E:\lith-lite\lith-lite\lith-lite\x64\Release\lith-lite.pdb
Static task
static1
1 signatures
General
-
Target
hacked client (rats) LMAO.rar
-
Size
3.2MB
-
MD5
a55de6377874e04f045b494b150f7461
-
SHA1
5d6f7ff63ef310229a2959351b3722ff625a7fd2
-
SHA256
4b1fa11e2e2e740b9e04c3f702deec49401e1024c314856f06c14f7ef36c29e4
-
SHA512
8b9f76529e760e407728be40f8578b77f7b3af93f8ec26a05a95a999d07466d07e837e914f2c816617490c1928dda8b571b488b498fd6b75d3af3229c7094ce0
-
SSDEEP
49152:ZMRWVF0x9bvFACZhTpAxN9QZjKfGocNQ78fk0ZpzK5pm2AY6VUnxtSZB98glGZbd:ZeVTUsZhNQ78M0jK1wVUnxo/G/scJF
Score
3/10
Malware Config
Signatures
-
Unsigned PE 7 IoCs
Checks for missing Authenticode signature.
resource unpack001/hacked client (rats) LMAO/Itami.exe unpack001/hacked client (rats) LMAO/Lithium-Lite.exe unpack001/hacked client (rats) LMAO/epic.exe unpack001/hacked client (rats) LMAO/icetea.exe unpack001/hacked client (rats) LMAO/koid.exe unpack001/hacked client (rats) LMAO/vega.exe unpack001/hacked client (rats) LMAO/zoomin.exe
Files
-
hacked client (rats) LMAO.rar.rar
-
hacked client (rats) LMAO/Itami.exe.exe windows:6 windows x64 arch:x64
d76f672ed6f495da4bb83044aeaf8537
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
d3d11
D3D11CreateDeviceAndSwapChain
d3dcompiler_47
D3DCompile
kernel32
GetModuleFileNameA
Process32First
WriteProcessMemory
GetCurrentProcess
OpenProcess
CreateToolhelp32Snapshot
Process32Next
CloseHandle
ReadProcessMemory
VirtualQueryEx
FindFirstFileA
FindNextFileA
FindClose
GetModuleHandleA
FreeConsole
QueryPerformanceCounter
GetCurrentProcessId
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcAddress
QueryPerformanceFrequency
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentThreadId
user32
GetClientRect
LoadCursorA
SetCursor
SetCapture
GetWindowThreadProcessId
DispatchMessageA
DestroyWindow
ShowWindow
GetAsyncKeyState
GetWindowTextA
DefWindowProcA
CreateWindowExA
TranslateMessage
SendMessageA
PeekMessageA
UnregisterClassA
GetWindowTextLengthA
FindWindowA
RegisterClassExA
UpdateWindow
GetKeyState
ReleaseCapture
GetForegroundWindow
CloseClipboard
EmptyClipboard
OpenClipboard
IsChild
GetClipboardData
SetClipboardData
ClientToScreen
GetCursorPos
GetCapture
ScreenToClient
SetCursorPos
advapi32
LookupPrivilegeValueA
CloseServiceHandle
OpenSCManagerA
OpenProcessToken
OpenServiceA
QueryServiceStatusEx
AdjustTokenPrivileges
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
xinput1_4
ord4
ord2
msvcp140
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
_Query_perf_frequency
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Random_device@std@@YAIXZ
_Cnd_do_broadcast_at_thread_exit
_Thrd_sleep
_Thrd_id
_Query_perf_counter
_Xtime_get_ticks
_Thrd_join
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memset
memmove
memcpy
memcmp
__C_specific_handler
__current_exception_context
__current_exception
__std_type_info_name
__std_type_info_compare
__std_exception_destroy
strstr
__std_terminate
_CxxThrowException
__std_exception_copy
memchr
api-ms-win-crt-stdio-l1-1-0
_get_stream_buffer_pointers
getchar
setvbuf
fgetpos
fsetpos
_fseeki64
fgetc
__stdio_common_vsprintf_s
ftell
fputc
__p__commode
_set_fmode
__acrt_iob_func
ungetc
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen
fwrite
fflush
fseek
fclose
api-ms-win-crt-string-l1-1-0
isalnum
strcmp
strncpy
api-ms-win-crt-utility-l1-1-0
rand
srand
qsort
api-ms-win-crt-heap-l1-1-0
free
_set_new_mode
_callnewh
malloc
api-ms-win-crt-convert-l1-1-0
strtoul
atof
strtof
api-ms-win-crt-runtime-l1-1-0
_get_initial_narrow_environment
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_cexit
exit
_beginthreadex
_crt_atexit
_register_onexit_function
terminate
_set_app_type
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_exit
api-ms-win-crt-math-l1-1-0
log2f
sinf
ceilf
ceil
acosf
sqrtf
cosf
powf
pow
floorf
fmodf
atan2f
log2
__setusermatherr
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_lock_file
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 318KB - Virtual size: 318KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 94KB - Virtual size: 94KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 316B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
hacked client (rats) LMAO/Lithium-Lite.exe.exe windows:6 windows x64 arch:x64
eba675b4d287f51402a7cf170e487e73
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
d3d11
D3D11CreateDeviceAndSwapChain
d3dcompiler_47
D3DCompile
wintrust
WinVerifyTrust
ntdll
RtlVirtualUnwind
NtQuerySystemInformation
RtlLookupFunctionEntry
RtlCaptureContext
kernel32
QueryPerformanceCounter
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
SetConsoleTitleA
GetCurrentProcess
SetConsoleScreenBufferSize
GetStdHandle
SetConsoleMode
GetConsoleCursorInfo
TerminateProcess
GetModuleFileNameW
K32GetModuleFileNameExW
GetVolumeInformationA
GetModuleHandleA
OpenProcess
GetConsoleMode
K32GetModuleFileNameExA
SetConsoleCursorInfo
QueryFullProcessImageNameA
CloseHandle
CreateThread
GetConsoleWindow
QueryFullProcessImageNameW
GetModuleFileNameA
Process32First
CreateToolhelp32Snapshot
Process32Next
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
VirtualQueryEx
GetExitCodeProcess
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
FreeLibrary
GetSystemTimeAsFileTime
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
EnterCriticalSection
WideCharToMultiByte
GlobalUnlock
LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
user32
GetClientRect
CloseClipboard
EmptyClipboard
SetClipboardData
OpenClipboard
GetCursorInfo
PostMessageA
SendMessageA
keybd_event
SetForegroundWindow
GetWindowThreadProcessId
WindowFromPoint
GetAsyncKeyState
GetSystemMenu
DispatchMessageA
GetWindowRect
DestroyWindow
SetWindowPos
ShowWindow
SetWindowLongA
GetWindowTextA
GetWindowLongA
DefWindowProcA
CreateWindowExA
TranslateMessage
PeekMessageA
UnregisterClassA
PostQuitMessage
GetDesktopWindow
GetClipboardData
FindWindowA
RegisterClassExA
UpdateWindow
GetKeyState
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
EnableMenuItem
GetCursorPos
SetCursorPos
ReleaseCapture
advapi32
LookupPrivilegeValueA
QueryServiceStatusEx
OpenProcessToken
OpenSCManagerA
CloseServiceHandle
AdjustTokenPrivileges
OpenServiceA
shell32
ShellExecuteA
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
msvcp140
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
??Bid@locale@std@@QEAA_KXZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
_Close_dir
_Open_dir
_Read_dir
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
_To_wide
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Random_device@std@@YAIXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
_Thrd_sleep
_Xtime_get_ticks
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
vcruntime140
__std_type_info_compare
__C_specific_handler
memset
_CxxThrowException
__std_exception_destroy
strstr
__std_terminate
__CxxFrameHandler3
__std_exception_copy
memcmp
memcpy
memmove
memchr
api-ms-win-crt-stdio-l1-1-0
__p__commode
__stdio_common_vfwprintf_s
_set_fmode
ftell
_get_stream_buffer_pointers
_fseeki64
fsetpos
ungetc
setvbuf
fgetpos
fgetc
fputc
__acrt_iob_func
fflush
fwrite
fclose
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen
fseek
api-ms-win-crt-string-l1-1-0
_stricmp
toupper
isprint
strcmp
strncpy
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
free
realloc
malloc
_set_new_mode
_callnewh
api-ms-win-crt-runtime-l1-1-0
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_initialize_narrow_environment
_seh_filter_exe
_set_app_type
terminate
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_errno
exit
_invalid_parameter_noinfo_noreturn
_wassert
_configure_narrow_argv
api-ms-win-crt-convert-l1-1-0
atof
strtol
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-math-l1-1-0
fmodf
floorf
acosf
sqrtf
logf
atan2f
log2
ceilf
sinf
powf
__setusermatherr
cosf
ceil
api-ms-win-crt-filesystem-l1-1-0
_lock_file
remove
_unlock_file
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-time-l1-1-0
_time64
Sections
.text Size: 433KB - Virtual size: 433KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 433KB - Virtual size: 433KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
hacked client (rats) LMAO/epic.exe.exe windows:6 windows x64 arch:x64
a08599a345be82fd3b030fa5c3b87d5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\epic\source\repos\external\x64\Release\external.pdb
Imports
d3d11
D3D11CreateDeviceAndSwapChain
d3dcompiler_47
D3DCompile
winmm
PlaySoundA
kernel32
QueryPerformanceCounter
WriteProcessMemory
OpenProcess
CloseHandle
CreateThread
ReadProcessMemory
GetModuleHandleA
GetConsoleWindow
GetModuleFileNameA
Process32First
GetCurrentProcess
TerminateProcess
CreateToolhelp32Snapshot
GetLastError
Process32Next
CreateProcessA
VirtualQueryEx
GetThreadTimes
SetEndOfFile
WriteConsoleW
HeapSize
CreateFileW
HeapReAlloc
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
GetProcAddress
QueryPerformanceFrequency
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
SetUnhandledExceptionFilter
GetFileSizeEx
GetConsoleCP
FlushFileBuffers
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
Sleep
LocalFree
FormatMessageA
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwindEx
RtlPcToFileHeader
RaiseException
FreeLibrary
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetFileType
GetCurrentThread
HeapAlloc
HeapFree
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
user32
GetKeyState
SetClipboardData
GetClipboardData
GetKeyNameTextA
MapVirtualKeyA
DestroyWindow
ShowWindow
DefWindowProcA
CreateWindowExA
PeekMessageA
UnregisterClassA
PostQuitMessage
RegisterClassExA
UpdateWindow
GetMessageA
DispatchMessageA
PostMessageA
CallNextHookEx
WindowFromPoint
GetAsyncKeyState
GetCursorInfo
SetWindowsHookExA
UnhookWindowsHookEx
TranslateMessage
FindWindowA
SendInput
EmptyClipboard
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
advapi32
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
xinput1_4
ord4
ord2
Sections
.text Size: 480KB - Virtual size: 479KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 576KB - Virtual size: 575KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 148B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
hacked client (rats) LMAO/icetea.exe.exe windows:6 windows x64 arch:x64
47d3c83fef3237b69b3ad220edbea196
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\hyeox\Desktop\imgui-master\examples\example_win32_directx9\Release\icetea_dx9_final.pdb
Imports
imm32
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
d3d9
Direct3DCreate9
kernel32
Process32Next
CloseHandle
DeleteCriticalSection
CreateProcessA
GetExitCodeProcess
SetConsoleCtrlHandler
WriteProcessMemory
GetConsoleScreenBufferInfo
SetConsoleTitleA
GetCurrentProcess
SetConsoleScreenBufferSize
CreateMutexA
GetModuleHandleA
GetSystemDirectoryA
LoadLibraryA
Beep
GetProcAddress
ReadProcessMemory
GetConsoleWindow
GetTickCount
VirtualQueryEx
LocalFree
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetLastError
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
FormatMessageA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameA
Process32First
GetStdHandle
InitializeCriticalSectionEx
GetVolumeInformationA
OpenProcess
CreateToolhelp32Snapshot
GetCurrentProcessId
user32
GetWindowThreadProcessId
GetSystemMenu
DispatchMessageA
GetWindowRect
DestroyWindow
GetDC
keybd_event
PostMessageA
DeleteMenu
ShowWindow
GetAsyncKeyState
GetWindowTextA
MapVirtualKeyA
DefWindowProcA
CreateWindowExA
TranslateMessage
SendMessageA
PeekMessageA
GetWindowTextLengthA
FindWindowA
RegisterClassExA
UpdateWindow
ReleaseDC
UnregisterClassA
GetKeyState
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
GetClipboardData
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
gdi32
SelectObject
DeleteDC
GetDeviceCaps
BitBlt
CreateCompatibleBitmap
DeleteObject
CreateCompatibleDC
GetDIBits
advapi32
OpenProcessToken
OpenServiceA
QueryServiceStatusEx
RegCloseKey
RegDeleteKeyExW
RegCreateKeyExW
RegDeleteValueW
AdjustTokenPrivileges
GetCurrentHwProfileA
CloseServiceHandle
LookupPrivilegeValueA
OpenSCManagerA
msvcp140
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Random_device@std@@YAIXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
_Query_perf_frequency
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Throw_Cpp_error@std@@YAXH@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Syserror_map@std@@YAPEBDH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_sleep
_Thrd_id
_Query_perf_counter
_Xtime_get_ticks
_Thrd_join
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
xinput1_4
ord4
ord2
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memchr
memcmp
memcpy
__std_terminate
strstr
memmove
_CxxThrowException
memset
__C_specific_handler
__current_exception
__std_exception_copy
__std_exception_destroy
__current_exception_context
api-ms-win-crt-stdio-l1-1-0
ungetc
_get_stream_buffer_pointers
ftell
_fseeki64
getchar
__acrt_iob_func
fgetc
__p__commode
__stdio_common_vsscanf
fread
setvbuf
__stdio_common_vsprintf
_wfopen
fwrite
_set_fmode
fgetpos
fseek
fclose
fflush
fsetpos
fputc
api-ms-win-crt-string-l1-1-0
isupper
strcmp
toupper
strncpy
api-ms-win-crt-utility-l1-1-0
rand
qsort
srand
api-ms-win-crt-heap-l1-1-0
_set_new_mode
_callnewh
malloc
free
api-ms-win-crt-runtime-l1-1-0
_seh_filter_exe
_set_app_type
_crt_atexit
_get_initial_narrow_environment
_initterm
_initterm_e
terminate
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_register_onexit_function
_wassert
_initialize_onexit_table
_beginthreadex
exit
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_cexit
_exit
_Exit
api-ms-win-crt-convert-l1-1-0
atof
atoi
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_unlink
_stat64i32
_lock_file
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-math-l1-1-0
ceilf
round
floorf
fmodf
acosf
sinf
log2
cosf
pow
atan2f
sqrtf
ceil
__setusermatherr
powf
api-ms-win-crt-time-l1-1-0
_time64
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 310KB - Virtual size: 309KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 306KB - Virtual size: 306KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 504B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
hacked client (rats) LMAO/koid.exe.exe windows:6 windows x64 arch:x64
6b5075b82f10534e3c23be1eaf3d1551
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Diego\Documents\01.source\02.koid\01.Client\koid\x64\Release\koid.pdb
Imports
d3d11
D3D11CreateDeviceAndSwapChain
ws2_32
getpeername
getsockname
ntohs
setsockopt
socket
WSAIoctl
getaddrinfo
freeaddrinfo
accept
listen
recvfrom
sendto
ioctlsocket
gethostname
htonl
connect
htons
ntohl
getsockopt
closesocket
bind
send
WSAStartup
WSACleanup
WSAGetLastError
recv
__WSAFDIsSet
select
WSASetLastError
wldap32
ord200
ord30
ord79
ord35
ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord45
ord60
ord143
ord211
ord46
ord301
crypt32
CertFreeCertificateContext
d3dcompiler_47
D3DCompile
imm32
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
kernel32
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForMultipleObjects
RtlVirtualUnwind
ReadFile
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
VerifyVersionInfoA
GetSystemDirectoryA
WaitForSingleObjectEx
FormatMessageA
SetLastError
GetLastError
SleepEx
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
ResetEvent
SetEvent
PeekNamedPipe
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
VerSetConditionMask
QueryPerformanceCounter
GetModuleHandleA
GetConsoleWindow
CloseHandle
CreateThread
Process32First
GetCurrentProcess
OpenProcess
CreateToolhelp32Snapshot
Process32Next
WriteProcessMemory
ReadProcessMemory
GetModuleFileNameA
TerminateProcess
GetCurrentProcessId
VirtualQueryEx
GetExitCodeProcess
GetTickCount64
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
FreeLibrary
Sleep
user32
GetWindowTextA
GetCursorInfo
PostMessageA
SendMessageA
keybd_event
SetForegroundWindow
GetWindowThreadProcessId
FindWindowA
WindowFromPoint
DispatchMessageA
GetWindowRect
DestroyWindow
SetWindowPos
ShowWindow
GetAsyncKeyState
SetWindowLongA
DefWindowProcA
CreateWindowExA
TranslateMessage
PeekMessageA
UnregisterClassA
PostQuitMessage
GetDesktopWindow
SetClipboardData
RegisterClassExA
UpdateWindow
GetKeyState
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
advapi32
CloseServiceHandle
OpenServiceA
QueryServiceStatusEx
OpenProcessToken
OpenSCManagerA
LookupPrivilegeValueA
CryptEncrypt
AdjustTokenPrivileges
ControlService
CryptAcquireContextA
CryptReleaseContext
CryptGenRandom
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptImportKey
msvcp140
_Close_dir
_Open_dir
_Read_dir
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
_To_wide
?_Random_device@std@@YAIXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
_Xtime_get_ticks
_Query_perf_counter
_Thrd_sleep
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Query_perf_frequency
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Xbad_alloc@std@@YAXXZ
xinput1_4
ord2
ord4
vcruntime140_1
__CxxFrameHandler4
vcruntime140
_CxxThrowException
__std_terminate
__C_specific_handler
__current_exception_context
__current_exception
memchr
memcmp
strrchr
memmove
memset
memcpy
__std_type_info_compare
__std_exception_copy
__std_exception_destroy
strchr
strstr
api-ms-win-crt-stdio-l1-1-0
fread
__stdio_common_vsprintf
fwrite
fseek
fclose
__stdio_common_vsscanf
_wfopen
_lseeki64
_read
_write
_close
_open
fflush
fopen
_get_stream_buffer_pointers
_fseeki64
_set_fmode
__acrt_iob_func
fsetpos
ungetc
setvbuf
ftell
fgetpos
__p__commode
fgetc
fputc
api-ms-win-crt-string-l1-1-0
isprint
_strdup
strncmp
tolower
isalpha
isgraph
islower
strncpy
isupper
isxdigit
strpbrk
isspace
toupper
isalnum
strcmp
isdigit
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
_set_new_mode
calloc
malloc
_callnewh
free
realloc
api-ms-win-crt-convert-l1-1-0
strtoul
atoi
atof
strtoll
strtol
api-ms-win-crt-runtime-l1-1-0
strerror
_invalid_parameter_noinfo_noreturn
exit
_beginthreadex
__sys_nerr
_getpid
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
terminate
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
__p___argc
_seh_filter_exe
_set_app_type
_initterm
_get_initial_narrow_environment
_errno
_initterm_e
_exit
api-ms-win-crt-math-l1-1-0
fmodf
floorf
powf
cosf
sinf
sqrtf
__setusermatherr
ceil
acosf
log2
atan2f
ceilf
pow
api-ms-win-crt-filesystem-l1-1-0
remove
_fstat64
_stat64
_unlock_file
_lock_file
_access
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-time-l1-1-0
_time64
_gmtime64
api-ms-win-crt-multibyte-l1-1-0
_mbspbrk
_mbsnbcpy
_mbschr
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 522KB - Virtual size: 522KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
hacked client (rats) LMAO/vega.exe.exe windows:6 windows x64 arch:x64
ccb4fa18bec40c1c0390cc7de45708ba
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\miss_\Documents\GitHub\Vega-Clicker\output\src.pdb
Imports
d3d9
Direct3DCreate9
kernel32
WideCharToMultiByte
GlobalUnlock
QueryPerformanceFrequency
GetProcAddress
QueryPerformanceCounter
GetModuleHandleW
GetConsoleWindow
GlobalFree
CloseHandle
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalAlloc
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GlobalLock
MultiByteToWideChar
InitOnceBeginInitialize
DeleteCriticalSection
InitOnceComplete
user32
DefWindowProcW
DestroyWindow
CreateWindowExW
UnregisterClassW
RegisterClassExW
ShowWindow
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
UpdateWindow
GetCursorPos
PostMessageA
GetAsyncKeyState
FindWindowA
GetKeyState
SetClipboardData
GetClipboardData
EmptyClipboard
SetCursorPos
ReleaseCapture
GetClientRect
SetCursor
SetCapture
LoadCursorW
GetForegroundWindow
IsChild
ClientToScreen
GetCapture
CloseClipboard
OpenClipboard
ScreenToClient
msvcp140
_Mtx_unlock
_Thrd_detach
_Cnd_wait
_Cnd_do_broadcast_at_thread_exit
_Cnd_broadcast
_Mtx_init_in_situ
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Cnd_register_at_thread_exit
_Cnd_destroy_in_situ
_Query_perf_frequency
_Thrd_sleep
_Query_perf_counter
_Xtime_get_ticks
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_LogWorkItemCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogWorkItemStarted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskExecutionCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogTaskCompleted@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
??0task_continuation_context@Concurrency@@AEAA@XZ
_Cnd_unregister_at_thread_exit
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_init_in_situ
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Throw_future_error@std@@YAXAEBVerror_code@1@@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
?_Rethrow_future_exception@std@@YAXVexception_ptr@1@@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Syserror_map@std@@YAPEBDH@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
_Mtx_destroy_in_situ
imm32
ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext
xinput1_4
ord2
ord4
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memchr
memcmp
_CxxThrowException
memset
__C_specific_handler
__current_exception_context
__current_exception
__std_exception_copy
__std_exception_destroy
memcpy
__std_terminate
memmove
_purecall
strstr
api-ms-win-crt-stdio-l1-1-0
_set_fmode
__stdio_common_vsprintf
fseek
fwrite
fflush
__acrt_iob_func
__p__commode
ftell
fclose
fread
__stdio_common_vsscanf
_wfopen
api-ms-win-crt-string-l1-1-0
strncpy
strcmp
api-ms-win-crt-utility-l1-1-0
rand
qsort
api-ms-win-crt-heap-l1-1-0
_set_new_mode
malloc
_callnewh
free
api-ms-win-crt-runtime-l1-1-0
__p___argv
__p___argc
_exit
_c_exit
_initterm_e
_initterm
_get_initial_narrow_environment
_set_app_type
exit
_seh_filter_exe
_invalid_parameter_noinfo_noreturn
terminate
system
_beginthreadex
abort
_cexit
_crt_atexit
_wassert
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback
_configure_narrow_argv
api-ms-win-crt-convert-l1-1-0
atof
api-ms-win-crt-math-l1-1-0
powf
atan2f
__setusermatherr
ceilf
acosf
logf
pow
cosf
fmodf
floorf
sqrtf
log
sinf
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 300KB - Virtual size: 299KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 278KB - Virtual size: 278KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
hacked client (rats) LMAO/zoomin.exe.exe windows:6 windows x64 arch:x64
39b71dbdc35267de98c2852438cb1a94
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\tuker\Downloads\imgui-master\examples\example_win32_directx9\Release\example_win32_directx9.pdb
Imports
d3d9
Direct3DCreate9
kernel32
LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
FreeLibrary
QueryPerformanceCounter
Sleep
OpenProcess
CreateThread
GetModuleFileNameA
WriteProcessMemory
GetModuleHandleA
CloseHandle
ReadProcessMemory
GetConsoleWindow
GlobalUnlock
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
InitializeSListHead
CreateProcessA
user32
SetCapture
SetCursor
SetClipboardData
GetClientRect
GetMessageA
DispatchMessageA
DestroyWindow
SetWindowPos
CallNextHookEx
ShowWindow
SetWindowsHookExA
MapVirtualKeyA
UnhookWindowsHookEx
DefWindowProcA
CreateWindowExA
TranslateMessage
mouse_event
PeekMessageA
UnregisterClassA
PostQuitMessage
RegisterClassExA
UpdateWindow
SendInput
GetWindowThreadProcessId
GetAsyncKeyState
FindWindowA
GetClipboardData
GetKeyState
LoadCursorA
ScreenToClient
EmptyClipboard
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
GetCapture
IsChild
ClientToScreen
GetForegroundWindow
imm32
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
msvcp140
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Random_device@std@@YAIXZ
??Bid@locale@std@@QEAA_KXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
ntdll
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
ZwReadVirtualMemory
ZwWriteVirtualMemory
ZwSetTimerResolution
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_exception_copy
__current_exception
__current_exception_context
__C_specific_handler
__std_exception_destroy
_CxxThrowException
strstr
__std_terminate
memcpy
memset
memchr
memcmp
memmove
api-ms-win-crt-stdio-l1-1-0
fwrite
fread
__p__commode
_set_fmode
__stdio_common_vfprintf
__stdio_common_vsscanf
_get_stream_buffer_pointers
fseek
fclose
fflush
__acrt_iob_func
_wfopen
ftell
_fseeki64
fsetpos
ungetc
setvbuf
fgetpos
fgetc
fputc
__stdio_common_vsprintf
api-ms-win-crt-string-l1-1-0
strncpy
strcmp
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-heap-l1-1-0
free
malloc
_set_new_mode
_callnewh
api-ms-win-crt-runtime-l1-1-0
_crt_atexit
_cexit
_register_onexit_function
_seh_filter_exe
_set_app_type
_initialize_onexit_table
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_configure_narrow_argv
terminate
exit
_invalid_parameter_noinfo_noreturn
_wassert
_initialize_narrow_environment
api-ms-win-crt-convert-l1-1-0
atof
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_lock_file
api-ms-win-crt-environment-l1-1-0
_dupenv_s
api-ms-win-crt-math-l1-1-0
fmodf
floorf
acosf
ceilf
logf
atan2f
sqrt
log2
sqrtf
ceil
log2f
sinf
powf
log
pow
__setusermatherr
cosf
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
Sections
.text Size: 289KB - Virtual size: 288KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 77KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 13KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 304B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ