GTAIV_Complete_Edition_Fix_0_4[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

GTAIV_Complete_Edition_Fix_0_4.zip
Size

341KB
MD5

3058eba7156fdbceac9e21f36965b220
SHA1

a4a6095781e6b3205049b25e37b2740ca38e96eb
SHA256

e7b4d5eaa7791356a8f4809a7ff81eac6c9504e645e7595b4cdbd75dcd96d120
SHA512

d8b8ecdb344dc80ed852f702de620a62d901df87d51261843fe0e095bab739a932da8d3ee4ee4da13df77aed69b825bc7bf347c883579c3e13f020c2a0ddf2e7
SSDEEP

6144:xnWOtuIuwmgHXPI6obJj+7CspqcqRRmYln3JZ29NPXcimnWJmJpNj7Naws0zUdej:xPtuIuwmuJoJ71cqNlnn2HPciRJmHNfV

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AdvancedHook.dll
unpack001/AdvancedHookInit.asi
unpack001/ScriptHookDotNet.asi
unpack001/aCompleteEditionHook.asi

Files

GTAIV_Complete_Edition_Fix_0_4.zip
.zip
AdvancedHook.dll
.dll windows:6 windows x86 arch:x86

5302abc12607fc1d23ad22a9fa3c61c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\GTA IV\Complete Edition\AdvancedHook\Release\AdvancedHook.pdb

Imports

scripthook

?OnStart@ScriptThread@@MAEXXZ
?OnKill@ScriptThread@@MAEXXZ
??1ScriptThread@@UAE@XZ
??1IService@@UAE@XZ
?Wait@ScriptThread@@IAEXI@Z
?RunScript@ScriptThread@@MAEXXZ
?SetName@ScriptThread@@IAEXPAD@Z
??0ScriptThread@@QAE@XZ
?SpeedyInvoke@NativeInvoke@@CAXPAVNativeContext@@I@Z
?GetNativeAddress@Game@@SAPAXPBD@Z
?RunTick@ScriptThread@@MAEXXZ
?RegisterService@ScriptHookManager@@SAXPAVIService@@@Z
?RegisterThread@ScriptHookManager@@SAXPAVScriptThread@@@Z
?IsThreadAlive@ScriptThread@@IAE_NXZ

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

dbghelp

MiniDumpWriteDump

kernel32

LoadLibraryA
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetProcAddress
WriteProcessMemory
OpenProcess
LoadLibraryW
GetModuleFileNameW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
GetStartupInfoW
CreateFileA
CloseHandle
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
GetCurrentProcessId
CreateThread
GetCurrentThreadId
GetLocalTime
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
K32EnumProcessModules
K32GetModuleFileNameExW
VirtualProtect
GetModuleHandleW
K32GetModuleInformation
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
GetLastError
ExitProcess
DisableThreadLibraryCalls

user32

GetForegroundWindow
GetAsyncKeyState
MessageBoxW
MessageBoxA
SetWindowPos

shell32

ShellExecuteA

msvcp140

??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7ios_base@std@@6B@
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1ios_base@std@@UAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
memset
strchr
__std_exception_destroy
memmove
__FrameUnwindFilter
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
memcpy
__std_exception_copy
memchr
__CxxFrameHandler3
_purecall
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_seh_filter_dll
_crt_at_quick_exit
_cexit
_initterm
_initterm_e
terminate
abort
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_crt_atexit

api-ms-win-crt-string-l1-1-0

strncat_s
tolower
strcpy_s
strcat_s

api-ms-win-crt-convert-l1-1-0

_itoa_s
strtol

api-ms-win-crt-stdio-l1-1-0

_get_stream_buffer_pointers
fwrite
__stdio_common_vfprintf
__acrt_iob_func
fclose
fflush
fgetc
__stdio_common_vsprintf
ungetc
fgetpos
fputc
setvbuf
fsetpos
_fseeki64
fread

api-ms-win-crt-filesystem-l1-1-0

remove
_lock_file
_unlock_file

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

mscoree

_CorDllMain

Exports

Exports

??0GenericLogger@@QAE@ABV0@@Z
??0GenericLogger@@QAE@XZ
??0IFunctions@AdvancedHook@@QAE@$$QAV01@@Z
??0IFunctions@AdvancedHook@@QAE@ABV01@@Z
??0IFunctions@AdvancedHook@@QAE@XZ
??0IFunctionsService@AdvancedHook@@QAE@$$QAV01@@Z
??0IFunctionsService@AdvancedHook@@QAE@ABV01@@Z
??0IFunctionsService@AdvancedHook@@QAE@XZ
??0IService@@QAE@ABV0@@Z
??0IService@@QAE@XZ
??0ScriptThread@@QAE@ABV0@@Z
??1GenericLogger@@UAE@XZ
??1IFunctionsService@AdvancedHook@@UAE@XZ
??4Game@@QAEAAV0@$$QAV0@@Z
??4Game@@QAEAAV0@ABV0@@Z
??4GenericLogger@@QAEAAV0@ABV0@@Z
??4IFunctions@AdvancedHook@@QAEAAV01@$$QAV01@@Z
??4IFunctions@AdvancedHook@@QAEAAV01@ABV01@@Z
??4IFunctionsService@AdvancedHook@@QAEAAV01@$$QAV01@@Z
??4IFunctionsService@AdvancedHook@@QAEAAV01@ABV01@@Z
??4IService@@QAEAAV0@ABV0@@Z
??4Log@@QAEAAV0@$$QAV0@@Z
??4Log@@QAEAAV0@ABV0@@Z
??4Main@AdvancedHook@@QAEAAV01@$$QAV01@@Z
??4Main@AdvancedHook@@QAEAAV01@ABV01@@Z
??4ScriptHookManager@@QAEAAV0@$$QAV0@@Z
??4ScriptHookManager@@QAEAAV0@ABV0@@Z
??4ScriptThread@@QAEAAV0@ABV0@@Z
??4ScriptingHelpers@@QAEAAV0@$$QAV0@@Z
??4ScriptingHelpers@@QAEAAV0@ABV0@@Z
??_7GenericLogger@@6B@
??_7IFunctions@AdvancedHook@@6B@
??_7IFunctionsService@AdvancedHook@@6B@
??_7IService@@6B@
??_7ScriptThread@@6B@
?Debug@GenericLogger@@UAEXPBD@Z
?Error@GenericLogger@@UAEXPBD@Z
?Fatal@GenericLogger@@UAEXPBD@Z
?GetNext@GenericLogger@@QAEPAV1@XZ
?HasInitializedProperly@Main@AdvancedHook@@SA_NXZ
?Info@GenericLogger@@UAEXPBD@Z
?Log@GenericLogger@@EAEXPBD0@Z
?SetNext@GenericLogger@@QAEXPAV1@@Z
?Warn@GenericLogger@@UAEXPBD@Z

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AdvancedHookInit.asi
.dll windows:6 windows x86 arch:x86

c389c56963f28ec84eca250780572191

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\GTA IV\Complete Edition\AdvancedHook\Release\AdvancedHookInit.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcess
K32GetModuleInformation
GetModuleHandleW
VirtualProtect
VirtualAlloc
GetFileAttributesA
GetStartupInfoW
GetModuleHandleA
Sleep
DisableThreadLibraryCalls
CreateThread
GetLocalTime
Beep
GetProcAddress
ExitProcess
WriteProcessMemory
OpenProcess
GetLastError
CloseHandle
GetCurrentProcessId
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCurrentThreadId

user32

GetAsyncKeyState

msvcp140

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Xlength_error@std@@YAXPBD@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ

vcruntime140

__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
__std_type_info_destroy_list
memmove
__std_exception_copy
memset
__std_terminate
memcpy
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

fgetc
fwrite
fclose
fflush
fputc
setvbuf
ungetc
fsetpos
_get_stream_buffer_pointers
_fseeki64
__stdio_common_vsprintf
fread
fgetpos

api-ms-win-crt-convert-l1-1-0

strtol
_itoa_s

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_cexit
_register_onexit_function
_configure_narrow_argv
_initialize_onexit_table
_initterm_e
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_initterm
_initialize_narrow_environment
_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-string-l1-1-0

strncat_s

api-ms-win-crt-filesystem-l1-1-0

_lock_file
remove
_unlock_file

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ScriptHookDotNet.asi
.dll windows:6 windows x86 arch:x86

c0116fc5afd51e60e8e14b3ab8d8806d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\GTA IV\Complete Edition\SHDN\scripthookdotnet_src\bin\ScriptHookDotNet.pdb

Imports

kernel32

DisableThreadLibraryCalls
CreateThread
CloseHandle
Sleep
K32GetModuleInformation
GetProcAddress
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

scripthook

?SetName@NativeThread@@QAEXPAD@Z
??0NativeThread@@QAE@XZ
??1NativeThread@@UAE@XZ
?GetNativeAddress@Game@@SAPAXPBD@Z
?GetGlobalAddress@Game@@SAPAXI@Z
?Start@NativeThread@@UAEXXZ
?Kill@NativeThread@@UAEXXZ
?GetScriptHookVersion@ScriptHookManager@@SAIXZ
?RequestService@ScriptHookManager@@SAPAVIService@@PBD@Z
??0ID3DDeviceHook@@QAE@XZ
?Tick@NativeThread@@MAE?AW4eThreadState@GameTypes@@I@Z
?Run@NativeThread@@MAE?AW4eThreadState@GameTypes@@I@Z
?Reset@NativeThread@@MAE?AW4eThreadState@GameTypes@@IPAXI@Z
?RegisterThread@ScriptHookManager@@SAXPAVNativeThread@@PAUHINSTANCE__@@@Z

msvcp140

?_Xlength_error@std@@YAXPBD@Z

vcruntime140

__std_exception_destroy
__CxxFrameHandler3
_except_handler4_common
__std_type_info_destroy_list
memset
__CxxQueryExceptionSize
__CxxExceptionFilter
__CxxRegisterExceptionObject
__CxxDetectRethrow
__CxxUnregisterExceptionObject
__std_exception_copy
memmove
_CxxThrowException
__FrameUnwindFilter

api-ms-win-crt-runtime-l1-1-0

_initterm
terminate
exit
_seh_filter_dll
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_initterm_e
abort
_cexit
_crt_atexit
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

user32

SendMessageW
GetActiveWindow
SetWindowPos
ShowWindow
GetKeyboardState
GetWindowRect
GetAsyncKeyState

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx
D3DXCreateFontW
D3DXQuaternionToAxisAngle
D3DXMatrixPerspectiveRH
D3DXMatrixPerspectiveLH
D3DXMatrixOrthoRH
D3DXMatrixOrthoLH
D3DXMatrixLookAtRH
D3DXMatrixLookAtLH
D3DXMatrixTransformation2D
D3DXMatrixTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixInverse
D3DXGetImageInfoFromFileInMemory
D3DXMatrixAffineTransformation

api-ms-win-crt-convert-l1-1-0

strtol

mscoree

_CorDllMain

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 391KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
aCompleteEditionHook.asi
.dll windows:6 windows x86 arch:x86

c7904b50a0a86dce3c759c3645df7a62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\GTA IV\Complete Edition\CompleteEditionHook\Release\CompleteEditionHook.pdb

Imports

kernel32

VirtualProtect
GetModuleHandleW
K32GetModuleInformation
GetCurrentProcess
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent

msvcp140

?_Xlength_error@std@@YAXPBD@Z

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

vcruntime140

__std_exception_copy
__std_type_info_destroy_list
__CxxFrameHandler3
memmove
__std_exception_destroy
memset
_except_handler4_common
_CxxThrowException

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_configure_narrow_argv
_cexit
_initterm_e
_initterm
_initialize_narrow_environment
_crt_atexit
_register_onexit_function
_invalid_parameter_noinfo_noreturn
_execute_onexit_table
_seh_filter_dll

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-string-l1-1-0

tolower

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5302abc12607fc1d23ad22a9fa3c61c9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

scripthook

version

dbghelp

kernel32

user32

shell32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

mscoree

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 129KB - Virtual size: 129KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 6KB - Virtual size: 6KB

c389c56963f28ec84eca250780572191

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

c0116fc5afd51e60e8e14b3ab8d8806d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

scripthook

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

user32

d3dx9_43

api-ms-win-crt-convert-l1-1-0

mscoree

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 391KB - Virtual size: 391KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 2KB

c7904b50a0a86dce3c759c3645df7a62

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 129KB - Virtual size: 129KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 391KB - Virtual size: 391KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1KB - Virtual size: 1KB