3d347b167454f837aaffc1a2f03b41ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d347b167454f837aaffc1a2f03b41ea_JaffaCakes118
Size

6.9MB
MD5

3d347b167454f837aaffc1a2f03b41ea
SHA1

2d64b19c857d9fd646953c51dcdb8534fccee4ea
SHA256

847062a92a1a0d7652e83d83f35d8da668f8008cdf9cf7566b718f34390c19ed
SHA512

27743b0932df81f7169ddc1c96dcc2e4a2ee8b206dc05540f06193c628425fb4094874d8e5734a28c31f803fe0193332650c18a6dcedbc0ca77ecf831ff66124
SSDEEP

196608:Ib+TO9tEK0B5C7quoD6c87qxKsA/nDIbj25qYOeF5a:zOzUBU7qugsmxKJnskoe5a

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/uMod游戏材质替换工具/d3d9.dll
unpack001/uMod游戏材质替换工具/uMod.exe
unpack001/uMod游戏材质替换工具/uMod_d3d9_DI.dll
unpack001/uMod游戏材质替换工具/uMod_d3d9_HI.dll

Files

3d347b167454f837aaffc1a2f03b41ea_JaffaCakes118
.rar
uMod游戏材质替换工具/ALI213.txt
uMod游戏材质替换工具/d3d9.dll
.dll windows:5 windows x86 arch:x86

f8e9fc1d6b173fb22c04aab1795b71e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d3dx9_43

D3DXMatrixScaling
D3DXCreateFontA
D3DXCreateSprite
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateTextureFromFileInMemoryEx
D3DXSaveTextureToFileW
D3DXCreateVolumeTextureFromFileInMemoryEx

user32

GetAsyncKeyState

kernel32

InterlockedIncrement
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
WaitForSingleObject
CreateMutexA
ReleaseMutex
CloseHandle
WriteFile
ReadFile
CreateFileW
DisconnectNamedPipe
FlushFileBuffers
GetLastError
GetModuleFileNameW
DisableThreadLibraryCalls
GetModuleHandleA
CreateThread
FreeLibrary
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
DecodePointer
EncodePointer
GetCurrentThreadId
GetCommandLineA
GetStdHandle
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapAlloc
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
HeapReAlloc

Exports

Exports

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_QueryRepeatFrame
D3DPERF_SetMarker
D3DPERF_SetOptions
D3DPERF_SetRegion
Direct3DCreate9
Direct3DCreate9Ex

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uMod游戏材质替换工具/languages/Example_uMod_LanguagePack_English.txt
uMod游戏材质替换工具/languages/uMod_LanguagePackU_Chinese.txt.txt
uMod游戏材质替换工具/languages/uMod_LanguagePackU_Deutsch.txt
uMod游戏材质替换工具/languages/uMod_LanguagePackU_French.txt
uMod游戏材质替换工具/languages/uMod_LanguagePackU_Russian.txt
uMod游戏材质替换工具/languages/uMod_LanguagePack_Italian.txt
uMod游戏材质替换工具/templates/auto_save/2108660352_uMod.txt
uMod游戏材质替换工具/templates/uMod.txt
uMod游戏材质替换工具/uMod.exe
.exe windows:5 windows x86 arch:x86

d19e96afc09701a113fe3081593371ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
LCMapStringW
GetOEMCP
GetTickCount
SetHandleCount
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetTimeZoneInformation
MoveFileW
InitializeCriticalSectionAndSpinCount
SetStdHandle
ExitThread
GetConsoleMode
GetConsoleCP
DeleteFileW
GetDateFormatW
GetTimeFormatW
HeapReAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
EncodePointer
DecodePointer
RtlUnwind
SetEnvironmentVariableA
SetEnvironmentVariableW
GetLocaleInfoA
EnumSystemLocalesA
CompareStringW
SetEndOfFile
lstrlenA
RaiseException
FindNextFileW
GetLogicalDriveStringsW
GetDriveTypeW
InterlockedExchange
CreateThread
SetEvent
WaitForMultipleObjects
ExpandEnvironmentStringsW
GetSystemTimeAsFileTime
GetFileTime
GetTempFileNameW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
OutputDebugStringW
GetTempPathW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
GetACP
TerminateProcess
GetModuleFileNameW
GetModuleHandleW
IsValidCodePage
GetCPInfo
GetCurrentProcessId
GetEnvironmentVariableW
QueryPerformanceFrequency
QueryPerformanceCounter
LocalFree
CopyFileW
GetFileType
GetExitCodeThread
ExitProcess
TlsAlloc
TlsSetValue
TlsGetValue
TerminateThread
SetThreadPriority
TlsFree
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
Sleep
SetCurrentDirectoryW
GlobalAlloc
GlobalFree
HeapSize
GlobalLock
GlobalSize
GlobalUnlock
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetErrorMode
GetStdHandle
ReadConsoleOutputCharacterA
FreeConsole
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
FillConsoleOutputCharacterW
WriteConsoleW
WriteConsoleA
GetVersionExW
GetCommandLineW
GetCurrentThreadId
SetLastError
MulDiv
FlushFileBuffers
DisconnectNamedPipe
CreateNamedPipeW
ConnectNamedPipe
CreateMutexW
CreateProcessW
ResumeThread
GetLastError
FormatMessageW
FreeLibrary
LoadLibraryW
GetProcAddress
GetProcessHeap
HeapAlloc
VirtualAllocEx
VirtualProtectEx
WriteProcessMemory
FlushInstructionCache
HeapFree
CreateRemoteThread
WaitForSingleObject
VirtualFreeEx
WriteFile
SetFileTime
GetCurrentDirectoryW
GetFileAttributesW
CreateDirectoryW
WideCharToMultiByte
MultiByteToWideChar
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
CloseHandle
CreateFileW
GetFullPathNameW
SetFilePointer

user32

IsClipboardFormatAvailable
EnumDisplaySettingsW
ChangeDisplaySettingsW
FindWindowExW
ValidateRgn
ChildWindowFromPoint
EndPaint
BeginPaint
GetWindowDC
PostThreadMessageW
ValidateRect
DestroyCursor
TranslateAcceleratorW
CreateAcceleratorTableW
DestroyAcceleratorTable
DrawIconEx
GetWindowTextW
GetClassNameW
MessageBeep
GetDialogBaseUnits
GetClipboardFormatNameW
RegisterClipboardFormatW
UnionRect
CreateIconIndirect
LoadImageW
GetIconInfo
LoadBitmapW
LoadIconW
DrawFocusRect
OffsetRect
CopyRect
DrawTextW
keybd_event
GetWindowTextLengthW
HideCaret
DestroyIcon
GetDoubleClickTime
ModifyMenuW
InsertMenuItemW
InsertMenuW
CreatePopupMenu
CreateMenu
AppendMenuW
RemoveMenu
GetSubMenu
DestroyMenu
LoadCursorW
MsgWaitForMultipleObjects
MessageBoxW
DrawEdge
DrawStateW
SetRect
SetMenuItemInfoW
GetSysColorBrush
CheckMenuRadioItem
CheckMenuItem
GetMenuState
SetWindowRgn
GetDlgItem
CreateDialogParamW
InflateRect
GetSysColor
IsWindow
GetMenuItemCount
GetMenuItemInfoW
GetUpdateRgn
CallWindowProcW
SetWindowsHookExW
BeginDeferWindowPos
wsprintfW
SendMessageW
GetClassInfoW
UnregisterClassW
ShowCursor
AdjustWindowRectEx
KillTimer
SetTimer
DdeFreeStringHandle
EndDeferWindowPos
FillRect
InvalidateRect
IsDialogMessageW
TrackPopupMenu
PtInRect
SetCursor
GetCapture
CallNextHookEx
UnhookWindowsHookEx
UnregisterHotKey
RegisterHotKey
ChildWindowFromPointEx
GetWindow
GetActiveWindow
SystemParametersInfoW
GetMessageTime
MapWindowPoints
IsWindowEnabled
IsWindowVisible
DeferWindowPos
RegisterClassW
GetWindowRect
PostMessageW
SetMenu
CreateWindowExW
BringWindowToTop
ShowWindow
SetForegroundWindow
IsZoomed
IsIconic
GetWindowPlacement
GetSystemMetrics
DrawMenuBar
EnableMenuItem
GetSystemMenu
DdeUninitialize
DdeQueryStringW
DdeFreeDataHandle
DdeGetData
DdeCreateDataHandle
DdeGetLastError
DdeInitializeW
DdeDisconnect
DdeClientTransaction
DdeCreateStringHandleW
DdeNameService
DdeConnect
DdePostAdvise
DrawFrameControl
ClientToScreen
ScreenToClient
UpdateWindow
RedrawWindow
SetParent
WindowFromPoint
GetParent
ScrollWindow
EnableScrollBar
SetScrollInfo
GetScrollInfo
SetCursorPos
ReleaseCapture
SetCapture
EnableWindow
SetFocus
GetFocus
GetClientRect
GetKeyState
GetAsyncKeyState
VkKeyScanW
MapVirtualKeyW
GetDC
ReleaseDC
PeekMessageW
DispatchMessageW
TranslateMessage
PostQuitMessage
GetCursorPos
GetMessagePos
CreateDialogIndirectParamW
SetWindowTextW
MoveWindow
FlashWindow
GetWindowLongW
SetWindowLongW
GetDesktopWindow
SetWindowPos
DefWindowProcW
DestroyWindow
GetMessageW

gdi32

SetViewportExtEx
SetMapMode
SelectClipRgn
GetBkColor
Arc
Pie
Polygon
SetPolyFillMode
PolyPolygon
Rectangle
RoundRect
Ellipse
GetCharABCWidthsW
ExtTextOutW
GetTextExtentExPointW
MaskBlt
StretchDIBits
StretchBlt
GetRgnBox
EqualRgn
PtInRegion
RectInRegion
CombineRgn
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
SaveDC
SetWindowExtEx
CreateRectRgnIndirect
SetTextAlign
CreateICW
CreateDIBSection
GetDIBits
CreateDIBitmap
GetDIBColorTable
EnumFontFamiliesExW
SetAbortProc
StartDocW
EndDoc
StartPage
EndPage
CreateDCW
GetSystemPaletteEntries
DeleteEnhMetaFile
GetEnhMetaFileHeader
PlayEnhMetaFile
CreateEnhMetaFileW
GetEnhMetaFileW
CloseEnhMetaFile
SetWindowOrgEx
PolyBezier
SetPixel
GetPixel
ExtFloodFill
ExtSelectClipRgn
SetViewportOrgEx
SetStretchBltMode
SetROP2
Polyline
GetClipBox
ExtCreatePen
CreateHatchBrush
MoveToEx
LineTo
CreatePen
CreatePatternBrush
GetStockObject
GetObjectW
BitBlt
CreateCompatibleBitmap
CreateBitmap
CreateSolidBrush
DeleteDC
CreateCompatibleDC
SetBkMode
SetBkColor
GetOutlineTextMetricsW
SetTextColor
GetDeviceCaps
DeleteObject
CreateFontIndirectW
GetRegionData
ExtCreateRegion
OffsetRgn
ExcludeClipRect
GetTextMetricsW
SelectObject
GdiFlush
SetBrushOrgEx
RealizePalette
SelectPalette
RestoreDC
CreateRectRgn
GetTextExtentPoint32W

comdlg32

PrintDlgW
ChooseFontW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW
CommDlgExtendedError
PageSetupDlgW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

shell32

SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetPathFromIDListW
SHGetMalloc
ExtractIconExW
ExtractIconW
DragQueryFileW
DragQueryPoint
DragFinish
DragAcceptFiles
SHBrowseForFolderW

comctl32

ImageList_DragEnter
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_Add
ImageList_Replace
ImageList_SetBkColor
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
ImageList_GetIconSize
ImageList_GetImageCount
ord16
ord17
ImageList_DragLeave

ole32

CoTaskMemFree
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
OleSetClipboard
RevokeDragDrop
CoTaskMemAlloc
CoCreateInstance
OleInitialize
OleUninitialize
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
ReleaseStgMedium

advapi32

RegSetValueExW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
RegDeleteKeyW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uMod游戏材质替换工具/uMod_Settings.txt
uMod游戏材质替换工具/uMod_d3d9_DI.dll
.dll windows:5 windows x86 arch:x86

129fb4ede4bd1ec0e2f80e616deb42f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d3dx9_43

D3DXMatrixScaling
D3DXCreateFontA
D3DXCreateSprite
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateTextureFromFileInMemoryEx
D3DXSaveTextureToFileW
D3DXCreateVolumeTextureFromFileInMemoryEx

user32

GetAsyncKeyState

kernel32

TlsAlloc
GetStringTypeW
LCMapStringW
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
HeapReAlloc
WaitForSingleObject
CreateMutexA
ReleaseMutex
CloseHandle
WriteFile
ReadFile
CreateFileW
DisconnectNamedPipe
FlushFileBuffers
GetLastError
GetModuleFileNameW
DisableThreadLibraryCalls
GetModuleHandleA
VirtualProtect
CreateThread
FreeLibrary
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
DecodePointer
EncodePointer
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetStdHandle
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
RaiseException
GetModuleHandleW
ExitProcess
HeapCreate
HeapDestroy
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar

Exports

Exports

Nothing
uMod_Direct3DCreate9
uMod_Direct3DCreate9Ex

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uMod游戏材质替换工具/uMod_d3d9_HI.dll
.dll windows:5 windows x86 arch:x86

42ec957f848958e74897bc487d9ddacb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d3dx9_43

D3DXMatrixScaling
D3DXCreateFontA
D3DXCreateSprite
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateTextureFromFileInMemoryEx
D3DXSaveTextureToFileW
D3DXCreateVolumeTextureFromFileInMemoryEx

user32

GetAsyncKeyState
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx

kernel32

GetCPInfo
GetProcessHeap
SetEndOfFile
IsProcessorFeaturePresent
HeapReAlloc
SetStdHandle
SetEnvironmentVariableW
CompareStringW
WaitForSingleObject
CreateMutexA
ReleaseMutex
CloseHandle
WriteFile
ReadFile
CreateFileW
DisconnectNamedPipe
FlushFileBuffers
GetLastError
GetModuleFileNameW
DisableThreadLibraryCalls
GetModuleHandleA
VirtualProtect
CreateThread
FreeLibrary
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
DecodePointer
EncodePointer
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetStdHandle
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
WriteConsoleW
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
ExitProcess
HeapCreate
HeapDestroy
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
DeleteCriticalSection
Sleep
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
WideCharToMultiByte
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringW
GetStringTypeW

Exports

Exports

InstallHook
RemoveHook
uMod_Direct3DCreate9
uMod_Direct3DCreate9Ex

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uMod游戏材质替换工具/详细图解1.jpg
.jpg
uMod游戏材质替换工具/详细图解2.jpg
.jpg
使用说明.txt
红叶清凉MOD[uMod版]/game_W1024_H1024_F894720068_T_0X613070D5D8B95FA8.dds
红叶清凉MOD[uMod版]/game_W1024_H1024_F894720068_T_0XB9DAAF653610B9BC.dds
红叶清凉MOD[uMod版]/game_W512_H512_D2_F894720068_V_0X5ED7D3324D8F1611.dds
红叶清凉MOD[uMod版]/game_W512_H512_F894720068_T_0X232517830FB5FFC4.dds
红叶清凉MOD[uMod版]/game_W512_H512_F894720068_T_0XADD2E7B8A053697F.dds
红叶清凉MOD[uMod版]/game_W512_H512_F894720068_T_0XB1A6C3D91DEFC80A.dds
红叶清凉MOD[uMod版]/game_W512_H512_F894720068_T_0XBC1F8690536E03D5.dds
红叶清凉MOD[uMod版]/game_W512_H512_F894720068_T_0XCBAB749A2F0E4A5E.dds
红叶清凉MOD[uMod版]/game_W512_H512_F894720068_T_0XED7784710EA4C206.dds

Sharing

General

Malware Config

Signatures

Files

f8e9fc1d6b173fb22c04aab1795b71e5

Headers

DLL Characteristics

File Characteristics

Imports

d3dx9_43

user32

kernel32

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 6KB - Virtual size: 14KB

.reloc Size: 8KB - Virtual size: 8KB

.rmnet Size: 56KB - Virtual size: 60KB

d19e96afc09701a113fe3081593371ad

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

ole32

advapi32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 612KB - Virtual size: 612KB

.data Size: 43KB - Virtual size: 237KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 99KB - Virtual size: 99KB

.reloc Size: 252KB - Virtual size: 252KB

.data Size: 512B - Virtual size: 512B

129fb4ede4bd1ec0e2f80e616deb42f1

Headers

DLL Characteristics

File Characteristics

Imports

d3dx9_43

user32

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 6KB - Virtual size: 14KB

.reloc Size: 8KB - Virtual size: 8KB

.rmnet Size: 56KB - Virtual size: 60KB

42ec957f848958e74897bc487d9ddacb

Headers

DLL Characteristics

File Characteristics

Imports

d3dx9_43

user32

kernel32

Exports

Exports

Sections

.text Size: 127KB - Virtual size: 127KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 6KB - Virtual size: 14KB

.reloc Size: 9KB - Virtual size: 8KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 6KB - Virtual size: 14KB

.reloc
Size: 8KB - Virtual size: 8KB

.rmnet
Size: 56KB - Virtual size: 60KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 612KB - Virtual size: 612KB

.data
Size: 43KB - Virtual size: 237KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 99KB - Virtual size: 99KB

.reloc
Size: 252KB - Virtual size: 252KB

.data
Size: 512B - Virtual size: 512B

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 6KB - Virtual size: 14KB

.reloc
Size: 8KB - Virtual size: 8KB

.rmnet
Size: 56KB - Virtual size: 60KB

.text
Size: 127KB - Virtual size: 127KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 6KB - Virtual size: 14KB

.reloc
Size: 9KB - Virtual size: 8KB

.rmnet
Size: 56KB - Virtual size: 60KB