SetForegroundWindow
GetWindowTextA
IsIconic
GetWindowLongA
GetDlgItem
SetFocus
ChangeDisplaySettingsA
GetClientRect
GetWindowPlacement
SetWindowTextA
GetWindowRect
ScreenToClient
GetCursorPos
PostMessageA
EmptyClipboard
SetTimer
DestroyWindow
SetCaretPos
ReleaseDC
GetSystemMetrics
PeekMessageA
InvalidateRect
DefWindowProcW
CreateWindowExA
LoadIconA
CreateCursor
ReleaseCapture
WindowFromPoint
ClientToScreen
MoveWindow
EnumWindows
SystemParametersInfoA
MessageBoxW
SetWindowLongA
BeginPaint
EndPaint
OpenClipboard
RegisterClassA
DestroyCursor
SetCapture
SetActiveWindow
AdjustWindowRectEx
OffsetRect
GetWindowInfo
FillRect
DrawTextExA
GetSysColorBrush
DrawTextA
GetMessageA
IsDialogMessageA
GetFocus
GetSysColor
CreateWindowExW
GetDesktopWindow
IsWindow
PostThreadMessageA
HideCaret
CreateCaret
DestroyCaret
IsWindowVisible
SetCursor
MessageBoxA
SendMessageA
LoadCursorA
GetActiveWindow

wininet

InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
HttpSendRequestA
InternetOpenA

winmm

timeGetTime
timeBeginPeriod
mixerGetLineControlsA
mixerOpen
mixerGetControlDetailsA
mixerSetControlDetails
timeEndPeriod
PlaySoundA
mixerGetDevCapsA
mixerGetLineInfoA
mixerClose

wsock32

inet_ntoa
recv
WSACleanup
select
htons
WSAGetLastError
socket
gethostbyname
ioctlsocket
closesocket
send
WSAStartup
__WSAFDIsSet
connect

gdi42

CreateCompatibleDC
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
DeleteObject
IntersectClipRect
CreateSolidBrush
TextOutA
SetBkMode
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 283KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NewSec
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PlantsVsZombies.exe
.exe windows:4 windows x86 arch:x86

33aada12073d335900f2dd1f5ac08eed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
GetModuleHandleA
WinExec
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
GetLocaleInfoW
WriteConsoleW
LoadLibraryA
FreeLibrary
GetProcAddress
InterlockedDecrement
GetLastError
CloseHandle
FindNextFileA
Sleep
SetThreadPriority
GlobalFree
GetCurrentThread
GlobalLock
WaitForSingleObject
FindClose
GlobalUnlock
CreateMutexA
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
GetVersionExA
FindFirstFileA
EnterCriticalSection
GetCommandLineA
MultiByteToWideChar
DeleteFileA
FileTimeToSystemTime
GetFileTime
GetSystemDirectoryA
CreateFileA
MulDiv
SetUnhandledExceptionFilter
GetCurrentProcess
OpenFileMappingA
IsBadWritePtr
UnmapViewOfFile
DeleteCriticalSection
CreateThread
GetThreadPriority
VirtualQuery
SetErrorMode
InitializeCriticalSection
InterlockedIncrement
GetCurrentDirectoryW
LoadLibraryW
GetWindowsDirectoryA
SetEvent
CreateEventA
LockResource
SizeofResource
LoadResource
GetFileSize
FindResourceA
WideCharToMultiByte
InterlockedExchange
InterlockedCompareExchange
GetLocaleInfoA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitProcess
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
ExitThread
ResumeThread
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
HeapReAlloc
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
HeapSize
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
GetCurrentDirectoryA
SetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
RemoveDirectoryA

user32

ShowCaret
CloseClipboard
TranslateMessage
DialogBoxIndirectParamA
RegisterWindowMessageA
DefWindowProcA
AdjustWindowRect
ShowWindow
EndDialog
GetDC
IsWindowEnabled
GetClipboardData
SetClipboardData
DispatchMessageA
EnumDisplaySettingsA
SetForegroundWindow
GetWindowTextA
IsIconic
GetWindowLongA
GetDlgItem
SetFocus
ChangeDisplaySettingsA
GetClientRect
GetWindowPlacement
SetWindowTextA
GetWindowRect
ScreenToClient
GetCursorPos
PostMessageA
EmptyClipboard
SetTimer
DestroyWindow
SetCaretPos
ReleaseDC
GetSystemMetrics
PeekMessageA
InvalidateRect
DefWindowProcW
CreateWindowExA
LoadIconA
CreateCursor
ReleaseCapture
WindowFromPoint
ClientToScreen
MoveWindow
EnumWindows
SystemParametersInfoA
MessageBoxW
SetWindowLongA
BeginPaint
EndPaint
OpenClipboard
RegisterClassA
DestroyCursor
SetCapture
SetActiveWindow
AdjustWindowRectEx
OffsetRect
GetWindowInfo
FillRect
DrawTextExA
GetSysColorBrush
DrawTextA
GetMessageA
IsDialogMessageA
GetFocus
GetSysColor
CreateWindowExW
GetDesktopWindow
IsWindow
PostThreadMessageA
HideCaret
CreateCaret
DestroyCaret
IsWindowVisible
SetCursor
MessageBoxA
SendMessageA
LoadCursorA
GetActiveWindow

wininet

InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
HttpSendRequestA
InternetOpenA

winmm

timeGetTime
timeBeginPeriod
mixerGetLineControlsA
mixerOpen
mixerGetControlDetailsA
mixerSetControlDetails
timeEndPeriod
PlaySoundA
mixerGetDevCapsA
mixerGetLineInfoA
mixerClose

wsock32

inet_ntoa
recv
WSACleanup
select
htons
WSAGetLastError
socket
gethostbyname
ioctlsocket
closesocket
send
WSAStartup
__WSAFDIsSet
connect

gdi42

CreateCompatibleDC
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
DeleteObject
IntersectClipRect
CreateSolidBrush
TextOutA
SetBkMode
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 283KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NewSec
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PvZ_Tools_v2.3.4.exe
.exe windows:6 windows x86 arch:x86

Code Sign

f7:f6:e6:cd:36:28:fa:98:bf:ce:b4:68:ae:e9:39:83
Certificate

Issuer

CN=GoGetSSL RSA Codesigning CA,O=GoGetSSL,L=Riga,C=LV

Not Before

19/08/2019, 00:00

Not After

18/08/2021, 23:59

Subject

CN=Shenzhen Bitmoe Information Technology Co.\, Ltd.,O=Shenzhen Bitmoe Information Technology Co.\, Ltd.,POSTALCODE=518054,STREET=Rm A603\, Building G\, Nanshan E Commerce Innovation Service Ba,L=Shenzhen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1a:6e:54:ff:9f:9c:e0:f8:ea:cb:e7:a0:ab:56:9d:32
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

06/09/2018, 00:00

Not After

05/09/2028, 23:59

Subject

CN=GoGetSSL RSA Codesigning CA,O=GoGetSSL,L=Riga,C=LV

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a5:2b:83:84:8c:2e:d6:e5:81:af:6b:db:69:f2:23:b9:ed:f1:4f:59:0d:df:5d:f5:94:1d:27:ed:e0:ee:73:10
Signer

Actual PE Digest

a5:2b:83:84:8c:2e:d6:e5:81:af:6b:db:69:f2:23:b9:ed:f1:4f:59:0d:df:5d:f5:94:1d:27:ed:e0:ee:73:10

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 7.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
WMInit.ini
bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetEAXMix
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelPreBuf
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetFlags
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetAttribute
BASS_MusicGetName
BASS_MusicGetOrderPosition
BASS_MusicGetOrders
BASS_MusicLoad
BASS_MusicSetAttribute
BASS_Pause
BASS_PluginFree
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamGetTags
BASS_Update
_

Sections

Size: 85KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
beta6.30.1DA7B8C257DC306.crash.dmp
beta6.30.1DA7C9D693062CA.crash.dmp
beta6.30.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 948KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 124KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 16KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 124KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 140KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 80KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3.1MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 952KB - Virtual size: 952KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
betainstall.ini
crash.txt
data/BrianneTod12.txt
data/BrianneTod16.txt
data/BrianneTod32.txt
data/BrianneTod32Black.txt
data/ContinuumBold14.txt
data/ContinuumBold14outback.txt
data/DwarvenTodcraft12.txt
data/DwarvenTodcraft15.txt
data/DwarvenTodcraft18.txt
data/DwarvenTodcraft18BrightGreenInset.txt
data/DwarvenTodcraft18GreenInset.txt
data/DwarvenTodcraft18Yellow.txt
data/DwarvenTodcraft24.txt
data/DwarvenTodcraft36BrightGreenInset.txt
data/DwarvenTodcraft36GreenInset.txt
data/HouseofTerror16.txt
data/HouseofTerror20.txt
data/HouseofTerror28.png
.png
data/HouseofTerror28.txt
data/Pico129.txt
data/Pix118Bold.txt
data/_HouseofTerror16.png
.png
exconfig.txt
fzse_gbk.ttf
gdi42.dll
.dll windows:5 windows x86 arch:x86

b1ff75e2aa73308a56a49674396d01d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\URF Li\Documents\Visual Studio 2008\Projects\外挂汉化\Release\gdi42.pdb

Imports

kernel32

RtlUnwind
RaiseException
HeapReAlloc
SetStdHandle
GetFileType
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
HeapFree
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
SetEnvironmentVariableA
HeapAlloc
GetCommandLineA
GlobalFindAtomW
GetVersionExA
WritePrivateProfileStringW
GetFileTime
GetFileSizeEx
GetFileAttributesW
FileTimeToLocalFileTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
FileTimeToSystemTime
lstrlenA
CompareStringW
InterlockedIncrement
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GlobalAddAtomW
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
CompareStringA
InterlockedExchange
lstrcmpW
FreeLibrary
GetModuleHandleW
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GetCurrentProcessId
GetModuleFileNameW
GetLastError
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
GetSystemTimeAsFileTime
LoadLibraryA

user32

DestroyMenu
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DefWindowProcW
CallWindowProcW
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
CharUpperW
CopyRect
GetWindowRect
GetClassNameW
PtInRect
SetWindowPos
ShowWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
SetWindowTextW
GetDlgItem
GetWindow
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetSysColorBrush
MessageBoxW
EnableWindow
IsWindowEnabled
GetLastActivePopup
UnregisterClassW
UnhookWindowsHookEx
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetWindowLongW
GetParent
SendMessageW
GetWindowThreadProcessId
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
GetDC
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
GetSysColor
ReleaseDC

gdi32

DeleteDC
CreateBitmap
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
RectVisible
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
CreateFontIndirectW
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
TextOutA
SetTextColor
TextOutW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

CreateCompatibleDC
CreateDIBSection
CreateFontA
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
IntersectClipRect
SelectObject
SetBkMode
SetTextColor
TextOutA

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
images/Almanac.png
.png
images/Almanac_IndexBack.jpg
.jpg
images/Credits_ZombieNote.png
.png
images/FlagMeterLevelProgress.png
.png
images/PvZ_Logo.jpg
.jpg
images/PvZ_Logo_.png
.png
images/SelectorScreen_Almanac.png
.png
images/SelectorScreen_AlmanacHighlight.png
.png
images/SelectorScreen_Help1.png
.png
images/SelectorScreen_Help2.png
.png
images/SelectorScreen_Options1.png
.png
images/SelectorScreen_Options2.png
.png
images/SelectorScreen_Quit1.png
.png
images/SelectorScreen_Quit2.png
.png
images/SelectorScreen_Store.png
.png
images/SelectorScreen_StoreHighlight.png
.png
images/SelectorScreen_ZenGarden.png
.png
images/SelectorScreen_ZenGardenHighlight.png
.png
images/Store_NextButton.png
.png
images/Store_NextButtonHighlight.png
.png
images/Store_PrevButton.png
.png
images/Store_PrevButtonHighlight.png
.png
images/Store_Sign.png
.png
images/Thumbs.db
images/Tombstones.jpg
.jpg
images/ZombieNote1.png
.png
images/ZombieNote2.png
.png
images/ZombieNote3.png
.png
images/ZombieNote4.png
.png
images/ZombieNoteHelp.png
.png
images/Zombie_bobsled1.png
.png
images/Zombie_bobsled2.png
.png
images/Zombie_bobsled3.png
.png
images/Zombie_bobsled4.png
.png
images/Zombiefinalnote.png
.png
images/options_menuback.jpg
.jpg
images/zenshopbutton.png
.png
images/zenshopbutton_highlight.png
.png
main.pak
particles/Doom.png
.png
particles/ExplosionPowie.png
.png
particles/ExplosionSpudow.png
.png
particles/Pow.png
.png
particles/Sproing.png
.png
properties/LawnStrings.txt
properties/partner.xml
properties/partner.xml.sig
properties/partner_logo.jpg
.jpg
reanim/Credits_MTV.png
.png
reanim/Credits_wearetheundead.jpg
.jpg
reanim/Credits_wearetheundead_.png
.png
reanim/FinalWave.png
.png
reanim/SelectorScreen_Adventure_button.png
.png
reanim/SelectorScreen_Adventure_highlight.png
.png
reanim/SelectorScreen_BG_Right.jpg
.jpg
reanim/SelectorScreen_Challenges_button.png
.png
reanim/SelectorScreen_Challenges_highlight.png
.png
reanim/SelectorScreen_StartAdventure_Button1.png
.png
reanim/SelectorScreen_StartAdventure_Highlight.png
.png
reanim/SelectorScreen_Survival_button.png
.png
reanim/SelectorScreen_Survival_highlight.png
.png
reanim/SelectorScreen_Vasebreaker_button.png
.png
reanim/SelectorScreen_WoodSign1.png
.png
reanim/SelectorScreen_WoodSign2.png
.png
reanim/SelectorScreen_WoodSign2_press.png
.png
reanim/SelectorScreen_vasebreaker_highlight.png
.png
reanim/StartPlant.png
.png
reanim/StartReady.png
.png
reanim/StartSet.png
.png
reanim/ZombiesWon.jpg
.jpg
reanim/ZombiesWon_.png
.png
植物大战僵尸修改器v2.6.0.5.exe
.exe windows:4 windows x86 arch:x86

63e15859e8e482dd4e089e87abc96e2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
FindClose
FindFirstFileA
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateEventA
lstrcpynA
SetLastError
FileTimeToLocalFileTime
SetStdHandle
IsBadCodePtr
IsBadReadPtr
CompareStringW
CompareStringA
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
LCMapStringW
LCMapStringA
SetEnvironmentVariableA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
TerminateProcess
GetLocalTime
GetSystemTime
FileTimeToSystemTime
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
ReadFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
CreateThread
GetTimeZoneInformation
RaiseException
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
GetFileSize
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
MulDiv
GetCommandLineA
GetTickCount
WaitForSingleObject
CloseHandle
InterlockedIncrement

user32

EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
SetClipboardData
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
OpenClipboard
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
GetClipboardData
CloseClipboard
wsprintfA
PostMessageA
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetActiveWindow
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
SetTimer
UnregisterHotKey
RegisterHotKey
CreateWindowExA
CallWindowProcA
TranslateMessage
LoadIconA
DrawFrameControl
DrawEdge
DrawFocusRect
WindowFromPoint
GetMessageA
DispatchMessageA
SetRectEmpty
RegisterClipboardFormatA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
GetDlgCtrlID
GetSubMenu
EnableMenuItem
ClientToScreen
EnumDisplaySettingsA
LoadImageA
SystemParametersInfoA
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
GetKeyState
CopyAcceleratorTableA
PostQuitMessage
IsZoomed
GetClassInfoA
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetForegroundWindow
GetLastActivePopup
GetMessageTime
RemovePropA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
UnregisterClassA
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
GetClassNameA
GetDesktopWindow
LoadStringA
GetSysColorBrush
DefWindowProcA
GetSystemMenu
DeleteMenu
GetMenu
SetMenu
PeekMessageA
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
ChildWindowFromPointEx
CopyRect
LoadBitmapA
WinHelpA
KillTimer

gdi32

ScaleWindowExtEx
TranslateCharsetInfo
CreateFontA
SetBkColor
CreateRectRgnIndirect
SetStretchBltMode
GetClipRgn
CreatePolygonRgn
SelectClipRgn
DeleteObject
CreateDIBitmap
GetSystemPaletteEntries
CreatePalette
StretchBlt
SelectPalette
RealizePalette
GetDIBits
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
BeginPath
EndPath
PathToRegion
CreateEllipticRgn
CreateRoundRectRgn
GetTextColor
GetBkMode
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
CreateCompatibleBitmap
CreateDCA
CreateBitmap
SelectObject
GetObjectA
CreatePen
PatBlt
CombineRgn
CreateRectRgn
FillRgn
CreateSolidBrush
GetStockObject
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
GetClipBox
ExcludeClipRect
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
LineTo
MoveToEx

winmm

midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader
waveOutOpen
waveOutGetNumDevs
waveOutClose
waveOutReset
waveOutPause
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueA
RegCreateKeyExA

shell32

ShellExecuteA
DragAcceptFiles
DragFinish
DragQueryFileA
Shell_NotifyIconA

ole32

OleUninitialize
OleInitialize
CLSIDFromString

oleaut32

UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_BeginDrag
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_DragShowNolock
ImageList_EndDrag
ord17

ws2_32

recvfrom
ioctlsocket
recv
getpeername
WSAAsyncSelect
accept
closesocket
WSACleanup
inet_ntoa

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Sections

.text
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
游玩前必读.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

33aada12073d335900f2dd1f5ac08eed

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

3c:61:df:38:d5:bb:38:36:a8:b4:4b:98:5c:50:44:79Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

wininet

winmm

wsock32

gdi42

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 284KB - Virtual size: 283KB

.data Size: 56KB - Virtual size: 787KB

.rsrc Size: 216KB - Virtual size: 215KB

33aada12073d335900f2dd1f5ac08eed

Headers

File Characteristics

Imports

kernel32

user32

wininet

winmm

wsock32

gdi42

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 283KB - Virtual size: 284KB

.data Size: 52KB - Virtual size: 788KB

.rsrc Size: 216KB - Virtual size: 215KB

.NewSec Size: 6.0MB - Virtual size: 6.0MB

33aada12073d335900f2dd1f5ac08eed

Headers

File Characteristics

Imports

kernel32

user32

wininet

winmm

wsock32

gdi42

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 283KB - Virtual size: 284KB

.data Size: 52KB - Virtual size: 788KB

.rsrc Size: 216KB - Virtual size: 215KB

.NewSec Size: 6.0MB - Virtual size: 6.0MB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

3c:61:df:38:d5:bb:38:36:a8:b4:4b:98:5c:50:44:79
Certificate

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 284KB - Virtual size: 283KB

.data
Size: 56KB - Virtual size: 787KB

.rsrc
Size: 216KB - Virtual size: 215KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 283KB - Virtual size: 284KB

.data
Size: 52KB - Virtual size: 788KB

.rsrc
Size: 216KB - Virtual size: 215KB

.NewSec
Size: 6.0MB - Virtual size: 6.0MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 283KB - Virtual size: 284KB

.data
Size: 52KB - Virtual size: 788KB

.rsrc
Size: 216KB - Virtual size: 215KB

.NewSec
Size: 6.0MB - Virtual size: 6.0MB

f7:f6:e6:cd:36:28:fa:98:bf:ce:b4:68:ae:e9:39:83
Certificate

1a:6e:54:ff:9f:9c:e0:f8:ea:cb:e7:a0:ab:56:9d:32
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

a5:2b:83:84:8c:2e:d6:e5:81:af:6b:db:69:f2:23:b9:ed:f1:4f:59:0d:df:5d:f5:94:1d:27:ed:e0:ee:73:10
Signer

UPX0
Size: - Virtual size: 7.1MB

UPX1
Size: 4.4MB - Virtual size: 4.4MB

.rsrc
Size: 111KB - Virtual size: 112KB

.rsrc
Size: 568B - Virtual size: 4KB

.rsrc
Size: 100KB - Virtual size: 100KB

.data
Size: 952KB - Virtual size: 952KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 23KB

.shared
Size: 512B - Virtual size: 2B

.rsrc
Size: 12KB - Virtual size: 11KB