HaxWare[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HaxWare.zip
Size

6.6MB
MD5

3eccfd05abe9deb8600e4ea87ffa858e
SHA1

6948d6a922bf5955a53934e958dc593a8cf66e3e
SHA256

925d35e4f28935d4bf26b122b7034907ac2f6ace81191c978eebe6f8769e5416
SHA512

93fc86e2e94276557d2c8b5037dddbc11aacaa5377a856c03d3d8bc1e049e1412def6e74f3c5073ab44004e0029ee2b935d4a40b12baace51d6f2284401a49b9
SSDEEP

98304:jRcUDxJaiFe5TxXxQHMl639gR0U/2v4FtPVK7k2pR13s5UfrRopVagB8WJhCU+cD:CUyiQBiHtm+ILVt2K5Uz+pk88ox+cLX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HaxWare.exe

Files

HaxWare.zip
.zip
HaxWare.exe
.exe windows:4 windows x64 arch:x64

eb085702d5338e568088edf6eb1c0148

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetStdHandle
GetConsoleMode
TlsGetValue
GetLastError
SetLastError
RaiseException
GetTickCount
ExitProcess
GetStartupInfoA
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
ReadProcessMemory
GetModuleFileNameA
GetModuleHandleA
WriteFile
ReadFile
CloseHandle
SetFilePointer
GetFileSize
SetEndOfFile
GetSystemInfo
LoadLibraryW
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageW
DeleteFileW
MoveFileW
CreateFileW
GetFileAttributesW
CreateDirectoryW
RemoveDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableW
GetConsoleOutputCP
GetOEMCP
GetProcessHeap
HeapAlloc
HeapFree
TlsAlloc
TlsSetValue
CreateThread
ExitThread
LocalAlloc
LocalFree
Sleep
SuspendThread
ResumeThread
TerminateThread
WaitForSingleObject
SetThreadPriority
GetThreadPriority
GetCurrentThread
OpenThread
IsDebuggerPresent
CreateEventA
ResetEvent
SetEvent
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetConsoleCP
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlUnwindEx
GetShortPathNameA
GetEnvironmentStringsA
FreeEnvironmentStringsA
FormatMessageA
CreateSemaphoreA
CreateFileMappingA
OpenFileMappingA
GetLogicalDriveStringsA
LoadLibraryExA
OutputDebugStringA
FindResourceA
FindResourceExA
EnumResourceTypesA
EnumResourceNamesA
EnumResourceLanguagesA
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
GlobalAddAtomA
GetTempPathA
GetWindowsDirectoryA
GetDiskFreeSpaceA
CreateFileA
CreateNamedPipeA
GetComputerNameA
CreateProcessA
GetVersionExA
CompareStringA
GetLocaleInfoA
GetDateFormatA
EnumCalendarInfoA
GetModuleFileNameW
GetCommandLineW
CreateProcessW
FindFirstFileW
FindNextFileW
CompareStringW
GetLocaleInfoW
GetDateFormatW
FindFirstFileExW
FreeResource
LockResource
GlobalAlloc
GlobalReAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalMemoryStatus
FlushInstructionCache
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualQuery
VirtualProtectEx
VirtualQueryEx
GetProcessAffinityMask
GetProcessWorkingSetSize
SetProcessWorkingSetSize
OpenProcess
TerminateProcess
SetProcessAffinityMask
GetExitCodeProcess
CreateRemoteThread
SetThreadAffinityMask
GetExitCodeThread
SetErrorMode
WriteProcessMemory
ReleaseSemaphore
WaitForMultipleObjects
LoadResource
SizeofResource
GlobalDeleteAtom
FlushFileBuffers
DeviceIoControl
FindClose
GetFileTime
SetFileTime
DuplicateHandle
MulDiv
GetLocalTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
FileTimeToDosDateTime
DosDateTimeToFileTime
CreatePipe
ConnectNamedPipe
DisconnectNamedPipe
PeekNamedPipe
MapViewOfFile
UnmapViewOfFile
SleepEx
WriteFileEx
QueryPerformanceCounter
QueryPerformanceFrequency
CancelIo
GetCPInfo
GetThreadLocale
SetThreadLocale
GetUserDefaultLCID
GetOverlappedResult
GetFileSizeEx
QueueUserAPC

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen
SafeArrayCreate
SafeArrayRedim
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayPtrOfIndex
VariantChangeTypeEx
VariantClear
VariantCopy
VariantInit

user32

MessageBoxA
CharUpperBuffW
CharLowerBuffW
RegisterWindowMessageA
PeekMessageA
SendMessageA
SendMessageTimeoutA
PostMessageA
PostThreadMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
UnregisterClassA
GetClassInfoA
RegisterClassExA
CreateWindowExA
SendDlgItemMessageA
RegisterClipboardFormatA
GetClipboardFormatNameA
CharToOemA
CharUpperA
CharUpperBuffA
CharLowerA
CharLowerBuffA
GetMenuItemInfoA
SetPropA
GetPropA
RemovePropA
EnumPropsA
GetWindowTextA
GetWindowTextLengthA
GetWindowLongA
SetWindowLongA
GetClassLongA
SetWindowLongPtrA
GetClassLongPtrA
SetClassLongPtrA
FindWindowA
GetClassNameA
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
SystemParametersInfoA
DispatchMessageW
PeekMessageW
SendMessageW
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
UnregisterClassW
GetClassInfoW
CreateWindowExW
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
DrawTextW
DrawStateW
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MessageBoxW
GetWindowLongPtrW
SetWindowLongPtrW
GetClassNameW
DefFrameProcW
DefMDIChildProcW
GetKeyboardLayout
TranslateMessage
UnregisterHotKey
AttachThreadInput
PostQuitMessage
GetDoubleClickTime
IsWindow
IsMenu
DestroyWindow
ShowWindow
ShowWindowAsync
ShowOwnedPopups
CloseWindow
MoveWindow
SetWindowPos
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsWindowVisible
IsIconic
BringWindowToTop
IsZoomed
GetDlgItem
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
CountClipboardFormats
EnumClipboardFormats
EmptyClipboard
IsClipboardFormatAvailable
SetFocus
GetActiveWindow
GetFocus
GetKeyState
GetAsyncKeyState
GetKeyboardState
ToAscii
keybd_event
mouse_event
GetCapture
SetCapture
ReleaseCapture
MsgWaitForMultipleObjects
SetTimer
KillTimer
EnableWindow
IsWindowEnabled
GetSystemMetrics
GetMenu
SetMenu
DrawMenuBar
GetSystemMenu
CreateMenu
CreatePopupMenu
DestroyMenu
EnableMenuItem
GetSubMenu
GetMenuItemCount
RemoveMenu
DeleteMenu
GetMenuItemRect
UpdateWindow
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
WindowFromDC
GetDC
GetDCEx
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
SetWindowRgn
InvalidateRect
InvalidateRgn
RedrawWindow
LockWindowUpdate
ScrollWindow
ScrollDC
ScrollWindowEx
ShowScrollBar
EnableScrollBar
GetClientRect
GetWindowRect
AdjustWindowRectEx
MessageBeep
SetCursorPos
SetCursor
GetCursorPos
CreateCaret
GetCaretBlinkTime
DestroyCaret
HideCaret
ShowCaret
SetCaretPos
GetCaretPos
ClientToScreen
ScreenToClient
MapWindowPoints
WindowFromPoint
GetSysColor
GetSysColorBrush
SetSysColors
DrawFocusRect
FillRect
FrameRect
SetRect
InflateRect
IntersectRect
SubtractRect
OffsetRect
IsRectEmpty
PtInRect
GetDesktopWindow
GetParent
SetParent
EnumChildWindows
EnumThreadWindows
GetTopWindow
GetWindowThreadProcessId
GetLastActivePopup
GetWindow
CallNextHookEx
DestroyCursor
DestroyIcon
CopyImage
CreateIconIndirect
GetIconInfo
SetScrollInfo
GetScrollInfo
TranslateMDISysAccel
DrawEdge
DrawFrameControl
TrackPopupMenuEx
ChildWindowFromPointEx
DrawIconEx
FlashWindowEx
SetLayeredWindowAttributes
GetComboBoxInfo
SetMenuInfo
AllowSetForegroundWindow

advapi32

LookupAccountSidA
LookupPrivilegeValueA
RegQueryInfoKeyA
OpenSCManagerA
StartServiceA
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
ChangeServiceConfigW
CreateServiceW
OpenServiceW
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
AllocateAndInitializeSid
SetKernelObjectSecurity
RegCloseKey
RegFlushKey
CloseServiceHandle
ConvertStringSecurityDescriptorToSecurityDescriptorA

gdi32

CreateFontIndirectA
EnumFontFamiliesA
GetCharABCWidthsA
GetTextExtentPointA
GetTextMetricsA
GetObjectA
ExtTextOutA
CreateFontIndirectW
EnumFontFamiliesExW
GetCharABCWidthsW
GetTextExtentPointW
GetTextExtentPoint32W
GetTextExtentExPointW
GetObjectW
TextOutW
ExtTextOutW
GetRandomRgn
Arc
BitBlt
Chord
CombineRgn
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateEllipticRgn
CreatePen
CreatePenIndirect
CreatePatternBrush
CreateRectRgn
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
EqualRgn
ExcludeClipRect
ExtCreateRegion
ExtFloodFill
FillRgn
GetROP2
GetBkColor
GetBitmapBits
GetClipBox
GetClipRgn
GetCurrentObject
GetDeviceCaps
GetDIBits
GetMapMode
GetObjectType
GetPixel
GetRegionData
GetRgnBox
GetStockObject
GetTextAlign
GetTextColor
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LineTo
MaskBlt
OffsetRgn
PatBlt
Pie
PaintRgn
PtInRegion
RectInRegion
RectVisible
Rectangle
RestoreDC
RealizePalette
RoundRect
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetPixel
SetPolyFillMode
StretchBlt
SetRectRgn
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
CreateDIBSection
SetArcDirection
ExtCreatePen
MoveToEx
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
SetBrushOrgEx
GetDCOrgEx
GdiFlush
ChoosePixelFormat
SetPixelFormat
SwapBuffers
AddFontMemResourceEx
RemoveFontMemResourceEx

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

shell32

DragQueryFileA
ExtractIconA
ShellExecuteA
Shell_NotifyIconA
DragQueryFileW
Shell_NotifyIconW
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW

opengl32

wglUseFontBitmapsA
wglCreateContext
wglMakeCurrent
wglGetProcAddress

ole32

CoCreateGuid
CoTaskMemFree
OleInitialize
OleUninitialize
RegisterDragDrop
RevokeDragDrop
DoDragDrop
OleSetClipboard
OleGetClipboard
ReleaseStgMedium
CreateStreamOnHGlobal
CoUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromProgID
CoInitialize
CoTaskMemAlloc
CreateDataAdviseHolder
GetErrorInfo

comctl32

InitCommonControls
ImageList_Create
ImageList_Destroy
ImageList_GetImageCount
ImageList_SetImageCount
ImageList_Add
ImageList_Replace
ImageList_AddMasked
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Remove
ImageList_Copy
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
_TrackMouseEvent

imm32

ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME

comdlg32

ChooseColorA
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

ntdll

ZwCreateSection
ZwMapViewOfSection
NtResumeProcess
NtSuspendProcess
ZwUnmapViewOfSection
RtlCompareMemory

ws2_32

__WSAFDIsSet
accept
bind
closesocket
connect
ioctlsocket
getpeername
htons
listen
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket
WSAStartup
WSACleanup
WSAGetLastError

wsock32

closesocket
ioctlsocket
select
gethostbyaddr
gethostbyname
WSAStartup

uxtheme

OpenThemeData
CloseThemeData
GetThemeColor
SetWindowTheme

psapi

GetMappedFileNameA
GetDeviceDriverFileNameA

hhctrl.ocx

HtmlHelpA

winmm

timeGetTime

lua53-64

lua_close
lua_newthread
lua_atpanic
lua_rotate
lua_rawlen
lua_absindex
lua_gettop
lua_settop
lua_pushvalue
lua_checkstack
lua_isnumber
lua_isinteger
lua_isstring
lua_iscfunction
lua_isuserdata
lua_type
lua_tonumberx
lua_tointegerx
lua_toboolean
lua_tolstring
lua_tocfunction
lua_touserdata
lua_topointer
lua_pushnil
lua_pushnumber
lua_pushinteger
lua_pushlstring
lua_pushstring
lua_pushcclosure
lua_pushboolean
lua_pushlightuserdata
lua_gettable
lua_rawgeti
lua_createtable
lua_newuserdata
lua_getmetatable
lua_settable
lua_rawseti
lua_setmetatable
lua_callk
lua_pcallk
lua_load
lua_dump
lua_gc
lua_error
lua_next
lua_setglobal
lua_getglobal
lua_getinfo
lua_getlocal
lua_sethook
luaL_openlibs
luaL_argerror
luaL_ref
luaL_unref
luaL_loadfilex
luaL_loadstring
luaL_newstate

wininet

InternetOpenA
InternetCloseHandle
InternetConnectA
InternetOpenUrlA
InternetReadFile
InternetQueryDataAvailable
HttpOpenRequestA
HttpSendRequestA

Sections

.text
Size: 7.8MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1023KB - Virtual size: 1022KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 430KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 586KB - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lua53-32.dll
.dll windows:5 windows x86 arch:x86

3991c01e50953690ce06a82b4aab452d

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2021, 18:52

Not After

04/07/2022, 16:21

Subject

SERIALNUMBER=50212036,CN=Cheat Engine,O=Cheat Engine,STREET=Irenelaan 24,L=Waalre,ST=Noord-Brabant,C=NL,1.3.6.1.4.1.311.60.2.1.3=#13024e4c,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27/05/2021, 09:55

Not After

28/06/2032, 09:55

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2021, 18:52

Not After

04/07/2022, 16:21

Subject

SERIALNUMBER=50212036,CN=Cheat Engine,O=Cheat Engine,STREET=Irenelaan 24,L=Waalre,ST=Noord-Brabant,C=NL,1.3.6.1.4.1.311.60.2.1.3=#13024e4c,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27/05/2021, 09:55

Not After

28/06/2032, 09:55

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

66:f1:82:b9:ac:cb:79:f5:91:30:16:5e:f7:1d:55:44:76:8b:4c:b7:eb:fa:3a:28:1b:2b:36:3d:99:e1:ae:e6
Signer

Actual PE Digest

66:f1:82:b9:ac:cb:79:f5:91:30:16:5e:f7:1d:55:44:76:8b:4c:b7:eb:fa:3a:28:1b:2b:36:3d:99:e1:ae:e6

Digest Algorithm

sha256

PE Digest Matches

true

b7:e3:aa:fa:3a:68:03:ad:48:ef:fc:5e:b7:36:a9:f6:9a:06:cc:08
Signer

Actual PE Digest

b7:e3:aa:fa:3a:68:03:ad:48:ef:fc:5e:b7:36:a9:f6:9a:06:cc:08

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\git\cheat-engine\Cheat Engine\bin\lua53-32.pdb

Imports

kernel32

GetModuleFileNameA
LoadLibraryExA
GetLastError
GetProcAddress
FreeLibrary
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
CloseHandle
DuplicateHandle
CreateProcessA
GetTempPathW
ReadFile
ExitProcess
GetModuleHandleExW
QueryPerformanceFrequency
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapReAlloc
GetACP
ReadConsoleW
WaitForSingleObject
GetExitCodeProcess
GetFileAttributesExW
CreatePipe
CreateFileW
SetFilePointerEx
GetStringTypeW
DeleteFileW
GetTimeZoneInformation
MoveFileExW
GetCPInfo
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
SetStdHandle
WriteConsoleW
HeapSize
SetEndOfFile
DecodePointer

Exports

Exports

luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_buffinitsize
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_checkversion_
luaL_error
luaL_execresult
luaL_fileresult
luaL_getmetafield
luaL_getsubtable
luaL_gsub
luaL_len
luaL_loadbufferx
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlib
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffsize
luaL_pushmodule
luaL_pushresult
luaL_pushresultsize
luaL_ref
luaL_requiref
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_tolstring
luaL_traceback
luaL_unref
luaL_where
lua_absindex
lua_arith
lua_atpanic
lua_callk
lua_checkstack
lua_close
lua_compare
lua_concat
lua_copy
lua_createtable
lua_dump
lua_error
lua_gc
lua_getallocf
lua_getfield
lua_getglobal
lua_gethook
lua_gethookcount
lua_gethookmask
lua_geti
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_getuservalue
lua_iscfunction
lua_isinteger
lua_isnumber
lua_isstring
lua_isuserdata
lua_isyieldable
lua_len
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_pcallk
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawgetp
lua_rawlen
lua_rawset
lua_rawseti
lua_rawsetp
lua_resume
lua_rotate
lua_setallocf
lua_setfield
lua_setglobal
lua_sethook
lua_seti
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_setuservalue
lua_status
lua_stringtonumber
lua_toboolean
lua_tocfunction
lua_tointegerx
lua_tolstring
lua_tonumberx
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_xmove
lua_yieldk
luaopen_base
luaopen_bit32
luaopen_coroutine
luaopen_debug
luaopen_io
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table
luaopen_utf8

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lua53-64.dll
.dll windows:5 windows x64 arch:x64

779703c2d47ce86829a9221b077786f6

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2021, 18:52

Not After

04/07/2022, 16:21

Subject

SERIALNUMBER=50212036,CN=Cheat Engine,O=Cheat Engine,STREET=Irenelaan 24,L=Waalre,ST=Noord-Brabant,C=NL,1.3.6.1.4.1.311.60.2.1.3=#13024e4c,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27/05/2021, 09:55

Not After

28/06/2032, 09:55

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2021, 18:52

Not After

04/07/2022, 16:21

Subject

SERIALNUMBER=50212036,CN=Cheat Engine,O=Cheat Engine,STREET=Irenelaan 24,L=Waalre,ST=Noord-Brabant,C=NL,1.3.6.1.4.1.311.60.2.1.3=#13024e4c,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

27/05/2021, 09:55

Not After

28/06/2032, 09:55

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

81:24:f5:6e:29:14:f8:4e:f1:41:77:d6:d5:6f:d1:de:1e:6f:c9:aa:eb:80:59:e4:25:e8:0a:a4:2e:7e:d4:28
Signer

Actual PE Digest

81:24:f5:6e:29:14:f8:4e:f1:41:77:d6:d5:6f:d1:de:1e:6f:c9:aa:eb:80:59:e4:25:e8:0a:a4:2e:7e:d4:28

Digest Algorithm

sha256

PE Digest Matches

true

63:38:84:cf:4a:92:39:93:31:3d:d1:94:0f:fe:b6:98:63:14:7b:89
Signer

Actual PE Digest

63:38:84:cf:4a:92:39:93:31:3d:d1:94:0f:fe:b6:98:63:14:7b:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\git\cheat-engine\Cheat Engine\bin\lua53-64.pdb

Imports

kernel32

GetModuleFileNameA
LoadLibraryExA
GetLastError
GetProcAddress
FreeLibrary
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
SetLastError
EncodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RtlPcToFileHeader
CloseHandle
DuplicateHandle
CreateProcessA
GetTempPathW
ReadFile
ExitProcess
GetModuleHandleExW
QueryPerformanceFrequency
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapReAlloc
GetACP
ReadConsoleW
WaitForSingleObject
GetExitCodeProcess
GetFileAttributesExW
CreatePipe
CreateFileW
SetFilePointerEx
GetStringTypeW
DeleteFileW
GetTimeZoneInformation
MoveFileExW
GetCPInfo
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
SetStdHandle
WriteConsoleW
HeapSize
SetEndOfFile
RtlUnwind

Exports

Exports

?luaL_buffinit@@YAXPEAUlua_State@@PEAUluaL_Buffer@@@Z
?luaL_openlib@@YAXPEAUlua_State@@PEBDPEBUluaL_Reg@@H@Z
?luaL_pushmodule@@YAXPEAUlua_State@@PEBDH@Z
luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinitsize
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_checkversion_
luaL_error
luaL_execresult
luaL_fileresult
luaL_getmetafield
luaL_getsubtable
luaL_gsub
luaL_len
luaL_loadbufferx
luaL_loadfilex
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffsize
luaL_pushresult
luaL_pushresultsize
luaL_ref
luaL_requiref
luaL_setfuncs
luaL_setmetatable
luaL_testudata
luaL_tolstring
luaL_traceback
luaL_unref
luaL_where
lua_absindex
lua_arith
lua_atpanic
lua_callk
lua_checkstack
lua_close
lua_compare
lua_concat
lua_copy
lua_createtable
lua_dump
lua_error
lua_gc
lua_getallocf
lua_getfield
lua_getglobal
lua_gethook
lua_gethookcount
lua_gethookmask
lua_geti
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_getuservalue
lua_iscfunction
lua_isinteger
lua_isnumber
lua_isstring
lua_isuserdata
lua_isyieldable
lua_len
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_pcallk
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawgetp
lua_rawlen
lua_rawset
lua_rawseti
lua_rawsetp
lua_resume
lua_rotate
lua_setallocf
lua_setfield
lua_setglobal
lua_sethook
lua_seti
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_setuservalue
lua_status
lua_stringtonumber
lua_toboolean
lua_tocfunction
lua_tointegerx
lua_tolstring
lua_tonumberx
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_upvalueid
lua_upvaluejoin
lua_version
lua_xmove
lua_yieldk
luaopen_base
luaopen_bit32
luaopen_coroutine
luaopen_debug
luaopen_io
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table
luaopen_utf8

Sections

.text
Size: 374KB - Virtual size: 374KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
main.lua
.js

Sharing

General

Malware Config

Signatures

Files

eb085702d5338e568088edf6eb1c0148

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

advapi32

gdi32

version

shell32

opengl32

ole32

comctl32

imm32

comdlg32

ntdll

ws2_32

wsock32

uxtheme

psapi

hhctrl.ocx

winmm

lua53-64

wininet

Sections

.text Size: 7.8MB - Virtual size: 7.8MB

.data Size: 1023KB - Virtual size: 1022KB

.rdata Size: 6.1MB - Virtual size: 6.1MB

.pdata Size: 430KB - Virtual size: 429KB

.bss Size: - Virtual size: 1.1MB

.CRT Size: 512B - Virtual size: 24B

.idata Size: 25KB - Virtual size: 24KB

.rsrc Size: 586KB - Virtual size: 585KB

/4 Size: 512B - Virtual size: 28B

3991c01e50953690ce06a82b4aab452d

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9fCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9fCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

.text
Size: 7.8MB - Virtual size: 7.8MB

.data
Size: 1023KB - Virtual size: 1022KB

.rdata
Size: 6.1MB - Virtual size: 6.1MB

.pdata
Size: 430KB - Virtual size: 429KB

.bss
Size: - Virtual size: 1.1MB

.CRT
Size: 512B - Virtual size: 24B

.idata
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 586KB - Virtual size: 585KB

/4
Size: 512B - Virtual size: 28B

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

66:f1:82:b9:ac:cb:79:f5:91:30:16:5e:f7:1d:55:44:76:8b:4c:b7:eb:fa:3a:28:1b:2b:36:3d:99:e1:ae:e6
Signer

b7:e3:aa:fa:3a:68:03:ad:48:ef:fc:5e:b7:36:a9:f6:9a:06:cc:08
Signer

.text
Size: 328KB - Virtual size: 327KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 13KB - Virtual size: 12KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

30:38:81:1f:dd:43:0a:77:db:5b:3c:c2
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

01:00:46:69:50:a6:04:a9:d9:70:e8:1d:d2:4d:41:9f
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

81:24:f5:6e:29:14:f8:4e:f1:41:77:d6:d5:6f:d1:de:1e:6f:c9:aa:eb:80:59:e4:25:e8:0a:a4:2e:7e:d4:28
Signer

63:38:84:cf:4a:92:39:93:31:3d:d1:94:0f:fe:b6:98:63:14:7b:89
Signer