General

Malware Config

Signatures

Files

• d6a0cc984e26284450ad55e61a1fd0ac_JaffaCakes118

  .dll windows:6 windows x64 arch:x64

  9e6b666c04c72594e8524ee9a348ffeb

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  PDB Paths

  C:\Users\Twent\Desktop\CheatEvolution\New folder\DeceitInternal - Copy\D3D11Hook\x64\Release\CumOnMeDaddy.pdb

  Imports

  kernel32

  GetModuleHandleA

  OpenProcess

  CreateToolhelp32Snapshot

  Sleep

  DisableThreadLibraryCalls

  Process32Next

  CloseHandle

  CreateThread

  ReadProcessMemory

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  GetLastError

  LoadLibraryA

  GetProcAddress

  DeleteCriticalSection

  FreeLibrary

  VirtualFree

  VirtualAlloc

  GetSystemInfo

  VirtualQuery

  HeapCreate

  HeapFree

  GetCurrentProcess

  Thread32Next

  Module32First

  GetCurrentThreadId

  SuspendThread

  ResumeThread

  HeapReAlloc

  HeapAlloc

  HeapDestroy

  GetThreadContext

  GetCurrentProcessId

  FlushInstructionCache

  SetThreadContext

  OpenThread

  IsDebuggerPresent

  InitializeSListHead

  GetSystemTimeAsFileTime

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  Module32Next

  GetModuleFileNameA

  VirtualProtect

  WriteProcessMemory

  lstrcmpA

  Process32First

  Thread32First

  user32

  GetWindowThreadProcessId

  MessageBoxA

  CreateWindowExA

  GetWindowLongPtrA

  FindWindowA

  RegisterClassExA

  DefWindowProcA

  FillRect

  SetRect

  GetAsyncKeyState

  gdi32

  DeleteObject

  CreateSolidBrush

  GetObjectA

  GetCurrentObject

  msvcp140

  ?_Xlength_error@std@@YAXPEBD@Z

  d3dcompiler_47

  D3DCompile

  d3d11

  D3D11CreateDeviceAndSwapChain

  vcruntime140

  __std_type_info_destroy_list

  memmove

  memcpy

  __CxxFrameHandler3

  __std_terminate

  _CxxThrowException

  __std_exception_destroy

  _purecall

  __std_exception_copy

  __C_specific_handler

  memset

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vsprintf_s

  __stdio_common_vswprintf

  api-ms-win-crt-runtime-l1-1-0

  _configure_narrow_argv

  _invalid_parameter_noinfo_noreturn

  _cexit

  _execute_onexit_table

  _initialize_onexit_table

  _initialize_narrow_environment

  _seh_filter_dll

  _initterm_e

  _initterm

  api-ms-win-crt-heap-l1-1-0

  _callnewh

  malloc

  free

  api-ms-win-crt-math-l1-1-0

  floorf

  sqrtf

  ceilf

  Exports

  Exports

  FW1CreateFactory

  Sections

  .text

  Size: 85KB - Virtual size: 84KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 31KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 672B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ